used to make any derivative work (such as translation, transformation or adaptation) without
written permission from Motorola, Inc.
Motorola reserves the right to revise this publication and to make changes in content from time to
time without obligation on the part of Motorola to provide notification of such revision or change.
Motorola provides this guide without warranty of any kind, either implied or expressed, including,
but not limited to, the implied warranties of merchantability and fitness for a par ticular purpose.
Motorola may make improvements or changes in the product(s) described in this manual at any
time. MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office.
Microsoft, Windows, Windows Me, and Windows NT are either trademarks or registered
trademarks of Microsoft Corporation in the U.S and/or other countries. Macintosh is a registered
trademark of Apple, Inc. Firefox is a registered trademark of the Mozilla Foundation. All other
product or service names are the property of their respective owners.
Motorola, Inc.
1303 East Algonquin Road
Schaumburg, Illinois 60196
USA
Index of Commands ................................................................. 1-13
6Command Line Interface Commands Reference
Introduction 1-1
Chapter 1
Introduction
This
Command Line Interface Commands Reference
Command Line Interface for the Motorola Netopia® router family. It provides information required to configure
the router firmware and troubleshoot problems using the Command Line Interface.
This document is intended for small office, home office, and remote office users, and other networking
professionals who administer networks using Motorola Netopia® routers.
contains information on the syntax and use of the
Note:
version is noted, the commands given are supported on all platforms.
Restrictions among firmware versions are noted in the body of this document. Where no firmware
New Commands in Firmware Version 8.7.4
Firmware Version 8.7.4 adds new and revised commands for the following:
IP multicast to layer 2 unicast mapping. See “IGMP Configuration Commands” on page 2-70.
■
Change backup timer from minutes to seconds. See “Backup Configuration Commands” on page 2-115.
■
■
Support for router-generated packets with source address outside of local member range for IPSec force all
tunnels. See “Unprotected Services Configuration Commands” on page 2-68.
Enhanced VLAN Support and configuration changes. See “Virtual LAN (VLAN) configuration commands” on
The command descriptions use formatted text to indicate various attributes of each command. The syntax is as
follows:
Required keywords and commands that must be typed literally are in
■
■
Optional elements are enclosed in square brackets “[]”.
■
Mutually exclusive elements are contained in braces “{}” and separated by vertical bars “|”.
Arguments for which you supply values are in
■
■
Examples of commands you type and the results of those commands are in the
■
An element that may be repeated one or more times is followed by a superscripted plus sign
■
An element that may be repeated zero or more times is followed by a superscripted asterisk
italics
.
boldface
.
courier
typeface.
“+”.
“*”.
Introduction 1-3
Interface Naming Conventions
A number of commands described in this document require you to identify the router inter face to be affected by
the command. This requires specifying both an interface type (denoted
(denoted id).
The
intf-type
argument may be replaced with one of the following keywords:
intf-type
) and an interface index
adsl | aux
If a command is not specific to a particular WAN interface type, the
the more specific
Note:
The id argument can be replaced with 0, 1, or 2, as follows:
■
■
■
So, for example, the ethernet hublet is identified as “interface ethernet 0”. In some contexts, only a WAN
interface may be specified, in which case the command syntax will specify
id
equipment.
For IDSL interfaces, use the keyword
0
means the motherboard
1
means the WAN 1 slot
2
means the WAN 2 slot
. The
wan-id
|
dds
|
ethernet
intf-type
argument can be replaced by either 1 (the WAN 1 slot) or 2 (the WAN 2 slot) on R-Series
must be specified.
|
isdn
isdn
.
|
sdsl
| t1 |
intf-type wan
wan
|
serial
may be specified; otherwise,
wan-id
instead of the more general
Security (Configuration Access)
If the device is password-protected, the device requires you to enter a name and password before you can
access the menu-based or command line console interface. See the section “Configuration Access
Commands” on page 2-3.
Entering and Editing Commands
The device’s console user interface comes up in Menu mode by default. In this mode you use the arrow,
Escape, and Return/Enter keys to navigate through a series of screens. To invoke the command line at any
time, type
Menu mode type Control-N again.
Control-N
. The console will erase the window, and you will be presented with a # prompt. To return to
1-4 Command Line Interface Commands Reference
The following table provides a description of keys that can be used when entering and editing commands.
Control indicates the Control key, which must be pressed simultaneously with the associated letter key. Escape
indicates the Escape key, which must be pressed and released first, followed by its associated letter key. Keys
are not case-sensitive.
Command Editing Keys and Functions
KeyFunction
Control-AMoves the cursor to the beginning of the command line.
Control-EMoves the cursor to the end of the command line.
Control-KDeletes all characters from the cursor to the end of the
command line.
Control-NInvokes the command line interface from the menu console.
Invokes the menu console from the command line interface.
Control-UDeletes all characters from the cursor back to the beginning of
the command line.
Control-WDeletes the word to the left of the cursor.
Escape BMoves the cursor back one word.
Escape DDeletes from the cursor to the end of the word.
Escape FMoves the cursor forward one word.
Introduction 1-5
Online Help
Beginning with Firmware Version 8.6, online help is available to prompt you when entering commands. If you
enter a partial or incorrect command, the help facility displays prompts to aler t you to the correct syntax for the
command. The help facility offers expected keywords from which to select, and an explanation of error
messages.
Example:
If you enter the partial command
the command is successfully entered.
#show snmp
; error 103: incomplete command
; acceptable next keywords:
; authentication
; community
; heartbeat-interval
; notify
; system
; trap
#show snmp authentication
; error 103: incomplete command
; next keyword must be:
; traps
#show snmp authentication traps
; error 103: incomplete command
; next keyword must be:
; enable
#show snmp authentication traps enable
snmp authentication traps enable no
show snmp
, the help facilty will prompt you with the appropriate keywords until
1-6 Command Line Interface Commands Reference
Motorola Netopia® Router CLI Commands 2-1
Chapter 2
Motorola Netopia® Router CLI Commands
This chapter describes the syntax of the supported command set of the Motorola Netopia® R-series,
4000-series, and 3000 Enterprise-series Router families.
“Configuration Access Commands” on page 2-3
■
■
“MAC Address Security Commands” on page 2-12
“System Heartbeat Configuration Commands” on page 2-13
■
■
“Tiered Configuration Access Commands” on page 2-15
■
“Interface Configuration Commands” on page 2-16
“Additional LAN configuration command” on page 2-16
■
■
“Ethernet Interface configuration commands” on page 2-18
■
“Ethernet Interface Stateful Inspection Commands” on page 2-22
“Virtual LAN (VLAN) configuration commands” on page 2-36
■
■
“RADIUS Authentication Profile configuration commands” on page 2-39
“NetBIOS configuration commands” on page 2-41
■
■
“Generic WAN Interface configuration commands” on page 2-43
■“Restricted WAN Interface configuration commands” on page 2-44
■“ISDN WAN Interface configuration commands” on page 2-45
■“ADSL WAN Interface configuration commands” on page 2-49
■“SDSL WAN Interface configuration commands” on page 2-51
■“Priority Queuing (TOS bit) Commands” on page 2-55
■“Differentiated Services (Diffserv) commands” on page 2-56
■“PVCs” on page 2-58
■“DSL Line Type Interface Configuration Commands” on page 2-61
■“T1 WAN Interface configuration commands” on page 2-62
■“T1 Statistic and Diagnostic commands” on page 2-65
■“Unprotected Services Configuration Commands” on page 2-68
■“IGMP Configuration Commands” on page 2-70
■“Global IP Configuration Commands” on page 2-73
■“DHCP Gen-Options, Option Groups, and Option Filtersets Commands” on page 2-77
■“Wireless Configuration Commands” on page 2-86
2-2 Command Line Interface Commands Reference
■“ARP Configuration Commands” on page 2-97
■“Scheduled Connections Configuration Commands” on page 2-98
■“Default Profile Configuration Commands” on page 2-100
■“Frame Relay Configuration Commands” on page 2-101
■“Miscellaneous Commands” on page 2-103
■“IP Network Address Translation (NAT) Commands” on page 2-110
■“Backup Configuration Commands” on page 2-115
■“Serial port modem backup configuration commands” on page 2-118
■“RADIUS Authentication Configuration Commands” on page 2-119
■“TACACS+ Authentication Configuration Commands” on page 2-120
■“IP Filterset Configuration Commands” on page 2-121
■“Hardware Acceleration Configuration Commands” on page 2-123
■“Global IPSec/IKE Configuration Commands” on page 2-124
■“IKE Dead Peer Detection” on page 2-129
■“Xauth configuration commands” on page 2-130
■“Current Restrictions” on page 2-131
Configuration Access Commands
Configuration Access Commands
date xx/yy/zz
show date
exit
preferences changes immediate { yes | no }
show preferences changes immediate
no preferences changes immediate
preferences check vci { yes | no }
preferences console default { menu | cli }
show preferences console default
preferences console timeout seconds
no preferences console timeout
show preferences console timeout
Motorola Netopia® Router CLI Commands 2-3
preferences date format { mm/dd/yy | dd/mm/yy | yy/mm/dd }
show preferences date format
preferences output format { terse | verbose }
show preferences output format
security mac-auth wireless-only [ yes | no ]
show security mac-auth wireless-only
security mac-auth mac-deny MAC-addr
show security mac-deny
security mac-auth mac-allow MAC-addr
show security mac-auth mac-allow
2-6 Command Line Interface Commands Reference
The preferences command allows you to customize certain aspects of the command line interface. Preference
settings persist across restarts, and are specific to the user name, if any, you used to authenticate yourself
before issuing the preferences command. If no users are defined, no authentication is required, and preference
settings are global.
date xx/yy/zz
show date
These commands allow you to set or display the current date for the router’s system clock.
exit
The exit command terminates your current console session. If you are connected via telnet or a modem, the
connection will be closed. If you are logged in via the serial console, you will return to the command line or
menu-based console based on your default console setting. (See the preferences console default command on
page 2-6.) In either case, you will be prompted either with a login prompt (if one or more users are defined), or
the initial prompt for the selected console interface (if no users are defined).
preferences changes immediate { yes | no }
show preferences changes immediate
no preferences changes immediate
These commands allow you to specify whether or not WAN configuration changes will take effect immediately.
When you specify no, any changes you make to the WAN configuration (except NAT) will not take effect until the
router is reset.
Note: The router will reboot immediately when the value of the changes immediate preference item changes.
No warning is given.
preferences check vci { yes | no }
Note: This command is supported beginning with firmware version 8.2.
This command allows you to set the VCI to any value in the CLI, menu, or SNMP. The ability to set a VCI to 0 –
31 is not normally permitted. This command allows you to override this check and allow a VCI of value 0 – 31.
preferences console default { menu | cli }
show preferences console default
The preferences console default command specifies the console interface that will be presented to the user on
subsequent logins. When set to menu (the default), the user will be presented with the menu-based console
interface on subsequent logins. When set to cli, the user will be presented with the command line console
interface on subsequent logins. If the preferences console default command is issued and there are no users
defined, the setting will determine the console interface that will be presented to all newly established console
sessions (via either the serial console port or via telnet).
Motorola Netopia® Router CLI Commands 2-7
preferences console timeout seconds
no preferences console timeout
show preferences console timeout
These commands control the command-line and menu-based console auto logout. Note that the no preferences
console timeout command sets the timeout to zero, which disables the timeout.
The command:
no preferences console timeout
is equivalent to:
preferences console timeout 0
Example:
preferences console timeout 300
preferences date format { mm/dd/yy | dd/mm/yy | yy/mm/dd }
show preferences date format
These commands allow you to set or display your date formatting preferences for the router’s system clock.
preferences output format { terse | verbose }
show preferences output format
The preferences output format command affects the format of the output from show commands. When set to
verbose (the default), the output from show commands is formatted as a valid command line interface command that could be entered at a command prompt. When set to terse, the output from show commands is
not formatted as a valid command line interface command that could be entered at a command prompt, but
rather includes only the value of the requested attribute. The terse mode may be more useful if the output will
be processed by a computer rather than a human being.
Example:
#preferences output format verbose
#show interface ethernet 0 ip address
interface ethernet 0 ip address 192.168.1.1/24
#preferences output format terse
#show interface ethernet 0 ip address
The preferences output mask command affects the format of the output from those show commands that
display an IP address together with a subnet mask. When set to bits (the default), the IP address and subnet
mask are output in prefix notation – i.e., an IP address in dotted-quad notation followed by a slash followed by
the number of consecutive ones-bits in the subnet mask – whereas when set to dotted-quad, the IP address
and subnet mask are output as two consecutive dotted-quads.
Example:
#preferences output mask bits
#show interface ethernet 0 ip address
interface ethernet 0 ip address 192.168.1.1/24
#preferences output mask dotted-quad
#show interface ethernet 0 ip address
interface ethernet 0 ip address 192.168.1.1 255.255.255.0
preferences time format { am-pm | 24-hour }
show preferences time format
These commands allow you to set or display your time formatting preferences for the router’s system clock.
security password
Enter old password: old password
Enter new password: new password
Re-enter password: new password
no security password
Enter old password:old password
These commands let you set and delete the Security Options screen password. After you enter the command
the console prompts you for the existing password if you have one, then it prompts you to enter and re-enter a
new password (eleven characters maximum). The no command will prompt you for a password if there was one,
and will then delete that password.
snmp authentication traps enable [ yes | no ]
no snmp authentication traps enable
show snmp authentication traps enable
These commands allow you to enable, disable, or show the status of SNMP authentication traps.
snmp community { ro | read-only | rw | read-write } string
no snmp community [ ro | read-only | rw | read-write ] [string]
These commands allow you to add or delete the SNMP community Read-Only and Read-Write strings.
Motorola Netopia® Router CLI Commands 2-9
snmp heartbeat-interval interval
show snmp heartbeat-interval
no snmp heartbeat-interval
Note: These commands are supported beginning with firmware version 8.2.
These commands allow you to set, show, or delete the SNMP heartbeat interval. A single configuration item
governs heartbeat traps, the time interval between traps. Permitted values are 0 – 65535 minutes. A value of
zero, the default, means the trap is disabled. This value can be configured by the CLI and SNMP. When the
interval value is set to a positive number, a trap is sent immediately and the new (or same) interval value takes
effect.
snmpnotifytype [ v1-trap | v2-trap | inform ]
Note: This command is supported beginning with firmware version 8.4.2.
This command allows you to set the type of SNMP traps that the system will generate: v1, v2(c), or, beginning
with Firmware Version 8.4.2, inform.
snmp system contact string
show snmp system contact
no snmp system contact
These commands set, display, or clear the router's SNMP system contact (sysContact) string.
snmp system location string
show snmp system location
no snmp system location
These commands set, display, or clear the router's SNMP system location (sysLocation) string.
snmp system name string
show snmp system name
no snmp system name
These commands set, display, or clear the router's SNMP system name (sysName) string.
snmpsystemtrapsourceaddress [ lan | wan ]
Note: This command is supported beginning with firmware version 8.5.
This command allows you to specify whether the source address for SNMP traps should be on the LAN or the
WAN. When this parameter is set to lan, all SNMP v2 and inform traps use the source IP address of the primary
LAN interface. Otherwise, the IP address of the WAN interface is used.
system syslog enable { yes | no }
no system syslog enable
show system syslog enable
Note: These commands are supported beginning with Firmware Version 8.2.
2-10 Command Line Interface Commands Reference
These commands allow you to enable, disable, or show the status of logging of system events for reporting by
a Syslog client. By default, all events are logged in the event history. By using the syslog commands that follow
to set each event descriptor to either yes or no, you can determine which ones are logged and which are
ignored.
system syslog host-name hostname
no system syslog host-name
show system syslog host-name
Note: These commands are supported beginning with Firmware Version 8.2.
These commands allow you to specify, disable, or show the status of the syslog server’s address either in
dotted decimal format or as a DNS name up to 64 characters.
system syslog facility facility
show system syslog facility
Note: These commands are supported beginning with Firmware Version 8.2.
These commands allow you to specify or show the UNIX syslog Facility. facility values may be "local0" through
"local7".
system syslog log-violations { yes | no }
no system syslog log-violations
show system syslog log-violations
Note: These commands are supported beginning with Firmware Version 8.2.
These commands allow you to enable, disable, or show whether violations are logged or ignored.
system syslog log-accepts { yes | no }
no system syslog log-accepts
show system syslog log-accepts
Note: These commands are supported beginning with Firmware Version 8.2.
These commands allow you to enable, disable, or show whether acceptances are logged or ignored.
system syslog log-attempts { yes | no }
no system syslog log-attempts
show system syslog log-attempts
Note: These commands are supported beginning with Firmware Version 8.2.
These commands allow you to enable, disable, or show whether connection attempts are logged or ignored.
Motorola Netopia® Router CLI Commands 2-11
telnet { hostname | ip-addr } [ port value ] [ source ip_addr ]
show telnet sessions
Note: These commands are supported beginning with Firmware Version 8.7.
These commands allow you to initiate or show up to six telnet sessions from the command line without
returning to the console menu interface. Using the command line, you can resume sessions star ted by the
console menu and vice versa.
Example:
#show telnet sessions
#1 192.168.1.253
#2 192.168.1.91
#3 10.8.200.16
#4 no active session
#5 no active session
#6 no active session
Note: These commands are supported beginning with Firmware Version 8.7.
These commands allow you to suspend telnet sessions indicated by alphabetic letter, a through z, from the
command line.
Telnet sessions specified by number, 1 through 6, may be resumed or terminated.
The show command displays telnet sessions that have been previously suspended using the suspend
command.
telnet server port [ port number ]
show telnet server port
These commands allow you to set or display the TCP port on which the router is currently listening for incoming
telnet management sessions. If you change the port number, the router will immediately stop accepting new
sessions at the old port number, and only accept incoming sessions on the new port number. All sessions
currently connected to the old por t number will remain connected. Allowed values for por t number are 1 65535, except for 80 and 1723.
time hh:mm [ am | pm ]
show time
These commands allow you to set or display the current time for the router’s system clock.
2-12 Command Line Interface Commands Reference
MAC Address Security Commands
Note: These commands are supported beginning with firmware version 8.5.
These commands allow you to configure or display the global MAC authentication mode. If set to allow-list, all
non-matching unicasts will be dropped. If set to deny-list, all matching unicasts will be dropped.
security mac-auth wireless-only [ yes | no ]
show security mac-auth wireless-only
These commands allow you to restrict or display the restricted status of MAC address authentication. If set to
yes, the MAC authentication applies only to the wireless interface, on models so equipped. If set to no, packets
received at all interfaces on the LAN are subject to the MAC filtering table.
security mac-auth mac-deny MAC-addr
show security mac-deny
These commands allow you to specify or display the MAC address for hosts on the wired or wireless LAN (if so
restricted) whose source or destination MAC address will cause the router to filter their packets.
security mac-auth mac-allow MAC-addr
show security mac-auth mac-allow
These commands allow you to specify or display the MAC address for hosts on the wired or wireless LAN (if so
restricted) whose source or destination MAC address will cause the router to pass their packets.
Note: Wireless MAC authentication commands are also supported. See “Wireless Configuration Commands”
on page 2-86.
Motorola Netopia® Router CLI Commands 2-13
System Heartbeat Configuration Commands
Note: The commands in this section are supported beginning with firmware version 8.5.
System Heartbeat Configuration Commands
heartbeat enable { yes | no }
show heartbeat enable
heartbeat protocol { udp | tcp }
show heartbeat protocol
heartbeat client-por t por t
show heartbeat client-por t
heartbeat interval time (in seconds)
show heartbeat interval time
heartbeat count count
show heartbeat count
heartbeat sleep-time time (in seconds)
show heartbeat sleep-time
heartbeat server port por t
show heartbeat server port
heartbeat server address address
show heartbeat server address
heartbeat server url url
show heartbeat server url
heartbeat interval contact-email email_address
show heartbeat interval contact-email
heartbeat interval location location
show heartbeat interval location
reset heartbeat
2-14 Command Line Interface Commands Reference
heartbeat enable { yes | no }
show heartbeat enable
These commands allow you to enable, disable, or show the status of the system heartbeat.
Once a unit is configured and restarted, the WAN link is up and the WAN IP address is established, the
heartbeat will begin executing and sending its payloads (or establishing its connection in the case of TCP). A
special case is when the ip-server address is on the LAN. In this case, the payloads will be routed to the LAN
side address, but only after the WAN link and WAN IP addresses have been established.
If, at any time during the heartbeat sequence, the link state changes – which means, for example, that there is
a layer 1 disconnect or a change in the IP layer parameters from a DHCP acquisition or a renegotiated PPP
session – the sequence will restart. You can also restart the sequence manually. In addition, in TCP mode once
the connection has been established, the sequence will be restarted any time the remote server closes it.
heartbeat protocol { udp | tcp }
show heartbeat protocol
These commands allow you to specify or show the protocol to be used for the system heartbeat, udp or tcp.
The heartbeat is a state machine:
■If you select udp, there are no connections to the server. If the server address is known, it simply sends
the payloads in UDP.
■If you select tcp, it tries to connect to the server address, and keeps trying to connect for 20 attempts at
thirty-second intervals. If a connection is not established, it sleeps for a minimum of either 30 minutes, or
whatever is programmed as the sleep-time. See below.
heartbeat client-por t por t
show heartbeat client-por t
These commands allow you to specify or show the client port to be used for the system heartbeat.
heartbeat interval time (in seconds)
show heartbeat interval
These commands allow you to specify or show the heartbeat interval. in seconds.
heartbeat count count
show heartbeat count
These commands allow you to specify or show the heartbeat count within the specified interval.
heartbeat sleep-time time (in seconds)
show heartbeat sleep-time
These commands allow you to specify or show the heartbeat sleep time, in seconds, during which the system
will wait before retrying a failed connection attempt, if tcp is the specified protocol.
heartbeat server port por t
show heartbeat server port
These commands allow you to specify or show the heartbeat server port number.
Motorola Netopia® Router CLI Commands 2-15
heartbeat server address address
show heartbeat server address
These commands allow you to specify or show the heartbeat server IP address. Beginning with Firmware
Version 8.5.1, the address can also be a DNS name of up to 63 characters.
heartbeat server url url
show heartbeat server url
These commands allow you to specify or show a heartbeat server URL.
heartbeat interval contact-email email_address
show heartbeat interval contact-email
These commands allow you to specify or show an email address to be placed into the heartbeat Xml payload.
heartbeat interval location location
show heartbeat interval location
These commands allow you to specify or show a location to be placed into the heartbeat Xml payload.
resetheartbeat
This command allows you to restart the heartbeat sequence.
Tiered Configuration Access Commands
Tiered Configuration Access Commands
superuser name password
show superuser
no superuser
user name password [ { wan | lan | cp | nat | pvc | global | subnet | voice | no-web | no-telnet }*]
show user
no user name
superuser name password
show superuser
no superuser
These commands allow you to create, show, or delete a Superuser. You can only configure a Superuser if no
authorized users exist. There can be but one Superuser. The Superuser can change any attributes of any user,
including itself. However, even the Superuser cannot see what the password for a user is – the show command
will display 5 asterisks regardless of its actual length.
2-16 Command Line Interface Commands Reference
user name password [ { wan | lan | cp | nat | pvc | global | subnet | no-telnet }*]
show user
no user name
These commands allow a Superuser to create, show, or delete a user and his/her access privileges. A user can
change only his/her own password, and cannot change their access privileges. If a Superuser creates a new
user, this user inherits the privileges of the first non-Superuser, or has the default access privileges of lan | subnet | nat | cp | global if there is no non-Superuser configured.
Network Address Translation configuration. This includes the ability to configure NAT
attributes in connection profiles.
ATM PVC and Frame DLCI configuration
other parameters, such as console preferences. This includes ping and traceroute
functionality.
LAN (Ethernet 0) interface ip subnet configuration
Prevents Telnet access.
Interface Configuration Commands
Additional LAN configuration command
Note: Beginning with Firmware Version 8.4.2, the firmware includes support for creating additional logical
local area networks. When used in combination with VLANs (see “Virtual LAN (VLAN) configuration commands”
on page 2-36), you can maintain separate functional end-to-end networks to support such services as
voice-over-IP, point-of-sale applications, or audio and video ser vices.
Multiple logical IP LAN support allows you to create additional IP routed LAN interfaces (ALANs). You can add,
edit, or delete Additional LANs similarly to Connection Profiles on the WAN connection. You then associate
physical or logical Ethernet-encapsulated interfaces, such as wired Ethernet por ts, wireless SSIDs, and ATM
RFC 1483 bridged VCs by attaching the ALAN to a VLAN containing these interfaces.
The additional LAN IP routed interfaces duplicate all the same parameters that apply to the primary LAN
interface, such as DHCP servers, filtersets, multicast forwarding, and RIP. You can configure up to six ALANs.
Motorola Netopia® Router CLI Commands 2-17
interfaceethernetid [ yes | no ]
This command allows you to create or delete an additional LAN (ALAN) of id id. If you create an ALAN, you must
provision it with the same parameters that apply to the primary LAN.
interface ethernet 2 address-serve range 3.0.0.100 3.0.0.199
interface ethernet 2 mac address 00:00:c5:fa:dd:04
2-18 Command Line Interface Commands Reference
Ethernet Interface configuration commands
Ethernet Interface Configuration Commands
interface ethernet id ip address [{ ip-addr/ mask-bits | ip-addr mask | secondary }]
no interface ethernet id ip address [{ ip-addr/mask-bits | ip-addr mask | secondary }]
show interface ethernet id ip address
interface ethernet id ip dhcp client mode { standard | copper-mountain | cmn }
show interface ethernet id ip dhcp client mode
interface ethernet id ip multicast-fwd { yes | no }
no interface ethernet id ip multicast-fwd
show interface ethernet id ip multicast-fwd
interface ethernet id ip igmp-version { v1 | v2 | v3 }
show interface ethernet id ip igmp-version
interface ethernet id mac address { MAC-address | default }
show interface ethernet id mac address
interface ethernet id mode { autonegotiate | 100full | 100half | 10full | 10half |
100full-fixed | 100half-fixed | 10full-fixed | 10half-fixed }
show interface ethernet id mode
interface ethernet id ip nat enable { yes | no }
no interface ethernet id ip nat enable
show interface ethernet id ip nat enable
interface ethernet id ip nat map-list list-tag
no interface ethernet id ip nat map-list
show interface ethernet id ip nat map-list
interface ethernet wan-id ip nat passthrough enable { yes | no }
no interface ethernet id ip nat passthrough enable
show interface ethernet id ip nat passthrough enable
interface ethernet wan-id ip nat passthrough dhcp enable { yes | no }
no interface ethernet wan-id ip nat passthrough dhcp enable
show interface ethernet wan-id ip nat passthrough dhcp enable
interface ethernet wan-id ip nat passthrough dhcp mac-address { mac-address }
show interface ethernet wan-id ip nat passthrough dhcp mac-address
interface ethernet id ip nat server-list list-tag
no interface ethernet id ip nat server-list
show interface ethernet id ip nat server-list
interface ethernet id ip netbios proxy enable { yes | no }
no interface ethernet id ip netbios proxy enable
show interface ethernet id ip netbios proxy enable
interface ethernet id pppoe enable { yes | no }
no interface ethernet id pppoe enable
show interface ethernet id pppoe enable
show interface ethernet id statistics
show interface ethernet id stats
interface ethernet id ip filterset fs-id
no interface ethernet id ip filterset
show interface ethernet id ip filterset
2-20 Command Line Interface Commands Reference
Ethernet Interface RIP Configuration Commands
interface ethernet id ip rip exclude-wan-routes
no interface ethernet id ip rip exclude-wan-routes
show interface ethernet id ip rip exclude-wan-routes
interface ethernet id ip rip receive { no | v1 | v2 | both | v2-md5 }
no interface ethernet id ip rip receive
show interface ethernet id ip rip receive
interface ethernet id ip rip transmit { no | v1 | v2broadcast | v2multicast | v2broadcast-md5 |
v2multicast-md5 }
no interface ethernet id ip rip transmit
show interface ethernet id ip rip transmit
interface ethernet id ip rip auth key id
no interface ethernet id ip rip auth key id
show config interface ethernet id ip rip auth key
interface ethernet id ip rip auth key id start date date
show interface ethernet id ip rip auth key id start date
interface ethernet id ip rip auth key id start time time
show interface ethernet id ip rip auth key id start time
interface ethernet id ip rip auth key id end date date
show interface ethernet id ip rip auth key id end date
interface ethernet id ip rip auth key id end time time
show interface ethernet id ip rip auth key id end time
interface ethernet id rip auth key id end time mode { infinite | date }
show interface ethernet id ip rip auth key id end time mode
interface ethernet id rip auth key id key <string>
Motorola Netopia® Router CLI Commands 2-21
Ethernet Interface IP Address Serving Commands
interface ethernet id address-serve clients { any | none | { bootp | dhcp | macip | wan }+ }
no interface ethernet id address-serve clients { any | { bootp | dhcp | macip | wan }+ }
show interface ethernet id address-serve clients
interface ethernet id address-serve dhcp enable { yes | no }
no interface ethernet id address-serve dhcp enable
show interface ethernet id address-serve dhcp enable
interface ethernet id address-serve dhcp dns [ 1 | 2 ] ip-addr
interface ethernet id address-serve dhcp lease-time hours
show interface ethernet id address-serve dhcp lease-time
interface ethernet id address-serve dhcp option 150 address www.xxx.yyy.zzz
no interface ethernet id address-serve dhcp option 150 address www.xxx.yyy.zzz
show interface ethernet id address-serve dhcp option 150 address
show interface ethernet id address-serve dhcp addresses
show interface ethernet id ip dhcp client status
interface ethernet id ip dhcp client [ renew | release ]
interface ethernet id address-serve dhcp next-server ip-addr
interface ethernet id address-serve gateway { gw-ip-addr | default { ip-addr/mask-bits | ip-addr mask } }
show interface ethernet id address-serve gateway
interface ethernet id address-serve helper ip-addr
no interface ethernet id address-serve helper [ip-addr]
show interface ethernet id address-serve helper
interface ethernet id address-serve mode { relay | server }
show interface ethernet id address-serve mode
interface ethernet id address-serve range { auto | from-addr to-addr }
no interface ethernet id address-serve range from-addr to-addr
show interface ethernet id address-serve range
interface ethernet id address-serve { no | off | on | yes }
no interface ethernet id address-serve
show interface ethernet id address-serve
2-22 Command Line Interface Commands Reference
Ethernet Interface Stateful Inspection Commands
Ethernet Interface Stateful Inspection Commands
interface ethernet id ip state-insp enable { yes | no | on | off }
no interface ethernet id ip state-insp
show interface ethernet id ip state-insp enable
interface ethernet id ip state-insp router-access { yes | no | on | off }
no interface ethernet id ip state-insp router-access
show interface ethernet id ip state-insp router-access
interface ethernet id ip state-insp tcp-seq-diff diff
show interface ethernet id ip state-insp tcp-seq-diff
interface ethernet id ip state-insp deny-frag { yes | no | on | off }
no interface ethernet id ip state-insp deny-frag
show interface ethernet id ip state-insp deny-frag
interface ethernet id ip state-insp xposed-list xposed-list_name
no interface ethernet id ip state-insp xposed-list
show interface ethernet id ip state-insp xposed-list
interface ethernet lan_inter face_id scat enable [ yes | no ]
show interface ethernet lan_inter face_id scat enable
Motorola Netopia® Router CLI Commands 2-23
Ethernet Interface VRRP Commands
interface ethernet id ip vrrp vrouter id vrid vrid
show interface ethernet id ip vrrp vrouter id vrid
interface ethernet id ip vrrp vrouter id vrip ip-addr
show interface ethernet id ip vrrp vrouter id vrip
interface ethernet id ip vrrp vrouter id priority [ 1... 255 ]
show interface ethernet id ip vrrp vrouter id priority
interface ethernet id ip vrrp vrouter id adv-intvl [ 1... 255 ]
show interface ethernet id ip vrrp vrouter id adv-intvl
interface ethernet id ip vrrp vrouter id preempt-mode enable [ no | yes | on | off ]
show interface ethernet id ip vrrp vrouter id preempt-mode enable
interface ethernet id ip vrrp vrouter id enable [ no | yes | on | off ]
show interface ethernet id ip vrrp vrouter id enable
no interface ethernet id ip vrrp vrouter id
show interface ethernet id ip vrrp wan-monitor enable [ { yes | no | on | off } ]
show interface ethernet id ip vrrp wan-monitor enable
interface ethernet id ip vrrp master-dhcp-srv enable [ { yes | no | on | off } ]
show interface ethernet id ip vrrp master-dhcp-srv enable
interface ethernet id ip vrrp dhcp-gateway ip-addr
show interface ethernet id ip vrrp dhcp-gateway
2-24 Command Line Interface Commands Reference
interface ethernet id ip address [{ ip-addr/ mask-bits | ip-addr mask | secondary }]
no interface ethernet id ip address [{ ip-addr/mask-bits | ip-addr mask | secondary }]
show interface ethernet id ip address
These commands allow you to set, delete, or show the IP subnet(s) of an Ethernet interface. If the keyword
secondary is specified in the first command, the subnet is appended to the list of subnets (assuming that all of
the allowed subnets have not yet been configured– the router supports up to eight). If the keyword secondary is
not specified, the primary subnet configuration is replaced with the specified values. The mask may be
specified either as a slash followed by the number of one-bits in the mask, or as a dotted quad.
The no interface ethernetidip address command allows you to delete a particular subnet, all secondar y
subnets, or all subnets associated with the specified Ethernet interface.
Examples:
The following are equivalent ways to set the primary subnet of the Ethernet interface to 192.168.1.1 with a
Class C subnet mask:
interface ethernet 0 ip address 192.168.1.1/24
interface ethernet 0 ip address 192.168.1.1 255.255.255.0
To set a secondary subnet of the Ethernet interface to 207.1.1.16/28 (with four host bits):
interface ethernet 0 ip address 207.1.1.16/28 secondary
To delete a particular subnet from the list of subnets, specify the particular subnet:
no interface ethernet 0 ip address 207.1.1.16/28
To delete all secondary subnets:
no interface ethernet 0 ip address secondary
To delete all subnets:
no interface ethernet 0 ip address
To show the IP subnets of the Ethernet interface:
show interface ethernet 0 ip address
interface ethernet id ip dhcp client mode { standard | copper-mountain | cmn }
show interface ethernet id ip dhcp client mode
These commands allow you to set or show the router’s DHCP mode, whether standard or copper-mountain.
The connection profile, default profile, and IP configuration structures now include a dhcpclientmode setting
that selects between the standard RFC 2131 standards-based mode of operation (the default), and the cop-per-mountain or cmn proprietary mode of operation.
Motorola Netopia® Router CLI Commands 2-25
When the DHCP client is activated on a RFC1483 MER interface, it examines the dhcpclientmode in the
associated connection profile (or the default profile there was no explicitly configured connection profile). If the
dhcpclientmode specifies standard, the DHCP client initializes the htype and hlen fields in the header of its
DHCP requests to the appropriate values for an RFC1483 MER interface (htype = 1 and hlen = 6). If the dhcpclientmode specifies copper-mountain or cmn, the DHCP client initializes the htype and hlen fields in the
header of its DHCP requests to zero.
When the DHCP client is activated on an Ethernet WAN interface, it examines the dhcpclientmode in the
associated IP configuration structure, and behaves as described above for the RFC1483 MER DHCP client.
Note: cmn is accepted as a synonym for copper-mountain.
interface ethernet id ip multicast-fwd { yes | no }
no interface ethernet id ip multicast-fwd
show interface ethernet id ip multicast-fwd
These commands allow you to set, disable, or show the multicast forwarding behavior on the specified Ethernet
interface.
interface ethernet id ip igmp-version { v1 | v2 | v3 }
show interface ethernet id ip igmp-version
These commands allow you to set or show the IGMP version to be used on the specified Ethernet interface.
Beginning with Firmware version 8.7, v3 is the default.
interface ethernet id mac address { MAC-address | default }
show interface ethernet id mac address
The first command allows you to set the MAC Address for the specified interface. You can return it to the default
by typing in a MAC Address consisting of all zeros or by typing default. The show command applies to the LAN
of all models, as well as the WAN on Ethernet WAN models.
interface ethernet id mode { autonegotiate | 100full | 100half | 10full | 10half |
100full-fixed | 100half-fixed | 10full-fixed | 10half-fixed }
show interface ethernet id mode
Note: These commands are supported beginning with firmware version 8.2.
These commands allow you to set or show the Ethernet speed and duplex configuration to be used on the
specified Ethernet interface. These commands only apply to 3300-Series products, single port Ethernet
interface on either LAN or WAN. The default is auto-negotiation.
2-26 Command Line Interface Commands Reference
interface ethernet id ip netbios proxy enable { yes | no }
no interface ethernet id ip netbios proxy enable
show interface ethernet id ip netbios proxy enable
These commands allow you to enable, disable, or show the NetBIOS proxy status for the specified Ethernet
interface. The NetBIOS proxy enables the ability to forward Windows Networking NetBIOS broadcasts. This is
useful for, for example, a Virtual Private Network, in which you want to be able to browse the remote network to
which you are tunnelling, as part of your Windows Network Neighborhood.
Routed connections, such as VPNs, can not use NetBEUI to carry the Network Neighborhood information. They
need to use NetBIOS, because NetBEUI cannot be routed. This feature will allow browsing the Network
Neighborhood without any additional workstation configuration.
Note: Microsoft Network browsing is available with or without a Windows Internet Name Ser vice (WINS)
server. Shared volumes on the remote network are accessible with or without a WINS server. Local LAN shared
volumes that have Port Address Translation (PAT) applied to them are not available to hosts on the remote LAN.
For tunnelled traffic, NAT on the WAN has no effect on the Microsoft Networking traffic.
interface ethernet id address-serve dhcp enable { yes | no }
no interface ethernet id address-serve dhcp enable
show interface ethernet id address-serve dhcp enable
These commands allow you to enable, disable, or show the DHCP IP address serving behavior of the specified
Ethernet interface. These commands do not affect the DHCP server mode. Consequently, if the router is set to
DHCP relay these commands have no effect.
The showinterfaceethernet id address-servedhcp command may also include the following keywords:
available, leased, offered, and reserved. These return the count of client IP addresses in their respective
states.
Examples:
show interface ethernet 0 address-serve dhcp report available
show interface ethernet 0 address-serve dhcp report leased
show interface ethernet 0 address-serve dhcp report offered
show interface ethernet 0 address-serve dhcp report reserved
interface ethernet id address-serve dhcp dns [ 1 | 2 ] ip-addr
Note: This command is supported beginning with firmware version 8.5.
This command allows you to specify the IP addresses of primary and secondary DNS servers served to the
client for this interface. If they are not specified, the globally configured (or derived) DNS addresses are ser ved
to the client instead.
These DNS addresses are not used internally by the router; the globally configured DNS addresses are used
instead.
Motorola Netopia® Router CLI Commands 2-27
interface ethernet id address-serve dhcp option 150 address www.xxx.yyy.zzz
no interface ethernet id address-serve dhcp option 150 address www.xxx.yyy.zzz
show interface ethernet id address-serve dhcp option 150 address
Note: These commands are supported beginning with firmware version 8.6.
These commands allow you to configure, remove, or show up to four TFTP IP addresses per ALAN to be served
via option 150.
interface ethernet id ip rip exclude-wan-routes
no interface ethernet id ip rip exclude-wan-routes
show interface ethernet id ip rip exclude-wan-routes
Note: These commands are supported beginning with firmware version 8.7.
These commands allow you to specify, disable, or show the status of broadcasting WAN routes via RIP. This is
available only if rip transmit is enabled for the interface. The default is no, but if enabled, will drop any RIP
routes with non-LANside information from RIP updates sent over the inter face.
interface ethernet id ip rip receive { no | v1 | v2 | both | v2-md5 }
no interface ethernet id ip rip receive
show interface ethernet id ip rip receive
These commands allow you to set, delete, or show the RIP receive behavior of the specified Ethernet interface.
no interface ethernet id ip rip transmit
show interface ethernet id ip rip transmit
These commands allow you set, delete, or show the RIP transmit behavior of the specified Ethernet interface.
Examples:
show interface ethernet 0 ip rip transmit
interface ethernet id ip rip auth key id
no interface ethernet id ip rip auth key id
show config interface ethernet id ip rip auth key
These commands allow you to create, delete, or show the RIP-2 Authentication key(s) on the specified
interface.
2-28 Command Line Interface Commands Reference
interface ethernet id ip rip auth key id start date date
show interface ethernet id ip rip auth key id start date
These commands allow you to set or show a start date for the RIP-2 Authentication key(s) on the specified
interface.
interface ethernet id ip rip auth key id start time time
show interface ethernet id ip rip auth key id start time
These commands allow you to set or show a start time for the RIP-2 Authentication key(s) on the specified
interface.
interface ethernet id ip rip auth key id end date date
show interface ethernet id ip rip auth key id end date
These commands allow you to set or show an end date for the RIP-2 Authentication key(s) on the specified
interface. The acceptable year range is from 1904 – 2039.
interface ethernet id ip rip auth key id end time time
show interface ethernet id ip rip auth key id end time
These commands allow you to set or show an end time for the RIP-2 Authentication key(s) on the specified
interface.
interface ethernet id rip auth key id end time mode { infinite | date }
show interface ethernet id ip rip auth key id end time mode
These commands allow you to set or show the end time mode for the RIP-2 Authentication key(s) on the
specified interface. date specifies that an expiration date and time will be used; infinite specifies that the key
will never expire.
interface ethernet id rip auth key id key <string>
These commands allow you to assign a RIP-2 Authentication key. Keys must be manually entered and must
consist of 1 – 16 ASCII characters each.
interface ethernet id pppoe enable { yes | no }
no interface ethernet id pppoe enable
show interface ethernet id pppoe enable
These commands allow you enable, disable, or show the PPP over Ethernet behavior of the specified interface.
show interface ethernet id statistics
show interface ethernet id stats
These commands allow you to display statistics for the specified Ethernet interface, including receive frames,
octets, and errors, and transmit frames, octets, and errors.
Motorola Netopia® Router CLI Commands 2-29
interface ethernet id ip filterset fs-id
no interface ethernet id ip filterset
show interface ethernet id ip filterset
These commands allow you to enable, disable, or show an IP filterset identified by fs-id on the specified
Ethernet interface. fs-id is specified as an ASCII string corresponding to the name of a filterset. See “IP Filterset
Configuration Commands” on page 2-121 for more information.
interface ethernet id ip nat enable { yes | no }
no interface ethernet id ip nat enable
show interface ethernet id ip nat enable
These commands allow you to enable, disable, or show the Network Address Translation behavior for the
specified WAN interface.
interface ethernet id ip nat map-list list-tag
no interface ethernet id ip nat map-list
show interface ethernet id ip nat map-list
These commands allow you to set, delete, or show a NAT map list for the specified WAN interface.
interface ethernet wan-id ip nat passthrough enable { yes | no }
no interface ethernet id ip nat passthrough enable
show interface ethernet id ip nat passthrough enable
Note: These commands are supported beginning with firmware version 8.2.
These commands allow you to enable, disable, or show the NAT passthrough behavior for the specified WAN
interface. The IP passthrough feature allows for a single LAN PC to have the router’s public address assigned to
it, in addition to providing PAT (NAPT) via the same public IP address for all other hosts on the private LAN
subnet.
interface ethernet wan-id ip nat passthrough dhcp enable { yes | no }
no interface ethernet wan-id ip nat passthrough dhcp enable
show interface ethernet wan-id ip nat passthrough dhcp enable
Note: These commands are supported beginning with firmware version 8.2.
These commands allow you to enable, disable, or show the NAT passthrough DHCP behavior for the specified
WAN interface. This governs DHCP addressing for the passthrough host.
interface ethernet wan-id ip nat passthrough dhcp mac-address { mac-address }
show interface ethernet wan-id ip nat passthrough dhcp mac-address
Note: These commands are supported beginning with firmware version 8.2.
These commands allow you to set or show the NAT passthrough DHCP MAC address for the specified WAN
interface. This specifies the MAC address of the passthrough host.
2-30 Command Line Interface Commands Reference
interface ethernet id ip nat server-list list-tag
no interface ethernet id ip nat server-list
show interface ethernet id ip nat server-list
These commands allow you to set, delete, or show a NAT server list for the specified WAN interface.
interface ethernet wan-id mac address { MAC-address | default }
show interface ethernet wan-id mac address
The first command allows you to set the MAC Address for the WAN on a WAN Ethernet Router. You can return it
to the default by typing in a MAC Address consisting of all zeros or by typing default. The show command
applies to the LAN of all models, as well as the WAN on the R9100 and R910.
interface ethernet id address-serve clients { any | none | { bootp | dhcp | macip | wan } }
no interface ethernet 0 address-serve clients { any | { bootp | dhcp | macip | wan }+ }
show interface ethernet 0 address-serve clients
The interface ethernet id address-serve clients command allows you to configure the types of clients that may
request IP addresses from the address ser ver. If you specify the keyword any, the address server will accept
requests from clients of any type supported by the router. Otherwise, you may specify one or more of the
keywords bootp, dhcp, macip, or wan, in which case the address server will accept requests from only the
specified types of clients. If you specify the keyword none, the address server will not accept requests from
clients of any type.
The no interface ethernet id address-serve clients command removes the specified client types from those
from which the address server will accept requests.
interface ethernet id address-serve dhcp lease-time hours
show interface ethernet id address-serve dhcp lease-time
These commands allow you to set or show the address serving DHCP lease time to any number of hours, up to
and including 168 (one week). The default DHCP lease time is one hour.
show interface ethernetidaddress-serve dhcp addresses
Note: This command is supported beginning with firmware version 8.5.
This command allows you to display the ethernet IP addresses being served via DHCP, and the host name of
the served device, if available.
Note: This command is supported beginning with firmware version 8.5.
Motorola Netopia® Router CLI Commands 2-31
This command specifies the IP address of the next server in the boot process, typically a Trivial File Transfer
Protocol (TFTP) server.
showinterfaceethernetidipdhcpclientstatus
Note: This command is supported beginning with firmware version 8.5.
This command allows you to display the status of the ethernet WAN being served via DHCP. It displays:
IP AddressIP Subnet Mask
IP GatewayDHCP server
DNS server 1DNS server 2 (if any)
Lease Expiration
interface ethernet id address-serve gateway { gw-ip-addr | default { ip-addr/mask-bits | ip-addr mask } }
show interface ethernet id address-serve gateway
This command allows you to specify the gateway IP address that will be served to clients requesting an address
via an address serving protocol that can serve a gateway address. You may specify a gateway IP address for
each Ethernet subnet for which you have configured an address-ser ving pool. (See the description of the
interface ethernet id address-serve range command on page 2-32.)
If you specify the keyword default, you must also specify an Ethernet subnet; the gateway IP address for the
specified subnet will be reset to its default value. The default gateway IP address for a particular subnet is
either the router's default gateway (if that gateway is on the specified subnet) or the router's address on the
subnet.
interface ethernet id address-serve helper ip-addr
no interface ethernet id address-serve helper [ip-addr]
show interface ethernet id address-serve helper
These commands allow you to configure or display the addresses of up to four remote DHCP servers to which
the router will forward DHCP requests when it is acting as a DHCP relay agent. The interface ethernet id
address-serve helper command adds the specified IP address to the ser ver list. The no interface ethernet id
address-serve helper command removes the specified IP address from the server list; if you omit the IP
address, all configured DHCP server IP addresses are removed.
interface ethernet id address-serve mode { relay | server }
show interface ethernet id address-serve mode
These commands allow you to specify or display the address serving mode for the specified Ethernet interface.
The keyword relay causes the router to act as a DHCP relay agent. The keyword server enables address serving
from one or more locally configured address pools.
Examples:
#interface ethernet 0 address-serve mode server
#show interface ethernet 0 address-serve mode
interface ethernet 0 address-serve mode server
#
interface ethernet id address-serve range { auto | from-addr to-addr }
no interface ethernet id address-serve range from-addr to-addr
show interface ethernet id address-serve range
This command configures a pool of IP addresses for use by the address server. You may specify one address
pool for each configured Ethernet subnet (primary and secondary). The total number of addresses in all
configured pools may not exceed 512 addresses.
If you specify the keyword auto instead of an IP address range, the router will automatically configure IP
address pools for each configured Ethernet subnet. An automatically configured pool will include one-half of the
number of addresses available in the corresponding subnet, and will be located in the opposite half of the
subnet from the router's IP address on the subnet. If the total number of addresses required would exceed the
maximum of 512 total addresses, the 512 available addresses will be allocated on a pro-rata basis across all
pools.
interface ethernet id address-serve { no | off | on | yes }
no interface ethernet id address-serve
show interface ethernet id address-serve
These commands enable, disable, or display the status of address-serving for the specified Ethernet interface.
Stateful Inspection Configuration Commands
See also:
■“Stateful Inspection Commands” on page 3-21 for Connection Profile commands.
■“Stateful Inspection Commands” on page 2-85 for Global Stateful Inspection commands.
Motorola Netopia® Router CLI Commands 2-33
Note: The commands in this section are supported beginning with firmware version 8.2.
interface ethernet id ip state-insp enable { yes | no | on | off }
no interface ethernet id ip state-insp
show interface ethernet id ip state-insp enable
These commands allow you to set, disable, or show the status of stateful inspection for the specified interface.
This option is disabled by default. Stateful inspection prevents unsolicited inbound access when NAT is
disabled.
interface ethernet id ip state-insp router-access { yes | no | on | off }
no interface ethernet id ip state-insp router-access
show interface ethernet id ip state-insp router-access
These commands allow you to set, disable, or show the status of default mapping to router for the specified
interface.
interface ethernet id ip state-insp tcp-seq-diff diff
show interface ethernet id ip state-insp tcp-seq-diff
These commands allow you to set or show TCP sequence difference acceptable for the specified interface. The
TCP sequence number difference maximum allowed value is 65535. If the value of tcp-seq-diff is 0, it means
that this check is disabled.
interface ethernet id ip state-insp deny-frag { yes | no | on | off }
no interface ethernet id ip state-insp deny-frag
show interface ethernet id ip state-insp deny-frag
These commands allow you to set, disable, or show whether fragmented packets are received for the specified
interface.
interface ethernet id ip state-insp xposed-list xposed-list_name
no interface ethernet id ip state-insp xposed-list
show interface ethernet id ip state-insp xposed-list
These commands allow you to set, disable, or show the status of a stateful inspection exposed address list for
the specified interface. Exposed address lists are similar to NAT server lists. Exposed addresses in the list will
not be subject to stateful inspection and hence unsolicited inbound traffic will be allowed to these addresses.
These are active only if NAT is disabled on the profile.
Note: The commands in this section are supported beginning with firmware version 8.5.
interface ethernet lan_inter face_id scat enable [ yes | no ]
show interface ethernet lan_inter face_id scat enable
These commands allow you to enable, disable, or show the status of static client address translation on the
specified LAN interface. This feature allows a statically addressed host whose address falls outside of the LAN
subnet(s) to simply plug in and get online without any manual configuration on either the host or the Motorola
Netopia® Router.
If scatenable is set to yes, statically addressed LAN hosts that have an address outside of LAN subnets will be
able to communicate via the Router’s WAN interface to the Internet.
Supported static IP address values must fall outside of the Router's LAN subnet(s).
Ethernet Interface VRRP Commands
Note: The commands in this section are supported beginning with firmware version 8.5.
A Virtual Router is a software abstraction consisting of a group of two or more hardware routers protecting one
or more IP addresses. One of the routers is designated as the Master, while the others are backups. VRRP is a
protocol that provides redundancy to routers within a local area network by allowing alternate paths for a PC
without changing the IP address or MAC address by which the PC knows its gateway.
A Virtual Router cannot be enabled unless it is populated with a Virtual ID and a Virtual IP address. The Virtual
Router index starts from 1 (one). Two virtual routers can be configured per LAN inter face.
interface ethernet id ip vrrp vrouter id vrid [ 1... 255 ]
show interface ethernet id ip vrrp vrouter id vrid
These commands allow you to specify or display an ID (vrid) for the Virtual Router. vrid values may be in the
range 1 – 255.
interface ethernet id ip vrrp vrouter id vrip ip-addr
show interface ethernet id ip vrrp vrouter id vrip
These commands allow you to specify or display an IP address for the Virtual Router.
interface ethernet id ip vrrp vrouter id priority [ 1... 255 ]
show interface ethernet id ip vrrp vrouter id priority
These commands allow you to specify or display a priority for the Virtual Router. The default value is 100, if not
the owner of the virtual IP address. priority values may be in the range 1 – 255.
interface ethernet id ip vrrp vrouter id adv-intvl [ 1... 255 ]
show interface ethernet id ip vrrp vrouter id adv-intvl
These commands allow you to specify or display an advertisement interval in seconds. The default value is one
second; adv-intvl values may be in the range 1 – 255.
Motorola Netopia® Router CLI Commands 2-35
interface ethernet id ip vrrp vrouter id preempt-mode enable [ no | yes | on | off ]
show interface ethernet id ip vrrp vrouter id preempt-mode enable
These commands allow you to enable, disable, or display the status of preempt mode. The default is enabled.
interface ethernet id ip vrrp vrouter id enable [ no | yes | on | off ]
show interface ethernet id ip vrrp vrouter id enable
These commands allow you to enable, disable, or display the status of the Virtual Router.
nointerfaceethernetidipvrrpvrouterid
This command allows you to delete a Virtual Router.
show interface ethernet id ip vrrp wan-monitor enable [ { yes | no | on | off } ]
show interface ethernet id ip vrrp wan-monitor enable
These commands allow you to enable, disable, or display the status of the WAN monitor.
interface ethernet id ip vrrp master-dhcp-srv enable [ { yes | no | on | off } ]
show interface ethernet id ip vrrp master-dhcp-srv enable
These commands allow you to enable, disable, or display the status of the DHCP behavior. The Virtual Router
can either serve or relay DHCP only if it is in Master state.
interface ethernet id ip vrrp dhcp-gateway ip-addr
show interface ethernet id ip vrrp dhcp-gateway
These commands allow you to specify or display the Virtual Router DHCP gateway IP address.
2-36 Command Line Interface Commands Reference
Virtual LAN (VLAN) configuration commands
Note: See also “RADIUS Authentication Profile configuration commands” on page 2-39 and “Additional LAN
configuration command” on page 2-16.
VLAN Configuration Commands
vlan id by [ port-based | global ]
no vlan id
vlan id name name
vlan id network { none | lan | eth2 | eth3 | eth4 | eth5 | eth6 | eth7 }
vlan id id { 1 .. 4094 } (supported in V8.6.1)
vlan id 8021x authprofile { authprofile tag name | authprofile id }
no vlan id 8021x authprofile
vlan id interface eth { 1 | 2 | 0/1 | 0/...n } tag { yes | no }
[ tos-priority { off | on -} ]
[ iptos-promote { off | on } ]
[ authprofile { name | id } ]
[ inter-vlan-routing { group-1... group-8 } enable { yes | no } ]
no vlan id interface eth { 1 | 2 | 0/1 | 0/...n }
vlan id interface ssid n tag { yes | no }
no vlan id interface ssid n
vlan id interface usb 0 tag { yes | no }
no vlan id interface usb 0
vlan id interface cp n tag { yes | no }
no vlan id interface cp n
show config vlan { id }
vlan id by [ port-based | global ]
no vlan id
These commands allow you to create or delete a VLAN specified by id and designate it either port-based or
global. You can create up to 16 VLANs.
Motorola Netopia® Router CLI Commands 2-37
vlan id name name
This command allows you to assign a free-form name name to a VLAN specified by id.
This command allows you to enable 802.1x authentication for the VLAN specified by id. This option is only
supported on Router models with VGx technology or single Ethernet port models. If you are configuring a VLAN
for a Motorola Netopia® Router model with VGx technology (wired or wireless), you can specify a RADIUS server
authentication profile for user authentication. This command allows you to associate a VLAN with an 802.1x
RADIUS authentication profile. You must create an authentication profile, if you have not already done so. See
“RADIUS Authentication Profile configuration commands” on page 2-39.
Note: If you enable 802.1x for a VLAN that includes a wireless SSID, you must set wireless privacy to
WPA-802.1x as well. See “Wireless Privacy Commands (new and revised)” on page 2-91. If multiple SSIDs are
split across several VLANs, the VLANs must either:
• all have 802.1x enabled with WPA-802.1x enabled in Wireless Privacy, or
• have the VLANs set to 802.1x disabled and wirelessprivacy set to some other privacy setting. In that case
wirelessprivacy can be any setting.
Wireless does not currently suppor t separate privacy modes per SSID. When enabling WPA-802.1x, wireless will
default to the RADIUS configuration (see “RADIUS Authentication Profile configuration commands” on
page 2-39), unless it is part of a VLAN. If it is part of a VLAN it will use the VLAN authentication profile's
specified RADIUS server.
vlan id interface eth { 1 | 2 | 0/1 | 0/...n } tag { yes | no }
[ tos-priority { off | on -} ]
[ iptos-promote { off | on } ]
[ authprofile { name | id } ]
[ inter-vlan-routing { group-1... group-8 } enable { yes | no } ]
no vlan id interface eth { 1 | 2 | 0/1 | 0/...n }
These commands allow you to create or delete a VLAN specified by id on an Ethernet interface indicated by its
interface number. The option eth 1 = Ethernet LAN; eth 2 = Ethernet WAN, where applicable. If the Motorola
Netopia® Router model is a non-VGx model, the only available Ethernet port is numbered 0/1; for multiple
managed-switch VGx models the number n is the number of the physical Ethernet port.
■tos-priority - allows you to enable or disable packet prioritization based on any 802.1p priority bits in the
VLAN header to prioritize packets within the Router’s internal queues, according to DiffServ priority
2-38 Command Line Interface Commands Reference
mapping rules.
■iptos-promote - allows you to enable or disable the translation of 802.1p priority bits to and from the
IP-TOS header bit field. When enabled, write any 802.1p priority bits into the IP-TOS header bit field for
received IP packets on this port destined for this VLAN; and write any IP-TOS priority bits into the 802.1p
priority bit field for tagged IP packets transmitted from this port for this VLAN. All mappings between
Ethernet 802.1p and IP-TOS are made according to a pre-defined QoS mapping policy.
■authprofile - allows you to associate this VLAN with an 802.1x authentication profile specified by name or
id.
■inter-vlan-routing - (supported beginning with Firmware Version 8.7.4) when set to yes, allows you to
associate this VLAN with an inter-VLAN routing group such that the specified VLAN can communicate with
another VLAN in the same group. VLANS that are not associated with the same inter-VLAN routing group
cannot communicate with each other.
vlan id interface ssid n tag { yes | no }
no vlan id interface ssid n
These commands allow you to create or delete a port-based VLAN specified by id on a wireless SSID, if
available, indicated by its SSID number.
vlan id interface usb 0 tag { yes | no }
no vlan id interface usb 0
These commands allow you to create or delete a port-based VLAN specified by id on the Router’s USB port, if
available.
vlan id interface cp n tag { yes | no }
no vlan id interface cp n
These commands allow you to create or delete a port-based VLAN specified by id on the Router’s console port,
if available, indicated by its port number n.
show config vlan { id }
This command allows you to display the configuration of all VLANs or a particular VLAN specified by id.
Note: The commands in this section are supported beginning with Firmware Version 8.4.2.
Authentication Profile Configuration Commands
authprofile id[ yes | no ]
authprofile id tag string
authprofile id remote server string
authprofile id remote secret string
authprofile id alternate server string
authprofile id alternate secret string
authprofile id radius identifier string
authprofile id radius port { 1 ...65535 }
show config authprofile id
authprofile id[ yes | no ]
This command allows you to create or delete an authentication profile identified by id containing relevant
information to access a RADIUS server. You associate the profile with a VLAN using the vlan 8021x authprofile
command (page 37).
authprofile id tag string
This command allows you to name an authentication profile identified by id with a free-form name of up to 32
characters.
authprofile id remote server string
This command allows you to specify the RADIUS server’s IP address or fully qualified server name.
authprofile id remote secret string
This command allows you to specify the RADIUS server CHAP secret.
authprofile id alternate server string
This command allows you to specify an alternate RADIUS server, if available.
2-40 Command Line Interface Commands Reference
authprofile id alternate secret string
This command allows you to specify the alternate RADIUS server CHAP secret.
authprofile id radius identifier string
This command allows you to specify the RADIUS Network Access Server (NAS) identifier. The default NAS
identifier is an ASCII representation of the server’s base MAC address.
authprofileidradiusport { 1 ...65535 }
This command allows you to specify the RADIUS server’s port number. Ordinarily, the RADIUS server port
number is 1812. If you are using a different port number, enter it here.
showconfigauthprofileid
This command allows you to display the configuration of an authentication profile identified by id.
Motorola Netopia® Router CLI Commands 2-41
NetBIOS configuration commands
NetBIOS Configuration Commands
interface ethernet 0 address-serve netbios mode type { b-node | p-node | m-node | h-node }
show interface ethernet 0 address-serve netbios mode type
interface ethernet 0 address-serve netbios mode enable { yes | no }
no interface ethernet 0 address-serve netbios mode enable
show interface ethernet 0 address-serve netbios mode enable
interface ethernet 0 address-serve netbios scope enable { yes | no }
no interface ethernet 0 address-serve netbios scope enable
show interface ethernet 0 address-serve netbios scope enable
interface ethernet 0 address-serve netbios scope name domain-name
show interface ethernet 0 address-serve netbios scope name
interface ethernet 0 address-serve netbios name-server enable { yes | no }
no interface ethernet 0 address-serve netbios name-server enable
show interface ethernet 0 address-serve netbios name-server enable
These commands allow you to set or show the IP address of the NetBIOS name server.
If the keyword secondary is specified and there is no primar y WINS ser ver the command will be rejected as
CLI_NO_CFG_SUPPORT_ERR, with the error message "; error 2: not supported with current configuration“.
Motorola Netopia® Router CLI Commands 2-43
Generic WAN Interface configuration commands
Note: For possible values of intf-type, refer to “Interface Naming Conventions” on page 1-3. Generic WAN
Interface Commands may be applied to any router WAN interface by specifying the intf-typewan together with
the appropriate interface id. Alternatively, you can specify the more specific intf-type if you choose.
Generic WAN Interface Configuration Commands
interface intf-typeid dle { hdlc | ppp [{vcmux | vcmultiplexed | llcsnap}] |
rfc1483 [{ bridged | routed }] | r fc1490 }
show interface intf-typeid dle
show interface intf-type id statistics
show interface intf-type id stats
show interface wan id status
interface wan 0 tracking { yes | no }
Restricted WAN Interface Configuration Commands
interface { adsl | ethernet | isdn | sdsl } id pppoe enable { yes | no }
no interface { adsl | ethernet | isdn | sdsl } id pppoe enable
show interface { adsl | ethernet | isdn | sdsl } id pppoe enable
interface { adsl | sdsl } idpvc { id | tag } { yes | no }
interface { adsl | sdsl } id pvc { id | tag } pcr num
show interface { adsl | sdsl } id pvc { id | tag } pcr
interface intf-typeid dle { hdlc | ppp [{vcmux | vcmultiplexed | llcsnap}] |
rfc1483 [{ bridged | routed }] | r fc1490 }
show interface intf-typeid dle
These commands allow you to set or show the global data link encapsulation type of the interface specified by
intf-type id. At this time you can generally think of the data link encapsulation of interface 1 as the global data
link encapsulation of the router itself.
Note: atmfuni is accepted as a synonym for rfc1483 and frame-relay is accepted as a synonym for rfc1490.
For ppp, the default mode is vcmux. For rfc1483, the default mode for frame-based SDSL (R7100) inter faces
is bridged, while the default mode for cell-based SDSL (R7200) interfaces is routed.
Example:
interface wan 1 dle frame-relay
2-44 Command Line Interface Commands Reference
show interface intf-type id statistics
show interface intf-type id stats
These commands allow you to display statistics for the specified interface, including receive frames, octets,
and errors, and transmit frames, octets, and errors. For switched ISDN interfaces, the statistics are broken
down by channel.
showinterfacewanidstatus
Note: This command is supported beginning with firmware version 8.5.
This command allows you to view the general status of the WAN. It displays:
■Interface type
■MAC address
■IP Address
■Status (Down, Activating, or Connected)
interfacewan0tracking { yes | no }
For D-Series CSU/DSU equipment, this command allows you to track or not track the primary interface speed.
Specifying yes means the primary interface (AUX) speed will be tracked, which is the default. Changing this to
no currently means that we will be running at 1.5 MHz.
Restricted WAN Interface configuration commands
interface { adsl | ethernet | isdn | sdsl } id pppoe enable { yes | no }
no interface { adsl | ethernet | isdn | sdsl } id pppoe enable
show interface { adsl | ethernet | isdn | sdsl } id pppoe enable
These commands allow you enable, disable, or show the PPP over Ethernet behavior of the specified interface.
interface { adsl | sdsl } idpvc { id | tag } { yes | no }
This command allows you to enable or disable a Permanent Virtual Circuit (PVC) on the specified ADSL or SDSL
interface.
interface { adsl | sdsl } id pvc { id | tag } pcr num
show interface { adsl | sdsl } id pvc { id | tag } pcr
These commands allow you to assign or show a Peak Cell Rate value (PCR) on a specified Permanent Virtual
Circuit (PVC) on an ADSL or SDSL interface.
®
Motorola Netopia
and Constant Bit Rate (CBR). You can configure these classes of service on a per VC basis. The default ATM
class of service is UBR for data. The ATM class of service is not configurable for voice virtual circuits.
routers support two ATM classes of service for data connections: Unspecified Bit Rate (UBR)
Motorola Netopia® Router CLI Commands 2-45
UBR VC: No configuration is needed for UBR VCs.
CBR VC: One parameter is required for CBR VCs, the Peak Cell Rate pcr that applies to the VC. This value
should be between 1 and the line rate. You set this value according to specifications defined by your service
provider.
ISDN WAN Interface configuration commands
ISDN WAN Interface Configuration Commands
Generic ISDN
interface isdn id line type { switched | leased | idsl-ascend | idsl-cmn }
show interface isdn id line type
show interface isdn id status [ b1 | b2 ]
Permanent ISDN (IDSL) only
interface isdn id imux mode { mlppp | dml }
show interface isdn id imux mode
interface isdn id speed { b1 | b2 | 2b | 2b+d }
show interface isdn id speed
Switched ISDN only
interface isdn id switch
japanntt | uk-euro }
interface isdn id dn { 1 | 2 } string
no interface isdn id dn { 1 | 2 }
show interface isdn id dn { 1 | 2 }
interface isdn id spid { 1 | 2 } string
no interface isdn id spid { 1 | 2 }
show interface isdn id spid { 1 | 2 }
interface isdn id imux mode { mlppp | dml }
show interface isdn id imux mode
These commands allow you set or show the ISDN interface IMUX bonding mode: Multilink PPP or DML (for
Copper Mountain Networks central office equipment).
interface isdn id line type { switched | leased | idsl-ascend | idsl-cmn }
show interface isdn id line type
These commands allow you set or show the ISDN interface mode: switched, leased, idsl-ascend (IDSL for
Lucent/Ascend Communications central office equipment), or idsl-cmn (IDSL for Copper Mountain Networks
central office equipment).
Example:
interface isdn 1 mode leased
show interface isdnidstatus [ b1 | b2 ]
This command allows you display the status of the specified ISDN/IDSL interface. For a switched ISDN
interface, you may specify the optional keyword b1 or b2, in which case the status of the specified B-channel is
displayed rather than the status of the interface itself.
For a leased ISDN/IDSL interface, the possible status strings and their meanings are:
Status StringMeaning
InactiveThe interface is not yet active.
Waiting for rate negotiationThe interface is in the process of sensing the data rate
configured for the IDSL line at the central office. This status
applies only to an interface set to idsl-cmn mode, in which the
router can sense the data rate automatically.
Backup recovery in progressThe interface is in the process of recovering back to the
primary interface from a backup interface after a failure.
Connected at xxx KbpsThe interface is connected to the DSLAM or other end device at
the specified data rate. (xxx will be one of 64, 128, or 144.)
For a switched ISDN interface, the possible status strings and their meanings are:
Status StringMeaning
InactiveThe interface is not yet active.
ActiveThe interface is active, and this is an interface that does not
require SPIDs.
Active, n of m SPIDs
registered
The interface is active, and this is an interface that requires
SPIDs. n indicates the number of SPIDs that have been
successfully registered so far, and m indicates the total
number of SPIDs to be registered. If n is less than m, the
device is still in the process of registering some of the SPIDs.
Motorola Netopia® Router CLI Commands 2-47
Status StringMeaning
Active, n of m SPIDs
registered (p failed)
The interface is active, and this is an interface that requires
SPIDs. n indicates the number of SPIDs that have been
successfully registered so far, m indicates the total number of
SPIDs to be registered, and p indicates the number of SPIDs
that failed registration. If the sum of n and p is less than m, the
device is still in the process of registering some of the SPIDs.
For one of the B-channels of a switched ISDN interface, the possible status strings and their meanings are:
Status StringMeaning
InactiveThe associated interface is not yet active.
IdleThe channel is not currently in use.
Speech CallThe channel is in use by a speech call.
64 Kbps Data CallThe channel is in use for a 64 Kbps data call.
56 Kbps Data CallThe channel is in use for a 56 Kbps data call.
3.1 Khz CallThe channel is in use for a 3.1 Khz call.
Example:
#show interface isdn 1 status
Connected at 144 Kbps
interface isdn id speed { b1 | b2 | 2b | 2b+d }
show interface isdn id speed
These commands, which apply only to permanent ISDN (i.e., IDSL), allow you to set or show the data rate (and
B Channel usage) of the ISDN line. b1 means use Channel B1 at 64 Kbps, b2 means use Channel B2 at 64
Kbps, 2b means use both Channels B1 and B2 at 128 Kbps, and 2b+d means use all three channels at 144
Kbps.
This command allows you to change the ISDN switch type. This command applies only to switched ISDN. The
only currently suppor ted id is 1, which identifies the ISDN inter face in the WAN 1 slot of the Motorola Netopia
®
router. The WAN 2 slot (id 2) cannot be populated with an ISDN wanlet at this time, and the Motherboard (id 0)
is incapable of supporting ISDN internally.
Under many circumstances it is unnecessary to explicitly set the switch type, particularly in Europe. This is
because for “S/T” ISDN routers the default switch type is euroisdn, and for “U” ISDN routers the default switch
type is ni1.
2-48 Command Line Interface Commands Reference
auto is appropriate only in the United States and allows the router to auto-determine the switch type, SPIDs,
and directory numbers (DNs).
uk-euro sets the switch type to Euro-ISDN, and as a side effect sets the console’s clock time display type to 24
hour (i.e., “17:45” instead of “5:45 PM”).
Example:
The command to set the switch type of the wanlet for the correct value in Japan is:
interface isdn 1 switch japanntt
interface isdn id dn { 1 | 2 } string
no interface isdn id dn { 1 | 2 }
show interface isdn id dn { 1 | 2 }
These commands allow you to set, change, delete, or show the directory numbers associated with the specified
ISDN interface. These commands apply only to switched ISDN. The only currently suppor ted id is 1. The string
parameter can contain up to 32 characters. Non-dialable characters are allowed (and are ignored).
Example:
interface isdn 1 dn 1234567
interface isdn id spid { 1 | 2 } string
no interface isdn id spid { 1 | 2 }
show interface isdn id spid { 1 | 2 }
These commands allow you to set, change, delete, or show the SPIDs associated with the specified ISDN
interface. These commands apply only to switched ISDN. The only currently suppor ted id is 1. The string
parameter can contain up to 23 characters. Illegal characters are allowed (for instance, for formatting) and are
ignored by the interface.
ADSL WAN Interface configuration commands
ADSL WAN Interface Configuration Commands
interface adsl id pvc vpi-valuevci-value
show interface adsl id pvc
show interface adsl id status
show interface adsl id statistics
interface adsl id signaling-mode { fdm | echo-cancellation }
show interface adsl id signaling-mode
interface adsl id trellis-coding { yes | no }
show interface adsl id trellis-coding
no interface adsl id trellis-coding
interface adsl id pvc vpi-valuevci-value
show interface adsl id pvc
Motorola Netopia® Router CLI Commands 2-49
These commands allow you to set, change, or show the PVC VPI and VCI values associated with the ADSL WAN
interface.
show interface adslidstatus
This command allows you to display the status of the specified ADSL interface. For an ADSL interface, the
possible status strings and their meanings are:
Status StringMeaning
Connected at xxx rx / yyy tx KbpsThe interface is connected to the DSLAM at the specified
speeds, where xxx is the downstream (receive) speed and yyy
is the upstream (transmit) speed, each in Kbps.
Activation BackoffThe ADSL interface is between connection attempts.
DownThe ADSL interface is not yet initialized.
No signal from DSLAMThe ADSL interface is not detecting a signal from a DSLAM.
show interface adslidstatistics
Note: This command is supported beginning with firmware version 8.5.
2-50 Command Line Interface Commands Reference
This command allows you to display statistics for the specified ADSL interface:
Receive framesReceive octets
Receive errorsTransmit frames
Transmit octetsTransmit errors
interface adsl id signaling-mode { fdm | echo-cancellation }
show interface adsl id signaling-mode
These commands allow you to set or show the signalling mode on an ADSL interface. fdm = Frequency Division
Multiplexing.
interface adsl id trellis-coding { yes | no }
show interface adsl id trellis-coding
no interface adsl id trellis-coding
These commands allow you to set, show, or disable trellis encoding on the specified ADSL interface.
Motorola Netopia® Router CLI Commands 2-51
SDSL WAN Interface configuration commands
SDSL WAN Interface Configuration Commands
interface sdsl id clock source { internal | network }
show interface sdsl id clock source
interface sdsl id clock rate rate-specification
show interface sdsl id clock rate
interface sdsl id operation mode { generic | lucent | nokia-eoc-fast | nokia-fixed | paradyne |
nortel | newbridge } [ default ]
show interface sdsl id operation mode
interface sdsl id pvc vpi-value vci-value
show interface sdsl id pvc
interface sdsl id region { annexa | annexb }
show interface sdsl id region
interface { sdsl | isdn } id rfc1973 dlci { 16 .. 991 }
show interface { sdsl | isdn } id rfc1973 dlci
interface { sdsl | isdn } idrfc1973 enable { yes | no }
no interface ethernet { sdsl | isdn } id rfc1973 enable
show interface { sdsl | isdn } idrfc1973 enable
interface { sdsl | isdn } id rfc1973 lmi { none | lmi | ccitt | ansi | annexa | annexd }
no interface { sdsl | isdn } id rfc1973 lmi
show interface { sdsl | isdn } id rfc1973 lmi
show interface sdsl id status
interface sdsl id clock source { internal | network }
show interface sdsl id clock source
These commands allow you to set, change, or show the clock source associated with the SDSL WAN interface.
Note: These commands apply only to frame-based SDSL (R7100) interfaces.
2-52 Command Line Interface Commands Reference
interface sdsl id clock rate rate-specification
show interface sdsl id clock rate
These commands allow you to set, change, or show the data rate associated with the SDSL WAN interface.
Note: The permissible values for rate-specification depend on the type of SDSL WAN interface. For
frame-based SDSL (R7100) interfaces, rate-specification may be replaced with:
{ 160 | 208 | 320 | 416 | 784 | 1040 | 1568 }
For cell-based SDSL (R7200) interfaces, rate-specification may be replaced with:
{ 144...2320 } [{ hunt | locked }]
See the table on the next page for possible rate specifications.
Also, data rate is accepted as a synonym for clock rate.
Motorola Netopia® Router CLI Commands 2-53
interface sdsl id operation mode { generic | lucent | nokia-eoc-fast | nokia-fixed | paradyne | nortel |
newbridge } [ default ]
show interface sdsl id operation mode
Note: These commands apply only to ATM-based SDSL interfaces.
If the optional default token is included in the command, various WAN interface parameters will be set to
appropriate default values, given the particular mode setting. The parameters and their values are enumerated
in the table below. In addition, the data rates accepted by the interface sdsl id data rate command depend on
what the operation mode is, and correspond to the values available from the Data Rate pop-up menu on the
SDSL Line Configuration screen in the menu console. These acceptable data rates are enumerated below as
well.
Note that setting the mode value to generic will not change any other WAN interface module parameter; thus,
the following command:
interface sdsl 1 operation mode generic default
will be rejected as a syntax error.
interface sdsl id pvc vpi-value vci-value
show interface sdsl id pvc
These commands allow you to set, change, or show the PVC VPI and VCI values associated with the SDSL WAN
interface.
interface sdsl id region { annexa | annexb }
show interface sdsl id region
These commands allow you to specify or show the region setting for devices that support multiple (North American/non-North American) regions.
Note: These commands apply only to cell-based SDSL (R7200) interfaces.
interface { sdsl | isdn } id rfc1973 dlci { 16 .. 991 }
show interface { sdsl | isdn } id rfc1973 dlci
These commands allow you to set or show an RFC 1973 DLCI for the SDSL or ISDN WAN interface.
Note that the only WAN interface modules that currently support RFC 1973 are the U/ISDN (31xx) and Copper
Mountain SDSL (71xx). Attempts to set or show RFC 1973 parameters on any other WAN interface module will
return an error.
interface { sdsl | isdn } id rfc1973 enable { yes | no }
no interface { sdsl | isdn } id rfc1973 enable
show interface { sdsl | isdn } id rfc1973 enable
These commands allow you to enable, disable, or show RFC 1973 (PPP) behavior on the SDSL or ISDN WAN
interface.
interface { sdsl | isdn } id rfc1973 lmi { none | lmi | ccitt | ansi | annexa | annexd }
no interface { sdsl | isdn } id rfc1973 lmi
show interface { sdsl | isdn } id rfc1973 lmi
These commands allow you to specify, disable, or show the RFC 1973 (PPP) Local Management Interface (LMI)
type on the SDSL or ISDN WAN interface.
The keywords ccitt and annexa are synonyms, as are the keywords ansi and annexd.
Motorola Netopia® Router CLI Commands 2-55
show interface sdslidstatus
This command allows you to display the status of the specified SDSL interface. For a cell-based SDSL (R7200)
interface, the possible status strings and their meanings are:
Status StringMeaning
Connected at xxx KbpsThe interface is connected to the DSLAM at the specified
speed.
Trying xxx KbpsThe SDSL interface is attempting to connect to the DSLAM at
the specified speed.
Activation BackoffThe SDSL interface is between connection attempts.
DownThe SDSL interface is not yet initialized.
No signal from DSLAMThe SDSL interface is not detecting a signal from a DSLAM.
Priority Queuing (TOS bit) Commands
Priority Queuing Configuration Commands
interface { adsl | sdsl | t1 | serial } id priority-queuing enable { yes | no }
no interface { adsl | sdsl | t1 | serial } id priority-queuing enable
show interface { adsl | sdsl | t1 | serial } id priority-queuing enable
interface { adsl | sdsl | t1 | serial } id priority-queuing enable { yes | no }
no interface { adsl | sdsl | t1 | serial } id priority-queuing enable
show interface { adsl | sdsl | t1 | serial } id priority-queuing enable
These commands allow you to enable, disable, or show the priority queuing (TOS) setting for the specified WAN
interface.
2-56 Command Line Interface Commands Reference
Differentiated Services (Diffserv) commands
Note: The commands in this section are supported beginning with Firmware Version 8.4.2.
Diffserv Configuration Commands
diffserv enable [ yes | no ]
diffserv ratio [ 79 - 100 ]
diffserv rule id name string
diffserv rule id protocol [ tcp | udp | icmp | other ]
diffserv rule id priority [ off | assure | expedite | reserve ]
diffserv rule id direction [ outbound | inbound | both ]
diffserv rule id start-por t [ 0 - 49151 ]
diffserv rule id end-port [ 0 - 49151 ]
diffserv rule id inside-ip x.x.x.x
diffserv rule id outside-ip y.y. y.y
diffserv enable [ yes | no ]
This command allows you to enable or disable Differentiated Services (diffserv) for controlling Quality of
Service (QoS) queue priority.
diffservratio [ 79 - 100 ]
This command allows you to set the low-high ratio to regulate the level of packets allowed to be pending in the
low priority queue.
diffservruleidnamestring
This command allows you to create a custom rule specified by id with the name string. If your applications do
not provide Quality of Service (QoS) control, rules allow you to define streams for some protocols, port ranges,
and between specific end point addresses.
diffservruleidprotocol [ tcp | udp | icmp | other ]
This command allows you to specify the protocol for the rule id: tcp, udp, icmp, or other. other is appropriate
for rules on protocols with non-standard port definitions. IPSEC and PPTP are common examples. If you specify
other protocol, you must provide its actual protocol number, with a range of 0 – 255.
Motorola Netopia® Router CLI Commands 2-57
diffservruleidpriority [ off | assure | expedite ]
This command allows you to specify the priority for the rule id: off, assure, or expedite. This is the Quality of
Service setting for the rule, based on the TOS bit information. The following table outlines the TOS bit settings
and behavior:
QoS SettingTOS Bit ValueBehavior
offTOS=000This custom rule is disabled. You can activate it by selecting one of
the two settings below. This setting allows you to pre-define flows
without actually activating them.
assureTOS=001Use normal queuing and throughput rules, but do not drop packets
if possible. Appropriate for applications with no guaranteed delivery
mechanism.
expediteTOS=101Use minimum delay. Appropriate for VoIP and video applications.
diffservruleiddirection [ outbound | inbound | both ]
This command allows you to specify the direction of the flow: outbound, inbound, or both. For TCP or UDP
protocols, you can optionally specify a range of ports.
diffservruleidstart-por t [ 0 - 49151 ]
This command allows you to specify the starting port in the range for the rule id for TCP or UDP protocols.
diffservruleidend-port [ 0 - 49151 ]
This command allows you to specify the ending port in the range for the rule id for TCP or UDP protocols.
diffservruleidinside-ipx.x.x.x
This command allows you to specify the inside IP address for the rule id. For outbound flows, specify an IP
address on your LAN. For inbound flows, this setting is ignored.
diffservruleidoutside-ipy.y. y.y
This command allows you to specify the outside IP address for the rule id. If you want traffic destined for and
originating from a certain WAN IP address to be controlled, enter the IP address here. If you specify all-zeroes,
the outside address check is ignored.
For outbound flows, the outside address is the destination IP address for traffic; for inbound packets, the
outside address is the source IP address.
2-58 Command Line Interface Commands Reference
PVCs
Note: The commands in this section are supported beginning with firmware release 8.3.1.
PVC Configuration Commands
interface { adsl | sdsl } id pvc { id | tag }
no interface { adsl | sdsl } id pvc { id | tag }
show interface { adsl | sdsl } id pvc { id | tag }
interface { adsl | sdsl } id pvc { id | tag } tag tag
show interface { adsl | sdsl } id pvc { id | tag } tag
interface { adsl | sdsl } id pvc { id | tag } enable { yes | no }
no interface { adsl | sdsl } id pvc { id | tag } enable
show interface { adsl | sdsl } id pvc { id | tag } enable
interface adsl id pvc { id | tag } qos { ubr | cbr | vbr }
show interface adsl id pvc { id | tag } qos
interface { adsl | sdsl } id pvc { id | tag } vpi vpi-val
show interface { adsl | sdsl } id pvc { id | tag } vpi
interface { adsl | sdsl } id pvc { id | tag } vci vci-val
show interface { adsl | sdsl } id pvc { id | tag } vci
interface { adsl | sdsl } id pvc { id | tag } cp { profile-id | profile-tag | default }
show interface { adsl | sdsl } id pvc { id | tag } cp
interface { adsl | sdsl } id pvc { id | tag }
no interface { adsl | sdsl } id pvc { id | tag }
show interface { adsl | sdsl } id pvc { id | tag }
These commands allow you to set, disable, or show a permanent virtual circuit. You can specify an optional
circuit tag of up to 14 ASCII characters. The tag is used only to identify the circuit for management purposes,
and has no significance on the wire; it is merely a convenience to aid in selecting circuits from lists. The default
circuit name is “Circuit <n>”, where <n> is replaced with a single decimal ASCII digit (between one and eight)
corresponding to the circuit’s position in the list of up to eight circuits.
tag
interface { adsl | sdsl } id pvc { id | tag } tag tag
show interface { adsl | sdsl } id pvc { id | tag } tag
These commands allow you to set or show a permanent virtual circuit identified by tag.
Motorola Netopia® Router CLI Commands 2-59
enable
interface { adsl | sdsl } id pvc { id | tag } enable { yes | no }
no interface { adsl | sdsl } id pvc { id | tag } enable
show interface { adsl | sdsl } id pvc { id | tag } enable
These commands allow you to enable, disable, or show a permanent virtual circuit.
interface adsl id pvc { id | tag } qos { ubr | cbr | vbr }
show interface adsl id pvc { id | tag } qos
Note: These commands are supported beginning with Firmware Version 8.2.
These commands allow you to specify or show the Quality of Service (QoS) type – Unspecified Bit Rate (ubr) or
Constant Bit rate (cbr) – for the specified PVC. Beginning with Firmware Version 8.3.3, the vbr argument is also
supported.
Variable Bit Rate (vbr) is characterized by:
• a pcr (Peak Cell Rate) value, which is a temporary burst, not a sustained rate, and
• an scr (Sustained Cell Rate) value, and
• an mbs (Maximum Burst Size/Burst Tolerance) value. mbs is the maximum number of cells that can be
transmitted at the peak cell rate and should be less than, or equal to the Peak Cell Rate, which should be less
than, or equal to the line rate.
VBR has two sub-classes:
a. VBR non-real-time (VBR-nrt): Typical applications are non-real-time traffic, such as IP data traffic. This class
yields a fair amount of Cell Delay Variation (CDV).
b. VBR real time (VBR-rt): Typical applications are real-time traffic, such as compressed voice over IP and video
conferencing. This class transmits cells with a more tightly bounded Cell Delay Variation. The applications follow
CBR.
vpi and vci
interface { adsl | sdsl } id pvc { id | tag } vpi vpi-val
show interface { adsl | sdsl } id pvc { id | tag } vpi
These commands allow you to set or show the Virtual Path Identifier value vpi for a permanent virtual circuit.
interface { adsl | sdsl } id pvc { id | tag } vci vci-val
show interface { adsl | sdsl } id pvc { id | tag } vci
These commands allow you to set or show the Virtual Channel Identifier value vci for a permanent virtual
circuit.
The vpi and vci allow you to configure the Virtual Path Identifier and Virtual Channel Identifier which together
identify the ATM permanent virtual circuit used between the router and the remote device. The values
configured for these items must match those configured in the remote device for data to flow between the
devices. The vpi may be set to any value between zero (0) and 255.
2-60 Command Line Interface Commands Reference
profile
interface { adsl | sdsl } id pvc { id | tag } cp { profile-id | profile-tag | default }
show interface { adsl | sdsl } id pvc { id | tag } cp
These commands allow you to set or show the connection profile assigned to the specified PVC.
Note: default means that the router will use the first appropriate connection profile or the Default Profile if an
appropriate connection profile is not found.
Motorola Netopia® Router CLI Commands 2-61
DSL Line Type Interface Configuration Commands
DSL Line Type Interface Configuration Commands
interface dsl id line type { g.shdsl | sdsl-atm | sdsl-hdlc | idsl-cmn | idsl-leased | idsl }
show interface dsl id line type
interface dsl id line type { g.shdsl | sdsl-atm | sdsl-hdlc | idsl-cmn | idsl-leased | idsl }
show interface dsl id line type
These commands allow you to set or show the line type for the specified DSL interface.
2-62 Command Line Interface Commands Reference
T1 WAN Interface configuration commands
T1 WAN Interface Configuration Commands
interface t1 id buildout { auto | 0-0.6 | 7.5 | 15.0 | 22.5 }
show interface t1 id buildout
These commands set or display which DS0 channels are utilized on the specified T1 WAN interface, and the
rate of those DS0 channels. The count clause is always required. The start clause is required unless the
count clause specifies 24 channels, in which case if the start clause is not present, the star ting channel
number is assumed to be channel 1. If neither the alternating nor the contiguous keyword is specified, the
contiguous keyword is assumed unless the line encoding is AMI and the count clause specifies two or more
channels, in which case the alternating keyword is assumed. The rate clause is always optional. If the rate
clause is not present, the value Nx64k is assumed, unless the line encoding is AMI, the count clause specifies
two or more channels, and the contiguous keyword is specified, in which case the value Nx56k is assumed.
interface t1 id clock source { internal | network }
show interface t1 id clock source
These commands set or display the clock source for the specified T1 WAN interface.
interface t1 id dle { ppp | hdlc | rfc1490 }
show interface t1 id dle
These commands set or display the data link encapsulation (DLE) for the specified T1 WAN interface.
Note: frame-relay is accepted as a synonym for rfc1490.
interface t1 id ds0-autodetect { yes | no }
show interface t1 id ds0-autodetect
no interface t1 id ds0-autodetect
These commands allow you to set, show, or disable DS0 channel auto-detection on the specified T1 interface.
2-64 Command Line Interface Commands Reference
interface t1 id framing { d4 | esf }
show interface t1 id framing
These commands set or display the framing mode for the specified T1 WAN interface.
interface t1 id encoding { ami | b8zs }
show interface t1 id encoding
These commands set or display the line encoding for the specified T1 WAN interface.
Note: If this command changes the line encoding from b8zs to ami and there are two or more contiguous
Nx64k channels in use, the channel data rate will be changed to Nx56k.
interface t1 id operation line type { normal | copper-mountain }
show interface t1 id operation line type
These commands set or display the operation mode for the specified T1 WAN interface. The keyword
copper-mountain should be specified when connected to a Copper Mountain DSLAM T1 line card; the keyword
normal should be specified in all other situations.
interface t1 id prm-enable { yes | no }
show interface t1 id prm-enable
no interface t1 id prm-enable
These commands set or display whether or not ANSI PRMs are sent on the specified T1 WAN interface.
interface t1 id rfc1973 enable { yes | no }
show interface t1 id rfc1973 enable
no interface t1 id rfc1973 enable
These commands set or display whether or not PPP in Frame Relay (RFC1973) is enabled on the specified T1
WAN interface.
interface t1 id rfc1973 dlci { 16..991 }
show interface t1 id rfc1973 dlci
These commands set or display the DLCI used for PPP in Frame Relay (RFC1973) on the specified T1 WAN
interface.
interface t1 id rfc1973 lmi { annexa | annexd | ansi | ccitt | lmi | none }
show interface t1 id rfc1973 lmi
no interface t1 id rfc1973 lmi
These commands set or display the Local Management Interface (LMI) type for PPP in Frame Relay (RFC1973)
on the specified T1 WAN interface.
Motorola Netopia® Router CLI Commands 2-65
T1 Statistic and Diagnostic commands
T1 Statistic and Diagnostic Commands
show interface t1 id errors { current | interval 1..96 | total }
interface t1 id diagnostic mode { local loopback | normal | remote loopback |
send { all ones | blue alarm | loopback } }
show interface t1 id diagnostic mode
show interface t1 id line status
show interface t1 id loopback mode
show interface t1 id loopback status
show interface t1 id errors { current | interval 1..96 | total }
This command displays the error statistics for the specified T1 WAN interface for a particular 15-minute interval
during the previous 24-hour period, or the total for the past 24 hours. Specifying the keyword current displays
the error statistics for the current 15-minute interval. Specifying the keyword interval followed by an integer
between 1 and 96 displays the error statistics for a prior 15-minute inter val. Inter val 1 is the most recently
completed 15-minute interval, while interval 96 is the interval completed 23 hours and 45 minutes prior to
interval 1. Specifying the keyword total displays the total error statistics for the last 24 hours.
#show interface t1 1 errors total
24 hours ending 16:32:44
Errored Seconds 001
Unavailable Seconds 000
Severely Errored Seconds 001
Bursty Errored Seconds 001
Loss of Frame Count 000
2-66 Command Line Interface Commands Reference
Bipolar Violation Count 001
#show interface t1 1 errors current
Current Interval elapsed time 02:45
Errored Seconds 002
Unavailable Seconds 000
Severely Errored Seconds 001
Bursty Errored Seconds 001
Loss of Frame Count 000
Bipolar Violation Count 000
interface t1 id diagnostic mode { local loopback | normal | remote loopback |
send { all ones | blue alarm | loopback } }
show interface t1 id diagnostic mode
This command sets or displays the diagnostic mode for the specified T1 interface. Specifying local loopback
puts the near end in local payload loopback mode. Specifying remote loopback instructs the far end to put
itself in payload loopback mode. Specifying send all ones or send blue alarm (which are synonyms) causes the
near end to start sending an all-ones pattern, which puts the far end in the red alarm state, causing it to send
back a yellow alarm. Specifying send loopback causes the near end to begin sending loopback packets.
Specifying normal cancels the effect of any previous diagnostic mode command.
After issuing the diagnostic mode send loopback command, the loopback progress can be monitored by
issuing the loopback status command (see below).
Motorola Netopia® Router CLI Commands 2-67
showinterfacet1idlinestatus
This command displays the line status on the specified T1 interface. This will display one of the following
strings:
Red Alarm
Yellow Alarm
Blue Alarm
Normal Operation
showinterfacet1idloopbackmode
This command displays the loopback mode of the specified T1 interface. This will display one of the following
strings:
Layer 1 Activation Not Present
Local Payload Loopback Enabled
Remote Line Loopback Enabled
Remote Payload Loopback Enabled
Clear - No Loopback Enabled
showinterfacet1idloopbackstatus
This command displays the progress of the loopback test on the specified T1 interface. This will display one of
the following strings:
Loopback Not Active
PASS (xxxxx good, yyyyy bad packets)
FAIL (xxxxx good, yyyyy bad packets)
Examples:
#show interface t1 1 loopback status
Loopback Not Active
#interface t1 1 diagnostic mode send loopback
#show interface t1 1 loopback status
PASS (00255 good, 00000 bad packets)
#show interface t1 1 loopback status
FAIL (00000 good, 00256 bad packets)
2-68 Command Line Interface Commands Reference
Unprotected Services Configuration Commands
Note: These commands are supported beginning with Firmware Version 8.7.4.
When using an IPSec force-all tunnel, Unprotected Services supports router-generated packets with a source IP
address outside the local member range. It works by applying a source address to an internally-generated
router service, and specifies whether the service should not be routed by default over the force-all IPSec tunnel.
This permits supporting multiple authentication profles with multiple tunnels, as well as supporting
authentication profiles that point to a RADIUS server on the LAN interface. Other applications such as
TACACS+, SNMP, syslog, NTP and heartbeat are not forced over the tunnel.
Unprotected Services Configuration Commands
service interface [ ip_address | cp | ethernet ] [ number ]
show service interface [ cp | ethernet ] [ number ]
no service interface
service unprotected [ yes | no ]
show service unprotected
no service unprotected
service interface [ ip_address | cp | ethernet ] [ number ]
show service interface [ cp | ethernet ] [ number ]
no service interface
These commands allow you to specify, show, or disable the application of a source address to an internally
generated router service, such that the service should not be routed by default over a force-all IPSec tunnel.
Applicable internally-generated router ser vices are: RADIUS, TACACS+, SNMP, syslog, NTP and hear tbeat.
■interface specifies from where the traffic is to be sourced.
■For cp or ethernet, the router will look up its interface address, reducing the chance of error.
■If you enter an ip_address that is not a local interface address, the service may either fail to function or the
router will override the invalid address. It will then use the inter face with a route to the server for the
service.
If no is used with the commands, the value goes back to the default 0.0.0.0 and no.
Note: Only primary Ethernet interfaces are supported; ALANs are not suppor ted.
service unprotected [ yes | no ]
show service unprotected
no service unprotected
These commands allow you to specify, show, or disable whether or not a ser vice is "unprotected."
unprotected indicates whether traffic will be sent over a force-all IPSec tunnel or not. All services default to
unprotected no, meaning that they will be routed over the IPSec tunnel, unless set to yes.
The no default enhances security since it requires user intervention to prevent the service from being routed
over the IPSec tunnel.
If no is used with the commands, the value goes back to the default 0.0.0.0 and no.
Examples:
■RADIUS, TACACS+
The remote-server configuration controls the settings for both TACACS+ and RADIUS servers.
remote-server interface 0.0.0.0
remote-server unprotected no
■SNMP
By default, SNMP services use the primary WAN interface, thus no interface selection is required.
■syslog
system syslog interface 0.0.0.0
system syslog unprotected no
■NTP
ip ntp interface 0.0.0.0
ip ntp unprotected no
■heartbeat
heartbeat uses the primary WAN interface, thus no inter face selection is required.
heartbeat unprotected no
If the service fails, a message will be added to the event log. This message has the format;
[service] failed. Could not open socket
2-70 Command Line Interface Commands Reference
IGMP Configuration Commands
Note: These commands are supported beginning with Firmware Version 8.5.1. IGMP Version 3 is supported
beginning with Firmware Version 8.7.
IGMP Configuration Commands
igmp version ( v1 | v2 | v3 )
show igmp version
igmp snooping [ yes | no ]
no igmp snooping
show igmp snooping
igmp robustness value
no igmp robustness
show igmp robustness
igmp query-intvl value
no query-intvl
show query-intvl
igmp query-response-intvl value
no query-response-intvl
show query-response-intvl
igmp last-member-query-intvl value
show igmp last-member-query-intvl
igmp last-member-query-count value
show igmp last-member-query-count
igmp fast-leave [ yes | no ]
no igmp fast-leave
show igmp fast-leave
show igmp group
igmp wireless-m2u [ on | off ]
igmp version ( v1 | v2 | v3 )
show igmp version
These commands allow you to set or show the querier's (LAN's) maximum IGMP version that will be used.
Motorola Netopia® Router CLI Commands 2-71
Beginning with Firmware version 8.7, v3 is the default.
igmp snooping [ yes | no ]
no igmp snooping
show igmp snooping
These commands allow you to enable, disable, or show the status of the Motorola Netopia® Router’s ability to
“listen in” to IGMP traffic. IGMP “snooping” is a feature of Ethernet layer 2 switches that “listens in” on the
IGMP conversation between computers and multicast routers. Through this process, it builds a database of
where the multicast routers reside by noting IGMP general queries used in the querier selection process and by
listening to other router protocols.
From the host point of view, the snooping function listens at a port level for an IGMP repor t. The switch then
processes the IGMP report and starts forwarding the relevant multicast stream onto the host's port. When the
switch receives an IGMP leave message, it processes the leave message, and if appropriate stops the
multicast stream to that particular port. Basically, customer IGMP messages although processed by the switch
are also sent to the multicast routers.
igmp robustness value
no igmp robustness
show igmp robustness
These commands allow you to specify or show the Motorola Netopia® Router’s degree of sensitivity to lost
packets. IGMP can recover from robustness minus 1 lost IGMP packet. The default value is 2. The range is 2 –
255.
igmp query-intvl value
no query-intvl
show query-intvl
These commands allow you to specify or show the amount of time in seconds between IGMP General Query
messages sent by the querier router. The default query inter val is 125 seconds. The range is 10s – 600s.
igmp query-response-intvl value
no query-response-intvl
show query-response-intvl
These commands allow you to specify or show the maximum amount of time in tenths of a second that the
IGMP router waits to receive a response to a General Query message. The default quer y response inter val is 10
seconds and must be less than the query interval. The range is 5 deci-sec – 255 deci-sec; the default is 100
deci-sec.
igmp last-member-query-intvl value
show igmp last-member-query-intvl
These commands allow you to specify or show the amount of time in deci-seconds that the router waits to
receive a response to a Group-Specific Query message, when igmp-version is set to v2 or v3..
igmp last-member-query-count value
show igmp last-member-query-count
These commands allow you to specify or show the number of Group-Specific Query messages sent.
2-72 Command Line Interface Commands Reference
igmp fast-leave [ yes | no ]
no igmp fast-leave
show igmp fast-leave
These commands allow you to specify or show the status of the non-standard procedure fast-leave to decrease
the time to detect that a group has no more members.
show igmp groups
This command allows you to display the IGMP Snooping table.
igmpwireless-m2u [ on | off ]
Note: This command is supported beginning with Firmware Version 8.7.4.
This command allows you enable or disable wireless multicast-to-unicast if igmp snooping is set to yes.
The router replaces the multicast MAC-address with the physical MAC-address of the wireless client. If there is
more than one wireless client interested in the same multicast group, the router will revert to multicasting the
stream immediately. When one or more wireless clients leave a group, and the router determines that only a
single wireless client is interested in the stream, it will once again unicast the stream.
Global IP Configuration Commands
Global IP Configuration Commands
ip dns { 1 | 2 } ip-addr
no ip dns [ { 1 | 2 } [ip-addr] ]
show ip dns [ { 1 | 2 } ]
ip domain-name string
no ip domain-name [string]
show ip domain-name
ip gateway ip-addr
no ip gateway ip-addr
show ip gateway
backup gateway ip-addr
no backup gateway ip-addr
show backup gateway
Motorola Netopia® Router CLI Commands 2-73
ip ntp period value
no ip ntp period
show ip ntp period
ip ntp servers ip-addr1ip-addr2
no ip ntp servers
show ip ntp servers
ip ntp timezone value
no ip ntp timezone
show ip ntp timezone
ip route { ip-addr/mask-bits | ip-addr mask } gw-ip-addr [{ high | low }] [advertise [{no | distance}] [{enable | disable}]
no ip route { ip-addr/mask-bits | ip-addr mask } gw-ip-addr
show ip route [{ static | ip-addr | ip-addr/mask-bits | ip-addr mask }]
2-74 Command Line Interface Commands Reference
Global IP Configuration Commands (continued)
ip state-insp udp-timeout value
show ip state-insp udp-timeout
ip state-insp tcp-timeout value
show ip state-insp tcp-timeout
ip state-insp dos-detect value
show ip state-insp dos-detect
ip state-insp xposed-addr { [server-list-tagstart-ip-addrend-ip-addr] }
{ [protocolstart-portend-port] }
no ip state-insp xposed-addr { [server-list-tag] }
show ip state-insp xposed-addr abc
ip dns { 1 | 2 } ip-addr
no ip dns [ { 1 | 2 } [ip-addr] ]
show ip dns [ { 1 | 2 } ]
These commands allow you to set, change, delete, or show the router’s primary and secondary domain name
server addresses.
ip domain-name string
no ip domain-name [string]
show ip domain-name
These commands allow you to set, change, delete, or show the domain name of the router. string can be up to
64 characters in length and may contain only valid domain name characters (alpha-numeric characters, dot
("."), and dash ("-"). Note that email addresses contain the at symbol ‘@’ and are not valid domain names.
ip gateway ip-addr
no ip gateway ip-addr
show ip gateway
These commands allow you to set, change, delete, or show the router’s default gateway.
backup gateway ip-addr
no backup gateway ip-addr
show backup gateway
This command allows you to set, change, delete, or show the router’s default backup gateway.
Motorola Netopia® Router CLI Commands 2-75
ip ntp period value
no ip ntp period
show ip ntp period
Note: These commands are supported beginning with Firmware Version 8.3.3.
These commands allow you to set, disable, or display the setting of a Network Time Protocol (NTP) server’s NTP
Update Interval for the router. The value should be entered in HHHH:MM format.
ip ntp servers ip-addr1ip-addr2
no ip ntp servers
show ip ntp servers
Note: These commands are supported beginning with Firmware Version 8.3.3.
These commands allow you to set, disable, or display the Host Name or IP Address of a Network Time Protocol
(NTP) server you want to specify for the router. You can also specify an alternate NTP ser ver Host Name or IP
Address, separated by a space.
ip ntp timezone value
no ip ntp timezone
show ip ntp timezone
Note: These commands are supported beginning with Firmware Version 8.3.3.
These commands allow you to set, disable, or display your time zone. You can specify the time zone as + or Greenwich Mean Time (GMT), or as the standard abbreviation of your zone, if it has one.
For example: GMT -8:00 Pacific Standard Time can be entered as pst. The following table shows some standard
time settings.
GMT -10:00 Hawaii Standard TimeGMT +3:30 Tehran
GMT -9:00 Alaska Standard TimeGMT +4:00 Russia Zone 3
GMT -8:00 Pacific Standard TimeGMT +4:30 Kabul
GMT -7:00 Mountain Standard TimeGMT +5:00 Russia Zone 4
GMT -6:00 Central Standard TimeGMT +5:30 India
GMT -5:00 Eastern Standard TimeGMT +6:00 Russia Zone 5
GMT -4:00 Atlantic Standard TimeGMT +7:00 Russia Zone 6
GMT -3:30 NewfoundlandGMT +8:00 W. Australia Std.
Time
GMT -2:00 Mid-Atlantic TimeGMT +9:00 Japan Standard Time
GMT -1:00 Azores TimeGMT +9:30 Adelaide, Darwin
GMT +0:00 Greenwich Mean TimeGMT +10:00 E. Aust. Std. Time
2-76 Command Line Interface Commands Reference
GMT +1:00 Central Europe TimeGMT +11:00 Russia Zone 10
GMT +2:00 Eastern Europe TimeGMT +12:00 Russia Zone 11
no ip route { ip-addr/mask-bits | ip-addr mask } gw-ip-addr
show ip route [{ static | ip-addr | ip-addr/mask-bits | ip-addr mask }]
The ip route and no ip route commands allow you to add, change, or delete static routes. The show ip route
static form of the show ip route command displays the configured static routes (including invalid or disabled
ones), while the other forms of the show ip route command display the router's IP routing table (including any
installed (i.e., valid and enabled) static routes).
The destination network may be specified as an IP address and mask in either prefix or dotted-quad notation.
gw-ip-addr is the IP address of the next-hop router, and should be on one of the router's directly connected IP
subnets.
The keywords high and low control the priority of the static route relative to an identical route learned via RIP. A
static route with high priority (the default) takes precendence over an identical route learned via RIP, while an
identical route learned via RIP takes precedence over a static route with low priority.
The keyword advertise controls whether or not the router will advertise (redistribute) the static route via RIP.
The keyword advertise may be followed by a RIP metric (distance) between 1 (the default) and 15 inclusive.
If the show ip route command includes an optional IP address or IP address and mask, the route, if any, in the
IP routing table that pertains to the specified destination network, subnetwork, or host address is displayed.
Examples:
ip route 192.168.2.0/24 192.168.1.123 low advertise
no ip route 192.168.2.0 255.255.255.0 192.168.1.123
show ip route
show ip route static
Note: Beginning with Firmware Version 8.2, the ip route commands will no longer show or set static routes
that are default gateways. They will only operate on direct routes (IP address and mask are non-zero). The
default gateway routes are now meant to be handled with two commands: 1) ip gateway, which configures the
Primary Default Gateway, and 2) backup gateway, which configures the Backup Default gateway.
Motorola Netopia® Router CLI Commands 2-77
DHCP Gen-Options, Option Groups, and Option Filtersets Commands
DHCP Gen-Options commands
DHCP Gen-Options commands
ip dhcp gen-option tag option 1..255 [ data-type { ascii | hex | dotted-decimal } ] [ data data ]
ip dhcp gen-option tag data-type { ascii | hex | dotted-decimal }
ip dhcp gen-option tag data { data_of_the_correct_format_given_data-type }
ip dhcp gen-option tag priority { low | high }
show ip dhcp gen-option tag priority { low | high }
no ip dhcp gen-option tag
ip dhcp gen-option tag option 1..255 [ data-type { ascii | hex | dotted-decimal } ] [ data data ]
This command allows you to specify a DHCP generic option set specified by tag of one to 15 characters. You
can specify up to 20 gen-options. Each can contain up to 100 bytes of data, up to a maximum of 912 bytes of
options data total, although, in practical terms, the CLI’s 80-character limit will restrict it to fewer. An option
specified by a gen-option will be served only if the client requests it.
The following table shows the formats and sizes for known options, and whether or not you can configure a
gen-option of that type.
OptionData Format
0Empty0No
1IP mask4Yes
2Unsigned 4 byte integer4Yes
3 - 11IP address listMultiples of 4Yes
12 String (up to 100 characters)NYes
13Unsigned 2 byte integer2Yes
14 - 15String (up to 100 characters)NYes
16Unsigned 4 byte integer4Yes
17String (up to 100 characters)NYes
18String (up to 100 characters)NYes
19 - 20Flag1Yes
21IP address & mask listMultiples of 8Yes
22Unsigned 2 byte integer2Yes
Data Size
(bytes)
Can
Configure
2-78 Command Line Interface Commands Reference
OptionData Format
23Unsigned 1 byte integer1Yes
24Unsigned 4 byte integer4Yes
25Unsigned 2 byte integer listMultiples of 2Yes
26Unsigned 2 byte integer2Yes
27Flag1Yes
28 IP address4Yes
29 - 31Flag1Yes
32IP address4Yes
33IP address and mask listMultiples of 8Yes
34Flag1Yes
35Unsigned 4 byte integer4Yes
36Flag1Yes
37Unsigned 1 byte integer1Yes
38Unsigned 4 byte integer4Yes
39Flag1Yes
40String (up to 100 characters)NYes
41 - 42IP address listMultiples of 4Yes
43Vendor-specificStringYes
44 - 45IP address listMultiples of 4Yes
46Unsigned 1 byte integer1Yes
47String (up to 100 characters)NYes
48 - 49IP address listMultiples of 4Yes
50IP address4No
51Unsigned 4 byte integer4No
52Unsigned 1 byte integer1No
53Unsigned 1 byte integer1Yes
54IP address4Yes
55String (up to 100 characters)NNo
56String (up to 100 characters)NYes
57Unsigned 2 byte integer2Yes
58 - 59Unsigned 4 byte integer4No
60String (up to 100 characters)NYes
61String (up to 100 characters)NNo
62String (up to 100 characters)NYes
63ComplexNNo
64String (up to 100 characters)NYes
Data Size
(bytes)
Can
Configure
Motorola Netopia® Router CLI Commands 2-79
OptionData Format
65IP address listMultiples of 4Yes
66 - 67String (up to 100 characters)NYes
68 - 76IP address listMultiples of 4Yes
77Pascal string list (length byte + data)NYes
78 - 79ComplexNNo
80Empty0No
81ComplexNNo
82Sub-option listNYes
83ComplexNNo
84Undefined??Yes
85IP address listMultiples of 4Yes
86 - 87Unicode StringMultiples of 2Yes
88 Encoded DN listNYes
89IP address listMultiples of 4Yes
90ComplexNNo
91 - 97Undefined/Weakly defined??Yes
98String (up to 100 characters)NYes
99 - 115Undefined/Weakly defined??Yes
116Flag1Yes
117Unsigned 2 byte integer listMultiples of 2Yes
118IP address4Yes
119Encoded DN list 2NYes
120Encoded DN list or IPAddress listNYes
121 - 125ComplexNNo
126 - 127UndefinedNYes
128 IP address listMultiples of 4Yes
129 - 223Undefined/Weakly defined??Yes
224 - 254Private UseNYes
249 (note)Microsoft uses this instead of 121NYes
255Empty0No
Data Size
(bytes)
Can
Configure
ip dhcp gen-option tag data-type { ascii | hex | dotted-decimal }
This command allows you to specify the DHCP gen-option data type: ascii, hex or dotted-decimal.
This command allows you to specify the gen-option data.
■If the data-type is ascii, then any printable character
■If the data-type is hex, then an even number of hex characters (e.g. “0123456789AbcdEf”
■If the data-type is dotted-decimal, then a series of numbers between 0 and 255, separated by a period (.).
IP addresses are generally represented in this form.
ip dhcp gen-option tag priority { low | high }
show ip dhcp gen-option tag priority { low | high }
no ip dhcp gen-option tag
These commands allow you to set, display, or disable whether the default handling behavior for a particular
option should be overridden by the specified gen-option. For most options this is irrelevant, but at least the
following options are handled in the router outside the context of gen-options:
OPTION_SUBNETMASK1
OPTION_ROUTER3
OPTION_DNSSERVER6
OPTION_DOMAINNAME15
OPTION_BCASTADDR28
OPTION_ETHERNETENCAP36
OPTION_NTPSERVERS42
OPTION_NBNSNAMESERVERS44
OPTION_NBTCPNODETYPE46
OPTION_NBTCPSCOPE47
OPTION_LEASETIME51
OPTION_RENEWALTIME58
OPTION_REBINDINGTIME59
OPTION_VID_VENDOR_SPECIFIC (vendor identity)125
OPTION_TFTP_SERVER_ADDR150
Note: In most cases overriding the CPE default behavior is not recommended. Also, if the CPE can, but does
not, serve an option in the above list, corresponding low-priority gen-options will be used to ser ve it.
Motorola Netopia® Router CLI Commands 2-81
DHCP Option Groups commands
DHCP Option Groups commands
ip dhcp option-group tag [ gen-option gen_option_tag ]
show ip dhcp option-group tag
no ip dhcp option-group tag [ gen-option gen_option_tag ]
interface ethernet id address-serve dhcp default-option-group option_group_tag
show interface ethernet id address-serve dhcp default-option-group
no interface ethernet id address-serve dhcp default-option-group
ip dhcp option-group tag [ gen-option gen_option_tag ]
show ip dhcp option-group tag
no ip dhcp option-group tag [ gen-option gen_option_tag ]
These commands allow you to set, display, or disable one of up to eight DHCP Option Groups. Each Option
Group can have a name of between 1 and 15 characters. The name is used in the DHCP filterset syntax to
choose what group of gen-options is to be served to a particular DHCP Client.
Option Groups refer to gen-options; they do not contain them. Deleting a gen-option from an option group does
not delete the option. Adding a gen-option to an option-group does not preclude it from being added to another
option-group.
interface ethernet id address-serve dhcp default-option-group option_group_tag
show interface ethernet id address-serve dhcp default-option-group
no interface ethernet id address-serve dhcp default-option-group
These commands allow you to set, display, or disable the option group specified by option_group_tag as the
default.
2-82 Command Line Interface Commands Reference
DHCP Option Filtersets commands
Support for DHCP option filtering is provided via the filterset settings.
DHCP Option Filtersets commands
ip dhcp-filterset fs-tag [ filter { new | last | id {1..8} }
show ip dhcp-filterset [ fs-tag [ [filter ] { last | { id 1..8 } } ] ] ]
no ip dhcp-filterset [ fs-tag [ [ filter ] { last | {id 1..8 } } ] ] ]
interface ethernet id address-serve dhcp filterset fs-tag
show interface ethernet id address-serve dhcp filterset
no interface ethernet id address-serve dhcp filterset
bridge-dhcp-filterset fs-tag
show bridge-dhcp-filterset
no bridge-dhcp-filterset
ip dhcp-filterset fs-tag [ filter { new | last | id {1..8} }
show ip dhcp-filterset [ fs-tag [ [filter ] { last | { id 1..8 } } ] ] ]
no ip dhcp-filterset [ fs-tag [ [ filter ] { last | {id 1..8 } } ] ] ]
These commands allow you to specify, display, or disable a DHCP filterset named fs-tag.
Motorola Netopia® Router CLI Commands 2-83
A filter can be identified by its ones-based index, [e.g.] 1, or with the special new keyword. Subsequent
modifications to this filter, assuming no more filters have been added to the filter set yet, must be done by
referring to the filter either by id (1), or by the other special keyword last. Subsequent filters can be added using
either new or by the next integer filter id. You can always specify the last filter in the set by using last. It is an
error to attempt to create a new filter whose id is not 1 greater than the id of the last filter.
Up to two filtersets can be added. Your router supports a single LAN DHCP server instance, but an additional
filterset is available for use when bridging, to block undesired DHCP traffic. Up to 8 rules can be created in the
filterset, which are evaluated in order.
■type: The rule can either specify an option and option contents dhcp-option, a client hardware address
range hw-address, or an option the client is requesting requested-option. By default a rule is of type
dhcp-option.
■dhcp-option: (1..255 ) If the filter is of type dhcp-option or requested-option, the dhcp-option information
determines which DHCP option is specified. See page 2-77 for a table of DHCP options.
■match-str: The match-strstring_w_wildcards will be compared against the DHCP DISCOVER option data.
This string can contain multiple “*” and “?” wildcard substitutions. This is supported only if the filter is of
type dhcp-option.
■start-address/end-address: a client hardware address range. This is supported only if the filter is of type
hw-address.
■match-action:
■If set to pass, the match-pool parameter is used to assign a pool start address, or 0.0.0.0 to pass
unchanged. DHCP packets matching the option string will pass.
■If set to discard, DHCP packets matching the option string will be blocked.
■If set to continue, the remaining rules in the filter will execute.
■match-pool: Specifies the start IP address of the range within a DHCP pool where that range will be used to
allocate an address if the wildcard matches.
The value 0.0.0.0 means regular processing; 255.255.255.255 means discard.
■match-option-group: Specifies an option group identified by opt-group-tag, or none for the match-action
parameter.
■absent-action: As with match-action, absent-action describes the action taken if the matching DHCP
option was not found, using the absent-pool parameter to provide the necessary pool start address.
Note: absent is NOT the opposite of match. The absent- part of the rule is taken if the specified option is
absent.
■absent-pool: Specifies the start IP address of the range within a DHCP pool where that range will be used
to allocate an address if the option in the DHCP packet is not present.
The value 0.0.0.0 means regular processing; 255.255.255.255 means discard.
■absent-option-group: Specifies an option group identified by opt-group-tag, or none for the absent-action
parameter.
2-84 Command Line Interface Commands Reference
interface ethernet id address-serve dhcp filterset fs-tag
show interface ethernet id address-serve dhcp filterset
no interface ethernet id address-serve dhcp filterset
These commands allow you to set, display, or disable a DHCP filterset specified by fs-tag for the Ethernet
interface specified by id.
bridge-dhcp-filterset fs-tag
show bridge-dhcp-filterset
no bridge-dhcp-filterset
These commands allow you to set, display, or disable a DHCP filterset specified by fs-tag for use when bridging.
Motorola Netopia® Router CLI Commands 2-85
Stateful Inspection Commands
See also:
■“Stateful Inspection Configuration Commands” on page 2-32 for Ethernet interface commands, and
■“Stateful Inspection Commands” on page 3-21 for Connection Profile commands.
Note: The commands in this section are supported beginning with Firmware Version 8.2.
ip state-insp udp-timeout value
show ip state-insp udp-timeout
These commands allow you to specify or show the UDP timeout value for the stateful inspection feature. The
UDP timeout range is between 30 and 65535 seconds.
ip state-insp tcp-timeout value
show ip state-insp tcp-timeout
These commands allow you to specify or show the TCP timeout value for the stateful inspection feature. The
TCP timeout range is between 30 and 65535 seconds.
ip state-insp dos-detect [ yes | no ]
show ip state-insp dos-detect
Note: These commands are supported beginning with Firmware Version 8.7.
These commands allow you to set or show the status of Denial of Service (DoS) detection in the stateful
inspection feature. Packets are monitored for DoS attack detection if this option is set to yes. Offending
packets maybe discarded if it is determined to be a DoS attack.
ip state-insp xposed-addr { [server-list-tagstart-ip-addrend-ip-addr] }
{ [protocolstart-portend-port] }
no ip state-insp xposed-addr { [server-list-tag] }
show ip state-insp xposed-addr abc
These commands allow you to add an entry to the specified list, or, if list does not exist, create the list for the
stateful inspection feature. Accepted values for protocol are tcp, udp, or both. The show command allows you
to display exposed entries in the list specified by the tag. The no command removes all addresses in the list
and deletes the list.
2-86 Command Line Interface Commands Reference
Wireless Configuration Commands
Note: The commands in this section are supported beginning with Firmware Version 8.2 on wireless (802.11)-
enabled routers.
Wireless Configuration Commands
wireless enable [ yes | no ]
show wireless enable
wireless closed-system [ yes | no ]
show wireless closed-system
wireless ssid string
show wireless ssid
wireless auto-channel [ off | at-star tup | continuous ]
no wireless auto-channel
show wireless auto-channel
wireless tx-power [ full | medium | fair | low | minimal ]
show wireless clients
show wireless statistics
wireless default-channel [ no 1..14 ]
show wireless default-channel
wireless wep [ enable | disable ]
show wireless wep
wireless default-keyid [ 1..4 ]
show wireless default-keyid
wireless wep encpt-key [ 1..4 ] hex_string
no wireless wep encpt-key hex_string
show wireless wep encpt-key [ 1..4 ]
Wireless Configuration Commands (continued)
wireless enable [ yes | no ]
show wireless enable
wireless closed-system [ yes | no ]
show wireless closed-system
wireless ssid string
show wireless ssid
wireless auto-channel [ off | at-star tup | continuous ]
no wireless auto-channel
show wireless auto-channel
wireless default-channel [ no 1..14 ]
show wireless default-channel
wireless wep [ enable | disable ]
show wireless wep
Motorola Netopia® Router CLI Commands 2-87
wireless default-keyid [ 1..4 ]
show wireless default-keyid
wireless wep encpt-key [ 1..4 ] hex_string
no wireless wep encpt-key hex_string
show wireless wep encpt-key [ 1..4 ]
wireless enable [ yes | no ]
show wireless enable
These commands allow you to enable, disable, or show the status of the wireless option. When disabled, the
router will not provide or broadcast any wireless LAN ser vices.
wireless closed-system [ yes | no ]
show wireless closed-system
These commands allow you to enable, disable, or show whether the WLAN is operating as a closed-system.
Enabling closed system mode will hide the wireless router’s broadcast of the SSID, which prevents its name
from appearing on a wireless client when they scan for access points. Therefore, in order to connect, the
wireless client would already have to know the SSID. This prevents casual intrusion. Default is no.
2-88 Command Line Interface Commands Reference
wireless ssid string
show wireless ssid
These commands allow you to specify or show a 32-character string or Network Name used to identify this
WLAN. Users must select or enter this string on their clients in order to become a part of this WLAN.
wireless auto-channel [ off | at-star tup | continuous ]
no wireless auto-channel
show wireless auto-channel
These commands allow you to set, show, or turn off the wireless autochannel feature (only available for
802.11G models). Autochannel allows the Netopia Router to determine the best channel to broadcast
automatically.
Three settings are available: off, at-startup, and continuous.
■off is the default setting; the Netopia Router will use the configured default channel.
■at-startup causes the Netopia Router at star tup to briefly initialize on the default channel, then per form a
full two- to three-second scan, and switch to the best channel it can find, remaining on that channel until
the next reboot.
■continuous performs the at-startup scan, and will continuously monitor the current channel for any other
Access Point activity. If Access Point activity is detected on the same channel, the Motorola Netopia®
Router will initiate a scan of the other channels, locate a less active one, and switch. Once it has switched,
it will remain on this channel for at least 30 minutes before switching again if a new Access Point is
detected.
Note: Channel scans can be disruptive to normal wireless activity and may take a few minutes.
wireless tx-power [ full | medium | fair | low | minimal ]
Sets the wireless transmit power, scaling down the router's wireless transmit coverage by lowering its radio
power output. Default is full power. Transmit power settings are useful in large venues with multiple wireless
routers where you want to reuse channels. Since there are only three non-overlapping channels in the 802.11
spectrum, it helps to size the Gateway’s cell to match the location. This allows you to install a router to cover a
small “hole” without conflicting with other routers nearby.
show wireless clients
This command displays the connected wireless clients, if any.