Command Line Interface
User Manual
V1.4
Index
User Interface Commands .......................................................................................... 20
Login ............................................................................................................. 21
hostname ..................................................................................................... 21
enable .......................................................................................................... 21
disable .......................................................................................................... 22
quit ............................................................................................................... 22
show history ................................................................................................ 23
configure terminal ....................................................................................... 24
restart .......................................................................................................... 24
end ............................................................................................................... 25
exit ............................................................................................................... 25
SYSTEM MANAGEMENT COMMANDS ........................................................................ 27
system-name ............................................................................................... 27
craft .............................................................................................................. 27
show memory .............................................................................................. 28
show cpu ...................................................................................................... 29
show running-config .................................................................................... 30
show startup-config .................................................................................... 31
show system ................................................................................................ 32
show users ................................................................................................... 33
show version ................................................................................................ 34
jumbo frame ................................................................................................ 34
boot system ................................................................................................. 35
copy .............................................................................................................. 36
delete ........................................................................................................... 40
dir ................................................................................................................. 40
LINE COMMANDS ........................................................................................................ 41
line ................................................................................................................ 41
databits ........................................................................................................ 42
exec-timeout ................................................................................................ 43
login .............................................................................................................. 44
parity ............................................................................................................ 45
password ...................................................................................................... 45
password-thresh .......................................................................................... 46
silent-time .................................................................................................... 47
speed ............................................................................................................ 48
stopbits ......................................................................................................... 49
timeout login response ................................................................................ 49
disconnect .................................................................................................... 50
show line ...................................................................................................... 51
LOG Commands............................................................................................................ 52
logging level ................................................................................................. 52
logging host .................................................................................................. 53
logging on ..................................................................................................... 54
clear logging ................................................................................................. 55
show log ....................................................................................................... 55
show logging ................................................................................................ 56
logging mail .................................................................................................. 57
logging mail host .......................................................................................... 57
logging mail level ......................................................................................... 58
logging mail destination ............................................................................... 59
logging mail source ...................................................................................... 60
show logging mail ........................................................................................ 60
Clock Commands .................................................................................................. 61
sntp client ..................................................................................................... 61
sntp poll ....................................................................................................... 62
sntp server ................................................................................................... 63
show sntp ..................................................................................................... 63
ntp authenticate........................................................................................... 64
ntp authentication-key ................................................................................. 65
ntp client ...................................................................................................... 66
ntp server ..................................................................................................... 66
show ntp ...................................................................................................... 68
clock timezone ............................................................................................. 68
calendar set .................................................................................................. 69
show calendar .............................................................................................. 70
time-range .................................................................................................... 70
absolute ........................................................................................................ 71
periodic ........................................................................................................ 72
show time-range .......................................................................................... 73
CLUSTERING Commands .............................................................................................. 74
cluster ........................................................................................................... 75
cluster commander ...................................................................................... 76
cluster ip-pool .............................................................................................. 76
cluster member ............................................................................................ 77
rcommand .................................................................................................... 78
show cluster ................................................................................................. 79
show cluster candidates ............................................................................... 79
show cluster members ................................................................................. 80
SNMP COMMANDS ...................................................................................................... 81
General SNMP Commands ................................................................................... 81
snmp-server server ...................................................................................... 81
snmp-server community .............................................................................. 82
snmp-server contact .................................................................................... 82
snmp-server location ................................................................................... 83
show snmp ................................................................................................... 84
SNMP Target Host Commands ............................................................................. 85
snmp-server enable traps ............................................................................ 85
snmp-server host ......................................................................................... 86
SNMPv3 Commands ............................................................................................. 89
snmp-server engine-id ................................................................................. 89
snmp-server group ....................................................................................... 90
snmp-server user ......................................................................................... 91
snmp-server view ......................................................................................... 93
show snmp engine-id ................................................................................... 94
show snmp group ......................................................................................... 95
show snmp user ........................................................................................... 96
show snmp view ........................................................................................... 97
Additional Trap Commands .................................................................................. 97
memory ........................................................................................................ 97
cpu ................................................................................................................ 98
RMON COMMANDS ................................................................................................... 100
rmon alarm ................................................................................................ 100
rmon event ................................................................................................. 102
rmon collection history .............................................................................. 103
rmon collection stats .................................................................................. 105
show rmon alarms ..................................................................................... 106
show rmon events ...................................................................................... 106
show rmon history ..................................................................................... 106
show rmon statistics .................................................................................. 107
SFLOW ........................................................................................................................ 109
sflow owner ................................................................................................ 109
sflow polling ............................................................................................... 111
sflow sampling ........................................................................................... 112
show sflow ................................................................................................. 113
USER ACCOUNTS ........................................................................................................ 115
enable password ........................................................................................ 115
username ................................................................................................... 116
privilege ...................................................................................................... 117
show privilege ............................................................................................ 118
AUTHENTICATION ...................................................................................................... 118
authentication enable ................................................................................ 119
authentication login ................................................................................... 120
RADIUS CLIENT ........................................................................................................... 121
radius-server acct-port............................................................................... 121
radius-server auth-port .............................................................................. 122
radius-server host ...................................................................................... 122
radius-server key ........................................................................................ 123
radius-server retransmit ............................................................................ 124
radius-server timeout ................................................................................ 124
show radius-server ..................................................................................... 125
TACACS+ CLIENT ......................................................................................................... 126
tacacs-server host ...................................................................................... 126
tacacs-server key ........................................................................................ 127
tacacs-server port ...................................................................................... 128
tacacs-server retransmit ............................................................................ 128
tacacs-server timeout ................................................................................ 129
show tacacs-server ..................................................................................... 129
AAA ............................................................................................................................. 130
aaa accounting dot1x ................................................................................. 130
aaa accounting login .................................................................................. 131
aaa accounting update ............................................................................... 133
aaa authorization login .............................................................................. 133
aaa list server ............................................................................................. 134
server ......................................................................................................... 135
accounting dot1x........................................................................................ 136
show accounting ........................................................................................ 136
WEB SERVER ............................................................................................................... 137
server http port .......................................................................................... 137
server http enable ...................................................................................... 138
server https secure-port ............................................................................ 138
server https enable .................................................................................... 139
TELNET SERVER .......................................................................................................... 140
server telnet max-sessions......................................................................... 140
server telnet port ....................................................................................... 141
server telnet enable ................................................................................... 141
show line telnet .......................................................................................... 141
SSH ............................................................................................................................. 142
ip ssh authentication-retries ...................................................................... 145
ip ssh server enable ................................................................................... 146
ip ssh timeout ............................................................................................ 147
delete public-key ........................................................................................ 147
ip ssh crypto host-key generate ................................................................. 148
ip ssh crypto zeroize ................................................................................... 149
ip ssh save host-key .................................................................................... 149
show ip ssh ................................................................................................. 150
show public-key ......................................................................................... 150
show ssh ..................................................................................................... 151
802.1X ........................................................................................................................ 152
dot1x default .............................................................................................. 152
dot1x system-auth-control ......................................................................... 153
dot1x intrusion-action ............................................................................... 154
dot1x max-reauth-req ................................................................................ 154
dot1x max-req ............................................................................................ 155
dot1x operation-mode ............................................................................... 156
dot1x port-control ...................................................................................... 157
dot1x re-authentication ............................................................................. 158
dot1x timeout quiet-period ....................................................................... 158
dot1x timeout re-authperiod ..................................................................... 159
dot1x timeout supp-timeout ..................................................................... 159
dot1x timeout tx-period ............................................................................ 160
dot1x re-authenticate ................................................................................ 161
dot1x identity profile ................................................................................. 162
dot1x max-start .......................................................................................... 162
dot1x pae supplicant .................................................................................. 163
dot1x timeout auth-period ........................................................................ 164
dot1x timeout held-period ........................................................................ 165
dot1x timeout start-period ........................................................................ 165
show dot1x ................................................................................................. 166
MANAGEMENT IP FILTER ........................................................................................... 168
management .............................................................................................. 168
show management .................................................................................... 169
PPPOE INTERMEDIATE AGENT ................................................................................... 170
pppoe intermediate-agent ......................................................................... 171
pppoe intermediate-agent format-type .................................................... 171
pppoe intermediate-agent port-enable ..................................................... 172
pppoe intermediate-agent port-format-type ............................................ 173
pppoe intermediate-agent trust ................................................................ 174
pppoe intermediate-agent vendor-tag strip .............................................. 175
clear pppoe intermediate-agent statistics ................................................. 175
show pppoe intermediate-agent info ........................................................ 176
show pppoe intermediate-agent statistics ................................................ 177
PORT SECURITY .......................................................................................................... 179
port security ............................................................................................... 179
show port security ..................................................................................... 181
NETWORK ACCESS ...................................................................................................... 182
network-access aging ................................................................................. 182
network-access mac-filter .......................................................................... 183
mac-authentication reauth-time ............................................................... 184
network-access dynamic-qos ..................................................................... 185
network-access dynamic-vlan .................................................................... 186
network-access guest-vlan ......................................................................... 187
network-access link-detection ................................................................... 187
network-access link-detection link-down .................................................. 188
network-access link-detection link-up ....................................................... 189
network-access link-detection link-up-down ............................................ 189
network-access max-mac-count ................................................................ 190
network-access mode mac-authentication ............................................... 191
network-access port-mac-filter ................................................................. 192
mac-authentication intrusion-action ......................................................... 193
mac-authentication max-mac-count ......................................................... 193
clear network-access.................................................................................. 194
show network-access ................................................................................. 194
show network-access mac-address-table .................................................. 196
show network-access mac-filter ................................................................ 197
WEB AUTHENTICATION .............................................................................................. 197
web-auth login-attempts ........................................................................... 198
web-auth quiet-period ............................................................................... 198
web-auth session-timeout ......................................................................... 199
web-auth system-auth-control .................................................................. 200
web-auth .................................................................................................... 200
show web-auth .......................................................................................... 201
show web-auth interface ........................................................................... 201
show web-auth summary .......................................................................... 202
DHCPV4 SNOOPING ................................................................................................... 203
ip dhcp snooping ........................................................................................ 203
ip dhcp snooping information option ........................................................ 205
ip dhcp snooping information policy ......................................................... 207
ip dhcp snooping verify mac-address ........................................................ 208
ip dhcp snooping vlan ................................................................................ 209
ip dhcp snooping information option circuit-id ......................................... 209
ip dhcp snooping trust ............................................................................... 210
clear ip dhcp snooping binding .................................................................. 211
clear ip dhcp snooping database flash ....................................................... 212
ip dhcp snooping database flash ............................................................... 212
show ip dhcp snooping .............................................................................. 213
show ip dhcp snooping binding ................................................................. 213
DHCPV6 SNOOPING ................................................................................................... 214
ipv6 dhcp snooping .................................................................................... 214
DHCP Server Packet .................................................................................................... 215
ipv6 dhcp snooping vlan ............................................................................ 217
ipv6 dhcp snooping max-binding ............................................................... 218
ipv6 dhcp snooping trust ........................................................................... 218
clear ipv6 dhcp snooping binding .............................................................. 219
clear ipv6 dhcp snooping database flash ................................................... 220
show ipv6 dhcp snooping .......................................................................... 220
show ipv6 dhcp snooping binding ............................................................. 221
show ipv6 dhcp snooping statistics ............................................................ 222
IPv4 SOURCE GUARD .................................................................................................. 222
ip source-guard binding ............................................................................. 223
ip source-guard .......................................................................................... 224
ip source-guard max-binding ..................................................................... 226
ip source-guard mode ................................................................................ 226
clear ip source-guard binding blocked ....................................................... 227
show ip source-guard ................................................................................. 228
show ip source-guard binding .................................................................... 229
IPv6 SOURCE GUARD .................................................................................................. 229
ipv6 source-guard binding ......................................................................... 230
ipv6 source-guard ...................................................................................... 231
ipv6 source-guard max-binding ................................................................. 233
show ipv6 source-guard ............................................................................. 234
show ipv6 source-guard binding ................................................................ 235
ARP INSPECTION ........................................................................................................ 236
ip arp inspection ........................................................................................ 236
ip arp inspection filter ................................................................................ 237
ip arp inspection log-buffer logs ................................................................ 238
ip arp inspection validate ........................................................................... 239
ip arp inspection vlan ................................................................................. 240
ip arp inspection limit ................................................................................ 241
ip arp inspection trust ................................................................................ 242
show ip arp inspection configuration ........................................................ 243
show ip arp inspection interface ................................................................ 243
show ip arp inspection log ......................................................................... 244
show ip arp inspection statistics ................................................................ 244
show ip arp inspection vlan ....................................................................... 245
DoS PROTECTION ....................................................................................................... 246
dos-protection echo-chargen..................................................................... 246
dos-protection smurf ................................................................................. 247
dos-protection tcp-flooding ....................................................................... 247
dos-protection tcp-null-scan ...................................................................... 248
dos-protection tcp-syn-fin-scan ................................................................. 248
dos-protection udp-flooding ...................................................................... 250
dos-protection win-nuke ............................................................................ 250
show dos-protection .................................................................................. 251
ACL Command ............................................................................................................ 252
IPV4 ACLs ............................................................................................................ 252
ip access-list ............................................................................................... 252
permit, deny (Standard) .......................................................................... 253
permit, deny (Extended) ......................................................................... 254
ip service-acl .............................................................................................. 257
show interfaces ip access-lists ................................................................... 257
show ip access-list ...................................................................................... 258
IPV6 ACLs ............................................................................................................ 258
ipv6 access-list ........................................................................................... 259
permit, deny (Standard) .......................................................................... 259
permit, deny (Extended) ......................................................................... 260
show ipv6 access-list .................................................................................. 263
ipv6 service-acl ........................................................................................... 263
show interfaces ipv6 access-lists ............................................................... 264
MAC ACLs ........................................................................................................... 264
mac access-list ........................................................................................... 265
permit, deny (MAC) ................................................................................... 265
mac service-acl ........................................................................................... 268
show interfaces mac access-list ................................................................. 268
show mac access-list .................................................................................. 269
ARP ACLs ............................................................................................................ 269
arp access-list ............................................................................................. 269
permit, deny (ARP) ..................................................................................... 270
show arp access-list ................................................................................... 271
ACL INFORMATION ............................................................................................. 272
This section describes commands used to display ACL information. ........................ 272
clear access-list counters ........................................................................... 272
show access-group ..................................................................................... 272
show access-list .......................................................................................... 273
INTERFACE COMMANDS ............................................................................................ 275
Interface Configuration ...................................................................................... 275
Interface ..................................................................................................... 275
capabilities ................................................................................................. 276
description ................................................................................................. 277
flowcontrol ................................................................................................. 278
negotiation ................................................................................................. 279
shutdown ................................................................................................... 280
speed-duplex .............................................................................................. 280
switchport packet-rate ............................................................................... 282
clear counters ............................................................................................. 283
show interfaces brief.................................................................................. 284
show interfaces counters ........................................................................... 284
show interfaces status ............................................................................... 286
show interfaces configuration ................................................................... 287
show transceiver ........................................................................................ 288
Cable Diagnostics ............................................................................................... 289
test cable-diagnostics ................................................................................. 289
show cable-diagnostics .............................................................................. 291
Power Savings .................................................................................................... 292
power-save ................................................................................................. 292
show power-save ....................................................................................... 293
LINK AGGREGATION COMMANDS ............................................................................. 295
Manual Configuration Commands ..................................................................... 295
port channel load-balance ......................................................................... 295
channel-group ............................................................................................ 296
Dynamic Configuration Commands ................................................................... 298
lacp max-member-count ........................................................................ 298
lacp port-priority ........................................................................................ 298
lacp system-priority.................................................................................... 299
Trunk Status Display Commands ........................................................................ 300
show lacp ................................................................................................... 300
show port-channel load-balance ............................................................... 301
PORT MIRRORING COMMANDS ................................................................................ 302
LOCAL PORT MIRRORING COMMANDS ............................................................. 302
port monitor............................................................................................... 302
show port monitor ..................................................................................... 304
RSPAN MIRRORING COMMANDS ....................................................................... 305
rspan source ............................................................................................... 305
rspan destination ....................................................................................... 306
rspan remote vlan ...................................................................................... 307
no rspan session ......................................................................................... 309
show rspan ................................................................................................. 309
RATE LIMIT COMMANDS ............................................................................................ 311
rate-limit..................................................................................................... 311
LOOPBACK DETECTION COMMANDS ......................................................................... 313
loopback-detection .................................................................................... 313
loopback-detection mode .......................................................................... 314
loopback-detection recover-time .............................................................. 315
loopback-detection transmit-interval ........................................................ 316
loopback-detection release ....................................................................... 317
show loopback-detection .......................................................................... 317
UNIDIRECTIONAL LINK DETECTION COMMANDS ...................................................... 319
udld message-interval ................................................................................ 319
udld aggressive........................................................................................... 320
udld port .................................................................................................... 321
show udld ................................................................................................... 322
ADDRESS TABLE COMMANDS .................................................................................... 324
mac-address-table aging-time ................................................................... 324
mac-address-table static ............................................................................ 324
clear mac-address-table dynamic .............................................................. 326
show mac-address-table ............................................................................ 326
show mac-address-table aging-time .......................................................... 327
show mac-address-table count .................................................................. 328
SPANNING TREE COMMANDS .................................................................................... 329
spanning-tree ............................................................................................. 329
spanning-tree cisco-prestandard ............................................................... 329
spanning-tree forward-time....................................................................... 330
spanning-tree hello-time ........................................................................... 331
spanning-tree max-age .............................................................................. 331
spanning-tree mode ................................................................................... 332
spanning-tree pathcost method ................................................................ 334
spanning-tree priority ................................................................................ 335
spanning-tree mst configuration ............................................................... 335
spanning-tree bpdu(system) ...................................................................... 336
spanning-tree transmission-limit ............................................................... 337
spanning-tree mst max-hops ..................................................................... 337
mst priority ................................................................................................. 338
mst vlan ...................................................................................................... 339
name .......................................................................................................... 340
revision ....................................................................................................... 340
spanning-tree bpdu-filter ........................................................................... 341
spanning-tree bpdu-guard ......................................................................... 342
spanning-tree cost ..................................................................................... 343
spanning-tree portfast ............................................................................... 344
spanning-tree link-type .............................................................................. 345
spanning-tree loopback-detection............................................................. 346
spanning-tree loopback-detection action.................................................. 347
spanning-tree loopback-detection release-mode ..................................... 348
spanning-tree loopback-detection trap ..................................................... 349
spanning-tree mst cost .............................................................................. 349
spanning-tree mst port-priority ................................................................. 350
spanning-tree bpdu(port) .......................................................................... 351
spanning-tree port-priority ........................................................................ 352
spanning-tree guard root ........................................................................... 353
spanning-tree spanning-disabled............................................................... 354
spanning-tree loopback-detection release ................................................ 354
spanning-tree protocol-migration.............................................................. 355
show spanning-tree ................................................................................... 356
show spanning-tree mst configuration ...................................................... 359
ERPS COMMANDS ...................................................................................................... 360
erps ............................................................................................................ 360
erps domain ............................................................................................... 360
control-vlan ................................................................................................ 361
enable......................................................................................................... 362
guard-timer ................................................................................................ 363
holdoff-timer .............................................................................................. 363
major-domain ............................................................................................ 364
meg-level .................................................................................................... 365
mep-monitor .............................................................................................. 366
node-id ....................................................................................................... 367
non-erps-dev-protect ................................................................................. 368
propagate-tc ............................................................................................... 369
ring-port ..................................................................................................... 370
rpl owner .................................................................................................... 371
wtr-timer .................................................................................................... 372
show erps ................................................................................................... 372
VLAN COMMANDS ..................................................................................................... 374
GVRP AND BRIDGE EXTENSION COMMANDS .................................................... 374
gvrp enable ................................................................................................ 374
garp timer ................................................................................................... 374
Switchport forbidden vlan ......................................................................... 376
switchport gvrp .......................................................................................... 377
show bridge-ext ......................................................................................... 377
show garp timer ......................................................................................... 378
show gvrp configuration ............................................................................ 379
EDITING VLAN GROUPS ...................................................................................... 379
vlan database ............................................................................................. 379
vlan ............................................................................................................. 380
CONFIGURING VLAN INTERFACES ...................................................................... 381
interface vlan ............................................................................................. 381
Switchport acceptable-frame-types........................................................... 382
switchport trunk allowed vlan ................................................................... 383
switchport trunk native vlan ...................................................................... 384
switchport hybrid allowed vlan .................................................................. 384
switchport hybrid pvid ............................................................................... 385
switchport access vlan ............................................................................... 386
switchport ingress-filtering ........................................................................ 387
switchport mode ........................................................................................ 388
show vlan ................................................................................................... 389
CONFIGURING QinQ ........................................................................................... 390
dot1q-tunnel system-tunnel-control ......................................................... 390
switchport dot1q-tunnel mode ................................................................. 390
switchport dot1q-tunnel service match cvid ............................................. 391
switchport dot1q-tunnel tpid .................................................................... 393
show dot1q-tunnel..................................................................................... 394
CONFIGURING VLAN TRANSLATION ................................................................... 396
switchport vlan-translation ........................................................................ 396
Configuring VLAN Translation .................................................................................... 397
show vlan-translation................................................................................. 398
CONFIGURING PORT-BASED TRAFFIC SEGMENTATION ..................................... 398
traffic-segmentation .................................................................................. 398
traffic-segmentation session ...................................................................... 399
traffic-segmentation uplink/downlink ....................................................... 400
traffic-segmentation uplink-to-uplink ........................................................ 401
show traffic-segmentation ......................................................................... 402
CONFIGURING PROTOCOL-BASED VLANS .......................................................... 403
protocol-vlan protocol-group (Configuring Groups) .................................. 403
protocol-vlan protocol-group (Configuring Interfaces) .............................. 404
show protocol-vlan protocol-group ........................................................... 405
show interfaces protocol-vlan protocol-group .......................................... 405
CONFIGURING IP SUBNET VLANS ...................................................................... 406
subnet-vlan ................................................................................................ 406
show subnet-vlan ....................................................................................... 407
CONFIGURING MAC BASED VLANS .................................................................... 408
mac-vlan ..................................................................................................... 409
show mac-vlan ........................................................................................... 410
CONFIGURING VOICE VLANS.............................................................................. 410
voice vlan ................................................................................................... 410
voice vlan aging .......................................................................................... 411
voice vlan mac-address .............................................................................. 412
switchport voice vlan ................................................................................. 413
switchport voice vlan priority .................................................................... 414
switchport voice vlan rule .......................................................................... 415
switchport voice vlan security ................................................................... 416
show voice vlan .......................................................................................... 416
CLASS OF SERVICE COMMANDS ................................................................................ 419
PRIORITY COMMANDS (LAYER 2) ....................................................................... 419
queue mode ............................................................................................... 419
queue weight ............................................................................................. 421
switchport priority default ......................................................................... 421
show queue mode ..................................................................................... 423
show queue weight .................................................................................... 423
qos map cos-dscp ....................................................................................... 424
Default Configuration ................................................................................................ 424
Default Mapping of CoS/CFI to Internal PHB/Drop Precedence ................................ 424
qos map dscp-mutation ............................................................................. 425
Default Mapping of DSCP Values to Internal PHB/Drop Values ................................. 425
qos map phb-queue ................................................................................... 426
Mapping Internal Per-hop Behavior to Hardware Queues ........................................ 426
qos map trust-mode .................................................................................. 427
show qos map cos-dscp ............................................................................. 428
show qos map dscp-mutation .................................................................... 429
show qos map phb-queue ......................................................................... 430
show qos map trust-mode ......................................................................... 431
QUALITY OF SERVICE (QoS) COMMANDS .................................................................. 432
class-map ................................................................................................... 432
description ................................................................................................. 433
match ......................................................................................................... 433
rename ....................................................................................................... 435
policy-map.................................................................................................. 435
class ............................................................................................................ 436
police flow .................................................................................................. 437
police srtcm-color ...................................................................................... 439
police trtcm-color ....................................................................................... 441
set cos ........................................................................................................ 443
set ip dscp .................................................................................................. 444
set phb ....................................................................................................... 445
service-policy ............................................................................................. 445
show class-map .......................................................................................... 446
show policy-map ........................................................................................ 447
show policy-map interface ......................................................................... 448
IGMP SNOOPING ........................................................................................................ 449
ip igmp snooping ........................................................................................ 449
ip igmp snooping mrouter-forward-mode dynamic .................................. 449
ip igmp snooping priority ........................................................................... 450
ip igmp snooping proxy-reporting ............................................................. 451
ip igmp snooping querier ........................................................................... 452
ip igmp snooping router-alert-option-check ............................................. 452
ip igmp snooping tcn-flood ........................................................................ 454
ip igmp snooping tcn-query-solicit ............................................................ 455
ip igmp snooping unregistered-data-flood ................................................ 456
ip igmp snooping unsolicited-report-interval ............................................ 456
ip igmp snooping version ........................................................................... 457
ip igmp snooping version-exclusive ........................................................... 458
ip igmp snooping vlan general-query-suppression .................................... 459
ip igmp snooping vlan immediate-leave .................................................... 460
ip igmp snooping vlan last-memb-query-count ......................................... 461
ip igmp snooping vlan mrd ........................................................................ 462
ip igmp snooping vlan proxy-address ........................................................ 464
ip igmp snooping vlan query-interval ........................................................ 465
ip igmp snooping vlan query-resp-intvl ..................................................... 466
ip igmp snooping vlan static....................................................................... 467
show ip igmp snooping .............................................................................. 467
show ip igmp snooping group .................................................................... 469
show ip igmp snooping statistics ............................................................... 470
STATIC MULTICAST ROUTING ............................................................................. 471
ip igmp snooping vlan mrouter .................................................................. 471
show ip igmp snooping mrouter ................................................................ 472
IGMP FILTERING AND THROTTLING ................................................................... 473
ip igmp filter (Global Configuration) .......................................................... 473
ip igmp profile ............................................................................................ 474
permit, deny ............................................................................................... 475
range .......................................................................................................... 475
ip igmp filter (Interface Configuration) ...................................................... 476
ip igmp max-groups ................................................................................... 477
ip igmp max-groups action ........................................................................ 478
ip igmp query-drop .................................................................................... 478
show ip igmp filter ..................................................................................... 479
show ip igmp profile .................................................................................. 480
show ip igmp query-drop ........................................................................... 481
show ip igmp throttle interface ................................................................. 481
MLD Snooping ............................................................................................................ 482
ipv6 mld snooping ...................................................................................... 482
ipv6 mld snooping querier ......................................................................... 483
ipv6 mld snooping query-interval .............................................................. 483
ipv6 mld snooping query-max-response-time ........................................... 484
ipv6 mld snooping robustness ................................................................... 485
ipv6 mld snooping router-port-expire-time ............................................... 486
ipv6 mld snooping unknown-multicast mode ........................................... 486
ipv6 mld snooping version ......................................................................... 487
ipv6 mld snooping vlan mrouter ................................................................ 488
ipv6 mld snooping vlan static ..................................................................... 489
ipv6 mld snooping vlan immediate-leave .................................................. 489
clear ipv6 mld snooping groups dynamic .................................................. 490
clear ipv6 mld snooping statistics .............................................................. 491
show ipv6 mld snooping ............................................................................ 491
show ipv6 mld snooping group .................................................................. 492
show ipv6 mld snooping group source-list ................................................ 493
show ipv6 mld snooping mrouter .............................................................. 494
MVR Commands ........................................................................................................ 494
MVR FOR IPV4 .................................................................................................... 494
mvr ............................................................................................................. 494
mvr associated-profile ............................................................................... 495
mvr domain ................................................................................................ 495
mvr profile .................................................................................................. 496
mvr proxy-query-interval ........................................................................... 497
mvr priority ................................................................................................ 498
mvr proxy-switching ................................................................................... 499
mvr robustness-value ................................................................................. 500
mvr source-port-mode dynamic ................................................................ 501
mvr upstream-source-ip............................................................................. 501
mvr vlan ...................................................................................................... 502
mvr immediate-leave ................................................................................. 503
mvr type ..................................................................................................... 504
mvr vlan group ........................................................................................... 506
show mvr .................................................................................................... 507
show mvr associated-profile ...................................................................... 508
show mvr interface .................................................................................... 508
show mvr members ................................................................................... 509
show mvr profile ........................................................................................ 511
show mvr statistics ..................................................................................... 512
MVR FOR IPV6 .................................................................................................... 513
mvr6 associated-profile ............................................................................. 513
mvr6 domain .............................................................................................. 513
mvr6 profile ................................................................................................ 514
mvr6 proxy-query-interval ......................................................................... 515
mvr6 proxy-switching ................................................................................. 516
mvr6 robustness-value ............................................................................... 517
mvr6 source-port-mode dynamic .............................................................. 518
mvr6 upstream-source-ip .......................................................................... 519
mvr6 vlan.................................................................................................... 520
mvr6 immediate-leave ............................................................................... 520
mvr6 type ................................................................................................... 521
mvr6 vlan group ......................................................................................... 523
show mvr6 .................................................................................................. 524
show mvr6 associated-profile .................................................................... 525
show mvr6 interface .................................................................................. 525
show mvr6 members ................................................................................. 526
show mvr6 profile ...................................................................................... 528
show mvr6 statistics ................................................................................... 528
LLDP COMMANDS ...................................................................................................... 531
lldp ............................................................................................................. 531
lldp holdtime-multiplier ............................................................................. 531
lldp med-fast-start-count ........................................................................... 532
lldp notification-interval ............................................................................ 532
lldp refresh-interval .................................................................................... 533
lldp reinit-delay .......................................................................................... 534
lldp tx-delay ................................................................................................ 535
lldp admin-status ....................................................................................... 535
lldp basic-tlv management-ip-address ....................................................... 536
lldp basic-tlv port-description .................................................................... 537
lldp basic-tlv system-capabilities ............................................................... 538
lldp basic-tlv system-description ............................................................... 538
lldp basic-tlv system-name ........................................................................ 539
lldp dot1-tlv proto-ident ............................................................................ 540
lldp dot1-tlv proto-vid ................................................................................ 540
lldp dot1-tlv pvid ........................................................................................ 541
lldp dot1-tlv vlan-name .............................................................................. 541
lldp dot3-tlv link-agg .................................................................................. 542
lldp dot3-tlv mac-phy ................................................................................. 543
lldp dot3-tlv max-frame ............................................................................. 543
lldp med-location civic-addr ...................................................................... 544
lldp med-notification ................................................................................. 546
lldp med-tlv inventory ................................................................................ 547
lldp med-tlv location .................................................................................. 547
lldp med-tlv med-cap ................................................................................. 548
lldp med-tlv network-policy ....................................................................... 548
lldp notification .......................................................................................... 549
show lldp config ......................................................................................... 550
show lldp info local-device ......................................................................... 551
show lldp info remote-device .................................................................... 553
show lldp info statistics .............................................................................. 555
CFM COMMANDS ...................................................................................................... 557
Defining CFM Structures .................................................................................... 557
cfm ais level ................................................................................................ 557
cfm ais ma .................................................................................................. 558
cfm ais period ............................................................................................. 559
cfm ais suppress alarm ............................................................................... 559
cfm domain ................................................................................................ 560
cfm enable ................................................................................................. 563
ma index name ........................................................................................... 563
ma index name-format .............................................................................. 565
cfm mep ..................................................................................................... 566
cfm port-enable ......................................................................................... 567
clear cfm ais mpid ...................................................................................... 568
show cfm configuration ............................................................................. 568
show cfm md .............................................................................................. 569
show cfm ma .............................................................................................. 570
show cfm maintenance-points local .......................................................... 571
show cfm maintenance-points local detail mep ........................................ 572
show cfm maintenance-points remote detail ............................................ 573
Continuity Check Operations ............................................................................. 575
cfm cc ma interval ...................................................................................... 575
cfm cc enable ............................................................................................. 576
snmp-server enable traps ethernet cfm cc ................................................ 577
mep archive-hold-time .............................................................................. 578
clear cfm maintenance-points remote ...................................................... 579
clear cfm errors .......................................................................................... 579
show cfm errors ......................................................................................... 580
Cross Check Operations ..................................................................................... 581
cfm mep crosscheck start-delay ................................................................ 581
snmp-server enable traps ethernet cfm crosscheck .................................. 581
mep crosscheck mpid ................................................................................. 583
cfm mep crosscheck ................................................................................... 584
show cfm maintenance-points remote crosscheck ................................... 585
Link Trace Operations ......................................................................................... 585
cfm linktrace cache .................................................................................... 585
cfm linktrace cache hold-time ................................................................... 586
cfm linktrace cache size ............................................................................. 587
cfm linktrace............................................................................................... 588
clear cfm linktrace-cache ........................................................................... 589
show cfm linktrace-cache .......................................................................... 589
Loopback Operations ......................................................................................... 590
cfm loopback .............................................................................................. 590
Fault Generator Operations ............................................................................... 592
mep fault-notify alarm-time ...................................................................... 592
mep fault-notify lowest-priority ................................................................ 592
mep fault-notify reset-time ....................................................................... 594
show cfm fault-notify-generator ................................................................ 594
Delay Measure Operations ................................................................................ 595
cfm delay-measure two-way ...................................................................... 595
OAM COMMANDS ..................................................................................................... 598
efm oam ..................................................................................................... 598
efm oam critical-link-event ........................................................................ 598
efm oam link-monitor frame ..................................................................... 599
efm oam link-monitor frame threshold ..................................................... 600
efm oam link-monitor frame window ........................................................ 601
efm oam mode ........................................................................................... 601
clear efm oam counters ............................................................................. 602
efm oam remote-loopback ........................................................................ 603
efm oam remote-loopback test ................................................................. 604
show efm oam counters interface ............................................................. 605
show efm oam event-log interface ............................................................ 606
show efm oam remote-loopback interface ............................................... 607
show efm oam status interface .................................................................. 607
show efm oam status remote interface ..................................................... 608
DOMAIN NAME SERVICE (DNS) COMMANDS ............................................................ 610
dns domain-list ........................................................................................... 610
dns domain-lookup .................................................................................... 611
dns domain-name ...................................................................................... 612
dns host ...................................................................................................... 613
dns name-server ........................................................................................ 614
clear dns cache ........................................................................................... 615
clear host .................................................................................................... 615
show dns .................................................................................................... 616
show dns cache .......................................................................................... 616
show hosts ................................................................................................. 617
DHCP COMMANDS ..................................................................................................... 618
DHCP CLIENT ...................................................................................................... 618
ip dhcp client class-id ................................................................................. 618
ip dhcp restart client .................................................................................. 619
DHCP RELAY OPTION 82 ..................................................................................... 620
ip dhcp relay server .................................................................................... 620
ip dhcp relay information option ............................................................... 621
ip dhcp relay information policy ................................................................ 624
show ip dhcp relay ..................................................................................... 625
IP INTERFACE COMMANDS ........................................................................................ 627
IPV4 INTERFACE .................................................................................................. 627
ip add ......................................................................................................... 627
ip default-gateway ..................................................................................... 628
show ip default-gateway ............................................................................ 629
show ip interface brief ............................................................................... 630
show ip traffic............................................................................................. 630
traceroute ip............................................................................................... 632
ping ip ......................................................................................................... 634
arp .............................................................................................................. 635
arp timeout ................................................................................................ 636
clear arp-cache ........................................................................................... 637
show arp ..................................................................................................... 637
IPV6 INTERFACE .................................................................................................. 638
ipv6 default-gateway .................................................................................. 638
ipv6 add ...................................................................................................... 639
ipv6 add eui-64 .......................................................................................... 641
ipv6 add link-local ...................................................................................... 643
ipv6 enable ................................................................................................. 645
ipv6 mtu ..................................................................................................... 647
show ipv6 default-gateway ........................................................................ 648
show ipv6 interface .................................................................................... 648
show ipv6 mtu ............................................................................................ 649
show ipv6 traffic ......................................................................................... 650
clear ipv6 traffic ......................................................................................... 652
ping ipv6 ..................................................................................................... 653
traceroute ipv6 ........................................................................................... 654
ipv6 nd dad attempts ................................................................................. 656
ipv6 nd ns-interval ..................................................................................... 658
ipv6 nd raguard .......................................................................................... 659
ipv6 nd reachable-time .............................................................................. 660
clear ipv6 neighbors ................................................................................... 661
show ipv6 nd raguard ................................................................................. 661
show ipv6 neighbors .................................................................................. 662
IP ROUTING COMMANDS .......................................................................................... 664
IPV4 INTERFACE .................................................................................................. 664
ip route ....................................................................................................... 664
show ip route ............................................................................................. 665
IPV6 INTERFACE .................................................................................................. 666
ipv6 route ................................................................................................... 666
show ipv6 route ......................................................................................... 667
STACKING ................................................................................................................... 670
stacking all renumber ................................................................................. 670
stacking master .......................................................................................... 670
stacking enable .......................................................................................... 671
show stacking master ................................................................................. 672
show stacking status .................................................................................. 672
User Interface Commands
The general commands are some basic functions.
Login
User can access switch through console or telnet.
The default administrator name/password is admin/admin.
The default guest name/password is guest/guest.
hostname
This command customizes the CLI prompt. Use the no form to restore the default
prompt.
Syntax
hostname string
no hastname
string - Any alphanumeric string to use for the CLI prompt. (Maximum length: 255
characters)
Default Configuration
Console
Command Mode
Global Configuration
Example
Console(config)#hostname RD2
RD2(config)#
enable
This command activates EXEC mode. In privileged mode, additional
commands are available, and certain commands display additional information.
Syntax
enable [level]
level - Privilege level to log into the device.
The device has two predefined privilege levels: 0: Normal Exec,
15: EXEC. Enter level 15 to access EXEC mode.
Default Configuration
Level 15
Command Mode
Normal Exec
User Guidelines
◆ “super” is the default password required to change the command mode from
Normal Exec to EXEC. (To set this password, see the enable password
command.)
◆ The “#” character is appended to the end of the prompt to indicate that the
system is in privileged access mode.
Example
Console>enable
Password: [privileged level password]
Console#
disable
This command returns to Normal Exec mode from privileged mode. In normal
access mode, you can only display basic information on the switch's configuration
or Ethernet statistics. To gain access to all commands, you must use the privileged
mode.
Default Configuration
None
Command Mode
EXEC
User Guidelines
The “>” character is appended to the end of the prompt to indicate that the system
is in normal access mode.
Example
Console#disable
Console>
quit
This command exits the configuration program.
Default Configuration
None
Command Mode
Normal Exec, EXEC
User Guidelines
The quit and exit commands can both exit the configuration program.
Example
This example shows how to quit a CLI session:
Console#quit
Press ENTER to start session
User Access Verification
Username:
show history
This command shows the contents of the command history buffer.
Default Configuration
None
Command Mode
Normal Exec, EXEC
User Guidelines
The history buffer size is fixed at 10 Execution commands and 10 Configuration
commands.
Example
In this example, the show history command lists the contents of the command
history buffer:
Console#show history
Execution command history:
2 config
1 show history
Configuration command history:
4 interface vlan 1
3 exit
2 interface vlan 1
1 end
Console#
The ! command repeats commands from the Execution command history buffer
when you are in Normal Exec or EXEC Mode, and commands from the Configuration
command history buffer when you are in any of the configuration modes. In this
example, the !2 command repeats the second command in the Execution history
buffer (config).
Console#!2
Console#config
Console(config)#
configure terminal
This command activates Global Configuration mode. You must enter this mode to
modify any settings on the switch. You must also enter Global Configuration mode
prior to enabling some of the other configuration modes, such as Interface
Configuration, Line Configuration, and VLAN Database Configuration.
Default Configuration
None
Command Mode
EXEC
Example
Console#configure terminal
Console(config)#
restart
This command restarts the system.
NOTE: When the system is restarted, it will always run the Power-On SelfTest. It will
also retain all configuration information stored in non-volatile memory by the copy
running-config startup-config command.
Default Configuration
None
Command Mode
EXEC
User Guidelines
This command resets the entire system.
Example
This example shows how to reset the switch:
Console#relstart
System will be restarted, continue <y/n>? y
end
This command returns to EXEC mode.
Default Configuration
None
Command Mode
Global Configuration, Interface Configuration, Line Configuration, VLAN Database
Configuration, and Multiple Spanning Tree Configuration.
Example
This example shows how to return to the EXEC mode from the Interface
Configuration mode:
Console(config-if)#end
Console#
exit
This command returns to the previous configuration mode or exits the configuration
program.
Default Configuration
None
Command Mode
Any
Example
This example shows how to return to the EXEC mode from the Global Configuration
mode, and then quit the CLI session:
Console(config)#exit
Console#exit
Press ENTER to start session
User Access Verification
Username:
SYSTEM MANAGEMENT COMMANDS
system-name
This command specifies or modifies the system name for this device. Use the no
form to restore the default system name.
Syntax
hostname name
no hostname
name - The name of system. (Maximum length: 255 characters)
Default Configuration
None
Command Mode
Global Configuration
Example
Console(config)# system-name RD#1
Console(config)#
craft
This command uses to access configure MGT port IP address mode.
Syntax
interface craft
Default Configuration
192.168.1.1
Command Mode
Global Configuration
Example
Console(config)# interface craft
Console(config)# ip add 192.168.20.4/24
Console(config)# exit
Console# show ip interface brief
VLAN 1 is Administrative Up - Link Up
Address is EC-D6-8A-32-04-C0
Index: 1001, MTU: 1500
Address Mode is DHCP
Proxy ARP is disabled
DHCP Client Vendor Class ID (text): S3900-48T4S
DHCP Relay Server:
Craft interface is Administrative Up
IP Address: 192.168.20.4 Mask: 255.255.255.0
show memory
This command shows memory utilization parameters.
Command Mode
Normal Exec, EXEC
User Guidelines
This command shows the amount of memory currently free for use, the amount of
memory allocated to active processes, and the total amount of system memory.
Example
Console#show memory
Total Memory: 536870912 bytes
Used Memory: 364425216 bytes
Used percent: 68%
Generate Trap alarm threshold: 90%
Clear Trap alarm threshold : 70%
show cpu
This command shows the CPU utilization parameters, alarm status, and alarm
configuration.
Command Mode
Normal Exec, EXEC
Example
Console#show cpu utilization
CPU Utilization
--------------------------------------------------------------
Current : 2% 1 minute : 2%
Trap Alarm Status : Disable
Generate Trap Alarm Threshold: 90%
Clear Trap Alarm Threshold : 70%
Console#show cpu guard
CPU Guard Configuration
Status : Disabled
High Watermark : 90%
Low Watermark : 70%
Maximum Threshold : 500 packets per second
Minimum Threshold : 50 packets per second
Trap Status : Disabled
CPU Guard Operation
Current Threshold : 500 packets per second
show running-config
This command displays the configuration information currently in use.
Syntax
show running-config [interface interface]
interface
ethernet unit/port
unit - Unit identifier. (Range: 1)
port - Port number. (Range: 1-28)
port-channel channel-id (Range: 1-12)
vlan vlan-id (Range: 1-4094)
Command Mode
EXEC
User Guidelines
◆ Use the interface keyword to display configuration data for the specified
interface.
◆ Use this command in conjunction with the show startup-config command to
compare the information in running memory to the information stored in
non-volatile memory.
◆ This command displays settings for key command modes. Each mode group is
separated by “!” symbols, and includes the configuration mode command, and
corresponding commands. This command displays the following information:
■ MAC address for the switch
■ SNMP community strings
■ Users (names, access levels, and encrypted passwords)
■ VLAN database (VLAN ID, name and state)
■ VLAN configuration settings for each interface
■ Multiple spanning tree instances (name and interfaces)
■ IP address configured for management VLAN
■ Interface settings
■ Any configured settings for the console port and Telnet
Example
Console#show running-config
show startup-config
This command displays the configuration file stored in non-volatile memory that is
used to start up the system.
Command Mode
EXEC
User Guidelines
◆ Use this command in conjunction with the show running-config command to
compare the information in running memory to the information stored in
non-volatile memory.
◆ This command displays settings for key command modes. Each mode group is
separated by “!” symbols, and includes the configuration mode command, and
corresponding commands. This command displays the following information:
■ MAC address for the switch
■ SNMP community strings
■ SNMP trap authentication
■ Users (names and access levels)
■ VLAN database (VLAN ID, name and state)
■ Multiple spanning tree instances (name and interfaces)
■ Interface settings and VLAN configuration settings for each interface
■ IP address for management VLAN
■ Any configured settings for the console port and Telnet
Example
Refer to the example for the running configuration file.
show system
This command displays system information.
Default Configuration
None
Command Mode
Normal Exec, EXEC
User Guidelines
For a description of the items shown by this command.
Example
Console#show system
System Up Time : 0 days, 1 hours, 22 minutes, and 15.82 seconds
System Name :
System Location :
System Contact :
MAC Address (Unit 1) : EC-D6-8A-32-04-C0
System OID String : 1.3.6.1.4.1.52642.2.1.45.101
http Server : Enabled
http Server Port : 80
https Server : Enabled
https Server Port : 443
Telnet Server : Enabled
Telnet Server Port : 23
System Temperature:
-----------------------------------------------------------------
unit 1 Temperature 1: 38 degrees
System Power status:
-----------------------------------------------------------------
Unit 1 Main Power Status : Up
show users
Shows all active console and Telnet sessions, including user name, idle time, and IP
address of Telnet client.
Default Configuration
None
Command Mode
Normal Exec, EXEC
User Guidelines
The session used to execute this command is indicated by a “*” symbol next to the
Line (i.e., session) index number.
Example
Console#show users
User Accounts:
User Name Privilege
-------------------- ----------
admin 15
guest 0
Users login:
User Name Type Location
-------------------- ---------- --------------------
admin *Console
show version
This command displays hardware and software version information for the system.
Command Mode
Normal Exec, EXEC
User Guidelines
None
Example
Console#show version
Unit 1 -----------------------------
Serial Number : CG1806203606N005
Number of Ports : 52
Loader Version : 1.4
Operation Code Version : 05.15.16.04
jumbo frame
This command enables support for layer 2 jumbo frames for Gigabit Ethernet ports.
Use the no form to disable it.
Syntax
[no] jumbo frame
Default Configuration
Disabled
Command Mode
Global Configuration
User Guidelines
◆ This switch provides more efficient throughput for large sequential data transfers
by supporting layer 2 jumbo frames on Gigabit Ethernet ports up to 10240 bytes.
Compared to standard Ethernet frames that run only up to 1.5 KB, using jumbo
frames significantly reduces the perpacket overhead required to process protocol
encapsulation fields.
◆ To use jumbo frames, both the source and destination end nodes (such as a
computer or server) must support this feature. Also, when the connection is
operating at full duplex, all switches in the network between the two end nodes
must be able to accept the extended frame size. And for half-duplex connections, all
devices in the collision domain would need to support jumbo frames.
◆ The current setting for jumbo frames can be displayed with the show
system command.
Example
Console(config)#jumbo frame
Console(config)#
boot system
This command specifies the file or image used to start up the system.
Syntax
boot system { config | image}: filename
config - Configuration file.
image - Run-time operation code.
filename - Name of configuration file or code image.
* The colon (:) is required.
Default Configuration
None
Command Mode
Global Configuration
User Guidelines
◆ A colon (:) is required after the specified file type.
◆ If the file contains an error, it cannot be set as the default file.
Example
Console(config)#boot system config: startup
Console(config)#
copy
This command moves (upload/download) a code image or configuration file
between the switch’s flash memory and an FTP/TFTP server. When you save the
system code or configuration settings to a file on an FTP/TFTP server, that file can
later be downloaded to the switch to restore system operation. The success of the
file transfer depends on the accessibility of the FTP/TFTP server and the quality of
the network connection.
Syntax
copy file {file | ftp | running-config | startup-config | tftp}
copy running-config {file | ftp | startup-config | tftp}
copy startup-config {file | ftp | running-config | tftp}
copy tftp {file | https-certificate | public-key |
running-config | startup-config}
file - Keyword that allows you to copy to/from a file.
ftp - Keyword that allows you to copy to/from an FTP server.
https-certificate - Keyword that allows you to copy the HTTPS
secure site certificate.
public-key - Keyword that allows you to copy a SSH key from a
TFTP server.
running-config - Keyword that allows you to copy to/from the
current running configuration.
startup-config - The configuration used for system initialization.
tftp - Keyword that allows you to copy to/from a TFTP server.
Default Configuration
None
Command Mode
EXEC
User Guidelines
◆ The system prompts for data required to complete the copy command.
◆ The destination file name should not contain slashes (\ or /), and the maximum
length for file names is 32 characters for files on the switch or 128 characters for
files on the server. (Valid characters: A-Z, a-z, 0-9, “.”, “-”)
◆ The switch supports only two operation code files, but the maximum number of
user-defined configuration files is 16.
◆ You can use “Factory_Default_Config.cfg” as the source to copy from the factory
default configuration file, but you cannot use it as the destination.
◆ To replace the startup configuration, you must use startup-config as the
destination.
◆ The Boot ROM and Loader cannot be uploaded or downloaded from the FTP/TFTP
server. You must follow the instructions in the release notes for new firmware, or
contact your distributor for help.
◆ For information on specifying an https-certificate. For information on configuring
the switch to use HTTPS for a secure connection, see the server https enable
command.
◆ When logging into an FTP server, the interface prompts for a user name and
password configured on the remote server. Note that “anonymous” is set as the
default user name.
Example
The following example shows how to download new firmware from a TFTP server:
Console#copy tftp file
Copy to which unit: <1-6>:1
TFTP server ip address: 10.1.0.19
Choose file type:
1. config: 2. image: <1-2>: 2
Source file name: m360.bix
Destination file name: m360.bix
\Write to FLASH Programming.
-Write to FLASH finish.
Success.
Console#
The following example shows how to upload the configuration settings to a file on
the TFTP server:
Console#copy file tftp
Choose file type:
1. config: 2. image: <1-2>: 1
Source file name: startup
TFTP server ip address: 10.1.0.99
Destination file name: startup.01
TFTP completed.
Success.
Console#
The following example shows how to copy the running configuration to a startup file.
Console#copy running-config file
destination file name: startup
Write to FLASH Programming.
\Write to FLASH finish.
Success.
Console#
The following example shows how to download a configuration file:
Console#copy tftp startup-config
TFTP server ip address: 10.1.0.99
Source configuration file name: startup.01
Startup configuration file name [startup]:
Write to FLASH Programming.
\Write to FLASH finish.
Success.
Console#
This example shows how to copy a secure-site certificate from an TFTP server. It
then reboots the switch to activate the certificate:
Console#copy tftp https-certificate
TFTP server ip address: 10.1.0.19
Source certificate file name: SS-certificate
Source private file name: SS-private
Private password: ********
Success.
Console#reload
System will be restarted, continue <y/n>? y
This example shows how to copy a public-key used by SSH from an TFTP server.
Note that public key authentication via SSH is only supported for users configured
locally on the switch.
Console#copy tftp public-key
TFTP server IP address: 192.168.1.19
Choose public key type:
1. RSA: 2. DSA: <1-2>: 1
Source file name: steve.pub
Username: steve
TFTP Download
Success.
Write to FLASH Programming.
Success.
Console#
This example shows how to copy a file to an FTP server.
Console#copy ftp file
FTP server IP address: 169.254.1.11
User[anonymous]: admin
Password[]: *****
Choose file type:
1. config: 2. image: 2
Source file name: BLANC.BIX
Destination file name: BLANC.BIX
Console#
delete
This command deletes a file or image.
Syntax
delete filename
filename - Name of configuration file or code image.
Default Configuration
None
Command Mode
EXEC
User Guidelines
◆ If the file type is used for system startup, then this file cannot be deleted.
◆ “Factory_Default_Config.cfg” cannot be deleted.
Example
This example shows how to delete the test2.cfg configuration file from flash memory.
Console#delete test2.cfg
Console#
dir
This command displays a list of files in flash memory.
Syntax
dir
Default Configuration
None
Command Mode
EXEC
User Guidelines
◆ If you enter the command dir without any parameters, the system displays all
files.
Example
The following example shows how to display all file information:
Console#dir
File Name Type Startup Modify Time Size(bytes)
-------------------------- -------------- ------- ------------------- ----------
DG-GS4628T_V0.0.0.10 Image N 2011-11-08 07:40:39 12510128
DG-GS4628T_V1.0.0.0.bix Image Y 1970-01-01 00:00:00 12509804
Factory_Default_Config.cfg Config N 2011-09-15 06:13:18 455
startup1.cfg Config Y 2011-11-08 07:34:33 1547
-----------------------------------------------------------------------------
Free space for compressed user config files: 1351680
Console#
LINE COMMANDS
You can access the onboard configuration program by attaching a
VT100 compatible device to the server’s serial port. These commands
are used to set communication parameters for the serial port or Telnet
(i.e., a virtual terminal).
line
This command identifies a specific line for configuration, and to process subsequent
line configuration commands.
Syntax
line {console | vty}
console - Console terminal line.
vty - Virtual terminal for remote console access (i.e., Telnet).
Default Configuration
There is no default line.
Command Mode
Global Configuration
User Guidelines
Telnet is considered a virtual terminal connection and will be shown as “VTY” in
screen displays such as show users. However, the serial communication parameters
(e.g., databits) do not affect Telnet connections.
Example
To enter console line mode, enter the following command:
Console(config)#line console
Console(config-line)#
databits
This command sets the number of data bits per character that are interpreted and
generated by the console port. Use the no form to restore the default value.
Syntax
databits {7 | 8}
no databits
7 - Seven data bits per character
8 - Eight data bits per character.
Default Configuration
8 data bits per character
Command Mode
Line Configuration
User Guidelines
The databits command can be used to mask the high bit on input from devices that
generate 7 data bits with parity. If parity is being generated, specify 7 data bits
per character. If no parity is required, specify 8 data bits per character.
Example
To specify 7 data bits, enter this command:
Console(config-line)#databits 7
Console(config-line)#
exec-timeout
This command sets the interval that the system waits until user input is detected.
Use the no form to restore the default.
Syntax
exec-timeout [seconds]
no exec-timeout
seconds - Integer that specifies the timeout interval. (Range: 60 - 65535 seconds;
0: no timeout)
Default Configuration
10 minutes
Command Mode
Line Configuration
User Guidelines
◆ If user input is detected within the timeout interval, the session is kept open;
otherwise the session is terminated.
◆ This command applies to both the local console and Telnet connections.
◆ The timeout for Telnet cannot be disabled.
◆ Using the command without specifying a timeout restores the default setting.
Example
To set the timeout to two minutes, enter this command:
Console(config-line)#exec-timeout 120
Console(config-line)#
login
This command enables password checking at login. Use the no form to disable
password checking and allow connections without a password.
Syntax
login [local]
no login
local - Selects local password checking. Authentication is based on the user name
specified with the username command.
Default Configuration
login local
Command Mode
Line Configuration
User Guidelines
◆ There are three authentication modes provided by the switch itself at login:
■ login selects authentication by a single global password as specified by the
password line configuration command. When using this method, the management
interface starts in Normal Exec (NE) mode.
■ login local selects authentication via the user name and password specified by
the username command (i.e., default setting). When using this method, the
management interface starts in Normal Exec (NE) or EXEC (PE) mode, depending on
the user’s privilege level (0 or 15 respectively).
■ no login selects no authentication. When using this method, the management
interface starts in Normal Exec (NE) mode.
◆ This command controls login authentication via the switch itself. To configure
user names and passwords for remote authentication servers, you must use the
RADIUS or TACACS software installed on those servers.
Example
Console(config-line)#login local
Console(config-line)#
parity
This command defines the generation of a parity bit. Use the no form to restore the
default setting.
Syntax
parity {none | even | odd}
no parity
none - No parity
even - Even parity
odd - Odd parity
Default Configuration
No parity
Command Mode
Line Configuration
User Guidelines
Communication protocols provided by devices such as terminals and modems often
require a specific parity bit setting.
Example
To specify no parity, enter this command:
Console(config-line)#parity none
Console(config-line)#
password
This command specifies the password for a line. Use the no form to remove the
password.
Syntax
password {0 | 7} password
no password
{0 | 7} - 0 means plain password, 7 means encrypted password
password - Character string that specifies the line password. (Maximum length: 32
characters plain text or encrypted, case sensitive)
Default Configuration
No password is specified.
Command Mode
Line Configuration
User Guidelines
◆ When a connection is started on a line with password protection, the system
prompts for the password. If you enter the correct password, the system shows a
prompt. You can use the password-thresh command to set the number of times a
user can enter an incorrect password before the system terminates the line
connection and returns the terminal to the idle state.
◆ The encrypted password is required for compatibility with legacy password
settings (i.e., plain text or encrypted) when reading the configuration file during
system bootup or when downloading the configuration file from an FTP server. There
is no need for you to manually configure encrypted passwords.
Example
To specify no parity, enter this command:
Console(config-line)# password 0 secret
Console(config-line)#
password-thresh
This command sets the password intrusion threshold which limits the number of
failed logon attempts. Use the no form to remove the threshold value.
Syntax
password-thresh [threshold]
no password-thresh
threshold - The number of allowed password attempts. (Range: 1-120; 0: no
threshold)
Default Configuration
The default value is three attempts.
Command Mode
Line Configuration
User Guidelines
When the logon attempt threshold is reached, the system interface becomes silent
for a specified amount of time before allowing the next logon attempt. (Use the
silent-time command to set this interval.) When this threshold is reached for Telnet,
the Telnet logon interface shuts down.
Example
To set the password threshold to five attempts, enter this command:
Console(config-line)#password-thresh 5
Console(config-line)#
silent-time
This command sets the amount of time the management console is inaccessible
after the number of unsuccessful logon attempts exceeds the threshold set by the
password-thresh command. Use the no form to remove the silent time value.
Syntax
silent-time [seconds]
no silent-time
seconds - The number of seconds to disable console response. (Range: 0-65535;
where 0 means disabled)
Default Configuration
Disabled
Command Mode
Line Configuration
Example
To set the silent time to 60 seconds, enter this command:
Console(config-line)# silent-time 60
Console(config-line)#
speed
This command sets the terminal line’s baud rate. This command sets both the
transmit (to terminal) and receive (from terminal) speeds. Use the no form to
restore the default setting.
Syntax
speed bps
no speed
bps - Baud rate in bits per second. (Options: 9600, 19200, 38400, 57600, 115200
bps)
Default Configuration
115200 bps
Command Mode
Line Configuration
User Guidelines
Set the speed to match the baud rate of the device connected to the serial port.
Some baud rates available on devices connected to the port might not be supported.
The system indicates if the speed you selected is not supported.
Example
To specify 57600 bps, enter this command:
Console(config-line)#speed 57600
Console(config-line)#
stopbits
This command sets the number of the stop bits transmitted per byte. Use the no
form to restore the default setting.
Syntax
stopbits {1 | 2}
no stopbits
1 - One stop bit
2 - Two stop bits
Default Configuration
1 stop bit
Command Mode
Line Configuration
Example
To specify 2 stop bits, enter this command:
Console(config-line)#stopbits 2
Console(config-line)#
timeout login response
This command sets the interval that the system waits for a user to log into the CLI.
Use the no form to restore the default setting.
Syntax
timeout login response [seconds]
no timeout login response
seconds - Integer that specifies the timeout interval. (Range: 10 - 300 seconds)
Default Configuration
300 seconds
Command Mode
Line Configuration
User Guidelines
◆ If a login attempt is not detected within the timeout interval, the connection is
terminated for the session.
◆ This command applies to both the local console and Telnet connections.
◆ The timeout for Telnet cannot be disabled.
◆ Using the command without specifying a timeout restores the default setting.
Example
To set the timeout to two minutes, enter this command:
Console(config-line)#timeout login response 120
Console(config-line)#
disconnect
This command terminates an SSH, Telnet, or console connection.
Syntax
disconnect session-id
session-id – The session identifier for an SSH, Telnet or console connection.
(Range: 0-8)
Command Mode
EXEC
User Guidelines
Specifying session identifier “0” will disconnect the console connection. Specifying
any other identifiers for an active session will disconnect an SSH or Telnet
connection.
Example
Console#disconnect 1
Console#
show line
This command displays the terminal line’s parameters.
Syntax
show line [console | vty]
console - Console terminal line.
vty - Virtual terminal for remote console access (i.e., Telnet).
Default Configuration
Shows all lines
Command Mode
Normal Exec, EXEC
User Guidelines
◆ If a login attempt is not detected within the timeout interval, the connection is
terminated for the session.
◆ This command applies to both the local console and Telnet connections.
◆ The timeout for Telnet cannot be disabled.
◆ Using the command without specifying a timeout restores the default setting.
Example
To show all lines, enter this command:
Console#show line
Terminal Configuration for this session:
Length : 24
Width : 80
History Size : 10
Escape Character(ASCII-number) : 27
Terminal Type : VT100
Console Configuration:
Password Threshold : 3 times
EXEC Timeout : 600 seconds
Login Timeout : 300 seconds
Silent Time : Disabled
Baud Rate : 115200
Data Bits : 8
Parity : None
Stop Bits : 1
VTY Configuration:
Password Threshold : 3 times
EXEC Timeout : 600 seconds
Login Timeout : 300 sec.
Silent Time : Disabled
Console#
LOG Commands
This section describes commands used to configure event logging on
the switch.
logging level
This command limits syslog messages saved to switch memory based on severity.
The no form returns the logging of syslog messages to the default level.
Syntax
logging level {flash | ram} level
no logging level {flash | ram}
flash - Event history stored in flash memory (i.e., permanent memory).
ram - Event history stored in temporary RAM (i.e., memory flushed on power reset).
level - One of the levels listed below. Messages sent include the selected level down
to level 0. (Range: 0-7)
Level Severity Name Description
7 debugging Debug information
6 messages normal messages
5 notifications notification of system.
4 warnings Warning conditions
3 minor minor alarm
2 normal normal alarm
1 Critical Critical alarm
0 emergencies System unusable
Default Configuration
Flash: errors (level 3 - 0)
RAM: debugging (level 7 - 0)
Command Mode
Global Configuration
User Guidelines
The message level specified for flash memory must be a higher priority
(i.e., numerically lower) than that specified for RAM.
Example
Console(config)#logging level ram 0
Console(config)#
logging host
This command adds a syslog server host IP address that will receive logging
messages. Use the no form to remove a syslog server host.
Syntax
[no] logging host host-ip-address
host-ip-address - The IP address of a syslog server.
Default Configuration
None
Command Mode
Global Configuration
User Guidelines
◆ Use this command more than once to build up a list of host IP addresses.
◆ The maximum number of host IP addresses allowed is five.
Example
Console(config)#logging host 10.1.0.3
Console(config)#
logging on
This command controls logging of error messages, sending debug or error
messages to a logging process. The no form disables the logging process.
Syntax
[no] logging on
Default Configuration
None
Command Mode
Global Configuration
User Guidelines
The logging process controls error messages saved to switch memory or sent to
remote syslog servers. You can use the logging level command to control the type of
error messages that are stored in memory. You can use the logging trap command
to control the type of error messages that are sent to specified syslog servers.
Example
Console(config)#logging on
Console(config)
clear logging
This command clears messages from the log buffer.
Syntax
clear logging [flash | ram]
flash - Event history stored in flash memory (i.e., permanent
memory).
ram - Event history stored in temporary RAM (i.e., memory flushed
on power reset).
Default Configuration
Flash and RAM
Command Mode
EXEC
Example
Console#clear logging
Console#
show log
This command displays the log messages stored in local memory.
Syntax
show log {flash | ram}
flash - Event history stored in flash memory (i.e., permanent memory).
ram - Event history stored in temporary RAM (i.e., memory flushed on power reset).
Default Configuration
None
Command Mode
EXEC
User Guidelines
◆ All log messages are retained in RAM and Flash after a warm restart (i.e., power
is reset through the command interface).
◆ All log messages are retained in Flash and purged from RAM after a cold restart
(i.e., power is turned off and then on through the power source).
Example
The following example shows the event message stored in RAM.
Console#show log ram
[1] 00:01:30 2001-01-01
"VLAN 1 link-up notification."
level: 6, module: 5, function: 1, and event no.: 1
[0] 00:01:30 2001-01-01
"Unit 1, Port 1 link-up notification."
level: 6, module: 5, function: 1, and event no.: 1
Console#
show logging
This command displays the configuration settings for logging messages to local
switch memory, to an SMTP event handler, or to a remote syslog server.
Syntax
show logging {flash | ram | mail}
flash - Displays settings for storing event messages in flash memory (i.e.,
permanent memory).
ram - Displays settings for storing event messages in temporary RAM (i.e., memory
flushed on power reset).
mail - Displays settings for the SMTP event handler
Default Configuration
None
Command Mode
EXEC
Example
The following example shows that system logging is enabled, the message level for
flash memory is “errors” (i.e., default level 3 - 0), and the message level for RAM is
“debugging” (i.e., default level 7 - 0).
Console#show logging flash
Syslog logging: Enabled
History logging in FLASH: level errors
Console#show logging ram
Syslog logging: Enabled
History logging in RAM: level debugging
Console#
These commands configure SMTP event handling, and forwarding of
alert messages to the specified SMTP servers and email recipients.
logging mail
This command enables SMTP event handling. Use the no form to disable this
function.
Syntax
[no] logging mail
Default Configuration
Enabled
Command Mode
Global Configuration
Example
Console(config)#logging mail
Console(config)#
logging mail host
This command specifies SMTP servers that will be sent alert messages. Use the no
form to remove an SMTP server.
Syntax
[no] logging mail host ip-address
ip-address - IPv4 or IPv6 address of an SMTP server that will be sent alert messages
for event handling.
Default Configuration
None
Command Mode
Global Configuration
User Guidelines
◆ You can specify up to three SMTP servers for event handing. However, you must
enter a separate command to specify each server.
◆ To send email alerts, the switch first opens a connection, sends all the email alerts
waiting in the queue one by one, and finally closes the connection.
◆ To open a connection, the switch first selects the server that successfully sent
mail during the last connection, or the first server configured by this command. If it
fails to send mail, the switch selects the next server in the list and tries to send mail
again. If it still fails, the system will repeat the process at a periodic interval. (A trap
will be triggered if the switch cannot successfully open a connection.)
Example
Console(config)#logging mail host 192.168.1.19
Console(config)#
logging mail level
This command sets the severity threshold used to trigger alert messages. Use the
no form to restore the default setting.
Syntax
logging mail level level
no logging mail level
level - One of the system message levels. Messages
sent include the selected level down to level 0. (Range: 0-7; Default: 7)
Default Configuration
Level 7
Command Mode
Global Configuration
User Guidelines
The specified level indicates an event threshold. All events at this level or higher will
be sent to the configured email recipients. (For example, using Level 7 will report all
events from level 7 to level 0.)
Example
This example will send email alerts for system errors from level 3 through 0.
Console(config)#logging mail level 3
Console(config)#
logging mail destination
This command specifies the email recipients of alert messages. Use the no form to
remove a recipient.
Syntax
[no] logging mail destination email-address
email-address - The destination email address used in alert messages. (Range:
1-41 characters)
Default Configuration
None
Command Mode
Global Configuration
User Guidelines
You can specify up to five recipients for alert messages. However, you must enter a
separate command to specify each recipient.
Example
Console(config)#logging mail destination ted@this-company.com
Console(config)#
logging mail source
This command sets the email address used for the “From” field in alert messages.
Use the no form to restore the default value.
Syntax
logging mail source email-address
no logging mail source
email-address - The source email address used in alert messages. (Range: 1-41
characters)
Default Configuration
None
Command Mode
Global Configuration
User Guidelines
You may use an symbolic email address that identifies the switch, or the address of
an administrator responsible for the switch.
Example
Console(config)#logging mail source bill@this-company.com
Console(config)#
show logging mail
This command displays the settings for the SMTP event handler.
Command Mode
Normal Exec, EXEC
Example
Console#show logging mail
SMTP servers
-----------------------------------------------
192.168.1.19
SMTP Minimum Severity Level: 7
SMTP destination email addresses
-----------------------------------------------
ted@this-company.com
SMTP Source Email Address: bill@this-company.com
SMTP Status: Enabled
Console#
Clock Commands
sntp client
This command enables SNTP client requests for time synchronization from NTP or
SNTP time servers specified with the sntp server command. Use the no form to
disable SNTP client requests.
Syntax
[no] sntp client
Default Configuration
Disabled
Command Mode
Global Configuration
User Guidelines
◆ The time acquired from time servers is used to record accurate dates and times
for log events. Without SNTP, the switch only records the time starting from the
factory default set at the last bootup (i.e., 00:00:00, Jan. 1, 2001).
◆ This command enables client time requests to time servers specified via the sntp
server command. It issues time synchronization requests based on the interval set
via the sntp poll command.
Example
Console(config)#sntp server 10.1.0.19
Console(config)#sntp poll 60
Console(config)#sntp client
Console(config)#end
Console#show sntp
Current Time: Dec 23 02:52:44 2002
Poll Interval: 60
Current Mode: unicast
SNTP Status : Enabled
SNTP Server 137.92.140.80 0.0.0.0 0.0.0.0
Current Server: 137.92.140.80
Console#
sntp poll
This command sets the interval between sending time requests when the switch is
set to SNTP client mode. Use the no form to restore to the default.
Syntax
sntp poll seconds
no sntp poll
seconds - Interval between time requests.
(Range: 16-16384 seconds)
Default Configuration
16 seconds
Command Mode
Global Configuration
Example
Console(config)#sntp poll 60
Console#
sntp server
This command sets the IP address of the servers to which SNTP time requests are
issued. Use the this command with no arguments to clear all time servers from the
current list. Use the no form to clear all time servers from the current list, or to clear
a specific server.
Syntax
sntp server [ip1 [ip2 [ip3]]]
no sntp server [ip1 [ip2 [ip3]]]
ip - IP address of an time server (NTP or SNTP). (Range: 1 - 3 addresses)
Default Configuration
None
Command Mode
Global Configuration
User Guidelines
This command specifies time servers from which the switch will poll for time updates
when set to SNTP client mode. The client will poll the time servers in the order
specified until a response is received. It issues time synchronization requests based
on the interval set via the sntp poll command.
Example
Console(config)#sntp server 10.1.0.19
Console#
show sntp
This command displays the current time and configuration settings for the SNTP
client, and indicates whether or not the local time has been properly updated.
Command Mode
Normal Exec, EXEC
User Guidelines
This command displays the current time, the poll interval used for sending time
synchronization requests, and the current SNTP mode (i.e., unicast).
Example
Console#show sntp
Current Time : Nov 5 18:51:22 2006
Poll Interval : 16 seconds
Current Mode : Unicast
SNTP Status : Enabled
SNTP Server : 137.92.140.80 0.0.0.0 0.0.0.0
Current Server : 137.92.140.80
Console#
ntp authenticate
This command enables authentication for NTP client-server communications. Use
the no form to disable authentication.
Syntax
[no] ntp authenticate
Default Configuration
Disabled
Command Mode
Global Configuration
User Guidelines
You can enable NTP authentication to ensure that reliable updates are received from
only authorized NTP servers. The authentication keys and their associated key
number must be centrally managed and manually distributed to NTP servers and
clients. The key numbers and key values must match on both the server and client.
Example
Console(config)#ntp authenticate
Console(config)#
ntp authentication-key
This command configures authentication keys and key numbers to use when NTP
authentication is enabled. Use the no form of the command to clear a specific
authentication key or all keys from the current list.
Syntax
ntp authentication-key number md5 key
no ntp authentication-key [number]
number - The NTP authentication key ID number. (Range: 1-65535)
md5 - Specifies that authentication is provided by using the message digest
algorithm 5.
key - An MD5 authentication key string. The key string can be up to 32
case-sensitive printable ASCII characters (no spaces).
Default Configuration
None
Command Mode
Global Configuration
User Guidelines
◆ The key number specifies a key value in the NTP authentication key list. Up to 255
keys can be configured on the switch. Re-enter this command for each server you
want to configure.
◆ Note that NTP authentication key numbers and values must match on both the
server and client.
◆ NTP authentication is optional. When enabled with the ntp authenticate
command, you must also configure at least one key number using this command.
◆ Use the no form of this command without an argument to clear all authentication
keys in the list.
Example
Console(config)#ntp authentication-key 45 md5 thisiskey45
Console(config)#
ntp client
This command enables NTP client requests for time synchronization from NTP time
servers specified with the ntp servers command. Use the no form to disable NTP
client requests.
Syntax
[no] ntp client
Default Configuration
Disabled
Command Mode
Global Configuration
User Guidelines
◆ The SNTP and NTP clients cannot be enabled at the same time. First disable the
SNTP client before using this command.
◆ The time acquired from time servers is used to record accurate dates and times
for log events. Without NTP, the switch only records the time starting from the
factory default set at the last bootup (i.e., 00:00:00, Jan. 1, 2001).
◆ This command enables client time requests to time servers specified via the ntp
servers command. It issues time synchronization requests based on the interval
set via the ntp poll command.
Example
Console(config)#ntp client
Console(config)#
ntp server
This command sets the IP addresses of the servers to which NTP time requests are
issued. Use the no form of the command to clear a specific time server or all servers
from the current list.
Syntax
ntp server ip-address [key key-number]
no ntp server [ip-address]
ip-address - IP address of an NTP time server.
key-number - The number of an authentication key to use in communications with
the server. (Range: 1-65535)
Default Configuration
Version number: 3
Command Mode
Global Configuration
User Guidelines
◆ This command specifies time servers that the switch will poll for time updates
when set to NTP client mode. It issues time synchronization requests based on the
interval set with the ntp poll command. The client will poll all the time servers
configured, the responses received are filtered and compared to determine the most
reliable and accurate time update for the switch.
◆ You can configure up to 50 NTP servers on the switch. Re-enter this command for
each server you want to configure.
◆ NTP authentication is optional. If enabled with the ntp authenticate command,
you must also configure at least one key number using the ntp
authentication-key command.
◆ Use the no form of this command without an argument to clear all configured
servers in the list.
Example
Console(config)#ntp server 192.168.10.20
Console(config)#ntp server 192.168.10.11
Console(config)#ntp server 192.168.5.25 key 21
Console(config)#
show ntp
This command displays the current time and configuration settings for the NTP client,
and indicates whether or not the local time has been properly updated.
Command Mode
Normal Exec, EXEC
User Guidelines
This command displays the current time, the poll interval used for sending time
synchronization requests, and the current NTP mode (i.e., unicast).
Example
Console#show ntp
Current Time : Apr 20 18:37:34 2015
Polling : 1024 seconds
Current Mode : unicast
NTP Status : Disabled
NTP Authenticate Status : Enabled
Last Update NTP Server : 0.0.0.0 Port: 0
Last Update Time : Jan 1 00:00:00 1970 UTC
NTP Server 192.168.10.20 version 3
NTP Server 192.168.10.21 version 3
NTP Server 192.168.3.22 version 3 key 3
NTP Authentication Key 19 md5 42V68751663T6K11P2J307210R885
Console#
clock timezone
This command sets the time zone for the switch’s internal clock.
Syntax
clock timezone name hour hours minute minutes {before-utc | after-utc}
name - Name of timezone, usually an acronym. (Range: 1-30 characters)
hours - Number of hours before/after UTC. (Range: 0-12 hours before UTC, 0-13
hours after UTC)
minutes - Number of minutes before/after UTC. (Range: 0-59 minutes)
before-utc - Sets the local time zone before (east) of UTC.
after-utc - Sets the local time zone after (west) of UTC.
Default Configuration
None
Command Mode
Global Configuration
User Guidelines
This command sets the local time zone relative to the Coordinated Universal Time
(UTC, formerly Greenwich Mean Time or GMT), based on the earth’s prime meridian,
zero degrees longitude. To display a time corresponding to your local time, you must
indicate the number of hours and minutes your time zone is east (before) or west
(after) of UTC.
Example
Console(config)#clock timezone Japan hours 8 minute 0 after-UTC
Console(config)#
calendar set
This command sets the system clock. It may be used if there is no time server on
your network, or if you have not configured the switch to receive signals from a time
server.
Syntax
calendar set hour min sec {day month year | month day year}
hour - Hour in 24-hour format. (Range: 0 - 23)
min - Minute. (Range: 0 - 59)
sec - Second. (Range: 0 - 59)
day - Day of month. (Range: 1 - 31)
month - january | february | march | april | may | june | july | august |
september | october | november | december
year - Year (4-digit). (Range: 1970 - 2037)
Default Configuration
None
Command Mode
EXEC
User Guidelines
Note that when SNTP is enabled, the system clock cannot be manually configured.
Example
This example shows how to set the system clock to 16:17:35, February 1st, 2016.
Console#calendar set 16:17:35 1 February 2016
Console#
show calendar
This command displays the system clock.
Default Configuration
None
Command Mode
Normal Exec, EXEC
Example
Console#show calendar
16:17:35 1 February 2016
Console#
time-range
This command specifies the name of a time range, and enters time range
configuration mode. Use the no form to remove a previously specified time range.
Syntax
[no] time-range name
name - Name of the time range. (Range: 1-16 characters)
Default Configuration
None
Command Mode
Global Configuration
User Guidelines
This command sets a time range for use by other functions, such as Access Control
Lists.
Example
Console(config)#time-range r&d
Console(config-time-range)#
absolute
This command sets the time range for the execution of a command. Use the no form
to remove a previously specified time.
Syntax
absolute start hour minute day month year [end hour minutes day month year]
absolute end hour minutes day month year
no absolute
hour - Hour in 24-hour format. (Range: 0-23)
minute - Minute. (Range: 0-59)
day - Day of month. (Range: 1-31)
month - january | february | march | april | may | june | july | august |
september | october | november | december
year - Year (4-digit). (Range: 2009-2109)
Default Configuration
None
Command Mode
Time Range Configuration
User Guidelines
◆ If a time range is already configured, you must use the no form of this command
to remove the current entry prior to configuring a new time range.
◆ If both an absolute rule and one or more periodic rules are configured for the
same time range (i.e., named entry), that entry will only take effect if the current
time is within the absolute time range and one of the periodic time ranges.
Example
This example configures the time for the single occurrence of an event.
Console(config)#time-range r&d
Console(config-time-range)#absolute start 1 2 3 april 2014 end 2 3 1 april
2014
Console(config-time-range)#
periodic
This command sets the time range for the periodic execution of a command. Use the
no form to remove a previously specified time range.
Syntax
[no] periodic {daily | friday | monday | saturday | sunday | thursday |
tuesday | wednesday | weekdays | weekend} hour minute to {daily | friday |
monday | saturday | sunday | thursday | tuesday | wednesday | weekdays
| weekend | hour minute}
daily - Daily
friday - Friday
monday - Monday
saturday - Saturday
sunday - Sunday
thursday - Thursday
tuesday - Tuesday
wednesday - Wednesday
weekdays - Weekdays
weekend - Weekends
hour - Hour in 24-hour format. (Range: 0-23)
minute - Minute. (Range: 0-59)
Default Configuration
None
Command Mode
Time Range Configuration
User Guidelines
◆ If a time range is already configured, you must use the no form of this command
to remove the current entry prior to configuring a new time range.
◆ If both an absolute rule and one or more periodic rules are configured for the
same time range (i.e., named entry), that entry will only take effect if the current
time is within the absolute time range and one of the periodic time ranges.
Example
This example configures a time range for the periodic occurrence of an event.
Console(config)#time-range sales
Console(config-time-range)#periodic daily 2 1 to 3 1
Console(config-time-range)#
show time-range
This command shows configured time ranges.
Syntax
show time-range [name]
name - Name of the time range. (Range: 1-30 characters)
Default Configuration
None
Command Mode
EXEC
Example
Console#show time-range r&d
Time-range r&d:
absolute start 01:01 01 April 2009
periodic Daily 01:01 to Daily 02:01
periodic Daily 02:01 to Daily 03:01
Console#
CLUSTERING Commands
Switch Clustering is a method of grouping switches together to enable
centralized management through a single unit. Switches that support
clustering can be grouped together regardless of physical location or
switch type, as long as they are connected to the same local network.
Using Switch Clustering
A switch cluster has a primary unit called the “Commander” which
◆
is used to manage all other “Member” switches in the cluster. The
management station can use either Telnet or the web interface to
communicate directly with the Commander through its IP address,
and then use the Commander to manage the Member switches
through the cluster’s “internal” IP addresses.
Clustered switches must be in the same Ethernet broadcast domain.
◆
In other words, clustering only functions for switches which can pass
information between the Commander and potential Candidates or
active Members through VLAN 4094.
Once a switch has been configured to be a cluster Commander, it
◆
automatically discovers other cluster-enabled switches in the network.
These “Candidate” switches only become cluster Members when
manually selected by the administrator through the management
station.
NOTE: Cluster Member switches can be managed either through a
Telnet connection to the Commander, or through a web management
connection to the Commander. When using a console connection,
from the Commander CLI prompt, use the rcommand to connect to
the Member switch.
cluster
This command enables clustering on the switch. Use the no form to disable
clustering.
Syntax
[no] cluster
Default Configuration
Disabled
Command Mode
Global Configuration
User Guidelines
◆ To create a switch cluster, first be sure that clustering is enabled on the switch
(the default is enabled), then set the switch as a Cluster Commander. Set a Cluster
IP Pool that does not conflict with any other IP subnets in the network. Cluster IP
addresses are assigned to switches when they become Members and are used for
communication between Member switches and the Commander.
◆ Switch clusters are limited to the same Ethernet broadcast domain.
◆ There can be up to 100 candidates and 36 member switches in one cluster.
◆ A switch can only be a Member of one cluster.
◆ Configured switch clusters are maintained across power resets and network
changes.
Example
Console(config)#cluster
Console(config)#
cluster commander
This command enables the switch as a cluster Commander. Use the no form to
disable the switch as cluster Commander.
Syntax
[no] cluster commander
Default Configuration
Disabled
Command Mode
Global Configuration
User Guidelines
◆ Once a switch has been configured to be a cluster Commander, it automatically
discovers other cluster-enabled switches in the network. These “Candidate”
switches only become cluster Members when manually selected by the
administrator through the management station.
◆ Cluster Member switches can be managed through a Telnet connection to the
Commander. From the Commander CLI prompt, use the rcommand id command to
connect to the Member switch.
Example
Console(config)#cluster commander
Console(config)#
cluster ip-pool
This command sets the cluster IP address pool. Use the no form to reset to the
default address.
Syntax
cluster ip-pool ip-address
no cluster ip-pool
ip-address - The base IP address for IP addresses assigned to cluster Members. The
IP address must start 10.x.x.x.
Default Configuration
10.254.254.1
Command Mode
Global Configuration
User Guidelines
◆ An “internal” IP address pool is used to assign IP addresses to Member switches
in the cluster. Internal cluster IP addresses are in the form 10.x.x.member-ID. Only
the base IP address of the pool needs to be set since Member IDs can only be
between 1 and 36.
◆ Set a Cluster IP Pool that does not conflict with addresses in the network IP
subnet. Cluster IP addresses are assigned to switches when they become Members
and are used for communication between Member switches and the Commander.
◆ You cannot change the cluster IP pool when the switch is currently in Commander
mode. Commander mode must first be disabled.
Example
Console(config)#cluster ip-pool 10.4.3.2
Console(config)#
cluster member
This command configures a Candidate switch as a cluster Member. Use the no form
to remove a Member switch from the cluster.
Syntax
cluster member mac-address mac-address id member-id
no cluster member id member-id
mac-address - The MAC address of the Candidate switch.
member-id - The ID number to assign to the Member switch. (Range: 1-36)
Default Configuration
No Members
Command Mode
Global Configuration
User Guidelines
◆ The maximum number of cluster Members is 36.
◆ The maximum number of cluster Candidates is 100.
Example
Console(config)#cluster member mac-address 00-32-34-66-76-6a id 4
Console(config)#
rcommand
This command provides access to a cluster Member CLI for configuration.
Syntax
rcommand id member-id
member-id - The ID number of the Member switch. (Range: 1-36)
Command Mode
EXEC
User Guidelines
◆ This command only operates through a Telnet connection to the Commander
switch. Managing cluster Members using the local console CLI on the Commander is
not supported.
◆ There is no need to enter the username and password for access to the Member
switch CLI.
Example
Console#rcommand id 1
CLI session with the DG-GS4628T is opened.
To end the CLI session, enter [Exit].
Vty-0#
show cluster
This command shows the switch clustering configuration.
Command Mode
EXEC
Example
Console#show cluster
Role : commander
Interval Heartbeat : 30
Heartbeat Loss Count : 3 seconds
Number of Members : 1
Number of Candidates : 2
Console#
show cluster candidates
This command shows the discovered Candidate switches in the network.
Command Mode
EXEC
Example
Console#show cluster candidates
Cluster Candidates:
Role MAC Address Description
--------------- ----------------- ----------------------------------------
Active member 00-E0-0C-00-00-FE DG-GS4628T
CANDIDATE 00-12-CF-0B-47-A0 DG-GS4628T
Console#
show cluster members
This command shows the current switch cluster members.
Command Mode
EXEC
Example
Console#show cluster members
Cluster Members:
ID : 1
Role : Active member
IP Address : 10.254.254.2
MAC Address : 00-E0-0C-00-00-FE
Description : DG-GS4628T
Console#
SNMP COMMANDS
SNMP commands control access to this switch from management
stations using the Simple Network Management Protocol (SNMP), as
well as the error types sent to trap managers.
SNMP Version 3 also provides security features that cover message
integrity, authentication, and encryption; as well as controlling user
access to specific areas of the MIB tree. To use SNMPv3, first set an
SNMP engine ID (or accept the default), specify read and write access
views for the MIB tree, configure SNMP user groups with the required
security model (i.e., SNMP v1, v2c or v3) and security level (i.e.,
authentication and privacy), and then assign SNMP users to these
groups, along with their specific authentication and privacy
passwords.
General SNMP Commands
snmp-server server
This command enables the SNMPv3 engine and services for all management clients
(i.e., versions 1, 2c, 3). Use the no form to disable the server.
Syntax
[no] snmp-server server
Default Configuration
Enabled
Command Mode
Global Configuration
Example
Console(config)#snmp-server server
Console(config)#
snmp-server community
This command defines community access strings used to authorize management
access by clients using SNMP v1 or v2c. Use the no form to remove the specified
community string.
Syntax
snmp-server community string [ro | rw]
no snmp-server community string
string - Community string that acts like a password and permits access to the SNMP
protocol. (Maximum length: 32 characters, case sensitive; Maximum number of
strings: 5)
ro - Specifies read-only access. Authorized management stations are only able to
retrieve MIB objects.
rw - Specifies read/write access. Authorized management stations are able to both
retrieve and modify MIB objects.
Default Configuration
◆ public - Read-only access. Authorized management stations are only able to
retrieve MIB objects.
◆ private - Read/write access. Authorized management stations are able to both
retrieve and modify MIB objects.
Command Mode
Global Configuration
Example
Console(config)#snmp-server community alpha rw
Console(config)#
snmp-server contact
This command sets the system contact string. Use the no form to remove the
system contact information.
Syntax
snmp-server contact string
no snmp-server contact
string - String that describes the system contact information. (Maximum length:
255 characters)
Default Configuration
None
Command Mode
Global Configuration
Example
Console(config)#snmp-server contact Paul
Console(config)#
snmp-server location
This command sets the system location string. Use the no form to remove the
location string.
Syntax
snmp-server location text
no snmp-server location
text - String that describes the system location. (Maximum length: 255 characters)
Default Configuration
None
Command Mode
Global Configuration
Example
Console(config)#snmp-server location WC-19
Console(config)#
show snmp
This command can be used to check the status of SNMP communications.
Default Configuration
None
Command Mode
Normal Exec, EXEC
User Guidelines
This command provides information on the community access strings, counters for
SNMP input and output protocol data units, and whether or not SNMP logging has
been enabled with the snmp-server enable traps command.
Example
Console#show snmp
SNMP Agent : Enabled
SNMP Traps :
Authentication : Enabled
Link-up-down : Enabled
SNMP Communities :
1. public, and the access level is read-only
2. private, and the access level is read/write
0 SNMP packets input
0 Bad SNMP version errors
0 Unknown community name
0 Illegal operation for community name supplied
0 Encoding errors
0 Number of requested variables
0 Number of altered variables
0 Get-request PDUs
0 Get-next PDUs
0 Set-request PDUs
0 SNMP packets output
0 Too big errors
0 No such name errors
0 Bad values errors
0 General errors
0 Response PDUs
0 Trap PDUs
SNMP Logging: Disabled
Console#
SNMP Target Host Commands
snmp-server enable traps
This command enables this device to send Simple Network Management Protocol
traps or informs (i.e., SNMP notifications). Use the no form to disable SNMP
notifications.
Syntax
[no] snmp-server enable traps [authentication | link-up-down | ethernet
cfm]
authentication - Keyword to issue authentication failure notifications.
link-up-down - Keyword to issue link-up or link-down notifications.
ethernet cfm - Connectivity Fault Management traps.
Default Configuration
Issue authentication and link-up-down traps.
Command Mode
Global Configuration
User Guidelines
◆ If you do not enter an snmp-server enable traps command, no notifications
controlled by this command are sent. In order to configure this device to send SNMP
notifications, you must enter at least one
snmp-server enable traps command. If you enter the command with no
keywords, both authentication and link-up-down notifications are enabled. If you
enter the command with a keyword, only the notification type related to that
keyword is enabled.
◆ The snmp-server enable traps command is used in conjunction with the
snmp-server host command. Use the snmp-server host command to specify which
host or hosts receive SNMP notifications. In order to send notifications, you must
configure at least one snmp-server host command.
◆ The authentication, link-up, and link-down traps are legacy notifications, and
therefore when used for SNMP Version 3 hosts, they must be enabled in conjunction
with the corresponding entries in the Notify View assigned by the snmp-server
group command.
Example
Console(config)#snmp-server enable traps link-up-down
Console(config)#
snmp-server host
This command specifies the recipient of a Simple Network Management Protocol
notification operation. Use the no form to remove the specified
host.
Syntax
snmp-server host host-addr [inform [retry retries | timeout seconds]]
community-string [version {1 | 2c | 3 {auth | noauth | priv} [udp-port port]}
no snmp-server host host-addr
host-addr - Internet address of the host (the targeted recipient). (Maximum host
addresses: 5 trap destination IP address entries)
inform - Notifications are sent as inform messages. Note that this option is only
available for version 2c and 3 hosts. (Default: traps are used)
retries - The maximum number of times to resend an inform message if the
recipient does not acknowledge receipt. (Range: 0-255; Default: 3)
seconds - The number of seconds to wait for an acknowledgment before resending
an inform message. (Range: 0-2147483647 centiseconds; Default: 1500
centiseconds)
community-string - Password-like community string sent with the notification
operation to SNMP V1 and V2c hosts. Although you can set this string using the
snmp-server host command by itself, we recommend defining it with the
snmp-server community command prior to using the snmp-server host command.
(Maximum length: 32 characters)
version - Specifies whether to send notifications as SNMP Version 1, 2c or 3 traps.
(Range: 1, 2c, 3; Default: 1)
auth | noauth | priv - This group uses SNMPv3 with authentication, no
authentication, or with authentication and privacy.
port - Host UDP port to use. (Range: 1-65535; Default: 162)
Default Configuration
Host Address: None
Notification Type: Traps
SNMP Version: 1
UDP Port: 162
Command Mode
Global Configuration
User Guidelines
◆ If you do not enter an snmp-server host command, no notifications are sent. In
order to configure the switch to send SNMP notifications, you must enter at least
one snmp-server host command. In order to enable multiple hosts, you must
issue a separate snmp-server host command for each host.
◆ The snmp-server host command is used in conjunction with the snmp-server
enable traps command. Use the snmp-server enable traps command to enable the
sending of traps or informs and to specify which SNMP notifications are sent globally.
For a host to receive notifications, at least one snmp-server enable traps command
and the snmp-server host command for that host must be enabled.
◆ Some notification types cannot be controlled with the snmp-server enable traps
command. For example, some notification types are always enabled.
◆ Notifications are issued by the switch as trap messages by default. The recipient
of a trap message does not send a response to the switch. Traps are therefore not as
reliable as inform messages, which include a request for acknowledgement of
receipt. Informs can be used to ensure that critical information is received by the
host. However, note that informs consume more system resources because they
must be kept in memory until a response is received. Informs also add to network
traffic. You should consider these effects when deciding whether to issue
notifications as traps or informs.
To send an inform to a SNMPv2c host, complete these steps:
1. Enable the SNMP agent.
2. Create a view with the required notification messages.
3. Create a group that includes the required notify view.
4. Allow the switch to send SNMP traps; i.e., notifications.
5. Specify the target host that will receive inform messages with the snmp-server
host command as described in this section.
To send an inform to a SNMPv3 host, complete these steps:
1. Enable the SNMP agent.
2. Create a local SNMPv3 user to use in the message exchange process.
3. Create a view with the required notification messages.
4. Create a group that includes the required notify view.
5. Allow the switch to send SNMP traps; i.e., notifications.
6. Specify the target host that will receive inform messages with the snmp-server
host command as described in this section.
◆ The switch can send SNMP Version 1, 2c or 3 notifications to a host IP address,
depending on the SNMP version that the management station supports. If the
snmp-server host command does not specify the SNMP version, the default is to
send SNMP version 1 notifications.
◆ If you specify an SNMP Version 3 host, then the community string is interpreted
as an SNMP user name. The user name must first be defined with the snmp-server
user command. Otherwise, an SNMPv3 group will be automatically created by the
snmp-server host command using the name of the specified community string,
and default settings for the read, write, and notify view.
Example
Console(config)#snmp-server host 10.1.19.23 batman
Console(config)#
SNMPv3 Commands
snmp-server engine-id
This command configures an identification string for the SNMPv3 engine. Use the no
form to restore the default.
Syntax
snmp-server engine-id {local | remote {ip-address}} engineid-string
no snmp-server engine-id {local | remote {ip-address}}
local - Specifies the SNMP engine on this switch.
remote - Specifies an SNMP engine on a remote device.
ip-address - The Internet address of the remote device.
engineid-string - String identifying the engine ID. (Range: 1-26 hexadecimal
characters)
Default Configuration
A unique engine ID is automatically generated by the switch based on its MAC
address.
Command Mode
Global Configuration
User Guidelines
◆ An SNMP engine is an independent SNMP agent that resides either on this switch
or on a remote device. This engine protects against message replay, delay, and
redirection. The engine ID is also used in combination with user passwords to
generate the security keys for authenticating and encrypting SNMPv3 packets.
◆ A remote engine ID is required when using SNMPv3 informs. (See the
snmp-server host command.) The remote engine ID is used to compute the security
digest for authentication and encryption of packets passed between the switch and
a user on the remote host. SNMP passwords are localized using the engine ID of the
authoritative agent. For informs, the authoritative SNMP agent is the remote agent.
You therefore need to configure the remote agent’s SNMP engine ID before you can
send proxy requests or informs to it.
◆ Trailing zeroes need not be entered to uniquely specify a engine ID. In other
words, the value “0123456789” is equivalent to “0123456789” followed by 16
zeroes for a local engine ID.
◆ A local engine ID is automatically generated that is unique to the switch. This is
referred to as the default engine ID. If the local engine ID is deleted or changed, all
SNMP users will be cleared. You will need to reconfigure all existing users.
Example
Console(config)#snmp-server engine-id local 1234567890
Console(config)#snmp-server engineID remote 9876543210 192.168.1.19
Console(config)#
snmp-server group
This command adds an SNMP group, mapping SNMP users to SNMP views. Use the
no form to remove an SNMP group.
Syntax
snmp-server group groupname {v1 | v2c | v3 {auth | noauth | priv}}
[read readview] [write writeview] [notify notifyview]
no snmp-server group groupname
groupname - Name of an SNMP group. (Range: 1-32 characters)
v1 | v2c | v3 - Use SNMP version 1, 2c or 3.
auth | noauth | priv - This group uses SNMPv3 with authentication, no
authentication, or with authentication and
privacy.
readview - Defines the view for read access. (1-32 characters)
writeview - Defines the view for write access. (1-32 characters)
notifyview - Defines the view for notifications. (1-32 characters)
Default Configuration
Default groups: public15 (read only), private16 (read/write)
readview - Every object belonging to the Internet OID space (1).
writeview - Nothing is defined.
notifyview - Nothing is defined.
Command Mode
Global Configuration
User Guidelines
◆ A group sets the access policy for the assigned users.
◆ When authentication is selected, the MD5 or SHA algorithm is used as specified in
the snmp-server user command.
◆ When privacy is selected, the DES 56-bit algorithm is used for data encryption.
Example
Console(config)#snmp-server group r&d v3 auth write daily
Console(config)#
snmp-server user
This command adds a user to an SNMP group, restricting the user to a specific SNMP
Read, Write, or Notify View. Use the no form to remove a user from an SNMP group.
Syntax
snmp-server user username groupname [remote ip-address] {v1 | v2c | v3
[encrypted] [auth {md5 | sha} auth-password [priv des56 priv-password]]
no snmp-server user username {v1 | v2c | v3 | remote}
username - Name of user connecting to the SNMP agent. (Range: 1-32 characters)
groupname - Name of an SNMP group to which the user is assigned. (Range: 1-32
characters)
remote - Specifies an SNMP engine on a remote device.
ip-address - The Internet address of the remote device.
v1 | v2c | v3 - Use SNMP version 1, 2c or 3.
encrypted - Accepts the password as encrypted input.
auth - Uses SNMPv3 with authentication.
md5 | sha - Uses MD5 or SHA authentication.
auth-password - Authentication password. Enter as plain text if the encrypted
option is not used. Otherwise, enter an encrypted password. (A minimum of eight
characters is required.)
priv des56 - Uses SNMPv3 with privacy with DES56 encryption.
priv-password - Privacy password. Enter as plain text if the encrypted option is not
used. Otherwise, enter an encrypted password.
Default Configuration
None
Command Mode
Global Configuration
User Guidelines
◆ Local users (i.e., the command does not specify a remote engine identifier) must
be configured to authorize management access for SNMPv3 clients, or to identify
the source of SNMPv3 trap messages sent from the local switch.
◆ Remote users (i.e., the command specifies a remote engine identifier) must be
configured to identify the source of SNMPv3 inform messages sent from the local
switch.
◆ The SNMP engine ID is used to compute the authentication/privacy digests from
the password. You should therefore configure the engine ID with the snmp-server
engine-id command before using this configuration command.
◆ Before you configure a remote user, use the snmp-server engine-id command to
specify the engine ID for the remote device where the user resides. Then use the
snmp-server user command to specify the user and the IP address for the remote
device where the user resides. The remote agent’s SNMP engine ID is used to
compute authentication/privacy digests from the user’s password. If the remote
engine ID is not first configured, the snmp-server user command specifying a
remote user will fail.
◆ SNMP passwords are localized using the engine ID of the authoritative agent. For
informs, the authoritative SNMP agent is the remote agent. You therefore need to
configure the remote agent’s SNMP engine ID before you can send proxy requests or
informs to it.
Example
Console(config)#snmp-server user steve group r&d v3 auth md5 greenpeace priv
des56 einstien
Console(config)#snmp-server user mark group r&d remote 192.168.1.19 v3 auth
md5 greenpeace priv des56 einstien
Console(config)#
snmp-server view
This command adds an SNMP view which controls user access to the MIB. Use the
no form to remove an SNMP view.
Syntax
snmp-server view view-name oid-tree {included | excluded}
no snmp-server view view-name
view-name - Name of an SNMP view. (Range: 1-32 characters)
oid-tree - Object identifier of a branch within the MIB tree. Wild cards can be used
to mask a specific portion of the OID string. (Refer to the examples.)
included - Defines an included view.
excluded - Defines an excluded view.
Default Configuration
defaultview (includes access to the entire MIB tree)
Command Mode
Global Configuration
User Guidelines
◆ Views are used in the snmp-server group command to restrict user access to
specified portions of the MIB tree.
◆ The predefined view “defaultview” includes access to the entire MIB tree.
EXAMPLES
This view includes MIB-2.
Console(config)#snmp-server view mib-2 1.3.6.1.2.1 included
Console(config)#
This view includes the MIB-2 interfaces table, ifDescr. The wild card is used to select
all the index values in this table.
Console(config)#snmp-server view ifEntry.2 1.3.6.1.2.1.2.2.1.*.2 included
Console(config)#
This view includes the MIB-2 interfaces table, and the mask selects all index entries.
Console(config)#snmp-server view ifEntry.a 1.3.6.1.2.1.2.2.1.1.* included
Console(config)#
show snmp engine-id
This command shows the SNMP engine ID.
Command Mode
EXEC
Example
This example shows the default engine ID.
Console#show snmp engine-id
Local SNMP EngineID: 8000002a8000000000e8666672
Local SNMP EngineBoots: 1
Remote SNMP EngineID IP address
80000000030004e2b316c54321 192.168.1.19
Console#
show snmp group
Four default groups are provided – SNMPv1 read-only access and read/write access,
and SNMPv2c read-only access and read/write access.
Command Mode
EXEC
Example
Console#show snmp group
Group Name: r&d
Security Model: v3
Read View: defaultview
Write View: daily
Notify View: none
Storage Type: permanent
Row Status: active
Group Name: public
Security Model: v1
Read View: defaultview
Write View: none
Notify View: none
Storage Type: volatile
Row Status: active
Group Name: public
Security Model: v2c
Read View: defaultview
Write View: none
Notify View: none
Storage Type: volatile
Row Status: active
Group Name: private
Security Model: v1
Read View: defaultview
Write View: defaultview
Notify View: none
Storage Type: volatile
Row Status: active
Group Name: private
Security Model: v2c
Read View: defaultview
Write View: defaultview
Notify View: none
Storage Type: volatile
Row Status: active
Console#
show snmp user
This command shows information on SNMP users.
Command Mode
EXEC
Example
Console#show snmp user
EngineId: 800000ca030030f1df9ca00000
User Name: steve
Authentication Protocol: md5
Privacy Protocol: des56
Storage Type: nonvolatile
Row Status: active
show snmp view
This command shows information on the SNMP views.
Command Mode
EXEC
Example
Console#show snmp view
View Name: mib-2
Subtree OID: 1.2.2.3.6.2.1
View Type: included
Storage Type: permanent
Row Status: active
View Name: defaultview
Subtree OID: 1
View Type: included
Storage Type: volatile
Row Status: active
Console#
Additional Trap Commands
memory
This command sets an SNMP trap based on configured thresholds for memory
utilization. Use the no form to restore the default setting.
Syntax
memory {rising rising-threshold | falling falling-threshold}
no memory {rising | falling}
rising-threshold - Rising threshold for memory utilization alarm expressed in
percentage. (Range: 1-100)
falling-threshold - Falling threshold for memory utilization alarm expressed in
percentage. (Range: 1-100)
Default Configuration
Rising Threshold: 90%
Falling Threshold: 70%
Command Mode
Global Configuration
User Guidelines
Once the rising alarm threshold is exceeded, utilization must drop beneath the
falling threshold before the alarm is terminated, and then exceed the rising
threshold again before another alarm is triggered.
Example
Console(config)#memory rising 80
Console(config)#memory falling 60
Console#
cpu
This command sets an SNMP trap based on configured thresholds for CPU utilization.
Use the no form to restore the default setting.
Syntax
cpu {rising rising-threshold | falling falling-threshold}
no cpu {rising | falling}
rising-threshold - Rising threshold for CPU utilization alarm expressed in percentage.
(Range: 1-100)
falling-threshold - Falling threshold for CPU utilization alarm expressed in
percentage. (Range: 1-100)
Default Configuration
Rising Threshold: 90%
Falling Threshold: 70%
Command Mode
Global Configuration
User Guidelines
Once the rising alarm threshold is exceeded, utilization must drop beneath the
falling threshold before the alarm is terminated, and then exceed the rising
threshold again before another alarm is triggered.
Example
Console(config)#cpu rising 80
Console(config)#cpu falling 60
Console#
RMON COMMANDS
Remote Monitoring allows a remote device to collect information or
respond to specified events on an independent basis. This switch is an
RMON-capable device which can independently perform a wide range
of tasks, significantly reducing network management traffic. It can
continuously run diagnostics and log information on network
performance. If an event is triggered, it can automatically notify the
network administrator of a failure and provide historical information
about the event. If it cannot connect to the management agent, it will
continue to perform any specified tasks and pass data back to the
management station the next time it is contacted.
This switch supports mini-RMON, which consists of the Statistics,
History, Event and Alarm groups. When RMON is enabled, the system
gradually builds up information about its physical interfaces, storing
this information in the relevant RMON database group. A
management agent then periodically communicates with the switch
using the SNMP protocol. However, if the switch encounters a critical
event, it can automatically send a trap message to the management
agent which can then respond to the event if so configured.
rmon alarm
This command sets threshold bounds for a monitored variable. Use the no form to
remove an alarm.
Syntax
rmon alarm index variable interval {absolute | delta} rising-threshold
threshold [event-index] falling-threshold threshold [event-index] [owner name]
no rmon alarm index
index – Index to this entry. (Range: 1-65535)
Loading...