TP-Link TL-SX3008F CLI Reference Guide

Download

CLI Reference Guide

Jetstream Switches

1910012904 REV4.5.0

October 2020

Specifications are subject to change without notice. is a registered trademark of

TP-Link Corporation Limited. Other brands and product names are trademarks or registered

trademarks of their respective holders.

No part of the specifications may be reproduced in any form or by any means or used to make

any derivative such as translation, transformation, or adaptation without permission from

reserved.

https://www.tp-link.com

CONTENTS

Preface ............................................................................................................................ 1

Chapter 1 Using the CLI ................................................................................................... 6

1.1 Accessing the CLI ........................................................................................................................... 6

1.1.1 Logon by a console port ...................................................................................................... 6

1.1.2 Logon by Telnet ...................................................................................................................... 8

1.1.3 Logon by SSH ........................................................................................................................ 10

1.2 CLI Command Modes .................................................................................................................. 15

1.3 Privilege Restrictions ................................................................................................................... 18

1.4 Conventions ................................................................................................................................... 18

1.4.1 PoE Disclaimer ...................................................................................................................... 18

1.4.2 Format Conventions ........................................................................................................... 19

1.4.3 Special Characters .............................................................................................................. 19

1.4.4 Parameter Format ................................................................................................................ 19

Chapter 2 Line Commands (Only for Certain Devices) ......................................... 20

2.1 line ...................................................................................................................................................... 20

2.2 media-type rj45 ............................................................................................................................. 21

Chapter 3 User Interface .............................................................................................. 22

3.1 enable ............................................................................................................................................... 22

3.2 service password-encryption .................................................................................................. 22

3.3 enable password ........................................................................................................................... 23

3.4 enable secret ................................................................................................................................. 24

3.5 configure .......................................................................................................................................... 25

3.6 exit...................................................................................................................................................... 26

3.7 end ..................................................................................................................................................... 26

3.8 clipaging ........................................................................................................................................... 27

3.9 history ............................................................................................................................................... 27

3.10 history clear .................................................................................................................................... 28

Chapter 4 User Management Commands ................................................................ 29

4.1 user name (password) ................................................................................................................. 29

4.2 user name (secret) ........................................................................................................................ 30

4.3 service password-recovery ...................................................................................................... 31

4.4 show user account-list................................................................................................................ 32

4.5 show user configuration ............................................................................................................. 33

Chapter 5 System Configuration Commands ......................................................... 34

5.1 system-time manual .................................................................................................................... 34

5.2 system-time ntp ............................................................................................................................ 34

5.3 system-time dst predefined ..................................................................................................... 36

5.4 system-time dst date .................................................................................................................. 37

5.5 system-time dst recurring ......................................................................................................... 38

5.6 hostname ......................................................................................................................................... 39

5.7 location ............................................................................................................................................. 40

5.8 contact-info .................................................................................................................................... 40

5.9 led ....................................................................................................................................................... 41

5.10 ip address ........................................................................................................................................ 41

5.11 ip address-alloc ............................................................................................................................. 42

5.12 controller cloud-based (Only for Certain Devices)............................................................ 43

5.13 controller inform-url (Only for Certain Devices) ................................................................. 44

5.14 reset .................................................................................................................................................. 44

5.15 service reset-disable ................................................................................................................... 45

5.16 reboot ............................................................................................................................................... 46

5.17 reboot-schedule ........................................................................................................................... 46

5.18 copy running-config startup-config ....................................................................................... 47

5.19 copy startup-config tftp ............................................................................................................. 48

5.20 copy tftp startup-config ............................................................................................................. 48

5.21 copy backup-config tftp ............................................................................................................. 49

5.22 copy backup-config startup-config ....................................................................................... 50

5.23 copy running-config backup-config ...................................................................................... 50

5.24 copy tftp backup-config ............................................................................................................. 51

5.25 boot application ............................................................................................................................ 51

5.26 boot config ...................................................................................................................................... 52

5.27 remove backup-image ................................................................................................................ 53

5.28 firmware upgrade .......................................................................................................................... 53

5.29 boot autoinstall start .................................................................................................................... 54

5.30 boot autoinstall persistent-mode ........................................................................................... 55

5.31 boot autoinstall auto-save ......................................................................................................... 55

5.32 boot autoinstall auto-reboot ..................................................................................................... 56

5.33 boot autoinstall retry-count ...................................................................................................... 56

5.34 show boot autoinstall .................................................................................................................. 57

5.35 show boot autoinstall downloaded-config .......................................................................... 57

5.36 ping .................................................................................................................................................... 58

III

5.37 tracert ............................................................................................................................................... 59

5.38 show system-info ......................................................................................................................... 60

5.39 show image-info ............................................................................................................................ 60

5.40 show boot ........................................................................................................................................ 61

5.41 show running-config .................................................................................................................... 61

5.42 show startup-config .................................................................................................................... 62

5.43 show system-time ........................................................................................................................ 63

5.44 show system-time dst ................................................................................................................. 63

5.45 show system-time ntp ................................................................................................................ 64

5.46 show cable-diagnostics interface........................................................................................... 64

5.47 show cpu-utilization ..................................................................................................................... 65

5.48 show memory-utilization ............................................................................................................ 65

5.49 show controller .............................................................................................................................. 66

5.50 show temperature ........................................................................................................................ 66

5.51 show voltage .................................................................................................................................. 67

Chapter 6 EEE Configuration Commands ................................................................ 68

6.1 eee ..................................................................................................................................................... 68

6.2 show interface eee ....................................................................................................................... 68

Chapter 7 SDM Template Commands ....................................................................... 70

7.1 sdm prefer ....................................................................................................................................... 70

7.2 show sdm prefer ........................................................................................................................... 71

Chapter 8 Time Range Commands ............................................................................ 72

8.1 time-range ....................................................................................................................................... 72

8.2 absolute ........................................................................................................................................... 72

8.3 periodic ............................................................................................................................................ 73

8.4 holiday (time-range mode) ......................................................................................................... 74

8.5 holiday .............................................................................................................................................. 75

8.6 show holiday ................................................................................................................................... 75

8.7 show time-range ........................................................................................................................... 76

Chapter 9 Port Configuration Commands ............................................................... 77

9.1 interface gigabitEthernet ........................................................................................................... 77

9.2 interface range gigabitEthernet............................................................................................... 77

9.3 description ...................................................................................................................................... 78

9.4 shutdown ......................................................................................................................................... 79

9.5 flow-control .................................................................................................................................... 80

9.6 duplex ............................................................................................................................................... 80

9.7 jumbo-size ....................................................................................................................................... 81

9.8 speed ................................................................................................................................................ 81

9.9 serdes-mode .................................................................................................................................. 82

9.10 clear counters ................................................................................................................................ 83

9.11 show fiber-ports ............................................................................................................................ 83

9.12 show interface status .................................................................................................................. 84

9.13 show interface counters ............................................................................................................ 84

9.14 show interface configuration .................................................................................................... 85

Chapter 10 Port Isolation Commands ......................................................................... 87

10.1 port isolation................................................................................................................................... 87

10.2 show port isolation interface .................................................................................................... 88

Chapter 11 Loopback Detection Commands ............................................................ 89

11.1 loopback-detection (global) ...................................................................................................... 89

11.2 loopback-detection interval ...................................................................................................... 89

11.3 loopback-detection recovery-time ........................................................................................ 90

11.4 loopback-detection (interface) ................................................................................................ 91

11.5 loopback-detection config process-mode ......................................................................... 91

11.6 loopback-detection recover ..................................................................................................... 92

11.7 show loopback-detection global............................................................................................. 93

11.8 show loopback-detection interface ....................................................................................... 93

Chapter 12 DDM Commands (Only for Certain Devices)........................................ 95

12.1 ddm state enable .......................................................................................................................... 95

12.2 ddm shutdown ............................................................................................................................... 96

12.3 ddm temperature_threshold ..................................................................................................... 96

12.4 ddm voltage_threshold ............................................................................................................... 97

12.5 ddm bias_current_threshold .................................................................................................... 98

12.6 ddm tx_power_threshold ........................................................................................................... 99

12.7 ddm rx_power_threshold ........................................................................................................ 100

12.8 show ddm configuration.......................................................................................................... 101

12.9 show ddm status ........................................................................................................................ 102

Chapter 13 Etherchannel Commands ....................................................................... 103

13.1 channel-group ............................................................................................................................ 103

13.2 port-channel load-balance ..................................................................................................... 104

13.3 lacp system-priority .................................................................................................................. 105

13.4 lacp port-priority ........................................................................................................................ 106

13.5 show etherchannel .................................................................................................................... 106

13.6 show etherchannel load-balance ......................................................................................... 107

13.7 show lacp ...................................................................................................................................... 108

13.8 show lacp sys-id ......................................................................................................................... 108

Chapter 14 MAC Address Commands ....................................................................... 110

14.1 mac address-table static ........................................................................................................ 110

14.2 no mac address-table dynamic ............................................................................................ 111

14.3 mac address-table aging-time .............................................................................................. 111

14.4 mac address-table filtering .................................................................................................... 112

14.5 mac address-table notification ............................................................................................. 113

14.6 mac address-table max-mac-count ................................................................................... 113

14.7 mac address-table notification (interface) ........................................................................ 115

14.8 mac address-table security ................................................................................................... 116

14.9 mac address-table vlan-security ......................................................................................... 117

14.10 show mac address-table ......................................................................................................... 118

14.11 clear mac address-table ......................................................................................................... 118

14.12 show mac address-table aging-time .................................................................................. 119

14.13 show mac address-table max-mac-count ........................................................................ 119

14.14 show mac address-table interface ...................................................................................... 120

14.15 show mac address-table count ............................................................................................ 121

14.16 show mac address-table address ....................................................................................... 121

14.17 show mac address-table vlan ................................................................................................ 122

14.18 show mac address-table notification ................................................................................. 122

14.19 show mac address-table security ........................................................................................ 123

Chapter 15 IEEE 802.1Q VLAN Commands .............................................................. 124

15.1 vlan .................................................................................................................................................. 124

15.2 name ............................................................................................................................................... 125

15.3 vlan_trunk (globally) .................................................................................................................. 125

15.4 vlan_trunk (interface) ................................................................................................................ 126

15.5 switchport general allowed vlan ........................................................................................... 126

15.6 switchport pvid ........................................................................................................................... 127

15.7 switchport check ingress ........................................................................................................ 128

15.8 switchport acceptable frame ................................................................................................ 129

15.9 show vlan summary................................................................................................................... 129

15.10 show vlan brief ............................................................................................................................ 130

15.11 show vlan ...................................................................................................................................... 130

15.12 show interface switchport ...................................................................................................... 131

Chapter 16 MAC-based VLAN Commands ............................................................... 132

16.1 mac-vlan mac-address ............................................................................................................ 132

16.2 mac-vlan ....................................................................................................................................... 133

16.3 show mac-vlan ............................................................................................................................ 133

16.4 show mac-vlan interface ......................................................................................................... 134

Chapter 17 Protocol-based VLAN Commands ....................................................... 135

17.1 protocol-vlan template ............................................................................................................ 135

17.2 protocol-vlan vlan ...................................................................................................................... 136

17.3 protocol-vlan group .................................................................................................................. 137

17.4 show protocol-vlan template ................................................................................................. 137

17.5 show protocol-vlan vlan .......................................................................................................... 138

Chapter 18 Private VLAN Commands (Only for Certain Devices) ..................... 139

18.1 private-vlan primary .................................................................................................................. 139

18.2 private-vlan community ........................................................................................................... 139

18.3 private-vlan isolated ................................................................................................................. 140

18.4 private-vlan association .......................................................................................................... 141

18.5 switchport private-vlan ............................................................................................................ 141

18.6 switchport private-vlan host-association ......................................................................... 142

18.7 switchport private-vlan mapping ......................................................................................... 143

18.8 show vlan private-vlan ............................................................................................................. 144

18.9 show vlan private-vlan interface ........................................................................................... 144

Chapter 19 VLAN-VPN Commands (Only for Certain Devices) .......................... 146

19.1 dot1q-tunnel ................................................................................................................................ 146

19.2 switchport dot1q-tunnel tpid ................................................................................................. 146

19.3 dot1q-tunnel mapping ............................................................................................................. 147

19.4 switchport dot1q-tunnel mode ............................................................................................. 148

19.5 switchport dot1q-tunnel missdrop ...................................................................................... 149

19.6 switchport dot1q-tunnel use_inner_priority .................................................................... 149

19.7 switchport dot1q-tunnel mapping ....................................................................................... 150

19.8 switchport dot1q-tunnel replace ......................................................................................... 151

19.9 show dot1q-tunnel .................................................................................................................... 152

19.10 show dot1q-tunnel mapping .................................................................................................. 152

19.11 show dot1q-tunnel interface ................................................................................................. 153

VII

Chapter 20 GVRP Commands ...................................................................................... 154

20.1 gvrp ................................................................................................................................................. 154

20.2 gvrp (interface)............................................................................................................................ 154

20.3 gvrp registration ......................................................................................................................... 155

20.4 gvrp timer ..................................................................................................................................... 156

20.5 show gvrp interface .................................................................................................................. 157

20.6 show gvrp global ........................................................................................................................ 158

Chapter 21 IGMP Snooping Commands.................................................................... 159

21.1 ip igmp snooping (global) ........................................................................................................ 159

21.2 ip igmp snooping version ........................................................................................................ 159

21.3 ip igmp snooping drop-unknown ......................................................................................... 160

21.4 ip igmp snooping header-validation .................................................................................... 161

21.5 ip igmp snooping vlan-config ................................................................................................ 161

21.6 ip igmp snooping vlan-config (immediate-leave)............................................................ 163

21.7 ip igmp snooping vlan-config (report-suppression) ...................................................... 163

21.8 ip igmp snooping vlan-config (router-ports-forbidden) ............................................... 164

21.9 ip igmp snooping vlan-config (rport interface) ................................................................ 165

21.10 ip igmp snooping vlan-config (static) .................................................................................. 166

21.11 ip igmp snooping vlan-config (querier) ............................................................................... 167

21.12 ip igmp snooping (interface) .................................................................................................. 168

21.13 ip igmp snooping max-groups .............................................................................................. 169

21.14 ip igmp snooping immediate-leave ..................................................................................... 170

21.15 ip igmp snooping authentication .......................................................................................... 170

21.16 ip igmp snooping accounting ................................................................................................ 171

21.17 ip igmp profile ............................................................................................................................. 172

21.18 deny ................................................................................................................................................ 172

21.19 permit ............................................................................................................................................. 173

21.20 range .............................................................................................................................................. 173

21.21 ip igmp filter ................................................................................................................................. 174

21.22 clear ip igmp snooping statistics ......................................................................................... 175

21.23 show ip igmp snooping ............................................................................................................ 175

21.24 show ip igmp snooping interface ......................................................................................... 176

21.25 show ip igmp snooping vlan ................................................................................................... 177

21.26 show ip igmp snooping groups ............................................................................................. 177

21.27 show ip igmp profile .................................................................................................................. 178

VIII

Chapter 22 MLD Snooping Commands ..................................................................... 180

22.1 ipv6 mld snooping (global) ...................................................................................................... 180

22.2 ipv6 mld snooping drop-unknown ....................................................................................... 180

22.3 ipv6 mld snooping vlan-config .............................................................................................. 181

22.4 ipv6 mld snooping vlan-config (immediate-leave) ......................................................... 182

22.5 ipv6 mld snooping vlan-config (report-suppression) .................................................... 183

22.6 ipv6 mld snooping vlan-config (router-ports-forbidden) ............................................. 184

22.7 ipv6 mld snooping vlan-config (rport interface) .............................................................. 185

22.8 ipv6 mld snooping vlan-config (static) ............................................................................... 185

22.9 ipv6 mld snooping vlan-config (querier) ............................................................................ 186

22.10 ipv6 mld snooping (interface) ................................................................................................ 188

22.11 ipv6 mld snooping max-groups ............................................................................................ 188

22.12 ipv6 mld snooping immediate-leave ................................................................................... 189

22.13 ipv6 mld profile ........................................................................................................................... 190

22.14 deny ................................................................................................................................................ 191

22.15 permit ............................................................................................................................................. 191

22.16 range .............................................................................................................................................. 192

22.17 ipv6 mld filter ............................................................................................................................... 192

22.18 clear ipv6 mld snooping statistics ....................................................................................... 193

22.19 show ipv6 mld snooping .......................................................................................................... 193

22.20 show ipv6 mld snooping interface ....................................................................................... 194

22.21 show ipv6 mld snooping vlan ................................................................................................. 195

22.22 show ipv6 mld snooping groups .......................................................................................... 195

22.23 show ipv6 mld profile ................................................................................................................ 196

Chapter 23 MVR Commands ........................................................................................ 197

23.1 mvr (global) ................................................................................................................................... 197

23.2 mvr group ..................................................................................................................................... 197

23.3 mvr mode ...................................................................................................................................... 198

23.4 mvr querytime ............................................................................................................................. 199

23.5 mvr vlan ......................................................................................................................................... 200

23.6 mvr (interface) ............................................................................................................................. 200

23.7 mvr type ........................................................................................................................................ 201

23.8 mvr immediate ............................................................................................................................ 202

23.9 mvr vlan (group) .......................................................................................................................... 202

23.10 show mvr ...................................................................................................................................... 203

23.11 show mvr interface .................................................................................................................... 204

23.12 show mvr members .................................................................................................................. 204

Chapter 24 MSTP Commands ...................................................................................... 206

24.1 debug spanning-tree ................................................................................................................ 206

24.2 spanning-tree (global) .............................................................................................................. 207

24.3 spanning-tree (interface) ........................................................................................................ 207

24.4 spanning-tree common-config ............................................................................................. 208

24.5 spanning-tree mode ................................................................................................................. 209

24.6 spanning-tree mst configuration ......................................................................................... 210

24.7 instance ......................................................................................................................................... 210

24.8 name ............................................................................................................................................... 211

24.9 revision .......................................................................................................................................... 212

24.10 spanning-tree mst instance ................................................................................................... 213

24.11 spanning-tree mst ..................................................................................................................... 213

24.12 spanning-tree priority .............................................................................................................. 214

24.13 spanning-tree timer .................................................................................................................. 215

24.14 spanning-tree hold-count ....................................................................................................... 216

24.15 spanning-tree max-hops ......................................................................................................... 216

24.16 spanning-tree bpdufilter ......................................................................................................... 217

24.17 spanning-tree bpduflood ........................................................................................................ 218

24.18 spanning-tree bpduguard ....................................................................................................... 218

24.19 spanning-tree guard loop ....................................................................................................... 219

24.20 spanning-tree guard root ........................................................................................................ 220

24.21 spanning-tree guard tc ............................................................................................................ 220

24.22 spanning-tree mcheck ............................................................................................................. 221

24.23 show spanning-tree active ..................................................................................................... 221

24.24 show spanning-tree bridge .................................................................................................... 222

24.25 show spanning-tree interface ............................................................................................... 222

24.26 show spanning-tree interface-security ............................................................................. 223

24.27 show spanning-tree mst ......................................................................................................... 224

Chapter 25 LLDP Commands ....................................................................................... 226

25.1 lldp................................................................................................................................................... 226

25.2 lldp forward_message .............................................................................................................. 226

25.3 lldp hold-multiplier ..................................................................................................................... 227

25.4 lldp timer ....................................................................................................................................... 228

25.5 lldp receive ................................................................................................................................... 229

25.6 lldp transmit ................................................................................................................................. 229

25.7 lldp snmp-trap ............................................................................................................................. 230

25.8 lldp tlv-select ............................................................................................................................... 231

25.9 lldp management-address ..................................................................................................... 231

25.10 lldp med-fast-count .................................................................................................................. 232

25.11 lldp med-status ........................................................................................................................... 233

25.12 lldp med-tlv-select .................................................................................................................... 233

25.13 lldp med-location ....................................................................................................................... 234

25.14 show lldp ....................................................................................................................................... 235

25.15 show lldp interface .................................................................................................................... 235

25.16 show lldp local-information interface ................................................................................. 236

25.17 show lldp neighbor-information interface ......................................................................... 237

25.18 show lldp traffic interface ....................................................................................................... 237

Chapter 26 L2PT Commands (Only for Certain Devices) ..................................... 239

26.1 l2protocol-tunnel ..................................................................................................................... 239

26.2 l2protocol-tunnel type ........................................................................................................... 240

26.3 show l2protocol-tunnel global ........................................................................................... 241

26.4 show l2protocol-tunnel interface ..................................................................................... 242

Chapter 27 PPPoE ID-Insertion Commands (Only for Certain Devices) ........... 243

27.1 pppoe id-insertion (global) ................................................................................................... 243

27.2 pppoe circuit-id (interface) .................................................................................................. 244

27.3 pppoe circuit-id type .............................................................................................................. 244

27.4 pppoe remote-id....................................................................................................................... 245

27.5 show pppoe id-insertion global ......................................................................................... 246

27.6 show pppoe id-insertion interface ................................................................................... 246

Chapter 28 Static Routes Commands ....................................................................... 248

28.1 ip routing ....................................................................................................................................... 248

28.2 interface vlan ............................................................................................................................... 248

28.3 interface loopback .................................................................................................................... 249

28.4 switchport .................................................................................................................................... 249

28.5 interface range port-channel ................................................................................................. 250

28.6 description ................................................................................................................................... 251

28.7 shutdown ...................................................................................................................................... 251

28.8 interface port-channel ............................................................................................................. 252

28.9 ip route .......................................................................................................................................... 253

28.10 ipv6 routing .................................................................................................................................. 253

28.11 ipv6 route ...................................................................................................................................... 254

28.12 show interface vlan ................................................................................................................... 255

28.13 show ip interface ........................................................................................................................ 255

28.14 show ip interface brief .............................................................................................................. 256

28.15 show ip route ............................................................................................................................... 256

28.16 show ip route specify ............................................................................................................... 257

28.17 show ip route summary ........................................................................................................... 258

28.18 show ipv6 interface ................................................................................................................... 258

28.19 show ipv6 route .......................................................................................................................... 259

28.20 show ipv6 route summary ...................................................................................................... 259

Chapter 29 IPv6 Address Configuration Commands ............................................ 261

29.1 ipv6 enable ................................................................................................................................... 261

29.2 ipv6 address autoconfig.......................................................................................................... 261

29.3 ipv6 address link-local ............................................................................................................. 262

29.4 ipv6 address dhcp ..................................................................................................................... 263

29.5 ipv6 address ra ........................................................................................................................... 263

29.6 ipv6 address eui-64 .................................................................................................................. 264

29.7 ipv6 address ................................................................................................................................ 265

29.8 show ipv6 interface ................................................................................................................... 266

Chapter 30 ARP Commands ......................................................................................... 267

30.1 arp ................................................................................................................................................... 267

30.2 clear arp-cache .......................................................................................................................... 268

30.3 arp dynamicrenew ..................................................................................................................... 268

30.4 arp timeout ................................................................................................................................... 269

30.5 gratuitous-arp intf-status-up enable .................................................................................. 269

30.6 gratuitous-arp dup-ip-detected enable ............................................................................. 270

30.7 gratuitous-arp learning enable .............................................................................................. 270

30.8 gratuitous-arp send-interval .................................................................................................. 271

30.9 ip proxy-arp.................................................................................................................................. 272

30.10 ip local-proxy-arp ...................................................................................................................... 272

30.11 show arp ........................................................................................................................................ 273

30.12 show ip arp (interface) .............................................................................................................. 274

30.13 show ip arp summary................................................................................................................ 274

30.14 show gratuitous-arp ................................................................................................................. 275

30.15 show ip proxy-arp ...................................................................................................................... 275

Chapter 31 DHCP Server Commands ........................................................................ 277

31.1 service dhcp server .................................................................................................................. 277

31.2 ip dhcp server extend-option capwap-ac-ip.................................................................... 277

31.3 ip dhcp server extend-option vendor-class-id ............................................................... 278

XII

31.4 ip dhcp server exclude-address ........................................................................................... 279

31.5 ip dhcp server pool ................................................................................................................... 279

31.6 ip dhcp server ping timeout ................................................................................................... 280

31.7 ip dhcp server ping packets ................................................................................................... 281

31.8 network ......................................................................................................................................... 281

31.9 lease ............................................................................................................................................... 282

31.10 address hardware-address .................................................................................................... 283

31.11 address client-identifier .......................................................................................................... 284

31.12 default-gateway ......................................................................................................................... 284

31.13 dns-server .................................................................................................................................... 285

31.14 netbios-name-server ............................................................................................................... 286

31.15 netbios-node-type .................................................................................................................... 286

31.16 next-server ................................................................................................................................... 287

31.17 domain-name .............................................................................................................................. 288

31.18 bootfile .......................................................................................................................................... 288

31.19 show ip dhcp server status .................................................................................................... 289

31.20 show ip dhcp server statistics............................................................................................... 289

31.21 show ip dhcp server extend-option .................................................................................... 290

31.22 show ip dhcp server pool ........................................................................................................ 290

31.23 show ip dhcp server excluded-address ............................................................................ 291

31.24 show ip dhcp server manual-binding .................................................................................. 291

31.25 show ip dhcp server binding .................................................................................................. 292

31.26 clear ip dhcp server statistics ............................................................................................... 292

31.27 clear ip dhcp server binding ................................................................................................... 293

Chapter 32 DHCP Relay Commands .......................................................................... 294

32.1 service dhcp relay ..................................................................................................................... 294

32.2 ip dhcp relay hops ..................................................................................................................... 294

32.3 ip dhcp relay time ....................................................................................................................... 295

32.4 ip helper-address....................................................................................................................... 296

32.5 ip dhcp relay information ........................................................................................................ 296

32.6 ip dhcp relay information strategy ....................................................................................... 297

32.7 ip dhcp relay information format .......................................................................................... 298

32.8 ip dhcp relay information circuit-id ...................................................................................... 299

32.9 ip dhcp relay information remote-id .................................................................................... 299

32.10 ip dhcp relay default-interface .............................................................................................. 300

32.11 ip dhcp relay vlan ....................................................................................................................... 301

32.12 show ip dhcp relay ..................................................................................................................... 301

XIII

Chapter 33 DHCP L2 Relay Commands .................................................................... 303

33.1 ip dhcp l2relay ............................................................................................................................. 303

33.2 ip dhcp l2relay vlan .................................................................................................................... 303

33.3 ip dhcp l2relay information ..................................................................................................... 304

33.4 ip dhcp l2relay information strategy ................................................................................... 304

33.5 ip dhcp l2relay information format....................................................................................... 305

33.6 ip dhcp l2relay information circuit-id .................................................................................. 306

33.7 ip dhcp l2relay information remote-id ................................................................................ 307

33.8 show ip dhcp l2relay ................................................................................................................. 307

33.9 show ip dhcp l2relay interface .............................................................................................. 308

Chapter 34 QoS Commands ......................................................................................... 309

34.1 qos trust mode ........................................................................................................................... 309

34.2 qos port-priority ......................................................................................................................... 310

34.3 qos cos-map ............................................................................................................................... 310

34.4 qos dot1p-remap ....................................................................................................................... 311

34.5 qos dscp-map ............................................................................................................................. 312

34.6 qos dscp-remap ......................................................................................................................... 313

34.7 qos queue bandwidth ............................................................................................................... 314

34.8 qos queue mode ........................................................................................................................ 315

34.9 show qos cos-map .................................................................................................................... 316

34.10 show qos dot1p-remap interface ........................................................................................ 317

34.11 show qos dot1p-remap ........................................................................................................... 317

34.12 show qos dscp-map interface .............................................................................................. 318

34.13 show qos dscp-map ................................................................................................................. 319

34.14 show qos dscp-remap interface .......................................................................................... 319

34.15 show qos dscp-remap ............................................................................................................. 320

34.16 show qos port-priority interface........................................................................................... 320

34.17 show qos trust interface ......................................................................................................... 321

34.18 show qos queue interface ...................................................................................................... 321

Chapter 35 Bandwidth Control Commands ............................................................. 323

35.1 storm-control rate-mode ........................................................................................................ 323

35.2 storm-control .............................................................................................................................. 324

35.3 storm-control exceed .............................................................................................................. 325

35.4 storm-control recover ............................................................................................................. 326

35.5 bandwidth ..................................................................................................................................... 326

35.6 show storm-control .................................................................................................................. 327

XIV

35.7 show bandwidth ......................................................................................................................... 328

Chapter 36 Voice VLAN Commands .......................................................................... 329

36.1 voice vlan ...................................................................................................................................... 329

36.2 voice vlan (interface) ................................................................................................................. 329

36.3 voice vlan priority ....................................................................................................................... 330

36.4 voice vlan oui ............................................................................................................................... 331

36.5 show voice vlan .......................................................................................................................... 331

36.6 show voice vlan oui-table........................................................................................................ 332

36.7 show voice vlan interface ....................................................................................................... 332

Chapter 37 Auto VoIP Commands .............................................................................. 334

37.1 auto-voip ....................................................................................................................................... 334

37.2 auto-voip (interface) ................................................................................................................. 334

37.3 auto-voip dot1p .......................................................................................................................... 335

37.4 auto-voip untagged .................................................................................................................. 336

37.5 auto-voip none ........................................................................................................................... 336

37.6 no auto-voip (interface) ........................................................................................................... 337

37.7 auto-voip dscp ............................................................................................................................ 337

37.8 auto-voip data priority .............................................................................................................. 338

37.9 show auto-voip ........................................................................................................................... 338

Chapter 38 Access Control Commands ................................................................... 340

38.1 user access-control ip-based enable ................................................................................. 340

38.2 user access-control ip-based ............................................................................................... 340

38.3 user access-control mac-based enable ............................................................................ 341

38.4 user access-control mac-based .......................................................................................... 342

38.5 user access-control port-based enable ............................................................................ 343

38.6 user access-control port-based .......................................................................................... 343

Chapter 39 HTTP and HTTPS Commands ................................................................ 345

39.1 ip http server ............................................................................................................................... 345

39.2 ip http port .................................................................................................................................... 346

39.3 ip http max-users ....................................................................................................................... 346

39.4 ip http session timeout ............................................................................................................ 347

39.5 ip http secure-server ................................................................................................................ 348

39.6 ip http secure-port .................................................................................................................... 348

39.7 ip http secure-protocol............................................................................................................ 349

39.8 ip http secure-ciphersuite ...................................................................................................... 350

39.9 ip http secure-max-users ....................................................................................................... 351

39.10 ip http secure-session timeout ............................................................................................. 352

39.11 ip http secure-server download certificate ...................................................................... 352

39.12 ip http secure-server download key ................................................................................... 353

39.13 show ip http configuration ...................................................................................................... 354

39.14 show ip http secure-server .................................................................................................... 355

Chapter 40 SSH Commands ......................................................................................... 356

40.1 ip ssh server ................................................................................................................................ 356

40.2 ip ssh port ..................................................................................................................................... 356

40.3 ip ssh version .............................................................................................................................. 357

40.4 ip ssh algorithm .......................................................................................................................... 358

40.5 ip ssh timeout .............................................................................................................................. 358

40.6 ip ssh max-client ........................................................................................................................ 359

40.7 ip ssh download .......................................................................................................................... 360

40.8 remove public-key ..................................................................................................................... 360

40.9 show ip ssh................................................................................................................................... 361

Chapter 41 Telnet Commands ..................................................................................... 362

41.1 telnet .............................................................................................................................................. 362

41.2 telnet enable ................................................................................................................................ 362

41.3 telnet port ..................................................................................................................................... 363

41.4 show telnet-status..................................................................................................................... 363

Chapter 42 Serial Port Commands ............................................................................. 365

42.1 serial_port baud-rate ................................................................................................................ 365

Chapter 43 AAA Commands ........................................................................................ 366

43.1 tacacs-server host .................................................................................................................... 366

43.2 show tacacs-server .................................................................................................................. 367

43.3 radius-server host ..................................................................................................................... 368

43.4 show radius-server ................................................................................................................... 369

43.5 aaa group ...................................................................................................................................... 370

43.6 server ............................................................................................................................................. 370

43.7 show aaa group .......................................................................................................................... 371

43.8 aaa authentication login .......................................................................................................... 372

43.9 aaa authentication enable....................................................................................................... 373

43.10 aaa authentication dot1x default .......................................................................................... 374

43.11 aaa accounting dot1x default ................................................................................................ 374

XVI

43.12 show aaa authentication ......................................................................................................... 375

43.13 show aaa accounting ................................................................................................................ 376

43.14 line telnet ...................................................................................................................................... 376

43.15 login authentication (telnet) .................................................................................................... 377

43.16 line ssh ........................................................................................................................................... 377

43.17 login authentication (ssh) ........................................................................................................ 378

43.18 line console .................................................................................................................................. 379

43.19 login authentication (console) ............................................................................................... 379

43.20 enable authentication (telnet) ................................................................................................ 380

43.21 enable authentication (ssh) .................................................................................................... 381

43.22 enable authentication (console) ........................................................................................... 381

43.23 ip http login authentication ..................................................................................................... 382

43.24 ip http enable authentication ................................................................................................. 383

43.25 show aaa global .......................................................................................................................... 384

43.26 enable admin password ........................................................................................................... 384

43.27 enable admin secret ................................................................................................................. 385

43.28 enable-admin .............................................................................................................................. 386

Chapter 44 IEEE 802.1x Commands ........................................................................... 388

44.1 dot1x system-auth-control .................................................................................................... 388

44.2 dot1x handshake ....................................................................................................................... 389

44.3 dot1x auth-protocol .................................................................................................................. 389

44.4 dot1x vlan-assignment ............................................................................................................ 390

44.5 dot1x accounting ....................................................................................................................... 391

44.6 dot1x mab .................................................................................................................................... 392

44.7 dot1x guest-vlan ........................................................................................................................ 392

44.8 dot1x timeout quiet-period .................................................................................................... 393

44.9 dot1x timeout supp-timeout .................................................................................................. 394

44.10 dot1x max- req ........................................................................................................................... 395

44.11 dot1x .............................................................................................................................................. 395

44.12 dot1x port-control ..................................................................................................................... 396

44.13 dot1x port-method .................................................................................................................... 397

44.14 dot1x auth-init ............................................................................................................................. 398

44.15 dot1x auth-reauth ...................................................................................................................... 398

44.16 show dot1x global ..................................................................................................................... 399

44.17 show dot1x interface ................................................................................................................ 400

44.18 show dot1x auth-state interface .......................................................................................... 400

XVII

Chapter 45 Port Security Commands ........................................................................ 402

45.1 mac address-table max-mac count .................................................................................... 402

45.2 show mac address-table max-mac-count ........................................................................ 402

Chapter 46 Port Mirroring Commands ...................................................................... 404

46.1 monitor session destination interface................................................................................ 404

46.2 monitor session source ........................................................................................................... 405

46.3 show monitor session .............................................................................................................. 406

Chapter 47 ACL Commands ......................................................................................... 408

47.1 access-list create ...................................................................................................................... 408

47.2 access-list packet-content profile ...................................................................................... 408

47.3 access-list resequence ........................................................................................................... 409

47.4 access-list mac .......................................................................................................................... 410

47.5 access-list ip ............................................................................................................................... 411

47.6 access-list combined ............................................................................................................... 413

47.7 access-list ipv6 .......................................................................................................................... 415

47.8 access-list packet-content config ...................................................................................... 417

47.9 access-list action....................................................................................................................... 418

47.10 redirect .......................................................................................................................................... 419

47.11 s-condition ................................................................................................................................... 420

47.12 s-mirror.......................................................................................................................................... 421

47.13 qos-remark .................................................................................................................................. 421

47.14 access bind .................................................................................................................................. 422

47.15 show access-list ........................................................................................................................ 423

47.16 show access-list bind ............................................................................................................... 423

47.17 show access-list status ........................................................................................................... 424

47.18 show access-list counter ........................................................................................................ 424

47.19 clear access-list ......................................................................................................................... 425

Chapter 48 IPv4 IMPB Commands .............................................................................. 426

48.1 ip source binding ....................................................................................................................... 426

48.2 ip dhcp snooping ....................................................................................................................... 427

48.3 ip dhcp snooping vlan .............................................................................................................. 428

48.4 ip dhcp snooping max-entries .............................................................................................. 428

48.5 show ip source binding ............................................................................................................ 429

48.6 show ip dhcp snooping ............................................................................................................ 430

48.7 show ip dhcp snooping interface ......................................................................................... 430

XVIII

Chapter 49 IPv6 IMPB Commands .............................................................................. 432

49.1 Ipv6 source binding................................................................................................................... 432

49.2 ipv6 dhcp snooping .................................................................................................................. 433

49.3 ipv6 dhcp snooping vlan ......................................................................................................... 434

49.4 ipv6 dhcp snooping max-entries .......................................................................................... 434

49.5 ipv6 nd snooping ....................................................................................................................... 435

49.6 ipv6 nd snooping vlan .............................................................................................................. 436

49.7 ipv6 nd snooping max-entries ............................................................................................... 436

49.8 show ipv6 source binding ....................................................................................................... 437

49.9 show ipv6 dhcp snooping ....................................................................................................... 438

49.10 show ipv6 dhcp snooping interface .................................................................................... 438

49.11 show ipv6 nd snooping ............................................................................................................ 439

49.12 show ipv6 nd snooping interface ......................................................................................... 439

Chapter 50 IP Verify Source Commands .................................................................. 441

50.1 ip verify source ........................................................................................................................... 441

50.2 ip verify source logging ........................................................................................................... 442

50.3 show ip verify source ................................................................................................................ 442

50.4 show ip verify source interface ............................................................................................. 443

Chapter 51 IPv6 Verify Source Commands ............................................................. 444

51.1 ipv6 verify source ...................................................................................................................... 444

51.2 show ipv6 verify source ........................................................................................................... 445

51.3 show ipv6 verify source interface ........................................................................................ 445

Chapter 52 DHCPv4 Filter Commands ...................................................................... 447

52.1 ip dhcp filter ................................................................................................................................. 447

52.2 ip dhcp filter (interface) ............................................................................................................ 447

52.3 ip dhcp filter mac-verify ........................................................................................................... 448

52.4 ip dhcp filter limit rate ............................................................................................................... 449

52.5 ip dhcp filter decline rate ......................................................................................................... 450

52.6 ip dhcp filter server permit-entry ......................................................................................... 450

52.7 show ip dhcp filter ..................................................................................................................... 451

52.8 show ip dhcp filter interface ................................................................................................... 452

52.9 show ip dhcp filter server permit-entry .............................................................................. 452

Chapter 53 DHCPv6 Filter Commands ...................................................................... 454

53.1 ipv6 dhcp filter ............................................................................................................................ 454

53.2 ipv6 dhcp filter (interface) ....................................................................................................... 454

XIX

53.3 ipv6 dhcp filter limit rate .......................................................................................................... 455

53.4 ipv6 dhcp filter decline rate .................................................................................................... 456

53.5 ipv6 dhcp filter server permit-entry .................................................................................... 457

53.6 show ipv6 dhcp filter................................................................................................................. 458

53.7 show ipv6 dhcp filter interface .............................................................................................. 458

53.8 show ip dhcp filter server permit-entry .............................................................................. 459

Chapter 54 DoS Defend Commands .......................................................................... 460

54.1 ip dos-prevent ............................................................................................................................ 460

54.2 ip dos-prevent type................................................................................................................... 460

54.3 show ip dos-prevent ................................................................................................................. 462

Chapter 55 sFlow Commands (Only for Certain Devices) .................................... 464

55.1 sflow address .............................................................................................................................. 464

55.2 sflow enable ................................................................................................................................. 465

55.3 sflow collector collector-ID .................................................................................................... 465

55.4 sflow sampler .............................................................................................................................. 466

55.5 show sflow global ...................................................................................................................... 467

55.6 show sflow collector ................................................................................................................. 468

55.7 show sflow sampler .................................................................................................................. 468

Chapter 56 Ethernet OAM Commands (Only for Certain Devices) .................... 469

56.1 ethernet-oam .............................................................................................................................. 469

56.2 ethernet-oam mode .................................................................................................................. 470

56.3 ethernet-oam link-monitor symbol-period ....................................................................... 470

56.4 ethernet-oam link-monitor frame ........................................................................................ 471

56.5 ethernet-oam link-monitor frame-period .......................................................................... 472

56.6 ethernet-oam link-monitor frame-seconds...................................................................... 473

56.7 ethernet-oam remote-failure ................................................................................................. 474

56.8 ethernet-oam remote-loopback received-remote- loopback ................................... 475

56.9 ethernet-oam remote-loopback .......................................................................................... 476

56.10 clear ethernet-oam statistics ................................................................................................ 477

56.11 clear ethernet-oam event-log ............................................................................................... 478

56.12 show ethernet-oam configuration ....................................................................................... 478

56.13 show ethernet-oam event-log .............................................................................................. 479

56.14 show ethernet-oam statistics ............................................................................................... 480

56.15 show ethernet-oam status ..................................................................................................... 480

Chapter 57 DLDP Commands (Only for Certain Devices) .................................... 482

57.1 dldp (global) ................................................................................................................................. 482

57.2 dldp interval ................................................................................................................................. 482

57.3 dldp shut-mode .......................................................................................................................... 483

57.4 dldp reset (global) ...................................................................................................................... 484

57.5 dldp(interface) ............................................................................................................................. 484

57.6 dldp reset (interface) ................................................................................................................ 485

57.7 show dldp ..................................................................................................................................... 485

57.8 show dldp interface................................................................................................................... 486

Chapter 58 SNMP Commands ..................................................................................... 487

58.1 snmp-server ................................................................................................................................ 487

58.2 snmp-server view ...................................................................................................................... 487

58.3 snmp-server group ................................................................................................................... 488

58.4 snmp-server user ...................................................................................................................... 490

58.5 snmp-server community ......................................................................................................... 491

58.6 snmp-server host ...................................................................................................................... 492

58.7 snmp-server engineID ............................................................................................................. 494

58.8 snmp-server traps snmp ......................................................................................................... 495

58.9 snmp-server traps ..................................................................................................................... 496

58.10 snmp-server traps ddm ........................................................................................................... 497

58.11 snmp-server traps vlan ............................................................................................................ 498

58.12 snmp-server traps security .................................................................................................... 499

58.13 snmp-server traps acl .............................................................................................................. 500

58.14 snmp-server traps ip ................................................................................................................ 500

58.15 snmp-server traps power (Only for Certain Devices) .................................................... 501

58.16 snmp-server traps link-status ............................................................................................... 502

58.17 rmon history ................................................................................................................................ 503

58.18 rmon event ................................................................................................................................... 504

58.19 rmon alarm ................................................................................................................................... 505

58.20 rmon statistics ............................................................................................................................ 506

58.21 show snmp-server..................................................................................................................... 507

58.22 show snmp-server view ........................................................................................................... 508

58.23 show snmp-server group ........................................................................................................ 508

58.24 show snmp-server user ........................................................................................................... 509

58.25 show snmp-server community ............................................................................................. 509

58.26 show snmp-server host ........................................................................................................... 509

58.27 show snmp-server engineID .................................................................................................. 510

XXI

58.28 show rmon history ..................................................................................................................... 510

58.29 show rmon event ....................................................................................................................... 511

58.30 show rmon alarm ........................................................................................................................ 512

58.31 show rmon statistics ................................................................................................................ 512

Chapter 59 PoE Commands (Only for Certain Devices) ....................................... 514

59.1 power inline consumption (global) ....................................................................................... 514

59.2 power profile ............................................................................................................................... 514

59.3 power inline consumption (interface) ................................................................................. 515

59.4 power inline priority ................................................................................................................... 516

59.5 power inline supply .................................................................................................................... 517

59.6 power inline profile .................................................................................................................... 517

59.7 power inline time-range ........................................................................................................... 518

59.8 show power inline ...................................................................................................................... 519

59.9 show power inline configuration interface ........................................................................ 519

59.10 show power inline information interface ........................................................................... 520

59.11 show power profile .................................................................................................................... 520

Chapter 60 ARP Inspection Commands .................................................................... 522

60.1 ip arp inspection ......................................................................................................................... 522

60.2 ip arp inspection validate ........................................................................................................ 522

60.3 ip arp inspection vlan ................................................................................................................ 523

60.4 ip arp inspection vlan logging ................................................................................................ 524

60.5 ip arp inspection trust .............................................................................................................. 525

60.6 ip arp inspection limit-rate ...................................................................................................... 525

60.7 ip arp inspection burst-interval ............................................................................................. 526

60.8 ip arp inspection recover ........................................................................................................ 527

60.9 show ip arp inspection ............................................................................................................. 527

60.10 show ip arp inspection interface .......................................................................................... 528

60.11 show ip arp inspection vlan .................................................................................................... 529

60.12 show ip arp inspection statistics .......................................................................................... 529

60.13 clear ip arp inspection statistics ........................................................................................... 530

Chapter 61 ND Detection Commands ....................................................................... 531

61.1 ipv6 nd detection ....................................................................................................................... 531

61.2 ipv6 nd detection vlan .............................................................................................................. 531

61.3 ipv6 nd detection vlan logging .............................................................................................. 532

61.4 ipv6 nd detection trust ............................................................................................................. 532

61.5 show ipv6 nd detection ........................................................................................................... 533

XXII

61.6 show ipv6 nd detection interface ......................................................................................... 533

61.7 show ipv6 nd detection statistics ........................................................................................ 534

61.8 show ipv6 nd detection vlan .................................................................................................. 535

Chapter 62 System Log Commands .......................................................................... 536

62.1 logging buffer .............................................................................................................................. 536

62.2 logging buffer level .................................................................................................................... 536

62.3 logging file flash ......................................................................................................................... 537

62.4 logging file flash frequency .................................................................................................... 538

62.5 logging file flash level ............................................................................................................... 539

62.6 logging host index ..................................................................................................................... 539

62.7 logging console .......................................................................................................................... 540

62.8 logging console level ................................................................................................................ 541

62.9 logging monitor .......................................................................................................................... 542

62.10 logging monitor level ................................................................................................................ 542

62.11 clear logging ................................................................................................................................ 543

62.12 show logging local-config....................................................................................................... 544

62.13 show logging loghost ............................................................................................................... 544

62.14 show logging buffer .................................................................................................................. 545

62.15 show logging flash ..................................................................................................................... 545

XXIII

Preface

This Guide is intended for network administrator to provide referenced information about CLI (Command Line Interface). The device mentioned in this Guide stands for JetStream Switch without any explanation. Some models featured in this guide may be unavailable in your country or region. For local sales information, visit https://www.tp-link.com.

Overview of this Guide

Chapter 1: Using the CLI

Provide information about how to use the CLI, CLI Command Modes, Security Levels and some

Conventions.

Chapter 2: Line Commands (Only for Certain Devices)

Provide information about the commands used to make related configurations for the desired

users and set the priority of the console media type.

Chapter 3: User Interface

Provide information about the commands used to switch between five CLI Command Modes.

Chapter 4: User Management Commands

Provide information about the commands used for user management.

Chapter 5: System Configuration Commands

Provide information about the commands used for configuring the System information and

System IP, reboot and reset the switch, upgrade the switch system and commands used for

cable test.

Chapter 6: EEE Configuration Commands

Provide information about the commands used for configuring EEE.

Chapter 7: SDM Template Commands

Provide information about the commands used for configuring the SDM templates.

Chapter 8: Time Range Commands

Provide information about the commands used for configuring the time range.

Chapter 9: Port Configuration Commands

Provide information about the commands used for configuring the Speed, Negotiation Mode,

and Flow Control for Ethernet ports.

Chapter 10: Port Isolation Commands

Provide information about the commands used for configuring Port Isolation function.

Chapter 11: Loopback Detection Commands

Provide information about the commands used for configuring the Loopback Detection

function.

Chapter 12: DDM Commands (Only for Certain Devices)

Provide information about the commands used for DDM (Digital Diagnostic Monitoring)

function.

Chapter 13: Etherchannel Commands

Provide information about the commands used for configuring LAG (Link Aggregation Group)

and LACP (Link Aggregation Control Protocol).

Chapter 14: MAC Address Commands

Provide information about the commands used for Address configuration.

Chapter 15: IEEE 802.1Q VLAN Commands

Provide information about the commands used for configuring IEEE 802.1Q VLAN.

Chapter 16: MAC-based VLAN Commands

Provide information about the commands used for configuring MAC-based VLAN.

Chapter 17: Protocol-based VLAN Commands

Provide information about the commands used for configuring Protocol VLAN.

Chapter 18: Private VLAN Commands (Only for Certain Devices)

Provide information about the commands used for configuring Private VLAN.

Chapter 19: VLAN-VPN Commands (Only for Certain Devices)

Provide information about the commands used for configuring VLAN-VPN (Virtual Private

Network) function.

Chapter 20: GVRP Commands

Provide information about the commands used for configuring GVRP (GARP VLAN registration

protocol).

Chapter 21: IGMP Snooping Commands

Provide information about the commands used for configuring the IGMP Snooping (Internet

Group Management Protocol Snooping).

Chapter 22: MLD Snooping Commands

Provide information about the commands used for configuring the MLD Snooping (Multicast

Listener Discovery Snooping).

Chapter 23: MVR Commands

Provide information about the commands used for configuring the MVR.

Chapter 24: MSTP Commands

Provide information about the commands used for configuring the MSTP (Multiple Spanning

Tree Protocol).

Chapter 25: LLDP Commands

Provide information about the commands used for configuring LLDP function.

Chapter 26: L2PT Commands (Only for Certain Devices)

Provide information about the commands used for configuring L2PT (Layer 2 Protocol

Tunneling).

Chapter 27: PPPoE ID-Insertion Commands (Only for Certain Devices)

Provide information about the commands used for configuring PPPoE ID-Insertion.

Chapter 28: Static Routes Commands

Provide information about the commands used for configuring the Static Route function.

Chapter 29: IPv6 Address Configuration Commands

Provide information about the commands used for configuring the System IPv6 addresses.

Chapter 30: ARP Commands

Provide information about the commands used for configuring the ARP (Address Resolution

Protocol) functions.

Chapter 31: DHCP Server Commands

Provide information about the commands used for configuring the DHCP Server function.

Chapter 32: DHCP Relay Commands

Provide information about the commands used for configuring the DHCP Relay function.

Chapter 33: DHCP L2 Relay Commands

Provide information about the commands used for configuring the DHCP L2 Relay function.

Chapter 34: QoS Commands

Provide information about the commands used for configuring the QoS function.

Chapter 35: Bandwidth Commands

Provide information about the commands used for configuring the Bandwidth Control.

Chapter 36: Voice VLAN Commands

Provide information about the commands used for configuring Voice VLAN.

Chapter 37 Auto VoIP Commands

Provide information about the commands used for configuring Auto VoIP.

Chapter 38: Access Control Commands

Provide information about the commands used for configuring Access Control.

Chapter 39: HTTP and HTTPS Commands

Provide information about the commands used for configuring the HTTP and HTTPS logon.

Chapter 40: SSH Commands

Provide information about the commands used for configuring and managing SSH (Security

Shell).

Chapter 41: Telnet Commands

Provide information about the commands used for configuring and managing SSH (Security

Shell).

Chapter 42: Serial Port Commands (Only for Certain Devices)

Provide information about the commands used for configuring and managing SSH (Security

Shell).

Chapter 43: AAA Commands

Provide information about the commands used for configuring AAA (authentication,

authorization and accounting).

Chapter 44: IEEE 802.1X Commands

Provide information about the commands used for configuring IEEE 802.1X function.

Chapter 45: Port Security Commands

Provide information about the commands used for configuring Port Security.

Chapter 46: Port Mirroring Commands

Provide information about the commands used for configuring the Port Mirror function.

Chapter 47: ACL Commands

Provide information about the commands used for configuring the ACL (Access Control List).

Chapter 48: IPv4 IMPB Commands

Provide information about the commands used for binding the IP address, MAC address, VLAN

and the connected Port number of the Host together.

Chapter 49: IPv6 IMPB Commands

Provide information about the commands used for binding the IPv6 address, MAC address,

VLAN and the connected Port number of the Host together.

Chapter 50: IP Verify Source Commands

Provide information about the commands used for guarding the IP Source by filtering the IP

packets based on the IP-MAC Binding entries.

Chapter 51: IPv6 Verify Source Commands

Provide information about the commands used for guarding the IPv6 Source by filtering the IP

packets based on the IP-MAC Binding entries.

Chapter 52: DHCPv4 Filter Commands

Provide information about the commands used for configuring the DHCPv4 Filter.

Chapter 53: DHCPv6 Filter Commands

Provide information about the commands used for configuring the DHCPv6 Filter.

Chapter 54: DoS Defend Command

Provide information about the commands used for DoS defend and detecting the DoS attack.

Chapter 55: sFlow Commands (Only for Certain Devices)

Provide information about the commands used for configuring the Sampled Flow function.

Chapter 56: Ethernet OAM Commands (Only for Certain Devices)

Provide information about the commands used for configuring the Ethernet OAM (Operation,

Administration, and Maintenance) function.

Chapter 57: DLDP Commands

Provide information about the commands used for configuring the DLDP (Device Link

Detection Protocol).

Chapter 58: SNMP Commands

Provide information about the commands used for configuring the SNMP (Simple Network

Management Protocol) functions.

Chapter 59: PoE Commands (Only for Certain Devices)

Provide information about the commands used for configuring PoE function.

Chapter 60: ARP Inspection Commands

Provide information about the commands used for protecting the switch from the ARP

cheating or ARP Attack.

Chapter 61: ND Detection Commands

Provide information about the commands used for configuring ND detection.

Chapter 62: System Log Commands

Provide information about the commands used for configuring system log.

Chapter 1 Using the CLI

1.1 Accessing the CLI

You can log on to the switch and access the CLI by the following three methods:

1. Log on to the switch by the console port on the switch.

2. Log on to the switch remotely by a Telnet connection through an Ethernet port.

3. Log on to the switch remotely by an SSH connection through an Ethernet port.

1.1.1 Logon by a console port

Note: Console port is only available on certain devices.

■ Console Port

The switch has two console ports: an RJ-45 console port and a Micro-USB console port.

Console output is active on devices connected to both console ports, but console input is only

active on one console port at a time.

The Micro-USB connector takes precedence over the RJ-45 connector. When the switch

detects a valid connection on the Micro-USB console port, input from the RJ-45 console port is

immediately disabled, and input from the Micro-USB console port is enabled. Removing the

Micro-USB connection immediately reenables input from the RJ-45 console connection.

■ USB Console Driver

If you are using the USB port on the MAC OS X or Linux OS for console connection, there is no

need to run a USB driver.

If you are using the switch’s Micro-USB console port with the USB port of a Windows PC, a

driver for the USB port is required. The USB driver is provided on the resource CD. Follow the

InstallSheild Wizard to accomplish the installation.

The TP-Link USB Console Driver supports the following Windows operating systems:

■ 32-bit Windows XP SP3

■ 64-bit Windows XP

■ 32-bit Windows Vista

■ 64-bit Windows Vista

■ 32-bit Windows 7

■ 64-bit Windows 7

■ 32-bit Windows 8

■ 64-bit Windows 8

■ 32-bit Windows 8.1

■ 64-bit Windows 8.1

After the TP-Link USB Console Driver is installed, the PC’s USB port will act as RS-232 serial

port when the PC’s USB port is connected to the switch’s Micro-USB console port. And the

PC’s USB port will act as standard USB port when the PC’s USB port is unplugged from the

switch.

■ Logon

Take the following steps to log on to the switch by the console port.

1. Connect the PCs or Terminals to the console port on the switch by the provided cable.

2. Start the terminal emulation program (such as the HyperTerminal) on the PC.

3. Specify the connection COM port in the terminal emulation program. If the Micro-USB

Console port is used, you can view which port is assigned to the USB serial port in the

following path:

Control Panel -> Hardware and Sound -> Device Manager -> Ports ->USB Serial Port.

Figure 1-1 USB Serial Port Number

4. Configure the terminal emulation program or the terminal to use the following settings:

■ Baud rate: 38400 bps

■ Data bits: 8

■ Parity: none

■ Stop bits: 1

■ Flow control: none

5. Type the Username and Password in the Hyper Terminal window. The default value for both

of them are admin. Press Enter in the main window and “Switch>” will appear indicating

that you have successfully logged in to the switch and you can use the CLI now.

Figure 1-2 Log in to the Switch

Note: The first time you log in, change the password to better protect your network and

devices.

1.1.2 Logon by Telnet

To log on to the switch by a Telnet connection, please take the following steps:

1. Click Start and type in cmd in the Search programs and files window and press the Enter

button.

Figure 1-1 Run Window

2. Type in telnet 192.168.0.1 in the cmd window and press Enter.

Figure 1-2 Type in the telnet command

3. Type in the login username and password (both admin by default). Press Enter and you will

enter User EXEC Mode.

Figure 1-2 Log in the Switch

Note: The first time you log in, change the password to better protect your network and

devices.

4. Type in enable command and you will enter Privileged EXEC Mode. By default, no

password is needed. Later you can set a password for users who want to access the

Privileged EXEC Mode.

Figure 1-3 Enter into Priviledged EXEC Mode

1.1.3 Logon by SSH

To log on by SSH, a Putty client software is recommended. There are two authentication modes to set up an SSH connection:

Password Authentication Mode: It requires username and password, which are both admin by default.

Key Authentication Mode: It requires a public key for the switch and a private key for the SSH client software. You can generate the public key and the private key through Putty Key Generator.

Note:

1. Before SSH login, please follow the steps shown in Figure 1-7 to enable the SSH function

through Telnet connection.

2. The first time you log in, change the password to better protect your network and devices.

Figure 1-4 Enable SSH function

■ Password Authentication Mode

1. Open the software to log on to the interface of PuTTY. Enter the IP address of the switch

into Host Name field; keep the default value 22 in the Port field; select SSH as the

Connection type.

Figure 1-5 SSH Connection Config

2. Click the Open button in the above figure to log on to the switch. Enter the login user name

and password to log on the switch, and then enter enable to enter Privileged EXEC Mode,

so you can continue to configure the switch.

Figure 1-6 Log on the Switch

■ Key Authentication Mode

2. Select the key type and key length, and generate SSH key.

Figure 1-7 Generate SSH Key

Note:

1. The key length is in the range of 512 to 3072 bits.

2. During the key generation, randomly moving the mouse quickly can accelerate the key

generation.

3. After the key is successfully generated, please save the public key and private key to a

TFTP server.

Figure 1-8 Save the Generated Key

4. Log on to the switch by Telnet and download the public key file from the TFTP server to the

switch, as the following figure shows:

Figure 1-9 Download the Public Key

Note:

1. The key type should accord with the type of the key file.

2. The SSH key downloading can not be interrupted.

5. After the public key is downloaded, please log on to the interface of PuTTY and enter the IP

address for login.

Figure 1-10 SSH Connection Config

6. Click Browse to download the private key file to SSH client software and click Open.

Figure 1-11 Download the Private Key

7. After successful authentication, please enter the login user name. If you log on to the

switch without entering password, it indicates that the key has been successfully

downloaded.

Figure 1-12 Log on the Switch

1.2 CLI Command Modes

The CLI is divided into different command modes: User EXEC Mode, Privileged EXEC Mode,

Global Configuration Mode, Interface Configuration Mode and VLAN Configuration Mode.

mode.

VLAN Configuration mode.

port,

mode.

Interface Configuration Mode can also be divided into Interface Ethernet, Interface

link-aggregation and some other modes, which is shown as the following diagram.

The following table gives detailed information about the Accessing path, Prompt of each mode and how to exit the current mode and access the next mode.

Mode Accessing Path Prompt

User EXEC

Mode

Privileged

EXEC Mode

Global

Configuration

Mode

Primary mode once it

is connected with the

switch.

Use the enable

command to enter

this mode from User

EXEC mode.

Use the configure

command to enter

this mode from

Privileged EXEC

mode.

Switch(config)#

Switch>

Switch#

Logout or Access the next

mode

Use the exit command to

disconnect the switch.

Use the enable command to

access Privileged EXEC mode.

Enter the disable or the exit

command to return to User EXEC

mode.

Enter configure command to

access Global Configuration

Use the exit or the end

command or press Ctrl+Z to

return to Privileged EXEC mode.

Use the interface

port

gigabitEthernet

interface range gigabitEthernet

port-list

interface Configuration mode.

command to access

Interface

Configuration

Mode

Layer 2 Interface:

Use the interface

gigabitEthernet

interface

port-channel

port-channel-id

interface range

gigabitEthernet

port-list

enter this mode from

Global Configuration

command to

Switch(config-if)#

Switch(config-if-range)#

Use the vlan

Use the end command or press Ctrl+Z to return to Privileged EXEC mode.

Enter the exit or the # command to return to Global Configuration mode.

A port number must be specified

in the interface command.

vlan-list

to access

Configuration mode.

configuration mode.

Each command mode has its own set of specific commands. To configure some

a). Interface gigabitEthernet: Configure parameters for an Ethernet port, such as

Mode Accessing Path Prompt

Layer 3 Interface:

Use the no

switchport

command to enter Routed Port mode from Interface Configuration mode.

Interface

Configuration

Mode

Use the interface

vlan-id

vlan command to enter VLAN Interface mode from Global Configuration mode.

Use the interface

loopback

command to enter

Loopback Interface

mode from Global

Switch (config-if)#

Switch(config-if-range)#

Logout or Access the next

mode

Use the switchport command to switch to the Layer 2 interface mode.

Use the end command or press Ctrl+Z to return to Privileged EXEC mode.

Enter the exit or the # command

to return to Global Configuration

mode.

Use the end command or press

Ctrl+Z to return to Privileged

EXEC mode.

Enter the exit command or the #

command to return to Global

VLAN

Configuration

Mode

Use the vlan

command to enter

this mode from

Global Configuration

mode.

vlan-list

Switch (config-vlan)#

Note:

1. The user is automatically in User EXEC Mode after the connection between the PC and the

switch is established by a Telnet/SSH connection.

commands, you should access the corresponding command mode firstly.

• Global Configuration Mode: In this mode, global commands are provided, such as the

Spanning Tree, Schedule Mode and so on.

• Interface Configuration Mode: In this mode, users can configure one or several ports,

different ports corresponds to different commands

Display all information of switch, for example: statistic information, port

Duplex-mode, flow control status.

b). Interface range gigabitEthernet: Configure parameters for several Ethernet ports.

c). Interface link-aggregation: Configure parameters for a link-aggregation, such as

broadcast storm.

d). Interface range link-aggregation: Configure parameters for multi-trunks.

e). Interface vlan: Configure parameters for the vlan-port.

• VLAN Configuration Mode: In this mode, users can create a VLAN and add a specified

port to the VLAN.

3. Some commands are global, that means they can be performed in all modes:

• show:

information, VLAN information.

• history: Display the commands history.

1.3 Privilege Restrictions

This switch’s security is divided into four privilege levels: User level, Power User level, Operator

level and Admin level. You can define username and password pairs, and assign a specific

privilege level to each pair. Different privilege levels have access to specified commands,

which is illustrated in the Privilege Requirement in each command. For details about how to

configure usename and password pairs, please refer to user name (password) and

(secret).

Users can enter Privileged EXEC mode from User EXEC mode by using the enable command. In

default case, no password is needed. In Global Configuration Mode, you can configure

password for Admin level by enable password command. Once password is configured, you

are required to enter it to access Privileged EXEC mode.

user name

1.4 Conventions

1.4.1 PoE Disclaimer

PoE budget calculations are based on laboratory testing. Actual PoE power budget is not

guaranteed and will vary as a result of client limitations and environmental factors.

1.4.2 Format Conventions

The following conventions are used in this Guide:

• Items in square brackets [ ] are optional

• Items in braces { } are required

• Alternative items are grouped in braces and separated by vertical bars. For example:

speed {10 | 100 | 1000 }

• Bold indicates an unalterable keyword. For example: show logging

• Normal Font indicates a constant (several options are enumerated and only one can be

selected). For example: mode {dynamic | static | permanent}

• Italic Font indicates a variable (an actual value must be assigned). For example: bridge

aging-time

1.4.3 Special Characters

You should pay attentions to the description below if the variable is a character string:

• These six characters ” < > , \ & cannot be input.

• If a blank is contained in a character string, single or double quotation marks should be

used, for example ’hello world’, ”hello world”, and the words in the quotation marks will be

identified as a string. Otherwise, the words will be identified as several strings.

1.4.4 Parameter Format

Some parameters must be entered in special formats which are shown as follows:

• MAC address must be enter in the format of xx:xx:xx:xx:xx:xx.

• One or several values can be typed for a port-list or a vlan-list using comma to separate.

Use a hyphen to designate a range of values, for instance, 1/0/1, 1/0/3-5, 1/0/7 indicates

choosing port 1/0/1, 1/0/3, 1/0/4, 1/0/5, 1/0/7.

Chapter 2 Line Commands (Only for Certain Devices)

Note: Line Commands are only available on certain devices.

2.1 line

Description

The line command is used to enter the Line Configuration Mode and make

related configurations for the desired user(s).

Syntax

line { console linenum | vty startlinenum endlinenum }

Parameter

linenum —— The number of users allowed to login through console port. Its

value is 0 in general, for the reason that console input is only active on one

console port at a time.

startlinenum ——The start serial number of the login user selected to

configure the login mode and password, ranging from 0 to 15. 0 means the

first login user number, 1 means the second, and the rest can be done on the

same manner.

endlinenum —— The end serial number of the login user selected to

configure the login mode and password, ranging from 0 to 15. 0 means the

first login user number, 1 means the second, and the rest can be done on the

same manner.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Enter the Console port configuration mode and configure the console port 0:

T2600G-28TS(config)#line console 0

Enter the Virtual Terminal configuration mode so as to prepare further

configurations such as password and login mode for virtual terminal 0 to 5:

T2600G-28TS(config)#line vty 0 5

2.2 media-type rj45

Description

The media-type rj45 command is used to configure the console media type

as RJ-45 for input. The switch has two console ports available —— an RJ-45

console port and a micro-USB console port. Console input is active on only

one console port at a time. By default, the micro-USB connector takes

precedence over the RJ-45 connector, which means that, when both the

RJ-45 console connection and micro-USB console connection are valid,

input from the RJ-45 console is disabled, and input from the micro-USB

console is enabled. To return to the default configuration, please use no

media-type rj45 command.

Syntax

media-type rj45

no media-type rj45

Command Mode

Line Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Enable the RJ-45 console input:

T2600G-28TS(config)# line console 0

T2600G-28TS(config-line)# media-type rj45

Receive the micro-USB console input prior to the RJ-45 console input:

T2600G-28TS(config)# line console 0

T2600G-28TS(config-line)# no media-type rj45

Chapter 3 User Interface

3.1 enable

Description

The enable command is used to access Privileged EXEC Mode from User EXEC Mode.

Syntax

enable

Command Mode

User EXEC Mode

Privilege Requirement

None.

Example

If you have set the password to access Privileged EXEC Mode from User EXEC Mode:

Switch>enable

Enter password:

Switch#

3.2 service password-encryption

Description

The service password-encryption command is used to encrypt the

password when the password is defined or when the configuration is written,

using the symmetric encryption algorithm. Encryption prevents the password

from being readable in the configuration file. To disable the global encryption

Syntax

function, please use no service password-encryption command.

service password-encryption

no service password-encryption

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Enable the global encryption function:

Switch(config)# service password-encryption

3.3 enable password

Description

The enable password command is used to set or change the password for

users to access Privileged EXEC Mode from User EXEC Mode. To remove the

password, please use no enable password command. This command uses

the symmetric encryption.

Syntax

enable password { [ 0 ]

no enable password

Parameter

0 —— Specify the encryption type. 0 indicates that an unencrypted password

will follow. By default, the encryption type is 0.

password

English letters (case-sensitive), digits and 17 kinds of special characters. The

special characters are !$%’()*,-./[]_{|}. By default, it is empty.

7 —— Indicates a symmetric encrypted password with fixed length will follow.

encrypted-password

which you can copy from another switch’s configuration file. After the

password

—— A string with 31 characters at most, which can contain only

—— A symmetric encrypted password with fixed length,

| 7

encrypted-password

}

encrypted password is configured, you should use the corresponding

unencrypted password if you re-enter this mode.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

User Guidelines

If the password you configured here is unencrypted and the global

encryption function is enabled in service password-encryption

in the configuration file will be displayed in the symmetric encrypted form.

If both the enable password and enable secret are defined, only the latest

configured password will take effect.

Example

Set the super password as “admin” and unencrypted to access Privileged

EXEC Mode from User EXEC Mode:

Switch(config)#enable password 0 admin

3.4 enable secret

Description

The enable secret command is used to set a secret password, which is using

an MD5 encryption algorithm, for users to access Privileged EXEC Mode from

, the password

User EXEC Mode. To return to the default configuration, please use no enable

secret command. This command uses the MD5 encryption.

Syntax

enable secret { [ 0 ]

no enable secret

Parameter

0 —— Specify the encryption type. 0 indicates that an unencrypted password

will follow. By default, the encryption type is 0.

password

English letters (case-sensitive), digits and 17 kinds of special characters. The

special characters are !$%’()*,-./[]_{|}. By default, it is empty. The password in

the configuration file will be displayed in the MD5 encrypted form.

5 —— Indicates an MD5 encrypted password with fixed length will follow.

encrypted-password

password

—— A string with 31 characters at most, which can contain only

—— An MD5 encrypted password with fixed length,

| 5

encrypted-password

}

which you can copy from another switch’s configuration file. After the

encrypted password is configured, you should use the corresponding

unencrypted password if you re-enter this mode.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

User Guidelines

If both the enable password and enable secret are defined, only the latest

configured password will take effect.

Example

Set the secret password as “admin” and unencrypted to access Privileged

EXEC Mode from User EXEC Mode. The password will be displayed in the

encrypted form.

Switch(config)#enable secret 0 admin

3.5 configure

Description

The configure command is used to access Global Configuration Mode from Privileged EXEC Mode.

Syntax

configure

Command Mode

Privileged EXEC Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

Example

Access Global Configuration Mode from Privileged EXEC Mode:

Switch# configure

Switch (config)#

3.6 exit

Description

The exit command is used to return to the previous Mode from the current Mode.

Syntax

exit

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Return to Global Configuration Mode from Interface Configuration Mode, and then return to Privileged EXEC Mode:

Switch (config-if)# exit

Switch (config)#exit

Switch#

3.7 end

Description

The end command is used to return to Privileged EXEC Mode.

Syntax

end

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Return to Privileged EXEC Mode from Interface Configuration Mode:

Switch (config-if)#end

Switch #

3.8 clipaging

Description

The clipaging command is used to enable the pause function for the screen display. If you want to display all the related information of the switch at once when using the show command, please use no clipaging command.

Syntax

clipaging

no clipaging

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Disable the pause function for the screen display:

Switch (config)#no clipaging

3.9 history

Description

The history command is used to show the latest 20 commands you entered

in the current mode since the switch is powered.

Syntax

history

Command Mode

Privileged EXEC Mode and any Configuration Mode

Privilege Requirement

None.

Example

Show the commands you have entered in the current mode:

Switch (config)# history

1 history

3.10 history clear

Description

The history clear command is used to clear the commands you have entered

in the current mode; therefore, these commands will not be shown next time

you use the history command.

Syntax

history clear

Command Mode

Privileged EXEC Mode and any Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

Example

Clear the commands you have entered in the current mode:

Switch (config)#history clear

Chapter 4 User Management Commands

User Management commands are used to manage the user’s logging information by Web,

Telnet or SSH, so as to protect the settings of the switch from being randomly changed.

4.1 user name (password)

Description

The user name command is used to add a new user or modify the existed

users’ information. To delete the existed users, please use no user name

command. This command uses the symmetric encryption.

Syntax

user name

{ [ 0 ]

no user name

Parameter

name

composed of digits, English letters and symbols. No spaces, question marks

and double quotation marks are allowed.

admin | operator | power_user | user —— Access level. “admin” means that

you can edit, modify and view all the settings of different functions. “operator”

means that you can edit, modify and view most of the settings of different

functions. “power-user” means that you can edit, modify and view some of

the settings of different functions. “user” means that you can only view some

of the settings of different functions without the right to edit or modify. It is

“admin” by default. For more details about privilege restrictions, please refer

to the Privilege Requirement part in each command.

name

[ privilege admin | operator | power_user | user ] password

password

| 7

encrypted-password

}

name

——Type a name for users' login. It contains 16 characters at most,

0 —— Specify the encryption type. 0 indicates that an unencrypted password

will follow. By default, the encryption type is 0.

password

characters (case-sensitive) and symbols. No spaces are allowed.

7 —— Indicates a symmetric encrypted password with fixed length will follow.

encrypted-password

which you can copy from another switch’s configuration file. After the

—— Users’ login password, a string with 6–31 alphanumeric

—— A symmetric encrypted password with fixed length,

encrypted password is configured, you should use the corresponding

unencrypted password if you re-enter this mode.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

User Guidelines

If the password you configured here is unencrypted and the global

encryption function is enabled in service password-encryption

in the configuration file will be displayed in the symmetric encrypted form.

If both the user name (password) and user name (secret) are defined, only

the latest configured password will take effect.

Example

Add and enable a new admin user named “tplink”, of which the password is

, the password

“admin” and unencrypted:

Switch(config)#user name tplink privilege admin password 0 admin

4.2 user name (secret)

Description

The user name command is used to add a new user or modify the existed

users’ information. To delete the existed users, please use no user name

command. This command uses the MD5 encryption.

Syntax

user name

password

no user name

Parameter

name

[ privilege admin | operator | power_user | user ] secret { [ 0 ]

| 5

encrypted-password

name

}

name

——Type a name for users' login. It contains 16 characters at most,

composed of digits, English letters and symbols. No spaces, question marks

and double quotation marks are allowed.

admin | operator | power_user | user —— Access level. “admin” means that

you can edit, modify and view all the settings of different functions. “operator”

means that you can edit, modify and view most of the settings of different

functions. “power-user” means that you can edit, modify and view some of

the settings of different functions. “user” means that you can only view some

of the settings of different functions without the right to edit or modify. It is

“admin” by default.

0 —— Specify the encryption type. 0 indicates that an unencrypted password

will follow. By default, the encryption type is 0.

password

characters (case-sensitive) and symbols. No spaces are allowed.

5 —— Indicates an MD5 encrypted password with fixed length will follow.

——Users’ login password, a string with 6–31 alphanumeric

encrypted-password

which you can copy from another switch’s configuration file.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

User Guidelines

If both the user name (password) and user name (secret) are defined, only

the latest configured password will take effect.

Example

—— An MD5 encrypted password with fixed length,

Add and enable a new admin user named “tplink”, of which the password is

“admin”. The password will be displayed in the encrypted form.

Switch (config)#user name tplink privilege admin secret 0 admin

4.3 service password-recovery

Note: This command is only available on certain devices.

Description

The service password-recovery command is used to enable the

password-recovery feature. To disable the password-recovery feature,

please use no service password-recovery command.

With password-recovery enabled, you can connect to the switch’s console

port and delete all your previous set accounts. You can use the default

username and password (which are both admin) to login the switch after its

startup.

Syntax

service password-recovery

no service password-recovery

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Enable the switch’s password-recovery feature:

T2600G-28TS(config)# service password-recovery

4.4 show user account-list

Description

The show user account-list command is used to display the information of

the current users.

Syntax

show user account-list

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Display the information of the current users:

Switch (config)# show user account-list

4.5 show user configuration

Description

The show user configuration command is used to display the security

configuration information of the users, including access-control, max-number

and the idle-timeout, etc.

Syntax

show user configuration

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the security configuration information of the users:

Switch (config)# show user configuration

Chapter 5 System Configuration Commands

System Commands can be used to configure the System information and System IP, reboot

and reset the switch, upgrade the switch system and other operations.

5.1 system-time manual

Description

The system-time manual command is used to configure the system time

manually.

Syntax

system-time manual

time

Parameter

time

—— Set the date and time manually, MM/DD/YYYY-HH:MM:SS. The valid

value of the year ranges from 2000 to 2037.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin and Operator level users have access to these commands.

Example

Configure the system mode as manual, and the time is 12/20/2010 17:30:35

Switch (config)# system-time manual 12/20/2010-17:30:35

5.2 system-time ntp

Description

The system-time ntp command is used to configure the time zone and the IP address for the NTP Server. The switch will get UTC automatically if it has connected to an NTP Server.

Syntax

system-time ntp {

fetching-rate

{

Parameter

timezone

UTC+13:00.

timezone

}

—— Your local time-zone, and it ranges from UTC-12:00 to

} {

ntp-server

} {

backup-ntp-server

}

The detailed information that each time-zone means are displayed as follow:

UTC-12:00 —— TimeZone for International Date Line West.

UTC-11:00 —— TimeZone for Coordinated Universal Time-11.

UTC-10:00 —— TimeZone for Hawaii.

UTC-09:00 —— TimeZone for Alaska.

UTC-08:00 —— TimeZone for Pacific Time(US Canada).

UTC-07:00 —— TimeZone for Mountain Time(US Canada).

UTC-06:00 —— TimeZone for Central Time(US Canada).

UTC-05:00 —— TimeZone for Eastern Time(US Canada).

UTC-04:30 —— TimeZone for Caracas.

UTC-04:00 —— TimeZone for Atlantic Time(Canada).

UTC-03:30 —— TimeZone for Newfoundland.

UTC-03:00 —— TimeZone for Buenos Aires, Salvador, Brasilia.

UTC-02:00 —— TimeZone for Mid-Atlantic.

UTC-01:00 —— TimeZone for Azores, Cape Verde Is.

UTC —— TimeZone for Dublin, Edinburgh, Lisbon, London.

UTC+01:00 —— TimeZone for Amsterdam, Berlin, Bern, Rome, Stockholm,

Vienna.

UTC+02:00 —— TimeZone for Cairo, Athens, Bucharest, Amman, Beirut,

Jerusalem.

UTC+03:00 —— TimeZone for Kuwait, Riyadh, Baghdad.

UTC+03:30 —— TimeZone for Tehran.

UTC+04:00 —— TimeZone for Moscow, St.Petersburg, Volgograd, Tbilisi,

Port Louis.

UTC+04:30 —— TimeZone for Kabul.

UTC+05:00 —— TimeZone for Islamabad, Karachi, Tashkent.

UTC+05:30 —— TimeZone for Chennai, Kolkata, Mumbai, New Delhi.

UTC+05:45 —— TimeZone for Kathmandu.

UTC+06:00 —— TimeZone for Dhaka,Astana, Ekaterinburg.

UTC+06:30 —— TimeZone for Yangon (Rangoon).

UTC+07:00 —— TimeZone for Novosibrisk, Bangkok, Hanoi, Jakarta.

UTC+08:00—— TimeZone for Beijing, Chongqing, Hong Kong, Urumqi,

Singapore.

UTC+09:00

—— TimeZone for Seoul, Irkutsk, Osaka, Sapporo, Tokyo.

UTC+09:30 —— TimeZone for Darwin, Adelaide.

UTC+10:00 —— TimeZone for Canberra, Melbourne, Sydney, Brisbane.

UTC+11:00 —— TimeZone for Solomon Is., New Caledonia, Vladivostok.

UTC+12:00 —— TimeZone for Fiji, Magadan, Auckland, Welington.

UTC+13:00 —— TimeZone for Nuku'alofa, Samoa.

ntp-server

—— The IP address for the Primary NTP Server.

backup-ntp-server

fetching-rate

—— The IP address for the Secondary NTP Server.

—— Specify the rate fetching time from NTP server.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin and Operator level users have access to these commands.

Example

Configure the system time mode as NTP, the time zone is UTC-12:00, the

primary NTP server is 133.100.9.2 and the secondary NTP server is

139.78.100.163, the fetching-rate is 11 hours:

Switch(config)# system-time ntp UTC-12:00 133.100.9.2 139.79.100.163 11

5.3 system-time dst predefined

Description

The system-time dst predefined command is used to select a daylight

saving time configuration from the predefined mode. The configuration can

be used recurrently. To disable DST function, please use no system-time dst

command.

Syntax

system-time dst predefined [ USA

no system-time dst

Parameter

USA

There are 4 options which are USA, Australia, Europe and New-Zealand

respectively. The default value is Europe.

Following are the time ranges of each option:

USA —— Second Sunday in March, 02:00 – First Sunday in November, 02:00.

Australia —— First Sunday in October, 02:00 – First Sunday in April, 03:00.

Australia | Europe | New-Zealand ]

Australia | Europe | New-Zealand —— The mode of daylight saving time.

Europe —— Last Sunday in March, 01:00 – Last Sunday in October, 01:00.

New Zealand —— Last Sunday in September, 02:00 – First Sunday in April,

03:00.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin and Operator level users have access to these commands.

Example

Configure the daylight saving time as USA standard:

Switch(config)#system-time dst predefined USA

5.4 system-time dst date

Description

The system-time dst date command is used to configure the one-off

daylight saving time. The start date is in the current year by default. The time

range of the daylight saving time must shorter than one year, but you can

configure it spanning years. To disable DST function, please use no

system-time dst command.

Syntax

system-time dst date {

{

etime

no system-time dst

Parameter

smonth

showing as follows: Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, Dec.

sday

you should show special attention to February and the differences between a

solar month and a lunar month.

stime

syear

emonth

showing as follows: Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, Dec.

eday

smonth

} {

eyear }[offset ]

——The start month of the daylight saving time. There are 12 values

—— The start day of the daylight saving time, ranging from 1 to 31. Here

—— The start moment of the daylight saving time, HH:MM.

—— The start year of the daylight saving time.

—— The end month of the daylight saving time. There are 12 values

—— The end day of the daylight saving time, ranging from q to 31. Here

} {

sday

} {

stime

} {

syear

} {

emonth

} {

eday

}

you should show special attention to February and the differences between a

solar month and a lunar month.

etime

—— The end moment of the daylight saving time, HH:MM.

eyear

—— The end year of the daylight saving time.

offset

—— The number of minutes to add during the daylight saving time. It is

60 minutes by default.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin and Operator level users have access to these commands.

Example

Configure the daylight saving time from zero clock, Apr 1st to zero clock Oct

1st and the offset is 30 minutes in 2015:

Switch(config)# system-time dst date Apr 1 00:00 2015 Oct 1 00:00 2015

5.5 system-time dst recurring

Description

The system-time dst recurring command is used to configure the recurring

daylight saving time. It can be configured spanning years. To disable DST

function, please use no system-time dst command.

Syntax

system-time dst recurring {

{

emonth

no system-time dst

Parameter

sweek

showing as follows: first, second, third, fourth, last.

sday

showing as follows: Sun, Mon, Tue, Wed, Thu, Fri, Sat.

smonth

showing as follows: Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, Dec.

stime

sweek

} {

etime

} [

offset

]

——The start week of the daylight saving time. There are 5 values

—— The start day of the daylight saving time. There are 7 values

—— The start month of the daylight saving time. There are 12 values

—— The start moment of the daylight saving time, HH:MM.

} {

sday

} {

smonth

} {

stime

} {

eweek

} {

eday}

eweek

showing as follows: first, second, third, fourth, last.

eday

showing as follows: Sun, Mon, Tue, Wed, Thu, Fri, Sat.

emonth

showing as following: Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov,

Dec.

——The end week of the daylight saving time. There are 5 values

—— The end day of the daylight saving time. There are 5 values

—— The end month of the daylight saving time. There are 12 values

etime

—— The end moment of the daylight saving time, HH:MM.

offset

—— The number of minutes to add during the daylight saving time. It is

60 minutes by default.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin and Operator level users have access to these commands.

Example

Configure the daylight saving time from 2:00am, the first Sunday of May to

2:00am, the last Sunday of Oct and the offset is 45 minutes:

Switch(config)# system-time dst recurring first Sun May 02:00 last Sun Oct

02:00 45

5.6 hostname

Description

The hostname command is used to configure the system name. To clear the

system name information, please use no hostname command.

Syntax

hostname [

no hostname

Parameter

hostname

characters. By default, it is the device name, for example “T1600G-28TS”.

Command Mode

Global Configuration Mode

Privilege Requirement

—— System Name. The length of the name ranges from 1 to 32

hostname

]

Only Admin and Operator level users have access to these commands.

Example

Configure the system name as TPLINK:

Switch(config)# hostname TPLINK

5.7 location

Description

The location command is used to configure the system location. To clear the

system location information, please use no location command.

Syntax

location [

no location

location

Parameter

location

most. It is “SHENZHEN” by default.

—— Device Location. It consists of 32 characters at

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin and Operator level users have access to these commands.

Example

Configure the system location as SHENZHEN:

Switch(config)# location SHENZHEN

]

5.8 contact-info

Description

The contact-info command is used to configure the system contact

information. To clear the system contact information, please use no

contact-info command.

Syntax

contact-info [

no contact-info

Parameter

contact_info

is “www.tp-link.com” by default.

Command Mode

Global Configuration Mode

contact_info

—— Contact Information. It consists of 32 characters at most. It

]

Privilege Requirement

Only Admin and Operator level users have access to these commands.

Example

Configure the system contact information as www.tp-link.com:

Switch(config)# contact-info www.tp-link.com

5.9 led

Note: This command is only available on certain devices.

Description

The led command is used to control the LEDs.

Syntax

led {on | off}

Parameter

on | off—— The LEDs are configured as on or off. By default, they are on.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

Example

Configure the LED as off:

Switch(config)# led off

5.10 ip address

Description

Syntax

This ip address command is used to configure the IP address and IP subnet

mask for the specified interface manually. The interface type includes: routed

port, port-channel interface, loopback interface and VLAN interface.

ip address {

no ip address [

ip-addr

} {

mask

} [ secondary ]

] [

mask

]

Parameter

ip-addr

mask

secondary —— Specify the interface’s secondary IP address. If this

parameter is omitted here, the configured IP address is the interface’s

primary address.

—— The IP address of the Layer 3 interface.

—— The subnet mask of the Layer 3 interface.

Command Mode

Interface Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

Example

Create the VLAN interface 2 with the primary IP address as 192.168.1.1/24

and secondary IP address as 192.168.2.1/24:

Switch (config)# interface vlan 2

Switch (config-if)# ip address 192.168.1.1 255.255.255.0

Switch (config-if)# ip address 192.168.2.1 255.255.255.0 secondary

5.11 ip address-alloc

Description

The IP address-alloc command is used to enable the DHCP Client function or

the BOOTP Protocol. When this function is enabled, the specified interface

will obtain IP from DHCP Server or BOOTP server. To disable the IP obtaining

function on the specified interface, please use the no ip address command.

This command applies to the routed port, the port-channel interface and the

VLAN interface.

Syntax

ip address-alloc { dhcp | bootp }

no ip address

Parameter

dhcp —— Specify the Layer 3 interface to obtain IP address from the DHCP

Server.

bootp

—— Specify the Layer 3 interface to obtain IP address from the

BOOTP Server.

Command Mode

Interface Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

Example

Enable the DHCP Client function on the Lay 3 routed port 1/0/1:

Switch (config)# interface gigabitEthernet 1/0/1

Switch (config-if)# no switchport

Switch (config-if)# ip address-alloc dhcp

Disable the IP address obtaining function on the VLAN interface 2:

Switch (config)# interface vlan 2

Switch (config-if)# no ip address

5.12 controller cloud-based (Only for Certain Devices)

Note: This command is only available on certain devices

Description

The controller cloud-based command is used to enable Cloud-Based

Controller managment. When this feature is enabled, you can further add your

devices to your Omada Cloud-Based Controller. To disable the feature, use

the no controller cloud-based command.

Syntax

controller cloud-based

no controller cloud-based

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

5.13 controller inform-url (Only for Certain Devices)

Note: This command is only available on certain devices

Description

If your switch and Omada SDN Controller are not located on the same subnet,

the controller inform-url command is used to inform the switch of the

controller’s URL/IP address. To disable the feature, use the no controller

inform-url command.

Syntax

controller inform-url { controller-url | controller-ip }

no controller inform-url

Parameter

controller-url —— Specify the URL of Omada SDN Controller.

controller-ip

—— Specify the IP address of Omada SDN Controller.

Command Mode

Gloabal Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

Example

Inform the switch of the controller whose IP address is 192.168.1.1:

Switch (config)# controller inform-url 192.168.1.1

5.14 reset

Description

The reset command is used to reset the switch’s software. After resetting, all

configuration of the switch will restore to the factory defaults and your

current settings will be lost.

Syntax

reset [ except-ip ]

Parameter

except-ip ——Maintain the IP address when resetting the switch.

Command Mode

Privileged EXEC Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Reset all settings of the switch except its IP address:

Switch # reset except-ip

5.15 service reset-disable

Description

The service reset-disable command is used to disable the reset function of

the console port or reset button. To enable the reset function, use no service

reset-disable command. By default, the reset function is enabled.

Syntax

service reset-disable

no service reset-disable

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Disable the reset function of console port or reset button:

Switch (config)# service reset-disable

5.16 reboot

Description

The reboot command is used to reboot the Switch. To avoid damage, please

don’t turn off the device while rebooting.

Syntax

reboot

Command Mode

Privileged EXEC Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Reboot the switch:

Switch # reboot

5.17 reboot-schedule

Description

This reboot-schedule command is used to configure the switch to reboot at

a certain time point. To delete the reboot schedule settings, please use the

reboot-schedule cancel command.

Syntax

reboot-schedule at

reboot-schedule in

reboot-schedule cancel

Parameter

time

—— Specify the time point for the switch to reboot, in the format of

time [ date

interval

] [ save_before_reboot ]

[ save_before_reboot ]

hh:mm.

date

—— Specify the date for the switch to reboot, in the format of

DD:MM:YYYY. The date should be within 30 days.

save_before_reboot

—— Save the configuration file before the switch

reboots.

interval

from 1 to 43200 minutes.

cancel —— Delete the reboot schedule settings.

—— Specify a time period after which the switch reboots. It ranges

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

User Guidelines

In the command reboot-schedule at

no date is specified and the time you set here is later than the time that this

command is executed, the switch will reboot later that day; otherwise the

switch will reboot at the time point the next day.

Example

time [ date

] [ save_before_reboot ], if

Specify the switch to save the configuration files and reboot in 200 minutes:

Switch (config)# reboot-schedule in 200 save_before_reboot

5.18 copy running-config startup-config

Description

The copy running-config startup-config command is used to save the

current settings.

Syntax

copy running-config startup-config

Command Mode

Privileged EXEC Mode

Privilege Requirement

Only Admin and Operator level users have access to these commands.

Example

Save current settings:

Switch # copy running-config startup-config

5.19 copy startup-config tftp

Description

The copy startup-config tftp command is used to backup the configuration

file to TFTP server.

Syntax

copy startup-config tftp ip-address

Parameter

ip-addr

supported, for example 192.168.0.1 or fe80::1234.

name

—— IP Address of the TFTP server. Both IPv4 and IPv6 addresses are

—— Specify the name for the configuration file which would be backup.

Command Mode

Privileged EXEC Mode

Privilege Requirement

Only Admin and Operator level users have access to these commands.

Example

Backup the configuration files to TFTP server with the IP 192.168.0.148 and

name this file config.cfg:

Switch # copy startup-config tftp ip-address 192.168.0.148 filename config

Backup the configuration files to TFTP server with the IP fe80::1234 and name

ip-addr

filename

name

this file config.cfg:

Switch # copy startup-config tftp ip-address fe80::1234 filename config

5.20 copy tftp startup-config

Description

The copy tftp startup-config command is used to download the

configuration file to the switch from TFTP server.

Syntax

copy tftp startup-config ip-address

Parameter

ip-addr

supported, for example 192.168.0.1 or fe80::1234.

—— IP Address of the TFTP server. Both IPv4 and IPv6 addresses are

ip-addr

filename

name

—— Specify the name for the configuration file which would be

downloaded.

Command Mode

Privileged EXEC Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Download the configuration file named as config.cfg to the switch from TFTP

server with the IP 192.168.0.148:

Switch # copy tftp startup-config ip-address 192.168.0.148 filename config

Download the configuration file named as config.cfg to the switch from TFTP

server with the IP fe80::1234

Switch # copy tftp startup-config ip-address fe80::1234 filename config

5.21 copy backup-config tftp

Description

The copy backup-config tftp command is used to export the backup

configuration file of the switch to TFTP server.

Syntax

copy backup-config tftp ip-address

Parameter

ip-addr

supported, for example 192.168.0.1 or fe80::1234.

name

Command Mode

Privileged EXEC Mode

Privilege Requirement

—— IP Address of the TFTP server. Both IPv4 and IPv6 addresses are

—— Specify the name for the configuration file which would be exported.

ip-addr

filename

name

Only Admin level users have access to these commands.

Example

Export the backup configuration file of the switch to the TFTP server with the

IP 192.168.0.148 and name the file config.cfg:

Switch # copy backup-config tftp ip-address 192.168.0.148 filename config

5.22 copy backup-config startup-config

Description

The copy backup-config startup-config command is used to replace the

startup configuration file using the backup configuration file.

Syntax

copy backup-config startup-config

Command Mode

Privileged EXEC Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Replace the startup configuration file using the backup configuration file.:

Switch # copy backup-config startup-config

5.23 copy running-config backup-config

Description

The copy running-config backup-config tftp command is used to save the

current running configuration as the backup configuration file.

Syntax

copy running-config backup-config

Command Mode

Privileged EXEC Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Save the current running configuration as the backup configuration file.

Switch # copy running-config backup-config

5.24 copy tftp backup-config

Description

The copy tftp backup-config command is used to download the backup

configuration file from a TFTP server.

Syntax

Copy tftp backup-config ip-address

Parameter

ip-addr

supported, for example 192.168.0.1 or fe80::1234.

name

downloaded.

—— IP Address of the TFTP server. Both IPv4 and IPv6 addresses are

—— Specify the name for the configuration file which would be

Command Mode

Privileged EXEC Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Download the configuration file named config.cfg from the TFTP server with

the IP 192.168.0.148:

Switch # copy tftp backup-config ip-address 192.168.0.148 filename config

ip-addr

filename

name

5.25 boot application

Description

The boot application command is used to configure the image file as startup

image or backup image.

Syntax

boot application filename { image1 | image 2 } { startup | backup }

no boot application

Parameter

image1 | image2 —— Specify the image file to be configured. By default, the

image1.bin is the startup image and the image2.bin is the backup image.

startup | backup —— Specify the property of the image, either startup image

or backup image.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Configure the image2.bin as the startup image:

Switch (config)# boot application filename image2 startup

5.26 boot config

Description

The boot config command is used to configure the configuration file as

startup configuration or backup configuration.

Syntax

boot config filename { config1 | config 2 } { startup | backup }

no boot application

Parameter

config1 | config2 —— Specify the configuration file to be configured. By

default, the config1.cfg is the startup image and the config2.cfg is the backup

image.

startup | backup—— Specify the property of the configuration.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Configure the config2.cfg as the startup image:

Switch (config)# boot config filename config2 startup

5.27 remove backup-image

Description

The remove backup-image command is used to delete the backup-image.

Syntax

remove backup-image

Command Mode

Privileged EXEC Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Delete the backup image file:

Switch # remove backup-image

5.28 firmware upgrade

Description

The firmware upgrade command is used to upgrade the switch’s backup

iamge file via the TFTP server. The uploaded firmware file will take place of

the Backup Image, and user can choose whether to reboot the switch with

the Backup Image.

Syntax

firmware upgrade tftp ip-address

Parameter

ip-addr

supported, for example 192.168.0.1 or fe80::1234.

—— IP Address of the TFTP server. Both IPv4 and IPv6 addresses are

ip-addr

filename

name

—— Specify the name for the firmware file.

Command Mode

Privileged EXEC Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Upgrade the switch’s backup iamge file with the file firmware.bin in the TFTP

server with the IP address 192.168.0.148, and reboot the switch with this

firmware:

Switch # firmware upgrade tftp ip-address 192.168.0.148 filename

firmware.bin

It will only upgrade the backup image. Continue? (Y/N):y

Operation OK!

Reboot with the backup image? (Y/N): y

Upgrade the switch’s backup iamge file with the file firmware.bin in the TFTP

server with the IP address fe80::1234, but do not reboot the switch:

Switch # firmware upgrade tftp ip-address fe80::1234 filename

firmware.bin

It will only upgrade the backup image. Continue? (Y/N):y

Operation OK!

Reboot with the backup image? (Y/N): n

5.29 boot autoinstall start

Note: This command is only available on certain devices.

Description

The boot autoinstall start command is used to start Auto Install function. To

stop the Auto Install function, use no boot autoinstall start.

Syntax

boot autoinstall start

no boot autoinstall start

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Start Auto Install function:

T2600-28TS(config)# boot autoinstall start

5.30 boot autoinstall persistent-mode

Note: This command is only available on certain devices.

Description

The boot autoinstall persistent-mode command is used to start Auto Install

function to next reboot cycle. To disable persistent mode, use no boot

autoinstall persistent-mode.

Syntax

boot autoinstall persistent-mode

no boot autoinstall persistent-mode

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Start Auto Install function:

T2600-28TS(config)# boot autoinstall persistent-mode

5.31 boot autoinstall auto-save

Note: This command is only available on certain devices.

Description

The boot autoinstall auto-save command is used to automatically save the

new configuration file that was downloaded by Auto Install function to

start-up configuration file Auto Install. To disable auto-save configuration

feature use no boot autoinstall auto-save.

Syntax

boot autoinstall auto-save

no boot autoinstall auto-save

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Configure Auto Install function to auto-save new configuration file to start-up

configuration file:

T2600-28TS(config)# boot autoinstall auto-save

5.32 boot autoinstall auto-reboot

Note: This command is only available on certain devices.

Description

The boot autoinstall auto-reboot command is used to automatically reboot

the switch after Auto Install function is completed successfully. To disable

auto-reboot feature use no boot autoinstall auto-reboot.

Syntax

boot autoinstall auto-reboot

no boot autoinstall auto-reboot

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Configure the switch to auto reboot after Auto Install function completed

successfully:

T2600-28TS(config)# boot autoinstall auto-reboot

5.33 boot autoinstall retry-count

Note: This command is only available on certain devices.

Description

The boot autoinstall retry-count command is used to configure retry count

when Auto Install function uses TFTP to download configuration files in a

cycle of Auto Install process. To set retry count to default value use no boot

autoinstall retry-count.

Syntax

boot autoinstall retry-count

no boot autoinstall retry-count

count

Parameter

count

—— The count of retrying auto install. The value ranges from 1 to 3.

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Configure TFTP retry 2 times when download files failed:

T2600- 28TS(config)# boot autoinstall retry-count 2

5.34 show boot autoinstall

Note: This command is only available on certain devices.

Description

The show boot autoinstall command is used to display the configuration of

Auto Install function.

Syntax

show boot autoinstall

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the configuration of Auto Install function:

T2600-28TS# show boot autoinstall

5.35 show boot autoinstall downloaded-config

Note: This command is only available on certain devices.

Description

The show boot autoinstall downloaded-config command is used to display

the configuration file which downloaded by Auto Install.

Syntax

show boot autoinstall downloaded-config

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the configuration file which downloaded by Auto Install:

T2600-28TS# show boot autoinstall downloaded-config

5.36 ping

Description

The ping command is used to test the connectivity between the switch and

one node of the network.

Syntax

ping [ ip | ipv6 ] {

Parameter

ipv6

ip_addr

parameter ip/ipv6 is not selected, both IPv4 and IPv6 addresses are

supported, for example 192.168.0.100 or fe80::1234.

-n

ranges from 1 to 10. By default, this value is 4.

ip_addr

—— The type of the IP address for ping test should be IPv4.

—— The type of the IP address for ping test should be IPv6.

—— The IP address of the destination node for ping test. If the

count

—— The amount of times to send test data during Ping testing. It

} [ -n

count

] [ -l

size

] [ -i

interval

]

-l

size

—— The size of the sending data during ping testing. It ranges from 1 to

1500 bytes. By default, this value is 64.

-i

interval

to 1000 milliseconds. By default, this value is 1000.

—— The interval to send ICMP request packets. It ranges from 100

Command Mode

Privileged EXEC Mode

Privilege Requirement

None.

Example

To test the connectivity between the switch and the network device with the

IP 192.168.0.131, please specify the

1000 milliseconds. If there is not any response after 8 times’ Ping test, the

connection between the switch and the network device is failed to establish:

Switch # ping 192.168.0.131 –n 8 –l 512

To test the connectivity between the switch and the network device with the

IP fe80::1234, please specify the

milliseconds. If there is not any response after 8 times’ Ping test, the

connection between the switch and the network device is failed to establish:

Switch # ping fe80::1234 –n 8 –l 512

5.37 tracert

Description

The tracert command is used to test the connectivity of the gateways during

its journey from the source to destination of the test data.

count

(-l) as 512 bytes and

count

(-l) as 512 bytes and

count

(-i) as

(-i) as 1000

Syntax

tracert [ ip | ipv6 ]

Parameter

ip —— The type of the IP address for tracert test should be IPv4.

ipv6 —— The type of the IP address for tracert test should be IPv6.

ip_addr

is not selected, both IPv4 and IPv6 addresses are supported, for example

192.168.0.100 or fe80::1234.

maxHops

though. It ranges from 1 to 30. By default, this value is 4.

—— The IP address of the destination device. If the parameter ip/ipv6

—— The maximum number of the route hops the test data can pass

Command Mode

Privileged EXEC Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

ip_addr [ maxHops

]

Example

Test the connectivity between the switch and the network device with the IP

192.168.0.131. If the destination device has not been found after 20

maxHops,

failed to establish:

Switch # tracert 192.168.0.131 20

Test the connectivity between the switch and the network device with the IP

fe80::1234. If the destination device has not been found after 20

the connection between the switch and the destination device is failed to

establish:

Switch # tracert fe80::1234 20

the connection between the switch and the destination device is

5.38 show system-info

Description

The show system-info command is used to display System Description,

Device Name, Device Location, System Contact, Hardware Version, Firmware

Version, System Time, Run Time and so on.

maxHops,

Syntax

show system-info

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the system information:

Switch # show system-info

5.39 show image-info

Description

The show image-info command is used to display the information of image

files in the system.

Syntax

show image-info

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Display the system image files’ information:

Switch# show image-info

5.40 show boot

Description

The show boot command is used to display the boot configuration of the

system.

Syntax

show boot

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Display the system boot configuration information:

Switch# show boot

5.41 show running-config

Description

The show running-config command is used to display the current operating

configurations of the whole system, a specified unit, or a specified port.

Syntax

show running-config [

interface {fastEthernet |gigabitEthernet | ten-gigabitEthernet}

show running-config [all | | [exclude

{fastEthernet |gigabitEthernet | ten-gigabitEthernet}

Parameter

unit

—— Specify the unit number of a switch to show the unit’s operating

configurations. By default, it is 1.

all—— Display all the operating configurations of the whole system or a

specified unit.

|—— Enable filter to filtrate the configurations. You can use exclude and

include to set the filter rule.

keyword

port

configurations.

—— The filter conditions, such as interface, vlan, and user.

—— Specify the number of the port to show the port’s operating

Command Mode

unit

{all | | [exclude

keyword

] [include

keyword

port

]

] |

port

} ]

] | interface

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Display the current operating configurations only related to the user:

Switch# show running-config | include user

5.42 show startup-config

Description

The show startup-config command is used to display the current

configuration saved in the switch. These configuration settings will not be lost

the next time you reboot the switch.

Syntax

show startup-config

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Display the saved configuration:

Switch# show startup-config

5.43 show system-time

Description

The show system-time command is used to display the time information of

the switch.

Syntax

show system-time

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the time information of the switch

Switch# show system-time

5.44 show system-time dst

Description

The show system-time dst command is used to display the DST information

of the switch.

Syntax

show system-time dst

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the DST information of the switch

Switch# show system-time dst

5.45 show system-time ntp

Description

The show system-time ntp command is used to display the NTP mode

configuration information.

Syntax

show system-time ntp

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the NTP mode configuration information of the switch:

Switch# show system-time ntp

5.46 show cable-diagnostics interface

Description

The show cable-diagnostics interface command is used to display the cable

diagnostics of the connected Ethernet Port., which facilitates you to check

the connection status of the cable connected to the switch, locate and

diagnose the trouble spot of the network.

Syntax

show cable-diagnostics interface { fastEthernet

| ten-gigabitEthernet

Parameter

port

}

port

| gigabitEthernet

port

—— The number of the port which is selected for Cable test.

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Show the cable-diagnostics of port 3:

Switch# show cable-diagnostics interface gigabitEthernet 1/0/3

5.47 show cpu-utilization

Description

The show cpu-utilization command is used to display the system’s CPU

utilization in the last 5 seconds/1minute/5minutes.

Syntax

show cpu-utilization

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the CPU utilization information of the switch:

Switch# show cpu-utilization

5.48 show memory-utilization

Description

The show memory-utilization command is used to display the current

system’s memory utilization in the last 5 seconds/1minute/5minutes.

Syntax

show memory-utilization

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the memory utilization information of the switch:

Switch# show memory-utilization

5.49 show controller

Note: This command is only available on certain devices.

Description

The show controller command is used to display the current controller

settings and status.

Syntax

show controller

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the current controller settings and status:

Switch# show controller

5.50 show temperature

Note: This command is only available on certain devices.

Description

The show temperature command is used to display the temperature of

switch.

Syntax

show temperature

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the temperature information of the switch:

T2600G-28TS-DC# show temperature

5.51 show voltage

Note: This command is only available on certain devices.

Description

The show voltage command is used to display the voltage of DC power

board.

Syntax

show voltage

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the voltage information of the switch:

T2600G-28TS-DC# show voltage

Chapter 6 EEE Configuration Commands

EEE (Energy Efficient Ethernet) is used to save power consumption of the switch during periods

of low data activity. You can simply enable this feature on ports to allow power reduction.

6.1 eee

Description

The eee command is used to enable EEE on the port. To disable EEE on the

port, please use no eee command.

Syntax

eee

no eee

Command Mode

Interface Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

Example

Enable EEE on port 1/0/1:

Switch(config)#interface gigabitEthernet 1/0/1

Switch(config-if)#eee

6.2 show interface eee

Description

The show interface eee command is used to display the EEE configuration

on each port.

Syntax

show interface eee [ fastEthernet

ten-gigabitEthernet

Command Mode

Privileged EXEC Mode and Any Configuration Mode

port

| gigabitEthernet

]

port

Privilege Requirement

None.

Example

Display the EEE configuration of each port

Switch# show interface eee

Chapter 7 SDM Template Commands

This chapter describes how to configure the Switch Database Management (SDM) templates to

allocate hardware resources on the switch for different uses.

7.1 sdm prefer

Description

The sdm prefer command is used to configure the SDM template. The SDM

template is used to allocate system resources to best support the features

being used in your application. To return to use the default template, please

use the sdm prefer default command. The template change will take effect

after a reboot.

Syntax

sdm prefer { default | enterpriseV4 | enterpriseV6 }

Parameter

default —— Specify the SDM template used in the switch as “default”.

enterpriseV4

“enterpriseV4”.

enterpriseV6

“enterpriseV6”.

—— Specify the SDM template used in the switch as

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Specify the SDM template as enterpriseV4:

Switch(config)# sdm prefer enterpriseV4

7.2 show sdm prefer

Description

The show sdm prefer command is used to display resource allocation of the

current SDM template in use, or the SDM templates that can be used.

Syntax

show sdm prefer { used | default | enterpriseV4 | enterpriseV6 }

Parameter

used —— Display the resource allocation of the template currently in use, and

the template that will become active after a reboot.

default

enterpriseV4

template.

enterpriseV6

template.

—— Display the resource allocation of the default template.

—— Display the resource allocation of the enterpriseV4

—— Display the resource allocation of the enterpriseV6

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

Only Admin level users have access to these commands.

Example

Display the resource allocation of the template currently in use, and the

template that will become active after a reboot:

Switch(config)#show sdm prefer used

Chapter 8 Time Range Commands

With this feature, you can configure a time range and bind it to a PoE port or an ACL rule.

8.1 time-range

Description

The time-range command is used to create time-range entry for the switch

and enter Time-range Create Configuration Mode. After a time-range entry is

created, you need to specify the date and time. A time-range can implement

multiple time-ranges simultaneously as long as they do not conflict with each

other. To delete the corresponding time-range configuration, please use no

time-range command.

Syntax

time-range

no time-range

Command Mode

Global Configuration Mode

Parameter

name

—— The time-range name, ranging from 1 to 16 characters.

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

Example

Create a time-range named “tRange1” for the switch:

Switch(config)# time-range tRange1

8.2 absolute

name

Description

The absolute command is used to create an absolute time-range for the

time-range of the switch. To delete the corresponding absolute time-range

configuration, please use no absolute command.

Syntax

absolute from

no absolute [

start-date

index

Parameter

start-date

MM/DD/YYYY.

end-date

MM/DD/YYYY.

—— The start date in Absoluteness Mode, in the format of

—— The end date in Absoluteness Mode, in the format of

Command Mode

Time-Range Create Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

Example

Create an absolute time-range for the switch and specify the date extending

from May 5th, 2017 through Oct. 5th, 2017:

end-date

]

Switch(config)#time-range tRange1

Switch(config-time-range)#absolute from 05/05/2017 to 10/05/2017

8.3 periodic

Description

The periodic command is used to create a periodic mode time-range for the

time-range of the switch. To delete the corresponding periodic mode

time-range configuration, please use no periodic command.

Syntax

periodic start

no periodic [

Parameter

start-time

index

——Specify the start time in the format of HH:MM

end

end-time

]

day-of-the-week

week-day

end-time

week-day

example, 1-3,6 represents Monday, Tuesday, Wednesday and Saturday; daily

represents every day; off-day represents the weekends; working-day

represents the working days.

——Specify the end time in the format of HH:MM

——In the format of 1-3, 6, daily, off-day, or working-day. For

Command Mode

Time-Range Create Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

Example

Configure the time-range tSeg1 with time from 8:30 to 12:00 at weekends:

Switch(config)#time-range tSeg1

Switch(config -time-range)#periodic start 08:30 end 12:00

day-of-the-week 6-7

8.4 holiday (time-range mode)

Description

The holiday command is used to create holiday mode time-range for the

time-range of the switch. When the holiday which is excluded from

time-range occurs, the switch will not supply power.

Syntax

holiday { exclude | include }

Parameter

exclude

include

——The time range will not take effect on holiday.

—— The time range will take effect on holiday.

Command Mode

Time-Range Create Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

Example

Create a time-range entry named “tRange3” and configure time-range to

exclude the holiday:

Switch(config)#time-range tRange3

Switch(config-time-range)#holiday exclude

8.5 holiday

Description

The holiday command is used to create holiday for the switch. To delete the

corresponding holiday configuration, please use no holiday command.

Syntax

holiday

no holiday

name

start-date

Parameter

name

—— The holiday name, ranging from 1 to 16 characters.

start-date

instance, 05/01.

end-date

instance, 05/01.

—— The start date of the holiday, in the format of MM/DD, for

——The end date of the holiday, in the format of MM/DD, for

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these commands.

Example

start-date

end-date

Create a holiday named “holiday1” and configure the start date as October

1st and the end date as October 3rd:

Switch(config)# holiday holiday1 start-date 10/01 end-date 10/03

8.6 show holiday

Description

The show holiday command is used to display the defined holiday.

Syntax

show holiday

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the defined holiday:

Switch# show holiday

8.7 show time-range

Description

The show time-range command is used to display the defined time-range.

Syntax

show time-range [

Parameter

time-range-name

Command Mode

Privileged EXEC Mode and Any Configuration Mode

Privilege Requirement

None.

Example

Display the defined time-range:

Switch# show time-range

time-range-name

—— Specify the time range name with 1 to 16 characters.

]

TP-Link TL-SX3008F CLI Reference Guide

Specifications and Main Features

Frequently Asked Questions

User Manual

Preface

Chapter 1 Using the CLI

1.1 Accessing the CLI

1.1.1 Logon by a console port

1.1.2 Logon by Telnet

1.1.3 Logon by SSH

1.2 CLI Command Modes

1.3 Privilege Restrictions

1.4 Conventions

1.4.1 PoE Disclaimer

1.4.2 Format Conventions

1.4.3 Special Characters

1.4.4 Parameter Format

Chapter 2 Line Commands (Only for Certain Devices)

2.1 line

2.2 media-type rj45

Chapter 3 User Interface

3.1 enable

3.2 service password-encryption

3.3 enable password

3.4 enable secret

3.5 configure

3.6 exit

3.7 end

3.8 clipaging

3.9 history

3.10 history clear

Chapter 4 User Management Commands

4.1 user name (password)

4.2 user name (secret)

4.3 service password-recovery

4.4 show user account-list

4.5 show user configuration

Chapter 5 System Configuration Commands

5.1 system-time manual

5.2 system-time ntp

5.3 system-time dst predefined

5.4 system-time dst date

5.5 system-time dst recurring

5.6 hostname

5.7 location

5.8 contact-info

5.9 led

5.10 ip address

5.11 ip address-alloc

5.12 controller cloud-based (Only for Certain Devices)

5.13 controller inform-url (Only for Certain Devices)

5.14 reset

5.15 service reset-disable

5.16 reboot

5.17 reboot-schedule

5.18 copy running-config startup-config

5.19 copy startup-config tftp

5.20 copy tftp startup-config

5.21 copy backup-config tftp

5.22 copy backup-config startup-config

5.23 copy running-config backup-config

5.24 copy tftp backup-config

5.25 boot application

5.26 boot config

5.27 remove backup-image

5.28 firmware upgrade

5.29 boot autoinstall start

5.30 boot autoinstall persistent-mode

5.31 boot autoinstall auto-save

5.32 boot autoinstall auto-reboot

5.33 boot autoinstall retry-count

5.34 show boot autoinstall

5.35 show boot autoinstall downloaded-config

5.36 ping

5.37 tracert

5.38 show system-info

5.39 show image-info

5.40 show boot

5.41 show running-config

5.42 show startup-config