show cluster ndp..................................................................................................................199
show cluster ntdp.................................................................................................................199
show cluster neighbour........................................................................................................200
show cluster manage role....................................................................................................200
XI
Preface
This Guide is intended for network administrator to provide referenced information about CLI
(Command Line Interface). The switch or TL-SG3210/TL-SG3216/TL-SG3424 mentioned in this
Guide stands for TL-SG3210/TL-SG3216/TL-SG3424 JetStream L2 Managed Switch without any
explanation.
The three devices of TL-SG3210, TL-SG3216 and TL-SG3424 are sharing this Guide. For
simplicity, we will take TL-SG3424 for example throughout this Guide. TL-SG3210, TL-SG3216
and TL-SG3424 just differ in the number of LED indicators and ports and all figures in this guide
are of TL-SG3424.
Overview of this Guide
Chapter 1: Using the CLI
Provide information about how to use the CLI, CLI Command Modes, Security Levels and some
Conventions.
Chapter 2: User Interface
Provide information about the commands used to switch between five CLI Command Modes.
Chapter 3:IEEE 802.1Q VLAN Commands
Provide information about the commands used for configuring IEEE 802.1Q VLAN.
Chapter 4: MAC-Based VLAN Commands
Provide information about the commands used for configuring MAC-Based VLAN.
Chapter 5: Protocol-Based VLAN Commands
Provide information about the commands used for configuring Protocol-Based VLAN.
Chapter 6: Voice VLAN Commands
Provide information about the commands used for configuring Voice VLAN.
Chapter 7: GVRP Commands
Provide information about the commands used for configuring GVRP (GARP VLAN registration
protocol).
Chapter 8: Etherchannel Commands
Provide information about the commands used for configuring LAG (Link Aggregation Group) and
LACP (Link Aggregation Control Protocol).
Chapter 9: User Manage Commands
Provide information about the commands used for user management.
Chapter 10: Binding Table Commands
Provide information about the commands used for binding the IP address, MAC address, VLAN
and the connected Port number of the Host together. Besides it also provide information about the
1
commands used for monitoring the process of the Host obtaining the IP address from DHCP
server, and record the IP address, MAC address, VLAN and the connected Port number of the
Host for automatic binding.
Chapter 11: ARP Inspection Commands
Provide information about the commands used for protecting the switch from the ARP cheating or
ARP Attack.
Chapter 12: DoS Defend Command
Provide information about the commands used for DoS defend and detecting the DoS attack.
Chapter 13: IEEE 802.1X Commands
Provide information about the commands used for configuring IEEE 802.1X function.
Chapter 14: System Log Commands
Provide information about the commands used for configuring system log.
Chapter 15: SSH Commands
Provide information about the commands used for configuring and managing SSH (Security
Shell).
Chapter 16: SSL Commands
Provide information about the commands used for configuring and managing SSL (Secure
Sockets Layer).
Chapter 17: MAC Address Commands
Provide information about the commands used for Address configuration.
Chapter 18: System Configuration Commands
Provide information about the commands used for configuring the System information and System
IP, reboot and reset the switch, upgrade the switch system and commands used for device
diagnose, including loopback test and cable test.
Chapter 19: Ethernet Configuration Commands
Provide information about the commands used for configuring the Bandwidth Control, Negotiation
Mode, and Storm Control for Ethernet ports.
Chapter 20: QoS Commands
Provide information about the commands used for configuring the QoS function.
Chapter 21: Port Mirror Commands
Provide information about the commands used for configuring the Port Mirror function.
Chapter 22: Port Isolation Commands
Provide information about the commands used for configuring the Port Isolation function.
Chapter 23: Loopback Detection Commands
2
Provide information about the commands used for configuring the Loopback Detection function.
Chapter 24: ACL Commands
Provide information about the commands used for configuring the ACL (Access Control List).
Chapter 25: MSTP Commands
Provide information about the commands used for configuring the MSTP (Multiple Spanning Tree
Protocol).
Chapter 26: IGMP Commands
Provide information about the commands used for configuring the IGMP Snooping (Internet Group
Management Protocol Snooping).
Chapter 27: SNMP Commands
Provide information about the commands used for configuring the SNMP (Simple Network
Management Protocol) functions.
Chapter 28: Cluster Commands
Provide information about the commands used for configuring the Cluster Management function.
3
Chapter 1 Using the CLI
1.1 Accessing the CLI
You can log on to the switch and access the CLI by the following two methods:
1. Log on to the switch by the console port on the switch.
2. Log on to the switch remotely by a Telnet or SSH connection through an Ethernet port.
1.1.1 Logon by a console port
To log on to the switch by the console port on the switch, please take the following steps:
1. Connect the PCs or Terminals to the console port on the switch by a provided cable.
2. Click Start →
open the Hyper Terminal as the Figure 1-1 shown.
All Programs→Accessories→Communications→Hyper Terminal to
Figure 1-1 Open
3. The Connection Description Window will prompt as Figure 1-2 shown. Enter a name into
the Name field and click OK.
Hyper Terminal
4
Figure 1-2 Connection Description
4. Select the port to connect in Figure 1-3, and click OK.
Figure 1-3 Select the port to connect
5. Configure the port selected in the step above as the following Figure 1-4 shown.
Configure Bits per second as 38400, Data bits as 8, Parity as None, Stop bits as 1,
Flow control as None, and then click OK.
5
Figure 1-4 Port Settings
6. The DOS prompt” TL-SG3424>” will appear after pressing the Enter button as Figure 1-5
shown. It indicates that you can use the CLI now.
Figure 1-5 Log in the Switch
1.1.2 Logon by Telnet
To successfully create Telnet connection, firstly CLI commands about configuring Telnet login
mode, login authentication information and Privileged EXEC Mode password should be configured
through Console connection.
Telnet login has the following two modes, you can choose one according to your needs:
Login local Mode: It requires username and password, which are both admin by default.
Login Mode: It requires no username and password, but a connection password is required.
6
Note:
1. Before Telnet login, you are required to configure Telnet login mode and login
authentication information through Console connection. The relevant CLI commands
should be entered in the prompted DOS screen shown in Figure 1-5 Log in the Switch
.
2. You will enter to User EXEC Mode after Telnet connection is successfully created, but for
switch security concerns, you are required to set a password which functions to further
access to Privileged EXEC Mode when you configure the login mode.
¾Login Local Mode
Firstly, configure the Telnet login mode as “login local” and set the password for entering into the
Privileged EXEC Mode as 123 in the prompted DOS screen shown in Figure 1-6.
Figure 1-6 Configure login local mode
Now, you can logon by Telnet in login local mode.
1. Make sure the switch and the PC are in the same LAN. Click Start→Run to open the Run
window, and type cmd in the prompt Run window as Figure 1-7 and click OK.
Figure 1-7 Run Window
7
2. Open Telnet, then type telnet 192.168.0.1 in the command prompt shown as Figure 1-8, and
press the Enter button.
Figure 1-8 Connecting to the Switch
3. Type the default user name and password admin/admin, then press the Enter button so as to
enter User EXEC Mode.
Figure 1-9 Enter into the User EXEC Mode
Now you can manage your switch with CLI commands through Telnet connection.
4. Type enable command to enter Privileged EXEC Mode. A password that you have set
through Console port connection is required. Here the password is set as 123.
8
Figure 1-10 Enter into the Privileged EXEC Mode
¾Login Mode
Firstly configure the Telnet login mode as “login”, and both the connection password and the
Privileged EXEC Mode password as 123 in the prompted DOS screen shown in Figure 1-11.
Figure 1-11 Configure login mode
Now, you can logon by Telnet in login mode:
1. Open Telnet, then type telnet 192.168.0.1 in the command prompt shown as Figure 1-12, and
press the Enter button.
9
Figure 1-12 Connecting to the Switch
2. You are prompted to enter the connection password 123 you have set through Console port
connection, and then you are in User EXEC Mode.
Figure 1-13 Enter into the User EXEC Mode
3. When entering enable command to access Privileged EXEC Mode, you are required to give
the password 123 you have set through Console port connection.
Figure 1-14 Enter into the Privileged EXEC Mode
10
Now you can manage your switch with CLI commands through Telnet connection.
Note:
You can refer to Chapter 9 User Manage Commands for detailed commands information of the
Telnet connection configuration.
1.2 CLI Command Modes
The CLI is divided into different command modes: User EXEC Mode, Privileged EXEC Mode,
Global Configuration Mode, Interface Configuration Mode and VLAN Configuration Mode.
Interface Configuration Mode can also be divided into Interface gigabitEthernet, Interface
link-aggregation and some other modes, which is shown as the following diagram.
The following table gives detailed information about the Accessing path, Prompt of each mode and
how to exit the current mode and access the next mode.
Mode Accessing Path Prompt Logout or Access the next mode
Use the exit command to disconnect the
User EXEC
Mode
Privileged
EXEC Mode
Global
Configuration
Mode
Primary mode once it
is connected with the
switch.
Use the enable
command to enter this
mode from User EXEC
mode.
Use the configure
command to enter this
mode from Privileged
EXEC mode.
TL-SG3424>
TL-SG3424#
TL-SG3424(config)#
switch (except that the switch is
connected through the Console port).
Use the enable command to access
Privileged EXEC mode.
Use the exit command to disconnect the
switch (except that the switch is
connected through the Console port).
Enter the disable command to return to
User EXEC mode.
Enter configure command to access
Global Configuration mode.
Use the exit or the end command or
press Ctrl+Z to return to Privileged
EXEC mode.
Use the interface gigabitEthernet port
or interfacerange gigabitEthernet port-list command to access interface
Configuration mode.
Use the vlan vlan-list to access VLAN
Configuration mode.
Interface
Configuration
Mode
Use the interface gigabitEthernet port
or interfacerange
gigabitEthernet
port-list command to
enter this mode from
Global Configuration
mode.
TL-SG3424(config-if)
# or
TL-SG3424(config-if-
range)#
11
Use the end command or press Ctrl+Z
to return to Privileged EXEC mode.
Enter the exit or the # command to
return to Global Configuration mode.
A port number must be specified in the
interface command.
VLAN
Configuration
Mode
Use the vlan vlan-list
command to enter this
mode from Global
Configuration mode.
TL-SG3424(config-
vlan)#
Use the end command or press Ctrl+Z
to return to Privileged EXEC mode.
Enter the exit or the # command to
return to Global configuration mode.
Note:
1. The user is automatically in User EXEC Mode after the connection between the PC and
the switch is established by a console port or by a telnet connection.
2. Each command mode has its own set of specific commands. To configure some
commands, you should access the corresponding command mode firstly.
zGlobal Configuration Mode: In this mode, global commands are provided, such as
the Spanning Tree, Schedule Mode and so on.
zInterface Configuration Mode: In this mode, users can configure one or several
ports, different ports corresponds to different commands
a). Interface gigabitEthernet: Configure parameters for an Ethernet port, such as
Duplex-mode, flow control status.
b). Interface range gigabitEthernet: The commands contained are the same as that
of the Interface Ethernet. Configure parameters for several Ethernet ports.
c). Interface link-aggregation: Configure parameters for a link-aggregation, such as
broadcast storm.
d). Interface range link-aggregation: Configure parameters for multi-trunks.
e). Interface vlan: Configure parameters for the vlan-port.
zVlan Configuration Mode: In this mode, users can create a VLAN and add a
specified port to the VLAN.
3. Some commands are global, that means they can be performed in all modes:
zshow: Displays all information of switch, for example: statistic information, port
information, VLAN information.
zhistory: Displays the commands history.
1.3 Security Levels
This switch’s security is divided into two levels: User level and Admin level.
User level only allows users to do some simple operations in User EXEC Mode; Admin level
allows you to monitor, configure and manage the switch in Privileged EXEC Mode, Global
Configuration Mode, Interface Configuration Mode and VLAN Configuration Mode.
12
Users get the privilege to the User level once connecting console port with the switch or logging in
by Telnet. However, Guest users are restricted to access the CLI.
Users can enter Privileged EXEC mode from User EXEC mode by using the enable command. In
default case, no password is needed. In Global Configuration Mode, you can configure password
for Admin level by enable password command. Once password is configured, you are required to
enter it to access Privileged EXEC mode.
1.4 Conventions
1.4.1 Format Conventions
The following conventions are used in this Guide:
¾ Items in square brackets [ ] are optional
¾ Items in braces { } are required
¾ Alternative items are grouped in braces and separated by vertical bars. For example: speed
{10 | 100 | 1000 }
¾ Bold indicates an unalterable keyword. For example: show logging
¾ Normal Font indicates a constant (several options are enumerated and only one can be
selected). For example: switchport type { access | trunk | general }
¾Italic Font indicates a variable (an actual value must be assigned). For example: bridge
aging-time aging-time
1.4.2 Special Characters
You should pay attentions to the description below if the variable is a character string:
¾ These six characters ” < > , \ & can not be input.
¾ If a blank is contained in a character string, single or double quotation marks should be used,
for example ’hello world’, ”hello world”, and the words in the quotation marks will be identified
as a string. Otherwise, the words will be identified as several strings.
1.4.3 Parameter Format
Some parameters must be entered in special formats which are shown as follows:
¾ MAC Address must be entered in the format of xx:xx:xx:xx:xx:xx
¾ One or several values can be typed for a port-list or a vlan-list using comma to separate. Use
a hyphen to designate a range of values, for instance 1, 3-5,7 indicates choosing 1,3,4,5,7.
13
¾The port number should format as 1/0/3, meaning unit/slot/port. The unit number is always 1,
and slot number is always 0 and the port number is a variable (an actual value must be
assigned).
14
Chapter 2 User Interface
enable
Description
The enable command is used to access Privileged EXEC Mode from User
EXEC Mode.
Syntax
enable
Command Mode
User EXEC Mode
Example
If you have set the password to access Privileged EXEC Mode from User EXEC
Mode:
TL-SG3424> enable
Enter password:
TL-SG3424#
enable password
Description
The enable password command is used to set the password for users to
access Privileged EXEC Mode from User EXEC Mode. To return to the default
configuration, please use no enable password command.
Syntax
enable password password
no enable password
Parameter
password —— super password , which contains 16 characters at most,
composing digits, English letters and underdashes only. By default, it is empty.
Command Mode
Global Configuration Mode
Example
Set the super password as admin to access Privileged EXEC Mode from User
EXEC Mode:
TL-SG3424(config)# enable password admin
15
disable
Description
Syntax
Command Mode
Example
The disable command is used to return to User EXEC Mode from Privileged
EXEC Mode.
disable
Privileged EXEC Mode
Return to User EXEC Mode from Privileged EXEC Mode:
TL-SG3424# disable
TL-SG3424>
configure
Description
Syntax
Command Mode
Example
The configure command is used to access Global Configuration Mode from
Privileged EXEC Mode.
configure
Privileged EXEC Mode
Access Global Configuration Mode from Privileged EXEC Mode:
TL-SG3424# configure
TL-SG3424(config)#
exit
Description
The exit command is used to return to the previous Mode from the current
Mode.
Syntax
exit
16
end
Command Mode
Any Configuration Mode
Example
Return to Global Configuration Mode from Interface Configuration Mode, and
then return to Privileged EXEC Mode:
TL-SG3424(config-if)# exit
TL-SG3424(config)# exit
TL-SG3424#
Description
The end command is used to return to Privileged EXEC Mode.
Syntax
end
Command Mode
Any Configuration Mode
Example
Return to Privileged EXEC Mode from Interface Configuration Mode:
TL-SG3424(config-if)# end
TL-SG3424#
17
Chapter 3 IEEE 802.1Q VLAN Commands
VLAN (Virtual Local Area Network) technology is developed for the switch to divide the LAN into
multiple logical LANs flexibly. Hosts in the same VLAN can communicate with each other,
regardless of their physical locations. VLAN can enhance performance by conserving bandwidth,
and improve security by limiting traffic to specific domains.
vlan
Description
The vlan command is used to create IEEE 802.1Q VLAN and enter VLAN
Configuration Mode. To delete the IEEE 802.1Q VLAN, please use no vlan
command.
Syntax
vlan vlan-list
no vlan vlan-list
Parameter
vlan-list —— Specify IEEE 802.1Q VLAN ID list, ranging from 2 to 4094, in the
format of 2-3, 5. It is multi-optional.
Command Mode
Global Configuration Mode
Example
Create VLAN 2-10 and VLAN 100:
TL-SG3424(config)# vlan 2-10,100
Delete VLAN 2:
TL-SG3424(config)# no vlan 2
interface vlan
Description
The interface vlan command is used to create VLAN Interface and enter
Interface VLAN Mode. To delete VLAN Interface, please use no interface vlan
command.
Syntax
interface vlan vlan-id
no interface vlan vlan-id
18
Loading...
+ 182 hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.