How it Works
Smc
Loading...
7824M/VSW
DATASHEET
2 pgs555.91 Kb0
User Guide
387 pgs9.53 Mb0
Table of contents
Loading...

Smc 7824M/VSW User Guide

Download
Management Guide CLI TigerAccess™ EE
Information furnished by SMC Networks, Inc. (SMC) is believed to be accurate and reliable. However, no responsibility is assumed by SMC for its use, nor for any infringements of patents or other rights of third parties which may result from its use. No license is granted by implication or otherwise under any patent or patent rights of SMC. SMC reserves the right to change specifications at any time without notice.
Copyright (C) 2009 by
SMC Networks, Inc.
20 Mason
Irvine, CA 92618
All rights reserved. Printed in Taiwan
Trademarks:
SMC is a registered trademark; and EZ Switch, TigerAccess, TigerStack and TigerSwitch are trade­marks of SMC Networks, Inc. Other product and company names are trademarks or registered trademarks of their respective holders.
SMC7824M/VSW 1
CLI Management Guide
TigerAccess™ EE
Warranty and Product Registration
To register SMC products and to review the detailed warranty statement, please refer to
the Support Section of the SMC Website at http://www.smc.com
2 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
Reason for Update
Summary: Initial release
Details:
Chapter/Section Reason for Update
All Initial release
Issue History
Issue
Number
01 05/2009 Initial release (nos 5.01 #3001)
Date of Issue Reason for Update
SMC7824M/VSW 3
CLI Management Guide
TigerAccess™ EE
Contents
1 Introduction .......................................................................................19
1.1 Audience............................................................................................... 19
1.2 Document Structure.............................................................................. 19
1.3 Document Convention .......................................................................... 20
1.4 Document Notation............................................................................... 20
1.5 Virus Protection .................................................................................... 21
1.6 CE Declaration of Conformity ............................................................... 21
2 System Overview ..............................................................................22
2.1 System Features .................................................................................. 23
3 Command Line Interface (CLI) .........................................................25
3.1 Configuration Mode .............................................................................. 25
3.1.1 Privileged EXEC View Mode...................................................................... 26
3.1.2 Privileged EXEC Enable Mode .................................................................. 26
3.1.3 Global Configuration Mode ........................................................................ 27
3.1.4 Bridge Configuration Mode ........................................................................ 27
3.1.5 DHCP Pool Configuration Mode ................................................................ 28
3.1.6 DHCP Option Configuration Mode............................................................. 28
3.1.7 DHCP Option 82 Configuration Mode........................................................ 29
3.1.8 Interface Configuration Mode..................................................................... 29
3.1.9 Rule Configuration Mode ........................................................................... 30
3.1.10 RMON Configuration Mode........................................................................ 30
3.2 Configuration Mode Overview .............................................................. 31
3.3 Useful Tips............................................................................................ 32
3.3.1 Listing Available Command........................................................................ 32
3.3.2 Calling Command History .......................................................................... 34
3.3.3 Using Abbreviation ..................................................................................... 35
3.3.4 Using Command of Privileged EXEC Enable Mode .................................. 35
3.3.5 Exit Current Command Mode .................................................................... 35
4 System Connection and IP Address................................................36
4.1 System Connection .............................................................................. 36
4.1.1 Connecting to the Console Port ................................................................. 36
4.1.2 System Login ............................................................................................. 36
4.1.3 Password for Privileged EXEC Enable Mode ............................................ 37
4.1.4 Changing Login Password ......................................................................... 38
4.1.5 Login Password Recovery Process ........................................................... 39
4.1.6 Management for System Account .............................................................. 40
4.1.6.1 Creating System Account............................................................................... 40
4.1.6.2 Security Level ................................................................................................ 40
4.1.7 Limiting Number of Users........................................................................... 43
4.1.8 Auto Log-out............................................................................................... 44
4.1.9 Telnet Access ............................................................................................. 44
4.1.10 System Rebooting ...................................................................................... 45
4.1.10.1 Manual System Rebooting............................................................................. 45
4 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
4.1.10.2 Auto System Rebooting .................................................................................46
4.2 System Authentication .......................................................................... 47
4.2.1 Authentication Method ................................................................................47
4.2.2 Authentication Interface ..............................................................................47
4.2.3 Primary Authentication Method...................................................................47
4.2.4 RADIUS Server...........................................................................................48
4.2.4.1 RADIUS Server for System Authentication ....................................................48
4.2.4.2 RADIUS Server Priority..................................................................................48
4.2.4.3 Timeout of Authentication Request ................................................................48
4.2.4.4 Frequency of Retransmit................................................................................48
4.2.5 TACACS+ Server ........................................................................................49
4.2.5.1 TACACS+ Server for System Authentication..................................................49
4.2.5.2 TACACS+ Server Priority...............................................................................49
4.2.5.3 Timeout of Authentication Request ................................................................49
4.2.5.4 Additional TACACS+ Configuration................................................................49
4.2.6 Accounting Mode ........................................................................................50
4.2.7 Displaying System Authentication...............................................................50
4.3 Configuring Interface............................................................................. 51
4.3.1 Enabling Interface .......................................................................................51
4.3.2 Assigning IP Address to Network Interface.................................................52
4.3.3 Static Route and Default Gateway..............................................................52
4.3.4 Interface Description ...................................................................................53
4.3.5 Displaying Interface ....................................................................................54
4.4 Secure Shell (SSH)...............................................................................55
4.4.1 SSH Server .................................................................................................55
4.4.1.1 Enabling SSH Server .....................................................................................55
4.4.1.2 Displaying On-line SSH Client........................................................................55
4.4.1.3 Disconnecting SSH Client ..............................................................................55
4.4.1.4 Assigning Specific Authentication Key............................................................56
4.4.1.5 Displaying Connection History of SSH Client.................................................56
4.4.2 SSH Client...................................................................................................56
4.4.2.1 Login to SSH Server ......................................................................................56
4.4.2.2 File Copy........................................................................................................56
4.4.2.3 Authentication Key .........................................................................................57
4.5 802.1x Authentication............................................................................ 58
4.5.1 802.1x Authentication..................................................................................59
4.5.1.1 Enabling 802.1x .............................................................................................59
4.5.1.2 RADIUS Server ..............................................................................................59
4.5.1.3 Authentication Mode ......................................................................................60
4.5.1.4 Authentication Port.........................................................................................61
4.5.1.5 Force Authorization ........................................................................................ 61
4.5.1.6 Interval for Retransmitting Request/Identity Packet .......................................61
4.5.1.7 Number of Requests to RADIUS Server ........................................................61
4.5.1.8 Interval of Request to RADIUS Server ...........................................................62
4.5.2 802.1x Re-Authentication............................................................................62
4.5.2.1 Enabling 802.1x Re-Authentication ................................................................62
4.5.2.2 Interval of Re-Authentication ..........................................................................63
4.5.2.3 Interval of Requesting Re-Authentication.......................................................63
4.5.2.4 802.1x Re-Authentication...............................................................................63
4.5.3 Initializing Authentication Status..................................................................64
SMC7824M/VSW 5
CLI Management Guide
TigerAccess™ EE
4.5.4 Restoring Default Value ............................................................................. 64
4.5.5 Displaying 802.1x Configuration ................................................................ 64
4.5.6 802.1x User Authentication Statistics......................................................... 64
4.5.7 Sample Configuration................................................................................. 65
5 Port Configuration ............................................................................67
5.1 Port Basic ............................................................................................. 67
5.2 Ethernet Port Configuration .................................................................. 67
5.2.1 Enabling Ethernet Port ............................................................................... 67
5.2.2 Auto-Negotiation ........................................................................................ 67
5.2.3 Transmit Rate............................................................................................. 68
5.2.4 Duplex Mode .............................................................................................. 69
5.2.5 Flow Control ............................................................................................... 70
5.2.6 Port Description.......................................................................................... 70
5.2.7 Traffic Statistics .......................................................................................... 71
5.2.7.1 Packet Statistics............................................................................................. 71
5.2.7.2 CPU Statistics................................................................................................72
5.2.7.3 Protocol Statistics ..........................................................................................73
5.2.8 Port Information.......................................................................................... 74
5.3 VDSL Port Configuration ...................................................................... 75
5.3.1 Modulation of VDSL Signal ........................................................................ 75
5.3.1.1 DMT Modulation ............................................................................................ 75
5.3.2 Configuring VDSL Port............................................................................... 76
5.3.2.1 Displaying Status of VDSL Port...................................................................... 77
5.3.2.2 Enabling VDSL Port.......................................................................................77
5.3.2.3 Profile of VDSL Port....................................................................................... 78
5.3.2.4 Controlling Power according to Connection Distance .................................... 79
5.3.2.5 PSD Level...................................................................................................... 83
5.3.2.6 PSD Mask Level ............................................................................................ 84
5.3.2.7 Interleave....................................................................................................... 84
5.3.2.8 Impulse Noise Protection ............................................................................... 86
5.3.2.9 Trellis Coded Modulation (TCM) .................................................................... 86
5.3.2.10 Ham-band ...................................................................................................... 87
5.3.2.11 SNR Margin ...................................................................................................88
5.3.2.12 Bitloading Per Tone........................................................................................ 90
5.3.2.13 G.handshake Tone......................................................................................... 91
5.3.3 VDSL Checking Errors of VDSL Port......................................................... 91
5.3.4 Config-Profile ............................................................................................. 95
5.3.4.1 Line config profile........................................................................................... 95
5.3.4.2 Alarm config profile ........................................................................................ 98
5.3.5 Configuring CPE ...................................................................................... 102
5.3.5.1 Modem Port Reset.......................................................................................102
5.3.5.2 Installing System Image of CPE .................................................................. 102
5.3.5.3 Installing CPE System Image File in Slave.................................................. 104
5.3.5.4 Configuring AGC (Auto Gain Control) ..........................................................106
5.3.5.5 Checking Length of Cable between CPE and CO .......................................107
5.3.5.6 Auto-negotiation of CPE ..............................................................................107
5.3.5.7 Transmit Rate of CPE..................................................................................107
5.3.5.8 Duplex mode of CPE ................................................................................... 107
5.3.5.9 Auto Upgrade of CPE Image .......................................................................108
6 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
5.3.5.10 Displaying CPE Status .................................................................................108
5.4 Port Mirroring ...................................................................................... 110
6 System Environment ...................................................................... 112
6.1 Environment Configuration ................................................................. 112
6.1.1 Host Name ................................................................................................ 112
6.1.2 Time and Date...........................................................................................11 2
6.1.3 Time Zone .................................................................................................113
6.1.4 Network Time Protocol (NTP) ................................................................... 113
6.1.5 Simple Network Time Protocol (SNTP).....................................................114
6.1.6 Terminal Configuration..............................................................................11 5
6.1.7 Login Banner............................................................................................. 115
6.1.8 DNS Server...............................................................................................116
6.1.9 Fan Operation ...........................................................................................117
6.1.10 Disabling Daemon Operation....................................................................11 7
6.1.11 FTP Server................................................................................................ 117
6.1.12 FTP Client address ...................................................................................11 8
6.1.13 System Threshold .....................................................................................118
6.1.13.1 CPU Load .................................................................................................... 118
6.1.13.2 Port Traffic.................................................................................................... 119
6.1.13.3 Fan Operation .............................................................................................. 119
6.1.13.4 System Temperature....................................................................................120
6.1.13.5 System Memory ...........................................................................................120
6.1.13.6 SFP Module (optional uplink port)................................................................121
6.2 Configuration Management................................................................. 123
6.2.1 Displaying System Configuration..............................................................123
6.2.2 Writing System Configuration ...................................................................123
6.2.3 Auto-Saving...............................................................................................124
6.2.4 System Configuration File.........................................................................124
6.2.5 Restoring Default Configuration................................................................125
6.3 System Management .......................................................................... 126
6.3.1 Network Connection..................................................................................126
6.3.2 IP ICMP Source Routing...........................................................................128
6.3.3 Tracing Packet Route................................................................................129
6.3.4 Displaying User Connecting to System ....................................................130
6.3.5 MAC Table.................................................................................................131
6.3.6 Running Time of System...........................................................................131
6.3.7 System Information ...................................................................................131
6.3.8 System Memory Information .....................................................................132
6.3.9 Running Process.......................................................................................132
6.3.10 Displaying System Image .........................................................................133
6.3.11 Displaying Installed OS.............................................................................133
6.3.12 Default OS.................................................................................................133
6.3.13 Switch Status.............................................................................................133
6.3.14 Tech Support Information..........................................................................134
6.3.15 System Boot Information...........................................................................134
7 Network Management.....................................................................135
7.1 Simple Network Management Protocol (SNMP) ................................. 135
7.1.1 SNMP Community.....................................................................................135
SMC7824M/VSW 7
CLI Management Guide
TigerAccess™ EE
7.1.2 Information of SNMP Agent...................................................................... 136
7.1.3 SNMP Com2sec....................................................................................... 137
7.1.4 SNMP Group............................................................................................ 137
7.1.5 SNMP View Record.................................................................................. 138
7.1.6 Permission to Access SNMP View Record .............................................. 138
7.1.7 SNMP Version 3 User .............................................................................. 139
7.1.8 SNMP Trap............................................................................................... 139
7.1.8.1 SNMP Trap Mode ........................................................................................ 139
7.1.8.2 SNMP Trap Host.......................................................................................... 140
7.1.8.3 SNMP Trap in Event Mode .......................................................................... 140
7.1.8.4 Disabling SNMP Trap...................................................................................141
7.1.8.5 Displaying SNMP Trap................................................................................. 142
7.1.9 SNMP Alarm............................................................................................. 143
7.1.9.1 Alarm Notify Activity ..................................................................................... 143
7.1.9.2 Alarm Severity Criterion............................................................................... 143
7.1.9.3 Default Alarm Severity .................................................................................144
7.1.9.4 Generic Alarm Severity ................................................................................ 144
7.1.9.5 ADVA Alarm Severity ...................................................................................146
7.1.9.6 ERP Alarm Severity ..................................................................................... 147
7.1.9.7 STP Guard Alarm Severity........................................................................... 147
7.1.9.8 Displaying SNMP Alarm Severity................................................................. 148
7.1.10 Displaying SNMP Configuration............................................................... 148
7.1.11 Disabling SNMP ....................................................................................... 148
7.2 Operation, Administration and Maintenance (OAM) ........................... 149
7.2.1 OAM Loopback ........................................................................................ 149
7.2.2 Local OAM Mode ..................................................................................... 150
7.2.3 OAM Unidirection ..................................................................................... 150
7.2.4 Remote OAM ........................................................................................... 150
7.2.5 Displaying OAM Configuration................................................................. 151
7.3 Link Layer Discovery Protocol (LLDP)................................................ 152
7.3.1 LLDP Operation ....................................................................................... 152
7.3.2 Enabling LLDP ......................................................................................... 152
7.3.3 LLDP Operation Type............................................................................... 153
7.3.4 Basic TLV ................................................................................................. 153
7.3.5 LLDP Message......................................................................................... 153
7.3.6 Reinitiating Delay ..................................................................................... 154
7.3.7 Displaying LLDP Configuration ................................................................ 154
7.4 Remote Monitoring (RMON) ............................................................... 155
7.4.1 RMON History .......................................................................................... 155
7.4.1.1 Source Port of Statistical Data ..................................................................... 156
7.4.1.2 Subject of RMON History............................................................................. 156
7.4.1.3 Number of Sample Data ..............................................................................156
7.4.1.4 Interval of Sample Inquiry ............................................................................ 157
7.4.1.5 Activating RMON History ............................................................................. 157
7.4.1.6 Deleting Configuration of RMON History .....................................................157
7.4.1.7 Displaying RMON History ............................................................................ 157
7.4.2 RMON Alarm ............................................................................................ 158
7.4.2.1 Subject of RMON Alarm............................................................................... 158
7.4.2.2 Object of Sample Inquiry.............................................................................. 158
7.4.2.3 Absolute and Delta Comparison .................................................................. 158
8 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
7.4.2.4 Upper Bound of Threshold ...........................................................................159
7.4.2.5 Lower Bound of Threshold ...........................................................................159
7.4.2.6 Standard of the First Alarm...........................................................................160
7.4.2.7 Interval of Sample Inquiry ............................................................................160
7.4.2.8 Activating RMON Alarm ...............................................................................160
7.4.2.9 Deleting Configuration of RMON Alarm........................................................161
7.4.3 RMON Event.............................................................................................161
7.4.3.1 Event Community.........................................................................................161
7.4.3.2 Event Description .........................................................................................161
7.4.3.3 Subject of RMON Event ...............................................................................162
7.4.3.4 Event Type ...................................................................................................162
7.4.3.5 Activating RMON Event ...............................................................................162
7.4.3.6 Deleting Configuration of RMON Event........................................................162
7.5 Syslog .................................................................................................163
7.5.1 Syslog Output Level..................................................................................163
7.5.2 Facility Code .............................................................................................165
7.5.3 Syslog Bind Address.................................................................................166
7.5.4 Debug Message for Remote Terminal ......................................................166
7.5.5 Disabling Syslog .......................................................................................166
7.5.6 Displaying Syslog Message ......................................................................166
7.5.7 Displaying Syslog Configuration ...............................................................167
7.6 Quality of Service(QoS) ...................................................................... 168
7.6.1 How to Operate QoS.................................................................................169
7.6.2 Packet Classification.................................................................................171
7.6.2.1 Flow Creation...............................................................................................171
7.6.2.2 Configuring Flow ..........................................................................................171
7.6.2.3 Applying and modifying Flow........................................................................174
7.6.2.4 Class Creation..............................................................................................174
7.6.3 Packet Conditioning ..................................................................................175
7.6.3.1 Policer Creation............................................................................................175
7.6.3.2 Packet Counter ............................................................................................176
7.6.3.3 Average Packet Counter ..............................................................................176
7.6.3.4 Rate-limit......................................................................................................177
7.6.3.5 Applying and modifying Policer ....................................................................178
7.6.4 Rule Action................................................................................................178
7.6.4.1 Policy Creation.............................................................................................178
7.6.4.2 Metering .......................................................................................................179
7.6.4.3 Policy Priority ...............................................................................................185
7.6.4.4 Policy Action.................................................................................................185
7.6.4.5 Marking and Remarking ...............................................................................185
7.6.4.6 Attaching a Policy to an interface.................................................................190
7.6.4.7 Applying and Modifying Policy......................................................................190
7.6.5 Displaying Rule .........................................................................................190
7.6.6 Admin Rule................................................................................................192
7.6.6.1 Creating Admin Flow for packet classification ..............................................192
7.6.6.2 Configuring Admin Flow ...............................................................................193
7.6.6.3 Applying and modifying Admin Flow.............................................................194
7.6.6.4 Class Creation..............................................................................................194
7.6.7 Admin Rule Action.....................................................................................195
7.6.7.1 Admin Policy Creation..................................................................................195
SMC7824M/VSW 9
CLI Management Guide
TigerAccess™ EE
7.6.7.2 Admin Policy Priority....................................................................................196
7.6.7.3 Admin Policy Action ..................................................................................... 196
7.6.7.4 Applying and Modifying Admin Policy .......................................................... 197
7.6.8 Displaying Admin Rule ............................................................................. 197
7.6.9 Scheduling Algorithm ............................................................................... 198
7.6.9.1 Scheduling Mode ......................................................................................... 200
7.6.9.2 Weight.......................................................................................................... 200
7.6.9.3 Maximum and Minimum Bandwidth ............................................................. 200
7.6.9.4 Maximum Buffer numbers............................................................................ 201
7.6.9.5 Queue Status...............................................................................................202
7.6.9.6 Displaying QoS ............................................................................................ 202
7.6.9.7 Weighted Random Early Detection (WRED)................................................ 203
7.7 NetBIOS Filtering................................................................................ 205
7.8 Max New Hosts .................................................................................. 206
7.9 Port Security ....................................................................................... 207
7.9.1 Port Security on Port ................................................................................ 207
7.9.2 Port Security Aging................................................................................... 208
7.9.3 Displaying Port Security........................................................................... 209
7.10 MAC Table.......................................................................................... 209
7.11 MAC Filtering...................................................................................... 210
7.11.1 Default Policy of MAC Filtering ................................................................ 210
7.11.2 Adding Policy of MAC Filter ......................................................................211
7.11.3 Deleting MAC Filter Policy ....................................................................... 212
7.11.4 Listing of MAC Filter Policy ...................................................................... 212
7.12 Address Resolution Protocol (ARP) ................................................... 213
7.12.1 ARP Table ................................................................................................ 213
7.12.1.1 Registering ARP Table ................................................................................. 213
7.12.1.2 Displaying ARP Table................................................................................... 214
7.12.2 ARP Alias ................................................................................................. 214
7.12.3 ARP Inspection......................................................................................... 215
7.12.3.1 ARP Access List ..........................................................................................215
7.12.3.2 Enabling ARP Inspection Filtering................................................................ 218
7.12.3.3 ARP Address Validation............................................................................... 218
7.12.3.4 ARP Inspection on Trust Port....................................................................... 219
7.12.3.5 ARP Inspection Log-buffer........................................................................... 219
7.12.3.6 Displaying ARP Inspection........................................................................... 220
7.12.4 Gratuitous ARP ........................................................................................ 220
7.12.5 Proxy-ARP ............................................................................................... 222
7.13 ICMP Message Control ...................................................................... 223
7.13.1 Blocking Echo Reply Message ................................................................ 224
7.13.2 Interval for Transmit ICMP Message........................................................ 224
7.14 TCP Flag Control................................................................................ 226
7.14.1 RST Configuration.................................................................................... 226
7.14.2 SYN Configuration ................................................................................... 226
7.15 Packet Dump ...................................................................................... 226
7.15.1 Packet Dump by Protocol......................................................................... 227
7.15.2 Packet Dump with Option......................................................................... 227
7.15.3 Debug Packet Dump ................................................................................ 228
7.16 sFlow Monitoring ................................................................................ 229
10 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
7.16.1 sFlow Service............................................................................................230
7.16.2 Agent IP Address ......................................................................................230
7.16.3 Enabling sFlow on Port .............................................................................231
7.16.4 Maximum IP Header Size .........................................................................231
7.16.5 Counter Interval ........................................................................................231
7.16.6 Sample Rate .............................................................................................231
7.16.7 Configuring Receiver ................................................................................232
7.16.7.1 Receiver ID mode ........................................................................................232
7.16.7.2 Collect IP address and port..........................................................................232
7.16.7.3 Maximum Datagram Size.............................................................................232
7.16.7.4 Owner Name of sFlow Receiver...................................................................232
7.16.7.5 Timeout ........................................................................................................233
7.16.8 Receiver Index ..........................................................................................233
7.16.9 Displaying sFlow .......................................................................................233
8 System Main Functions..................................................................234
8.1 Virtual Local Area Network (VLAN)..................................................... 234
8.1.1 Port-based VLAN ......................................................................................235
8.1.1.1 Creating VLAN .............................................................................................236
8.1.1.2 Specifying PVID ...........................................................................................236
8.1.1.3 Assigning Port to VLAN................................................................................236
8.1.1.4 Deleting VLAN..............................................................................................236
8.1.2 Protocol-based VLAN ...............................................................................237
8.1.3 MAC-based VLAN.....................................................................................237
8.1.4 Subnet-based VLAN .................................................................................238
8.1.5 Tagged VLAN ............................................................................................238
8.1.6 VLAN Description......................................................................................239
8.1.7 VLAN Precedence ....................................................................................240
8.1.8 Displaying VLAN Information ....................................................................240
8.1.9 QinQ..........................................................................................................241
8.1.9.1 Double Tagging Operation............................................................................242
8.1.9.2 Double Tagging Configuration......................................................................242
8.1.9.3 TPID Configuration.......................................................................................243
8.1.10 Layer 2 Isolation........................................................................................243
8.1.10.1 Shared VLAN ...............................................................................................244
8.1.11 VLAN Translation ......................................................................................246
8.1.12 Sample Configuration ...............................................................................246
8.2 Link Aggregation .................................................................................251
8.2.1 Port Trunk..................................................................................................251
8.2.1.1 Configuring Port Trunk .................................................................................251
8.2.1.2 Disabling Port Trunk.....................................................................................252
8.2.1.3 Displaying Port Trunk...................................................................................252
8.2.2 Link Aggregation Control Protocol (LACP) ...............................................252
8.2.2.1 Configuring LACP ........................................................................................253
8.2.2.2 Operation Mode ...........................................................................................254
8.2.2.3 Priority of Switch ..........................................................................................254
8.2.2.4 Manual Aggregation .....................................................................................254
8.2.2.5 BPDU Transmission Rate ............................................................................255
8.2.2.6 Administrational Key ....................................................................................255
8.2.2.7 Port Priority ..................................................................................................256
8.2.2.8 Displaying LACP Configuration ....................................................................256
SMC7824M/VSW 11
CLI Management Guide
TigerAccess™ EE
8.3 Spanning-Tree Protocol (STP)............................................................ 257
8.3.1 STP Operation ......................................................................................... 258
8.3.2 RSTP Operation....................................................................................... 262
8.3.2.1 Port States................................................................................................... 262
8.3.2.2 BPDU Policy ................................................................................................ 263
8.3.2.3 Rapid Network Convergence ....................................................................... 263
8.3.2.4 Compatibility with 802.1d............................................................................. 266
8.3.3 MSTP Operation ...................................................................................... 266
8.3.3.1 MSTP........................................................................................................... 267
8.3.4 Enabling STP Function (Required) .......................................................... 268
8.3.5 Configuring MSTP/PVSTP Mode............................................................. 269
8.3.6 STP Basic Configuration.......................................................................... 269
8.3.6.1 Path-cost Method......................................................................................... 269
8.3.6.2 Edge Ports ................................................................................................... 270
8.3.6.3 BPDU Transmit hold count........................................................................... 271
8.3.6.4 Port Priority .................................................................................................. 271
8.3.6.5 Link Type ..................................................................................................... 272
8.3.6.6 Displaying Configuration.............................................................................. 272
8.3.7 Configuring MSTP.................................................................................... 273
8.3.7.1 Root Switch.................................................................................................. 273
8.3.7.2 Path-cost...................................................................................................... 273
8.3.7.3 Port Priority .................................................................................................. 274
8.3.7.4 MST Region.................................................................................................274
8.3.7.5 Enabling MSTP configuration ......................................................................276
8.3.7.6 Displaying Configuration.............................................................................. 276
8.3.8 Configuring PVSTP .................................................................................. 277
8.3.8.1 Enabling PVSTP .......................................................................................... 277
8.3.8.2 Root Switch.................................................................................................. 278
8.3.8.3 Path-cost...................................................................................................... 278
8.3.8.4 Port Priority .................................................................................................. 279
8.3.8.5 Displaying Configuration.............................................................................. 279
8.3.9 Root Guard............................................................................................... 280
8.3.10 Restarting Protocol Migration................................................................... 281
8.3.11 Loop Back Detection................................................................................ 281
8.3.12 BPDU Configuration................................................................................. 282
8.3.12.1 Hello Time.................................................................................................... 283
8.3.12.2 Forward Delay Time..................................................................................... 283
8.3.12.3 Max Age....................................................................................................... 284
8.3.12.4 BPDU Hop Count......................................................................................... 284
8.3.12.5 BPDU Filtering ............................................................................................. 285
8.3.12.6 BPDU Guard................................................................................................285
8.3.13 Sample Configuration............................................................................... 287
8.4 Ethernet Ring Protection (ERP).......................................................... 289
8.4.1 ERP Mechanism ...................................................................................... 289
8.4.2 Loss of Test Packet (LOTP) ..................................................................... 293
8.4.3 ERP Shared Link...................................................................................... 293
8.4.4 Configuring ERP Domain......................................................................... 294
8.4.4.1 ERP Domain Name...................................................................................... 294
8.4.4.2 Primary and Secondary Port........................................................................ 294
8.4.4.3 Protected VLAN ........................................................................................... 294
8.4.4.4 Control VLAN...............................................................................................295
12 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
8.4.4.5 ERP Ring Priority .........................................................................................295
8.4.4.6 Displaying ERP Domian...............................................................................295
8.4.5 Selecting the Node....................................................................................296
8.4.6 Protected Activation ..................................................................................296
8.4.7 Manual Switch to Secondary ....................................................................296
8.4.8 Wait-to-Restore Time................................................................................297
8.4.9 Learning Disable Time ..............................................................................297
8.4.10 Test Packet Interval...................................................................................298
8.4.11 LOTP Hold Off Time ..................................................................................298
8.4.12 ERP Trap...................................................................................................299
8.4.13 Displaying ERP Configuration...................................................................299
8.5 Loop Detection....................................................................................300
8.6 Dynamic Host Configuration Protocol (DHCP) ................................... 302
8.6.1 DHCP Server ............................................................................................303
8.6.1.1 DHCP Pool Creation .................................................................................... 304
8.6.1.2 DHCP Subnet...............................................................................................304
8.6.1.3 Range of IP Address ....................................................................................304
8.6.1.4 Default Gateway...........................................................................................305
8.6.1.5 IP Lease Time ..............................................................................................305
8.6.1.6 DNS Server..................................................................................................306
8.6.1.7 Manual Binding ............................................................................................306
8.6.1.8 Domain Name ..............................................................................................307
8.6.1.9 DHCP Server Option....................................................................................307
8.6.1.10 Static Mapping..............................................................................................307
8.6.1.11 Recognition of DHCP Client.........................................................................308
8.6.1.12 IP Address Validation ...................................................................................308
8.6.1.13 Authorized ARP............................................................................................309
8.6.1.14 Prohibition of 1:N IP Address Assignment....................................................309
8.6.1.15 Ignoring BOOTP Request ............................................................................310
8.6.1.16 DHCP Packet Statistics................................................................................310
8.6.1.17 Setting DHCP Pool Size............................................................................... 311
8.6.1.18 Displaying DHCP Pool Configuration ........................................................... 311
8.6.2 DHCP Address Allocation with Option 82 .................................................311
8.6.2.1 DHCP Class Capability ................................................................................312
8.6.2.2 DHCP Class Creation ..................................................................................312
8.6.2.3 Relay Agent Information Pattern ..................................................................312
8.6.2.4 Associating DHCP Class..............................................................................313
8.6.2.5 Range of IP Address for DHCP Class ..........................................................313
8.6.3 DHCP Lease Database.............................................................................313
8.6.3.1 DHCP Database Agent.................................................................................313
8.6.3.2 Displaying DHCP Lease Status....................................................................314
8.6.3.3 Deleting DHCP Lease Database.................................................................. 314
8.6.4 DHCP Relay Agent ...................................................................................315
8.6.4.1 DHCP Helper Address..................................................................................315
8.6.4.2 Smart Relay Agent Forwarding ....................................................................316
8.6.4.3 DHCP Server ID Option ...............................................................................316
8.6.4.4 DHCP Relay Statistics..................................................................................317
8.6.5 DHCP Option ............................................................................................318
8.6.5.1 Entering DHCP Option Mode .......................................................................318
8.6.5.2 Configuring DHCP Option Format................................................................319
8.6.5.3 Deleting DHCP Option Format .....................................................................319
SMC7824M/VSW 13
CLI Management Guide
TigerAccess™ EE
8.6.5.4 Displaying DHCP option ..............................................................................319
8.6.6 DHCP Option 82 ...................................................................................... 320
8.6.6.1 Enabling DHCP Option 82 ........................................................................... 321
8.6.6.2 Option 82 Sub-Option .................................................................................. 321
8.6.6.3 Option 82 Reforwarding Policy ....................................................................322
8.6.6.4 Option 82 Trust Policy.................................................................................. 323
8.6.7 DHCP Snooping....................................................................................... 323
8.6.7.1 Enabling DHCP Snooping............................................................................ 324
8.6.7.2 DHCP Trust State......................................................................................... 324
8.6.7.3 DHCP Rate Limit ......................................................................................... 325
8.6.7.4 DHCP Lease Limit .......................................................................................325
8.6.7.5 Source MAC Address Verification ................................................................ 326
8.6.7.6 Static DHCP Snooping Binding.................................................................... 326
8.6.7.7 DHCP Snooping Database Agent ................................................................ 326
8.6.7.8 DHCP Snooping Filtering............................................................................. 327
8.6.7.9 Authorized ARP ........................................................................................... 328
8.6.7.10 DHCP Snooping with Option82.................................................................... 329
8.6.7.11 DHCP Snooping Option ............................................................................... 329
8.6.7.12 DHCP User Class ID.................................................................................... 330
8.6.7.13 Displaying DHCP Snooping Configuration................................................... 331
8.6.8 IP Source Guard ...................................................................................... 331
8.6.8.1 Enabling IP Source Guard ........................................................................... 332
8.6.8.2 Static IP Source Binding ..............................................................................332
8.6.8.3 Displaying IP Source Guard Configuration ..................................................333
8.6.9 DHCP Client............................................................................................. 334
8.6.9.1 Enabling DHCP Client.................................................................................. 334
8.6.9.2 DHCP Client ID............................................................................................334
8.6.9.3 DHCP Class ID ............................................................................................ 334
8.6.9.4 Host Name................................................................................................... 334
8.6.9.5 IP Lease Time..............................................................................................335
8.6.9.6 Requesting Option ....................................................................................... 335
8.6.9.7 Forcing Release or Renewal of DHCP Lease.............................................. 335
8.6.9.8 Displaying DHCP Client Configuration......................................................... 335
8.6.10 DHCP Filtering ......................................................................................... 336
8.6.10.1 DHCP Packet Filtering................................................................................. 336
8.6.10.2 DHCP Server Packet Filtering .....................................................................336
8.6.11 Debugging DHCP..................................................................................... 337
8.7 Single IP Management ....................................................................... 338
8.7.1 Switch Group............................................................................................ 338
8.7.2 Designating Master and Slave Switch ..................................................... 339
8.7.3 Disabling Stacking.................................................................................... 339
8.7.4 Displaying Stacking Status....................................................................... 339
8.7.5 Accessing to Slave Switch from Master Switch ....................................... 340
8.7.6 Sample Configuration............................................................................... 340
8.8 Rate Limit ........................................................................................... 342
8.9 Flood Guard........................................................................................ 343
8.9.1 MAC Flood-Guard .................................................................................... 343
8.9.2 CPU Flood-Guard .................................................................................... 344
8.9.3 Port Flood-Guard ..................................................................................... 345
8.10 Storm Control...................................................................................... 346
14 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
8.11 Jumbo Frame Capacity....................................................................... 346
8.12 Bandwidth ........................................................................................... 347
8.13 Maximum Transmission Unit (MTU).................................................... 347
9 IP Multicast ......................................................................................348
9.1 Multicast Group Membership .............................................................. 349
9.1.1 IGMP Basic ...............................................................................................349
9.1.1.1 Clearing IGMP Entry ....................................................................................350
9.1.1.2 IGMP Debug ................................................................................................350
9.1.2 IGMP Version 2 .........................................................................................351
9.1.2.1 IGMP Static Join...........................................................................................352
9.1.3 IGMP Version 3 .........................................................................................353
9.2 Multicast Functions .............................................................................354
9.2.1 Multicast Forwarding Database ................................................................354
9.2.1.1 Blocking Unknown Multicast Traffic..............................................................355
9.2.1.2 Forwarding Entry Aging................................................................................ 355
9.2.1.3 Displaying McFDB Information.....................................................................355
9.2.2 IGMP Snooping Basic...............................................................................356
9.2.2.1 Enabling IGMP Snooping.............................................................................357
9.2.2.2 IGMP Snooping Version...............................................................................357
9.2.2.3 IGMP Snooping Robustness Value ..............................................................358
9.2.3 IGMPv2 Snooping.....................................................................................358
9.2.3.1 IGMP Snooping Querier Configuration.........................................................358
9.2.3.2 IGMP Snooping Last Member Query Interval...............................................360
9.2.3.3 IGMP Snooping Immediate Leave ...............................................................361
9.2.3.4 IGMP Snooping Report Suppression ...........................................................362
9.2.3.5 IGMP Snooping S-Query Report Agency .....................................................362
9.2.3.6 Explicit Host Tracking...................................................................................363
9.2.3.7 Multicast Router Port Configuration .............................................................364
9.2.3.8 TCN Multicast Flooding................................................................................366
9.2.4 IGMPv3 Snooping.....................................................................................367
9.2.5 Displaying IGMP Snooping Information....................................................368
9.2.6 Multicast VLAN Registration (MVR)..........................................................369
9.2.6.1 Enabling MVR ..............................................................................................369
9.2.6.2 MVR Group ..................................................................................................369
9.2.6.3 Source/Receiver Port ...................................................................................370
9.2.6.4 MVR Helper Address....................................................................................370
9.2.6.5 Displaying MVR Configuration .....................................................................370
9.2.7 IGMP Filtering and Throttling ....................................................................371
9.2.7.1 IGMP Filtering ..............................................................................................371
9.2.7.2 IGMP Throttling ............................................................................................373
9.2.7.3 Displaying IGMP Filtering and Throttling......................................................373
9.2.8 Multicast-Source Trust Port.......................................................................373
10 System Software Upgrade.............................................................. 375
10.1 General Upgrade ................................................................................375
10.2 Boot Mode Upgrade............................................................................376
10.3 FTP Upgrade ......................................................................................379
11 Abbreviations.................................................................................. 381
SMC7824M/VSW 15
CLI Management Guide
TigerAccess™ EE
Illustrations
Fig. 2.1 The front view of switch................................................................................. 22
Fig. 3.1 Overview of Configuration Mode................................................................... 31
Fig. 4.1 Process of 802.1x Authentication.................................................................. 58
Fig. 4.2 Multiple Authentication Servers..................................................................... 59
Fig. 5.1 Transmission in DSL System ........................................................................ 75
Fig. 5.2 DMT Modulation ............................................................................................ 76
Fig. 5.3 Deciding Transmit Rate according to SNR Margin........................................ 89
Fig. 5.4 Counting Times of Error ................................................................................ 92
Fig. 5.5 Port Mirroring................................................................................................110
Fig. 6.1 Ping Test for Network Status ....................................................................... 128
Fig. 6.2 IP Source Routing ....................................................................................... 129
Fig. 7.1 Procedure of QoS operation........................................................................ 169
Fig. 7.2 Structure of Rule.......................................................................................... 170
Fig. 7.3 Token Bucket Meter..................................................................................... 180
Fig. 7.4 Behavior of srTCM (1) ................................................................................. 181
Fig. 7.5 Behavior of srTCM (2) ................................................................................. 181
Fig. 7.6 Bahavior of srTCM (3) ................................................................................. 182
Fig. 7.7 Behavior of trTCM (1).................................................................................. 183
Fig. 7.8 Behavior of trTCM (2).................................................................................. 183
Fig. 7.9 Behavior of trTCM (3).................................................................................. 184
Fig. 7.10 Marking and Remarking .............................................................................. 186
Fig. 7.11 Strict Priority Queuing.................................................................................. 198
Fig. 7.12 Deficit Weighted Round Robin .................................................................... 199
Fig. 7.13 WRED Packet Drop Probability................................................................... 203
Fig. 7.14 NetBIOS Filtering ........................................................................................ 205
Fig. 7.15 Proxy-ARP................................................................................................... 222
Fig. 7.16 ICMP Message Structure ............................................................................ 223
Fig. 7.17 sFlow Structure............................................................................................ 229
Fig. 7.18 sFlow Agent Diagram .................................................................................. 229
Fig. 8.1 Port-based VLAN ........................................................................................ 235
Fig. 8.2 Subnet-based VLAN.................................................................................... 238
Fig. 8.3 Example of QinQ Configuration................................................................... 241
Fig. 8.4 QinQ Frame................................................................................................. 241
Fig. 8.5 Outgoing Packets under Layer 2 Shared VLAN Environment .................... 244
Fig. 8.6 Incoming Packets under Layer 2 Shared VLAN Environment (1)............... 245
Fig. 8.7 Incoming Packets under Layer 2 Shared VLAN Environment (2)............... 245
Fig. 8.8 Link Aggregation.......................................................................................... 251
Fig. 8.9 Example of Loop ......................................................................................... 257
Fig. 8.10 Principle of Spanning Tree Protocol ............................................................ 258
Fig. 8.11 Root Switch ................................................................................................. 259
Fig. 8.12 Designated Switch....................................................................................... 260
Fig. 8.13 Port Priority.................................................................................................. 261
Fig. 8.14 Port State..................................................................................................... 261
Fig. 8.15 Alternate Port and Backup port ................................................................... 262
Fig. 8.16 Example of Receiving Low BPDU............................................................... 263
Fig. 8.17 Network Convergence of 802.1d................................................................. 264
Fig. 8.18 Network Convergence of 802.1w (1)........................................................... 264
Fig. 8.19 Network Convergence of 802.1w (2)........................................................... 265
Fig. 8.20 Network Convergence of 802.1w (3)........................................................... 265
16 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
Fig. 8.21 Compatibility with 802.1d (1)........................................................................266
Fig. 8.22 Compatibility with 802.1d (2)........................................................................266
Fig. 8.23 CST and IST of MSTP (1) ............................................................................267
Fig. 8.24 CST and IST of MSTP (2) ............................................................................268
Fig. 8.25 Example of PVSTP.......................................................................................277
Fig. 8.26 Root Guard...................................................................................................280
Fig. 8.27 Example of Layer 2 Network Design in RSTP Environment........................287
Fig. 8.28 Example of Layer 2 Network Design in MSTP Environment........................288
Fig. 8.29 ERP Operation in case of Linnk Failure.......................................................291
Fig. 8.30 Ring Protection.............................................................................................291
Fig. 8.31 Link Failure Recovery ..................................................................................292
Fig. 8.32 Ring Recovery..............................................................................................292
Fig. 8.33 Shared Link ..................................................................................................293
Fig. 8.34 DHCP Service Structure...............................................................................302
Fig. 8.35 Example of DHCP Relay Agent....................................................................315
Fig. 8.36 DHCP Option 82 Operation..........................................................................321
Fig. 8.37 DHCP Server Packet Filtering......................................................................337
Fig. 8.38 Example of Single IP management..............................................................338
Fig. 8.39 Rate Limit and Flood Guard .........................................................................343
Fig. 9.1 IGMP Snooping in the L2 network ...............................................................348
Fig. 9.2 IGMP Snooping............................................................................................356
SMC7824M/VSW 17
CLI Management Guide
TigerAccess™ EE
Tables
Tab. 1.1 Overview of Chapters.................................................................................... 19
Tab. 1.2 Command Notation of Guide Book................................................................ 20
Tab. 3.1 Main Command of Privileged EXEC View Mode .......................................... 26
Tab. 3.2 Main Command of Privileged EXEC Enable Mode....................................... 26
Tab. 3.3 Main Command of Global Configuration Mode............................................. 27
Tab. 3.4 Main Command of Bridge Configuration Mode............................................. 28
Tab. 3.5 Main Command of DHCP Pool Configuration Mode..................................... 28
Tab. 3.6 Main Command of DHCP Option Configuration Mode.................................. 29
Tab. 3.7 Main Command of DHCP Option 82 Configuration Mode............................. 29
Tab. 3.8 Main Command of Interface Configuration Mode ......................................... 30
Tab. 3.9 The Commands of Rule Configuration Mode................................................ 30
Tab. 3.10 Main Command of RMON Configuration Mode ............................................ 31
Tab. 3.11 Command Abbreviation ................................................................................. 35
Tab. 5.1 Information displayed by Command, show lre .............................................. 77
Tab. 5.2 Profile of VDSL Port ...................................................................................... 78
Tab. 5.3 Option band of VDSL Port............................................................................. 79
Tab. 5.4 Value of PBO-Length..................................................................................... 81
Tab. 5.5 The frequency of PSD Level per band .......................................................... 83
Tab. 5.6 The Value of PSD Mask Level....................................................................... 84
Tab. 5.7 Bandwidth of Ham band Frequency.............................................................. 88
Tab. 5.8 Sub-commands in Bitloading Per Tone ......................................................... 91
Tab. 5.9 NOS Download............................................................................................ 109
Tab. 6.1 World Time Zone ..........................................................................................11 3
Tab. 6.2 Options for Ping........................................................................................... 126
Tab. 6.3 Options for Ping for Multiple IP Addresses.................................................. 127
Tab. 6.4 Options for Tracing Packet Route ............................................................... 130
Tab. 7.1 ICMP Message Type ................................................................................... 223
Tab. 7.2 Mask Calculation of Default Value............................................................... 225
Tab. 7.3 Options for Packet Dump ............................................................................ 227
Tab. 8.1 Advantages and Disadvantages of Tagged VLAN ...................................... 239
Tab. 8.2 STP Path-cost (short).................................................................................. 269
Tab. 8.3 RSTP Path-cost (long) ................................................................................ 270
18 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

1 Introduction

1.1 Audience

This manual is intended for Ethernet/IP DSLAM operators and maintenance personnel for providers of Digital Subscriber Line(DSL) and Ethernet services. This manual assumes that you are familiar with the following:
Ethernet networking technology and standards
Internet topologies and protocols
DSL technology and standards
Usage and functions of graphical user interfaces.

1.2 Document Structure

Tab. 1.1 briefly describes the structure of this document.
Chapter Description
1 Introduction Introduces the overall information of the document.
2 System Overview Introduces the switch system. It also lists the features of the system.
3 Command Line Interface (CLI) Describes how to use the Command Line Interface (CLI).
4 System Connection and IP Address Describes how to manage the system account and IP address.
5 Port Configuration Describes how to configure the Ethernet or VDSL ports.
6 System Environment
7 Network Management Describes how to configure the network management functions.
8 System Main Functions Describes how to configure the system main functions.
9 IP Multicast Describes how to configure the IP multicast functions.
10 System Software Upgrade Describes how to upgrade the system software.
11 Abbreviations
Describes how to configure the system environment and manage-
ment functions.
Lists all abbreviations and acronyms which appear in this docu-
ment.
Tab. 1. 1 Overview of Chapters
SMC7824M/VSW 19
CLI Management Guide
TigerAccess™ EE

1.3 Document Convention

This guide uses the following conventions to convey instructions and information.
Information
i
and means reader take note. Notes contain helpful suggestions or references.
Warning
This warning symbol means danger. You are in a situation that could cause bodily injury
This information symbol provides useful information when using commands to configure
!
or broke the equipment. Before you work on any equipment, be aware of the hazards in­volved with electrical circuitry and be familiar with standard practices for preventing acci­dents by making quick guide based on this guide.

1.4 Document Notation

The following table shows commands used in guide book. Please be aware of each command to use them correctly.
Notation Description
a Commands you should use as is.
NAME, PROFILE, VALUE, … Variables for which you supply values.
PORTS For entry this variable, see Section 5.1.
[ ]
< > Range of number that you can use.
{ }
| Optional variables are separated by vertical bars |.
Commands or variables that appear within square brackets [ ] are
optional.
A choice of required keywords appears in braces { }. You must se-
lect one.
Tab. 1. 2 Command Notation of Guide Book
20 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

1.5 Virus Protection

To prevent a virus infection you may not use any software other than that which is re-
!
!
leased for the Operating System (OS based on Basis Access Integrator), Local Craft Terminal (LCT) and transmission system.
Even when exchanging data via network or external data media(e.g. floppy disks) there is a possibility of infecting your system with a virus. The occurrence of a virus in your sys­tem may lead to a loss of data and breakdown of functionality.
The operator is responsible for protecting against viruses, and for carrying out repair pro­cedures when the system is infected.
You have to do the following:
You have to check every data media (used data media as well as new ones) for virus before reading data from it.
You must ensure that a current valid virus scanning program is always available. This program has to be supplied with regular updates by a certified software.
It is recommended that you make periodic checks against viruses in your OS.
At the LCT it is recommended to integrate the virus scanning program into the startup
sequence.

1.6 CE Declaration of Conformity

The CE declaration of the product will be fulfilled if the construction and cabling is under­taken in accordance with the manual and the documents listed there in, e.g. mounting in­structions, cable lists where necessary account should be taken of project-specific docu­ments.
Deviations from the specifications or unstipulated changes during construction, e.g. the use of cable types with lower screening values can lead to violation of the CE require­ments. In such case the conformity declaration is invalidated and the responsibility passes to those who have caused the deviations.
This is a class A product. In a domestic environment this product may cause radio refer-
!
ence in which case the user may be required to take adequate measures.
SMC7824M/VSW 21
CLI Management Guide
TigerAccess™ EE

2 System Overview

The switch, which is IP VDSL, uses VDSL (Very high-data rate Digital Subscriber Line) technologies so that users can be served voice communication and data communication at the same time through existing telephone line. Since VDSL technology takes the tele­phone line, you do not need to install LAN line newly. Therefore, you can save the cost and provide advanced service for users in apartments, buildings, and hotels.
The switch supports maximum 100Mbps of upload and 100Mbps down load in case of Symmetric, and up to 50 Mbps of upload and 100 Mbps of download or 10VLR Mbps of upload 50VLR Mbps of download in case of Asymmetric.
The switch offers 24-Port VDSL2 service interface and fixed 2-Port 10/100/1000Base-T and 1-slot for option uplink module. Note – The uplink module is not used in the first re­lease.
Managed switches, as IP-VDSL of Layer 2 switch, supports VLAN, Rate limit, port trunk­ing, port mirroring, IGMP snooping, and packet filtering.
Fig. 2.1 shows the front view of the switch.
Fig. 2.1 The front view of switch
22 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

2.1 System Features

The following introduces the main features of the VDSL2 system which provides Layer 2 switching, Ethernet switching and related functions.
Virtual Local Area Network (VLAN)
Virtual local area network (VLAN) is made by dividing one network into several logical networks. Packet cannot be transmitted and received between different VLANs. There­fore, it can prevent needless packets accumulating and strengthen security. The switch recognizes 802.1Q tagged frame and supports maximum 4096 VLANs. Port based, Pro­tocol based, MAC based and Subnet based VLANs are supported in the switch.
Quality of Service (QoS)
For the switch, QoS-based forwarding sorts traffic into a number of classes and marks the packets accordingly. Thus, different quality of service is provided to each class, which the packets belong to. The rich QoS capabilities enable network managers to protect mission­critical applications and support differentiated level of bandwidth for managing traffic con­gestion. The switch supports ingress and egress (shaping) rate limiting, and different scheduling type such as SP (Strict Priority) and DWRR (Weighted Deficit Round Robin).
IP Multicast
Because broadcasting in a LAN is restricted if possible, multicasting could be used in­stead of broadcasting by forwarding multicast packets only to the member hosts who joined multicast group. The switch provides IGMPv2 and IGMP snooping for host mem­bership management.
SNMP
Simple network management protocol (SNMP) is to manage Network Elements using TCP/IP protocol. The switch supports SNMP version 1, 2, 3 and Remote Monitoring (RMON). Network operator can use MIB also to monitor and manage the switch.
Dynamic Host Configuration Protocol (DHCP)
The switch supports Dynamic Host Configuration Protocol (DHCP) server that automati­cally assigns IP address to clients accessed to network. That means it has IP address pool, and operator can effectively utilize limited IP source by leasing temporary IP ad­dress. In layer 3 network, DHCP request packet can be sent to DHCP server via DHCP relay and option 82.
Spanning Tree Protocol (STP)
To prevent loop and preserve backup route in Layer 2 network, the switch supports span­ning tree protocol (STP) defined in IEEE 802.1D. Between STP enabled switches, a root bridge is automatically selected and the network remains in tree topology. But the recov­ery time in STP is very slow (about 30 seconds), rapid spanning tree protocol (RSTP) is also provided. IEEE 802.1w defines the recovery time as 2 seconds. If there is only one
SMC7824M/VSW 23
CLI Management Guide
TigerAccess™ EE
VLAN in the network, traditional STP works. However in more than one VLAN network, STP cannot work per VLAN. To avoid this problem, the switch supports multiple spanning tree protocol (MSTP) IEEE 802.1s.
Trunking & Link Aggregation Control Protocol (LACP)
The switch aggregates several physical interfaces into one logical port (aggregate port). Port trunk aggregates interfaces with the standard of same speed, same duplex mode, and same VLAN ID.
The switch supports link aggregation control protocol (LACP), complying with IEEE
802.3ad, which aggregates multiple links of equipments to use more enlarged bandwidth.
System Management based on CLI
It is easy for users who administer system by using telnet or console port to configure the functions for system operating through CLI. CLI is easy to configure the needed functions after looking for available commands by help menu different with UNIX.
Broadcast Storm Control
Broadcast storm control is, when too much of broadcast packets are being transmitted to network, a situation of network timeout because the packets occupy most of transmit ca­pacity. switch supports broadcast and multicast storm control, which disuses flooding packet, that exceed the limit during the time configured by user.
Outband Management Interface
The switch can connect to equipments at remote place by assigning IP address to MGMT interface. Since MGMT interface is operated regardless of status of service port, it is still possible to configure and manage equipment at remote place.
RADIUS and TACACS+
The switch supports client authentication protocol, that is RADIUS (Remote Authentica­tion Dial-In User Service) and TACACS+ (Terminal Access Controller Access Control Sys­tem Plus). Not only user IP and password registered in switch but also authentication through RADIUS server and TACACS+ server are required to access. So security of sys­tem and network management is strengthened.
Secure Shell (SSH)
Network security is getting more important because the access network has been gener­alized among numerous users. Secure shell (SSH) is a network protocol that allows es­tablishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and to allow the remote computer to authenticate the user.
24 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

3 Command Line Interface (CLI)

The switch enables system administrators to manage the switch by providing the com­mand line interface (CLI). This user-friendly CLI provides you with a more convenient management environment.
To manage the system with the CLI, a management network environment is required. The switch can connect to the management network either directly (outband) or through the access network (inband). It can even connect using a combination of the two; for example, a cascaded switch connects inband to the cascading switch, and then from the cascading switch to the management network through the outband interface.
The switch also provides the RS232 console interface to simply access the system with a provided RJ45-to-DB9 cable.
This chapter describes a basic instruction for using the command line interface (CLI) which is used for managing the system.
Configuration Mode
Configuration Mode Overview
Useful Tips

3.1 Configuration Mode

You can configure and manage the switch with the CLI via a management network envi­ronment or the console interface.
The CLI provides the following command modes:
Privileged EXEC View Mode
Privileged EXEC Enable Mode
Global Configuration Mode
Bridge Configuration Mode
DHCP Pool Configuration Mode
DHCP Option 82 Configuration Mode
Interface Configuration Mode
Rule Configuration Mode
RMON Configuration Mode
SMC7824M/VSW 25
CLI Management Guide
TigerAccess™ EE

3.1.1 Privileged EXEC View Mode

When you log in to the switch, the CLI will start with Privileged EXEC View mode which is a read-only mode. In this mode, you can see a system configuration and information with several commands.
Tab. 3.1 shows main command of Privileged EXEC View mode.
Command Description
enable Opens Privileged EXEC Enable mode.
exit Logs out the switch.
show Shows a system configuration and information.
Tab. 3. 1 Main Command of Privileged EXEC View Mode

3.1.2 Privileged EXEC Enable Mode

To configure the switch, you need to open Privileged EXEC Enable mode with the enable command, then the system prompt will changes from SWITCH> to SWITCH#.
Command Mode Description
enable View Opens Privileged EXEC Enable mode.
You can set a password to Privileged EXEC Enable mode to enhance security. Once set- ting a password, you should enter a configured password, when you open Privileged EX- EC Enable mode.
Tab. 3.2 shows main commands of Privileged EXEC Enable mode.
Command Description
clock Sets a system time and date.
configure terminal Opens Global Configuration mode.
reload Reboots the system.
telnet Connects to a remote host through telnet.
terminal length Configures the number of lines of the current terminal.
traceroute Traces a packet route.
where Displays users accessing the system via telnet or console.
Tab. 3. 2 Main Command of Privileged EXEC Enable Mode
26 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

3.1.3 Global Configuration Mode

In Global Configuration mode, you can configure general functions of the system. You can also open another configuration mode from this mode.
To open Global Configuration mode, enter the configure terminal command, and then the system prompt will be changed from SWITCH# to SWITCH(config)#.
Command Mode Description
configure terminal Enable Opens Global Configuration mode.
Tab. 3.3 shows main commands of Global Configuration mode.
Command Description
bridge Opens Bridge Configuration mode.
dns Sets a DNS server.
dot1x Configures 802.1X authentication.
exec-timeout Sets an auto log-out timer.
help Shows a description of the interactive help system.
hostname Sets a host name of the system.
interface Opens Interface Configuration mode to configure a specified interface.
mvr Configures MVR.
ntp Configures NTP.
passwd Sets a system password.
qos Configures QoS.
rmon-alarm Opens RMON Configuration mode to configure RMON alarm.
snmp Configures SNMP.
ssh Configures SSH.
stack Configures a system stacking.
syslog Configures a syslog.
threshold Sets a system threshold.
Tab. 3. 3 Main Command of Global Configuration Mode

3.1.4 Bridge Configuration Mode

In Bridge Configuration mode, you can configure various Layer 2 functions such as VLAN, STP, LACP, EFM OAM, etc.
To open Bridge Configuration mode, enter the bridge command, then the system prompt will be changed from SWITCH(config)# to SWITCH(bridge)#.
Command Mode Description
bridge Global Opens Bridge Configuration mode.
SMC7824M/VSW 27
CLI Management Guide
TigerAccess™ EE
Tab. 3.4 shows main commands of Bridge Configuration mode.
Command Description
lacp Configures LACP.
mac Configures a MAC table.
mirror Configures a port mirroring.
oam Configures EFM OAM.
port Configures Ethernet port.
spanning-tree Configures Spanning Tree Protocol (STP).
trunk Configures a trunk port.
vlan Configures VLAN.
Tab. 3. 4 Main Command of Bridge Configuration Mode

3.1.5 DHCP Pool Configuration Mode

In DHCP Pool Configuration mode, you can configure general functions of DHCP per each DHCP pool. The switch supports multiple DHCP environments with this pool based DHCP configuration.
To open DHCP Pool Configuration mode, enter the ip dhcp pool command, then the sys­tem prompt will be changed from SWITCH(config)# to SWITCH(config-dhcp[POOL])#.
Command Mode Description
ip dhcp pool POOL Global
To open DHCP Pool Configuration mode, use the service dhcp command in the Global
!
Configuration mode first!
Tab. 3.5 shows main commands of DHCP Pool Configuration mode.
Command Description
default-router Configures the default gateway of the pool.
dns-server Configures a DNS server.
range Configures the range of IP addresses.
Tab. 3. 5 Main Command of DHCP Pool Configuration Mode

3.1.6 DHCP Option Configuration Mode

In DHCP Option Configuration mode, you can configure DHCP option. You can define DHCP options that are carried in the DHCP communication between DHCP server and client or relay agent. A specific DHCP option can be defined by its format type, length and value.
Opens DHCP Pool Configuration mode to configure
DHCP.
28 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
To open DHCP Option Configuration mode, use the command. Then the system prompt will be changed from SWITCH(config)# to SWITCH(dhcp-opt[NAME])#.
Command Mode Description
ip dhcp option format NAME Global
Opens DHCP Option Configuration mode to configure
DHCP options.
Tab. 3.7 is the main commands of DHCP Option Configuration mode.
Command Description
attr Configures the attribute for option field in the DHCP packet.
Tab. 3. 6 Main Command of DHCP Option Configuration Mode

3.1.7 DHCP Option 82 Configuration Mode

In DHCP Option 82 Configuration mode, you can configure DHCP option 82 for DHCP re­lay agent. This feature enables network administrators to manage IP resources more effi­ciently.
To open DHCP Option 82 Configuration mode, enter the ip dhcp option82 command, then the system prompt will be changed from SWITCH(config)# to SWITCH(config­opt82)#.
Command Mode Description
ip dhcp option82 Global
Opens DHCP Option 82 Configuration mode to config-
ure DHCP option 82.
To open DHCP Option 82 Configuration mode, use the service dhcp command in the
!
Global Configuration mode first!
Tab. 3.7 is the main commands of DHCP Option 82 Configuration mode.
Command Description
policy Configures the policy for option 82 field in the DHCP packet.
system-remote-id Configures a system remote ID.
system-circuit-id Configures a system circuit ID.
trust Configures a option82 packet of policy
Tab. 3. 7 Main Command of DHCP Option 82 Configuration Mode

3.1.8 Interface Configuration Mode

In Interface Configuration mode, you can configure Ethernet interfaces. To open Interface Configuration mode, enter the interface command, then the system prompt will be
changed from SWITCH(config)# to SWITCH(config-if)#.
Command Mode Description
interface INTERFACE Global Opens Interface Configuration mode.
SMC7824M/VSW 29
CLI Management Guide
TigerAccess™ EE
Tab. 3.8 shows main commands of Interface Configuration mode.
Command Description
description Specifies a description.
ip address Assigns IP address.
shutdown Deactivates an interface.
mtu Sets MTU value.
Tab. 3. 8 Main Command of Interface Configuration Mode

3.1.9 Rule Configuration Mode

The switch modifies previous Rule Configuration mode to Flow, Policer and Policy Con­figuration modes. Rule configuration mode is expanded into three different modes accord-
ing to its roles for Rule mechanism. You can configure a rule for incoming or outgoing packets. Using the function, you can handle packets classified by the rule.
To open Rule Configuration mode, enter the flow, policer and policy commands, then the system prompt will be changed from SWITCH(config)# to SWITCH(config­flow[NAME])#, SWITCH(config-policer[NAME])# and SWITCH(config-policy[NAME])# .
Command Mode Description
flow NAME create Opens Flow Configuration mode.
policer NAME create Opens Policer Configuration mode.
policy NAME create
Tab. 3.9 shows the commands of Rule Configuration mode.
Command Description
cos Classifies an IEEE 802.1p priority.
mac Classifies a MAC address.
action match Configures a rule action for classified packets.
rate-limit Comfigures a rate-limit of classified packets
priority Configures a rule priority of specified policy.
Tab. 3. 9 The Commands of Rule Configuration Mode

3.1.10 RMON Configuration Mode

In RMON Configuration mode, you can configure RMON alarm, RMON event and RMON history. The switch provides three different configuration modes to configure each type of RMON.
Global
Opens Policy Configuration mode.
Command Mode Description
rmon-alarm <1-65535>
rmon-event <1-65535>
rmon-history <1-65535>
Global
Opens RMON Configuration mode.
1-65535: index number
30 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
Tab. 3.10 shows main commands of RMON Configuration mode.
Command Description
active Activates RMON.
owner
Shows the subject which configures each RMON and uses relevant
information.
Tab. 3.10 Main Command of RMON Configuration Mode

3.2 Configuration Mode Overview

Fig. 3.1 shows the overview of the configuration mode for the switch.
Privileged EXEC View
SWITCH>
enable
Privileged EXEC Enable
SWITCH#
exit
Back to previous mode
end
Back to Privileged EXEC Enable mode
ip dhcp pool POOL
(POOL: pool name)
DHCP Pool Configuration mode
SWITCH(config-dhcp[POOL])#
ip dhcp option82
Option 82 Configuration mode
SWITCH(config-opt82)#
rmon-alarm <1-65535>
rmon-event <1-65535>
rmon-history <1-65535>
configure terminal
Global Configuration mode
SWITCH(config)#
interface INTERFACE
INTERFACE: interface name
Interface Configuration mode
SWITCH(config-if)#
bridge
Bridge Configuration mode
SWITCH(bridge)#
flow [admin] NAME create (NAME: flow name) policer NAME create (NAMEL policer name) policy [admin] NAME create (NAME: policy name)
RMON Configuration mode
SWITCH(config-rmonalarm[N])# SWITCH(config-rmonevent[N])# SWITCH(config-rmonhistory[N])#
Rule Configuration mode
SWITCH(config-flow[NAME])# SWITCH(config-policer[NAME])# SWITCH(config-policy[NAME])#
Fig. 3.1 Overview of Configuration Mode
SMC7824M/VSW 31
CLI Management Guide
TigerAccess™ EE

3.3 Useful Tips

This section describes useful tips for operating the switch with a CLI.
Listing Available Command
Calling Command History
Using Abbreviation
Using Command of Privileged EXEC Enable Mode
Exit Current Command Mode

3.3.1 Listing Available Command

To list available commands, input question mark <?> in the current mode. When you input the question mark <?>, you can see available commands used in this mode and variables following after the commands.
The following is the available commands on Privileged EXEC Enable mode of the switch.
SWITCH# ?
Exec commands:
clear Reset functions
clock Manually set the system clock
configure Enter configuration mode
copy Copy from one file to another
debug Debugging functions
default-os Select default OS
disconnect Disconnect user connection
enable Turn on privileged mode command
erase Erase saved configuration
exit End current mode and down to previous mode
halt Halt process
help Description of the interactive help system
no Negate a command or set its defaults
ping Send echo messages
quote Execute external command
rcommand Management stacking node
release Release the acquired address of the interface
(Omitted)
SWITCH#
Question mark <?> will not be shown in the screen and you do not need to press
i
<ENTER> key to display the command list.
If you need to find out the list of available commands of the current mode in detail, use the following command.
Command Mode Description
show list Shows available commands of the current mode.
show cli
All
Shows available commands of the current mode with
tree structure.
32 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
The following is an example of displaying the list of available commands of Privileged EXEC Enable mode.
SWITCH# show list
clear arp
clear arp IFNAME
clear cpe stat-error (PORTS|)
clear ip arp inspection statistics (vlan VLAN_NAME|)
clear ip dhcp authorized-arp invalid
clear ip dhcp leasedb A.B.C.D/M
clear ip dhcp leasedb all
clear ip dhcp leasedb pool POOL
clear ip dhcp relay statistics
clear ip dhcp statistics
clear ip igmp
clear ip igmp group *
clear ip igmp group A.B.C.D
clear ip igmp group A.B.C.D IFNAME
clear ip igmp interface IFNAME
clear ip igmp snooping stats port (PORTS|cpu|)
clear ip kernel route
clear ip mcfdb (*|vlan VLAN)
clear ip mcfdb vlan VLAN group A.B.C.D source A.B.C.D
clear ip route kernel
clear lacp statistic
clear lldp statistics (PORTS|)
clear lre error-stat-all (PORTS|)
-- more --
Press the <ENTER> key to skip to the next list.
i
In case that the switch installed command shell, you can find out commands starting with a specific alphabet. Input the first letter and question mark without space. The following is an example of finding out the commands starting “s” in Privileged EXEC Enable mode of the switch.
SWITCH# s?
show Show running system information
ssh Configure secure shell
SWITCH# s
Also, it is possible to view variables you should input following after commands. After in­putting the command you need, make one space and input a question mark. The follow­ing is an example of viewing variables after the write command. Please note that you must input one space between the command and question mark.
SWITCH# write ?
memory Write to NV memory
terminal Write to terminal
SWITCH# write
SMC7824M/VSW 33
CLI Management Guide
TigerAccess™ EE
The switch also provides the simple instruction of calling the help string with the help command. You can see the instruction using the command regardless of the configuration mode.
To display the instruction of calling the help string for using CLI, use the following com­mand.
Command Mode Description
help All
Shows the instruction of calling the help string for using
CLI.

3.3.2 Calling Command History

In case of installed command shell, you do not have to enter the command you entered before. When you need to reuse the commands you did, use this arrow key <>. When you press the arrow key, the commands will be displayed in the latest order.
The following is an example of calling command history after using several commands. After using these commands in order: show clock configure terminal interface 1
exit, press the arrow key <> and then you will see the commands from latest one: exit interface 1 configure terminal show clock.
SWITCH(config)# exit
SWITCH# show clock
Mon, 5 Jan 1970 23:50:12 +0000
SWITCH# configure terminal
SWITCH(config)# interface 1
SWITCH(config-if)# exit
SWITCH(config)# exit SWITCH# (press the arrow key ↑) SWITCH# exit (press the arrow key ↑) SWITCH# interface 1 (press the arrow key ↑) SWITCH# configure terminal (press the arrow key ↑) SWITCH# show clock (press the arrow key ↑)
The switch also provides the command that shows the commands used before up to 100 lines.
Command Mode Description
Enable
show history
Global
Bridge
Shows a command history.
34 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

3.3.3 Using Abbreviation

Several commands can be used in the abbreviated form. The following table shows some examples of abbreviated commands.
Command Abbreviation
clock cl
exit ex
show sh
configure terminal con te
Tab. 3. 11 Command Abbreviation

3.3.4 Using Command of Privileged EXEC Enable Mode

You can execute the commands of Privileged EXEC Enable mode as show, ping, telnet, traceroute, and so on regardless of which mode you are located on.
To execute the commands of Privileged EXEC Enable mode on different mode, use the following command.
Command Mode Description
do COMMAND All

3.3.5 Exit Current Command Mode

To exit to the previous command mode, use the following command.
Command Mode Description
exit Exits to the previous command mode.
end
If you use the exit command in Privileged EXEC Enable mode or Privileged EXEC View
!
mode, you will be logged out!
All
Executes the commands of Privileged EXEC Enable
mode.
Exits to Privileged EXEC Enable mode.
SMC7824M/VSW 35
CLI Management Guide
TigerAccess™ EE

4 System Connection and IP Address

4.1 System Connection

After installing the system, the switch is supposed to examine that each port is rightly connected to network and management PC. You can connect to the system to configure and manage the switch. This section provides instructions how to change password for system connection and how to connect to the system through telnet as the following order.
Connecting to the Console Port
System Login
Password for Privileged EXEC Enable Mode
Changing Login Password
Login Password Recovery Process
Management for System Account
Limiting Number of Users
Auto Log-out
Telnet Access
System Rebooting

4.1.1 Connecting to the Console Port

To begin setup, you must connect the Console to the RJ45 Console port. To connect the cable, perform the following steps:
Step 1 Attach the RJ45 connector on the cable to the RJ45 connector on the console port of the
switch.
Step2 Connect the other end of the cable to one of the serial ports on your workstation.
Step3 Open your terminal emulation software and configure the COM port settings to which you
have connected the cable. The settings should be set to match the default settings for the switch, which are:
• 9600 bps
• 8 data bits
• 1 stop bit
• No parity
• No flow control

4.1.2 System Login

After installing the switch, finally make sure that each port is correctly connected to PC for network and management. And then, turn on the power and boot the system as follows.
Step 1
When you turn on the switch, booting will be automatically started and login prompt will be displayed.
SWITCH login:
36 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
Step 2
When you enter a login ID at the login prompt, the password prompt will be displayed, and then enter the proper password to log in the system. By default setting, the login ID is configured as admin with no password.
SWITCH login: admin
Password:
SWITCH>
Step 3
In Privileged EXEC View mode, you can check only the configuration for the switch. To configure and manage the switch, you should begin Privileged EXEC Enable mode. The following is an example of beginning Privileged EXEC Enable mode.
SWITCH> enable
SWITCH#

4.1.3 Password for Privileged EXEC Enable Mode

You can configure a password to enhance the security for Privileged EXEC Enable mode. To configure a password for Privileged EXEC Enable mode, use the following command.
Command Mode Description
passwd enable PASSWORD
passwd enable 8 PASSWORD
Global
Configures a password to begin Privileged EXEC En-
able mode.
Configures an encrypted password.
password enable does not support encryption at default value. Therefore it shows the
!
string (or password) as it is when you use the show running-config command. In this case, the user’s password is shown to everyone and has unsecured environment.
To encrypt the password which will be shown at running-config, you should use the ser- vice password-encryption command. And to represent the string (password) is en­crypted, input 8 before the encrypted string.
When you use the password enable command with 8 and “the string”, you will make into Privileged EXEC Enable mode with the encrypted string. Therefore, to log in the system, you should do it with the encrypted string as password that you configured after 8. In short, according to using the 8 option or not, the next string is encrypted or not.
The following is an example of configuring the password in Privileged EXEC Enable mode as testpassword.
SWITCH# configure terminal
SWITCH(config)# passwd enable testpassword
SWITCH(config)#
The following is an example of accessing after configuring a password.
SWITCH login: admin
Password:
SWITCH> enable
SMC7824M/VSW 37
CLI Management Guide
TigerAccess™ EE
Password:
SWITCH#
To delete the configured password, use the following command.
Command Mode Description
no passwd enable Global Deletes the password.
The created password can be displayed with the show running-config command. To en­crypt the password not to be displayed, use the following command.
Command Mode Description
service password-encryption Global Encrypts the system password.
To disable password encryption, use the following command.
Command Mode Description
no service password-encryption Global Disables password encryption.

4.1.4 Changing Login Password

To configure a password for created account, use the following command.
Command Mode Description
passwd [NAME] Global Configures a password for created account.
The following is an example of changing the current password.
SWITCH(config)# passwd
Changing password for admin
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
Enter new password:junior95
Re-enter new password:junior95
Password changed.
SWITCH(config)#
The password you are entering will not be shown in the screen, so please be careful not
!
to make a mistake.
38 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

4.1.5 Login Password Recovery Process

To upgrade the system software in the boot mode, perform the following step-by-step in­struction:
Step 1 After the switch is manually restarted, “Start Address: 0x010000000” will be shown up.
Step 2 Keep on pressing [Space Bar] key until “console=ttyS0,9600 root=/dev/ram rw” is shown up on the screen.
Step 3 Enter “password” next to “console=ttyS0,9600 root=/dev/ram rw”.
Step 4 Check “password restore to default...” on the booting messages. It means that the current password returns to the default setting.
Step 4 Check “password restore to default...” on the booting messages. It means that the current password returns to the default setting. By default setting, the password is configured as nsn-switch.
************************************************************
* *
* Boot Loader Version 5.43 *
* SMC Networks Inc. *
* *
************************************************************
Press 's' key to go to Boot Mode: 0
Load Address: 0x01000000
Image Size: 0x00bac000
Start Address: 0x01000000
console=ttyS0,9600 root=/dev/ram rw password
NOS version 5.01
CPU : MPC8245 at 264 MHz
Total Memory Size : 256 MB
Calibrating delay loop... 175.71 BogoMIPS
INIT: version 2.85 booting
Extracting configuration
password restore to default...
Fri, 03 Nov 2006 14:10:00 +0000
INIT: Entering runlevel: 3
INIT: Start UP
Step 1
Step 2
Step 3
Step 4
Password:
SMC7824M/VSW 39
CLI Management Guide
TigerAccess™ EE

4.1.6 Management for System Account

4.1.6.1 Creating System Account
For the switch, the administrator can create a system account. And it is possible to set the security level from 0 to 15 to enhance the system security.
To create a system account, use the following command.
Command Mode Description
user add NAME DESCRIPTION
Global
user add NAME level <0-15>
DESCRIPTION
Creates a system account.
NAME: user name
Creates a system account with a security level.
NAME: user name
i
help in Privileged EXEC View mode and cannot access to Privileged EXEC Enable mode.
The account with the highest level 15 has a read-write authority.
To delete the created account, use the following command.
The account of level 0 to level 14 without any configuring authority only can use exit and
Command Mode Description
user del NAME Global Delete the created account.
To display a created account, use the following command.
Command Mode Description
show user
4.1.6.2 Security Level
For the switch, it is possible to configure the security level from 0 to 15 for a system ac­count. The level 15, as the highest level, has a read-write authority. The administrator can configure from level 0 to level 14. The administrator decides which level user uses which commands in which level. As the basic right from level 0 to level 14, it is possible to use
exit and help command in Privileged EXEC View mode and it is not possible to access to Privileged EXEC Enable mode.
Enable
Global
Bridge
Shows a created account.
40 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
To define the security level and its authority, use the following command.
Command Mode Description
privilege view level <0-15>
{COMMAND | all}
privilege enable level <0-15>
{COMMAND | all}
privilege configure level <0-15>
{COMMAND | all}
privilege interface level <0-15>
{COMMAND | all}
privilege {flow | policer | policy}
level <0-15> {COMMAND | all}
privilege bridge level <0-15>
{COMMAND | all}
privilege rmon-alarm level
<0-15> {COMMAND | all}
privilege rmon-event level
<0-15> {COMMAND | all}
privilege rmon-history level
<0-15> {COMMAND | all}
privilege dhcp-pool level
<0-15> {COMMAND | all}
privilege dhcp-pool-class level
<0-15> {COMMAND | all}
privilege dhcp-option82 level
<0-15> {COMMAND | all}
privilege dhcp-class level
<0-15> {COMMAND | all}
Global
Uses the specific command of Privileged EXEC View
mode in the level.
Uses the specific command of Privileged EXEC Enable
mode in the level.
Uses the specific command of Global Configuration
mode in the level.
Uses the specific command of Interface Configuration
mode in the level.
Uses the specific command of Rule Configuration
mode in the level.
Uses the specific command of Bridge Configuration
mode in the level.
Uses the specific command of RMON Configuration
mode in the level.
Uses the specific command of DHCP Pool Configura-
tion mode in the level.
Uses the specific command of DHCP Pool Class Con-
figuration mode in the level.
Uses the specific command of DHCP Option 82 Con-
figuration mode in the level.
Uses the specific command of DHCP Class Configura-
tion mode in the level.
The commands that are used in low level can be also used in the higher level. For exam­ple, the command in level 0 can be used in from level 0 to level 14.
The commands should be input same as the displayed commands by show list. There­fore, it is not possible to input the commands in the bracket separately.
SWITCH# show list
clear arp
clear arp IFNAME
clear cpe stat-error (PORTS|)
clear ip arp inspection statistics (vlan VLAN_NAME|)
clear ip dhcp authorized-arp invalid
clear ip dhcp leasedb A.B.C.D/M
clear ip dhcp leasedb all
(Omitted)
SMC7824M/VSW 41
CLI Management Guide
TigerAccess™ EE
The commands starting with the same character are applied by inputting only the starting commands. For example, if you input show, all the commands starting with show are applied. To delete a configured security level, use the following command.
Command Mode Description
no privilege
no privilege view level <0-15> {COMMAND | all}
no privilege enable level <0-15> {COMMAND |
all}
no privilege configure level <0-15> {COM-
MAND | all}
no privilege interface level <0-15> {COMMAND
| all}
no privilege {flow | policer | policy} level <0-
15> {COMMAND | all}
no privilege bridge level <0-15> {COMMAND |
all}
no privilege rmon-alarm level <0-15> {COM-
MAND | all}
no privilege rmon-event level <0-15> {COM-
MAND | all}
no privilege rmon-history level <0-15> {COM-
MAND | all}
no privilege dhcp-pool level <0-15> {COM-
MAND | all}
no privilege dhcp-pool-class level <0-15>
{COMMAND | all}
no privilege dhcp-option82 level <0-15>
{COMMAND | all}
no privilege dhcp-class level <0-15> {COM-
MAND | all}
Global
Deletes all configured security lev-
els.
Delete a configured security level on
each mode.
To display a configured security level, use the following command.
Command Mode Description
show privilege Shows a configured security level.
show privilege now
Enable
Global
Bridge
Shows a security level of current mode.
The following is an example of creating the system account test0 having a security level 10 and test1 having a security level 1 with no password.
SWITCH(config)# user add test0 level 0 level0user
Changing password for test0
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
42 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
Enter new password:(Enter)
Bad password: too short.
Warning: weak password (continuing).
Re-enter new password: (Enter)
Password changed.
SWITCH(config)# user add test1 level 1 level1user
Changing password for test1
Enter the new password (minimum of 5, maximum of 8 characters)
Please use a combination of upper and lower case letters and numbers.
Enter new password: (Enter)
Bad password: too short.
Warning: weak password (continuing).
Re-enter new password: (Enter)
Password changed.
SWITCH(config)# show user
====================================================
User name Description Level
====================================================
test0 level0user 0
test1 level1user 1
SWITCH(config)#
The following is an example of configuring an authority of the security level 0 and 1.
SWITCH(config)# privilege view level 0 enable
SWITCH(config)# privilege enable level 0 show
SWITCH(config)# privilege enable level 1 configure terminal
SWITCH(config)# show privilege
Command Privilege Level Configuration
-----------------------------------------------
Node All Level Command
EXEC(ENABLE) 1 configure terminal
EXEC(VIEW) 0 enable
EXEC(ENABLE) 0 show
3 entry(s) found.
SWITCH(config)#
In the above configuration, as level 0, it is possible to use only show command in Privi­leged EXEC Enable mode; however as level 1, it is possible to use not only the com-
mands in level 1 but also time configuration commands in Privileged EXEC Enable mode and accessing commands to Global Configuration mode.

4.1.7 Limiting Number of Users

For the switch, you can limit the number of users accessing the switch through both con­sole interface and telnet. In case of using the system authentication with RADIUS or TA­CACS+, a configured number includes the number of users accessing the switch via the authentication server.
SMC7824M/VSW 43
CLI Management Guide
TigerAccess™ EE
To set the number of users accessing the switch, use the following command.
Command Mode Description
login connect <1-8>
no login connect
Global
Sets the number of users accessing the switch.
Default: 8
Deletes a configured value.

4.1.8 Auto Log-out

For security reasons of the switch, if no command is entered within the configured inactiv­ity time, the user is automatically logged out of the system. Administrator can configure the inactivity timer.
To enable auto log-out function, use the following command.
Command Mode Description
Enables auto log-out.
exec-timeout <1-35791> [<0-59>]
exec-timeout 0
Global
1-35791: time unit in minutes (by default 10 minutes)
0-59: time unit in seconds
Disables auto log-out.
To display a configuration of auto-logout function, use the following command.
Command Mode Description
show exec-timeout
The following is an example of configuring auto log-out function as 60 seconds and view­ing the configuration.
SWITCH(config)# exec-timeout 60
SWITCH(config)# show exec-timeout
Log-out time : 60 seconds
SWITCH(config)#

4.1.9 Telnet Access

To connect to a remote host via telnet, use the following command.
Command Mode Description
telnet DESTINATION [TCP-PORT] Enable
Enable
Global
Bridge
Shows a configuration of auto-logout function.
Connects to a remote host.
DESTINATION: IP address or host name
In case of telnet connection, you need to wait for the [OK] message, when you save a
!
system configuration. Otherwise, all changes will be lost when the telnet session is dis­connected.
44 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
SWITCH# write memory
[OK]
SWITCH#
The system administrator can disconnect users connected from remote place. To discon­nect a user connected through telnet, use the following command.
Command Mode Description
disconnect TTY-NUMBER Enable Disconnects a user connected through telnet.
The following is an example of disconnecting a user connected from a remote place.
SWITCH# where
admin at ttys0 from console for 4 days 22 hours 15 minutes 24.88 seconds
admin at ttyp0 from 10.0.1.4:1670 for 4 days 17 hours 53 minutes 28.76 seconds
admin at ttyp1 from 147.54.140.133:49538 for 6 minutes 34.12 seconds
SWITCH# disconnect ttyp0
SWITCH# where
admin at ttys0 from console for 4 days 22 hours 15 minutes 34.88 seconds
admin at ttyp1 from 147.54.140.133:49538 for 6 minutes 44.12 seconds
SWITCH#

4.1.10 System Rebooting

4.1.10.1 Manual System Rebooting
When installing or maintaining the system, some tasks require rebooting the system by various reasons. Then you can reboot the system with a selected system OS.
To restart the system manually, use the following command.
Command Mode Description
reload [os1 | os2] Enable Restarts the system.
If you reboot the system without saving new configuration, new configuration will be de­leted. So, you have to save the configuration before rebooting. Not to make that mistake, the switch reconfirms that by displying the following message to ask if user really wants to reboot and save configuration.
If you want to save the system configuration, press <Y> key at first question, if you want to continue to reboot the system, press <Y> key at second question.
The following is an example of restarting the system with the reload command.
SWITCH# reload
Do you want to save the system configuration? [y/n]
Do you want to reload the system? [y/n]
SMC7824M/VSW 45
CLI Management Guide
TigerAccess™ EE
4.1.10.2 Auto System Rebooting
The switch reboots the system according to user’s configuration. There are two basis for system rebooting. These are CPU and memory. CPU is rebooted in case CPU Load or In­terrupt Load continues for the configured time. Memory is automatically rebooted in case memory low occurs as the configured times.
To enable the auto system rebooting, use the following command.
Command Mode Description
Configures the system to restart automatically in case
auto-reset cpu <50-100> <1-100>
TIME
Bridge
auto-reset memory <1-120> <1-
10>
no auto-reset {cpu | memory}
an average of CPU or interrupt load exceeds the con-
figured value during the user-defined time.
50-100: average of CPU load
1-100: average of interrupt load
Configures the system to restart automatically in case
memory low occurs as the configured value.
1-120: time of memory low
1-10: count of memory low
Disables auto system rebooting.
To display a current configured auto system rebooting, use the following command.
Command Mode Description
show auto-reset cpu
show auto-reset memory
Enable
Global
Bridge
Shows a current configured auto system rebooting by
CPU.
Shows a current configured auto system rebooting by
system memory.
46 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

4.2 System Authentication

For the enhanced system security, the switch provides two authentication methods to ac­cess the switch such as Remote Authentication Dial-In User Service (RADIUS) and Ter­minal Access Controller Access Control System Plus (TACACS+).

4.2.1 Authentication Method

To set the system authentication method, use the following command.
Command Mode Description
Sets a system authentication method.
local: console access
login {local | remote} {radius |
tacacs | host | all} {enable | dis-
able}
Global
no login {local | remote} {radius |
tacacs | host | all}
no login
remote: telnet/SSH access
radius: RADIUS authentication
tacacs: TACACS+ authentication
host: nominal system authentication (default)
all: all types of the authentication
Deletes a configured system authentication method.

4.2.2 Authentication Interface

If more than 2 interfaces exist in the switch, you can set one interface to access RADIUS or TACACS server. To set an authentication interface, use the following command.
Command Mode Description
login {radius | tacacs} interface
INTERFACE [A.B.C.D]
no login {radius | tacacs}
interface
Global

4.2.3 Primary Authentication Method

You can set the order of the authentication method by giving the priority to each authenti­cation method. To set the primary authentication method, use the following command
Command Mode Description
login {local | remote} {radius |
tacacs | host} primary
Global
Sets an authentication interface.
radius: RADIUS authentication
tacacs: TACACS+ authentication
INTERFACE: interface name
A.B.C.D: source IP address (optional)
Deletes a specified authentication interface.
Sets a system authentication method.
local: console access
remote: telnet/SSH access
radius: RADIUS authentication
tacacs: TACACS+ authentication
host: nominal system authentication (default)
SMC7824M/VSW 47
CLI Management Guide
TigerAccess™ EE

4.2.4 RADIUS Server

4.2.4.1 RADIUS Server for System Authentication
To add/delete a RADIUS server for system authentication, use the following command.
Command Mode Description
Adds a RADIUS server with its information.
login radius server A.B.C.D
KEY [auth_port PORT acct_port
PORT]
no login radius server [A.B.C.D]
Global
A.B.C.D: IP address
KEY: authentication key value
auth_port: authentication port (optional)
acct_port: accounting port (optional)
Deletes an added RADIUS server.
i
You can add up to 5 RADIUS servers.
4.2.4.2 RADIUS Server Priority
To specify the priority of a registered RADIUS server, use the following command.
Command Mode Description
login radius server move
A.B.C.D <1-5>
4.2.4.3 Timeout of Authentication Request
After an authentication request, the switch waits for a response from a RADIUS server for specified time. To specify a timeout value, use the following command.
Command Mode Description
login radius timeout <1-100>
no login radius timeout
Global
Global
Specifies a priority of RADIUS server.
A.B.C.D: IP address
1-5: priority of RADIUS server
Specifies a timeout value.
1-100: timeout value for a response (default: 5)
Deletes a specified timeout value.
4.2.4.4 Frequency of Retransmit
In case of no response from a RADIUS server, the switch is supposed to retransmit an authentication request. To set the frequency of retransmitting an authentication request, use the following command.
Command Mode Description
login radius retransmit <1-10>
no login radius retransmit
Global
48 SMC7824M/VSW
Sets the frequency of retransmit.
1-10: frequency count (default: 3)
Deletes a specified frequency count.
Management Guide CLI TigerAccess™ EE

4.2.5 TACACS+ Server

4.2.5.1 TACACS+ Server for System Authentication
To add/delete the TACACS+ server for system authentication, use the following command.
Command Mode Description
Adds a TACACS+ server with its information.
login tacacs server A.B.C.D KEY
no login tacacs server [A.B.C.D]
Global
A.B.C.D: IP address
KEY: authentication key value
Deletes an added TACACS+ server.
i
You can add up to 5 TACACS+ servers.
4.2.5.2 TACACS+ Server Priority
To specify the priority of a registered TACACS+ server, use the following command.
Command Mode Description
login tacacs server move
A.B.C.D <1-5>
4.2.5.3 Timeout of Authentication Request
After the authentication request, the switch waits for the response from the TACACS+ server for specified time. To specify a timeout value, use the following command.
Command Mode Description
login tacacs timeout <1-100>
no login tacacs timeout
Global
Global
Specifies the priority of TACACS+ server.
A.B.C.D: IP address
1-5: priority of TACACS server
Specifies a timeout value.
1-100: timeout value for the response (default: 5)
Deletes a specified timeout value.
4.2.5.4 Additional TACACS+ Configuration
The switch provides several additional options to configure the system authentication via TACACS+ server.
TCP Port for the Authentication
To specify TCP port for the system authentication, use the following command.
Command Mode Description
login tacacs socket-port
<1-65535>
no login tacacs socket-port
Global
SMC7824M/VSW 49
Specifies TCP port for the authentication.
1-65535: TCP port
Deleted the configured TCP port for the authentication
CLI Management Guide
TigerAccess™ EE
Authentication Type
To select the authentication type for TACACS+, use the following command.
Command Mode Description
Selects an authentication type for TACACS+.
login tacacs auth-type {ascii |
pap | chap}
no login tacacs auth-type
Global
ascii: plain text
pap: password authentication protocol
chap: challenge handshake authentication protocol
Deletes a specified authentication type.
Priority Level
According to a defined priority level, the user has different authority to access the system. This priority should be defined in the TACACS+ server in the same way. To define the pri­ority level of user, use the following command.
Command Mode Description
login tacacs priority-level {min |
user | max | root}
no login tacacs priority-level
Global
Defines the priority level of user, see the below infor-
mation for the order of priority.
Deletes a defined priority level.
i
The order of priority is root = max > user > min.

4.2.6 Accounting Mode

The switch provides the accounting function of AAA (Authentication, Authorization, and Accounting). Accounting is the process of measuring the resources a user has consumed. Typically, accounting measures the amount of system time a user has used or the amount of data a user has sent and received.
To set an accounting mode, use the following command.
Command Mode Description
Sets an accounting mode.
login accounting-mode {none |
start | stop | both}
no login accounting-mode
Global

4.2.7 Displaying System Authentication

To display a configured system authentication, use the following command.
start: measures start point only.
stop: measures stop point only.
both: measures start and stop point both.
Deletes a configured accounting mode.
Command Mode Description
Enable
show login
Global
Bridge
Shows a configured system authentication.
50 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

4.3 Configuring Interface

The Layer 2 switches only see the MAC address in an incoming packet to determine where the packet needs to come from/to and which ports should receive the packet. The Layer 2 switches do not need IP addresses to transmit packets. However, if you want to access to the switch from a remote place with TCP/IP through SNMP or telnet, it requires an IP address.
You can enable the interface to communicate with another network device on the network by assigning an IP address as follows:
Enabling Interface
Assigning IP Address to Network Interface
Static Route and Default Gateway
Interface Description
Displaying Interface

4.3.1 Enabling Interface

To assign an IP address to an interface, you need to enable the interface first. If the inter­face is not enabled, you cannot access it from a remote place, even though an IP address has been assigned.
To configure an interface, you need to open Interface Configuration mode first. To open Interface Configuration mode, use the following command.
Command Mode Description
interface INTERFACE
Global
Interface
Opens Interface Configuration mode to configure a
specified interface.
To enable/disable an interface, use the following command.
Command Mode Description
no shutdown Enables an interface.
shutdown
Interface
Disables an interface.
To enable/disable an interface in Global Configaration mode, use the following command.
Command Mode Description
interface noshutdown INTER-
FAC E
interface shutdown INTERFACE
Global
Enables an interface.
Disables an interface.
The following is an example of enabling the interface 1.
SWITCH# configure terminal
SWITCH(config)# interface 1
SWITCH(config-if)# no shutdown
SWITCH(config-if)#
SMC7824M/VSW 51
CLI Management Guide
TigerAccess™ EE
i
To display if an interface is enabled, use the show running-config command.

4.3.2 Assigning IP Address to Network Interface

After enabling an interface, assign an IP address. To assign an IP address to a network interface, use the following command.
Command Mode Description
ip address A.B.C.D/M Assigns an IP address to an interface.
ip address A.B.C.D/M secondary Assigns a secondary IP address to an interface.
ip address dhcp Assigns an IP address from a DHCP server.
no ip address A.B.C.D/M Clears an IP address assigned to an interface.
no ip address A.B.C.D/M secon-
dary
no ip address dhcp
The ip address dhcp command is for configuring an interface as a DHCP client. For the
i
detail of configuring a DHCP client, see Section
Interface
Clears a secondary IP address assigned to an inter-
face.
Stops assigning an IP address from a DHCP server.
8.6.9.
To display an assigned IP address, use the following command.
Command Mode Description
show ip Interface Shows an IP address assigned to an interface.

4.3.3 Static Route and Default Gateway

The static route is a predefined route to a specific network and/or device such as a host. Unlike a dynamic routing protocol, static routes are not automatically updated and must be manually reconfigured if the network topology changes. Static route includes destina­tion address, neighbor address, and etc. To configure a static route, use the following command.
To configure a static route, use the following command.
Command Mode Description
ip route A.B.C.D SUBNET-MASK
{GATEWAY | null} [<1-255>]
Global
ip route A.B.C.D/M {GATEWAY |
null} [<1-255> | src A.B.C.D]
Configures a static route.
A.B.C.D: destination IP prefix
A.B.C.D/M: destination IP prefix with mask
GATEWAY: gateway address
1-255: distance value
src: binding source IP address
52 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
To delete a configured static route, use the following command.
Command Mode Description
no ip route A.B.C.D SUBNET-MASK {GATEWAY
| null} [<1-255>]
no ip route A.B.C.D/M {GATEWAY | null} [<1-
255>]
Global Deletes a configured static route.
To configure a default gateway, use the following command.
Command Mode Description
ip route default {GATEWAY |
null} [<1-255>]
Global Configures a default gateway.
To delete a configure default gateway, use the following command.
Command Mode Description
no ip route default {GATEWAY |
null} [<1-255>]
Global Deletes a default gateway.
To display a configured static route, use the following command.
Command Mode Description
show ip route [ A.B.C.D |
A.B.C.D/M ]
show ip route database

4.3.4 Interface Description

To specify a description on an interface, use the following command.
Command Mode Description
description DESCRIPTION Specifies a description on an interface.
no description
The following is the example of specifying a description on the interface 1.
SWITCH(config)# interface 1
SWITCH(config-if)# description sample_description
SWITCH(config-if)# show interface 1
Interface default
Hardware is Ethernet, address is 00d0.cb00.0d83
Description: sample_description
index 43 metric 1 mtu 1500 <UP,BROADCAST,RUNNING,MULTICAST>
VRF Binding: Not bound
Bandwidth 100m
Enable
Global
Bridge
Interface
Shows configured routing information.
Shows configured routing information with IP routing
table database.
Deletes a specified description.
SMC7824M/VSW 53
CLI Management Guide
TigerAccess™ EE
inet 10.27.41.91/24 broadcast 10.27.41.255
input packets 3208070, bytes 198412141, dropped 203750, multicast packets 0
input errors 12, length 0, overrun 0, CRC 0, frame 0, fifo 12, missed 0
output packets 11444, bytes 4192789, dropped 0
output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0
collisions 0
SWITCH(config)#

4.3.5 Displaying Interface

To display an interface status and configuration, use the following command.
Command Mode Description
Enable
show interface [INTERFACE]
show ip interface {INTERFACE |
brief}
Global
Bridge
Interface
Enable
Global
Bridge
Shows an interface status and configuration.
INTERFACE: interface name
Shows brief information of interface.
INTERFACE: interface name
The following is the sample output of the show ip interface brief command.
SWITCH(config)# show ip interface brief
Interface IP-Address Status Protocol
lo unassigned up up
mgmt 10.27.41.91 up up
default unassigned up up
SWITCH(config)#
54 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

4.4 Secure Shell (SSH)

Network security is getting more important because the access network has been gener­alized among numerous users. However, typical FTP and telnet service have big weak­ness for their security. Secure shell (SSH) is a network protocol that allows establishing a secure channel between a local and a remote computer. It uses public-key cryptography to authenticate the remote computer and to allow the remote computer to authenticate the user.

4.4.1 SSH Server

The switch can be operated as SSH server. You can configure the switch as SSH server with the following procedure.
Enabling SSH Server
Displaying On-line SSH Client
Disconnecting SSH Client
Assigning Specific Authentication Key
Displaying Connection History of SSH Client
4.4.1.1 Enabling SSH Server
To enable/disable SSH server, use the following command.
Command Mode Description
ssh server enable Enables SSH server.
ssh server disable
Global
4.4.1.2 Displaying On-line SSH Client
To display SSH clients connected to SSH server, use the following command.
Command Mode Description
Enable
show ssh
Global
Bridge
4.4.1.3 Disconnecting SSH Client
To disconnect an SSH client connected to SSH server, use the following command.
Disables SSH server.
Shows SSH clients connected to SSH server.
Command Mode Description
ssh disconnect PID Global
Disconnects SSH clients connected to SSH server.
PID: SSH client number
SMC7824M/VSW 55
CLI Management Guide
TigerAccess™ EE
4.4.1.4 Assigning Specific Authentication Key
After enabling SSH server, each client will upload its own generated authentication key. The SSH server can assign the specific key among the uploaded keys from several cli­ents.
To verify an authentication key, use the following command.
Command Mode Description
ssh key verify FILENAME Global Verifies a generated authentication key.
i
from SSH server to login.
4.4.1.5 Displaying Connection History of SSH Client
If the SSH server verify the key for specific client, other clients must download the key file
To display the connection history of SSH client, use the following command.
Command Mode Description
show ssh history
Enable
Global
Bridge
Shows the connection history of SSH clients who are
connected to SSH server up to now.

4.4.2 SSH Client

The switch can be used as SSH client with the following procedure.
Login to SSH Server
File Copy
Authentication Key
4.4.2.1 Login to SSH Server
To login to SSH server after configuring the switch as SSH client, use the following com­mand.
Command Mode Description
ssh login DESTINATION [PUB-
LIC-KEY]
Enable
Logins to SSH server.
DESTINATION: IP address of SSH server
PUBLIC-KEY: public key
4.4.2.2 File Copy
To copy a system configuration file from/to SSH server, use the following command.
Command Mode Description
copy {scp | sftp} config
{download | upload} FILENAME
Enable
56 SMC7824M/VSW
Downloads and uploads a file to through SSH server.
FILE: destination file name
Management Guide CLI TigerAccess™ EE
4.4.2.3 Authentication Key
SSH client can access to server through authentication key after configuring authentica­tion key and informing it to server. It is safer to use authentication key than inputting password every time for login, and it is also possible to connect to several SSH servers with using one authentication key.
To configure an authentication key in the switch, use the following command.
Command Mode Description
ssh keygen {rsa1 | rsa | dsa} Global
copy {scp | sftp} key upload
FILENAME
Enable
To configure authentication key and connect to SSH server with the authentication key, perform the following procedure.
Configures an authentication key.
rsa1: SSH ver. 1 authentication
rsa: SSH ver. 2 authentication
dsa: SSH ver. 2 authentication
FILENAME: key file name
Step 1 Configure the authentication key in the switch.
SWITCH_A(config)# ssh keygen dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/etc/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):networks
Enter same passphrase again:networks
Your identification has been saved in /etc/.ssh/id_dsa.
Your public key has been saved in /etc/.ssh/id_dsa.pub.
The key fingerprint is:
d9:26:8e:3d:fa:06:31:95:f8:fe:f6:59:24:42:47:7e root@switch
SWITCH_A(config)#
Step 2 Copy the generated authentication key to SSH server.
Step 3 Connect to SSH server with the authentication key.
SWITCH_A(config)# ssh login 172.16.209.10
Enter passphrase for key '/etc/.ssh/id_dsa': networks
SWITCH_B#
SMC7824M/VSW 57
CLI Management Guide
TigerAccess™ EE

4.5 802.1x Authentication

To enhance security and portability of network management, there are two ways of au­thentication based on MAC address and port-based authentication which restrict clients attempting to access to port.
Port-based authentication (802.1x) is used to authenticate the port self to access without users’ count to access the network.
802.1x authentication adopts EAP (Extensible Authentication Protocol) structure. In EAP system, there are EAP-MD5 (Message Digest 5), EAP-TLS (Transport Level Security), EAP-SRP (Secure Remote Password), EAP-TTLS (Tunneled TLS) and the switch sup­ports EAP-MD5 and EAP-TLS. Accessing with user’s ID and password, EAP-MD5 is 1­way Authentication based on the password. EAP-TLS accesses through the mutual au­thentication system of server authentication and personal authentication and it is possible to guarantee high security because of mutual authentication system.
At a request of user Authentication, from user’s PC EAPOL-Start type of packets are transmitted to authenticator and authenticator again requests identification. After getting respond about identification, request to approve access to RADIUS server and be au­thenticated by checking access through user’s information.
The following figure explains the process of 802.1x authentication.
EAPOL
(EAP over LAN)
[Suppliant] [Authenticator] [Authentication Server]
EAPOL-Start
EAP-Request / Identity
EAP-Response / Identity RADIUS-Access-Request
EAP-Response RADIUS-Access-Request
EAP-Success RADIUS-Access-Accept
EAP over RADIUS
RADIUS Server
RADIUS-Access-ChallengeEAP-Request
Fig. 4.1 Process of 802.1x Authentication
58 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

4.5.1 802.1x Authentication

4.5.1.1 Enabling 802.1x
To configure 802.1x, the user should enable 802.1x daemon first. To enable 802.1x dae­mon, use the following command.
Command Mode Description
dot1x system-auth-control Enables 802.1x daemon.
no dot1x system-auth-control
4.5.1.2 RADIUS Server
As RADIUS server is registered in authenticator, authenticator also can be registered in RADIUS server.
Here, authenticator and RADIUS server need extra data authenticating each other be­sides they register each other’s IP address. The data is key and should be the same value for each other. For the key value, every kinds of character can be used except the space or special character.
Global
Disables 802.1x daemon.
RADIUS Server
[Suppliant] [Authenticator] [Authentication Server]
Authentication request
in order
Designate as default
RADIUS server
Response
RADIUS Servers
A : 10.1.1.1
B : 20.1.1.1
C : 30.1.1.1
:
J : 100.1.1.1
Fig. 4.2 Multiple Authentication Servers
If you register in several servers, the authentication server starts form RADIUS server registered as first one, then requests the second RADIUS server in case there’s no re­sponse. According to the order of registering the authentication request, the authentica­tion request is tried and the server which responds to it becomes the default server from the point of response time.
SMC7824M/VSW 59
CLI Management Guide
TigerAccess™ EE
After default server is designated, all requests start from the RADIUS server. If there’s no response from default server again, the authentication request is tried for RADIUS server designated as next one.
To configure IP address of RADIUS server and key value, use the following command.
Command Mode Description
dot1x radius-server host
{A.B.C.D | NAME} auth-port <0-
65535> key KEY
dot1x radius-server host
{A.B.C.D | NAME} key KEY
no dot1x radius-server host
{A.B.C.D | NAME}
Global
Registers RADIUS server with key value and UDP port
of radius server.
0-65535: UDP port (default: 1812)
Configures IP address of RADIUS server and key
value.
Deletes a registered RADIUS server.
i
The key option is authentication information between the authenticator and RADIUS server. The authenticator and RADIUS server must have a same key value, and you can use alphabetic characters and numbers for the key value. The space or special character is not allowed.
To set priority to a registered RADIUS server, use the following command..
You can designate up to 5 RADIUS servers as authentication server.
Command Mode Description
dot1x radius-server move
{A.B.C.D | NAME} priority PRIOR-
ITY
4.5.1.3 Authentication Mode
You can set the authentication mode from the port-based to the MAC-based. To set the authentication mode, use the following command.
Command Mode Description
dot1x auth-mode mac-base
PORTS
no dot1x auth-mode mac-base
PORTS
Global Sets priority to a registered RADIUS server.
Sets the authentication mode to the MAC-based.
Global
Restores the authentication mode to the port-based.
Before setting the authentication mode to the MAC-based, you need to set a MAC filtering
!
policy to deny for all the Ethernet ports. To configure a MAC filtering policy, see Section
7.11.1.
60 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
4.5.1.4 Authentication Port
After configuring 802.1x authentication mode, you should select the authentication port.
Command Mode Description
dot1x nas-port PORTS Designates 802.1x authentication port.
no dot1x nas-port PORTS
Global
Disables 802.1x authentication port.
4.5.1.5 Force Authorization
The switch can permit the users requesting the access regardless of the authentication from RADIUS server. For example, even though a client is authenticated from the server, it is possible to configure not to be authenticated from the server.
To manage the approval for the designated port, use the following command.
Command Mode Description
dot1x port-control {auto | force-
authorized | force-unauthorized}
PORTS
no dot1x port-control PORTS
Global
Configures a state of the authentication port.
auto: authorization up to RADIUS server (default)
force-authorized: force authorization
force-unauthorized: force unauthorization
Deletes a configured authentication port state.
4.5.1.6 Interval for Retransmitting Request/Identity Packet
In the switch, it is possible to specify how long the device waits for a client to send back a response/identity packet after the device has sent a request/identity packet. If the client does not send back a response/identity packet during this time, the device retransmits the request/identity packet.
To configure the number of seconds that the switch waits for a response to a re­quest/identity packet, use the following command.
Command Mode Description
dot1x timeout tx-period <1-
65535> PORTS
no dot1x timeout tx-period
PORTS
Global
Sets reattempt interval for requesting request/identity
packet.
1-65535: retransmit interval (default: 30)
Disables the interval for requesting identity.
4.5.1.7 Number of Requests to RADIUS Server
After 802.1x authentication configured as explained above and the user tries to connect with the port, the process of authentication is progressed among user’s PC and the equipment as authenticator and RADIUS server. It is possible to configure how many times the device which will be authenticator requests for authentication to RADIUS server.
SMC7824M/VSW 61
CLI Management Guide
TigerAccess™ EE
To configure times of authentication request in the switch, please use the command in Global mode.
Command Mode Description
dot1x radius-server retries <1-
10>
Global
Configure times of authentication request to RADIUS
server.
1-10: retry number (default: 3)
4.5.1.8 Interval of Request to RADIUS Server
For the switch, it is possible to set the time for the retransmission of packets to check RADIUS server. If there’s a response from other packets, the switch waits for a response from RADIUS server during the configured time before resending the request.
Command Mode Description
dot1x radius-server timeout <1-
120>
Global
Configures the interval of request to RADIUS server.
1-120: interval (default: 1)
You should consider the distance from the server for configuring the interval of requesting the authentication to RADIUS server. If you configure the interval too short, the authenti­cation couldn’t be realized. If it happens, you’d better to reconfigure the interval longer.

4.5.2 802.1x Re-Authentication

In the switch, it is possible to update the authentication status on the port periodically. To enable re-authentication on the port, you should perform the below procedure.
Step 1
Enable 802.1x re-authentication.
Step 2
Configure the interval of re-authentication.
Step 3
Configure the interval of requesting re-authentication in case of re-authentication fails.
Step 4
Execute 802.1x re-authenticating regardless of the interval.
4.5.2.1 Enabling 802.1x Re-Authentication
To enable 802.1x re-authentication using the following command.
Command Mode Description
dot1x reauth-enable PORTS Enables 802.1x re-authentication.
no dot1x reauth-enable PORTS
Global
Disables 802.1x re-authentication.
62 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
4.5.2.2 Interval of Re-Authentication
RAIDIUS server contains the database about the user who has access right. The data­base is real-time upgraded so it is possible for user to lose the access right by updated database even though he is once authenticated. In this case, even though the user is ac­cessible to network, he should be authenticated once again so that the changed database is applied to. Besides, because of various reasons for managing RADIUS server and
802.1x authentication port, the user is supposed to be re-authenticated every regular time. The administrator of the switch can configure a term of re-authentication.
To configure a term of re-authentication, use the following command.
Command Mode Description
dot1x timeout reauth-period <1-
4294967295> PORTS
no dot1x timeout reauth-period
PORTS
Global
Sets the period between re-authentication attempts.
Deletes the period between re-authentication attempts.
4.5.2.3 Interval of Requesting Re-Authentication
When the authenticator sends request/identity packet for re-authentication and no re­sponse is received from the suppliant for the number of seconds, the authenticator re­transmits the request to the suppliant. In the switch, you can set the number of seconds that the authenticator should wait for a response to request/identity packet from the sup­pliant before retransmitting the request.
To set reattempt interval for requesting request/identity packet, use the following com­mand.
Command Mode Description
dot1x timeout quiet-period <1-
65535> PORTS
no dot1x timeout quiet-period
PORTS
4.5.2.4 802.1x Re-Authentication
In Section 4.5.2.2, it is described even though the user is accessible to network, he should be authenticated so that the changed database is applied to. Besides, because of various reasons managing RADIUS server and 802.1x authentication port, the user is supposed to be re-authenticated every regular time.
Global
Sets reattempt interval for requesting request/identity
packet.
1-65535: reattempt interval (default: 30)
Disables the interval for requesting identity.
However, there are some cases of implementing re-authentication immediately. In the switch, it is possible to implement re-authentication immediately regardless of configured time interval.
Command Mode Description
dot1x reauthenticate PORTS Global
Performs re-authentication regardless of the configured
time interval.
SMC7824M/VSW 63
CLI Management Guide
TigerAccess™ EE

4.5.3 Initializing Authentication Status

The user can initialize the entire configuration on the port. Once the port is initialized, the supplicants accessing to the port should be re-authenticated.
Command Mode Description
dot1x initialize PORTS Global Initializes the authentication status on the port.

4.5.4 Restoring Default Value

To restore the default value of the 802.1x configuration, use the following command.
Command Mode Description
dot1x default PORTS Global Restores the default value of the 802.1x configuration.

4.5.5 Displaying 802.1x Configuration

To display 802.1x configuration, use the following command.
Command Mode Description
show dot1x Shows 802.1x configuration on the system.
show dot1x PORTS
Enable
Global
Bridge
Shows 802.1x configuration on the port.

4.5.6 802.1x User Authentication Statistics

It is possible for user to make reset state by showing and deleting the statistics of 802.1x user authentication.
To display the statistics about the process of 802.1x user authentication, use the following command.
Command Mode Description
Enable
show dot1x statistics PORTS
Global
Bridge
To make reset state by deleting the statistics of 802.1x user authentication, use the fol­lowing command.
Command Mode Description
dot1x clear statistics PORTS Global
Shows the statistics of 802.1x user authentication on
the port.
Makes reset state by deleting the statistics of 802.1x
on the port.
64 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

4.5.7 Sample Configuration

The following is the example of configuring the port 25 with the port-based authentication specifying the information of RADIUS server.
SWTICH(config)# dot1x system-auth-control
SWTICH(config)# dot1x nas-port 25
SWTICH(config)# dot1x port-control force-authorized 25
SWTICH(config)# dot1x radius-server host 10.1.1.1 auth-port 1812 key test
SWTICH(config)# show dot1x
802.1x authentication is enabled.
RADIUS Server TimeOut: 1(S)
RADIUS Server Retries: 3
RADIUS Server : 10.1.1.1 (Auth key : test)
----------------------------------------------
| 1 2 3
802.1x |123456789012345678901234567890123
----------------------------------------------
PortEnable |........................p........
PortAuthed |........................u........
MacEnable |.................................
MacAuthed |.................................
----------------------------------------------
p = port-based, m = mac-based, a = authenticated, u = unauthenticated
SWITCH(config)#
The following is the example of setting the interval of requesting reauthentication to 1000 sec and the interval of reauthentication to 1800 sec.
SWTICH(config)# dot1x timeout quiet-period 1000 25
SWTICH(config)# dot1x timeout reauth-period 1800 25
SWTICH(config)# dot1x reauth-enable 25
SWTICH(config)# show dot1x 25
Port 25
SystemAuthControl : Enabled
ProtocolVersion : 0
PortControl : Force-Authorized
PortStatus : Unauthorized
ReauthEnabled : True
QuietPeriod : 1000
ReauthPeriod : 1800
TxPeriod : 30
PaeState : INITIALIZE
SWITCH(config)#
SMC7824M/VSW 65
CLI Management Guide
TigerAccess™ EE
The following is the example of configuring the port 25 with the MAC-based authentica­tion.
SWTICH(config)# dot1x auth-mode mac-base 25
SWTICH(config)# show dot1x
802.1x authentication is enabled.
RADIUS Server TimeOut: 1(S)
RADIUS Server Retries: 3
RADIUS Server : 10.1.1.1 (Auth key : test)
----------------------------------------------
| 1 2 3
802.1x |123456789012345678901234567890123
----------------------------------------------
PortEnable |.................................
PortAuthed |.................................
MacEnable |........................m........
MacAuthed |........................u........
----------------------------------------------
p = port-based, m = mac-based, a = authenticated, u = unauthenticated
SWITCH(config)#
66 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

5 Port Configuration

The switch provides maximum 24 VDSL ports including integrated splitters. In this chapter, you can find the instructions for the basic port configuration such as auto-negotiation, flow control, transmit rate, etc. Please read the following instructions carefully before you con­figure a port in the switch.
This chapter contains the following sections.
Port Basic
Ethernet Port Configuration
VDSL Port Configuration
Port Mirroring

5.1 Port Basic

The switch provides 24 VDSL ports for the subscriber interface and 2 fixed ports of 10/100/1000Base-T Gigabit Ethernet and 1 optional module of 2 uplink ports(2-port SFP or 1-port GE-PON & 1-port SFP) supporting 100/1000Base-X interface.

5.2 Ethernet Port Configuration

5.2.1 Enabling Ethernet Port

To enable/disable the Ethernet port, use the following command.
Command Mode Description
port {enable | disable} PORTS Bridge
The following is an example of disabling the Ethernet port 25.
SWITCH(bridge)# port disable 25
SWITCH(bridge)# show port 25
------------------------------------------------------------------------
NO TYPE PVID STATUS MODE FLOWCTRL INSTALLED
(ADMIN/OPER)
------------------------------------------------------------------------
25 Ethernet 2 Down/Down Auto/Full/0 Off Y
SWITCH(bridge)#
Enables/disables a port, enter a port number.
(default: enable)

5.2.2 Auto-Negotiation

Auto-negotiation is a mechanism that takes control of the cable when a connection is es­tablished to a network device. Auto-negotiation detects the various modes that exist in the network device on the other end of the wire and advertises it own abilities to automatically configure the highest performance mode of interoperation. As a standard technology, this allows simple, automatic connection of devices that support a variety of modes from a va-
SMC7824M/VSW 67
CLI Management Guide
TigerAccess™ EE
riety of manufacturers. To enable/disable the auto-negotiation on an Ethernet port, use the following command.
Command Mode Description
port nego PORTS {on | off} Bridge
Enables/disables the auto-negotiation on a specified
port, enter a port number. (default: on)
Auto-negotiation operates only on 10/100/1000Base-TX interface. You cannot enable this
!
function on 1000Base-X optical interface.
The following is an example of disabling the auto-negotiation on the Ethernet port 25 and
26.
SWITCH(bridge)# show port 25-26
------------------------------------------------------------------------
NO TYPE PVID STATUS MODE FLOWCTRL INSTALLED
(ADMIN/OPER)
------------------------------------------------------------------------
25 Ethernet 1 Up/Up Auto/Full/1000 Off Y
26 Ethernet 1 Up/Up Auto/Full/1000 Off Y
SWITCH(bridge)# port nego 25-26 off
SWITCH(bridge)# show port 25-26
------------------------------------------------------------------------
NO TYPE PVID STATUS MODE FLOWCTRL INSTALLED
(ADMIN/OPER)
------------------------------------------------------------------------
25 Ethernet 1 Up/Up Force/Full/1000 Off Y
26 Ethernet 1 Up/Up Force/Full/1000 Off Y
SWITCH(bridge)#

5.2.3 Transmit Rate

To set the transmit rate of an Ethernet port, use the following command.
Command Mode Description
port speed PORTS {10 | 100 | 1000} Bridge
Transmit rate is configurable only on 10/100/1000Base-TX interface. You cannot set
!
transmit rate on 1000Base-X optical interface.
Sets the transmit rate of a specified port
to 10/100/1000Mbps, enter a port num-
ber.
68 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
The following is an example of setting transmit rate on the Ethernet port 25 to 10 Mbps.
SWITCH(bridge)# show port 25
------------------------------------------------------------------------
NO TYPE PVID STATUS MODE FLOWCTRL INSTALLED
(ADMIN/OPER) (ADMIN/OPER)
------------------------------------------------------------------------
25 Ethernet 2 Up/Up Auto/Full/1000 Off/ Off Y
SWITCH(bridge)# port speed 25 10
SWITCH(bridge)# show port 25
------------------------------------------------------------------------
NO TYPE PVID STATUS MODE FLOWCTRL INSTALLED
(ADMIN/OPER) (ADMIN/OPER)
------------------------------------------------------------------------
25 Ethernet 2 Up/Up Auto/Full/10 Off/ Off Y
SWITCH(bridge)#

5.2.4 Duplex Mode

Ethernet operates in either half-duplex or full-duplex mode. In full-duplex mode, frames travel in both directions simultaneously over two channels on the same connection for an aggregate bandwidth of twice that of half-duplex mode. Full duplex networks are very effi­cient since data can be sent and received simultaneously.
To set the duplex mode on an Ethernet port, use the following command.
Command Mode Description
port duplex PORTS {full | half} Bridge
Sets full-duplex or half-duplex mode on a specified
port, enter a port number.
The following is an example of setting the duplex mode on the Ethernet port 25 to half­duplex mode.
SWITCH(bridge)# show port 25
------------------------------------------------------------------------
NO TYPE PVID STATUS MODE FLOWCTRL INSTALLED
(ADMIN/OPER) (ADMIN/OPER)
------------------------------------------------------------------------
25 Ethernet 2 Up/Up Auto/Full/1000 Off/ Off Y
SWITCH(bridge)# port duplex 25 half
SWITCH(bridge)# show port 25
------------------------------------------------------------------------
NO TYPE PVID STATUS MODE FLOWCTRL INSTALLED
(ADMIN/OPER) (ADMIN/OPER)
------------------------------------------------------------------------
25 Ethernet 2 Up/Up Auto/Half/1000 Off/ Off Y
SWITCH(bridge)#
SMC7824M/VSW 69
CLI Management Guide
TigerAccess™ EE

5.2.5 Flow Control

In Ethernet networking, the flow control is the process of adjusting the flow of data from one network device to another to ensure that the receiving device can handle all of the in­coming data. For this process, the receiving device normally sends a PAUSE frame to the sending device when its buffer is full. The sending device then stops sending data for a while. This is particularly important where the sending device is capable of sending data much faster than the receiving device can receive it.
To enable the flow control on an Ethernet port, use the following command.
Command Mode Description
port flow-control PORTS {on |
off}
Bridge
The following is an example of enabling the flow control on the Ethernet port 25.
SWITCH(bridge)# show port 25
------------------------------------------------------------------------
NO TYPE PVID STATUS MODE FLOWCTRL INSTALLED
(ADMIN/OPER) (ADMIN/OPER)
------------------------------------------------------------------------
25 Ethernet 2 Up/Up Auto/Full/1000 Off/ Off Y
SWITCH(bridge)# port flow-control 25 on
SWITCH(bridge)# show port 25
------------------------------------------------------------------------
NO TYPE PVID STATUS MODE FLOWCTRL INSTALLED
(ADMIN/OPER) (ADMIN/OPER)
------------------------------------------------------------------------
25 Ethernet 2 Up/Up Auto/Full/1000 On/ On Y
SWITCH(bridge)#
Enables the flow control on a specified port, enter a
port number. (default: off)

5.2.6 Port Description

To specify a description of an Ethernet port, use the following command.
Command Mode Description
port description PORTS
DESCRIPTION
no port description PORTS
Bridge
Specifies a description of an Ethernet port. (maximum
number of characters is 100)
Deletes a specified description of an Ethernet port.
70 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

5.2.7 Traffic Statistics

5.2.7.1 Packet Statistics
To display the traffic statistics of an Ethernet port, use the following command.
Command Mode Description
show port statistics avg-pkt
[PORTS]
show port statistics avg-pps
[PORTS]
show port statistics interface
[PORTS]
show port statistics rmon
[PORTS]
show port statistics media-
adaptor [PORTS]
Enable
Global
Bridge
Shows the traffic statistics of the average packet for a
specified Ethernet port.
Shows the traffic statistics per packet type for a speci-
fied Ethernet port.
Shows the interface MIB counters of a specified
Ethernet port.
Shows the RMON MIB counters of a specified Ethernet
port.
Shows the traffic statics per media adaptor unit of CO
VDSL port.
The following is the sample output of the show port statistics avg-pkt command with the Ethernet port 25.
SWITCH(config)# show port statistics avg-pkt 25
============================================================================
Slot/Port| Tx | Rx
----------------------------------------------------------------------------
Time | pkts/s | bytes/s | bits/s | pkts/s | bytes/s | bits/s
============================================================================
port 25 -------------------------------------------------------------------
5 sec: 2 186 1,488 11 1106 8,848
1 min: 0 60 480 3 148 1,872
10 min: 0 6 48 1 15 1,184
SWITCH(config)#
To delete all collected statistics for an Ethernet port, use the following command.
Command Mode Description
Enable
clear port statistics {PORTS | all}
Global
Bridge
Deletes all collected statistics for an Ethernet port.
SMC7824M/VSW 71
CLI Management Guide
TigerAccess™ EE
5.2.7.2 CPU Statistics
To display the statistics of the traffic handled by CPU, use the following command.
Command Mode Description
show cpu statistics avg-pkt
[PORTS]
show cpu statistics total
[PORTS]
Enable
Global
Bridge
To delete the collected statistics of the traffic handled by CPU, use the following com­mand.
Command Mode Description
clear cpu statistics [PORTS]
Global
Bridge
Shows the statistics of the traffic handled by CPU per
packet type.
Shows the traffic statistics of the average packet han-
dled by CPU.
Deletes the collected statistics of the traffic handled by
CPU.
The following is the sample output of the show cpu statistics total command with the Ethernet port 25.
SWITCH(config)# show cpu statistics total 25
==============================================================================
Port | Tx | Rx
------------------------------------------------------------------------------
Time | pkts | bytes | bits | pkts | bytes | bits
==============================================================================
port 25 ---------------------------------------------------------------------
Ucast: 43 3074 24592 0 0 0
Mcast: 348025 2088 167052000 0 0 0
Bcast: 0 0 0 1349 80940 647520
SWITCH(config)#
The switch can be configured to generate a syslog message when the number of the packets handled by CPU exceeds a specified value. This function allows system adminis­trators to monitor the switch and network status more effectively.
To configure the switch to generate a syslog message according to the number of the packets handled by CPU, use the following command.
Command Mode Description
Generates a syslog message according to the speci-
cpu statistics-limit {unicast |
multicast | broadcast} PORTS
<10-100>
Global
fied number of the packets handled by CPU. This is
configurable for each packet type and physical port.
unicast | multicast | broadcast: packet type
PORTS: port numbers
10-100: packet count (actual value: 1000-10000)
72 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
To disable the switch to generate a syslog message according to the number of the pack­ets handled by CPU, use the following command.
Command Mode Description
no cpu statistics-limit {unicast |
multicast | broadcast} {PORTS |
all}
no cpu statistics-limit all
{PORTS | all}
Enable
Global
Disables the switch to generate a syslog message
according to the number of the packets handled by
CPU for each packet type.
all: all physical ports
Disables the switch to generate a syslog message
according to the number of the packets handled by
CPU for all packet types.
To display a configured value to generate a syslog message according to the number of the packets handled by CPU, use the following command.
Command Mode Description
show cpu statistics-limit
Enable
Global
Bridge
Shows a configured value to generate a syslog mes-
sage according to the number of the packets handled
by CPU.
5.2.7.3 Protocol Statistics
To enables/disables the system to collect the statistics of the protocols, use the following command.
Command Mode Description
protocol statistics {enable | dis-
able} [arp | icmp | ip | tcp | udp]
To display the statistics of the protocol, use the following command.
Command Mode Description
show protocol statistics avg-pkt
[PORTS]
show protocol statistics total
[PORTS]
To delete the collected statistics of the protocol, use the following command.
Command Mode Description
clear protocol statistics [PORTS]
Global
Bridge
Enable
Global
Bridge
Global
Bridge
Enables/disables the system to collect the statistics of
the protocols. (ARP, ICMP, IP, TCP, UDP)
Shows the statistics of the protocol for average pack-
ets.
Shows the traffic statistics of the protocol for total
packets.
Deletes the collected statistics of the protocol.
SMC7824M/VSW 73
CLI Management Guide
TigerAccess™ EE

5.2.8 Port Information

To display the port information, use the following command.
Command Mode Description
show port [PORTS] Shows a current port status, enter a port number.
show port description [PORTS]
show port module-info [PORTS]
The show port module-info command is only valid for Ethernet optical port. In case of
!
using the command on the VDSL interface, the system shows the state as Uninstalled.
The following is an example of displaying the port information for port 20 to 26.
SWITCH(config)# show port 20-26
------------------------------------------------------------------------
NO TYPE PVID STATUS MODE FLOWCTRL INSTALLED
(ADMIN/OPER) (ADMIN/OPER)
------------------------------------------------------------------------
20: VDSL 1 Up/Down Force/Full/100 On/ On Y
21: VDSL 1 Up/Down Force/Full/100 On/ On Y
22: VDSL 1 Up/Down Force/Full/100 On/ On Y
23: VDSL 1 Up/Down Force/Full/100 On/ On Y
24: VDSL 1 Up/Down Force/Full/100 On/ On Y
25: Ethernet 1 Up/Down Auto/Half/0 Off/ Off Y
26: Ethernet 1 Up/Down Auto/Half/0 Off/ Off Y
SWITCH(config)#
Enable
Global
Bridge
Shows a specified port description, enter a port num-
ber.
Shows optical module (SFP) information.
74 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

5.3 VDSL Port Configuration

5.3.1 Modulation of VDSL Signal

The switch provides both Internet and telephone communication through existing tele­phone line with using DSL technology. DSL communication system requires technique to convert digital signal into analog signal and return the analog signal into the digital signal.
Fig. 5.1 shows process of signal transmission in DSL system.
Fig. 5.1 Transmission in DSL System
In the above picture, Modulator converts digital signal into analog signal to be sent over the channel. Also, the analog signal is returned into digital signal at the Demodulator.
5.3.1.1 DMT Modulation
DMT builds on some of the ideas of QAM. Imagine having more than one constellation encoder. Each encoder receives a set of bits that are encoded using a constellation en­coder as described in the previous sections. In this basis, DMT is referred as multi carrier
In DMT modulation, frequency channel is named frequency bins, bins, tone, DMT tones, and sub-channel.
Fig. 5.2 shows process of DMT modulation.
SMC7824M/VSW 75
CLI Management Guide
TigerAccess™ EE
Fig. 5.2 DMT Modulation
Meanwhile, DMT using multi carrier can control carrier about exterior noise differently came from each frequency in detail, whereas chip implementation is more complicated than QAM and power consumption is quite high. Also, it is possible to process many digi­tal signals. Although its fundamental is complicated, processing speed is faster than QAM.

5.3.2 Configuring VDSL Port

You can configure profile, interleave of VDSL port. This chapter describes the following lists.
Displaying Status of VDSL Port
Enabling VDSL Port
Profile of VDSL Port
Controlling Power according to Connection Distance
PSD Level
PSD Mask Level
Interleave
Impulse Noise Protection
Trellis Coded Modulation (TCM)
Ham-band
SNR Margin
Bitloading Per Tone
G.handshake Tone
76 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
5.3.2.1 Displaying Status of VDSL Port
You can check status of VDSL port and user’s configuration. It is also possible to view in­formation of VDSL port. To check status of VDSL port and information of DMT modulation, use the following command
Command Mode Description
show lre [PORTS] Shows VDSL port.
show lre detail-info [PORTS] Shows detailed information of VDSL line.
show lre user-mac [PORT]
show lre profile [PORTS] Shows the VDSL profile
show rate-info[PORTS] Shows the rate information of VDSL line.
show lre psd [PORTS]
Enable
Global
Bridge
The above commands shows the following information. Therefore, you can choose com­mand according to information you need.
Shows MAC address of user connected
to VDSL ports.
Shows PSD-mask-level
Command Description
bitload Shows Bitloading Per Tone
ewl Shows Electronic Wire Length
ham-band Shows HAM Band
inp Shows Upstream / Downstream Protection
interleave Shows interleave-delay
pbo-config Shows Power Back-Off Length configuration
profile Shows Profile
psd Shows PSD
rate-info Shows rate information
snr Shows SNR Margin
Tab. 5. 1 Information displayed by Command, show lre
5.3.2.2 Enabling VDSL Port
This configuration of enabling VDSL port has different way of using with the configuration described in “ of partner’s equipment. Therefore, although you connect to cable with VDSL port down, Sync is not configured. To configure Sync status of VDSL port, use the following com­mand.
Ethernet Port Configuration” Enabling VDSL port is to configure Sync status
Command Mode Description
lre PORTS up
lre PORTS down
Bridge
Configures Sync with partner’s equipment or resets
VDSL port.
Disables Sync with partner’s equipment.
Sync with the connected equipment is basically configured for VDSL port.
!
SMC7824M/VSW 77
CLI Management Guide
TigerAccess™ EE
i
ble status.
5.3.2.3 Profile of VDSL Port
It is possible to configure bandwidth of up/down stream of VDSL port. To configure the profile, use the following command.
Command Mode Description
lre PORTS profile vdsl1 {asym100_998 sym100_100_998}
{normal | isdn | adsl | adsl-safe | tlan}
lre PORTS profile vdsl1 {asym50_998asym50_998_4b
sym25_997} {isdn | adsl | adsl-safe | tlan}
lre PORTS profile vdsl1 {asym50_998asym50_998_4b
sym25_997} normal {annex-m | annex-a | annex-b | exclude}
lre PORTS profile vdsl2 {12b |12b_997} {normal | isdn | adsl
| adsl2}
lre PORTS profile vdsl2 {12a | 12a_997 | 17a | 17a_8k | 30a |
8a | 8b | 8c | 8d} {normal | isdn | adsl | adsl2} {annex-m |
annex-a | annex-b | exclude}
This command is used not only to enable VDSL port but also to reset it when is on unsta-
Bridge
Configures profile of VDSL
port.
Each profile provides the following bandwidth.
VDSL 1
VDSL 2
Profile Type
asym100_998
asym50_998 PLAN 998 Asymmetric for DMT 50M
asym50_998_4b PLAN 998 Asymmetric for 4Band DMT 50M 8k tone
sym100_100_998
sym25_997 PLAN 997 Symmetric for DMT 50M
12a PLAN 998 Asymmetric for 4Band 12a
12a_997 PLAN 997 Asymmetric for 5Band 12a
17a PLAN 998 Asymmetric for 5Band 17a
17a_8k PLAN 998 Asymmetric for 5Band 17a (tone space: 8k)
30a PLAN 998 Asymmetric for 6Band 30a
12b PLAN 998 Asymmetric for 4Band 12b (not support option band)
12b_997 PLAN 997 Asymmetric for 4Band 12b (not support option band)
8a PLAN 998 Asymmetric for 3Band 8a
8b PLAN 998 Asymmetric for 3Band 8b (not support option band)
8c PLAN 998 Asymmetric for 3Band 8c
8d PLAN 998 Asymmetric for 3Band 8d
PLAN 998 Asymmetric for 6Band DMT 50/100M (not support option b
and)
PLAN 998 Symmetric for 6Band DMT 100/100M (not support option b
and)
Tab. 5. 2 Profile of VDSL Port
78 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
i
The default pofile of VDSL port is「30a」
!
Configuration for Profile of VDSL port is applied to all the ports.
The following table shows the option band types of VDSL port.
Mode
Option
Band
Profile Mode Description
adsl ADSL friendly mode
adsl2 ADSL2 + friendly mode
adsl-safe ADSL Safe mode
isdn ISDN friendly mode
normal Normal mode
tlan T-LAN friendly mode
annex-a Uses 6 to 32 tone in annex A environment in the direction of upstream
annex-b Uses 32 to 64 tone in annex B environment in the direction of upstream
annex-m Uses 6 to 64 tone in annex M environment in the direction of upstream
exclude Excludes option band
Tab. 5. 3 Option band of VDSL Port
To display the configured lre profile, use the following command.
Command Mode Description
show lre profile Enable/Global/Bridge Displays the configured lre profile
The following is an example of displaying the configured lre profile
SWITCH(bridge)# show lre profile 1-8
----------------------------------------------------------------------
Port Status Standard Profile Tone disable Option
ADM/OPR mode Band
----------------------------------------------------------------------
1 Up/Down VDSL2 17A NORMAL ANNEX_A
2 Up/Down VDSL2 17A NORMAL ANNEX_A
3 Up/Down VDSL2 17A NORMAL ANNEX_A
4 Up/Down VDSL2 17A NORMAL ANNEX_A
5 Up/Down VDSL2 17A NORMAL ANNEX_A
5.3.2.4 Controlling Power according to Connection Distance
The distance of connection from switch to VDSL line may vary according to each VDSL port. If same power is supplied to different connection distance, the power is larger than power supplied to line connected to CPE far from switch. It may cause interruption in the line connected to CPE far from the switch. You can control supplied power according to distance to prevent too large power supplied to VDSL line.
SMC7824M/VSW 79
CLI Management Guide
TigerAccess™ EE
To control supplied power according to VDSL line, use the following command.
Command Mode Description
lre PORTS upbo enable Bridge
Controls supplied power according to distance of VDSL
line.
i
You should control supplied power of VDSL port according to distance of VDSL line.
To disable power control according to distance of VDSL line, use the following command.
Command Mode Description
lre PORTS upbo disable Bridge
Disables power control according to distance of VDSL
line.
The following is an example of disabling power control according to distance of VDSL line.
SWITCH(bridge)# lre 1-3 upbo disable
SWITCH(bridge)# show lre psd 1-5
-----------------------------------------------------------
Port Status Up Stream PBO Length PSD MASK
ADM/OPR PBO (10 Custom) Level
---------------------
| u0 | u 1 | u 2 | u3 |
-----------------------------------------------------------
1 Up/Up disable | 2 | 2 | 2 | 2 | 11
2 Up/Up disable | 2 | 2 | 2 | 2 | 11
3 Up/Down disable | 2 | 2 | 2 | 2 | 11
4 Up/Down Enable | 2 | 2 | 2 | 2 | 11
5 Up/Down Enable | 2 | 2 | 2 | 2 | 11
SWITCH(bridge)#
!
If you control power according to VDSL line, it is applied to all ports.
You cannot configure power consumption supplied to VDSL line with power control ac­cording to the distance of line enabled. In this case, the standard to decide power con­sumption is the distance.
To configure power consumption supplied to VDSL line, use the following command.
Command Mode Description
lre PORTS pbo-length {123
45678910}
Bridge
Configures power consumption supplied to VDSL line
according to the distance.
i
The default is “2”.
80 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
To configure the power back-off length of each upstream band, use the following com­mand.
Command Mode Description
lre PORTS band-pbo-length u0
LENGTH [u1 LENGTH]
lre PORTS band-pbo-length u0
LENGTH u1 LENGTH [u2
LENGTH]
lre PORTS band-pbo-length u0
LENGTH u1 LENGTH u2
LENGTH [u3 LENGTH]
Bridge
Configures the power back-off length per upstream
band.
LENGTH: distance from 100m to 900m (1-10)
u1-u4: U1-U4 band configuration
The following table shows distance of 1 ~ 9 in the above command. Each variable means as the below.
No Distance (Unit : m) No Distance (Unit : m)
1 100 6 600
2 200 7 700
3 300 8 800
4 400 9 900
5 500 10 User Definition
Tab. 5. 4 Value of PBO-Length
!
You should control supplied power of VDSL port according to distance of VDSL line.
The following is an example of configuring power consumption as 400m.
SWITCH(bridge)# lre 1-5 pbo-length 4
SWITCH(bridge)# show lre psd 1-7
-----------------------------------------------------------
Port Status Up Stream PBO Length PSD MASK
ADM/OPR PBO (10 Custom) Level
---------------------
| u0 | u 1 | u 2 | u3 |
-----------------------------------------------------------
1 Up/Down Enable | 4 | 4 | 4 | 4 | 1
2 Up/Down Enable | 4 | 4 | 4 | 4 | 1
3 Up/Down Enable | 4 | 4 | 4 | 4 | 1
4 Up/Down Enable | 4 | 4 | 4 | 4 | 1
5 Up/Down Enable | 4 | 4 | 4 | 4 | 1
6 Up/Down Enable | 2 | 2 | 2 | 2 | 1
7 Up/Down Enable | 2 | 2 | 2 | 2 | 1
SWITCH(bridge)#
SMC7824M/VSW 81
CLI Management Guide
TigerAccess™ EE
The following is an example of configuring the power consumption per upstream band of port 1 as 100m to 400m.
SWITCH(bridge)# lre 1 band-pbo-length u0 1 u1 2 u2 3 u3 4
SWITCH(bridge)# show lre psd 1-7
-----------------------------------------------------------
Port Status Up Stream PBO Length PSD MASK
ADM/OPR PBO (10 Custom) Level
---------------------
| u0 | u 1 | u 2 | u3 |
-----------------------------------------------------------
1 Up/Down Enable | 1 | 2 | 3 | 4 | 1
2 Up/Down Enable | 4 | 4 | 4 | 4 | 1
3 Up/Down Enable | 4 | 4 | 4 | 4 | 1
4 Up/Down Enable | 4 | 4 | 4 | 4 | 1
5 Up/Down Enable | 4 | 4 | 4 | 4 | 1
6 Up/Down Enable | 2 | 2 | 2 | 2 | 1
7 Up/Down Enable | 2 | 2 | 2 | 2 | 1
SWITCH(bridge)#
However, even though inner value of PBO-Length is already configured and user config­ured the most appropriate PBO-Length, inner value could be unfit according to detailed environment To improve this point, in switch it is possible that user configure the attribute of PBO-Length. The attribute of PBO-Length is appointed as PBO-Config, user’s default PBO-Config is appointed as PBO-Length “10”.
To configure PBO-config, use the following command.
Command Mode Description
lre pbo-config K1[1] K1[2] K1[3] K2[1]
K2[2] K2[3]
Bridge Sets the attribute of PBO-Length.
The first value of Upstream in k1 and k2 comes under option band, the second value comes under Upstream used for 3Band, and the third value comes under the second Up­stream used for 4band.
To display PBO-Config, use the following command.
Command Mode Description
Enable
show lre pbo-config
Global
Bridge
Shows the attribute of PBO-Length.
82 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
5.3.2.5 PSD Level
Power Spectral Density (PSD) Level is configured according to the standard but PSD­Level can be configured as the frequency by the administrator. To configure PSD-Level, use the following command.
Command Mode Description
lre PORTS psd-level { 01 | 2 | 3
| 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 |
13 | 14 | 15} {PSD | default | off}
Bridge
Band Frequency (kHz) Band Frequency (kHz)
0 27 ~ 138 up/down 8 4,508 ~ 5,200 up/down
1 143 ~ 256 down 9 5,208 ~ 7,000 up/down
2 261 ~ 640 down 10 7,008 ~ 8,500 up/down
3 648 ~ 1,100 down 11 8,508 ~ 12,000 up/down
4 1,108 ~ 2,000 down 12 12,008 ~ 16,700 up/down
5 2,008 ~ 3,000 down 13 16,708 ~ 17,600 up/down
6 3,008 ~ 3,750 down 14 17,608 ~ 18,100 up/down
7 3,758 ~ 4,500 up/down 15 18,108 ~ 30,000 up/down
Configures PSD value and frequency vlaue in VDSL
line.
PSD: -80dBm ~ -40dBm
Tab. 5. 5 The frequency of PSD Level per band
To display PSD level, use the following command.
Command Mode Description
Enable
show lre psd-level [PORTS]
Global
Bridge
Shows PSD level in VDSL line.
The following is an example of configuring PSD levle.
SWITCH(bridge)# lre 1 psd-level 10 -60
SWITCH(bridge)# show lre psd-level 1
-------------------------------------
PORT 1
BAND Frequency (kHz) PSD (dBm)
-------------------------------------
0 27 - 138 default
1 143 - 256 default
2 261 - 640 default
3 648 - 1100 default
4 1108 - 2000 default
5 2008 - 3000 default
6 3008 - 3750 default
7 3758 - 4500 default
8 4508 - 5200 default
9 5208 - 7000 default
10 7008 - 8500 -60.0
SMC7824M/VSW 83
CLI Management Guide
TigerAccess™ EE
11 8508 - 12000 default
12 12008 - 16700 default
13 16708 - 17600 default
14 17608 - 18100 default
15 18108 - 30000 default
SWITCH(bridge)#
5.3.2.6 PSD Mask Level
To configure PSD-Level, use the following command.
Command Mode Description
lre PORTS psd-mask-level { 01 | 2 | 3 | 4 | 5 | 6
| 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 }
Bridge
Configures PSD Mask Level in VDSL
line.
i
PSD Level is basically configured as Default.
Level Value Level Value
0 old gains 8 ETSI M1_EX
1 ANSI M1_CAB 9 ETSI M2_EX
2 ANSI M2_CAB 10 Reserved
3 ETSI M1_CAB 11 PSD K
4 ETSI M2_CAB 12 PSD CHINA
5 ANNEX F 13 ETSI M1_EX P1
6 ANSI M1_EX 14 ETSI M2_EX P1
7 ANSI M2_EX
Tab. 5. 6 The Value of PSD Mask Level
If you configure PSD MASK Level of VDSL line, it is applied to all ports.
!
5.3.2.7 Interleave
There is Interleave process to correct data error before modulation digital signal into ana­log signal. Interleave gathers certain size of data, re-organize the gathered data, and transmit the data divided by certain size. In the below image, you can see disperse errors by re-organizing gathered data through Interleave.
By the way, Interleave prevents error by enhanced correction but may slow down transmit rate because packets are gathered. Therefore you need to consider user’s condition to configure mode. On the other hand, if you skip Interleave process, error correction will not be done well, whereas transmit rate of data becomes faster. You can skip Interleave process and configure it before transmitting data.
To skip Interleave process, use the following command.
Command Mode Description
lre PORTS channel fast Bridge Skips Interleave process
84 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
To enable Interleave process, use the following command.
Command Mode Description
lre PORTS channel slow Bridge Enables Interleave process.
i
The following is an example of displaying Interleave.
The default is Interleave enabled as “slow”.
SWITCH(bridge)# show lre interleave 1-5
------------------------------------------
Port Status Channel Inter-Delay
ADM/OPR UP/DOWN
------------------------------------------
1 Up/Down Slow 2/ 2
2 Up/Down Slow 2/ 2
3 Up/Down Slow 2/ 2
4 Up/Down Slow 2/ 2
5 Up/Down Slow 2/ 2
SWITCH(bridge)#
In addition, you can configure the interval of Interleave process during modulation. This interval is called Interleave-delay. By configuring Interleave-delay, you can prevent trans­mission delay caused of waiting data gathered.
To configure Interleave-delay, use the following command.
Command Mode Description
lre PORTS interleave-delay
<1-100>
lre PORTS interleave-delay
<1-100> {updown}
Bridge
Configures Interleave-delay
PORTS: VDSL port number
1-100: interleave delay value (default:2 ms)
Configures Interleave-delay with specifying Upstream
or Downstream.
i
The unit of Interleave-delay is “” and the default is “2ms”.
In switch, all VDSL ports are contained in one Line-config-profile. For the ports contained
!
as the member port of Line-config-profile, it is not possible to change Interleave-delay or SNR margin.
To change it independently, erase the member of Line-config-profile first refer to
5.3.4.1 Line config profile. If you try to configure interleave-delay of the port which is contained as
Line-config-profile member, the error message will be displayed.
SMC7824M/VSW 85
CLI Management Guide
TigerAccess™ EE
To display configured interleave delay, use the following command
Command Mode Description
Enable
show lre interleave [PORTS]
Global
Bridge
Shows the configuration of interleave delay.
The following is an example of configuring Interleave-delay of port 50 as 50ms.
SWITCH(bridge)# lre 5 interleave-delay 50
SWITCH(bridge)# show lre interleave 1-5
------------------------------------------
Port Status Channel Inter-Delay
ADM/OPR UP/DOWN
------------------------------------------
1 Up/Down Slow 2/ 2
2 Up/Down Slow 2/ 2
3 Up/Down Slow 2/ 2
4 Up/Down Slow 2/ 2
5 Up/Down Slow 50/ 50
SWITCH(bridge)#
5.3.2.8 Impulse Noise Protection
Use the following command to configure minimum protection value of port provision.
Command Mode Description
lre PORTS inp <0-255>
lre PORTS inp <0-255> { up |
down }
The unit of value is 125 usec and configured “0” as default
i
To display a configured INP, use the following command
Command Mode Description
show lre inp [PORTS]
Bridge
Enable
Global
Bridge
Configures INP
0-255: INP value (default:0)
Configures INP with specifying Upstream or Down-
stream.
Shows the configured INP in VDSL line.
5.3.2.9 Trellis Coded Modulation (TCM)
The trellis coded modulation (TCM) is a modulation scheme which allows highly efficient transmission of information over band-limited channels such as telephone lines.
86 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
To enable/disable TCM of VDSL line port, use the following command. .
Command Mode Description
lre PORTS tcm {enable | disable} Bridge Configures TCM (default: enable)
To display configured TCM, use the following command.
Command Mode Description
show lre tcm [PORTS] Enable/Global/Bridge Shows the configured TCM.
5.3.2.10 Ham-band
The bandwidth that VDSL port of switch includes Ham band. It causes interruption in VDSL line. To prevent this interruption, you can configure not to use Ham band in band­width.
To disable specified Ham band for a port, use the following command.
Command Mode Description
lre PORTS ham-band {band1band2band3 band4band5band6band7band8 band9band10band11band12band13 band14band15band16band17band18
band19band20band21}
Bridge Disables specified Ham band.
If you configure Ham band at VDSL port, it is applied to all ports.
!
To enable Ham band of a port, use the following command.
Command Mode Description
no lre PORTS ham-band {all |
BAND NO}
Bridge Enables disabled Ham-band.
To confirm disabled Ham band, use the following command
Command Mode Description
show lre ham-band [PORTS] Enable/Global/Bridge Shows disabled Ham-band.
You can configure plural Ham bands, up to thirteen bands. For example, if you input
!
band1, band2, band3 in order, then three Ham bands.
SMC7824M/VSW 87
CLI Management Guide
TigerAccess™ EE
The following table shows bandwidth of Ham band frequency.
Ham band Bandwidth of Frequency(Unit:MHz) Standard
band1 1.800 ~ 1.810 RFI Notch
band2 1.800 ~ 1.825 KOREA HAM-BAND
band3 1.810 ~ 1.825 ANNEX F
band4 1.810 ~ 2.000 ETSI, T1E1
band5 1.9075 ~ 1.9125 ANNEX F
band6 3.500 ~ 3.550 KOREA HAM-BAND
band7 3.500 ~ 3.575 ANNEX F
band8 3.500 ~ 3.800 ETSI
band9 3.500 ~ 4.000 T1E1
band10 3.747 ~ 3.754 ANNEX F
band11 3.790 ~ 3.800 KOREA HAM-BAND
band12 3.791 ~ 3.805 ANNEX F
band13 7.000 ~ 7.100 KOREA HAM-BAND ANNEX F, ETSI
band14 7.000 ~ 7.300 T1E1
band15 10.100 ~ 10.150 KOREA HAM-BAND, ANNEX F, ETSI, T1E1
band16 14.000 ~ 14.350 ANNEX F, ETSI, T1E1
band17 18.068 ~ 18.168 ANNEX F, ETSI, T1E1
band18 21.000 ~ 21.450 ANNEX F, ETSI, T1E1
band19 24.890 ~ 24.990 ANNEX F, ETSI, T1E1
band20 28.000 ~ 29.100 ETSI
band21 28.000 ~ 29.700 ANNEX F, ETSI, T1E1
Tab. 5. 7 Bandwidth of Ham band Frequency
The following is an example of disabling Ham band 1 and Ham band 3 of VDSL port 1 and 2.
SWITCH(bridge)# lre 1-2 ham-band band1 band3
SWITCH(bridge)# show lre ham-band 1-4
------------------------------------------------------------------------------
Port Status HAM Band
ADM/OPR 1| 2| 3| 4| 5| 6| 7| 8| 9|10|11|12|13|14|15|16|17|18|19|20|21
------------------------------------------------------------------------------
1 Up/Down 1| | 3| | | | | | | | | | | | | | | | | |
2 Up/Down 1| | 3| | | | | | | | | | | | | | | | | |
3 Up/Down | | | | | | | | | | | | | | | | | | | |
4 Up/Down | | | | | | | | | | | | | | | | | | | |
SWITCH(bridge)#
5.3.2.11 SNR Margin
In digital and analog communication, SNR(Signal to Noise Ratio) ratio of signal divided by noise. When the signal strength is referred as Vs and the noise strength is referred as Vn, the formula can be 「SNR(㏈) = 20 log10(Vs/Vn).When the signal strength is same
88 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
with or less than the noise strength, stable communication cannot be done. Therefore, SNT must not be minus or “0”. And, if there is this situation, you have to increase signal strength or decrease noise strength.
Transmit rate of VDSL line depends of SNR. But, environment of line cannot be always same. So you need to configure transmit rate of VDSL line can be decided according to changing line environment. If noise is suddenly increased, SNR is decreased and com­munication becomes unstable.
Therefore you should configure transmit rate for decreased SNR when noise is suddenly increased. Then there will not be problem with communication although noise is suddenly increased.
Fig. 5.3 Deciding Transmit Rate according to SNR Margin
When you configure estimate SNR, the difference between estimate SNR and current SNR is callSNR Margin. The switch applies the SNR margin to transmit rate In other word, if you configure SNR margin as “6”, the difference that subtracts 6 from current SNR will be applied to transmit rate as the above picture
In you think there will be big change of noise, configure big SNR margin. However, if you configure too big SNR margin, transmit rate will be slow down, whereas communication is stable.
To configure SNR margin, use the following command.
Command Mode Description
lre PORTS snr-target-margin <0-
31> [up | down]
lre PORTS snr-min-margin <0-
31> [up | down]
Bridge
Configures SNR margin of Downstream or Upstream.
0-31: SNR margin value (default:6 dB)
Configures minimum SNR margin
0-31: minimum SNR margin value (default: 5 dB)
SMC7824M/VSW 89
CLI Management Guide
TigerAccess™ EE
To display SNR margin, use the following command.
Command Mode Description
show lre snr [PORTS] Enable/Global/Bridge Shows the configuration of SNR margin.
The following is an example of configuring SNR margin of port 3 as “10㏈”.
SWITCH(bridge)# lre 3 snr-target-margin 10 down
SWITCH(bridge)# show lre snr 1-5
-----------------------------------------------------
Port Status Config SNR Target SNR Minimum
ADM/OPR Margin Margin
UP/DOWN UP/DOWN
-----------------------------------------------------
1 Up/Down 6/ 6 5/ 5
2 Up/Down 6/ 6 5/ 5
3 Up/Down 6/ 10 5/ 5
4 Up/Down 6/ 6 5/ 5
5 Up/Down 6/ 6 5/ 5
SWITCH(bridge)#
5.3.2.12 Bitloading Per Tone
The bitloading per tone command is used to fetch the table that shows bit loading, SNR, attenuation, FEQ fine coeff, noise margin, and so on.
To display the table of each parameter in the range of tone, use the following command.
Command Mode Description
show lre pertoneinfo PORT {rx-bit-netx-bit-ne
| snr-ne | noise-margin-ne | atten-ne | feq-ne |
tx-pwr-ne | tx-gi-ne | qln-ne | coarse-feq-ne }
<0-4095> <0-4095> [graph <1-4095>]
To display the table of each parameter in the range of tone, use the following command.
Command Mode Description
show lre pertoneinfo PORT
{ block | hlog-ne | hlin-ne | hlin-
scale-ne <0-511> <0-511>
Enable
Global
Bridge
Enable
Global
Bridge
Shows the table of each parameter (bitloading, SNR,
FEQ fine coeff, noie-margin and so on) in the range of
tone.
0-511: start/ stop tone index
Shows the table of each parameter (bit-
loading, SNR, FEQ fine coeff, noie-
margin and so on) in the range of tone.
0-4095: start/ stop tone index
90 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
The following table lists the sub-commands in the Bitloading per tone command.
Sub-command Description
tx-bit-ne Get Tx Per Tone BitLoading Info Near End
snr-ne Get Rx Per Tone SNR Info Near End
noise-margin-ne Get Rx Per Tone Noise Margin Near End
feq-ne Get Rx Per Tone Current FEQ ine Coeffs Near End
tx-pwr-ne Get Tx Per Tone Tx Power Near End
tx-gi-ne Get Tx Per Tone Gi Near End
qln-ne Get Rx Per Tone Quiet Line Noise Near End
coarse-feq-ne Rx Per Tone Coarse FEQ Near End
block Get Param Block Read Far End (valid for ADSL2/2+/VDSL2 only)
hlog-ne Get Per Tone HLOG Info Near End (valid for ADSL2/2+ only)
hlin-ne Get Per Tone HLIN Info Near End
hlin-scale-ne Get Per Tone HLIN Scale Near End
Tab. 5. 8 Sub-commands in Bitloading Per Tone
5.3.2.13 G.handshake Tone
To configure G.handshake tone of each port, use the following command.
Command Mode Description
lre PORTS ghs a43 [i43] [v43]
lre PORTS ghs b43 [i43] [v43]
lre PORTS ghs none
Bridge
You can not configure A43 G.hs carrier with B43 at the same time.
i
To display the G.hs Carrier configuration of each port, use the following command.
Command Mode Description
Enable
show lre ghs [PORTS]
Global
Bridge

5.3.3 VDSL Checking Errors of VDSL Port

In switch it is possible to check times of error from VDSL port every time interval. More­over, it is possible to check the error duration time.
Configures G.hs tone carrier of each port
a43, b43, i43, v43: A43, B43, I43, V43 Carrier Set
none: None G.hs Carrier mode
Shows G.hs carrier configuration of each port.
Checking Times of Errors
You can check how many times CRC errors, Frame loss and Signal loss are happened. Error is counted every 15 minutes after booting. After the time is over, the number is reset to “0” and error is counted again. In addition, error is counted by each day. It is also reset to “0” after the day. Consequently, you can check times of error (Curr.15m) at present
SMC7824M/VSW 91
CLI Management Guide
TigerAccess™ EE
time from beginning of the 15 minutes and time of error (Prev. 15m) of previous 15 min­utes. Also, you can check times of error (Today) at present time from starting Today, times of error (Yesterday) of yesterday, and total times of error from booting. The following im­age shows standard of error counting provided in switch.
Fig. 5.4 Counting Times of Error
To display the number of errors in VDSL port, use the following command.
Command Mode Description
show lre stat-correctable-crc PORTS
show lre stat-lof PORTS Shows the numbers of Frame loss.
show lre stat-los PORTS Shows the numbers of Signal loss.
show lre stat-lol PORTS Shows the numbers of Link loss.
show lre stat-lpr PORTS Shows the numbers of CPE's Power loss
show lre stat-crc PORTS Shows the numbers of CRC errors
show lre stat-uncorrectable-crc PORTS
Enable
Global
Bridge
Shows the numbers of CRC errors that
can be correctable.
Shows the numbers of CRC errors that
can be uncorrectable.
To reset data of CRC error, Frame loss and Signal loss, use the following command.
Command Mode Description
clear lre stat-correctable-crc PORTS
clear lre stat-lof PORTS
clear lre stat-los PORTS
clear lre stat-lol PORTS
clear lre stat-lpr PORTS
clear lre stat-crc PORTS
clear lre stat-uncorrectable-crc PORTS
Enable
Global
Bridge
Resets data of error.
92 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
To check CRC error, Frame losses, and Signal loss of specific port at a time, use the fol­lowing command
Command Mode Description
show lre stat-count-all PORTS
show cpe stat-count-all [PORTS]
show lre total-error [PORTS] Shows the collected data of all errors.
clear stat-error [PORTS] Reset error information about Upstream
clear cpe stat-error [PORTS]
Enable
Global
Bridge
Shows data of CRC error, Frame loss, and Signal loss
at a time about Upstream
Shows data of CRC error, Frame loss, and Signal loss
at a time about Downstream
Reset error information about Downstream
The following is an example of checking all errors of port 1 to port 5 at a time.
SWITCH(bridge)# show lre stat-count-all 1-5
------------------------------------------------------------------------------
Port Status LOS LOF LOL CorrBlk UnCorrBlk CRC
------------------------------------------------------------------------------
1 Down 0 0 0 0 0 0
2 Down 0 0 0 0 0 0
3 Down 0 0 0 0 0 0
4 Down 0 0 0 0 0 0
5 Down 0 0 0 0 0 0
SWITCH(bridge)#
You can check how many times each port is disconnected and how long it is discon­nected. As the same way with counting times of CRC error and Frame loss of VDSL port, it is counted every 15 minutes and each day.
To check how long have the errors in downstream of VDSL line been lasted, use the fol­lowing command.
Command Mode Description
show lre stat-crc-sec [PORTS] Shows how long CRC error has been happening.
show lre stat-es-sec [PORTS]
show lre stat-lof-sec [PORTS] Shows how long Frame loss has been happened.
show lre stat-lol-sec [PORTS] Shows how long Link has been disconnected.
show lre stat-los-sec [PORTS] Shows how long Signal loss has been happening.
show lre stat-lpr-sec [PORTS]
show lre stat-ses-sec [PORTS] Shows how long server error has been happening.
show lre stat-uas-sec [PORTS] Shows how long UAS has been happening.
show lre stat-service-error
[PORTS]
Enable
Global
Bridge
Shows how long CRC, LOF. and LOS. error has been
happening.
Shows how long RX power of port has being lower than
specific voltage.
Shows how long Link has been disconnected because
of CPE turned off by user.
SMC7824M/VSW 93
CLI Management Guide
TigerAccess™ EE
To display all errors that are counted during 15 minutes or one day, use the following command
Command Mode Description
show lre pre-15m-error [PORTS] Shows the error status in previous 15 minutes.
show lre cur-15m-error [PORTS] Shows the error status in current 15 minutes.
show lre pre-day-error [PORTS] Shows the error status in previous day.
show lre cur-day-error [PORTS]
Enable
Global
Bridge
Shows the error status in current day
To reset data of CRC error, Frame loss and Signal loss, use the following command.
Command Mode Description
clear lre stat-crc-sec PORTS
clear lre stat-es-sec PORTS
clear lre stat-ses-sec PORTS
clear lre stat-lof-sec PORTS
clear lre stat-los-sec PORTS
clear lre stat-lol-sec PORTS
clear lre stat-lpr-sec PORTS
clear lre stat-uncorrectable-crc
PORTS
Enable
Global
Bridge
Resets the data of error count.
SES(Severely Errored Seconds) means how long server error has been happening, and UAS(Unavailable Seconds) means error, which SES is more than 10 seconds.
In addition, you can check how many minutes is passed after beginning 15 minutes (15 Min Elapse) or day (Day Elapse) based on the present time of checking how many times each port is disconnected and how long it is disconnected.
94 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE

5.3.4 Config-Profile

You can make a policy configured in service port a Profile to apply to port. There are two kinds of profiles; one applied to VDSL line and the other one configured for Alarm of SNMP trap in case error is happened. This chapter describes the following lists.
Line config profile
Alarm config profile
5.3.4.1 Line config profile
Line config profile is a policy, which configures transmit rate of VDSL line, SNR margin, and Interleave-delay.
This is very useful when ISPs apply graded services. They do not have to configure all ports according to client’s grade, but just apply profile to ports.
!
In switch, all VDSL ports are contained in one Line-config-profile. For the ports contained as the member port of Line-config-profile, it is not possible to change Interleave-delay or SNR margin. To change it, you should delete the member of Line-config-profile first.
If you try to configure interleave-delay of the port which is included as Line-config-profile member, the error message will be displayed.
SWITCH(bridge)# lre 5 interleave-delay 50
%VDSL Port 5 is line-config-profile DEFVAL member!
SWITCH(bridge)#
To configure Line config profile in detail, you need to open Line-config Profile mode. Use the following command.
Command Mode Description
line-config-profile NAME Bridge
Opens line-config profile configuration mode.
NAME: Line config profile name
The following is an example of entering into Line-config Profile mode to configure line config profile named as TEST.
SWITCH# config terminal
SWITCH(config)# bridge
SWITCH(bridge)# line-config-profile TEST
SWITCH(bridge-line-config-profile[TEST])#
Meanwhile, use the following command to exit from Line-config Profile mode
Command Mode Description
exit Line-config Exits from line config profile configuration mode.
SMC7824M/VSW 95
CLI Management Guide
TigerAccess™ EE
To configure the detail of Profile, Use the following command.
Command Mode Description
down-max-inter-delay <1-100>
down-slow-max-datarate <0-
100000>
down-slow-min-datarate <0-
100000>
down-target-snr-mgn <0-124>
down-snr-min-mgn <0-124>
up-max-inter-delay <1-100> Configures Interleave-delay of Upstream.
up-slow-max-datarate <0-
100000>
up-slow-min-datarate <0-
100000>
up-target-snr-mgn <0-124>
up-snr-min-mgn <0-124>
Line-config
Configures Interleave-delay of Downstream. The unit is
msec.
Configures transmit rate of Maximum Downstream. The
unit is kbps. (1000=1Mbps)
Configures transmit rate of Minimum Downstream. The
unit is kbps. (1000=1Mbps)
Configures SNR margin of Downstream. The unit is
0.25dBm. (4=1dBm)
Configures minimum SNR margin of Downstream. The
unit is 0.25dBm. (4=1dBm)
Configures transmit rate of Maximum Upstream. The
unit is kbps. (1000=1Mbps)
Configures transmit rate of Minimum Upstream. The
unit is kbps. (1000=1Mbps)
Configures SNR margin of Upstream. The unit is
0.25dBm. (4=1dBm)
Configures minimum SNR margin of Upstream. The
unit is 0.25dBm. (4=1dBm)
i
setting. The default of SNR margin is “24(6dBm)” in case of Downstream, and “32(8dBm)” in case of Upstream.
The default of Interleave-delay is “2”, and speed of service is not configured by default
i
Transmit rate should be configured using the unit of Mbps. Therefore, you can input in terms of 10000 in actual configuration.
The following is an example of configuring Interleave of profile named TEST as 20ms and transmit rate as 8M in case of Upstream and 10M in case of Downstream, and SNT mar­gin as 10dBm.
SWITCH(bridge-line-config-profile[TEST])# down-max-inter-delay 20
SWITCH(bridge-line-config-profile[TEST])# up-max-inter-delay 20
SWITCH(bridge-line-config-profile[TEST])# down-slow-max-datarate 8000
SWITCH(bridge-line-config-profile[TEST])# up-slow-max-datarate 10000
SWITCH(bridge-line-config-profile[TEST])# down-target-snr-mgn 40
SWITCH(bridge-line-config-profile[TEST])# up-target-snr-mgn 40
SWITCH(bridge-line-config-profile[TEST])#
SNR margin should be configured with the form of NdBm(N=integer). Therefore you have
i
to input multiple numbers of 4 to form NdBm.
96 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
To display the configuration, use the following command.
Command Mode Description
show lre line-config-profile
[PORTS]
Enable/Global/Bridge
Shows the configuration of all line config
profiles.
To enable configuration of this line-config profile, use the following command.
Command Mode Description
active Enables the profile.
no active
Line-config
Disables this profile
Unless you enable configured profiles, they will not be applied although you apply them to
!
ports.
After you configure and enable profile, if you change the configuration, then it will be
i
automatically disabled. Therefore you have to enable it with “active” whenever you change configurations.
The following is an example of saving Profile after going back to Global configuration mode or Enable mode.
SWITCH(config)# write memory
Building configuration...
[OK]
SWITCH(config)#
Besides, when switch has been stacking, Line config profile configured in Master will be automatically configured in Slave. Although it is configured before stacking, Master’s con­figuration will be configured in Slave by finding any difference. However, you have to save the configuration of Slave with using “write memory”. Unless you do it, the configuration will be deleted and the above procedure will be repeated.
!
With enabled stacking, config profile of Master will be configured in Slave.
Apply Profile to port. Use the following command.
Command Mode Description
line-config-profile NAME add
PORTS
Bridge
Applies Profile to specified port.
NAME: line-config profile name
The following is an example of applying profile named TEST to port 1.
SWITCH(bridge)# line-config-profile TEST add 1
SWITCH(bridge)#
SMC7824M/VSW 97
CLI Management Guide
TigerAccess™ EE
To disable the application of profile in specified port, use the following command.
Command Mode Description
line-config-profile NAME del
PORTS
Bridge Disables profile in specified port.
To delete configured profile, use the following command.
Command Mode Description
no line-config-profile NAME Bridge Deletes Profile.
5.3.4.2 Alarm config profile
Alarm config profile is a configured policy, which Alarm service is provided to clients with using SNMP trap in case of system error. It is convenient way because it is possible to configure standard of error checking, which varies according to service type, in each port. Alarm config profile consists of Threshold of error, which clients configure. Same as stan­dard in and SNMP trap is sent when it meets configured threshold.
5.3.3 VDSL Checking Errors of VDSL Port each error is checked every 15 minutes,
To configure an alarm-config profile, perform the following steps.
Step 1
To configure alarm-config profile, you need to enter into Alarm–config Profile mode. Use the following command
Command Mode Description
alarm-config-profile NAME Bridge
Opens alarm config profile mode
NAME: alarm-config profile name
The following is an example of entering into Alarm-config Profile mode to configure alarm config profile named TEST
SWITCH# config terminal
SWITCH(config)# bridge
SWITCH(bridge)# alarm-config-profile TEST
SWITCH(bridge-alarm-config-profile[TEST])#
Meanwhile, use “exit” to exit from Alarm-config Profile mode.
Step 2
Configures detail of Profile. Use the following command.
Command Mode Description
thresh-15min-ess <0-900>
thresh-15min-lofs <0-900>
thresh-15min-lols <0-900>
Alarm-
Config
Configures duration of CRC, LOF, and LOS. The unit is
second.
Configures threshold of duration of LOF. The unit is
second.
Configures threshold of duration of LOL. The unit is
second.
98 SMC7824M/VSW
Management Guide CLI TigerAccess™ EE
Command Mode Description
thresh-15min-loss <0-900>
thresh-15min-sess <0-900>
thresh-15min-uass <0-900>
Alarm-
Config
Configures threshold of duration of LOS. The unit is
second.
Configures threshold of duration of SES. The unit is
second.
Configures threshold of duration of UAS. The unit is
second.
i
If the threshold is configured as “0”, it means no limit. and the default of threshold is no limit.
The following is an example of configuring threshold of profile named TEST as 5 minutes (300 seconds).
SWITCH(bridge-alarm-config-profile[TEST])# thresh-15min-ess 300
SWITCH(bridge-alarm-config-profile[TEST])# thresh-15min-lofs 300
SWITCH(bridge-alarm-config-profile[TEST])# thresh-15min-lols 300
SWITCH(bridge-alarm-config-profile[TEST])# thresh-15min-loss 300
SWITCH(bridge-alarm-config-profile[TEST])# thresh-15min-sess 300
SWITCH(bridge-alarm-config-profile[TEST])# thresh-15min-uass 300
SWITCH(bridge-alarm-config-profile[TEST])#
To confirm the configuration, use the following command.
Command Mode Description
show lre alarm-config-profile
[PORTS]
Enable/Global/Bridge
Shows the configuration of alarm-config
profiles
The following is an example of confirming the above configuration.
SWITCH(bridge-alarm-config-profile[TEST])# show running-config
(omitted)
alarm-config-profile TEST
thresh-15min-lofs 300
thresh-15min-loss 300
thresh-15min-lols 300
thresh-15min-ess 300
(omitted)
SWITCH(bridge-alarm-config-profile[TEST])##
Step 3
Enables configurations. Unless you do it, they will not be applied to ports. To enable or disable configuration of Profile, use the following command.
Command Mode Description
active Enables this profile.
no active
Alarm-
config
Disables this profile
SMC7824M/VSW 99
Loading...
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use