Page 1
ProSafe Managed Switch
Command Line Interface (CLI)
Reference Manual
9.2.0.5
JGSM7224
350 East Plumeria Drive
San Jose, CA 95134
USA
December 2012
202-10921-02
1.0
Page 2
ProSafe Managed Switch
© NETGEAR, Inc. All rights reserved.
No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated
into any language in any form or by any means without the written permission of NETGEAR, Inc.
Technical Support
Thank you for choosing NETGEAR. T o register your product, get the latest product updates, or get support online,
visit us at http://support.netgear.com.
Phone (US & Canada only): 1-888-NETGEAR
Phone (Other Countries): See Support information card.
Trademarks
NETGEAR, the NETGEAR logo and ProSafe are trademarks or registered trad emarks of NETGEAR, Inc.
Microsoft, Windows, Windows NT, and Vista are registered trademarks of Microsoft Corporation. Other brand and
product names are registered trademarks or trademarks of their respective holders.
Statement of Conditions
To improve internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes
to the products described in this document without notice. NETGEAR does not assume any liability that may occur
due to the use, or application of, the product(s) or circuit layout(s) described herein.
Revision History
Publication Part
Number
202-10921-02 1.0 December 2012 Added the following new and revised
202-10921-01 1.0 December 2011 Original publication.
Version Publish Date Comments
command groups: ACL, DHCP snooping,
DHCP L2 relay, DiffServ, DNS client, dual
software image, dynamic ARP inspection, IP
source control, and storm control.
2
Page 3
Contents
Chapter 1 Introduction
Chapter 2 Command-Line Interface
Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
Scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
Document Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
Key Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Keyboard Shortcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Others. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
CLI Command Modes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
User EXEC Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
Privileged EXEC Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Global Configuration Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Interface Configuration Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Physical Interface Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Port Channel Interface Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Management VLAN Interface Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Tunnel Interface Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
VLAN Config Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Protocol-Specific Modes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
ACL MAC Configuration Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
SNTP Configuration Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Chapter 3 System Commands
enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
configure terminal. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
listuser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
username. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23
logout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
exit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
show users. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24
show history. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
reload. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
show process cpu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26
show memory cpu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26
Chapter 4 System Features
login authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27
3
Page 4
ProSafe Managed Switch
ip http port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
ip http server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28
ip http session timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
interface range. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
management vlan-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
mtu frame size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
snmp trap link-status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
write memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
save . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34
clock set. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34
erase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
shutdown - physical/vlanMgmt/port-channel Interface. . . . . . . . . . .35
debug-logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36
show interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
show interfaces - counters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38
show management vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
show network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
show interfaces mtu. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
show system information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
show version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
show debug-logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
show clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43
show running-config. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
show ip http . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
console timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
ip telnet server enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
telnetcon timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .46
telnetcon maxsessions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
show console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
show telnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48
restore startup-config. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48
no restore. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49
clear interfaces counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Chapter 5 Port Manager
monitor session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50
negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
speed. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
duplex . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .51
rate-limit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
show monitor session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
Chapter 6 DHCP
dhcp client release. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54
dhcp client renew. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
4
Page 5
ProSafe Managed Switch
dhcp client acquire. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
debug dhcp client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56
show dhcp client stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56
service dhcp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57
ip dhcp pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58
ip dhcp next-server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
ip dhcp bootfile. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
ip dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60
ip dhcp option. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61
network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62
excluded-address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62
domain-name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .63
dns-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .64
netbios-name-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65
netbios-node-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65
default-router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .66
option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .67
lease. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68
utilization threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69
host hardware-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69
debug ip dhcp server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70
show ip dhcp server information . . . . . . . . . . . . . . . . . . . . . . . . . . .71
show ip dhcp server pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72
show ip dhcp server binding. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73
show ip dhcp server statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73
Chapter 7 DHCP L2 Relay
dhcp l2relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75
dhcp l2relay vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76
dhcp l2relay circuit-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76
dhcp l2relay remote-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77
dhcp l2relay trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
show dhcp l2relay all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
show dhcp l2relay agent-option . . . . . . . . . . . . . . . . . . . . . . . . . . . .79
show dhcp l2relay circuit-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80
show dhcp l2relay remote-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81
show dhcp l2relay vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81
show dhcp l2relay stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82
show dhcp l2relay interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83
clear dhcp l2relay statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84
debug dhcp l2relay. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85
Chapter 8 DHCP Snooping
ip dhcp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86
ip dhcp snooping verify mac-address. . . . . . . . . . . . . . . . . . . . . . . .87
ip dhcp snooping vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87
ip dhcp snooping binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88
5
Page 6
ip dhcp snooping database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88
ip dhcp snooping database write-delay . . . . . . . . . . . . . . . . . . . . . .89
ip dhcp snooping limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
ip dhcp snooping log-invalid. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90
ip dhcp snooping trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90
show ip dhcp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
show ip dhcp snooping binding . . . . . . . . . . . . . . . . . . . . . . . . . . . .91
show ip dhcp snooping database. . . . . . . . . . . . . . . . . . . . . . . . . . . 92
show ip dhcp snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
show ip dhcp snooping interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . 93
clear ip dhcp snooping binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
clear ip dhcp snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
debug ip dhcp snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .95
Chapter 9 SNTP
sntp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
set sntp client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
sntp client version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
sntp client port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
sntp client clock-format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99
clock timezone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99
clock summer-time. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100
set sntp server auto-discovery. . . . . . . . . . . . . . . . . . . . . . . . . . . .101
sntp unicast client poll-interval. . . . . . . . . . . . . . . . . . . . . . . . . . . .101
sntp unicast client poll-timeout. . . . . . . . . . . . . . . . . . . . . . . . . . . .102
sntp unicast client poll-retry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102
sntp server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103
show sntp client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103
show sntp unicast-mode status . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
show sntp clock . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105
debug sntp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105
ProSafe Managed Switch
Chapter 10 LLDP
shutdown lldp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .106
set lldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107
lldp timers interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107
lldp timers hold. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108
lldp timers reinit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108
lldp timers tx-delay. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109
lldp notification-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
lldp chassis-id-subtype. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110
clear lldp counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
clear lldp table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
debug lldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111
show lldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113
show lldp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114
show lldp remote-device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115
6
Page 7
ProSafe Managed Switch
show lldp traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117
show lldp local-device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117
lldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .118
lldp notification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119
lldp notification type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119
ldp transmit-tlv basic-tlv . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120
lldp port-id-subtype. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .121
lldp transmit-tlv dot3tlv . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .121
Chapter 11 LLDP-MED
lldp med . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123
lldp med confignotification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .124
lldp med transmit-tlv. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .124
lldp med faststartrepeatcount. . . . . . . . . . . . . . . . . . . . . . . . . . . . .125
show lldp med . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .125
show lldp med interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126
show lldp med local-device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126
show lldp med remote-device . . . . . . . . . . . . . . . . . . . . . . . . . . . .127
show lldp med remote-device detail. . . . . . . . . . . . . . . . . . . . . . . .127
Chapter 12 VLAN
vlan database. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129
vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
vlan name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
vlan participation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131
vlan tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131
vlan pvid. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132
vlan acceptframe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133
vlan ingressfilter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133
vlan priority. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .134
vlan association mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .134
vlan association subnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135
debug vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136
show vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137
show vlan <vlan-id> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137
show vlan port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138
show vlan association mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139
show vlan association subnet . . . . . . . . . . . . . . . . . . . . . . . . . . . .139
mac-address-table static unicast . . . . . . . . . . . . . . . . . . . . . . . . . .140
mac-address-table static multicast. . . . . . . . . . . . . . . . . . . . . . . . .141
mac-address-table aging-time . . . . . . . . . . . . . . . . . . . . . . . . . . . .142
show mac-address-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .142
show mac-address-table count . . . . . . . . . . . . . . . . . . . . . . . . . . .143
show mac-address-table static unicast . . . . . . . . . . . . . . . . . . . . .144
show mac-address-table static multicast . . . . . . . . . . . . . . . . . . . .145
show mac-address-table dynamic unicast. . . . . . . . . . . . . . . . . . .145
show mac-address-table dynamic multicast . . . . . . . . . . . . . . . . .146
7
Page 8
ProSafe Managed Switch
show mac-address-table aging-time . . . . . . . . . . . . . . . . . . . . . . .147
clear mac-addr-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .147
Chapter 13 Double VLAN
dvlan-tunnel enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149
dvlan-tunnel ethertype . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
mode dvlan-tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
show dvlan-tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
show dvlan-tunnel interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .151
debug dvlan-tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
Chapter 14 Port Security
port security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153
port-security max-dynamic. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153
port-security max-static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
snmp-server enable traps violation . . . . . . . . . . . . . . . . . . . . . . . . 154
port-security mac-address move . . . . . . . . . . . . . . . . . . . . . . . . . . 155
show port-security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .155
show port-security dynamic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
show port-security violation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .157
Chapter 15 Private Group
private-group name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
switchport private-group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159
show private-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159
Chapter 16 Static MAC Filtering
macfilter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .161
macfilter addsrc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .162
macfilter addsrc all. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .162
show mac-address-table staticfiltering. . . . . . . . . . . . . . . . . . . . . . 163
Chapter 17 Voice VLAN
voice vlan enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .164
voice vlan cos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .165
voice vlan aging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .165
voice vlan oui . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .166
voice vlan mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
show voice vlan globals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .167
show voice vlan oui . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
show voice vlan ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .168
8
Page 9
Chapter 18 STP
spanning-tree mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .169
spanning-tree. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170
spanning-tree forceversion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170
spanning-tree timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .171
spanning-tree hold-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .172
spanning-tree max-hops . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .172
spanning-tree priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .173
spanning-tree edgeport all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .174
spanning-tree port mode all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .174
spanning-tree configuration name . . . . . . . . . . . . . . . . . . . . . . . . .175
spanning-tree configuration revision . . . . . . . . . . . . . . . . . . . . . . .175
spanning-tree mst instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .176
spanning-tree mst vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .176
spanning-tree auto-edge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .177
spanning-tree link-type edgeport . . . . . . . . . . . . . . . . . . . . . . . . . .177
spanning-tree - Properties of an interface . . . . . . . . . . . . . . . . . . .178
spanning-tree port mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .178
spanning-tree guard root - none. . . . . . . . . . . . . . . . . . . . . . . . . . .179
spanning-tree tcnguard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .179
spanning-tree layer2-gateway-port . . . . . . . . . . . . . . . . . . . . . . . .180
spanning-tree bpdu-receive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180
spanning-tree bpdu-transmit . . . . . . . . . . . . . . . . . . . . . . . . . . . . .181
spanning-tree pathcost dynamic . . . . . . . . . . . . . . . . . . . . . . . . . .181
spanning-tree bpdumigrationcheck . . . . . . . . . . . . . . . . . . . . . . . .182
spanning-tree bpduforwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . .183
spanning-tree mst - Properties of an interface for MSTP. . . . . . . .183
spanning-tree mst hello-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184
spanning-tree mst max-instance . . . . . . . . . . . . . . . . . . . . . . . . . .185
spanning-tree mst extended-sysid. . . . . . . . . . . . . . . . . . . . . . . . .185
clear spanning-tree counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .186
shutdown spanning-tree. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .186
debug spanning-tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187
show spanning-tree - summary . . . . . . . . . . . . . . . . . . . . . . . . . . .188
show spanning-tree - detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189
show spanning-tree - brief . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191
show spanning-tree interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . .192
show spanning-tree layer2-gateway-port. . . . . . . . . . . . . . . . . . . .193
show spanning-tree mst - CIST or specified mst Instance. . . . . . .194
show spanning-tree mst configuration . . . . . . . . . . . . . . . . . . . . . .195
show spanning-tree mst - Port Specific Configuration . . . . . . . . . .195
ProSafe Managed Switch
Chapter 19 PNAC
dot1x system-auth-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197
aaa authentication dot1x default . . . . . . . . . . . . . . . . . . . . . . . . . .197
dot1x local-database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .198
set nas-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .199
9
Page 10
ProSafe Managed Switch
dot1x max-req . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .199
dot1x reauthentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .200
dot1x timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .201
dot1x port-control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .202
dot1x control-direction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .202
dot1x initialize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .203
dot1x re-authenticate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .203
shutdown dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
debug dot1x. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .204
show dot1x. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .205
dot1x guest-vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .207
dot1x reauth-session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .208
dot1x init-session. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .208
dot1x eapol-flood . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209
Chapter 20 RADIUS
radius server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .210
debug radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .211
show radius server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
show radius statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .212
authorization network radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213
Chapter 21 TACACS
tacacs-server host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .214
tacacs use-server address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
tacacs-server retransmit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .216
debug tacacs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .216
show tacacs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .217
Chapter 22 LA
port-channel system priority. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
port-channel load-balance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
port-channel linktrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220
port-channel name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220
port lacpmode enable all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
lacp actor port priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
addport. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222
deleteport. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
port lacpmode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222
port-channel static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .223
port lacptimeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .223
show port-channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224
show port-channel system priority . . . . . . . . . . . . . . . . . . . . . . . . . 225
show lacp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
debug lacp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .227
10
Page 11
ProSafe Managed Switch
Chapter 23 IGMP Snooping
set igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228
set igmp mcrtrexpiretime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229
set igmp groupmembership-interval. . . . . . . . . . . . . . . . . . . . . . . .229
set igmp auto-video . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .230
set igmp querier version. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .230
set igmp querier address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .231
set igmp querier query-interval. . . . . . . . . . . . . . . . . . . . . . . . . . . .231
set igmp unknow-multicast filter. . . . . . . . . . . . . . . . . . . . . . . . . . .232
set igmp router-alert check. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .232
set igmp fast-leave. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233
set igmp querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233
set igmp mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .234
debug igmpsnooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .234
set igmp max-response . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .235
show igmpsnooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . .235
show igmpsnooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .236
show igmpsnooping vlan-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .237
show mac-address-table igmpsnooping. . . . . . . . . . . . . . . . . . . . .237
show igmpsnooping auto-video . . . . . . . . . . . . . . . . . . . . . . . . . . .238
show igmpsnooping statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . .238
Chapter 24 Syslog
logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .240
logging timestamps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .241
clear logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .242
logging localstorage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .242
logging filesize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243
logging file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243
logging host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .244
show logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .244
show logging local storage. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .245
show logging file. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246
show logging hosts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246
show logging filesize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .247
Chapter 25 SSH
ip ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .248
ip ssh server enable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .249
ip ssh protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .249
sshcon maxsessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250
sshcon timeout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250
debug ssh. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251
show ip ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .252
11
Page 12
ProSafe Managed Switch
Chapter 26 SSL
ip http secure-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .253
ip http secure-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .254
ip http secure-session timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
crypto key generate rsa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255
crypto certificate generate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .255
debug ssl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .256
show ssl server-cert. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .257
Chapter 27 SNMPv3
snmp-server community. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .259
snmp-server community ipaddr . . . . . . . . . . . . . . . . . . . . . . . . . . .260
snmp-server community ipmask . . . . . . . . . . . . . . . . . . . . . . . . . .260
snmp-server community ro . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
snmp-server community rw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
snmptrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
snmptrap snmpversion. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .263
snmptrap ipaddr. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .263
snmptrap ip6addr. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264
snmp-server user. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264
snmp-server user accessmode . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
snmp-server enable traps authentication. . . . . . . . . . . . . . . . . . . . 265
snmp-server enable traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
show snmpcommunity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
show snmptrap. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .267
show trapflags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .267
show snmpuser . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .268
Chapter 28 RMON
set rmon. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269
rmon collection history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .270
rmon collection stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .270
rmon event. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .271
rmon alarm. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .272
show rmon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273
Chapter 29 IPV4
ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277
ip gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .278
ip address {dhcp | bootp} . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .278
ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .279
traceroute. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .279
show ip arp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .280
show ip information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .280
12
Page 13
ProSafe Managed Switch
Chapter 30 IPV6
ipv6 enable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281
ipv6 address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282
ipv6 gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282
ping ipv6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .283
traceroute ipv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .283
debug ipv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284
clear ipv6 neighbors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284
show ipv6 neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .285
Chapter 31 Port Protected
switchport protected. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286
Chapter 32 Green Feature
set green-feature auto-power-down. . . . . . . . . . . . . . . . . . . . . . . .288
set port green-feature auto-power-down . . . . . . . . . . . . . . . . . . . .289
set green-feature short-cable. . . . . . . . . . . . . . . . . . . . . . . . . . . . .289
set port green-feature short-cable . . . . . . . . . . . . . . . . . . . . . . . . .290
show green feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290
Chapter 33 IP-ARP-INSPECTION
ip arp inspection vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .292
ip arp inspection validate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293
ip arp inspection vlan logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . .293
ip arp inspection trust. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .294
ip arp inspection limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .295
ip arp inspection filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .295
arp access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .296
permit ip host mac host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .296
show ip arp inspection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297
show ip arp inspection statistics. . . . . . . . . . . . . . . . . . . . . . . . . . .298
clear ip arp inspection statistics . . . . . . . . . . . . . . . . . . . . . . . . . . .299
show ip arp inspection interfaces. . . . . . . . . . . . . . . . . . . . . . . . . .299
show arp access-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .301
debug dai . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .301
Chapter 34 ACL
access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303
ip access-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .305
ip access-list rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .306
mac access-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .308
mac access-list rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .308
ip access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .310
mac access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .310
show ip or mac access-lists . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .311
13
Page 14
ProSafe Managed Switch
Chapter 35 DOS
dos-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .313
show dos-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
Chapter 36 Diffserv
diffserv . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .315
diffserv counterMode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .315
class-map. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .316
match. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .317
policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319
class. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319
assign-queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .320
conform-color. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .320
exceed-color . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .321
drop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .321
mark. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .322
mirror . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .322
policy-simple . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .323
policy-two-rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .324
redirect. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
service-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325
show diffserv . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326
show class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .326
show policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .327
show service-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328
Chapter 37 QoS
cos-queue strict . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .330
cos-queue min bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .331
traffic-shape . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .331
classofservice ip-dscp-mapping . . . . . . . . . . . . . . . . . . . . . . . . . .332
classofservice dot1p-mapping . . . . . . . . . . . . . . . . . . . . . . . . . . .332
classofservice trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .333
show interfaces cos-queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .333
show classofservice dot1p-mapping . . . . . . . . . . . . . . . . . . . . . . .334
show classofservice ip-dscp-mapping . . . . . . . . . . . . . . . . . . . . . .335
show classofservice trust. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335
Chapter 38 IP Source Guard
ip verify source. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336
ip verify binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337
show ip verify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .337
show ip verify source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .338
show ip source binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .338
14
Page 15
ProSafe Managed Switch
Chapter 39 DNS Client
ip domain lookup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .340
ip domain name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .341
ip name server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .341
ip host. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .342
ipv6 host. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .342
ip domain retry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .343
ip domain timeout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .344
clear host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .344
show hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .345
debug dns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .346
Chapter 40 Storm Control
storm-control broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .348
storm-control broadcast level. . . . . . . . . . . . . . . . . . . . . . . . . . . . .348
storm-control broadcast rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . .349
storm-control broadcast (Global Config) . . . . . . . . . . . . . . . . . . . .349
storm-control broadcast level (Global Config) . . . . . . . . . . . . . . . .350
storm-control broadcast rate (Global Config). . . . . . . . . . . . . . . . .350
storm-control multicast. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .351
storm-control multicast level. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .351
storm-control multicast rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .352
storm-control multicast (Global Config) . . . . . . . . . . . . . . . . . . . . .352
storm-control multicast level (Global Config) . . . . . . . . . . . . . . . . .353
storm-control multicast rate (Global Config). . . . . . . . . . . . . . . . . .353
storm-control unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .354
storm-control unicast level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .355
storm-control unicast rate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .355
storm-control unicast (Global Config). . . . . . . . . . . . . . . . . . . . . . .356
storm-control unicast level (Global Config) . . . . . . . . . . . . . . . . . .356
storm-control unicast rate (Global Config) . . . . . . . . . . . . . . . . . . .357
storm-control flowcontrol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357
show storm-control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .358
Chapter 41 Dual Image
delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .360
boot system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .361
show bootvar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .361
filedescr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362
Chapter 42 Command List
15
Page 16
1. Introduction
Purpose
The JGSM7224 performs switching between Ethernet ports at wire speed. It provides basic
bridging functionality and also offers advanced features, such as link aggregation, IGMP
Snooping, and Network Access Control.
This document describes in detail the CLI commands supported by the JGSM7224 switch. It
is a reference manual for users and system administrators who need to configure the switch
using the CLI interface.
Scope
The scope of this document is limited to JGSM7224 release 9.2.0.5. This document details
all the CLI commands provided by the JGSM7224 software. The commands that are not
applicable for a specific hardware platform are indicated wherever necessary.
1
Document Conventions
• The syntax of the CLI command is shown in Courier New 10-point bold.
• Elements in (< >) indicate the field is required as input along with a CLI command, for
example, <integer (100-1000)>.
• Elements in square brackets ([ ]) indicate optional fields for a command.
• Text in {} refers to an “either-or” group for the tokens separated by a | symbol inside the
braces.
• CLI commands, output, and messages are shown in Courier font.
• The no form of the command resets a particular configuration to its default value or
revokes the effect. This is explained in the description of the commands as needed.
• Any action that can change the switch configuration, any conditionals and requirements
for a command, and any information associated with significant details and functionality
of a command is listed using the “..” symbol.
16
Page 17
ProSafe Managed Switch
Key Conventions
Keyboard Shortcuts
Key Sequence Description
Up Arrow/Down Arrow Displays the previously executed command
Backspace / Ctrl + H Removes a single character
TAB Completes a command without typing the full word
Left Arrow/Right Arrow Traverses the current line
Others
• ? - Lists the available commands.
• q - Exits the output display if the display is more than one page and returns to the
JGSM7224 prompt.
• show history - Displays the command history list.
Introduction
17
Page 18
2. Command-Line Interface
This chapter describes how to configure the JGSM7224 using the Command Line Interface.
Note: The Command Line Interface (CLI) can be used to configure the
Intelligent Switch Solution from a console attached to the serial port
of the switch or from a remote terminal using TELNET.
The JGSM7224 CLI uses a simple login authentication mechanism.
The authentication is based on a user name and password provided
by the user during login. The user admin is created by default and
has a blank password.
Note: When JGSM7224 is started, the user name and password must be
given at the login prompt to access the CLI shell:
-------------------------------------------------
user: admin
password:
(JGSM7224)>
-------------------------------------------------
The user-exec mode is now available. For a detailed description of
the various modes available for the JGSM7224, see
Modes on page 19.
2
CLI Command
CLI commands need not be fully typed. The abbreviated forms are also accepted by the
switch. For example, commands like show management vlan can be typed as show
management vl.
CLI commands are case-insensitive.
CLI commands are successful only if the dependencies are satisfied for the particular
command entered. Appropriate error messages are displayed if the dependencies are not
satisfied.
18
Page 19
ProSafe Managed Switch
Note: The ethernet type of an interface is determined during System
St artup. The ethernet type needs to be specified correctly when you
configure interface-specific parameters.
A fast ethernet interface cannot be configured as a gigabit-ethernet interface and vice-versa.
CLI Command Modes
Command Mode Access Method Prompt Exit Method
User EXEC This is the initial mode to start
a session.
Privileged EXEC The User EXEC mode
command enable is used to
enter the Privileged EXEC
mode.
Global Configuration The Privileged EXEC mode
command configure
terminal is used to enter the
Global Configuration mode.
Interface
Configuration
VLAN Config The Privileged EXEC mode
The Global Configuration
mode command interface
<interface-type>
<interface-id> is used to
enter the Interface
configuration mode.
command vlan database is
used to enter the VLAN Config
mode.
(JGSM7224)> The logout method is used.
(JGSM7224)# To return from the Privileged
EXEC mode to the Privileged
EXEC mode, use the
disable command.
(JGSM7224)(config)# To exit to the Global
Configuration mode, use the
exit command. To exit to
the Privileged EXEC mode
use the end command.
(JGSM7224)(config-if)# To exit to the Global
Configuration mode, use the
exit command. To exit to
the Privileged EXEC mode
use the end command.
(JGSM7224)(vlan)# To exit to the Privileged
EXEC mode, use the exit
command.
User EXEC Mode
After logging in to the device, the user is automatically in the User EXEC mode. In general,
the User EXEC commands are used to temporarily change terminal settings, perform basic
tests, and list system information.
Command-Line Interface
19
Page 20
ProSafe Managed Switch
Privileged EXEC Mode
Since many of the privileged commands set operating parameters, privileged access is
password protected to prevent unauthorized use. The password is not displayed on the
screen and is case-sensitive. The Privileged EXEC mode prompt is the device name followed
by the pound sign (#).
Global Configuration Mode
Global Configuration commands apply to features that affect the system as a whole, to any
specific interface.
Interface Configuration Mode
Physical Interface Mode
The Physical Interface mode is used to perform interface-specific operations. To return to the
global configuration mode, use the exit command.
Port Channel Interface Mode
The Port Channel Interface mode is used to perform port channel-specific operations. To
return to the global configuration mode, use the exit command.
Management VLAN Interface Mode
The Management VLAN Interface mode is used to perform L3-IPVLAN-specific operations.
To return to the global configuration mode, use the exit command.
Tunnel Interface Mode
The Tunnel Interface mode is used to perform Tunnel-specific operations. To return to the
global configuration mode, use the exit command.
VLAN Config Mode
This mode is used to perform VLAN-specific operations. To return to the global configuration
mode, use the exit command.
Command-Line Interface
20
Page 21
ProSafe Managed Switch
Protocol-Specific Modes
DHCP Pool Configuration Mode
This mode is used to configure the network pool / host configurations of a subnet pool. The
Global configuration mode command ip dhcp pool <integer(1-2147483647)>
creates a DHCP server address pool and places the user in DHCP pool configuration mode.
The prompt displayed in this mode is (JGSM7224)(dhcp-config)#.
To return to the global configuration mode, use the exit command.
ACL MAC Configuration Mode
The MAC access-list global configuration command creates Layer 2 MAC ACLs and returns
the MACAccess list configuration mode to the user. The Global configuration mode
command mac access-list extended <(name(1-31))> is used to enter the ACL
MAC Configuration mode and the prompt displayed in this mode is
(JGSM7224)(config-ext-macl)#.
To return to the global configuration mode, use the exit command.
SNTP Configuration Mode
This mode is used to configure the SNTP-specific parameters for the switch. The Global
configuration mode command sntp is used to enter the SNTP Configuration mode and the
prompt displayed in this mode is (JGSM7224)(config-sntp)#.
To return to the global configuration mode, use the exit command.
Command-Line Interface
21
Page 22
3. System Commands
This chapter describes the commands used to manage access permissions, mode access,
and terminal configurations on the JGSM7224 switch.
enable
This command turns on privileged commands. When in User EXEC mode, you can use this
command to enter Privileged EXEC mode.
Syntax enable
Mode User EXEC
Example
------------------------------------------------------------------(JGSM7224)> enable
(JGSM7224)#
-------------------------------------------------------------------
3
configure terminal
Use this command to enter the configuration mode.
Syntax configure terminal
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# configure terminal
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Command
exit - Exits the current configuration mode to the next highest configuration mode.
22
Page 23
ProSafe Managed Switch
listuser
This command lists all valid users, along with their permissible mode.
Syntax listuser
Mode Privileged EXEC
Example
----------------------------------------------------------------------------listuser
-----------------------------------------------------------------------------
Related Command
show users - Displays information about terminal lines.
username
This command creates a user and sets the enable password for that user. The no form of the
command deletes a user and disables the enable password for that user. At the system
default state, there is only one user, admin, with a blank password.
When you log in with the user name admin, you can add or delete a user and change the
password of other users in the system. If you log in with another user name, however, you
can change only your own password. If you add a new user with this command and do not
specify a password, the user you add has a default blank password.
Syntax username <user-name> [password <passwd>]
no username <user-name>
Mode Global Configuration
user-name - User names can be up to 20 characters in length and are case-sensitive. Only
alphanumeric characters, dashes (-), and underscores (_) are accepted.
password - Password.
Related Command
listuser - lists all valid users
System Commands
23
Page 24
ProSafe Managed Switch
logout
This command exits from Privileged EXEC or User EXEC mode to the JGSM7224 Login
Prompt if you are in a console session. If a telnet session is active, this command terminates
the session.
Syntax logout
Mode Privileged EXEC
User EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)>logout
user:
------------------------------------------------------------------------------
exit
This command exits the current configuration mode to the next highest configuration mode in
the CLI. The login name and password must be reentered to gain access to the CLI
command shell.
Syntax exit
Mode All modes
Example
-----------------------------------------------------------------------------(JGSM7224)(config-if) # exit
(JGSM7224)(config) #
------------------------------------------------------------------------------
show users
This command displays information about login user sessions.
Syntax show users
Mode Privileged EXEC
System Commands
24
Page 25
ProSafe Managed Switch
Example
-----------------------------------------------------------------------------(JGSM7224)# show users
ID Type User Peer-Address
c1 console admin Local Peer
c2 telnet admin 192.168.0.10
w1 http admin 192.168.0.10
(JGSM7224)#
------------------------------------------------------------------------------
Related Command
listuser - Lists all valid users, along with their permissible mode.
show history
This command displays command history. The commands are listed from the earliest to the
latest command. The buffer is unchanged when entering configuration mode and then
returning.
Syntax show history
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show history
1 show debug-logging
2 show users
3 listuser
4 show users
5 show history
(JGSM7224)#
------------------------------------------------------------------------------
reload
This command restarts the switch.
Syntax reload
Mode Privileged EXEC
System Commands
25
Page 26
ProSafe Managed Switch
show process cpu
This command displays the process CPU utilization.
Syntax show process cpu
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show process cpu
Memory Utilization Report
status bytes
free 13135872
alloc 51830784
CPU Utilization:
PID Name 5 Sec 1 Min 5 Min
1 init 0.0% 0.0% 0.0%
2 kthreadd 0.0% 0.0% 0.0%
3 ksoftirqd/0 0.0% 0.0% 0.0%
4 events/0 0.0% 0.0% 0.0%
5 khelper 0.0% 0.0% 0.0%
15 kblocked/0 0.0% 0.0% 0.0%
31 pdflush 0.0% 0.0% 0.0%
(JGSM7224)#
------------------------------------------------------------------------------
show memory cpu
This command displays the system memory utilization.
Syntax show memory cpu
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show memory cpu
Total Memory............................ 63444 KBytes
Available Memory Space.................. 12828 KBytes
(JGSM7224)#
------------------------------------------------------------------------------
System Commands
26
Page 27
4. System Features
The JGSM7224 switch offers a rich set of system features, such as login services,
copying/writing facilities, duplex/negotiation support, and many others. Some features might
have special hardware requirements and others might have special design considerations.
The related command sections provide overview descriptions of the features and include
specific information to consider when using these features.
CFA (Common Forwarding Agent) is a proprietary module that acts as a common forwarder
of packets between the Network Protocol Module(s), the Data-Link Layer Protocol Layer
Module(s), and the Device Drivers. CFA provides central management of the generic
parameters of all the interfaces in the system.
login authentication
This command sets the authentication method for user logins and the no form of the
command sets the authentication method for user logins to default values. Changing login
authentication from default to another value might disconnect the telnet session.
4
TACACS is an authentication program used on UNIX and Linux systems, a few network
routers, and other network equipment that allows access to a server or a managing computer
to determine if the user attempting to log in has the proper rights or is in the user database.
Syntax login authentication { local | radius | tacacs }
no login authentication
Mode Global Configuration
local - Local username database for authentication.
radius - List of all RADIUS servers for authentication.
tacacs - List of useful TACACS+ servers for authentication.
Example
------------------------------------------------------------------(JGSM7224)(config)# login authentication radius
(JGSM7224)(config)#
-------------------------------------------------------------------
27
Page 28
ProSafe Managed Switch
Related Commands
username - Creates a user and sets the enable password for that user with the privilege
level.
show system information - Displays system information.
ip http port
This command sets the HTTP port, and the no form of the command resets the HTTP port.
Default 80
Syntax ip http port <port-number(1-65535)>
no ip http port
Mode Global Configuration
Example
-------------------------------------------------------------------------(JGSM7224)(config)# ip http port 90
(JGSM7224)(config)#
--------------------------------------------------------------------------
Related Commands
ip http server - Enables access to the switch through the Web interface.
show ip http - Displays the HTTP settings for the switch.
ip http server
This command enables access to the switch through the Web interface, and the no form of
the command disables it. When access is enabled, the user can log in to the switch from the
Web interface. When access is disabled, the user cannot log in to the switch’s Web server.
Disabling the Web interface takes effect immediately. All interfaces are affected.
Default Enabled
Syntax ip http server
no ip http server
Mode Global Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# no ip http server
(JGSM7224)(config)#
------------------------------------------------------------------------------
System Features
28
Page 29
ProSafe Managed Switch
Related Commands
ip http port - Sets the HTTP port.
show ip http - Displays the HTTP settings for the switch.
ip http session timeout
This command configures the timeout for unsecure HTTP sessions in minutes. Configuring
this value to zero sets an infinite timeout. When the timeout expires the user is forced to
re-authenticate. The timer begins on initiation of the Web session and is restarted with each
access to the switch. The no form of the command resets the timeout to the default value.
Default 30
Syntax ip http session timeout <0-60>
no ip http session timeout
Mode Global Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# ip http session timeout 10
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Command
show ip http - Displays the HTTP settings for the switch.
interface
This command selects an interface to configure, which can be a physical interface, a portchannel interface, or a management vlan interface. On execution of this command, the user
enters the interface configuration mode for that interface. Eight port-channels are created by
default.
Syntax interface {vlanMgmt | {port-channel | lag}<integer (1-8)> |
<slot/port>}
Mode Global Configuration
vlanMgmt - The management vlan interface.
port-channel - Port Channel Identifier.
slot/port - Physical interface ID, including type, slot, and port format.
System Features
29
Page 30
ProSafe Managed Switch
Example
-----------------------------------------------------------------------------For management VLAN Interface:
(JGSM7224)(config)# interface vlanMgmt
(JGSM7224)(config-if)#
------------------------------------------------------------------------------
Related Command
show interface - Displays the interface status and configuration.
interface range
This command selects a range of interfaces to configure, which can be physical interfaces or
port-channel interfaces.
Syntax interface range {<iface_list> | port-channel <po_list>}
Mode Global Configuration
iface-list - The physical interface list.
port-channel - The port channel identifier.
po-list - The port channel interface list.
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# interface range 0/1-24
(JGSM7224)(config-if-range)#
------------------------------------------------------------------------------
management vlan-list
This command sets the VLAN list for the L3 VLAN interface. The no form of the command
resets the list for the L3 VLAN interface.The VLAN list can be specified as a range of VLAN
IDs separated by a hyphen or a series of non-consecutive VLANs separated by a comma. A
single VLAN ID can also be substituted instead of a range of VLANs. This command is
configured only when the code is compiled with the WorkGroupSwitch enabled, if the L2 Vlan
Management support is required.
Default vlan - 1
interface-type - eth0
Syntax management vlan-list <vlan-list>
no management vlan-list <vlan-list>
Mode Global Configuration
System Features
30
Page 31
ProSafe Managed Switch
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# management vlan-list
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Command
show management vlan - Displays the VLANs associated with the management interface.
mtu frame size
This command configures the maximum transmission unit frame size for the interface. The
MTU includes the Ethernet header, CRC, and payload. The MTU size is a valid integer
between 1518 and 9216 for untagged packets. For tagged packets, the actual MTU is the
specified MTU size plus 4. The interface must be brought down administratively prior to
changing the MTU.
Default 1518
Syntax mtu <frame-size(1518-9216)>
Mode Interface Configuration
Note: For IPV6, the minimum valid MTU is 1280.
Example
-----------------------------------------------------------------------------(JGSM7224)(config-if)# mtu 1600
(JGSM7224)(config-if)#
------------------------------------------------------------------------------
Related Commands
show interfaces - Displays the interface status and configuration.
show interface mtu - Displays the global maximum transmission unit.
System Features
31
Page 32
ProSafe Managed Switch
snmp trap link-status
This command enables trap generation on either the physical interface or the port-channel
interface. The no form of this command disables trap generation on the respective interface.
Default Enabled
Syntax snmp trap link-status
no snmp trap link-status
Mode Interface Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config-if)# snmp trap link-status
(JGSM7224)(config-if)#
------------------------------------------------------------------------------
Related Command
show interfaces - Displays the interface status and configuration.
write memory
Use this command to save running configuration changes to NVRAM so that the changes
you make persist across a reboot. This command is the same as copy system:running
config nvram:startup-config.
Syntax write memory
Mode Privileged EXEC
Related Commands
copy - Uploads and downloads the file from the remote.
save - Saves the configuration.
erase - Erases the specified file.
copy
This command uploads and downloads files to and from the switch. Upload and download
files from a server by using TFTP.
Syntax copy <source> <destination>
Mode Privileged EXEC
System Features
32
Page 33
ProSafe Managed Switch
Replace the <source> and <destination> parameters with the options in the following
table. For the <tftp_url> source or destination, use the following values:
<tftp_url> tftp://<ipaddr | hostname>/<filename>
For TFTP, the <ipaddr> parameter is the IP address of the server, and <filename> is the
name of the file you want to upload or download. Parameters for the copy command are
listed in the following table:
Source Destination Description
<tftp url> nvram:sslpem-server Downloads Secure Server PEM file to the
system
<tftp url> nvram:startup-config Downloads the startup configuration file to the
system
<tftp url> system:boot Downloads and updates the boot code
<tftp url> system:image Downloads and updates the image
<tftp url> {image1 | image2} Download an image from the remote server to
either image.
{image1 | image2} <tftp url> Upload either image to the remote server.
image1 image2 Copy image1 to image2.
image2 image1 Copy image2 to image1.
nvram:backup-config <tftp url> Uploads the backup configuration to the server
nvram:backup-config nvram:startup-config Copies the backup config to the startup config
nvram:debug-log <tftp url> Uploads the debug log file to the server
nvram:log1 <tftp url> Uploads the log file 1 to the server
nvram:log2 <tftp url> Uploads the log file 2 to the server
nvram:log3 <tftp url> Uploads the log file 3 to the server
nvram:startup-config <tftp url> Uploads the startup configuration to the server
nvram:startup-config nvram:backup-config Copies the startup config to the backup config
system:running-config nvram:startup-config Save the running configuration to nvram
Related Commands
write memory - Create the configuration file.
save - Save the configuration.
erase - Erase the specified file.
System Features
33
Page 34
ProSafe Managed Switch
save
This command makes the current configuration changes permanent by writing the
configuration changes to system NVRAM.
Syntax save
Mode Privileged EXEC
Related Commands
write memory - Create the configuration file.
copy - Uploads and downloads the file from the remote.
erase - Erases the specified file.
clock set
This command manages the system clock.The date is configured in the switch in the
following format:
• Hours:minutes:Seconds Date Month Year.
• The format for the date is dd(1-31).
• The format for the month is Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, Dec.
• The format for the year is yyyy(1970-2035).
Syntax clock set hh:mm:ss day month year
Mode Privileged EXEC
Example
-------------------------------------------------------------------------------------(JGSM7224)# clock set 18:04:10 18 Oct 2005
(JGSM7224)#
--------------------------------------------------------------------------------------
Related Command
show clock - Displays the system clock.
erase
This command clears the contents of a specified file.
Syntax erase { startup-config | backup-config | log1 | log2 | log3 }
Mode Privileged EXEC
System Features
34
Page 35
ProSafe Managed Switch
startup-config - Startup configuration file.
backup-config - Backup configuration file.
log1 - Log file 1.
log2 - Log file 2.
log3 - Log file 3.
Example
-----------------------------------------------------------------------------(JGSM7224)# erase startup-config
(JGSM7224)#
------------------------------------------------------------------------------
Related Commands
write memory - Create the configuration file.
copy - Uploads and downloads the file from the remote.
save - Save configuration.
shutdown - physical/vlanMgmt/port-channel Interface
This command disables a physical interface/vlanMgmt interface/port-channel interface. The
no form of the command enables a physical interface/vlanMgmt interface/port-channel
interface. All functions on the specified interface are disabled by the shutdown command.
Default Physical Interface enabled
Management VLAN interface enabled
Port-channel interface enabled
Syntax shutdown
no shutdown
Mode Interface Configuration Mode for physical interface/port-channel
Interface Management VLAN Interface Mode for vlanMgmt interface
Example
-----------------------------------------------------------------------------(JGSM7224)(config-if)# shutdown
(JGSM7224)(config-if)#
------------------------------------------------------------------------------
Related Commands
interface - Configures an interface, which can be a physical interface, a port-channel
interface, or a management vlan interface.
show interfaces - Displays the interface status and configuration.
System Features
35
Page 36
ProSafe Managed Switch
debug-logging
This command configures where debug logs are to be displayed and the no form of the
command displays debug logs on the console. Debug logs are directed to the console screen
or to a buffer file, which can later be uploaded based on the input.
Syntax debug-logging { console|file }
no debug-logging
Mode Global Configuration
console - Debug logs are displayed on the Console.
file - Debug logs are displayed in the file.
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# debug-logging console
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Command
show debug-logging - Displays the debug logs stored in file.
show interfaces
This command displays the interface status and configuration.If executed without the optional
parameters, this command displays the IP interface statistics and configuration for all
available interfaces.
Syntax show interfaces [{ [<slot/port>] [{ description | rate-limit |
flowcontrol | capabilities | status }] | port-channel
<port-channel-id (1-8)> }]
Mode Privileged EXEC
slot/port - Physical interface ID, including type, slot, and port format.
description - Description of the interface.
rate-limit - Rate limit of the interface.
flowcontrol - Receive or send flow control value for an interface.
capabilities - Capabilities of the interface.
status - Status of the interface.
port-channel - Port Channel Identifier.
System Features
36
Page 37
ProSafe Managed Switch
Example
-----------------------------------------------------------------------------(JGSM7224)# show interfaces 0/2
0/2 up, line protocol is up (connected)
Hardware Address is 00:01:02:03:04:22
RARP Client is enabled
MTU 1500 bytes, Full duplex, 100 Mbps, Auto-Negotiation
HOL Block Prevention enabled.
Flow-control is off
Link Up/Down Trap is enabled
Reception Counters
Octets : 739284
Unicast Packets : 0
Non Unicast Packets : 5963
Discarded Packets : 0
Error Packets : 0
Unknown Protocol : 5963
Transmission Counters
Octets : 741775
Unicast Packets : 0
Non Unicast Packets : 5985
Discarded Packets : 0
Error Packets : 0
(JGSM7224)# show interfaces
Interface Status Protocol
--------- ------ -------0/1 up up
0/2 up down
0/3 up up
(JGSM7224)# show interfaces 0/2 flowcontrol
Port Tx Rx Tx Pause Rx Pause HC Rx Pause
---- ----- -------- -------- -------0/2 off off 0 0 0 0
(JGSM7224)# show interfaces 0/2 capabilities
0/2
Type : 10/100/1000 Base TX
Speed : 10, 100, 1000, Auto
Duplex : Half, Full
FlowControl : Send, Receive
JGSM7224 # show interfaces 0/2 status
Port Status Duplex Speed Negotiation
System Features
37
Page 38
ProSafe Managed Switch
---- ------ ------ ----- ----------0/2 connected Full 100 Mbps Auto
JGSM7224 # show interfaces port-channel
2 po2 up, line protocol is up (connected)
(JGSM7224)#
------------------------------------------------------------------------------
Related Command
interface - Configures an interface which can be a physical interface or a port-channel
interface or management vlan interface.
show interfaces - counters
This command displays the interface statistics for each port.
Syntax show interfaces counters {<slot/port> | port-channel <integer (1-8)>}
[detail]
Mode Privileged EXEC
counters - Various counters for the switch or for the specific interface.
slot/port - Physical interface ID, including type, slot, and port format.
port channel - Port channel ID.
detail - Detailed statistics.
Example
-----------------------------------------------------------------------------(JGSM7224)# show interfaces counters 0/1 detail Port
................................................................
0/1 Packets R1 64 Octets
............................................... 39 Packets R1 65-127
Octets ........................................... 38 Packets R1
128-255 Octets .......................................... 18 Packets
R1 256-511 Octets ........................................... 1
Packets R1 512-1023 Octets
.......................................... 4 Packets R1 1024-1518
Octets ......................................... 0 Packets R1
1519-1522 Octets ......................................... 0 Packets
R1 1522-2047 Octets ......................................... 0
Packets R1 2048-4095 Octets
......................................... 0 Packets R1 4095-9216
Octets ......................................... 0 Multicast Packets
Received .......................................... 5
------------------------------------------------------------------------------
System Features
38
Page 39
ProSafe Managed Switch
Related Command
show interfaces - Displays the interface status and configuration.
show management vlan
This command displays the VLANs associated with the management interface.
Syntax show management vlan
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show management vlan
Interface Status............................... UP
IP Address..................................... 192.168.0.239
Subnet Mask.................................... 255.255.255.0
Default Gateway................................ No Configurated
Configured IPv4 Protocol....................... NONE
IPv6 Administrative Mode....................... UP
IPv6 Prefix is ................................ fe80::a221:b7ff:fe97:4f93/128
Default IPv6 GateWay is ....................... No Configurated
Configured IPv6 Protocol....................... None
MAC address.................................... a0:21:b7:97:4f:93
Management VLAN ID............................. 1
(JGSM7224)#
------------------------------------------------------------------------------
Related Command
management vlan-list - Sets the VLAN list for the L3 VLAN interface.
show network
This command displays the management interface.
Syntax show network
Mode Privileged EXEC
System Features
39
Page 40
ProSafe Managed Switch
Example
-----------------------------------------------------------------------------(JGSM7224)# show network
Interface Status............................... UP
IP Address..................................... 192.168.0.239
Subnet Mask.................................... 255.255.255.0
Default Gateway................................ No Configurated
Configured IPv4 Protocol....................... NONE
IPv6 Administrative Mode....................... UP
IPv6 Prefix is ................................ fe80::a221:b7ff:fe97:4f93/128
Default IPv6 GateWay is ....................... No Configurated
Configured IPv6 Protocol....................... None
MAC address.................................... a0:21:b7:97:4f:93
Management VLAN ID............................. 1
(JGSM7224)#
------------------------------------------------------------------------------
show interfaces mtu
This command shows the Maximum Transmission Unit (MTU) of ports in the switch.
Syntax show interfaces mtu [{ port-channel <port-channel-id (1-8)> |
<slot/port> }]
Mode Privileged EXEC
port-channel - Port Channel Identifier.
slot/port - Physical interface ID including type, slot, and port number.
Example
-----------------------------------------------------------------------------(JGSM7224)# show interface mtu 0/1
0/1 MTU size is 1500
(JGSM7224)#
------------------------------------------------------------------------------
Related Command
mtu frame size - Configures the maximum transmission unit frame size for the interface.
System Features
40
Page 41
ProSafe Managed Switch
show system information
This command displays system information.
Syntax show system information
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show system information
System Uptime : 21 hrs, 30 mins, 29 secs
System Description : JGSM7224 - 24-Port Gigabit Layer 2 Managed Switch
Switch Name : JGSM7224
System Contact : JGSM7224
System Location : JGSM7224
System Object ID : 1.3.6.1.4.1.4526.100.2.6
Base Mac Address : e0:46:9a:47:c2:0a
Logging Option : Console Logging
Login Authentication Mode : Local
(JGSM7224)#
------------------------------------------------------------------------------
Related Commands
write - Writes the running-config to a startup-configuration file.
erase - Clears the contents of the startup configuration or sets parameters in NVRAM to
default values.
login authentication - Sets the authentication method for user logins.
show version
This command displays system version information.
Syntax show version
Mode Privileged EXEC
System Features
41
Page 42
ProSafe Managed Switch
Example
-----------------------------------------------------------------------------(JGSM7224)# show version
System Description..........JGSM7224 - 24-Port Gigabit Layer 2 Managed Switch
Machine Type................24-Port Gigabit Layer 2 Managed Switch
Machine Model...............JGSM7224
Serial Number...............23H511570074D
Manufacturer................Netgear
Software Version............9.2.0.5
(JGSM7224)#
------------------------------------------------------------------------------
show debug-logging
This command displays the debug logs stored in the log file.
Syntax show debug-logging
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# debug-logging file
(JGSM7224)(config)# exit
(JGSM7224)# debug spanning-tree events
(JGSM7224)# show debug-logging
AST: MSG: Timer Expiry Event processed...
AST: MSG: Completed processing the event(s).
AST: MSG: Timer Expiry Event processed...
AST: MSG: Completed processing the event(s).
AST: MSG: Timer Expiry Event processed...
AST: MSG: Completed processing the event(s).
AST: MSG: Timer Expiry Event processed...
AST: MSG: Completed processing the event(s).
AST: MSG: Timer Expiry Event processed...
AST: MSG: Completed processing the event(s).
AST: MSG: Timer Expiry Event processed...
AST: MSG: Completed processing the event(s).
AST: MSG: Timer Expiry Event processed...
AST: MSG: Completed processing the event(s).
AST: MSG: Timer Expiry Event processed...
AST: MSG: Completed processing the event(s).
AST: MSG: Timer Expiry Event processed...
AST: MSG: Completed processing the event(s).
(JGSM7224)#
------------------------------------------------------------------------------
System Features
42
Page 43
ProSafe Managed Switch
Related Command
debug-logging - Configures where debug logs are to be displayed.
show clock
This command displays the system date and time.
Syntax show clock
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show clock
Tue Oct 18 18:04:11 2005
(JGSM7224)#
------------------------------------------------------------------------------
Related Command
clock set - Manages the system clock.
show running-config
This command displays the current operating configuration in the system.
Syntax show runn ing-config
show running-config changed
show running-config interface
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show running-config
Building configuration...
!
!
vlan database
vlan 4-6
!
!
interface 0/1 no shutdown
System Features
43
Page 44
ProSafe Managed Switch
!
interface 0/2
no shutdown
!
interface 0/3
no shutdown
!
........
interface vlanMgmt
ip address 192.168.0.2 255.255.255.0
no shutdown
ipv6 enable
!
!
!
!
snmp user initial
snmp user templateMD5 auth md5 AUTH_PASSWD
snmp user templateSHA auth sha AUTH_PASSWD priv DES DES_CBC
!
!
!
end
(JGSM7224)#
------------------------------------------------------------------------------
Related Commands
Related commands include the configuration commands of all the modules.
show ip http
This command displays the http settings for the switch.
Syntax show ip http
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show ip http
HTTP Mode (Unsecure)........................... Enabled
HTTP Port...................................... 80
HTTP Session Timeout........................... 30
System Features
44
Page 45
ProSafe Managed Switch
HTTP Mode (Secure)............................. Disabled
Secure Port.................................... 443
HTTPS Session Timeout.......................... 30
Certificate Present............................ True
(JGSM7224)#
------------------------------------------------------------------------------
Related Commands
ip http port - Sets the HTTP port.
ip http server - Enables access to the switch through the Web interface.
ip http session timeout - Configures the timeout for unsecure HTTP sessions in
minutes.
ip http secure-server - Enables the secure socket layer for secure HTTP.
ip http secure-port - Set the SSL port, where port can be 1-65535.
ip http secure-session timeout - Configures the timeout for secure HTTP sessions
in minutes.
crypto certificate generate - Generates self-signed certificate for HTTPS.
show ssl server-cert - Displays SSL server certificate.
console timeout
This command specifies the maximum connect time (in minutes) without console activity. A
value of 0 indicates that a console can be connected infinitely. The time range is 0 to 160.
The no form of the command sets the console login inactivity timeout value to the default.
Default 30
Syntax console timeout <0-160>
no console timeout
Mode Global Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# console timeout 10
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Command
show console - Displays console settings for the switch.
System Features
45
Page 46
ProSafe Managed Switch
ip telnet server enable
This command enables Telnet connections to the system and enables the Telnet Server
Admin Mode. This command opens the Telnet listening port. The no form of the command
disables Telnet access to the system and disables the Telnet Server Admin Mode. The no
form of the command also closes the Telnet listening port and disconnects all open Telnet
sessions.
Default Enabled
Syntax ip telnet server enable
no ip telnet server enable
Mode Global Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# no ip telnet server enable
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Command
show telnet - Displays the current Telnet settings.
telnetcon timeout
This command sets the Telnet connection session timeout value, in minutes. A session is
active as long as the session has not been idle for the value set. The time is a decimal value
from 1 to 160. The no form of the command sets the Telnet connection session timeout value
to the default.
Default 30
Syntax telnetcon timeout <1-160>
no telnetcon timeout
Mode Global Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# telnetcon timeout 10
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Command
show telnet - Displays the current Telnet settings.
System Features
46
Page 47
ProSafe Managed Switch
telnetcon maxsessions
This command specifies the maximum number of Telnet connection sessions that can be
established. A value of 0 indicates that no Telnet connection can be established. The range is
0-5. The no form of the command sets the maximum number of Telnet connection sessions
to the default value.
Default 5
Syntax telnetcon maxsessions <0-5>
no telnetcon maxsessions
Mode Global Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# telnetcon maxsessions 3
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Command
show telnet - Displays the current Telnet settings.
show console
This command displays console settings for the switch.
Syntax show console
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# show console
Console Login Timeout (minutes)................ 30
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Command
console timeout - Specifies the maximum connect time (in minutes) without console
activity.
System Features
47
Page 48
ProSafe Managed Switch
show telnet
This command displays the current Telnet settings.
Syntax show telnet
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show telnet
Telnet Server Admin Mode....................... Enable
Remote Connection Login Timeout (minutes)...... 30
Maximum Number of Remote Connection Sessions... 5
Telnet Sessions Currently Active............... 0
(JGSM7224)#
------------------------------------------------------------------------------
Related Commands
ip telnet server enable - Enables Telnet connections to the system and enables the
Telnet Server Admin Mode.
telnetcon timeout - Sets the Telnet connection session timeout value, in minutes.
telnetcon maxsessions - Specifies the maximum number of Telnet connection sessions
that can be established.
restore startup-config
This command sets the startup-config restore flag. If this flag is set, the switch will use
startup-config for the next restore.
Syntax restore startup-config
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# restore startup-config
(JGSM7224)#
------------------------------------------------------------------------------
Note: These commands also set the startup-config restore flag: save,
write memory, copy <tftp_url> nvram:startup-config,
and copy nvram:backup-connfig nvram:startup-config.
System Features
48
Page 49
ProSafe Managed Switch
Related Commands
write memory - Creates the config file.
copy - Uploads and Downloads the file from the remote.
save - Saves the configuration. This command also sets the restore flag.
no restore
This command sets the no restore flag. If this flag is set, the switch will not use the
startup-config for the next restore. This flag will also be set if the startup-config does not exist.
Syntax no restore
Mode Privileged EXEC
Example
---------------------------------------------------------------------------------(JGSM7224)# no restore
(JGSM7224)#
----------------------------------------------------------------------------------
Related Commands
write memory - Creates the config file.
copy - Uploads and downloads the file from the remote.
save - Saves the configuration.
clear interfaces counters
This command clears statistics for the interface.
Syntax clear interfaces [<slot/port>] counters
Mode Privileged EXEC
Example
---------------------------------------------------------------------------------(JGSM7224)# clear interfaces 0/1 counters
(JGSM7224)#
----------------------------------------------------------------------------------
Related Command
slot/port - Physical interface ID, including type, slot, and port format.
System Features
49
Page 50
5. Port Manager
The JGSM7224 switch offers a rich set of commands to manage ports, such as port speed,
port duplex, auto-negotiation, rate-limit, storm-control, and port-mirroring.
monitor session
This command enables port-mirroring in the switch. The no form of the command disables
port mirroring in the switch.
Default Port Mirroring is disabled
Syntax monitor session <session_number:1> { destination interface <slot/port> |
source interface <slot/port>[{ rx | tx }] | mode }
no monitor [session <session_number:1>] [{source interface <slot/port> |
destination interface | mode}]
Mode Global Configuration
5
session number - Specifies the session number identified with the session.
destination interface - Specifies the destination interface or the mirror-to port. Valid
interfaces are physical ports. There can be only one mirror-to port per switch.
source interface - Specifies the interface for the traffic that is to be mirrored. Valid
interfaces include physical ports, with a maximum of eight physical ports.
rx - Received traffic is mirrored.
tx - Transmitted traffic is mirrored.
mode - Enable or disable mirror.
Example
-------------------------------------------------------------------(JGSM7224)(config)# monitor session 1 source interface 0/2
--------------------------------------------------------------------
Related Command
show monitor session 1 - Displays port-monitoring information.
50
Page 51
ProSafe Managed Switch
negotiation
This command enables auto-negotiation on the interface. The no form of the command
disables auto- negotiation on the interface. The auto-negotiation doesn't affect flow control
status.
Syntax negotiation
no negotiation
Mode Global Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config-if)# negotiation
------------------------------------------------------------------------------
speed
This command sets the speed of the interface.
Default 100
Syntax speed { 10 | 100 }
Mode Interface Configuration
10 - Port runs at 10Mbps
100 - Port runs at 100Mbps
Example
-----------------------------------------------------------------------------(JGSM7224)(config-if)# speed 100
------------------------------------------------------------------------------
Related Commands
negotiation - Enables auto-negotiation
duplex - Configures the duplex operation
duplex
This command configures duplex operation.
Default half
Syntax duplex { full | half }
Mode Interface configuration
Port Manager
51
Page 52
ProSafe Managed Switch
full - Port is in full-duplex mode
half - Port is in half-duplex mode
Example
-----------------------------------------------------------------------------(JGSM7224)(config-if)# duplex half
------------------------------------------------------------------------------
Related Commands
negotiation - Enables auto-negotiation on the interface
speed - Sets the speed of the interface
rate-limit
This command enables the rate limiting and burst size rate limiting by configuring the egress
and ingress packet rate of an interface. The no form of the command disables the rate
limiting and burst size rate limiting on an egress or ingress port.
Defaults rate-value - 0
burst-value - 0
Syntax rate-limit {output | input }<rate-value> <burst-value>
no rate-limit {output | input}
Mode Interface configuration
rate-value - Line rate in kbps
burst-value - Burst size value in kbps
Example
-----------------------------------------------------------------------------(JGSM7224)(config-if)# rate-limit output 64 32
------------------------------------------------------------------------------
show monitor session
This command displays port-monitoring information.
Syntax show monitor session <session_number : 1>
Mode Privileged EXEC
Port Manager
52
Page 53
ProSafe Managed Switch
Example
-----------------------------------------------------------------------------(JGSM7224)# show monitor session 1
------------------------------------------------------------------------------
Related Command
monitor session - Enables port-mirroring in the switch
Port Manager
53
Page 54
6. DHCP
DHCP (Dynamic Host Configuration Protocol) allows dynamic configuration of a host computer.
When a DHCP client is booted, it initially does not have an IP address assigned to it. It issues a
broadcast message to any DCHP servers that are on the network. An exchange takes place
during which the DHCP server assigns an IP address to the client and sends the client certain
key network configuration parameters.
Many Internet service providers (ISPs) require that their customers use a DHCP client so the ISP
can dynamically assign IP addresses and control other network settings. Another use is for
laptop computers, which can be connected to more than one network. For example a laptop can
be connected to a network in the office and also at home. This is an ideal use for DHCP since
the laptop doesn’t need to be manually reconfigured for use in the two different networks. In this
case, there needs to be a DHCP server both on the office network and the home network and
the laptop needs a DHCP client.
dhcp client release
6
This command immediately releases the DHCP lease on the interface specified.The VLAN
interface must have an IP address assigned by the DHCP server, and it must be in binding
state.
Syntax dhcp client release
Mode Interface Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config-if)# dhcp client release
(JGSM7224)(config-if)#
------------------------------------------------------------------------------
Related Commands
show management vlan - Displays the IP interface statistics and configuration.
show dhcp client stats - Displays the DHCP client statistics information.
54
Page 55
ProSafe Managed Switch
dhcp client acquire - Configures the current VLAN interface to dynamically acquire an
IP address from the DHCP server.
dhcp client renew
This command immediately renews the DHCP lease for the interface specified. The VLAN
interface must have an IP address assigned by the DHCP server.
Syntax dhcp client renew
Mode Interface Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config-if)# dhcp client renew
(JGSM7224)(config-if)#
------------------------------------------------------------------------------
Related Commands
dhcp client acquire - Configures the current VLAN interface to dynamically acquire an
IP address from the DHCP server.
show dhcp client stats - Displays the DHCP client statistics information.
dhcp client acquire
This command immediately acquires the ip address through the DHCP on the interface
specified.
Syntax dhcp client acquire
Mode Interface Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config-if)# dhcp client acquire
(JGSM7224)(config-if)#
------------------------------------------------------------------------------
Related Commands
show ip dhcp client stats - Displays the DHCP client statistics information.
show management vlan - Displays the IP interface statistics and configuration.
dhcp client release - Releases the address acquired from the dhcp server.
dhcp client renew - Renews the address lease.
DHCP
55
Page 56
ProSafe Managed Switch
debug dhcp client
This command sets the debug level for tracing the DHCP client module. The no form of the
command disables the debug level for the DHCP client.
Default Disabled
Syntax debug dhcp client { all | event | packets | errors | bind }
no debug dhcp client { all | event | packets | errors | bind }
Mode Privileged EXEC
all - All trace messages.
event - Trace management messages.
packets - Packets-related messages.
errors - Trace error code debug messages.
bind - Trace bind messages.
Example
-----------------------------------------------------------------------------(JGSM7224)# debug dhcp client all
(JGSM7224)#
------------------------------------------------------------------------------
Related Command
show dhcp client stats - Displays the DHCP client statistics information.
show dhcp client stats
This command displays the DHCP client statistics.
Syntax show dhcp client stats
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show dhcp client stats
Dhcp Client Statistics
-------------------------Interface : vlanMgmt
Client IP Address : 0.0.0.0
Client Lease Time :0
Client Remain Lease Time : 0
Message Statistics
DHCP
56
Page 57
ProSafe Managed Switch
-----------------DHCP DISCOVER : 1
DHCP REQUEST : 0
DHCP DECLINE : 0
DHCP RELEASE : 0
DHCP INFORM : 0
DHCP OFFER : 1
(JGSM7224)#
------------------------------------------------------------------------------
Related Commands
dhcp client acquire - Configures the current VLAN interface to dynamically acquire and
IP address from the DHCP server.
dhcp client release - Releases the DHCP lease on the interface specified.
dhcp client renew - Renews the DHCP lease for the interface specified.
service dhcp
This command enables the DHCP server. The no form of this command disables the DHCP
server. The DHCP Relay must be disabled before enabling the DHCP server.
Default Disabled
Syntax service dhcp
no service dhcp
Mode Global Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# service dhcp
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Command
show ip dhcp server information - Displays the DHCP server information.
DHCP
57
Page 58
ProSafe Managed Switch
ip dhcp pool
This command creates a DHCP server address pool and places the user in the DHCP pool
configuration mode. The no form of the command deletes the DHCP server address pool. On
execution of this command, the configuration mode changes to DHCP pool configuration
mode, identified by the (config-dhcp)# prompt. In this mode, the administrator can
configure pool parameters.
Default Address pools are not created by default.
Syntax ip dhcp pool <index (1-2147483647)>
ip dhcp pool <index (1-2147483647)>
no
Mode Global Configuration
index - Pool Number.
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# ip dhcp pool 1
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Commands
network - Sets the network number and mask in DHCP server configuration parameters.
excluded-address - Creates an excluded pool to prevent the DHCP from assigning
certain addresses.
domain-name - Sets the domain name in the DHCP server configuration parameters.
dns-server - Specifies the IP address of a DNS server.
netbios-name-server - Sets the NetBIOS (WINS) name servers in the DHCP server
configuration parameters.
netbios-node-type - Sets the NetBios node type in the DHCP server configuration
parameters.
default-router - Sets the default router in the DHCP server configuration parameters.
option - Sets the pool specific DHCP server option.
lease - Sets the lease period.
host hardware-type - Specifies the hardware address of a Dynamic Host Configuration
Protocol (DHCP) client.
show ip dhcp server information - Displays the DHCP server information.
show ip dhcp server pools - Displays the DHCP server pools.
DHCP
58
Page 59
ProSafe Managed Switch
ip dhcp next-server
This command sets the next boot server in the DHCP server configuration parameters. The
no form of this command deletes the next boot server from the DHCP server configuration
parameters.
Syntax ip dhcp next-server <ip address>
no ip dhcp next-server
Mode Global Configuration
ip address - IP address of the TFTP server.
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# ip dhcp next-server 12.0.0.1
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Commands
service dhcp - Enables the DHCP server.
show ip dhcp server information - Displays the DHCP server information.
show ip dhcp server binding - Displays the DHCP server binding information.
show ip dhcp server pools - Displays the DHCP server pools.
show ip dhcp server statistics - Displays the DHCP server statistics.
ip dhcp bootfile
This command sets the boot file name in the DHCP server configuration parameters. The no
form of this command deletes the boot file name from the DHCP server configuration
parameters.
Syntax ip dhcp bootfile <bootfile (63)>
no ip dhcp bootfile
Mode Global Configuration
boot file - Name of the file that specifies the boot image.
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# ip dhcp bootfile 53
(JGSM7224)(config)#
------------------------------------------------------------------------------
DHCP
59
Page 60
ProSafe Managed Switch
Related Commands
service dhcp - Enables the DHCP server.
show ip dhcp server information - Displays the DHCP server information.
ip dhcp
This command sets the DHCP server parameters such as enabling the ICMP echo
mechanism or offer-reuse timeout. The no form of this command is used to set the DHCP
server parameters, such as disabling the ICMP echo mechanism or server offer-reuse to its
default value or removing a bind entry from the server binding table.
The DHCP server pings a pool address before assigning the address to a re questing client. If
the ping is unanswered, the DHCP server assumes (with a high probability) that the address
is not in use and assigns the address to the requesting client. If the ping is answered, the
server will add this address to the excluded address pool.
Default server-offer-reuse default is 5
Syntax ip dhcp{ping-packets|server-offer-reuse <timeout(1-120)>}
no ip dhcp{ping-packets|server-offer-reuse|binding <ip address>}
Mode Global Configuration
ping packets - Enable icmp echo’s prior to assigning a pool address. The no form of this
command option prevents the server from pinging pool addresses.
server offer reuse - The amount of time the DHCP server entity would wait for the
DHCP REQUEST from the client before reusing the offer.
binding - The binding option if specified deletes the specified address from binding.
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# ip dhcp ping-packets
(JGSM7224)(config)#
------------------------------------------------------------------------------
Related Commands
service dhcp - Enables the DHCP server.
show ip dhcp server information - Displays the DHCP server information.
show ip dhcp server binding - Displays the DHCP server binding information.
show ip dhcp server pools - Displays the DHCP server pools.
show ip dhcp server statistics - Displays the DHCP server statistics.
DHCP
60
Page 61
ProSafe Managed Switch
ip dhcp option
This command sets the DHCP server options.
Syntax ip dhcp option <code (1-255)> {ascii <string> | hex <Hex String> | ip
<address>}
no ip dhcp option <code(1-255)>
Mode Global Configuration
code - Option Code.
ascii - ASCII string.
hex - Hexadecimal string.
ip - IP address.
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# ip dhcp option 19 hex 01
(JGSM7224)(config)#
------------------------------------------------------------------------------
The subnet-specific options take precedence over global options and the host-specific
options take precedence over global and subnet options.
RFC 2132 provides details about option code to option name mapping and the option length
information.
Note: When in HEX format, two HEX chars are regarded as 1 byte. For example, the HEX
string ef9a’s length is 2, because the “ef” is one octet. The following is the list of supported
and configurable DHCP options with their corresponding option length values:
• Options 19, 20, 27, 29, 30, 31, 34, 36, 39, 46 must have a length of 1
• Options 12, 14, 15, 17, 18, 40, 43, 47, 64, 66, 67 must have a length >=1
• Option 16 must have minimum length 4 and the value for this option must be an IP
address and Option 25 can have a length of 2 and 2*n
• Option 68 must have length 4 and the value for this option must be an IP address
• Options 2-11, 41, 42, 44, 45, 48, 49, 65, 69, 70-76 must have a length of 4. Value for
these options must be an IP address
• Options 21, 33 must have minimum length as 8 and 8*n
• Options 0, 1, 22-24, 26, 28, 32, 35, 37, 38, 50-63, 77-255 are not configurable using this
command
• Option 1 is set when configuring the network mask
Related Commands
service dhcp - Enables the DHCP server.
DHCP
61
Page 62
ProSafe Managed Switch
show ip dhcp server pools - Displays the DHCP server pools.
option - Sets the pool specific DHCP server option.
network
This command sets the network IP address and mask in DHCP server configuration
parameters. The no form of the command deletes the network IP address and mask from
DHCP server configuration. This command is valid for DHCP sub network address pools
only.
Syntax network <network-IP>{<mask>| / <prefix-length (1-31)> } [start-ip
<ucast_addr>] [end-ip <ucast_addr>]
no network
Mode DHCP Pool Configuration
network-IP - Network IP address of the DHCP pool.
mask - Subnet mask of the DHCP pool.
prefix-length - The number of bits that comprise the address prefix. Prefix is an
alternative way of specifying the network mask of the client. The prefix length must be
preceded by a forward slash (/).
start ip - Start IP address of the pool.
end ip - End IP address of the pool.
Example
-----------------------------------------------------------------------------(JGSM7224)(dhcp-config)# network 20.0.0.0 255.0.0.0 start-ip 20.0.0.10
(JGSM7224)(dhcp-config)#
------------------------------------------------------------------------------
Related Commands
service dhcp - Enables the DHCP server.
show ip dhcp server information - Displays the server information.
show ip dhcp server pools - Displays the DHCP server pools.
show ip dhcp server binding - Displays the DHCP server binding information.
show ip dhcp server statistics - Displays the DHCP server statistics.
excluded-address
This command creates an excluded pool to prevent the DHCP Server from assigning certain
addresses. The no form of the command deletes the excluded pool. The DHCP server
assumes that all pool addresses can be assigned to clients. This command is used to
DHCP
62
Page 63
ProSafe Managed Switch
exclude a single IP address or a range of IP addresses. If a client sends a DECLINE packet
to decline an address, this address will be added to the excluded address pool.
Syntax excluded-address <low-address> <high-address>
no excluded-address <low-address> <high-address>
Mode DHCP Pool Configuration
low-address - The excluded IP address, or first IP address in an excluded address range.
high-address - The last IP address in the excluded address range.
Example
-----------------------------------------------------------------------------(JGSM7224)(dhcp-config)# excluded-address 20.0.0.1 20.0.0.30
(JGSM7224)(dhcp-config)#
------------------------------------------------------------------------------
Related Commands
network - Sets the network IP and mask in DHCP server configuration parameters.
service dhcp - Enables the DHCP server.
show ip dhcp server information - Displays the server information.
show ip dhcp server pools - Displays the DHCP server pools.
show ip dhcp server binding - Displays the DHCP server binding information.
show ip dhcp server statistics - Displays the DHCP server statistics.
domain-name
This command sets the domain name in the DHCP server configuration parameters. The no
form of the command deletes the domain name from the DHCP server configuration
parameters. The configuration of this command takes effect only after configuring the
network address pool using the network command.
Syntax domain-name <domain (63)>
no domain-name
Mode DHCP Pool Configuration
domain - Client’s domain name string.
Example
-----------------------------------------------------------------------------(JGSM7224)(dhcp-config)# domain-name netgear
(JGSM7224)(dhcp-config)#
------------------------------------------------------------------------------
DHCP
63
Page 64
ProSafe Managed Switch
Related Commands
service dhcp - Enables the DHCP server.
show ip dhcp server information - Displays the server information.
show ip dhcp server pools - Displays the DHCP server pools.
show ip dhcp server binding - Displays the DHCP server binding information.
show ip dhcp server statistics - Displays the DHCP server statistics.
network - Configures the network IP address of the DHCP Address Pool.
dns-server
This command is used to specify the IP address of a DNS server available to a DHCP client.
The no form of the command deletes the DNS server from the DHCP server configuration
parameters. If DNS IP servers are not configured for a DHCP client, the client cannot
correlate host names to IP addresses. The configuration of this command takes effect only
after configuring the network address pool using network command.
Syntax dns-server <ip address>
no dns-server
Mode DHCP Pool Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(dhcp-config)# dns-server 20.0.0.1
(JGSM7224)(dhcp-config)#
------------------------------------------------------------------------------
Related Commands
service dhcp - Enables the DHCP server.
show ip dhcp server information - Displays the server information.
show ip dhcp server pools - Displays the DHCP server pools.
show ip dhcp server binding - Displays the DHCP server binding information.
show ip dhcp server statistics - Displays the DHCP server statistics.
network - Configures the network IP address of the DHCP Address Pool.
DHCP
64
Page 65
ProSafe Managed Switch
netbios-name-server
This command sets the NetBIOS (WINS) name servers in the DHCP server configuration
parameters. The no form of the command deletes the NetBIOS name server from the DHCP
configuration parameters. The configuration of this command takes effect only after
configuring the network address pool using network command.
Syntax netbios-name-server <ip address>
no netbios-name-server
Mode DHCP Pool Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(dhcp-config)# netbios-name-server 20.0.0.3
(JGSM7224)(dhcp-config)#
------------------------------------------------------------------------------
Related Commands
service dhcp - Enables the DHCP server.
show ip dhcp server information - Displays the server information.
show ip dhcp server pools - Displays the DHCP server pools.
show ip dhcp server binding - Displays the DHCP server binding information.
show ip dhcp server statistics - Displays the DHCP server statistics.
network - Configures the network IP address of the DHCP Address Pool.
netbios-node-type
This command is used to set the NetBios node type in the DHCP server configuration
parameters. The no form of this command is used to delete the NetBios node type from the
DHCP server configuration parameters.
The NetBIOS node type for Microsoft DHCP clients can be one of the four settings:
broadcast, peer-to-peer, mixed, or hybrid. The recommended type is hybrid node. The
configuration of this command takes effect only after configuring the network address pool
using network command.
Syntax netbios-node-type{ <0-FF> | b-node | h-node | m-node | p-node}
no netbios-node-type
Mode DHCP Pool Configuration
0-FF - Node type value.
b-node - Broadcast node.
DHCP
65
Page 66
ProSafe Managed Switch
h-node - Hybrid node.
m-node - Mixed node.
p-node - Peer-to-peer node.
Example
-----------------------------------------------------------------------------(JGSM7224)(dhcp-config)# netbios-node-type h-node
(JGSM7224)(dhcp-config)#
------------------------------------------------------------------------------
Related Commands
service dhcp-server - Enables the DHCP server.
show ip dhcp server information - Displays the server information.
show ip dhcp server pools - Displays the DHCP server pools.
show ip dhcp server binding - Displays the DHCP server binding information.
show ip dhcp server statistics - Displays the DHCP server statistics.
network - Configures the network IP address of the DHCP Address Pool.
default-router
This command sets the default router in the DHCP server configuration parameters. The no
form of the command deletes the default router from the DHCP server configuration
parameters. The configuration of this command takes effect only after configuring the
network address pool using network command.
Syntax default-router <ip address>
no default-router
Mode DHCP Pool Configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(dhcp-config)# default-router 10.23.2.99
(JGSM7224)(dhcp-config)#
------------------------------------------------------------------------------
Related Commands
service dhcp-server - Enables the DHCP server.
show ip dhcp server information - Displays the server information.
show ip dhcp server pools - Displays the DHCP server pools.
DHCP
66
Page 67
ProSafe Managed Switch
show ip dhcp server binding - Displays the DHCP server binding information.
show ip dhcp server statistics - Displays the DHCP server statistics.
network - Configures the network IP address of the DHCP Address Pool.
option
This command sets the pool-specific DHCP server option. The no form of the command
deletes the pool-specific DHCP server option.
The subnet-specific options take precedence over global options and the host specific
options take precedence over global and subnet options.
RFC 2132 provides details about option code to option name mapping and the option length
information.
The following is the list of supported and configurable DHCP options with their corresponding
option length values:
• Options 19, 20, 27, 29, 30, 31, 34, 36, 39, 46 must have length 1
• Options 12, 14, 15, 17, 18, 40, 43, 47, 64, 66, 67 must have length>=1
• Option 16 must have minimum length 4 and the value for this option must be an IP
address and Option 25 can have a length of 2 and 2*n
• Option 68 must have length 4 and the value for this option must be an IP address
• Options 2-11, 41, 42, 44, 45, 48, 49, 65, 69, 70-76 must have a length of 4. Value for
these options must be an IP address
• Options 21, 33 must have minimum length as 8 and 8*n
• Options 0, 1, 22-24, 26, 28, 32, 35, 37, 38, 50-63, 77-255 are not configurable using this
command
• Option 1 is set when configuring the network mask
The network pool must be configured prior to the execution of this command. Only then the
configured option is visible to the user in the show command output. If the network pool is
deleted, then the option configured for that network pool will also be deleted.
Syntax option <code (1-255)> ascii <string> | hex <Hex String> | ip <address>}
no option <code (1-255)>
Mode DHCP Pool Configuration
code - Option Code.
ascii - ASCII string.
hex - Hexadecimal string.
ip - IP address.
DHCP
67
Page 68
ProSafe Managed Switch
Example
-----------------------------------------------------------------------------(JGSM7224)(dhcp-config)# option 19 hex f
(JGSM7224)(dhcp-config)#
------------------------------------------------------------------------------
Related Commands
service dhcp - Enables the DHCP server.
ip dhcp pool - Creates a DHCP server address pool and places the user in the DHCP
pool configuration mode.
ip dhcp option - Sets the DHCP server options.
network - Sets the network IP and mask in DHCP server configuration parameters.
show ip dhcp server pools - Displays the DHCP server pools.
lease
This command configures the duration of the lease for an IP address that is assigned from
JGSM7224 Dynamic Host Configuration Protocol (DHCP) Server to a DHCP client. The no
form of this command restores the default value of 3600 seconds.
Default 3600 seconds
Syntax lease {<days (0-365)> [<hours (0-23)> [<minutes (0-59)>]] | infinite}
no lease
Mode DHCP Pool Configuration
days - Duration of the lease in number of days.
hours - Number of hours in lease.
minutes - Number of minutes in lease.
infinite - Duration of the lease is unlimited.
Example
-----------------------------------------------------------------------------(JGSM7224)(dhcp-config)# lease 1
(JGSM7224)(dhcp-config)#
------------------------------------------------------------------------------
Related Commands
service dhcp - Enables the DHCP server.
show ip dhcp server information - Displays the server information.
DHCP
68
Page 69
ProSafe Managed Switch
show ip dhcp server pools - Displays the DHCP server pools.
show ip dhcp server binding - Displays the DHCP server binding information.
show ip dhcp server statistics - Displays the DHCP server statistics.
utilization threshold
This command sets the pool utilization threshold value in percentage. If the pool utilization
reaches this threshold level, a syslog event and an SNMP trap message will be generated.
The no form of this command sets the pool utilization threshold to its default value.
Default 75
Syntax utilization threshold { <integer (0-100)> }
no utilization threshold
Mode DHCP Pool Configuration
days - Duration of the lease in number of days.
hours - Number of hours in lease.
minutes - Number of minutes in lease.
infinite - Duration of the lease is unlimited.
Example
-----------------------------------------------------------------------------(JGSM7224)(dhcp-config)# utilization threshold 76
(JGSM7224)(dhcp-config)#
------------------------------------------------------------------------------
Related Commands
show ip dhcp server pools - Displays the DHCP server pools.
logging - Enables Syslog server and configures the Syslog Server IP address, the log-level
and other Syslog related parameters.
host hardware-type
This command specifies the hardware address of a Dynamic Host Configuration Protocol
(DHCP) client and host specific DHCP options. The no form of the command deletes the host
DHCP
69
Page 70
ProSafe Managed Switch
option. The subnet-specific options take precedence over global options and the host specific
options take precedence over global and subnet options.
Syntax host hardware-type <type (0-1)> client-identifier <mac-address> option
<code 1-254)> {ascii <string> | hex <Hex String> | ip <address>}
no host hardware-type <host-hardware-type (0-1)> client-identifier
<client-mac-address> option <code (1-254)>
Mode DHCP Pool Configuration
type - 0 means an identifier other than a hardware address type, 1 means the hardware
address type.
client identifier - Host MAC address or an identifier
option - The tag octet of the DHCP option.
ascii - ASCII String.
hex - Hex String.
ip - Host IP address.
Example
-----------------------------------------------------------------------------(JGSM7224)(dhcp-config)# host hardware-type 1 client-identifier
00:11:22:33:44:55 option 3 ip 10.0.0.1
(JGSM7224)(dhcp-config)#
------------------------------------------------------------------------------
Related Commands
service dhcp - Enables the DHCP server.
ip dhcp pool - Creates a DHCP server address pool and places the user in the DHCP
pool configuration mode.
debug ip dhcp server
This command specifies the hardware address of a Dynamic Host Configuration Protocol
(DHCP) client and host specific DHCP options. The no form of the command deletes the host
option.
Default Disabled
Syntax debug ip dhcp server {all | events | packets | errors | bind}
no debug ip dhcp server {all | events | packets |errors | bind}
Mode Privileged EXEC
DHCP
70
Page 71
ProSafe Managed Switch
all - All trace messages.
events - Trace management messages.
packets - Packet related messages.
errors - Trace error code debug messages.
bind - Trace bind messages.
Example
-----------------------------------------------------------------------------(JGSM7224)# debug ip dhcp server all
(JGSM7224)#
------------------------------------------------------------------------------
Related Commands
service dhcp - Enables the DHCP server.
show ip dhcp server information - Displays the server information.
show ip dhcp server binding - Displays the DHCP server binding information.
show ip dhcp server information
This command displays the DHCP server information.
Syntax show ip dhcp server information
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show ip dhcp server information
DHCP server status : Enable
Send Ping Packets : Disable
Debug level: None
Server Address Reuse Timeout : 5 secs
Next Server Address : 0.0.0.0
Boot file name : None
(JGSM7224)#
------------------------------------------------------------------------------
DHCP
71
Page 72
ProSafe Managed Switch
Related Commands
service dhcp - Enables the DHCP server.
ip dhcp next-server - Sets the next boot server in the DHCP server configuration
parameters.
ip dhcp bootfile - Sets the boot file name in the DHCP server configuration para meters.
ip dhcp - Sets the DHCP server parameters such as enabling the ICMP echo mechanism
or offer-reuse timeout.
show ip dhcp server pools
This command displays the DHCP server pools.
Syntax show ip dhcp server pools
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show ip dhcp server pools
Pool Id : 1
------------------------------------------Subnet : 12.0.0.0
Subnet Mask : 255.0.0.0
Lease time : 180 secs
Start Ip : 12.0.0.1
End Ip : 12.255.255.254
Exclude Address Start IP : 12.0.0.1
Exclude Address End IP : 12.0.0.10
Pool Id : 2
------------------------------------------Subnet : 20.0.0.0
Subnet Mask : 255.0.0.0
Lease time : 7200 secs
Start Ip : 20.0.0.1
End Ip : 20.255.255.254
(JGSM7224)#
------------------------------------------------------------------------------
Related Commands
service dhcp - Enables the DHCP server.
ip dhcp pool - Creates a DHCP server address pool and places the user in the DHCP
pool configuration mode.
DHCP
72
Page 73
ProSafe Managed Switch
lease - Configures the duration of the lease for an IP address that is assigned from
JGSM7224 Dynamic Host Configuration Protocol (DHCP) Server to a DHCP client.
network - Sets the network IP and mask in DHCP server configuration parameters.
show ip dhcp server binding
This command displays the DHCP server binding information. Binding refers to the state of
binding. This can be offered, assigned, or probing. In offe red state the of fer is sent, but no req
has been received from the client. In assigned state the address is assigned to the client. In
probing state the address is currently being probed by the DHCP server.
Syntax show ip dhcp server binding
Mode Privileged EXEC
Example
-----------------------------------------------------------------------------(JGSM7224)# show ip dhcp server binding
Ip Hw Hw Alloc Expire Binding
Address Type Address Method Time State
------- ---- ------- ------ ------ -------
12.0.0.11 Ethernet 00:01:02:03:04:41 Dynamic 161 Assigned
20.0.0.1 Ethernet 00:01:02:03:04:31 Dynamic 7152 Assigned
(JGSM7224)#
------------------------------------------------------------------------------
Related Commands
service dhcp - Enables the DHCP server.
host hardware-type - Specifies the hardware address of a Dynamic Host Configuration
Protocol (DHCP) client.
ip dhcp option - Sets the DHCP server options.
show ip dhcp server statistics
This command displays the DHCP server statistics.
Syntax show ip dhcp server statistics
Mode Privileged EXEC
DHCP
73
Page 74
ProSafe Managed Switch
Example
-----------------------------------------------------------------------------(JGSM7224)# show ip dhcp server statistics
Address pools : 2
Message Received
------- -------DHCPDISCOVER 6
DHCPREQUEST 2
DHCPDECLINE 0
DHCPRELEASE 0
DHCPINFORM 0
Message Sent
------- ---DHCPOFFER 6
DHCPACK 2
DHCPNAK 0
(JGSM7224)#
------------------------------------------------------------------------------
Related Commands
service dhcp-server - Enables the DHCP server.
ip dhcp pool - Creates a DHCP server address pool and places the user in the DHCP
pool configuration mode.
ip dhcp - Sets the DHCP server parameters such as enabling the ICMP echo mechanism
or offer-reuse timeout.
show ip dhcp server pools - Displays the DHCP server pools.
DHCP
74
Page 75
7. DHCP L2 Relay
In some networks, DHCP servers rely on Relay Agent Information option appended by Relay
Agents for IP address and other parameter assignment policies. This works fine when end
hosts are directly connected to Relay Agents. In some network configurations, one or more
Layer 2 devices might reside between DHCP clients and Relay agent. In these network
scenarios, it is difficult to use the Relay Agent Information option for IP address and other
parameter assignment policies effectively. So there is a need for the device that is closest to
the end hosts to append a Relay Agent Information option in DHCP messages. These
devices are typically known as Layer 2 Relay Agents.
dhcp l2relay
This command enables or disables the DHCP l2 relay globally or on a specific interface.
Format dhcp l2relay
no dhcp l2relay
7
Mode • Global Configuration Mode
• Interface Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)(config)# dhcp l2relay
(JGSM7224)(config)#
(JGSM7224)(config)# interface 0/1
(JGSM7224)(config-if)# dhcp l2relay
-----------------------------------------------------------------------------
Related Commands
show dhcp l2relay all - Displays all configuration of the DHCP l2 Relay
show dhcp l2relay interface - Displays the DHCP l2 Relay interface configuration
75
Page 76
ProSafe Managed Switch
dhcp l2relay vlan
This command enables or disables the DHCP l2 relay on a specific vlan.
Format dhcp l2relay vlan <vlan_list>
no dhcp l2relay vlan <vlan_list>
Mode Global Configuration Mode
<vlan_list> - Enter VLAN IDs in range <1-4094>. Use '-' to specify a range, or ',' to
separate VLAN IDs in a list. Spaces and zeros are not permitted.
Example
----------------------------------------------------------------------------(JGSM7224)(config)# dhcp l2relay vlan 1-3,4
(JGSM7224)(config)#
-----------------------------------------------------------------------------
Related Commands
show dhcp l2relay all - Displays all configuration of the DHCP l2 Relay
show dhcp l2relay agent-option - Displays the DHCP l2 Relay agent-option
show dhcp l2relay vlan - Displays the DHCP l2 Relay vlan configuration
dhcp l2relay circuit-id
This command enables or disables the DHCP l2 relay circuit-id insertion of option 82 on a
specific vlan.
Format dhcp l2relay circuit-id <vlan_list>
no dhcp l2relay circuit-id <vlan_list>
Mode
<vlan_list> - Enter VLAN IDs in range <1-4094>. Use '-' to specify a range, or ',' to
separate VLAN IDs in a list. Spaces and zeros are not permitted.
Example
----------------------------------------------------------------------------(JGSM7224)(config)# dhcp l2relay circuit-id 1-3,4
(JGSM7224)(config)#
The format of the circuit id:
Length Length
| |
1 10 0 8 VLAN SLOT PORT
Global Configuration Mode
DHCP L2 Relay
76
Page 77
ProSafe Managed Switch
--------------------------------------------1byte 1byte 1byte 1byte 4 bytes 2bytes 2bytes
----|---------|----------------------------- | |
SubOption CircuitID
Type Type
-----------------------------------------------------------------------------
Related Commands
show dhcp l2relay all - Displays all configuration of the DHCP l2 Relay
show dhcp l2relay agent-option - Displays the DHCP l2 Relay agent-option
show dhcp l2relay circuit-id - Displays the DHCP l2 Relay circuit id configuration
dhcp l2relay remote-id
This command enables or disables the DHCP l2 relay remote-id insertion of option 82 on a
specific vlan. If it is disabled, the remote-id will not be added.
Format dhcp l2relay remote-id <string> <vlan_list>
no dhcp l2relay remote-id <vlan_list>
Mode
Global Configuration Mode
<vlan_list> - Enter VLAN IDs in range <1-4094>. Use '-' to specify a range, or ',' to
separate VLAN IDs in a list. Spaces and zeros are not permitted.
<String> - Remote-id suboption string of n charaters(1-32)
Example
----------------------------------------------------------------------------(JGSM7224)(config)# dhcp l2relay remote-id netgear 1-3,4
(JGSM7224)(config)#
-----------------------------------------------------------------------------
Related Commands
show dhcp l2relay all - Displays all configuration of the DHCP l2 Relay
show dhcp l2relay agent-option - Displays the DHCP l2 Relay agent-option
show dhcp l2relay remote-id - Displays the DHCP l2 Relay remote ID configuration
DHCP L2 Relay
77
Page 78
ProSafe Managed Switch
dhcp l2relay trust
This command set the interface as trust/untrust.
Format dhcp l2relay trust
no dhcp l2relay trust
Mode Interface Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)(config)# interface 0/1
(JGSM7224)(config-if)# dhcp l2relay trust
-----------------------------------------------------------------------------
Related Commands
show dhcp l2relay all - Displays all configuration of the DHCP l2 Relay
show dhcp l2relay interface - Displays the DHCP l2 Relay interface configuration
show dhcp l2relay all
This command shows the complete configuration of the DHCP l2 Relay.
Format show dhcp l2relay all
Mode Privileged Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)# show dhcp l2relay all
DHCP L2 Relay is Disabled. DHCP L2 Relay Debug:
Interface L2RelayMode TrustMode
0/1 Disabled Untrusted
0/2 Disabled Untrusted
0/3 Disabled Untrusted
0/4 Disabled Untrusted
0/5 Disabled Untrusted
0/6 Disabled Untrusted
0/7 Disabled Untrusted
0/8 Disabled Untrusted
0/9 Disabled Untrusted
0/10 Disabled Untrusted
0/11 Disabled Untrusted
DHCP L2 Relay
78
Page 79
ProSafe Managed Switch
0/12 Disabled Untrusted
0/13 Disabled Untrusted
0/14 Disabled Untrusted
0/15 Disabled Untrusted
0/16 Disabled Untrusted
0/17 Disabled Untrusted
0/18 Disabled Untrusted
0/19 Disabled Untrusted
0/20 Disabled Untrusted
0/21 Disabled Untrusted
0/22 Disabled Untrusted
0/23 Disabled Untrusted
0/24 Disabled Untrusted
VLAN Id L2 Relay CircuitId RemoteId
------- -------- --------- -------1 Enabled Disabled
2 Enabled Enabled netgear
3 Enabled Disabled
(JGSM7224)#
-----------------------------------------------------------------------------
Related Commands
dhcp l2relay - Configure the dhcp l2 relay globally or on specific interfaces
dhcp l2relay vlan - Configure the dhcp l2 relay on specific VLAN
dhcp l2relay circuit-id - Configures the dhcp l2 relay circuit id on specific VLAN
dhcp l2relay remote-id - Configures the dhcp l2 relay remote ID on specific VLAN
dhcp l2relay trust - Configures the dhcp l2 relay trust mode on specific interface
show dhcp l2relay agent-option
This command shows the DHCP l2 Relay agent-option.
Format show dhcp l2relay agent-option
Mode Privileged Configuration Mode
DHCP L2 Relay
79
Page 80
ProSafe Managed Switch
Example
----------------------------------------------------------------------------(JGSM7224)# show dhcp l2relay agent-option vlan 1-3
DHCP L2 Relay is Disabled.
DHCP L2 Relay Debug:
VLAN Id L2 Relay CircuitId RemoteId
------- -------- --------- -------1 Enabled Disabled
2 Enabled Enabled netgear
3 Enabled Disabled
(JGSM7224)#
-----------------------------------------------------------------------------
Related Commands
dhcp l2relay vlan - Configure the dhcp l2 relay on specific VLAN
dhcp l2relay circuit-id - Configures the dhcp l2 relay circuit ID on specific VLAN
dhcp l2relay remote-id - Configures the dhcp l2 relay remote ID on specific VLAN
show dhcp l2relay circuit-id
This command shows the DHCP l2 Relay circuit-id enabled on a specific vlan.
Format show dhcp l2relay circuit-id vlan <vlan-list>
Mode Privileged Configuration Mode
<vlan_list> - Enter VLAN IDs in range <1-4094>. Use '-' to specify a range, or ',' to
separate VLAN IDs in a list. Spaces and zeros are not permitted.
Example
----------------------------------------------------------------------------(JGSM7224)# show dhcp l2relay circuit-id vlan 1-3
DHCP L2 Relay is Disabled.
DHCP L2 Relay Debug:
DHCP Circuit-Id option is enabled on the following VLANs: 2
(JGSM7224)#
-----------------------------------------------------------------------------
Related Command
dhcp l2relay circuit-id - Configures the dhcp l2 relay circuit ID on a specific VLAN
DHCP L2 Relay
80
Page 81
ProSafe Managed Switch
show dhcp l2relay remote-id
This command shows the DHCP l2 Relay remote-id on a specific vlan.
Format show dhcp l2relay remote-id vlan <vlan-list>
Mode Privileged Configuration Mode
<vlan_list> - Enter VLAN IDs in range <1-4094>. Use '-' to specify a range, or ',' to
separate VLAN IDs in a list. Spaces and zeros are not permitted.
Example
----------------------------------------------------------------------------(JGSM7224 # show dhcp l2relay remote-id vlan 1-3
DHCP L2 Relay is Disabled.
DHCP L2 Relay Debug:
VLAN ID RemoteId
1
2 netgear
3
(JGSM7224)#
-----------------------------------------------------------------------------
Related Command
dhcp l2relay remote-id - Configures the dhcp l2 relay remote ID on a specific VLAN
show dhcp l2relay vlan
This command shows the DHCP l2 Relay enabled on a specific vlan.
Format show dhcp l2relay vlan <vlan-list>
Mode Privileged Configuration Mode
<vlan_list> - Enter VLAN IDs in range <1-4094>. Use '-' to specify a range, or ',' to
separate VLAN IDs in a list. Spaces and zeros are not permitted.
Example
----------------------------------------------------------------------------(JGSM7224)# show dhcp l2relay vlan 1-3
DHCP L2 Relay is Disabled.
DHCP L2 Relay Debug:
DHCP L2 Relay is enabled on the following VLANs: 1-3
(JGSM7224)#
-----------------------------------------------------------------------------
DHCP L2 Relay
81
Page 82
ProSafe Managed Switch
Related Command
dhcp l2relay vlan - Configures the dhcp l2 relay on a specific VLAN
show dhcp l2relay stats
This command shows the DHCP l2 Relay statistics.
Format show dhcp l2relay stats interface { all | <slot/port> |
port-channel <1-8> }
Mode Privileged Configuration Mode
<slot/port> - Enter interface in slot/port format.
Example
----------------------------------------------------------------------------(JGSM7224)# show dhcp l2relay stats interface all
Interface UntrustedServer UntrustedClient TrustedServer TrustedClient
MsgsWithOpt82 MsgsWithOpt82 MsgsWithoutOpt82 MsgsWithoutOpt82
----------------------------------------------------------------------------0/1 0 0 0 0
0/2 0 0 0 0
0/3 0 0 0 0
0/4 0 0 0 0
0/5 0 0 0 0
0/6 0 0 0 0
0/7 0 0 0 0
0/8 0 0 0 0
0/9 0 0 0 0
0/10 0 0 0 0
0/11 0 0 0 0
0/12 0 0 0 0
0/13 0 0 0 0
0/14 0 0 0 0
0/15 0 0 0 0
0/16 0 0 0 0
0/17 0 0 0 0
0/18 0 0 0 0
0/19 0 0 0 0
0/20 0 0 0 0
0/21 0 0 0 0
0/22 0 0 0 0
0/23 0 0 0 0
DHCP L2 Relay
82
Page 83
ProSafe Managed Switch
0/24 0 0 0 0
(JGSM7224)# show dhcp l2relay stats interface 0/1
Interface UntrustedServer UntrustedClient TrustedServer TrustedClient
MsgsWithOpt82 MsgsWithOpt82 MsgsWithoutOpt82 MsgsWithoutOpt82
----------------------------------------------------------------------------0/1 0 0 0 0
(JGSM7224)#
-----------------------------------------------------------------------------
Related Command
clear dhcp l2relay statistics - Clear the dhcp l2 relay statistics
show dhcp l2relay interface
This command shows the DHCP l2 Relay interface configuration.
Format show dhcp l2relay interface { all | <slot/port> | port-channel
<1-8> }
Mode Privileged Configuration Mode
<slot/port> - Enter interface in slot/port format.
Example
----------------------------------------------------------------------------(JGSM7224)# show dhcp l2relay interface all
DHCP L2 Relay is Disabled.
DHCP L2 Relay Debug:
Interface L2RelayMode TrustMode
0/1 Disabled Untrusted
0/2 Disabled Untrusted
0/3 Disabled Untrusted
0/4 Disabled Untrusted
0/5 Disabled Untrusted
0/6 Disabled Untrusted
0/7 Disabled Untrusted
0/8 Disabled Untrusted
0/9 Disabled Untrusted
0/10 Disabled Untrusted
0/11 Disabled Untrusted
0/12 Disabled Untrusted
0/13 Disabled Untrusted
DHCP L2 Relay
83
Page 84
ProSafe Managed Switch
0/14 Disabled Untrusted
0/15 Disabled Untrusted
0/16 Disabled Untrusted
0/17 Disabled Untrusted
0/18 Disabled Untrusted
0/19 Disabled Untrusted
0/20 Disabled Untrusted
0/21 Disabled Untrusted
0/22 Disabled Untrusted
0/23 Disabled Untrusted
0/24 Disabled Untrusted
(JGSM7224)# show dhcp l2relay interface 0/1
DHCP L2 Relay is Disabled.
DHCP L2 Relay Debug:
Interface L2RelayMode TrustMode
--------- ----------- --------0/1 Disabled Untrusted
(JGSM7224)#
-----------------------------------------------------------------------------
Related Commands
dhcp l2relay - Configures the dhcp l2 relay globally or on specific interfaces
dhcp l2relay trust - Configures the dhcp l2 relay trust mode on specific interface
clear dhcp l2relay statistics
This command clears the DHCP l2 Relay interface statistics.
Format clear dhcp l2relay statistics
Mode Privileged Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)# clear dhcp l2relay statistics
(JGSM7224)#
-----------------------------------------------------------------------------
DHCP L2 Relay
84
Page 85
ProSafe Managed Switch
Related Command
show dhcp l2relay stats - Displays the dhcp l2 relay statistics
debug dhcp l2relay
This command debugs the DHCP l2 Relay process.
Format debug dhcp l2relay { all | event | fail | packet | trace }
no debug dhcp l2relay { all | event | fail | packet | trace }
Mode Privileged Configuration Mode
all - debug all
event - debug the event
fail - debug the failure
packet - debug the packet
trace - trace debug
Example
----------------------------------------------------------------------------(JGSM7224)# debug dhcp l2relay all
(JGSM7224)#
-----------------------------------------------------------------------------
DHCP L2 Relay
85
Page 86
8. DHCP Snooping
DHCP snooping is a DHCP security feature that filters untrusted DHCP messages and builds
and maintains a DHCP snooping binding table. An untrusted message is one that is received
from outside the network or firewall and that can cause traffic attacks within your network.
The DHCP snooping binding table contains the MAC address, IP address, lease time,
binding type, VLAN number , and interface information that corresponds t o the local untrusted
interfaces of a switch; it does not contain information regarding hosts interconnected with a
trusted interface. An untrusted interface is an interface that is configured to receive
messages from outside the network or firewall. A trusted interface is an interface that is
configured to receive only messages from within the network.
ip dhcp snooping
Use this command to enable or disable DHCP snooping globally . DHCP snooping cannot be
enabled with the DHCP server at the same time.
8
Format ip dhcp snooping
no ip dhcp snooping
Mode Global Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)(config)# ip dhcp snooping
(JGSM7224)(config)#
-----------------------------------------------------------------------------
Related Command
show ip dhcp snooping - Display the DHCP Snooping global
86
Page 87
ProSafe Managed Switch
ip dhcp snooping verify mac-address
Use this command to enable or disable verification of the source MAC address with the client
hardware address in the received DHCP message.
Format ip dhcp snooping verify mac-address
no ip dhcp snooping verify mac-address
Mode Global Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)(config)# ip dhcp snooping verify mac-address
(JGSM7224)(config)#
-----------------------------------------------------------------------------
Related Command
show ip dhcp snooping - Display the DHCP Snooping global
ip dhcp snooping vlan
Use this command to enable or disable DHCP snooping on a list of comma-separat ed VLAN
ranges.
Format ip dhcp snooping vlan <vlan_list>
no ip dhcp snooping vlan <vlan_list>
Mode Global Configuration Mode
<vlan_list> - Enter VLAN IDs in range <1-4094>. Use '-' to specify a range, or ',' to
separate VLAN IDs in a list. Spaces and zeros are not permitted.
Example
----------------------------------------------------------------------------(JGSM7224)(config)# ip dhcp snooping vlan 1-3
(JGSM7224)(config)#
-----------------------------------------------------------------------------
Related Command
show ip dhcp snooping - Display the DHCP Snooping global
DHCP Snooping
87
Page 88
ProSafe Managed Switch
ip dhcp snooping binding
Use this command to configure static DHCP Snooping binding.
Format ip dhcp snooping binding <ucast_mac> vlan <1-4094> <ucast_addr>
interface { <slot/port> | port-channel <1-8> }
no ip dhcp snooping binding <ucast_mac>
Mode Global Configuration Mode
<ucast_mac> - Enter the MAC address field of the binding.
<ucast_addr> - Enter the IPv4 address field of the binding.
<slot/port> - Enter interface in slot/port format.
Example
----------------------------------------------------------------------------(JGSM7224)(config)# ip dhcp snooping binding 00:11:22:33:44:55 vlan 1
192.168.0.10 interface 0/1
(JGSM7224)(config)#
-----------------------------------------------------------------------------
Related Commands
show ip dhcp snooping binding - Display the DHCP Snooping binding
clear ip dhcp snooping binding - Clear the DHCP Snooping binding
ip dhcp snooping database
Use this command to configure the persistent location of the DHCP Snooping dat abase. This
can be local of a remote file on a given IP machine.
Format ip dhcp snooping database { <tftp_url> | local }
Mode Global Configuration Mode
<tftp_url> - Remote server address and filename in the format
tftp://<ipv4address>/<filename>
Example
----------------------------------------------------------------------------(JGSM7224)(config)# ip dhcp snooping database tftp://192.168.0.10/dhsnp.cfg
(JGSM7224)(config)#
-----------------------------------------------------------------------------
DHCP Snooping
88
Page 89
ProSafe Managed Switch
Related Command
show ip dhcp snooping database - Display the DHCP Snooping configuration related
to the database persistency
ip dhcp snooping database write-delay
Use this command to configure the interval in seconds at which the DHCP Snooping
database will be persisted. The interval value ranges from 15 to 86400 seconds.The no
command sets the value to the default (300).
Format ip dhcp snooping database write-delay <15-86400>
no ip dhcp snooping database write-delay
Mode Global Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)(config)# ip dhcp snooping database write-delay 100
(JGSM7224)(config)#
-----------------------------------------------------------------------------
Related Command
show ip dhcp snooping database - Display the DHCP Snooping configuration related
to the database persistency
ip dhcp snooping limit
Use this command to control the rate at which the DHCP Snooping messages come. The
default rate is 15 pps with a range from 0 to 100 pps. The default burst level is 1 second with
a range of 1 to 15 seconds. The limit none will disable the control. The no form of the
command sets the limit to the default.
Format ip dhcp snooping limit { none | rate <0-100> [ burst interval
<1-15> ] }
no ip dhcp snooping limit
Mode Interface Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)(config)# interface 0/1
(JGSM7224)(config-if)# ip dhcp snooping limit rate 25 burst interval 6
(JGSM7224)(config-if)#
-----------------------------------------------------------------------------
DHCP Snooping
89
Page 90
ProSafe Managed Switch
Related Command
show ip dhcp snooping interfaces - Display the DHCP Snooping per port
configurations
ip dhcp snooping log-invalid
Use this command to control the logging DHCP messages filtration by the DHCP Snooping.
The default is disabled.
Format ip dhcp snooping log-invalid
no ip dhcp snooping log-invalid
Mode Interface Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)(config)# interface 0/1
(JGSM7224)(config-if)# ip dhcp snooping log-invalid
(JGSM7224)(config-if)#
-----------------------------------------------------------------------------
Related Command
show ip dhcp snooping interfaces - Display the DHCP Snooping per port
configurations
ip dhcp snooping trust
Use this command to configure the port as trusted or untrusted. The default is untrusted.
Format ip dhcp snooping trust
no ip dhcp snooping trust
Mode Interface Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)(config)# interface 0/1
(JGSM7224)(config-if)# ip dhcp snooping trust
(JGSM7224)(config-if)#
-----------------------------------------------------------------------------
DHCP Snooping
90
Page 91
ProSafe Managed Switch
Related Command
show ip dhcp snooping interfaces - Display the DHCP Snooping per port
configurations
show ip dhcp snooping
Use this command to display the DHCP Snooping global configurations.
Format show ip dhcp snooping
Mode Privileged Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)# show ip dhcp snooping
DHCP Snooping Mode: Disabled
MAC Address Validation: Disabled
DHCP Snooping is configured on the following VLANs: 1-3
DHCP Snooping Debug: event bind
(JGSM7224)#
-----------------------------------------------------------------------------
Related Commands
ip dhcp snooping - Configure the DHCP Snooping globally
ip dhcp snooping verify mac-address - Configure the DHCP Snooping verification
ip dhcp snooping vlan - Configure the DHCP Snooping on specific vlan
debug ip dhcp snooping - Configure the DHCP Snooping debug
show ip dhcp snooping binding
Use this command to display the DHCP Snooping binding entries.
Format show ip dhcp snooping binding
Mode Privileged Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)# show ip dhcp snooping binding
MacAddress IpAddress VLAN Interface Type Lease(sec)
0011.2233.4455 192.168.0.25 1 0/1 Static
Total Number Of Bindings: 1
DHCP Snooping
91
Page 92
ProSafe Managed Switch
(JGSM7224)#
-----------------------------------------------------------------------------
Related Command
ip dhcp snooping binding - Configure the static binding
show ip dhcp snooping database
Use this command to display the DHCP Snooping configuration related to the database
persistency.
Format show ip dhcp snooping database
Mode Privileged Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)# show ip dhcp snooping database
Log File Store Type: remote
Agent IP: 192.168.0.10
Agent File: dhsnp.cfg
Write-delay: 300 seconds.
(JGSM7224)#
-----------------------------------------------------------------------------
Related Commands
ip dhcp snooping database - Configure the persistent location of the DHCP Snooping
database
ip dhcp snooping database write-delay - Configure the interval in seconds at
which the DHCP Snooping database will be persisted
show ip dhcp snooping statistics
Use this command to list statistics for DHCP Snooping security violations on untrusted ports.
Format show ip dhcp snooping statistics
Mode Privileged Configuration Mode
DHCP Snooping
92
Page 93
ProSafe Managed Switch
Example
----------------------------------------------------------------------------(JGSM7224)# show ip dhcp snooping statistics
Interface MAC Verify Client Ifc DHCP Server
Failures Mismatch Msgs Rec'd
0/1 0 0 0
0/2 0 0 0
0/3 0 0 0
0/4 0 0 0
0/5 0 0 0
0/6 0 0 0
0/7 0 0 0
0/8 0 0 0
0/9 0 0 0
0/10 0 0 0
0/11 0 0 0
0/12 0 0 0
0/13 0 0 0
0/14 0 0 0
0/15 0 0 0
0/16 0 0 0
0/17 0 0 0
0/18 0 0 0
0/19 0 0 0
0/20 0 0 0
0/21 0 0 0
0/22 0 0 0
0/23 0 0 0
0/24 0 0 0
(JGSM7224)#
-----------------------------------------------------------------------------
Related Command
clear ip dhcp snooping statistics - Clear the DHCP snooping statistics
show ip dhcp snooping interfaces
Use this command to display the DHCP Snooping per port configurations.
Format show ip dhcp snooping interfaces
Mode Privileged Configuration Mode
DHCP Snooping
93
Page 94
ProSafe Managed Switch
Example
----------------------------------------------------------------------------(JGSM7224)# show ip dhcp snooping interfaces
Interface Trust State Logging-Invalid Rate Limit Burst Interval
Packets (pps) (seconds)
0/1 No Enabled 25 6
0/2 No Disabled 15 1
0/3 No Disabled 15 1
0/4 No Disabled 15 1
0/5 No Disabled 15 1
0/6 No Disabled 15 1
0/7 No Disabled 15 1
0/8 No Disabled 15 1
0/9 No Disabled 15 1
0/10 No Disabled 15 1
0/11 No Disabled 15 1
0/12 No Disabled 15 1
0/13 No Disabled 15 1
0/14 No Disabled 15 1
0/15 No Disabled 15 1
0/16 No Disabled 15 1
0/17 No Disabled 15 1
0/18 No Disabled 15 1
0/19 No Disabled 15 1
0/20 No Disabled 15 1
0/21 No Disabled 15 1
0/22 No Disabled 15 1
0/23 No Disabled 15 1
0/24 No Disabled 15 1
(JGSM7224)#
-----------------------------------------------------------------------------
Related Commands
ip dhcp snooping limit - Configure the DHCP snooping packet control
ip dhcp snooping log-valid - Configure the DHCP snooping logging
ip dhcp snooping trust - Configure the DHCP snooping port mode
DHCP Snooping
94
Page 95
ProSafe Managed Switch
clear ip dhcp snooping binding
Use this command to clear all DHCP Snooping bindings on all interfaces or on a specific
interface.
Format clear ip dhcp snooping binding [interface { <slot/port> |
port-channel <1-8>}] | [vlan <1-4094>]
Mode Privileged Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)# clear ip dhcp snooping binding vlan 1
(JGSM7224)#
-----------------------------------------------------------------------------
Related Command
ip dhcp snooping binding - Configure the static binding
clear ip dhcp snooping statistics
Use this command to clear all DHCP Snooping statistics.
Format clear ip dhcp snooping statistics
Mode Privileged Configuration Mode
Example
----------------------------------------------------------------------------(JGSM7224)# clear ip dhcp snooping statistics
(JGSM7224)#
-----------------------------------------------------------------------------
Related Command
show ip dhcp snooping statistics - Displays the DHCP snooping statistics
debug ip dhcp snooping
Use this command to debug the DHCP Snooping process.
Format debug dhcp l2relay { all | bind | event | fail | packet | trace }
no debug dhcp l2relay { all | bind | event | fail | packet | trace }
Mode Privileged Configuration Mode
DHCP Snooping
95
Page 96
ProSafe Managed Switch
all - debug all
bind - debug binding
event - debug the event
fail - debug the failure
packet - debug the packet
trace - trace debug
Example
----------------------------------------------------------------------------(JGSM7224)# debug ip dhcp snooping all
(JGSM7224)#
-----------------------------------------------------------------------------
Related Command
show ip dhcp snooping - Displays the DHCP snooping global
DHCP Snooping
96
Page 97
9. SNTP
SNTP is a protocol for synchronizing the clocks of computer systems over packet-switched,
variable-latency data networks. It is a simplified access strategy for servers and clients using
NTP as now specified and deployed in the Internet. The access paradigm is identical to the
UDP/TIME Protocol and, in fact, it should be easily possible to adapt a UDP/TIME client
implementation to operate using SNTP. Moreover, SNTP is also designed to operate in a
dedicated server configuration including an integrated radio clock.
sntp
This command enters SNTP configuration mode.
Syntax sntp
Mode Global configuration
9
sntp - Enter SNTP configuration
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# sntp
(JGSM7224)(config-sntp)#
-----------------------------------------------------------------------
mode
.
set sntp client
This command enables or disables SNTP
Default Disabled
Syntax set sntp client { enable | disable
Mode SNTP Configuration
enable - Enable the SNTP
disable - Disable
the
client module.
SNTP
client module.
client module
}
.
97
Page 98
ProSafe Managed Switch
Example
-----------------------------------------------------------------------------(JGSM7224)(config)# set sntp client enable
------------------------------------------------------------------------------
Related Command
show sntp
clien
t
- Displays SNTP configuration informati
on.
sntp client version
This command sets the operation of the SNTP for the client.
Default v4
Syntax sntp client version { v1 | v2 | v3 | v4
Mode SNTP Configuration
v1 - SNTP Version 1
v2 - SNTP Version 2
v3 - SNTP Version 3
v4 - SNTP Version 4
Example
-----------------------------------------------------------------------------(JGSM7224)(config)-sntp)# sntp client version v3
------------------------------------------------------------------------------
Related Command
}
show sntp
client - Displays SNTP configuration
inf
ormation
.
sntp client port
This command sets the listening port for the SNTP client greater than 1024, since below
1024 is reserved. Therefore the configurable listening port for a SNTP client starts at 1025.
The no form of command deletes the listening port for the SNTP client and sets the default
value. The SNTP client should be enabled.
Default 123
Syntax sntp client port <portno(1025-65535)>
no sntp client port
Mode SNTP Configuration
port no - Listening
port
for SNTP
client
SNTP
98
Page 99
ProSafe Managed Switch
Example
-----------------------------------------------------------------------------(JGSM7224)(config-sntp)# sntp client port 1026
------------------------------------------------------------------------------
Related Command
show sntp
clien
t
- Displays SNTP configuration
inf
ormation
.
sntp client clock-format
This command sets the system clock format as AM PM format or HOURS format.
SNTP clock format configuration in the switch is as follows:
Date - Hours, Minutes, Seconds, Date Month and Year
Month - Jan, Feb, Mar, and so on.
Year - yyyy
Default hours
Syntax sntp client clock-format { ampm | hours }
Mode SNTP Configuration
am-pm - Sets the system clock to am/pm format
hours - Sets the system clock to 24 hours format
Example
-----------------------------------------------------------------------------(JGSM7224)(config-sntp)# sntp client clock-format ampm
------------------------------------------------------------------------------
The
Related Command
show sntp clock - Displays the current time.
clock timezone
This command sets the system time zone with respect to UTC. The no form of command
resets the system time zone to GMT. The SNTP server must be enabled prior to the
execution of this command.
Syntax clock timezone <+/- UTC TimeDiff in Hrs:UTC TimeDiff in Min>
no clock timezone
Mode SNTP Configuration
SNTP
99
Page 100
ProSafe Managed Switch
+/- - After or before UTC.
UTC TimeDiff in Hrs - UTC Time difference in hours
UTC TimeDiff in Min - UTC Time difference in minutes
Example
-----------------------------------------------------------------------------(JGSM7224)(config-sntp)# clock timezone +05:30
------------------------------------------------------------------------------
Related Command
show sntp
clien
t
- Displays SNTP configuration
inf
ormation
.
clock summer-time
This command enables Daylight Saving Time. The no form of the command disables Daylight
Saving Time.
Syntax clock summer-time <week-day-month,hh:mm>
no clock
Mode SNTP Configuration
week
- First, Second, Third, Forth, or Last week of month.
Day - Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, or Saturday.
Month - January, February, March, April, May, June, July, August, September, October,
summer-time
November, or December.
hh:mm - Time in hours and minutes
Example
-----------------------------------------------------------------------------(JGSM7224)(config-sntp)# clock summer-time First-Sun-Jan,12:12
Second-Sun-Mar,12:12
------------------------------------------------------------------------------
<week-day-month,hh,mm>
Related Command
show sntp
clien
t
- Displays SNTP configuration information.
SNTP
100
Loading...