Smc 6128PL2, 6152PL2 Management Guide
Management Guide
SMC6128PL2
SMC6152PL2
TigerSwitchTM 10/100
24-Port 10/100 Switch with PoE,
IP Clustering and 4 Gigabit Ports
TigerSwitch 10/100
Management Guide
From SMC's Tiger line of feature-rich workgroup LAN solutions
20 Mason
Irvine, CA 92618
Phone: (949) 679-8000
Pub. # 149100000007A
May 2009
E052009-MW-R01
Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate and
reliable. However, no responsibility is assumed by SMC for its use, nor for any
infringements of patents or other rights of third parties which may result from its use. No
license is granted by implication or otherwise under any patent or patent rights of SMC.
SMC reserves the right to change specifications at any time without notice.
Copyright © 2009 by
SMC Networks, Inc.
20 Mason
Irvine, CA 92618
All rights reserved.
Trademarks:
SMC is a registered trademark; and EZ Switch, TigerStack and TigerSwitch are
trademarks of SMC Networks, Inc. Other product and company names are trademarks or
registered trademarks of their respective holders.
Warranty and Product Registration
To register SMC products and to review the detailed warranty statement, please refer to
the Support Section of the SMC Website at http://www.smc.com.
v
vi
About This Guide
Purpose
This guide gives specific information on how to operate and use the management
functions of the switch.
Audience
The guide is intended for use by network administrators who are responsible for operating
and maintaining network equipment; consequently, it assumes a basic working
knowledge of general switch functions, the Internet Protocol (IP), and Simple Network
Management Protocol (SNMP).
Conventions
The following conventions are used throughout this guide to show information:
Note: Emphasizes important information or calls your attention to related features or
instructions.
Caution: Alerts you to a potential hazard that could cause loss of data, or damage the
system or equipment.
Warning: Alerts you to a potential hazard that could cause personal injury.
Related Publications
The following publication details the hardware features of the switch, including the
physical and performance-related characteristics, and how to install the switch:
The Installation Guide
Also, as part of the switch’s software, there is an online web-based help that describes all
management related features.
Revision History
This section summarizes the changes in each revision of this guide.
May 2009 Revision
This is the first revision of this guide. This guide is valid for software release v1.3.5.2.
vii
viii
Contents
Chapter 1: Introduction 1-1
Key Features 1-1
Description of Software Features 1-2
System Defaults 1-6
Chapter 2: Initial Configuration 2-1
Connecting to the Switch 2-1
Configuration Options 2-1
Required Connections 2-2
Remote Connections 2-3
Basic Configuration 2-3
Console Connection 2-3
Setting Passwords 2-4
Setting an IP Address 2-4
Manual Configuration 2-4
Dynamic Configuration 2-5
Enabling SNMP Management Access 2-6
Community Strings (for SNMP version 1 and 2c clients) 2-6
Trap Receivers 2-7
Configuring Access for SNMP Version 3 Clients 2-8
Managing System Files 2-8
Saving Configuration Settings 2-9
Chapter 3: Configuring the Switch 3-1
Using the Web Interface 3-1
Navigating the Web Browser Interface 3-2
Home Page 3-2
Configuration Options 3-3
Panel Display 3-3
Main Menu 3-4
Basic Configuration 3-13
Displaying System Information 3-13
Displaying Switch Hardware/Software Versions 3-15
Displaying Bridge Extension Capabilities 3-17
Setting the Switch's IP Address 3-18
Manual Configuration 3-19
Using DHCP/BOOTP 3-20
Enabling Jumbo Frames 3-21
Managing Firmware 3-22
Automatic Operation Code Upgrade 3-22
ix
Contents
Downloading System Software from a Server 3-26
Saving or Restoring Configuration Settings 3-28
Downloading Configuration Settings from a Server 3-29
Uploading and Downloading Files Using HTTP 3-30
Console Port Settings 3-32
Telnet Settings 3-34
Configuring Event Logging 3-36
System Log Configuration 3-36
Remote Log Configuration 3-37
Displaying Log Messages 3-39
Sending Simple Mail Transfer Protocol Alerts 3-39
Resetting the System 3-41
Setting the System Clock 3-42
Setting the Time Manually 3-43
Configuring SNTP 3-43
Configuring NTP 3-44
Setting the Time Zone 3-46
Configuring Summer Time 3-47
Simple Network Management Protocol 3-49
Enabling the SNMP Agent 3-51
Setting Community Access Strings 3-51
Specifying Trap Managers and Trap Types 3-52
Configuring SNMPv3 Management Access 3-55
Setting the Local Engine ID 3-55
Specifying a Remote Engine ID 3-56
Configuring SNMPv3 Users 3-57
Configuring Remote SNMPv3 Users 3-59
Configuring SNMPv3 Groups 3-61
Setting SNMPv3 Views 3-64
Sampling Traffic Flows 3-65
Configuring sFlow Global Parameters 3-66
Configuring sFlow Port Parameters 3-68
User Authentication 3-70
Configuring User Accounts 3-70
Configuring Local/Remote Logon Authentication 3-72
Configuring Encryption Keys 3-75
AAA Authorization and Accounting 3-76
Configuring AAA RADIUS Group Settings 3-77
Configuring AAA TACACS+ Group Settings 3-78
Configuring AAA Accounting 3-78
AAA Accounting Update 3-80
AAA Accounting 802.1X Port Settings 3-81
AAA Accounting Exec Command Privileges 3-82
AAA Accounting Exec Settings 3-83
AAA Accounting Summary 3-83
x
Contents
Authorization Settings 3-85
Authorization EXEC Settings 3-86
Authorization Summary 3-87
Configuring HTTPS 3-88
Replacing the Default Secure-site Certificate 3-89
Configuring the Secure Shell 3-90
Generating the Host Key Pair 3-93
Importing User Public Keys 3-95
Configuring the SSH Server 3-97
Configuring 802.1X Port Authentication 3-99
Displaying 802.1X Global Settings 3-100
Configuring 802.1X Global Settings 3-101
Configuring Port Settings for 802.1X 3-101
Displaying 802.1X Statistics 3-104
Filtering IP Addresses for Management Access 3-106
General Security Measures 3-108
Configuring Port Security 3-109
Web Authentication 3-110
Configuring Web Authentication 3-111
Configuring Web Authentication for Ports 3-112
Displaying Web Authentication Port Information 3-113
Re-authenticating Web Authenticated Ports 3-113
Network Access (MAC Address Authentication) 3-114
Configuring the MAC Authentication Reauthentication Time 3-116
Configuring MAC Authentication for Ports 3-117
Configuring Port Link Detection 3-119
Displaying Secure MAC Address Information 3-120
MAC Filter Configuration 3-121
Access Control Lists 3-123
Setting the ACL Name and Type 3-124
Configuring a Standard IPv4 ACL 3-125
Configuring an Extended IPv4 ACL 3-125
Configuring a Standard IPv6 ACL 3-128
Configuring an Extended IPv6 ACL 3-129
Configuring a MAC ACL 3-131
Configuring an ARP ACL 3-133
Binding a Port to an Access Control List 3-135
ARP Inspection 3-136
Configuring ARP Inspection 3-136
Displaying ARP Inspection Port Information 3-141
DHCP Snooping 3-143
DHCP Snooping Configuration 3-144
DHCP Snooping VLAN Configuration 3-145
DHCP Snooping Information Option Configuration 3-146
Configuring Ports for DHCP Snooping 3-147
xi
Contents
Displaying DHCP Snooping Binding Information 3-149
IP Source Guard 3-150
Configuring Ports for IP Source Guard 3-150
Configuring Static Binding for IP Source Guard 3-152
Displaying Information for Dynamic IP Source Guard Bindings 3-154
Port Configuration 3-155
Displaying Connection Status 3-155
Configuring Interface Connections 3-157
Creating Trunk Groups 3-160
Statically Configuring a Trunk 3-161
Enabling LACP on Selected Ports 3-162
Configuring Parameters for LACP Group Members 3-164
Configuring Parameters for LACP Groups 3-166
Displaying LACP Port Counters 3-167
Displaying LACP Settings and Status for the Local Side 3-168
Displaying LACP Settings and Status for the Remote Side 3-170
Setting Broadcast Storm Thresholds 3-172
Setting Multicast Storm Thresholds 3-174
Setting Unknown Unicast Storm Thresholds 3-175
Configuring Port Mirroring 3-177
Configuring MAC Address Mirroring 3-178
Configuring Rate Limits 3-179
Rate Limit Configuration 3-179
Showing Port Statistics 3-180
Power Over Ethernet Settings 3-184
Switch Power Status 3-185
Setting a Switch Power Budget 3-186
Displaying Port Power Status 3-186
Configuring Port PoE Power 3-187
Address Table Settings 3-189
Setting Static Addresses 3-189
Displaying the Address Table 3-190
Changing the Aging Time 3-191
Spanning Tree Algorithm Configuration 3-192
Configuring Port and Trunk Loopback Detection 3-194
Displaying Global Settings for STA 3-195
Configuring Global Settings for STA 3-198
Displaying Interface Settings for STA 3-202
Configuring Interface Settings for STA 3-205
Spanning Tree Edge Port Configuration 3-208
Configuring Multiple Spanning Trees 3-210
Displaying Interface Settings for MSTP 3-213
Configuring Interface Settings for MSTP 3-215
VLAN Configuration 3-216
IEEE 802.1Q VLANs 3-216
xii
Contents
Enabling or Disabling GVRP (Global Setting) 3-219
Displaying Basic VLAN Information 3-220
Displaying Current VLANs 3-221
Creating VLANs 3-222
Adding Static Members to VLANs (VLAN Index) 3-224
Adding Static Members to VLANs (Port Index) 3-226
Configuring VLAN Behavior for Interfaces 3-227
Configuring IEEE 802.1Q Tunneling 3-229
Enabling QinQ Tunneling on the Switch 3-233
Adding an Interface to a QinQ Tunnel 3-234
Traffic Segmentation 3-236
Configuring Global Settings for Traffic Segmentation 3-236
Configuring Traffic Segmentation Sessions 3-237
Private VLANs 3-238
Displaying Current Private VLANs 3-238
Configuring Private VLANs 3-239
Associating VLANs 3-240
Displaying Private VLAN Interface Information 3-241
Configuring Private VLAN Interfaces 3-242
Protocol VLANs 3-243
Configuring Protocol VLAN Groups 3-244
Mapping Protocols to VLANs 3-245
Configuring VLAN Mirroring 3-246
Configuring IP Subnet VLANs 3-247
Configuring MAC-based VLANs 3-248
Link Layer Discovery Protocol 3-249
Setting LLDP Timing Attributes 3-249
Configuring LLDP Interface Attributes 3-251
Displaying LLDP Local Device Information 3-254
Displaying LLDP Remote Port Information 3-257
Displaying LLDP Remote Information Details 3-258
Displaying Device Statistics 3-260
Displaying Detailed Device Statistics 3-261
Class of Service Configuration 3-263
Layer 2 Queue Settings 3-263
Setting the Default Priority for Interfaces 3-263
Mapping CoS Values to Egress Queues 3-265
Selecting the Queue Mode 3-266
Displaying the Service Weight for Traffic Classes 3-267
Layer 3/4 Priority Settings 3-269
Mapping Layer 3/4 Priorities to CoS Values 3-269
Enabling IP DSCP Priority 3-269
Mapping DSCP Priority 3-270
Quality of Service 3-272
Configuring Quality of Service Parameters 3-272
xiii
Contents
Configuring a Class Map 3-273
Creating QoS Policies 3-275
Attaching a Policy Map to Ingress Queues 3-278
VoIP Traffic Configuration 3-279
Configuring VoIP Traffic 3-279
Configuring VoIP Traffic Ports 3-280
Configuring Telephony OUI 3-282
Multicast Filtering 3-284
Layer 2 IGMP (Snooping and Query) 3-285
Configuring IGMP Snooping and Query Parameters 3-286
Enabling IGMP Immediate Leave 3-288
Displaying Interfaces Attached to a Multicast Router 3-290
Specifying Static Interfaces for a Multicast Router 3-291
Displaying Port Members of Multicast Services 3-292
Assigning Ports to Multicast Services 3-293
IGMP Filtering and Throttling 3-294
Enabling IGMP Filtering and Throttling 3-294
Configuring IGMP Filter Profiles 3-295
Configuring IGMP Filtering and Throttling for Interfaces 3-297
Multicast VLAN Registration 3-299
Configuring Global MVR Settings 3-300
Displaying MVR Interface Status 3-302
Displaying Port Members of Multicast Groups 3-303
Configuring MVR Interface Status 3-304
Assigning Static Multicast Groups to Interfaces 3-306
Configuring MVR Receiver VLAN and Group Addresses 3-307
Displaying MVR Receiver Groups 3-308
Configuring Static MVR Receiver Group Members 3-309
Domain Name Service 3-310
Configuring General DNS Service Parameters 3-310
Configuring Static DNS Host to Address Entries 3-312
Displaying the DNS Cache 3-314
Switch Clustering 3-315
Configuring General Settings for Clusters 3-315
Cluster Member Configuration 3-317
Displaying Information on Cluster Members 3-318
Cluster Candidate Information 3-319
UPnP 3-320
UPnP Configuration 3-320
Chapter 4: Command Line Interface 4-1
Using the Command Line Interface 4-1
Accessing the CLI 4-1
Console Connection 4-1
xiv
Contents
Telnet Connection 4-2
Entering Commands 4-3
Keywords and Arguments 4-3
Minimum Abbreviation 4-3
Command Completion 4-3
Getting Help on Commands 4-3
Showing Commands 4-4
Partial Keyword Lookup 4-5
Negating the Effect of Commands 4-5
Using Command History 4-5
Understanding Command Modes 4-6
Exec Commands 4-6
Configuration Commands 4-7
Command Line Processing 4-9
Command Groups 4-10
General Commands 4-11
enable 4-12
disable 4-12
configure 4-13
show history 4-13
reload (Privileged Exec) 4-14
reload (Global Configuration) 4-14
show reload 4-16
prompt 4-16
end 4-16
exit 4-17
quit 4-17
System Management Commands 4-18
Device Designation Commands 4-18
hostname 4-18
Banner Information Commands 4-19
banner configure 4-20
banner configure company 4-21
banner configure dc-power-info 4-22
banner configure department 4-22
banner configure equipment-info 4-23
banner configure equipment-location 4-24
banner configure ip-lan 4-24
banner configure lp-number 4-25
banner configure manager-info 4-26
banner configure mux 4-26
banner configure note 4-27
show banner 4-28
System Status Commands 4-29
show startup-config 4-29
xv
Contents
show running-config 4-30
show system 4-33
show users 4-33
show version 4-34
Frame Size Commands 4-35
jumbo frame 4-35
File Management Commands 4-36
copy 4-37
delete 4-40
dir 4-40
whichboot 4-41
boot system 4-42
upgrade opcode auto 4-42
upgrade opcode path 4-43
Line Commands 4-44
line 4-45
login 4-46
password 4-47
timeout login response 4-48
exec-timeout 4-48
password-thresh 4-49
silent-time 4-50
databits 4-50
parity 4-51
speed 4-52
stopbits 4-52
terminal length 4-53
terminal width 4-53
terminal escape-character 4-54
terminal terminal-type 4-54
terminal history 4-55
disconnect 4-55
show line 4-56
Event Logging Commands 4-57
logging on 4-57
logging history 4-58
logging host 4-59
logging facility 4-59
logging trap 4-60
clear log 4-60
show logging 4-61
show log 4-62
SMTP Alert Commands 4-63
logging sendmail host 4-63
logging sendmail level 4-64
xvi
Contents
logging sendmail source-email 4-64
logging sendmail destination-email 4-65
logging sendmail 4-65
show logging sendmail 4-65
Time Commands 4-67
sntp client 4-68
sntp server 4-69
sntp poll 4-69
show sntp 4-70
ntp client 4-70
ntp server 4-71
ntp poll 4-72
ntp authenticate 4-72
ntp authentication-key 4-73
show ntp 4-74
clock timezone-predefined 4-75
clock timezone 4-75
clock summer-time (date) 4-76
clock summer-time (predefined) 4-77
clock summer-time (recurring) 4-78
calendar set 4-80
show calendar 4-80
Switch Cluster Commands 4-81
cluster 4-81
cluster commander 4-82
cluster ip-pool 4-83
cluster member 4-83
rcommand 4-84
show cluster 4-84
show cluster members 4-85
show cluster candidates 4-85
UPnP Commands 4-85
upnp device 4-86
upnp device ttl 4-86
upnp device advertise duration 4-87
show upnp 4-87
SNMP Commands 4-88
snmp-server 4-89
show snmp 4-90
snmp-server community 4-91
snmp-server contact 4-91
snmp-server location 4-92
snmp-server host 4-93
snmp-server enable traps 4-95
snmp-server engine-id 4-96
xvii
Contents
show snmp engine-id 4-97
snmp-server view 4-97
show snmp view 4-98
snmp-server group 4-99
show snmp group 4-100
snmp-server user 4-101
show snmp user 4-102
Flow Sampling Commands 4-103
sflow 4-104
sflow source 4-104
sflow sample 4-105
sflow polling-interval 4-105
sflow owner 4-106
sflow timeout 4-106
sflow destination 4-107
sflow max-header-size 4-107
sflow max-datagram-size 4-108
show sflow 4-108
Authentication Commands 4-109
User Account and Privilege Level Commands 4-110
username 4-110
enable password 4-111
privilege 4-112
privilege rerun 4-113
show privilege 4-113
Authentication Sequence 4-114
authentication login 4-114
authentication enable 4-115
RADIUS Client 4-116
radius-server host 4-116
radius-server acct-port 4-117
radius-server auth-port 4-117
radius-server key 4-118
radius-server retransmit 4-118
radius-server timeout 4-119
show radius-server 4-120
TACACS+ Client 4-120
tacacs-server host 4-121
tacacs-server port 4-121
tacacs-server key 4-122
tacacs-server retransmit 4-122
tacacs-server timeout 4-123
show tacacs-server 4-123
AAA Commands 4-124
aaa group server 4-124
xviii
Contents
server 4-125
aaa accounting dot1x 4-126
aaa accounting exec 4-127
aaa accounting commands 4-128
aaa accounting update 4-129
accounting dot1x 4-129
accounting exec 4-130
accounting commands 4-130
aaa authorization exec 4-131
authorization exec 4-132
show accounting 4-132
Web Server Commands 4-133
ip http port 4-133
ip http server 4-134
ip http secure-server 4-134
ip http secure-port 4-135
Telnet Server Commands 4-136
ip telnet server 4-136
Secure Shell Commands 4-137
ip ssh server 4-139
ip ssh timeout 4-140
ip ssh authentication-retries 4-140
ip ssh server-key size 4-141
delete public-key 4-141
ip ssh crypto host-key generate 4-142
ip ssh crypto zeroize 4-142
ip ssh save host-key 4-143
show ip ssh 4-143
show ssh 4-144
show public-key 4-145
802.1X Port Authentication 4-146
dot1x system-auth-control 4-146
dot1x default 4-147
dot1x max-req 4-147
dot1x port-control 4-147
dot1x operation-mode 4-148
dot1x re-authenticate 4-149
dot1x re-authentication 4-149
dot1x timeout quiet-period 4-150
dot1x timeout re-authperiod 4-150
dot1x timeout tx-period 4-151
dot1x timeout supp-timeout 4-151
dot1x intrusion-action 4-152
show dot1x 4-153
Management IP Filter Commands 4-156
xix
Contents
management 4-156
show management 4-157
General Security Measures 4-158
Port Security Commands 4-159
port security 4-159
Network Access (MAC Address Authentication) 4-161
network-access aging 4-162
network-access mac-filter 4-162
network-access port-mac-filter 4-163
network-access max-mac-count 4-163
network-access mode 4-164
mac-authentication reauth-time 4-165
mac-authentication intrusion-action 4-166
mac-authentication max-mac-count 4-166
network-access dynamic-vlan 4-167
network-access guest-vlan 4-167
network-access dynamic-qos 4-168
network-access link-detection 4-169
network-access link-detection link-down 4-169
network-access link-detection link-up 4-170
network-access link-detection link-up-down 4-170
clear network-access 4-171
show network-access 4-171
show network-access mac-address-table 4-172
show network-access mac-filter 4-173
Web Authentication 4-174
web-auth login-attempts 4-174
web-auth quiet-period 4-175
web-auth session-timeout 4-175
web-auth system-auth-control 4-176
web-auth 4-176
web-auth re-authenticate (Port) 4-177
web-auth re-authenticate (IP) 4-177
show web-auth 4-178
show web-auth interface 4-178
show web-auth summary 4-179
DHCP Snooping Commands 4-179
ip dhcp snooping 4-180
ip dhcp snooping vlan 4-181
ip dhcp snooping trust 4-182
ip dhcp snooping verify mac-address 4-183
ip dhcp snooping information option 4-184
ip dhcp snooping information policy 4-185
ip dhcp snooping database flash 4-185
clear ip dhcp snooping database flash 4-186
xx
Contents
show ip dhcp snooping 4-186
show ip dhcp snooping binding 4-186
IP Source Guard Commands 4-187
ip source-guard 4-187
ip source-guard binding 4-189
show ip source-guard 4-190
show ip source-guard binding 4-190
ARP Inspection Commands 4-191
ip arp inspection 4-191
ip arp inspection vlan 4-192
ip arp inspection filter 4-193
ip arp inspection validate 4-194
ip arp inspection log-buffer logs 4-195
ip arp inspection trust 4-196
ip arp inspection limit 4-196
show ip arp inspection configuration 4-197
show ip arp inspection interface 4-197
show ip arp inspection vlan 4-198
show ip arp inspection log 4-198
show ip arp inspection statistics 4-199
Access Control List Commands 4-199
IPv4 ACLs 4-200
access-list rule-mode 4-200
access-list ip 4-201
permit, deny (Standard IPv4 ACL) 4-202
permit, deny (Extended IPv4 ACL) 4-203
show ip access-list 4-205
ip access-group 4-205
show ip access-group 4-206
IPv6 ACLs 4-206
access-list ipv6 4-207
permit, deny (Standard IPv6 ACL) 4-208
permit, deny (Extended IPv6 ACL) 4-209
show ipv6 access-list 4-210
ipv6 access-group 4-211
show ipv6 access-group 4-211
ARP ACLs 4-212
access-list arp 4-212
permit, deny (ARP ACL) 4-213
show arp access-list 4-214
MAC ACLs 4-215
access-list mac 4-215
permit, deny (MAC ACL) 4-216
show mac access-list 4-217
mac access-group 4-218
xxi
Contents
show mac access-group 4-218
ACL Information 4-219
show access-list 4-219
show access-group 4-219
Interface Commands 4-220
interface 4-221
description 4-221
speed-duplex 4-222
negotiation 4-223
capabilities 4-224
flowcontrol 4-225
media-type 4-226
giga-phy-mode 4-226
shutdown 4-227
switchport packet-rate 4-228
clear counters 4-229
show interfaces brief 4-229
show interfaces status 4-230
show interfaces counters 4-231
show interfaces switchport 4-232
Automatic Traffic Control Commands 4-234
auto-traffic-control apply-timer 4-237
auto-traffic-control release-timer 4-238
auto-traffic-control 4-238
auto-traffic-control alarm-fire-threshold 4-239
auto-traffic-control alarm-clear-threshold 4-240
auto-traffic-control action 4-241
auto-traffic-control control-release 4-242
snmp-server enable port-traps atc broadcast-alarm-fire 4-242
snmp-server enable port-traps atc multicast-alarm-fire 4-243
snmp-server enable port-traps atc broadcast-alarm-clear 4-243
snmp-server enable port-traps atc multicast-alarm-clear 4-244
snmp-server enable port-traps atc broadcast-control-apply 4-244
snmp-server enable port-traps atc multicast-control-apply 4-245
snmp-server enable port-traps atc broadcast-control-release 4-245
snmp-server enable port-traps atc multicast-control-release 4-246
show auto-traffic-control 4-246
show auto-traffic-control interface 4-247
Link Aggregation Commands 4-248
channel-group 4-249
lacp 4-250
lacp system-priority 4-251
lacp admin-key (Ethernet Interface) 4-252
lacp admin-key (Port Channel) 4-253
lacp port-priority 4-254
xxii
Contents
lacp active/passive 4-255
show lacp 4-255
Mirror Port Commands 4-260
port monitor 4-260
show port monitor 4-261
Rate Limit Commands 4-263
rate-limit 4-263
Power over Ethernet Commands 4-264
power mainpower maximum allocation 4-264
power inline compatible 4-265
power inline 4-266
power inline maximum allocation 4-266
power inline priority 4-267
show power inline status 4-268
show power mainpower 4-269
Address Table Commands 4-269
mac-address-table static 4-270
clear mac-address-table dynamic 4-271
show mac-address-table 4-271
mac-address-table aging-time 4-272
show mac-address-table aging-time 4-272
Spanning Tree Commands 4-274
spanning-tree 4-275
spanning-tree mode 4-276
spanning-tree forward-time 4-277
spanning-tree hello-time 4-277
spanning-tree max-age 4-278
spanning-tree priority 4-279
spanning-tree system-bpdu-flooding 4-279
spanning-tree pathcost method 4-280
spanning-tree transmission-limit 4-280
spanning-tree mst-configuration 4-281
mst vlan 4-281
mst priority 4-282
name 4-283
revision 4-283
max-hops 4-284
spanning-tree spanning-disabled 4-284
spanning-tree cost 4-285
spanning-tree port-priority 4-286
spanning-tree edge-port 4-287
spanning-tree portfast 4-288
spanning-tree bpdu-filter 4-289
spanning-tree bpdu-guard 4-290
spanning-tree port-bpdu-flooding 4-290
xxiii
Contents
spanning-tree root-guard 4-291
spanning-tree link-type 4-292
spanning-tree loopback-detection 4-292
spanning-tree loopback-detection release-mode 4-293
spanning-tree loopback-detection trap 4-294
spanning-tree mst cost 4-294
spanning-tree mst port-priority 4-295
spanning-tree protocol-migration 4-296
show spanning-tree 4-297
show spanning-tree mst configuration 4-299
VLAN Commands 4-299
GVRP and Bridge Extension Commands 4-300
bridge-ext gvrp 4-300
show bridge-ext 4-301
switchport gvrp 4-301
show gvrp configuration 4-302
garp timer 4-302
show garp timer 4-303
Editing VLAN Groups 4-304
vlan database 4-304
vlan 4-305
Configuring VLAN Interfaces 4-306
interface vlan 4-306
switchport mode 4-307
switchport acceptable-frame-types 4-308
switchport ingress-filtering 4-308
switchport native vlan 4-309
switchport allowed vlan 4-310
switchport forbidden vlan 4-311
vlan-trunking 4-311
Displaying VLAN Information 4-313
show vlan 4-313
Configuring IEEE 802.1Q Tunneling 4-314
dot1q-tunnel system-tunnel-control 4-315
switchport dot1q-tunnel mode 4-315
switchport dot1q-tunnel tpid 4-316
show dot1q-tunnel 4-317
Configuring Port-based Traffic Segmentation 4-318
pvlan 4-318
pvlan uplink/downlink 4-319
pvlan session 4-320
pvlan up-to-up 4-321
show pvlan 4-321
Configuring Private VLANs 4-322
private-vlan 4-323
xxiv
Contents
private vlan association 4-324
switchport mode private-vlan 4-324
switchport private-vlan host-association 4-325
switchport private-vlan mapping 4-326
show vlan private-vlan 4-326
Configuring Protocol-based VLANs 4-327
protocol-vlan protocol-group (Configuring Groups) 4-328
protocol-vlan protocol-group (Configuring VLANs) 4-328
show protocol-vlan protocol-group 4-329
show protocol-vlan protocol-group-vid 4-330
Configuring IP Subnet VLANs 4-330
subnet-vlan 4-331
show subnet-vlan 4-331
Configuring MAC Based VLANs 4-332
mac-vlan 4-332
show mac-vlan 4-333
Configuring Voice VLANs 4-334
voice vlan 4-334
voice vlan aging 4-335
voice vlan mac-address 4-336
switchport voice vlan 4-337
switchport voice vlan rule 4-337
switchport voice vlan security 4-338
switchport voice vlan priority 4-339
show voice vlan 4-339
LLDP Commands 4-341
lldp 4-343
lldp holdtime-multiplier 4-343
lldp medFastStartCount 4-344
lldp notification-interval 4-344
lldp refresh-interval 4-345
lldp reinit-delay 4-345
lldp tx-delay 4-346
lldp admin-status 4-347
lldp notification 4-347
lldp mednotification 4-348
lldp basic-tlv management-ip-address 4-349
lldp basic-tlv port-description 4-349
lldp basic-tlv system-capabilities 4-350
lldp basic-tlv system-description 4-350
lldp basic-tlv system-name 4-351
lldp dot1-tlv proto-ident 4-351
lldp dot1-tlv proto-vid 4-352
lldp dot1-tlv pvid 4-352
lldp dot1-tlv vlan-name 4-353
xxv
Contents
lldp dot3-tlv link-agg 4-353
lldp dot3-tlv mac-phy 4-354
lldp dot3-tlv max-frame 4-354
lldp dot3-tlv poe 4-355
lldp medtlv extpoe 4-355
lldp medtlv inventory 4-356
lldp medtlv location 4-356
lldp medtlv med-cap 4-357
lldp medtlv network-policy 4-357
show lldp config 4-358
show lldp info local-device 4-360
show lldp info remote-device 4-361
show lldp info statistics 4-362
Class of Service Commands 4-363
Priority Commands (Layer 2) 4-363
queue mode 4-363
switchport priority default 4-364
queue cos-map 4-365
show queue mode 4-366
show queue bandwidth 4-366
show queue cos-map 4-367
Priority Commands (Layer 3 and 4) 4-368
map ip dscp (Global Configuration) 4-368
map ip dscp (Interface Configuration) 4-368
show map ip dscp 4-370
Quality of Service Commands 4-371
class-map 4-372
match 4-373
rename 4-374
description 4-374
policy-map 4-375
police 4-375
set 4-376
police 4-377
service-policy 4-378
show class-map 4-378
show policy-map 4-379
show policy-map interface 4-379
Multicast Filtering Commands 4-380
IGMP Snooping Commands 4-380
ip igmp snooping 4-381
ip igmp snooping vlan static 4-381
ip igmp snooping version 4-382
ip igmp snooping leave-proxy 4-382
ip igmp snooping immediate-leave 4-383
xxvi
Contents
show ip igmp snooping 4-384
show mac-address-table multicast 4-384
IGMP Query Commands (Layer 2) 4-385
ip igmp snooping querier 4-385
ip igmp snooping query-count 4-386
ip igmp snooping query-interval 4-387
ip igmp snooping query-max-response-time 4-387
ip igmp snooping router-port-expire-time 4-388
Static Multicast Routing Commands 4-389
ip igmp snooping vlan mrouter 4-389
show ip igmp snooping mrouter 4-390
IGMP Filtering and Throttling Commands 4-391
ip igmp filter (Global Configuration) 4-391
ip igmp profile 4-392
permit, deny 4-392
range 4-393
ip igmp filter (Interface Configuration) 4-393
ip igmp max-groups 4-394
ip igmp max-groups action 4-395
show ip igmp filter 4-395
show ip igmp profile 4-396
show ip igmp throttle interface 4-396
Multicast VLAN Registration Commands 4-397
mvr (Global Configuration) 4-398
mvr (Interface Configuration) 4-400
show mvr 4-402
Domain Name Service Commands 4-405
ip host 4-405
clear host 4-406
ip domain-name 4-406
ip domain-list 4-407
ip name-server 4-408
ip domain-lookup 4-409
show hosts 4-410
show dns 4-410
show dns cache 4-411
clear dns cache 4-411
IP Interface Commands 4-412
ip address 4-412
ip default-gateway 4-413
ip dhcp restart 4-414
show ip interface 4-414
show ip redirects 4-415
show arp 4-415
ping 4-415
xxvii
Contents
Appendix A: Software Specifications A-1
Software Features A-1
Management Features A-2
Standards A-2
Management Information Bases A-3
Appendix B: Troubleshooting B-1
Problems Accessing the Management Interface B-1
Using System Logs B-2
Glossary
Index
xxviii
Tables
Table 1-1 Key Features 1-1
Table 1-2 System Defaults 1-6
Table 3-1 Configuration Options 3-3
Table 3-2 Main Menu 3-4
Table 3-3 Logging Levels 3-36
Table 3-4 Supported Notification Messages 3-61
Table 3-5 HTTPS System Support 3-88
Table 3-6 802.1X Statistics 3-104
Table 3-7 Dynamic QoS Profiles 3-115
Table 3-8 LACP Port Counters 3-167
Table 3-9 LACP Internal Configuration Information 3-168
Table 3-10 LACP Neighbor Configuration Information 3-170
Table 3-11 Port Statistics 3-180
Table 3-12 Recommended STA Path Cost Range 3-206
Table 3-13 Recommended STA Path Costs 3-206
Table 3-14 Default STA Path Costs 3-207
Table 3-15 Chassis ID Subtype 3-254
Table 3-16 System Capabilities 3-255
Table 3-17 Port ID Subtype 3-258
Table 3-18 Mapping CoS Values to Egress Queues 3-265
Table 3-19 CoS Priority Levels 3-265
Table 3-20 Mapping DSCP Priority Values 3-270
Table 4-1 Command Modes 4-6
Table 4-2 Configuration Modes 4-8
Table 4-3 Command Line Processing 4-9
Table 4-4 Command Groups 4-10
Table 4-5 General Commands 4-11
Table 4-6 System Management Commands 4-18
Table 4-7 Device Designation Commands 4-18
Table 4-8 Banner Commands 4-19
Table 4-9 System Status Commands 4-29
Table 4-10 Frame Size Commands 4-35
Table 4-11 Flash/File Commands 4-36
Table 4-12 File Directory Information 4-41
Table 4-13 Line Commands 4-44
Table 4-14 Event Logging Commands 4-57
Table 4-15 Logging Levels 4-58
Table 4-16 show logging flash/ram - display description 4-61
Table 4-17 SMTP Alert Commands 4-63
Table 4-18 Time Commands 4-67
Table 4-19 Predefined Summer-Time Parameters 4-78
Table 4-20 Switch Cluster Commands 4-81
xxix
Tables
Table 4-21 SNMP Commands 4-88
Table 4-22 show snmp engine-id - display description 4-97
Table 4-23 show snmp view - display description 4-98
Table 4-24 show snmp group - display description 4-101
Table 4-26 sFlow Commands 4-103
Table 4-25 show snmp user - display description 4-103
Table 4-27 Authentication Commands 4-109
Table 4-28 User Access Commands 4-110
Table 4-29 Default Login Settings 4-110
Table 4-30 Authentication Sequence 4-114
Table 4-31 RADIUS Client Commands 4-116
Table 4-32 TACACS Commands 4-120
Table 4-34 Web Server Commands 4-133
Table 4-35 HTTPS System Support 4-135
Table 4-36 Telnet Server Commands 4-136
Table 4-37 SSH Commands 4-137
Table 4-38 show ssh - display description 4-144
Table 4-39 802.1X Port Authentication 4-146
Table 4-40 IP Filter Commands 4-156
Table 4-41 Client Security Commands 4-158
Table 4-42 Port Security Commands 4-159
Table 4-43 Network Access 4-161
Table 4-44 Dynamic QoS Profiles 4-168
Table 4-45 Web Authentication 4-174
Table 4-46 DHCP Snooping Commands 4-179
Table 4-47 IP Source Guard Commands 4-187
Table 4-48 ARP Inspection Commands 4-191
Table 4-49 Access Control Lists 4-199
Table 4-50 IPv4 ACL Commands 4-200
Table 4-52 ARP ACL Commands 4-212
Table 4-53 MAC ACL Commands 4-215
Table 4-54 ACL Information 4-219
Table 4-55 Interface Commands 4-220
Table 4-56 Interfaces Switchport Statistics 4-233
Table 4-57 ATC Commands 4-234
Table 4-58 Link Aggregation Commands 4-248
Table 4-59 show lacp counters - display description 4-256
Table 4-60 show lacp internal - display description 4-257
Table 4-61 show lacp neighbors - display description 4-258
Table 4-62 show lacp sysid - display description 4-259
Table 4-63 Mirror Port Commands 4-260
Table 4-64 Rate Limit Commands 4-263
Table 4-68 Address Table Commands 4-269
Table 4-69 Spanning Tree Commands 4-274
Table 4-72 Default STA Path Costs 4-286
xxx
Loading...