manualshive.com logo in svg

3Com 7750 Series, Command Reference Manual

The 3Com 7750 Series delivers high-performance networking solutions. Increase your understanding and maximize the potential of your device with the Command Reference Manual, available for free download from manualshive.com. Unleash the power of your 3Com 7750 Series with this comprehensive manual, designed to enhance your user experience.

Share
Download
background image

3Com Switch 7750 Series
Command Reference Guide – Password Control 

Chapter 1  Password Control Configuration Commands

 

alert-time

: Alert time period. When the remaining usable time of a password is no more 

than this time, the user is alerted to the forthcoming password expiration. It ranges from 
1 day to 30 days and defaults to 7 days. 

authentication-timeout

: Timeout time for user authentication. It ranges from 30 seconds 

to 120 seconds and defaults to 60 seconds. 

exceed

: Used to configure the processing  mode used after login fails. 

lock

: A processing mode. In this mode, a login-failure user is added to the blacklist and 

will be able to re-login only after the administrator manually removes this user from the 
blacklist. 

locktime

 time

: A processing mode. In this mode, a login-failure user is inhibited from 

logging in in a certain time period, which ranges from 3 to 360 (in minutes) and defaults 
to 120 minutes; the user is allowed to log into the device again only after this time 
passes. 

unlock

: A processing mode. In this mode, a login-failure user is allowed to log into the 

switch again and again without any inhibition. 

Description 

Use the 

password-control

 

aging

 

aging-time

 command to configure the aging time for 

system login passwords. 

Use the 

password-control

 

length

 

length

 command to configure the minimum 

password length for the system login passwords. 

Use the 

password-control

 

login-attempt 

login-times

 command to configure the 

number of password attempts allowed for each user. 

Use the 

password-control

 

history

 

max-record-num

 command to configure the 

maximum number of history password records allowed for each user. 

Use the 

password-control alert-before-expire

 

alert-time

 command to configure the 

alert time before password expiration, that is, specify the number of days before 
password expiration to start a daily alert. 

Use the 

password-control authentication-timeout 

authentication-timeout

 command 

to configure the timeout time for user password authentication. 

Use the 

password-control exceed

 command to configure the processing mode used 

after password attempt fails. 

By default, the system operates in 

locktime

 mode after password authentication fails. 

Example 

# Configure the aging time of the system login passwords to 100 days. 

<3Com>system-view 

System View: return to User View with Ctrl+Z. 

[3Com] password-control aging 100 

Summary of Contents for 7750 Series

Page 1: ...3Com Switch 7750 Series Command Reference Guide www 3Com com Part Number 10015463 Rev AB September 2006 ...

Page 2: ...ited States government agency then this documentation and the software described herein are provided to you subject to the following All technical data and computer software are commercial in nature and developed solely at private expense Software is delivered as Commercial Computer Software as defined in DFARS 252 227 7014 June 1995 or as a commercial item as defined in FAR 2 101 a and as such is...

Page 3: ...rence Guide CLI Table of Contents i Table of Contents Chapter 1 CLI Configuration Commands 1 1 1 1 CLI Configuration Commands 1 1 1 1 1 command privilege level 1 1 1 1 2 display history command 1 2 1 1 3 super 1 2 1 1 4 super password 1 3 ...

Page 4: ... privilege view command to restore the level of the specified command in the specified view to the default Commands fall into four command levels visit monitor system and manage which are identified as 0 1 2 and 3 respectively The administrator can change the level of a command to enable users of specific level to utilize the command By default the ping tracert and telnet commands are at the visit...

Page 5: ...d history command max size Example Display history commands 3Com display history command system view quit display history command 1 1 3 super Syntax super level View User view Parameter level User level This argument ranges from 0 to 3 and defaults to 3 If you execute this command with the level argument not provided this command switches the current user level to level 3 Description Use the super...

Page 6: ...igher user level If the password is not configured an AUX user can switch to a higher user level directly z A password is necessary for a VTY user to switch to a higher user level You can use the super password level level simple cipher password command to set the password With the password not configured a VTY user is prompted the message reading Password is not set and remains in the previous le...

Page 7: ...23 Description Use the super password command to set the password for users to switch to a higher user level To prevent unauthorized accesses you can use this command to require users to provide the password when they switch to a higher user level For security purpose the password a user enters when switching to a higher user level is not displayed A user will remain at the original user level if ...

Page 8: ...t 1 11 1 1 11 lock 1 12 1 1 12 modem 1 12 1 1 13 modem auto answer 1 13 1 1 14 modem timer answer 1 14 1 1 15 parity 1 14 1 1 16 protocol inbound 1 15 1 1 17 screen length 1 16 1 1 18 send 1 16 1 1 19 service type 1 17 1 1 20 set authentication password 1 19 1 1 21 shell 1 20 1 1 22 speed 1 21 1 1 23 stopbits 1 21 1 1 24 sysname 1 22 1 1 25 telnet 1 23 1 1 26 user interface 1 23 1 1 27 user privil...

Page 9: ...imple password command z If you specify the scheme keyword to authenticate users locally or remotely using usernames and passwords the actual authentication mode that is local or remote depends on other related configuration z If this command is executed with the command authorization keywords specified authorization is performed on the TACACS server whenever you attempt to execute a command and t...

Page 10: ...ute command command to set the command that is executed automatically after a user logs in Use the undo auto execute command command to disable the specified command from being automatically executed Normally the telnet command is specified to be executed automatically to enable the user to Telnet to a specific network device automatically By default no command is automatically executed Caution z ...

Page 11: ...ure Y N y 1 1 3 databits Syntax databits 7 8 undo databits View User interface view Parameter 7 Sets the data bits to 7 8 Sets the data bits to 8 Description Use the databits command to set the databits for the user interface Use the undo databits command to revert to the default data bits Execute these two commands in AUX user interface view only The default data bits is 8 Example Set the data bi...

Page 12: ...ces including those that are in use and those that are not in use Example Display the information about user interface 0 3Com display user interface 0 Idx Type Tx Rx Modem Privi Auth Int F 0 AUX 0 9600 3 N Current user interface is active F Current user interface is active and work in async mode Idx Absolute index of user interface Type Type and relative index of user interface Privi The privilege...

Page 13: ...entication Display the summary information about the user interface 3Com display user interface summary User interface type AUX 0 UXXX XXXX User interface type VTY 8 UUUU X 5 character mode users U 8 UI never used X 5 total UI in use 1 1 5 display users Syntax display users all View Any view Parameter all Displays the information about all user interfaces Description Use the display users command ...

Page 14: ...The numbers in the left sub column are the absolute user interface indexes and those in the right sub column are the relative user interface indexes Delay The period in seconds the user interface idles for Type User type IPaddress The IP address form which the user logs in Username The login name of the user that logs into the user interface Userlevel The level of the commands available to the use...

Page 15: ...erface aux 0 3Com ui aux0 flow control software 1 1 7 free user interface Syntax free user interface type number View User view Parameter type User interface type number Index of the user interface This argument can be an absolute user interface index if you do not provide the type argument or a relative user interface index if you provide the type argument Description Use the free user interface ...

Page 16: ...n text Banner to be displayed If no keyword is specified this argument is the login banner You can provide this argument in two ways One is to enter the banner in the same line as the command A command line can accept up to 255 characters The other is to enter the banner in multiple lines you can start a new line by pressing Enter where you can enter a banner that can contain up to 2000 characters...

Page 17: ...re not the same the beginning character is part of the banner The following is an example 3Com header shell hello Input banner text and quit with the character h my friend h When you log in the next time hello and my friend is displayed respectively in two lines as the banner The beginning character h appears in the banner z Enter the banner in a single line You can also specify the banner in a si...

Page 18: ...ng character of the banner Hello Welcome Press Enter 3Com When you log in the next time the session banner appears on the terminal as the following 3Com quit 3Com quit Please press ENTER SHELL Note that the beginning character of the banner appears Hello Welcome 3Com 1 1 9 history command max size Syntax history command max size value undo history command max size View User interface view Paramete...

Page 19: ...ew User interface view Parameter minutes Number of minutes This argument ranges from 0 to 35 791 seconds Number of seconds This argument ranges from 0 to 59 Description Use the idle timeout command to set the timeout time The connection to a user interface is terminated if no operation is performed in the user interface within the timeout time Use the undo idle timeout command to revert to the def...

Page 20: ... and confirm the password and then locks the user interface You can set the password in the range of 1 to 16 characters Enter the correct password to cancel the lock If your password contains more than 16 characters the system will cancel the lock as long as the first 16 characters are matched Example Lock the current user interface 3Com lock Password Again locked 1 1 12 modem Syntax modem call in...

Page 21: ...er interface view Example Enable Modem call in and call out 3Com system view System View return to User View with Ctrl Z 3Com user interface aux 0 3Com ui aux0 modem both 1 1 13 modem auto answer Syntax modem auto answer undo modem auto answer View User interface view Parameter None Description Use the modem auto answer command to set the answer mode to auto answer Use the undo modem auto answer c...

Page 22: ...the modem timer answer to configure the carrier detection timeout time after off hook during call in connection setup Use the undo modem timer answer command to restore the default timeout time The command can only be executed in AUX user interface view Example Set the timeout time to 45 seconds 3Com system view System View return to User View with Ctrl Z 3Com user interface aux 0 3Com ui aux0 mod...

Page 23: ... even checks 3Com system view System View return to User View with Ctrl Z 3Com user interface aux 0 3Com ui aux0 parity even 1 1 16 protocol inbound Syntax protocol inbound all ssh telnet View User interface view Parameter all Supports both Telnet protocol and SSH protocol ssh Supports SSH protocol telnet Supports Telnet protocol Description Use the protocol inbound command to specify the protocol...

Page 24: ...efaults to 24 Description Use the screen length command to set the number of lines the terminal screen can contain Use the undo screen length command to revert to the default number of lines By default the terminal screen can contain up to 24 lines You can use the screen length 0 command to disable the function to display information in pages Example Set the number of lines the terminal screen can...

Page 25: ...ry lan access ssh telnet terminal level level undo service type ftp ftp directory lan access ssh telnet terminal View Local user view Parameter ftp Specifies the users to be of FTP type ftp directory directory Specifies the path for FTP users The directory argument is a string up to 64 characters lan access Specifies the users to be of LAN access type which normally means Ethernet users such as 80...

Page 26: ...ces Commands concerning routing and network layers are of system level You can utilize network services by using these commands z Administration level Commands of this level are for the operation of the entire system and the system supporting modules Services are supported by these commands Commands concerning file system file transfer protocol FTP trivial file transfer protocol TFTP downloading u...

Page 27: ...sword command If you specify the cipher keyword the password can be in either encrypted text or plain text When you enter the password in plain text containing up to 16 characters such as 123 the system converts the password to the corresponding 24 character encrypted password such as 7 CZB YX KQ Q MAF4 1 Make sure you are aware of the corresponding plain password if you enter the password in ciph...

Page 28: ...e undo shell command to make terminal services unavailable to the user interface By default terminal services are available in all user interfaces Note the following when using the undo shell command z This command is available in all user interfaces except the AUX Console user interface z This command is unavailable in the current user interface z This command prompts for confirmation when being ...

Page 29: ...d to set the transmission speed of the user interface Use the undo speed command to revert to the default transmission speed Use these two commands in the AUX user interface view only Example Set the transmission speed of the AUX user interface to 115 200 bps 3Com system view System View return to User View with Ctrl Z 3Com user interface aux 0 3Com ui aux0 speed 115200 1 1 23 stopbits Syntax stop...

Page 30: ...o 2 3Com system view System View return to User View with Ctrl Z 3Com user interface aux 0 3Com ui aux0 stopbits 2 1 1 24 sysname Syntax sysname string undo sysname View System view Parameter string Domain name of the switch This argument can contain 1 to 30 characters and defaults to 3Com Description Use the sysname command to set a domain name for the switch Use the undo sysname command to rever...

Page 31: ...net service on the switch This argument ranges from 0 to 65 535 Description Use the telnet command to Telnet to another switch from the current switch to manage the former remotely You can terminate a Telnet connection by pressing Ctrl K or by executing the quit command The default TCP port number is 23 Related command display tcp status and ip host Example Telnet to the switch with the host name ...

Page 32: ... view 3Com system view System View return to User View with Ctrl Z 3Com user interface vty 0 3Com ui vty0 1 1 27 user privilege level Syntax user privilege level level undo user privilege level View User interface view Parameter level Command level ranging from 0 to 3 Description Use the user privilege level command to configure the command level available to the users logging into the user interf...

Page 33: ... level 0 You can verify the above configuration by Telneting to VTY 0 and displaying the available commands as listed in the following 3Com User view commands cluster Run cluster command debugging Enable system debugging functions language mode Specify the language environment ping Send echo message quit Exit from current command view super Privilege current user a specified priority level telnet ...

Page 34: ... other switches from the current switch Description Use the acl command to apply an ACL to filter Telnet users Use the undo acl command to disable the switch from filtering Telnet users using the ACL By default Telnet users are not filtered by ACLs Example Apply ACL 2000 to filter users Telneting to the current switch assuming that ACL 2 000 already exists 3Com system view System View return to Us...

Page 35: ... apply an ACL to filter network management users Use the undo snmp agent community command to cancel community related configuration for the specified community By default SNMPv1 and SNMPv2c access a switch by community names Example Set the community name to h123 enable users to access the switch in the name of the community with read only permission and apply ACL 2 000 to filter network manageme...

Page 36: ...1 to 32 characters notify view Sets a notifying view notify view Name of the view to be set to a notifying view This argument can be of 1 to 32 characters acl acl number Specifies an ACL The acl number argument ranges from 2 000 to 2 999 Description Use the snmp agent group command to create a SNMP group You can also optionally use this command to apply an ACL to filter network management users Us...

Page 37: ...This argument can be of 1 to 32 characters group name Group name the user corresponds to This argument can be of 1 to 32 characters authentication mode Specifies to authenticate users md5 Specifies the authentication protocol to be HMAC MD5 96 sha Specifies the authentication protocol to be HMAC SHA 96 auth password Authentication password This argument can be of 1 to 64 characters privacy Specifi...

Page 38: ...corresponding SNMP group The operation also frees the user from the corresponding ACL related configuration Example Add the user named 3Com to the SNMP group named 3Comgroup specifying to authenticate the user specifying the authentication protocol to be HMAC MD5 96 the authentication password to be 3Com and applying ACL 2002 to filter network management users assuming that ACL 2002 already exists...

Page 39: ...Chapter 1 Configuration File Management Commands 1 1 1 1 Configuration File Management Commands 1 1 1 1 1 display current configuration 1 1 1 1 2 display saved configuration 1 7 1 1 3 display this 1 8 1 1 4 display startup 1 9 1 1 5 reset saved configuration 1 10 1 1 6 save 1 11 1 1 7 startup saved configuration 1 12 ...

Page 40: ...ation View the configuration information excluding the port information The value of the configuration argument is the keyword of the configuration on the switch such as z acl adv Views the configuration information of advanced ACLs z ospf Views the configuration information of the OSPF protocol z system Views the name of the host z timerange Views the configuration information of the time range T...

Page 41: ...ot _ the number of the underline characters in a regular expression is only limited by the length of a command line If the first character of a regular expression is _ there can be up to four other successive underline characters following it If the underline characters are not successive only the first underline character group is matched The subsequent underline groups are ignored Left parenthes...

Page 42: ...figured some parameters but the related functions are not effective they are not displayed When there is much configuration information you can use the regular expression to filter the output information For specific rules about the regular expression refer to the corresponding operation manual Related command save reset saved configuration and display saved configuration Example View the running ...

Page 43: ...ss 10 1 1 2 255 255 255 0 interface Aux0 0 interface Ethernet1 0 1 duplex full speed 1000 port access vlan 2 interface Ethernet1 0 2 interface Ethernet1 0 3 interface Ethernet1 0 4 interface Ethernet2 0 1 port access vlan 2 interface Ethernet2 0 2 interface Ethernet2 0 3 interface Ethernet2 0 4 interface NULL0 ospf area 0 0 0 0 network 10 1 1 0 0 0 0 255 user interface aux 0 user interface vty 0 4...

Page 44: ...ormation of the VLAN1 3Com display current configuration vlan 1 vlan 1 description TestVlan1 igmp snooping enable return View the lines containing the character string 10 in the configuration information The indicates that the 0 before it can appear 0 times or multiple consecutive times 3Com display current configuration include 10 primary authentication 127 0 0 1 1645 primary accounting 127 0 0 1...

Page 45: ...uration information except the port configuration 3Com display current configuration configuration sysname 3Com radius scheme system server type nec primary authentication 127 0 0 1 1645 primary accounting 127 0 0 1 1646 user name format without domain domain system radius scheme system access limit disable state active idle cut disable domain default enable system local server nas ip 127 0 0 1 ke...

Page 46: ...If the Ethernet Switch works abnormally after startup execute the display saved configuration command to view the startup configuration of the Ethernet Switch Related command save reset saved configuration display current configuration Example Display configuration files in flash memory of the Ethernet Switch 3Com display saved configuration sysname 3Com local user abc password simple abc tcp wind...

Page 47: ...the configurations is correct after you have finished a set of configurations under a view you can use the display this command to view the running parameters Some effective parameters are not displayed if they are the same with the default ones while some parameters though have been configured by the user if their related functions are not effective are not displayed either Associated configurati...

Page 48: ...ysname 3Com S6506R ftp server enable ftp timeout 36 local server nas ip 127 0 0 1 key 3Com domain default enable system undo slave auto update config temperature limit 1 10 70 temperature limit 3 10 80 temperature limit 5 10 70 poe power max value 2400 priority trust cos return 1 1 4 display startup Syntax display startup View Any view Parameter None Description Use the display startup command to ...

Page 49: ...t is suggested to consult technical support personnel first Generally this command is used in the following situations z After upgrade of software configuration files in flash memory may not match the new version s software Perform reset saved configuration command to erase the old configuration files z If a used Ethernet Switch is applied to the new circumstance and the original configuration fil...

Page 50: ...t configuration files stored in the flash memory The configured files can be saved in one of the following two ways z Fast saving in this mode the configuration files are saved fast However if restart or power off occurs in the saving procedure the configuration files will be lost z Safely saving in this mode the configuration files are saved slowly However even if restart or power off occurs in t...

Page 51: ...tup saved configuration Syntax startup saved configuration cfgfile device name View User view Parameter cfgfile The name of the configuration file It is a string with a length of 5 to 56 characters device name Name of the current storage device Description Use the startup saved configuration command to configure the configuration file used for enabling the system for the next time The configuratio...

Page 52: ... 4 display vlan 1 4 1 1 5 interface Vlan interface 1 5 1 1 6 name 1 6 1 1 7 shutdown 1 7 1 1 8 vlan 1 7 1 1 9 vlan to 1 8 1 1 10 vlan all 1 10 1 2 Port Based VLAN Configuration Commands 1 11 1 2 1 port 1 11 1 3 Protocol Based VLAN Configuration Commands 1 12 1 3 1 display protocol vlan interface 1 12 1 3 2 display protocol vlan slot 1 13 1 3 3 display protocol vlan vlan 1 14 1 3 4 port hybrid prot...

Page 53: ...he broadcast suppression command to suppress broadcast traffic through a VLAN hUse the undo broadcast suppression command to reset the allowed broadcast traffic through a VLAN to the default value By default the switch does not suppress broadcast traffic When the actual broadcast traffic exceeds the specified value the system will discard the extra packets so that the bandwidth occupied by broadca...

Page 54: ... Interface Description Use the description command to set the description string or text for the current VLAN or VLAN interface Use the undo description command to restore the default description string or text By default the description string of a VLAN is its VLAN ID for example VLAN 0001 the descriptive text of a VLAN interface is its name for example Vlan interface 1 Interface Related command ...

Page 55: ...n interface Example Display the information about Vlan interface 2 3Com display interface Vlan interface 2 Vlan interface2 current state DOWN Line protocol current state DOWN IP Sending Frames Format is PKTFMT_ETHNT_2 Hardware address is 0012 a990 2241 Internet Address is 10 1 1 1 24 Primary Description Vlan interface2 Interface The Maximum Transmit Unit is 1500 Table 1 1 Description of the fields...

Page 56: ...lan id argument or the all keyword is specified the information about the specified VLANs or the all VLANs is displayed including VLAN ID VLAN type dynamic or static routing function status If enabled the primary IP address and mask are displayed VLAN description and VLAN name VLAN broadcast storm suppression ratio and VLAN member ports If no argument or keyword is specified this command displays ...

Page 57: ...outing interface function is enable for this VLAN z Desc riptio n z Description on the VLAN z Nam e z VLAN name z Broa dcast MAX ratio z VLAN broadcast storm suppression ratio z Tagg ed Ports z The ports that keep packets tags when sending packets z Unta gged Ports z The ports that strip off packet tags when sending packets 1 1 5 interface Vlan interface Syntax interface Vlan interface vlan id und...

Page 58: ...stem view System View return to User View with Ctrl Z 3Com interface Vlan interface 1 3Com Vlan interface1 1 1 6 name Syntax name string undo name View VLAN view Parameter string String that refers to the VLAN name It contains 1 to 32 characters Parameter Use the name command to assign a name to the current VLAN Use the undo name command to restore to the default VLAN name By default the name of a...

Page 59: ... up enabled If a VLAN interface is disabled its status is not determined by the status of its ports You can use the undo shutdown command to enable a VLAN interface when its related parameters and protocols are configured When a VLAN interface fails you can use the shutdown command to disable the interface and then use the undo shutdown command to enable this interface again which may restore the ...

Page 60: ...ers the VLAN view Use the undo vlan command to remove a VLAN Caution z The protocol reserved VLAN Voice VLAN the system default VLAN VLAN 1 and remote probe VLAN cannot be removed by the undo vlan command z When you use the undo vlan command to remove a VLAN which is the default VLAN of an access port a trunk port or a hybrid port on the device the port will use VLAN 1 as the default VLAN after th...

Page 61: ...d to remove multiple VLANs in batch Caution z VLAN 1 is the default VLAN which need not be created and cannot be removed z Protocol reserved VLANs Voice VLANs default VLAN namely VLAN1 share VLANs and remote mirroring enabled test VLANs cannot be directly removed by using the undo vlan to command Example Create VLAN 4 to VLAN 100 in batch 3Com system view Enter system view return to user view with...

Page 62: ...ANs and remote mirroring enabled test VLANs cannot be directly removed by using the undo vlan all command z The operation of creating all VLANs and the operation of removing all VLANs will occupy plenty of system resources As a result the switch will not respond to the current user interface During the operation you cannot configure VLANs on the other user interfaces Example Create all the VLANs 3...

Page 63: ...VLAN view Parameter interface list List of Ethernet ports to be added to or removed from a VLAN You need to provide this argument in the form of interface list interface type interface number to interface type interface number 1 10 where z interface type is port type and interface number is port number For detailed explanation refer to port related command part in this manual z The port number to ...

Page 64: ... 0 3 1 3 Protocol Based VLAN Configuration Commands 1 3 1 display protocol vlan interface Syntax display protocol vlan interface interface type interface number to interface type interface number all View Any view Parameter interface type interface number to interface type interface number Specifies the port number of the protocol to be displayed If you do not use the to keyword only one port is s...

Page 65: ... VLAN ID Protocol Index Protocol type 50 5 ipx raw 80 1 at 100 3 snap etype 0x0abc 100 5 llc dsap 0xac ssap 0xbd 1 3 2 display protocol vlan slot Syntax display protocol vlan slot slot number all View Any view Parameter slot number Specifies board resident slot number all Specifies all boards Description Use the display protocol vlan slot command to display the protocol based VLAN information in s...

Page 66: ... VLANs Description Use the display protocol vlan vlan command to display the protocol information and protocol index configured for specified VLANs Related command display vlan Example Display the protocol information and protocol indices configured for VLAN 2 through VLAN 20 3Com display protocol vlan vlan 2 to 20 VLAN ID 2 VLAN Type Protocol based VLAN Protocol Index Protocol Type 0 ip 1 1 1 0 2...

Page 67: ...e value of the protocol index argument all Specifies all protocol indices Description Use the port hybrid protocol vlan vlan command to associate a port with the protocol based VLAN Use the undo port hybrid protocol vlan vlan command to remove the association between the specified protocol based VLAN and a port Related command protocol vlan vlan slot and display protocol vlan interface Example Ass...

Page 68: ...th protocol based VLAN Use the undo protocol vlan vlan slot command to cancel the association Note that it is necessary to add those ports that require protocol in the board to the protocol based VLAN Currently only non A type boards including service boards and main control boards support this command Table 1 3 shows the supported protocol based VLAN creation commands on different boards Table 1 ...

Page 69: ...The ethernetii llc raw and snap keywords indicate four encapsulation types mode Specifies VLAN based on other protocol type and encapsulation format ethernetii etype etype id Specifies EthernetII encapsulation based VLAN The etype id argument indicates the Ethernet type of the incoming packets and its value ranges from 600 to FFFF llc dsap dsap id ssap ssap id ssap ssap id Specifies VLAN based on ...

Page 70: ...z It is not allowed to configure both ipx raw standard template and LLC user defined template whose dsap and ssap are both ff in the same VLAN z It is not allowed to configure both ipx ethernetii standard template and EthernetII user defined template whose etype is 8137 in the same VLAN z It is not allowed to configure both ipx snap standard template and SNAP user defined template whose etype is 8...

Page 71: ...s 1 19 3Com system view System View return to User View with Ctrl Z 3Com vlan 3 3Com vlan3 protocol vlan ip Configure VLAN 5 as a VLAN based on network segment 123 34 56 0 3Com vlan3 vlan 5 3Com vlan5 protocol vlan ip 123 34 56 0 Cancel protocols 0 to 5 in VLAN 5 3Com vlan5 undo protocol vlan 0 to 5 ...

Page 72: ...oice vlan aging 1 5 1 1 6 voice vlan enable 1 5 1 1 7 voice vlan mac address 1 6 1 1 8 voice vlan mode 1 7 1 1 9 voice vlan security enable 1 8 Chapter 2 isolate user VLAN Configuration Commands 2 1 2 1 isolate user VLAN Configuration Commands 2 1 2 1 1 display isolate user vlan 2 1 2 1 2 isolate user vlan 2 2 2 1 3 isolate user vlan enable 2 3 Chapter 3 Super VLAN Configuration Commands 3 1 3 1 S...

Page 73: ...ay the currently supported OUI addresses and the related information Related command voice vlan voice vlan enable Example Display the OUI addresses of the voice VLAN 3Com display voice vlan oui Oui Address Mask Description 00e0 bb00 0000 ffff ff00 0000 3com phone 0003 6b00 0000 ffff ff00 0000 Cisco phone 00e0 7500 0000 ffff ff00 0000 Polycom phone 00d0 1e00 0000 ffff ff00 0000 Pingtel phone 000f e...

Page 74: ...ecurity mode Security Voice Vlan aging time 1440 minutes Current voice vlan enabled port mode PORT MODE Ethernet1 0 2 MANUAL Ethernet1 0 5 AUTO Table 1 1 Description on the fields of the display voice vlan status command Field Description Voice Vlan status The status of global voice VLAN function enabled disabled Voice Vlan ID The VLAN which is currently enabled with voice VLAN function Voice Vlan...

Page 75: ...3 display vlan Syntax display vlan vlan id View Any view Parameter vlan id Voice VLAN ID in the range of 1 to 4094 Description Use the display vlan command to display the automatic manual ports in the current voice VLAN Related command voice vlan Example Display the ports included in the current voice VLAN assuming that the current voice VLAN is VLAN 6 3Com display vlan 6 VLAN ID 6 VLAN Type stati...

Page 76: ... for a specified VLAN the specified VLAN must exist otherwise your configuration fails z If you want to delete a VLAN with voice VLAN function enabled you must disable the voice VLAN function first z The voice VLAN function can be enabled for only one VLAN at the same time Related command display voice vlan status Example Create VLAN 2 and enable the voice VLAN function for it 3Com system view Sys...

Page 77: ...on Use the voice vlan aging command to set the aging time for a voice VLAN Use the undo voice vlan aging command to restore the default aging time for a voice VLAN Related command display voice vlan status Example Set the aging time of the voice VLAN to 100 minutes 3Com system view System View return to User View with Ctrl Z 3Com voice vlan aging 100 1 1 6 voice vlan enable Syntax voice vlan enabl...

Page 78: ...terface Ethernet 1 0 2 3Com Ethernet1 0 2 voice vlan enable 1 1 7 voice vlan mac address Syntax voice vlan mac address oui mask oui mask description text undo voice vlan mac address oui View System view Parameter oui MAC address to be set You need to provide this argument in the format of H H H Note Organizationally unique identifier OUI is the first 24 bits of a MAC address It is the global uniqu...

Page 79: ...tch Number OUI addresses Vendor 1 0003 6b00 0000 Cisco phone 2 000f e200 0000 H3C Aolynk phone 3 00d0 1e00 0000 Pingtel phone 4 00e0 7500 0000 Polycom phone 5 00e0 bb00 0000 3com phone Related command display voice vlan oui Example Specify 00aa bb00 0000 as an OUI address with the description string being ABC 3Com system view System View return to User View with Ctrl Z 3Com voice vlan mac address ...

Page 80: ... 9 voice vlan security enable Syntax voice vlan security enable undo voice vlan security enable View System view Parameter None Description Use the voice vlan security enable command to enable the voice VLAN security mode Use the undo voice vlan security enable command to disable the voice VLAN security mode In the voice VLAN security mode the ports in a voice VLAN and with voice devices attached ...

Page 81: ...3Com Switch 7750 Series Command Reference Guide Extended VLAN Applications Chapter 1 Voice VLAN Configuration Commands 1 9 3Com undo voice vlan security enable ...

Page 82: ...mmands 2 1 1 display isolate user vlan Syntax display isolate user vlan vlan id View Any view Parameter vlan id VLAN ID of the configured isolate user VLANs ranging from 1 to 4 094 Description Use the display isolate user vlan command to display the mapping between the isolate user VLAN and the secondary VLAN and the current status and port information of the isolate user VLAN and the secondary VL...

Page 83: ...dary Route Interface not configured Description VLAN 0004 Tagged Ports none Untagged Ports Ethernet1 0 4 Ethernet1 0 18 2 1 2 isolate user vlan Syntax isolate user vlan vlan id secondary vlan list undo isolate user vlan vlan id secondary vlan list View System view Parameter vlan id VLAN ID of an isolate user VLAN ranging from 1 to 4 094 vlan list List of the secondary VLAN that needs to establish ...

Page 84: ...he specified isolate user VLAN Note that establishing or canceling the mapping between the isolate user VLAN and the secondary VLAN does not affect the port status in each VLAN By default the user created isolate user VLAN does not map the secondary VLAN Related command display isolate user vlan Example Map the isolate user VLAN 10 with the secondary VLAN 2 3 4 5 and 9 3Com system view System View...

Page 85: ...solate user VLAN function z The isolate user VLAN function and super VLAN function cannot be enabled simultaneously for a VLAN If a VLAN is specified as an isolate user VLAN or a secondary VLAN you cannot configure it as a super VLAN or a sub VLAN additionally Related command display isolate user vlan Example Configure VLAN 5 as an isolate user VLAN 3Com system view System View return to User View...

Page 86: ...CP server ranging from 0 to 19 Description Use the dhcp server command to specify which DHCP server group a VLAN interface belongs to Use the undo dhcp server command to cancel this mapping Example Configure VLAN 1 interface to belong to DHCP server group 1 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 1 3Com Vlan interface1 dhcp server 1 3 1 2 display ...

Page 87: ...om display supervlan 100 Supervlan ID 100 Subvlan ID 101 102 VLAN ID 100 VLAN Type static It is a Super VLAN Route Interface not configured Description VLAN 0100 Name VLAN 0100 Broadcast MAX ratio 100 Tagged Ports none Untagged Ports none VLAN ID 101 VLAN Type static It is a Sub VLAN And the Super VLAN is VLAN 100 ARP proxy disabled Route Interface not configured Description VLAN 0101 Name VLAN 01...

Page 88: ...g relationship between sub VLAN and super VLAN Use the undo subvlan commmand to cancel the mapping relationship between sub VLAN and super VLAN Without the argument vlan list the undo subvlan command can cancel the mapping between all the sub VLANs and the isolate user VLAN With this argument the command can cancel the mapping between the specified sub VLAN and the isolate user VLAN Caution z The ...

Page 89: ...set current VLAN to super VLAN Use the undo supervlan commmand to restore the current VLAN type to ordinary VLAN Note that z You can not configure a VLAN which includes Ethernet ports as a super VLAN and after you configure a super VLAN you cannot add any Ethernet port to it z When a VLAN is configured as a super VLAN ARP proxy function is automatically enabled on the VLAN interface z When a super...

Page 90: ...3Com Switch 7750 Series Command Reference Guide Extended VLAN Applications Chapter 3 Super VLAN Configuration Commands 3 5 ...

Page 91: ...p 2 12 2 1 9 ip forward broadcast 2 13 2 1 10 reset ip statistics 2 13 2 1 11 reset tcp statistics 2 14 2 1 12 reset udp statistics 2 14 2 1 13 tcp timer fin timeout 2 15 2 1 14 tcp timer syn timeout 2 15 2 1 15 tcp window 2 16 Chapter 3 IPX Configuration Commands 3 1 3 1 IPX Configuration Commands 3 1 3 1 1 display ipx interface 3 1 3 1 2 display ipx routing table 3 3 3 1 3 display ipx service ta...

Page 92: ...3 17 3 1 18 ipx sap gns load balance 3 18 3 1 19 ipx sap max reserve servers 3 19 3 1 20 ipx sap mtu 3 19 3 1 21 ipx sap multiplier 3 20 3 1 22 ipx sap timer update 3 21 3 1 23 ipx service 3 21 3 1 24 ipx split horizon 3 23 3 1 25 ipx tick 3 23 3 1 26 ipx update change only 3 24 3 1 27 reset ipx routing table statistics protocol 3 24 3 1 28 reset ipx statistics 3 25 ...

Page 93: ...n Port Basic Configuration Command Manual brief Displays the basic interface configuration information Description Use the display ip interface command to display information about one specific or all interfaces Example Display information about VLAN interface 1 3Com display ip interface Vlan interface 1 Vlan interface1 current state UP Line protocol current state UP Internet Address is 192 168 0 ...

Page 94: ...Description on the fields of the display ip interface command Field Description Vlan interface1 current state Current state of VLAN interface 1 Line protocol current state Current state of the Line protocol Internet Address IP address Broadcast address Broadcast address The Maximum Transmit Unit Max transmit unit IP packets input number 9678 bytes 475001 multicasts 7 IP packets output number 8622 ...

Page 95: ...ng Echo reply packet unreachable packet source quench packet routing redirect packet Echo request packet router advert packet router solicit packet time exceed packet IP header bad packet timestamp request packet timestamp reply packet information request packet information reply packet netmask request packet netmask reply packet and unknown types of packets 1 1 2 ip address Syntax ip address ip a...

Page 96: ...ry addresses is as follows z When you configure a primary IP address for an interface which already has a primary IP address the new address will replace the old one z If you execute the undo ip address command without any parameter the switch deletes both primary and secondary IP addresses of the interface The undo ip address ip address mask mask length command is used to delete the primary IP ad...

Page 97: ... Description Form of fib rule Display FIB entries of the specified slot slot number Display FIB entries matching the specified destination IP address mask pair and all the FIB entries matching the specified IP address mask in the natural mask range pair ip address1 mask1 mask length1 ip address2 mask2 mask length2 longer longer Display FIB statistics statistics Display the FIB entries which are ou...

Page 98: ... 127 0 0 1 GHU t 37 InLoopBack0 127 0 0 1 32 127 0 0 1 GHU t 37 InLoopBack0 127 0 0 0 8 127 0 0 1 U t 37 InLoopBack0 1 1 1 1 32 127 0 0 1 GHU t 37 InLoopBack0 1 1 1 0 24 1 1 1 1 U t 37 Vlan interface2 Table 2 2 Description on the fields of the display fib command Field Description Destination Mask Destination address mask length Nexthop Next hop address Flag Flags U A route is up and available G G...

Page 99: ... FIB entries 3Com display fib statistics Route Entry Count 30 2 1 2 display icmp statistics Syntax display icmp statistics View Any view Parameter None Description Use the display icmp statistics command to view the statistics about ICMP packets Related command display ip interface and reset ip statistics Example View the statistics about ICMP packets 3Com display icmp statistics Input bad formats...

Page 100: ... input output echo reply packets parameter problem Number of input output packets with parameter problem timestamp Number of input output timestamp packets information request Number of input information request packets mask requests Number of input output mask request packets mask replies Number of input output mask reply packets information reply Number of output information reply packets time e...

Page 101: ..._SETKEEPALIVE socket state SS_ISCONNECTED SS_PRIV SS_ASYNC Task VTYD 18 socketid 3 Proto 6 LA 10 153 17 99 23 FA 10 153 17 82 1121 sndbuf 8192 rcvbuf 8192 sb_cc 0 rb_cc 0 socket option SO_KEEPALIVE SO_OOBINLINE SO_SENDVPNID SO_SETKEEPALIVE socket state SS_ISCONNECTED SS_PRIV SS_ASYNC Table 2 4 Description on the fields of the display ip socket command Field Description SOCK_STREAM Type of a socket...

Page 102: ...ace and reset ip statistics Example View the statistics about IP packets 3Com display ip statistics Input sum 7120 local 112 bad protocol 0 bad format 0 bad checksum 0 bad options 0 Output forwarding 0 local 27 dropped 0 no route 2 compress fails 0 Fragment input 0 output 0 dropped 0 fragmented 0 couldn t fragment 0 Reassembling sum 0 timeouts 0 Table 2 5 Description on the fields of the display i...

Page 103: ...s that cannot be routed Output compress fails Number of packets that cannot be compressed input Number of input fragments output Number of output fragments dropped Number of dropped fragments fragmented Number of packets that are fragmented Fragment couldn t fragment Number of packets that cannot be fragmented sum Number of reassembled packets Reassembling timeouts Number of timeout fragment packe...

Page 104: ...ts 5 including 1 RST window probe packets 0 window update packets 2 data packets 618 8770 bytes data packets retransmitted 0 0 bytes ACK only packets 40 28 delayed Retransmitted timeout 0 connections dropped in retransmitted timeout 0 Keepalive timeout 0 keepalive probe 0 Keepalive timeout so connections disconnected 0 Initiated connections 0 accepted connections 0 established connections 0 Closed...

Page 105: ...including one retransmitted packet window probe packets window update packets Number of window probe packets number of window update packets data packets data packets retransmitted Number of data packets number of retransmitted packets Sent packets ACK only packets Number of ACK packets 28 delay ACK packets Retransmitted timeout connections dropped in retransmitted timeout Times of retransmission ...

Page 106: ...ption Use the display tcp status command to view the state of all the TCP connections so that you can monitor TCP connections in real time Example View the state of all the TCP connections 3Com display tcp status TCPCB Local Add port Foreign Add port State 03e37dc4 0 0 0 0 4001 0 0 0 0 0 Listening 04217174 100 0 0 204 23 100 0 0 253 65508 Established Table 2 7 Description on the fields of the disp...

Page 107: ...t 0 no socket on port 0 total broadcast or multicast packets 25006 no socket broadcast or multicast packets 24989 not delivered input socket full 0 input packets missing pcb cache 1314 Sent packets Total 7187 Table 2 8 Description on the fields of the display udp statistics command Field Description Total Total number of received UDP packets checksum error Number of packets with checksum errors sh...

Page 108: ...ket Total Total number of transmitted UDP packets 2 1 8 ip Syntax ip ttl expires unreachables undo ip ttl expires unreachables View System view Parameter ttl expires Configure whether to send TTL timeout packets to CPU unreachables Configure whether to send unreachable packets to CPU Description Use the ip ttl expires unreachables command to configure to send TTL timeout packets and unreachable pa...

Page 109: ...orward broadcast command to forbid forwarding layer 3 broadcast packets By default the switch does not forward layer 3 broadcast packets Example Configure to forward layer 3 broadcast packets 3Com system view System View return to User View with Ctrl Z 3Com ip forward broadcast 2 1 10 reset ip statistics Syntax reset ip statistics View User view Parameter None Description Use the reset ip statisti...

Page 110: ...e Description Use the reset tcp statistics command to clear the statistics information about TCP packets Related command display tcp statistics Example Clear the statistics information about TCP packets 3Com reset tcp statistics 2 1 12 reset udp statistics Syntax reset udp statistics View User view Parameter None Description Use the reset udp statistics command to clear the statistics information ...

Page 111: ... fin timeout command to restore the default value of the TCP finwait timer The default value is 675 seconds When the TCP connection state changes from FIN_WAIT_1 to FIN_WAIT_2 the finwait timer is enabled If the switch does not receive FIN packets before finwait timer time outs the TCP connection will be terminated Related command tcp timer syn timeout and tcp window Example Configure the default ...

Page 112: ...indow Example Configure the default value of the TCP synwait timer to 80 seconds 3Com system view System View return to User View with Ctrl Z 3Com tcp timer syn timeout 80 2 1 15 tcp window Syntax tcp window window size undo tcp window View System view Parameter window size The size of the transmission and receiving buffers measured in kilobytes KB whose value ranges from 1 to 32 Description Use t...

Page 113: ...d Reference Guide IP IPX Chapter 2 IP Performance Configuration Commands 2 17 Example Configure the size of the transmission and receiving buffers to 3KB 3Com system view System View return to User View with Ctrl Z 3Com tcp window 3 ...

Page 114: ...mation of all the IPX enabled VLAN interfaces will be displayed Example View the IPX information of VLAN interface 1 3Com display ipx interface Vlan interface 1 Vlan interface1 is down IPX address is 1 0020 9c68 448e down SAP is enabled Split horizon is enabled Update change only is disabled Forwarding of IPX type 20 propagation packet is disabled Delay of this IPX interface in ticks is 1 SAP GNS ...

Page 115: ...IPX interface Delay of the current VLAN interface SAP GNS response Indicates whether SAP GNS reply is enabled on the current VLAN interface RIP packet maximum size Maximum length of the RIP update packets that the current VLAN interface can send SAP packet maximum size Maximum length of the SAP update packets that the current VLAN interface can send IPX encapsulation IPX encapsulation format of th...

Page 116: ...formation of all the direct routes rip Displays all the IPX RIP routing information static Displays all the IPX static routing information inactive Displays the information of the inactive routes verbose Displays the detailed IPX routing information including the active and inactive routes statistics Displays the IPX routing statistics Description Use the display ipx routing table command to view ...

Page 117: ...display ipx routing table verbose Routing tables Destinations 2 Routes 3 Destination Network ID 0x1 Protocol Direct Preference 0 Ticks 1 Hops 0 Nexthop 0 0000 0000 0000 Time 0 Interface 1 0020 9c68 448e Vlan interface1 State Active Protocol Static Preference 60 Ticks 1 Hops 1 Nexthop 2 000e 0001 0000 Time 0 Interface 2 0020 9c68 448f Vlan interface2 State Inactive Destination Network ID 0x2 Protoc...

Page 118: ...1 2 0 0 RIP 0 0 0 0 0 Default 0 0 0 0 0 Total 3 2 4 1 1 Table 3 4 Description on the fields of the display ipx routing table statistics command Field Description Proto State Routing protocol Route Number of routes including active and inactive routes Active Number of active routes Added Number of added routes Deleted Number of deleted but not released routes Freed Number of released routes 3 1 3 d...

Page 119: ... command to view the contents of the IPX service information table Example View the contents of the IPX service information table 3Com display ipx service table Abbreviation S Static Pref Preference Decimal NetId Network number NodeId Node address hop Hops Decimal Recv If Interface from which the service is received Number of Static Entries 2 Number of Dynamic Entries 0 Name Type NetId S Prn1 0005...

Page 120: ...vices 3 1 4 display ipx statistics Syntax display ipx statistics View Any view Parameter None Description Use the display ipx statistics command to view the IPX statistics Example View the IPX packet statistics 3Com display ipx statistics Received 0 total 0 packets pitched 0 packets size errors 0 format errors 0 bad hops 16 0 discarded hops 16 0 other errors 0 local destination 0 can not be dealt ...

Page 121: ...lled packets the number of packets with incorrect length the number of incorrectly encapsulated packets the number of packets whose hop count exceeds 16 the number of packets whose hop count is equal to 16 the number of other incorrect packets the number of packets whose destination is the local switch and the number of packets that cannot be handled Sent 0 forwarded 0 generated 0 no route 0 disca...

Page 122: ...nt 0 requests received 0 responses sent 0 responses received 0 responses in time 0 responses time out Statistics of Ping packets the number of transmitted received request packets the number of transmitted received response packets the number of prompt response packets and the number of timeout response packets 3 1 5 ipx enable Syntax ipx enable undo ipx enable View System view Parameter None Desc...

Page 123: ... Description Use the ipx encapsulation command to configure an IPX frame encapsulation format on the current VLAN interface Use the undo ipx encapsulation command to restore the encapsulation format to the default format By default the IPX frame encapsulation format is Ethernet_802 3 dot3 Example Set the IPX frame encapsulation format to Ethernet_II on VLAN interface 2 3Com system view System View...

Page 124: ...erface 2 3Com Vlan interface2 ipx netbios propagation 3 1 8 ipx network Syntax ipx network network undo ipx network View VLAN interface view Parameter network Hexadecimal IPX network number in the range 0x1 to 0xFFFFFFFD The leading 0s can be omitted when you input a network number Description Use the ipx network command to assign an IPX network number to the VLAN interface Use the undo ipx networ...

Page 125: ...he update packets of RIP Use the undo ipx rip import route static command to disable RIP from importing static routes By default IPX RIP does not import static routes Note that IPX RIP imports only active static routes inactive static routes are neither imported nor forwarded Example Import static routes into IPX RIP 3Com system view System View return to User View with Ctrl Z 3Com ipx rip import ...

Page 126: ...iplier A multiplier of the update interval decides the aging period of the RIP routing entries together with the update interval It is in the range 1 to 1000 Multiplying the update interval by the multiplier you can get the actual aging period Description Use the ipx rip multiplier command to configure the aging period of the IPX RIP routing entries Use the undo ipx rip multiplier command to resto...

Page 127: ...onfigure a RIP update interval Use the undo ipx rip timer update command to restore the default value By default the update interval of IPX RIP is 60 seconds Related command ipx rip multiplier Example Set the RIP update interval to 30 seconds 3Com system view System View return to User View with Ctrl Z 3Com ipx rip timer update 30 3 1 13 ipx route load balance path Syntax ipx route load balance pa...

Page 128: ...h Ctrl Z 3Com ipx route load balance path 30 3 1 14 ipx route max reserve path Syntax ipx route max reserve path paths undo ipx route max reserve path View System view Parameter paths The maximum number of dynamic routes saved in the device to the same destination It is in the range of 1 to 255 Description Use the ipx route max reserve path command to configure the maximum number of dynamic routes...

Page 129: ...parated into three parts using each part in the range of 1 to 0xFFFF preference value Static route preference in the range of 1 to 255 A smaller value indicates a higher preference By default the preference values of the static routes direct routes and dynamic RIP IPX routes are 60 user configurable 0 and 100 ticks ticks Time that a packet must take to reach the destination network with 1 tick 1 1...

Page 130: ...ap disable undo ipx sap disable View VLAN interface view Parameter None Description Use the ipx sap disable command to disable SAP on the current VLAN interface Use the undo ipx sap disable command to enable SAP on the current VLAN interface By default SAP is enabled as soon as IPX is enabled on the VLAN interface Example Disable SAP on VLAN interface 1 3Com system view System View return to User ...

Page 131: ...m interface Vlan interface 2 3Com Vlan interface2 ipx sap gns disable reply 3 1 18 ipx sap gns load balance Syntax ipx sap gns load balance undo ipx sap gns load balance View System view Parameter None Description Use the ipx sap gns load balance command to configure the switch to respond to GNS requests through Round Robin polling Use the undo ipx sap gns load balance command to configure the swi...

Page 132: ...n reserve queue for one service type It is in the range of 1 to 2048 Description Use the ipx sap max reserve servers command to configure the maximum length of the service information reserve queue for one service type Use the undo ipx sap max reserve servers command to restore the default value By default the maximum length of the service information reserve queue for one service type is 2 048 Ex...

Page 133: ...ystem View return to User View with Ctrl Z 3Com interface Vlan interface 2 3Com Vlan interface2 ipx sap mtu 674 3 1 21 ipx sap multiplier Syntax ipx sap multiplier multiplier undo ipx sap multiplier View System view Parameter multiplier A multiplier of the update interval decides the aging period of the SAP routing entries together with the update interval It is in the range of 1 to 1000 Multiplyi...

Page 134: ...the ipx sap timer update command to configure a SAP update interval Use the undo ipx sap timer update command to restore the default value By default the SAP update interval is 60 seconds Note that this command is invalid if the triggered updates feature is applied on the VLAN interface Related command ipx sap multiplier and ipx update change only Example Set the SAP update interval to 300 seconds...

Page 135: ...the range of 1 to 15 The hop count equal to or exceeding 16 indicates that the service is unreachable preference Service preference value The value ranges from 1 to 255 A smaller number indicates a higher preference By default the preference value of the static service entries is 60 configurable the preference value of the dynamic service entries is fixed to 500 all Deletes all the static service ...

Page 136: ...mmand to disable split horizon on the current VLAN interface By default split horizon is enabled Example Enable split horizon on VLAN interface 2 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 2 3Com Vlan interface2 ipx split horizon 3 1 25 ipx tick Syntax ipx tick ticks undo ipx tick View VLAN interface view Parameter ticks Delay in ticks ranging from 0...

Page 137: ...yntax ipx update change only undo ipx update change only View VLAN interface view Parameter None Description Use the ipx update change only command to enable triggered update on the current VLAN interface Use the undo ipx update change only command to disable triggered update on the current VLAN interface By default triggered update of IPX is disabled Example Enable triggered update of IPX on VLAN...

Page 138: ...tics of the static IPX routes Description Use the reset ipx routing table statistics protocol command to clear the statistics on the IPX routes of a specific route type Related command display ipx routing table statistics Example Clear the statistics of the IPX static routes 3Com reset ipx routing table statistics protocol static 3 1 28 reset ipx statistics Syntax reset ipx statistics View User vi...

Page 139: ...mands 1 1 1 1 GARP Configuration Commands 1 1 1 1 1 display garp statistics 1 1 1 1 2 display garp timer 1 2 1 1 3 garp timer 1 2 1 1 4 garp timer leaveall 1 4 1 1 5 reset garp statistics 1 5 1 2 GVRP Configuration Commands 1 6 1 2 1 display gvrp statistics 1 6 1 2 2 display gvrp status 1 7 1 2 3 gvrp 1 7 1 2 4 gvrp registration 1 8 ...

Page 140: ...e up to 10 port indexes port index lists for this argument Description Use the display garp statistics command to display the GARP statistics of specified ports or all ports This command displays the following information z Number of the GMRP packets received z Number of the GVRP packets received z Number of the GMRP packets transmitted z Number of the GVRP packets transmitted z Number of the pack...

Page 141: ...ists for this argument Description Use the display garp timer command to display the settings of the GARP timers on specified ports or all ports This command displays the settings of the following timers z Join timer z Leave timer z LeaveAll timer z Hold timer Related command garp timer garp timer leaveall Example Display the settings of the GARP timers on port Ethernet1 0 1 3Com display garp time...

Page 142: ...rs the attribute information if it does not receives a Join message again before the timer times out timer value Timeout time in centiseconds of the GARP timer Hold Join or Leave to be set This argument needs to be a multiple of 5 By default it is 10 20 and 60 for Hold Join and Leave timers respectively Description Use the garp timer command to set a GARP timer that is the Hold timer the Join time...

Page 143: ...of the LeaveAll timer You can change the threshold by changing the timeout time of the LeaveAll timer LeaveAll This lower threshold is greater than the timeout time of the Leave timer You can change threshold by changing the timeout time of the Leave timer 32 765 centiseconds Related command display garp timer Example Set the GARP Join timer to 20 centiseconds for port Ethernet1 0 1 3Com system vi...

Page 144: ...mer to begin a new cycle Related command display garp timer Example Set the GARP LeaveAll timer to 100 centiseconds 3Com system view System View return to User View with Ctrl Z 3Com garp timer leaveall 100 1 1 5 reset garp statistics Syntax reset garp statistics interface interface list View User view Parameter interface list List of Ethernet ports You can specify multiple Ethernet ports by provid...

Page 145: ...o interface type interface number 1 10 where 1 10 means that you can provide up to 10 port indexes port index lists for this argument Description Use the display gvrp statistics command to display the GVRP statistics of specified or all trunk ports This command displays the following information z GVRP status z Whether GVRP is running z Number of the GVRP entries that fail to be registered z Sourc...

Page 146: ...ommand to display the global GVRP status enabled or disabled Example Display the global GVRP status 3Com display gvrp status GVRP is enabled The above information indicates that GVRP is enabled globally 1 2 3 gvrp Syntax gvrp undo gvrp View System view Ethernet port view Parameter None Description Use the gvrp command to enable GVRP globally in system view or for a port in Ethernet port view Use t...

Page 147: ... 1 2 4 gvrp registration Syntax gvrp registration fixed forbidden normal undo gvrp registration View Ethernet port view Parameter fixed Allows to add or register the current port to the manually created VLAN and prohibits to register or deregister the current port to the dynamic VLAN forbidden Deregisters all the VLANs except VLAN 1 on the current port and inhibits the creation and registration of...

Page 148: ...Configuration Commands 1 9 Related command display gvrp statistics Example Configure the GVRP registration type on the port Ethernet1 0 1 to fixed 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet1 0 1 3Com Ethernet1 0 1 gvrp registration fixed ...

Page 149: ... vlan vpn 1 1 1 1 2 vlan vpn enable 1 1 1 1 3 vlan vpn priority 1 2 Chapter 2 Selective Q in Q Configuration Commands 2 1 2 1 Selective Q in Q Configuration Commands 2 1 2 1 1 raw vlan id inbound 2 1 2 1 2 vlan vpn vid 2 2 Chapter 3 Shared VLAN Configuration Commands 3 1 3 1 Shared VLAN Configuration Commands 3 1 3 1 1 display shared vlan 3 1 3 1 2 shared vlan mainboard 3 1 3 1 3 shared vlan slot ...

Page 150: ...w Any view Parameter None Description Use the display port vlan vpn command to display the Q in Q configuration of the current system including the current status of VLAN VPN and the VLAN ID of VLAN VPN Example Display the Q in Q configuration of the current system 3Com display port vlan vpn Ethernet3 0 4 VLAN VPN status enabled VLAN VPN VLAN 1 1 1 2 vlan vpn enable Syntax vlan vpn enable undo vla...

Page 151: ...ket becomes a packet carrying the default VLAN tag of the port Caution z The Q in Q function is unavailable if voice VLAN is enabled on the port z After you enable the Q in Q function for a port voice VLAN is not available on the port Example Enable the Q in Q function for Ethernet1 0 1 port 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet 1 0 1 3Com Ethernet1 0...

Page 152: ...n By default inner outer tag priority mapping is disabled Example Configure priority mappings between inner and outer VLAN tags on Ethernet 1 0 1 so that packets with the inner tag priority of 3 is tagged with an outer tag with the priority of 5 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet 1 0 1 3Com Ethernet1 0 1 vlan vpn priority 3 remark 5 ...

Page 153: ...d all vlan id list View Q in Q view Parameter vlan id list List of VLAN Ids You need to provide this argument in the form of vlan id list vlan id to vlan id 1 10 where 1 10 means that you can provide up to ten VLAN Ids VLAN ID lists all Specifies the packets of all the VLANs As for the vlan id list argument the value of 1 to 4094 is not suipported due to ACL limitations Description Use the raw vla...

Page 154: ...ace number Specifies an uplink port for the packet where an outer VLAN tag is to be encapsulated Untagged Configure whether to retain a VLAN tag when a packet encapsulated with vid is transmitted through the uplink port Description Use the vlan vpn vid command to specify the VLAN whose tag is to be inserted to matched packets as the outer VLAN tag and the uplink port for these packets You can use ...

Page 155: ... port into the same link aggregation group Note that the vlan vpn vid command needs to be coupled by the raw vlan id inbound command Example Configure to insert the outer tag VLAN 20 to the packets whose inner tag is VLAN 10 received on Ethernet1 0 1 Specify Ethernet1 0 5 as the uplink port Configure the port to remove the outer VLAN tag of the packets 3Com system view System View return to User V...

Page 156: ...and to display shared VLAN configured on all the boards in the system Example Display shared VLAN configured on all the boards in the current system 3Com display shared vlan shared vlan 1 mainboard shared vlan 3 slot 4 The above mentioned information describes that VLAN 1 on the SRPU and VLAN 3 on the LPU in slot 4 are shared VLANs in the system 3 1 2 shared vlan mainboard Syntax shared vlan vlan ...

Page 157: ...at the same time z You must use a created VLAN as shared VLAN otherwise the system gives an error prompt Caution Shared VLAN can damage and disable RRPP Therefore do not enable both RRPP and shared VLAN on the switch Example Configure VLAN 10 as shared VLAN on an SRPU 3Com system view System View return to User View with Ctrl Z 3Com shared vlan 10 mainboard 3 1 3 shared vlan slot Syntax shared vla...

Page 158: ...no shared VLAN is configured on the LPU Note You must use a created VLAN as shared VLAN otherwise the system gives an error prompt Caution Shared VLAN can damage and disable RRPP Therefore do not enable both RRPP and shared VLAN on the switch Example Configure VLAN 20 on the LPU in slot 3 as shared VLAN 3Com system view System View return to User View with Ctrl Z 3Com shared vlan 20 slot 3 ...

Page 159: ...1 1 12 flow interval 1 13 1 1 13 hardspeedup 1 14 1 1 14 interface 1 15 1 1 15 jumboframe enable 1 16 1 1 16 loopback detection enable 1 16 1 1 17 loopback detection interval time 1 17 1 1 18 loopback detection control 1 18 1 1 19 loopback detection per vlan enable 1 19 1 1 20 mdi 1 19 1 1 21 multicast suppression 1 20 1 1 22 port access vlan 1 22 1 1 23 port hybrid pvid vlan 1 22 1 1 24 port hybr...

Page 160: ...t port the bandwidth argument is in the range of 1 to 1000 in Mbps pps pps Specifies the maximum number of broadcast packets allowed to be received per second on an Ethernet port in pps z For a 100 Mbps Ethernet port the pps argument is in the range of 0 to 148 810 z For a Gigabit Ethernet port the pps argument is in the range of 1 488 100 z For a 10GE port the pps argument is in the range of 0 to...

Page 161: ...GigabitEthernet 1 0 1 3Com Ethernet1 0 1 broadcast suppression 20 Set the maximum number of broadcast packets that can be received per second by the Ethernet1 0 1 port to 1000 pps 3Com GigabitEthernet1 0 1 broadcast suppression pps 1000 1 1 2 copy configuration Syntax copy configuration source interface type interface number aggregation group source agg id destination interface list aggregation gr...

Page 162: ...ou can specify the aggregation group of the port as the destination with the destination agg id argument Example Copy the configuration of Ethernet3 01 to Ethernet3 0 2 3Com system view System View return to User View with Ctrl Z 3Com copy configuration source Ethernet3 0 1 destination Ethernet3 0 2 The operation will be invalid for some special port s in the destination port list such as aggregat...

Page 163: ...rface Syntax display brief interface interface type interface number begin include exclude regular expression View Any view Parameter interface type Port type interface number Port number Specifies to use a regular expression to describe the configuration information entries to be displayed begin Each entry must begin with a specified character string include Each entry must include a specified ch...

Page 164: ...t 3Com display brief interface GigabitEthernet1 0 1 Interface Eth Ethernet GE GigabitEthernet TENGE tenGigabitEthernet Loop LoopBack Vlan Vlan interface Cas Cascade Speed Duplex A auto negotiation Interface Link Speed Duplex Type PVID Description GE3 0 1 UP A1000M Afull hybrid 1 abc123 Table 1 1 Description on the fields of the display brief interface command Field Description Interface Port type ...

Page 165: ...ample Display the configuration information of the Ethernet1 0 1 port 3Com display interface Ethernet1 0 1 Ethernet1 0 1 current state DOWN IP Sending Frames Format is PKTFMT_ETHNT_2 Hardware address is 00e0 fc2c 3f11 The Maximum Transmit Unit is 1500 Media type is twisted pair loopback not set Port hardware type is 100_BASE_TX Unknown speed mode unknown duplex mode Link speed type is autonegotiat...

Page 166: ...Frames Format Ethernet frame format Hardware address Port hardware address The Maximum Transmit Unit The maximum transmit unit MTU Media type Media type Port hardware type Port hardware type Flow control is enabled Flow control status of the port The Maximum Frame Length Maximum frame length allowed on the port Allow jumbo frame to pass Whether Jumbo frame is allowed on the port Port monitor last ...

Page 167: ... 0 aborts 0 deferred 0 collisions 0 late collisions lost carrier no carrier Statistics on the outgoing packets and errors on the port The indicates that the statistical item is not supported 1 1 6 display loopback detection Syntax display loopback detection port loopbacked begin include exclude regular expression View Any view Parameter port loopbacked Specifies to display the information of ports...

Page 168: ... per vlan loopback status RprGE1 0 1 N N N not loop RprGE1 0 1 1 N N N not loop RprGE1 0 1 2 N N N not loop Table 1 3 Description on the fields of the display loopback detection command Field Description Loopback detection interval time Interval of performing loopback detection Interface Interface name detect Whether loopback detection is enabled control Processing mode for the port where loopback...

Page 169: ... 5 10 1 1 8 display transceiver information interface Syntax display transceiver information interface interface type interface number View Any view Parameter interface type Port type interface number Port number Description Use the display port display transceiver information interface command to display information about a specified optical port Example Display the information about the optical ...

Page 170: ...m Vendor Name Name of the vendor Serial Number Serial number Transfer Distance m Transfer distance in m 1 1 9 duplex Syntax duplex auto full half undo duplex View Ethernet port view Parameter auto Sets the port to auto negotiation mode full Sets the port to full duplex mode half Sets the port to half duplex mode Description Use the duplex command to set the duplex mode of the current port Use the ...

Page 171: ...ble flow control on the port so as to avoid packet loss during congestion Use the undo flow control command to disable flow control on the port By default flow control is disabled on a port Note Enable flow control on the port following the two steps z Enable flow control globally z Enable flow control on the port in Ethernet port view Example Enable flow control on the GigabitEthernet1 0 1 port 3...

Page 172: ...flow interval Syntax flow interval interval undo flow interval View Ethernet port view Parameter Interval Interval in seconds to perform statistics on port information This argument ranges from 5 to 300 in step of 5 and is 300 by default Description Use the flow interval command to set the interval to perform statistics on port information Use the undo flow interval command to restore the default ...

Page 173: ...w with Ctrl Z 3Com interface ethernet 1 0 1 3Com Ethernet1 0 1 flow interval 100 1 1 13 hardspeedup Syntax hardspeedup enable hardspeedup disable View System view Parameter None Description Use the hardspeedup enable command to enable command to enable the hardware speedup function inside the port Use the hardspeedup disable command to disable the hardware speedup function inside the port By defau...

Page 174: ...Port number in the format of LPU slot number subcard slot number port number Table 1 5 Range of LPU slot number subcard slot number Description Device Range of LPU number Subcard slot number Range of port number S6502 0 to 1 0 S6503 0 to 3 0 S6506 0 to 6 0 S6506R 0 to 7 0 Depending on the number of ports on the LPU you select Description Use the interface command to enter Ethernet port view To con...

Page 175: ...ent Ethernet port Use the undo jumboframe enable command to inhibit jumbo frames from passing through the current Ethernet port By default jumbo frames that are larger than 1 518 bytes and smaller than 1 536 bytes are allowed to pass through the Ethernet port Example Allow jumbo frames smaller than 1 536 bytes to pass through GigabitEthernet1 0 1 3Com system view System View return to User View wi...

Page 176: ...l Z 3Com loopback detection enable 1 1 17 loopback detection interval time Syntax loopback detection interval time time undo loopback detection interval time View System view Parameter time Interval for detecting external loopback on a port in the range of 5 to 300 in seconds It is 30 seconds by default Description Use the loopback detection interval time command to set the interval for detecting ...

Page 177: ...the port will stop learning new MAC addresses The system will periodically detect whether loopback still occurs on the port If yes the port keeps in the current state If not the port will be restored to the state of sending and receiving packets normally and additionally the MAC address learning function will be also restored for the port shutdown Specifies to disable the port after loopback is de...

Page 178: ...ommand to enable loopback detection for only the default VLAN on the current port By default loopback detection is enabled for only the default VLAN of a trunk port or hybrid port Note that this command is not available to access ports Example Enable loopback detection for all the VLANs on the trunk port GIgabitEthernet1 0 1 3Com system view System View return to User View with Ctrl Z 3Com interfa...

Page 179: ...e is specified the system prompts Operation not supported Example Specify Ethernet1 0 1 to identify the network cable type automatically 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet1 0 1 3Com Ethernet1 0 1 mdi auto 1 1 21 multicast suppression Syntax multicast suppression ratio bandwidth mbps value kbps kbps value pps max pps undo multicast suppression View ...

Page 180: ...ort Use the undo multicast suppression command to restore the default multicast suppression setting on the current port When incoming multicast traffic on the port exceeds the multicast traffic threshold you set the system drops the packets exceeding the threshold to reduce the multicast traffic ratio to the reasonable range so as to keep normal network service By default the switch does not suppr...

Page 181: ...an command to remove the access port from the specified VLAN You must specify the ID of an existing VLAN in the command Example Add Ethernet1 0 1 into VLAN 3 VLAN 3 is an existing VLAN 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet1 0 1 3Com Ethernet1 0 1 port access vlan 3 1 1 23 port hybrid pvid vlan Syntax port hybrid pvid vlan vlan id undo port hybrid pvid...

Page 182: ...rid vlan vlan id list View Ethernet port view Parameter vlan id list VLAN range to which the hybrid port will be added vlan id list vlan id1 to vlan id2 1 10 where vlan id is in the range of 1 to 4094 and can be discrete and 1 10 means you can input up to ten VLAN IDs ID ranges tagged Keeps VLAN tags when the packets of the specified VLANs are forwarded untagged Keeps no VLAN tags when the packets...

Page 183: ...ption Use the port link type command to set the link type of the current Ethernet port Use the undo port link type command to restore the default link type The three types of ports can co exist on the same Ethernet switch However a trunk port cannot be directly switched to a hybrid port and vice versa To set a trunk hybrid port to another type different from access you must first set the port to a...

Page 184: ...m for the current port to the default value which is related to the configuration performed in system view z If you have configured the global delay in stem view refer to 1 1 27 port monitor last slot for details the default delay will be the global delay z If no global delay is configured the default delay is 1 Note The delay of reporting down state to the system can be configured in either syste...

Page 185: ...to the system Description Use the port monitor last command to set the delay of reporting down state to the system for the ports of all the LPUs or the specified LPU Use the undo port monitor last command to restore the delay to the default value By default the delay of reporting down state to the system is 1 After the setting you can use the display interface command to display the information ab...

Page 186: ...t from the specified VLAN A trunk port can belong to multiple VLANs When you use the command several times all VLAN specified in the commands will be allowed to pass the port Related command port link type Example Add the trunk port Ethernet1 0 1 to VLAN 2 VLAN 4 and VLAN 50 through VLAN 100 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet1 0 1 3Com Ethernet1 0 ...

Page 187: ... View return to User View with Ctrl Z 3Com interface Ethernet1 0 1 3Com Ethernet1 0 1 port trunk pvid vlan 100 1 1 30 reset counters interface Syntax reset counters interface interface type interface type interface number View User view Parameter interface type Port type interface number Port number Description Use the reset counters interface command to clear the statistics of the port preparing ...

Page 188: ...nd to enable an Ethernet port By default an Ethernet port is enabled Example Enable Ethernet1 0 1 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet1 0 1 3Com Ethernet1 0 1 undo shutdown 1 1 32 speed Syntax speed 10 100 1000 10000 auto undo speed View Ethernet port view Parameter 10 Specifies the port speed to 10 Mbps 100 Specifies the port speed to 100 Mbps 1000 ...

Page 189: ...ault the port speed is in the auto negotiation mode Example Set the speed of Ethernet1 0 1 to 10 Mbps 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet 1 0 1 3Com Ethernet1 0 1 speed 10 1 1 33 speedup Syntax speedup enable speedup disable View System view Parameter None Description Use the speedup enable command to enable the hardware speedup function outside the...

Page 190: ...al bandwidth on an Ethernet port The value ranges from 1 to 100 in the step of 1 and defaults to 100 The smaller the ratio is the less unknown unicast traffic is allowed mbps value Maximum bandwidth in Mbps for receiving unknown unicast traffic on an Ethernet port The range of the mbps value argument depends on the port type z 1 to 100 for 100 Mbps Ethernet ports z 1 to 1000 for 1000 Mbps Ethernet...

Page 191: ...affic ratio to the reasonable range so as to keep normal network service This function is disabled by default Caution Type A LPUs including 3C16860 3C16861 3C16858 and 3C16859 do not support enabling unknown unicast suppression on a port Example Allow the incoming unknown unicast traffic on the Ethernet1 0 1 port to occupy at most 20 of the bandwidth on the port 3Com system view System View return...

Page 192: ...displayed length value is the length from the port to the faulty point z Pair impedance mismatch z Pair skew z Pair swap z Pair polarity z Insertion loss z Return loss z Near end crosstalk By default the system does not test the cable connected to the Ethernet port Note z The combo port does not support the virtual cable test command z The error for cable length tested through the virtual cable te...

Page 193: ...3Com Switch 7750 Series Command Reference Guide Basic Port Commands Chapter 1 Port Basic Configuration Commands 1 34 Pair polarity normal Insertion loss 7 db Return loss 7 db Near end crosstalk 7 db ...

Page 194: ...ystem id 1 1 1 1 2 display link aggregation interface 1 1 1 1 3 display link aggregation summary 1 3 1 1 4 display link aggregation verbose 1 4 1 1 5 hash 1 6 1 1 6 lacp enable 1 7 1 1 7 lacp port priority 1 7 1 1 8 lacp system priority 1 8 1 1 9 link aggregation 1 9 1 1 10 link aggregation group description 1 9 1 1 11 link aggregation group mode 1 10 1 1 12 port link aggregation group 1 11 1 1 13...

Page 195: ...o display the device ID of the local system including the system priority and the MAC address Example Display the device ID of the local system 3Com display lacp system id Actor System ID 0x8000 00e0 fc00 0100 Table 1 1 Description on the fields of the display lacp system id command Field Description Actor System ID Device ID of the local system including the system priority and the system MAC add...

Page 196: ...roup ID of the specified port or port range z Port priority operation key and LACP status flag of the local end z Device ID port number port priority operation key and protocol status flag and LACP packet statistics of the remote end Note that for a manual aggregation group value 0 is displayed for all the above items of the remote end which does not indicate the real information of the remote end...

Page 197: ...nt LACP Packets 0 packet s Statistics about LACP packets including the number of received LACP packets the number of illegal LACP packets and the number of send LACP packets 1 1 3 display link aggregation summary Syntax display link aggregation summary View Any view Parameter None Description Use the display link aggregation summary command to display summary information of all aggregation groups ...

Page 198: ...ic S static or M manual Partner ID ID of the remote device Select Ports Number of the selected ports Standby Ports Number of standby ports Share Type Load sharing type Shar load sharing or NonS non load sharing Master Port Number of the master port 1 1 4 display link aggregation verbose Syntax display link aggregation verbose agg id View Any view Parameter agg id ID of the aggregation group to be ...

Page 199: ...har Loadsharing NonS Non Loadsharing Aggregation ID 1 AggregationType Static Loadsharing Type NonS Aggregation Description System ID 0x8000 000f e218 d0d0 Port Status S Selected T sTandby Local Port Status Priority Flag Oper Key Link Status GigabitEthernet3 0 1 S 32768 0x7d 1 Up GigabitEthernet3 0 2 T 32768 0x45 2 Down Remote Actor Partner Priority Flag Oper Key SystemID GigabitEthernet3 0 1 0 327...

Page 200: ...parameter dstmac Specifies a destination MAC address as the HASH algorithm parameter ip Specifies the value obtained from the XOR operation performed between the source IP address and the destination IP address as the HASH algorithm parameter l4port Specifies the port number of TCP or UDP as the HASH algorithm parameter mac Specifies the value obtained from the XOR operation performed between the ...

Page 201: ...urn to User View with Ctrl Z 3Com hash dstip ioboard solt 2 1 1 6 lacp enable Syntax lacp enable undo lacp enable View Ethernet port view Parameter None Description Use the lacp enable command to enable the LACP protocol Use the undo lacp enable command to disable the LACP protocol Example Enable the LACP protocol on Ethernet1 0 1 3Com system view System View return to User View with Ctrl Z 3Com i...

Page 202: ...em view System View return to User View with Ctrl Z 3Com interface Ethernet1 0 1 3Com Ethernet1 0 1 lacp port priority 64 1 1 8 lacp system priority Syntax lacp system priority system priority value undo lacp system priority View System view Parameter system priority value System priority ranging from 0 to 65 535 and defaulting to 32 768 Description Use the lacp system priority command to set the ...

Page 203: ...he system assigns a new group number The link aggregation group agg id mode command and the port link aggregation group command can be used together to implement the function of the link aggregation command By default z For IP packets the system performs load sharing based on IP addresses z For non IP packets the system performs load sharing based on MAC addresses Example Set up an aggregation gro...

Page 204: ...Example Set the description office for aggregation group 22 3Com system view System View return to User View with Ctrl Z 3Com link aggregation group 22 description office 1 1 11 link aggregation group mode Syntax link aggregation group agg id mode manual static undo link aggregation group agg id View System view Parameter agg id Aggregation group ID in the range of 1 to 384 manual Creates a manual...

Page 205: ...egation group command to add the current Ethernet port to a manual or static aggregation group Use the undo port link aggregation group command to remove the current Ethernet port from the aggregation group Example Add Ethernet1 0 1 to aggregation group 22 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet1 0 1 3Com Ethernet1 0 1 port link aggregation group 22 1 1...

Page 206: ...e to keyword is specified multiple contiguous ports are specified z The interface type argument represents the port type and the interface num argument represents the port number Description Use the reset lacp statistics command to clear LACP statistics on specified port s or on all ports if no port is specified Example Clear LACP statistics on all Ethernet ports 3Com reset lacp statistics ...

Page 207: ...tion Table of Contents i Table of Contents Chapter 1 Port Isolation Configuration Commands 1 1 1 1 Port Isolation Configuration Commands 1 1 1 1 1 description 1 1 1 1 2 display isolate port 1 1 1 1 3 port 1 2 1 1 4 port isolate 1 3 1 1 5 port isolate group 1 4 ...

Page 208: ...r to 80 characters Description Use the description command to specify the description string for the current isolation group Use the undo description command to remove the description string for the current isolation group By default no description string is specified for the isolation group Example Specify home as the description string for isolation group 1 3Com system view System View return to...

Page 209: ...0 2 1 1 3 port Syntax port interface list undo port interface list View Isolation group view Parameter interface list List of destination ports expressed in the form of interface list interface type interface number to interface type interface number 1 10 where z The interface type argument represents the bound port type z The interface number argument represents the bound port number z The to key...

Page 210: ...rnet port view Parameter group id ID of an isolation group in the range of 1 to 64 Description Use the port isolate command to add the current Ethernet port to the created isolation group Use the undo port isolate command to remove the current Ethernet port from the isolation group By default an isolation group contains no port This command functions the same as the 1 1 3 port command except that ...

Page 211: ... port isolate group group id undo port isolate group group id View System view Parameter group id ID of an isolation group in the range of 1 to 64 Description Use the port isolate group command to create an isolation group Use the undo port isolate command to remove the specified isolation group By default an isolation contains no Ethernet ports Example Create isolation group 1 3Com system view Sy...

Page 212: ... 1 1 3 port security intrusion mode 1 4 1 1 4 port security authorization ignore 1 6 1 1 5 port security max mac count 1 7 1 1 6 port security ntk mode 1 7 1 1 7 port security oui 1 9 1 1 8 port security port mode 1 10 1 1 9 port security timer disableport 1 13 1 1 10 port security trap 1 14 Chapter 2 Port Binding Commands 2 1 2 1 Port Binding Commands 2 1 2 1 1 am user bind interface 2 1 2 1 2 am...

Page 213: ... and 1 10 means that you can provide up to 10 port indexes port index ranges in this argument Description Use the display port security command to display information about port security configuration including global configuration and configuration on specified or all ports By checking the output of this command you can verify the current configuration Caution z This command will display global a...

Page 214: ...on on the fields of the display port security command Field Description Equipment port security is enabled Port security is enabled on the switch AddressLearn trap is Enabled The sending of address learning trap messages is enabled Intrusion trap is Enabled The sending of intrusion detection trap messages is enabled Dot1x logon trap is Enabled The sending of 802 1x user authentication success trap...

Page 215: ...Know mode is needtoknowonly The NTK mode is ntkonly Intrusion mode is disableport The intrusion detection mode is disableport Max mac address num is 100 The maximum number of MAC addresses allowed on the port is 100 Stored mac address num is 0 No MAC address is stored Authorization is permit Authorization information delivered by the RADIUS server will be applied to the port 1 1 2 port security en...

Page 216: ...r system view 3Com system view System View return to User View with Ctrl Z Enable port security 3Com port security enable Ethernet1 0 1 Notice The port control of 802 1x will be restricted to auto when port security is enabled Please wait Done 1 1 3 port security intrusion mode Syntax port security intrusion mode disableport disableport temporarily blockmac undo port security intrusion mode View E...

Page 217: ...etects illegal packets packets with illegal MAC address or events and takes a pre set action accordingly The actions you can set include disconnecting the port temporarily permanently and blocking packets with invalid MAC addresses The following cases can trigger intrusion protection on a port z A packet with unknown source MAC address is received on the port while MAC address learning is disabled...

Page 218: ...server Use the undo port security authorization ignore command to restore the default configuration By default the port uses does not ignore the authorization information delivered by the RADIUS server z With the port security authorization ignore command executed issuing the display port security interface command will display Authorization is ignore in the output information z With the undo port...

Page 219: ...t pass 802 1x authentication z Number of MAC addresses that pass MAC address authentication z Number of security MAC addresses Use the undo port security max mac count command to cancel this limit By default there is no limit on the number of MAC addresses allowed on the port Example Enter system view 3Com system view System View return to User View with Ctrl Z Enable port security 3Com port secur...

Page 220: ...ts when the NTK feature is triggered Use the undo port security ntk mode command to cancel the setting of packet transmission mode By default no transmission mode is set on the port Table 1 2 shows the trigger conditions of the NTK feature Note By checking the destination MAC addresses of the data frames to be sent from a port the NTK feature ensures that only successfully authenticated devices ca...

Page 221: ... Each OUI uniquely identifies an equipment manufacturer in the world and is the higher 24 bits of MAC address z You need only to input a full MAC address in hexadecimal format for the OUI value argument in this command and the system will automatically convert the address from hexadecimal format to binary format and then take the higher 24 bits of the resulting binary data as the OUI value Descrip...

Page 222: ...ty mode of the port See Table 1 2 for the values of this argument Description Use the port security port mode command to set the security mode of the port Use the undo port security port mode command to restore the port to the normal operating mode Port security defines various security modes that allow devices to learn legal source MAC addresses in order for you to implement different network sec...

Page 223: ...he port is disabled from learning MAC addresses Only those packets whose source MAC addresses are static MAC addresses configured can pass through the port In the secure mode the device will trigger NTK and intrusion protection upon detecting an illegal packet userlogin In this mode port based 802 1x authentication is performed for access users In this mode neither NTK nor intrusion protection wil...

Page 224: ...address entries on the port mac authe ntication In this mode MAC address based authentication is performed for access users userlogin secure or mac In this mode the two kinds of authentication in mac authentication and userlogin secure modes can be performed simultaneously If both kinds of authentication succeed the userlogin secure mode takes precedence over the mac authentication mode userlogin ...

Page 225: ... Ctrl Z Enable port security 3Com port security enable Enter GigabitEthernet1 0 1 port view 3Com interface GigabitEthernet1 0 1 Set the security mode on GigabitEthernet1 0 1 to userlogin 3Com GigabitEthernet1 0 1 port security port mode userlogin 1 1 9 port security timer disableport Syntax port security timer disableport timer undo port security timer disableport View System view Parameter timer ...

Page 226: ...ralmlogon ralmlogoff ralmlogfailure undo port security trap addresslearned intrusion dot1xlogon dot1xlogoff dot1xlogfailure ralmlogon ralmlogoff ralmlogfailure View System view Parameter addresslearned Enables disables the sending of MAC address learning trap messages intrusion Enables disables the sending of intrusion packet discovery trap messages dot1xlogon Enables disables the sending of 802 1...

Page 227: ...f trap messages Note This command is based on the device tracking feature which enables the switch to send trap messages when special data packets generated by illegal intrusion abnormal user logon logoff or other special activities are passing through a port so as to help the network administrator to monitor special activities When you use the display port security command to display global infor...

Page 228: ...e bound interface type Type of the port to be bound to interface number Number of the port to be bound to Description Use the am user bind interface command to bind the MAC and IP addresses of a legal user to a specified port Use the undo am user bind interface command to cancel the binding After such a binding operation only the user whose device MAC address is identical with the bound MAC addres...

Page 229: ... Use the am user bind command to bind the MAC and IP addresses of a legal user to the current port Use the undo am user bind command to cancel the binding After such a binding operation only the user whose device MAC address is identical with the bound MAC address can use the bound IP address to access the network through the port Note An IP address can be bound with only one MAC address and vice ...

Page 230: ...ddr ip addr Displays only the binding information of a specified IP address Description Use the display am user bind command to display port binding information Example Display the current system port binding information 3Com display am user bind Following User address bind have been configured Mac IP Port 00e0 fc00 5101 10 153 1 1 Ethernet1 0 1 00e0 fc00 5102 10 153 1 2 Ethernet1 0 2 Unit 1 Total...

Page 231: ...able of Contents Chapter 1 DLDP Configuration Commands 1 1 1 1 DLDP Configuration Commands 1 1 1 1 1 display dldp 1 1 1 1 2 dldp 1 2 1 1 3 dldp authentication mode 1 3 1 1 4 dldp interval 1 4 1 1 5 dldp reset 1 5 1 1 6 dldp unidirectional shutdown 1 6 1 1 7 dldp work mode 1 6 ...

Page 232: ...bled port z The configuration information of the DLDP enabled port includes the interval authentication mode password DLDP operating mode and DLDP handling mode after a unidirectional link is detected z The status information includes the neighbor status local port status and link status z The neighbor table includes the MAC address port ID neighbor status and aging time items Example Display info...

Page 233: ...neighbor aged time 24 1 1 2 dldp Syntax dldp enable disable View System view Ethernet port view Parameter None Description In system view Use the dldp enable command to enable DLDP globally on all optical ports of the switch Use the dldp disable command to disable DLDP globally on all optical ports of the switch In Ethernet port view Use the dldp enable command to enable DLDP on the current port U...

Page 234: ...ation mode none simple simple password md5 md5 password undo dldp authentication mode View System view Parameter none Performs no authentication with the peer port simple Sets the authentication mode with the peer port to plain text simple password Password for authentication with the peer port a plaintext string in the range of 1 character to 16 characters md5 Specifies the mode of authentication...

Page 235: ...figure 3Com B 3ComB system view System View return to User View with Ctrl Z 3ComB dldp authentication mode simple password1 1 1 4 dldp interval Syntax dldp interval integer undo dldp interval View System view Parameter Integer Interval of sending DLDP packets in the range of 5 seconds to 100 seconds It is 10 seconds by default Description Use the dldp interval command to set the interval of sendin...

Page 236: ...ntax dldp reset View System view Ethernet port view Parameter None Description In system view Use the dldp reset command to reset the DLDP status of all the ports disabled by DLDP In Ethernet port view Use the dldp reset command to reset the DLDP status of the current port disabled by DLDP After the dldp reset command is executed the DLDP status of these ports changes from disable to active and DL...

Page 237: ... stops the DLDP packet sending receiving on the port at the same time Description Use the dldp unidirectional shutdown command to set the DLDP handling mode when a unidirectional link is found Use the dldp unidirectional shutdown command to restore the default setting By default the handling mode of DLDP after unidirectional links are detected is auto Related command dldp work mode Example Configu...

Page 238: ...gures DLDP to work in normal mode In this mode DLDP does not probe actively whether neighbors exist when neighbor tables are aging Description Use the dldp work mode command to set the DLDP operating mode Use the undo dldp work mode command to restore the default DLDP operating mode By default DLDP works in normal mode Example Configure DLDP to work in enhanced mode 3Com system view System View re...

Page 239: ...ration Commands 1 1 1 1 MAC Address Table Configuration Commands 1 1 1 1 1 bridgemactocpu 1 1 1 1 2 display mac address aging time 1 2 1 1 3 display mac address 1 2 1 1 4 mac address 1 4 1 1 5 mac address learning synchronization 1 6 1 1 6 mac address mac learning disable 1 6 1 1 7 mac address max mac count 1 7 1 1 8 mac address timer 1 8 ...

Page 240: ...bridgemactocpu Syntax bridgemactocpu enable disable View System view Parameter enable Enables the packets to be passed to the CPU for processing disable Disables the packets from being passed to the CPU for processing Description Use the bridgemactocpu command to set whether the packets with destination MAC address as the bridge MAC address of the switch will be passed to the CPU for processing By...

Page 241: ...Related command mac address mac address timer display mac address Example Display the aging time for the dynamic MAC address entries 3Com display mac address aging time Mac address aging time 300s The output information indicates that the aging time for the dynamic MAC address entries is 300 seconds 3Com display mac address aging time Mac address aging time no aging The output information indicate...

Page 242: ... static Displays static MAC address entries A static MAC address entry does not age dynamic Displays dynamic MAC address entries A dynamic MAC address entry ages with time interface type Port type interface number Port number vlan id VLAN ID This argument ranges from 1 to 4094 count Displays only the total number of the MAC address entries Description Use the display mac address command to display...

Page 243: ...isplay mac address vlan 2 count 9 mac address es found in vlan 2 Table 1 2 Description on the fields of the display mac address command Field Description MAC ADDR MAC address VLAN ID ID of the VLAN to which the network device identified by the MAC address belongs STATE The state of the MAC address The value of this field can be Static Learned and so on PORT INDEX Port index including port type and...

Page 244: ... vlan vlan id Removes a specified static or dynamic MAC address entry interface interface type interface number Removes all the MAC address entries concerning a specified port vlan vlan id Removes all the MAC address entries concerning a specified VLAN mac address interface interface type interface number vlan vlan id Removes a specified MAC address entry Description Use the mac address command to...

Page 245: ...on View System view Parameter None Description Use the mac address learning synchronization command to enable MAC address learning synchronization between board chips Use the undo mac address mac learning disable command to disable MAC address learning synchronization between board chips By default MAC address learning synchronization between board chips is disabled Example Enable MAC address lear...

Page 246: ... view z Do not use the mac address mac learning disable command together with the mac address max mac count command Example Disable the port Ethernet1 0 1 from learning MAC addresses 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet 1 0 1 3Com Ethernet1 0 1 mac address mac learning disable 1 1 7 mac address max mac count Syntax mac address max mac count count und...

Page 247: ...et1 0 3 port can learn to 600 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet 1 0 3 3Com Ethernet1 0 3 mac address max mac count 600 1 1 8 mac address timer Syntax mac address timer aging age no aging undo mac address timer aging View System view Parameter aging age Specifies the aging time in seconds for layer 2 dynamic MAC address entries The age argument ran...

Page 248: ... performance of the switch z If the aging time is too long MAC address entries may still exist even if they turn invalid This causes the switch to be unable to update its MAC address table in time In this case the MAC address table cannot reflect the position changes of network devices in time Example Set the aging time for MAC address entries to 500 seconds 3Com system view System View return to ...

Page 249: ...t 1 14 1 1 15 stp interface 1 15 1 1 16 stp interface config digest snooping 1 16 1 1 17 stp interface cost 1 18 1 1 18 stp interface edged port 1 19 1 1 19 stp interface loop protection 1 20 1 1 20 stp interface mcheck 1 21 1 1 21 stp interface no agreement check 1 22 1 1 22 stp interface point to point 1 23 1 1 23 stp interface port priority 1 25 1 1 24 stp interface root protection 1 26 1 1 25 ...

Page 250: ... secondary 1 39 1 1 38 stp root protection 1 40 1 1 39 stp tc protection 1 41 1 1 40 stp timer forward delay 1 42 1 1 41 stp timer hello 1 43 1 1 42 stp timer max age 1 44 1 1 43 stp timer factor 1 45 1 1 44 stp transmit limit 1 46 1 1 45 vlan mapping modulo 1 47 1 1 46 vlan vpn tunnel 1 48 ...

Page 251: ...e network topology jitter caused by the configuration MSTP multiple spanning tree protocol does not regenerate spanning trees immediately after the configuration it does this only after you activate the new MST region related settings or enable MSTP and then the new settings can really take effect This command causes the switch to operate with the new MST region related settings you configured and...

Page 252: ... any one of the above three MST region related settings does not be consistent with that of another switch in the region You can use this command to find the MST region the switch currently belongs to or check to see whether or not the MST region related configuration is correct Related command instance region name revision level vlan mapping modulo and active region configuration Example Display ...

Page 253: ...of interface list interface type interface number to interface type interface number 1 10 where 1 10 means that you can provide up to 10 port indexes port index ranges for this argument Slot slot number Specifies a slot the STP related information about which is to be displayed brief Displays only port state and protection measures taken on the port Description Use the display stp command to displ...

Page 254: ...ost designated bridge designated port edge port non edge port whether or not the link on the port is a point to point link the maximum transmitting speed type of the enabled protection function state of the digest snooping feature enabled or disabled VLAN mappings Hello time Max age Forward delay Message age time and Remaining hops z Global MSTI parameters MSTI instance ID bridge priority of the i...

Page 255: ...isplay the activated MST region configuration including the region name region revision level and spanning tree instance to VLAN mappings configured for the switch Related command stp region configuration Example Display the activated MST region configuration 3Com display stp region configuration Oper Configuration Format selector 0 Region name hello Revision level 0 Instance Vlans Mapped 0 21 to ...

Page 256: ...ANs with their IDs beyond this range if the switch supports this kind VLAN IDs such as VLAN 4095 VLAN 4096 can only be mapped to the CIST spanning tree instance 0 Description Use the instance command to map specified VLANs to a specified spanning tree instance Use the undo instance command to remove the mappings from the specified VLANs to the specified spanning tree instance and remap the specifi...

Page 257: ... 1 6 region name Syntax region name name undo region name View MST region view Parameter name MST region name to be set for the switch a string of 1 to 32 characters Description Use the region name command to set an MST region name for a switch Use the undo region name command to revert to the default MST region name The default MST region name of a switch is its MAC address MST region name along ...

Page 258: ...ude the numbers of the TCN BPDUs configuration BPDUs RST BPDUs and MST BPDUs sent received through one or more specified ports or all ports note that STP BPDUs and TCN BPDUs are counted only for CISTs This command clears the spanning tree related statistics on specified ports if you specify the interface list argument If you do not specify the interface list argument this command clears the spanni...

Page 259: ...ration 3Com mst region revision level 5 1 1 9 stp Syntax stp enable disable undo stp View System view Ethernet port view Parameter enable Enables MSTP globally or on a port disable Disables MSTP globally or on a port Description Use the stp command to enable disable MSTP globally or on a port Use the undo stp command to revert to the default MSTP state globally or on a port By default MSTP is disa...

Page 260: ...protection command to revert to the default state of the BPDU protection function By default the BPDU protection function is disabled Normally the access ports of the devices operating on the access layer directly connect to terminals such as PCs or file servers These ports are usually configured as edge ports to achieve rapid transition But they resume non edge ports automatically upon receiving ...

Page 261: ...he network diameter of a switched network is represented by the maximum possible number of switches between any two terminals in a switched network Use the undo stp bridge diameter command to revert to the default network diameter By default the maximum number of switches between any two terminal devices in the switched network is 7 After you configure the network diameter of a switched network MS...

Page 262: ...region by checking the configuration IDs of the BPDUs between them A configuration ID contains information such as region ID and configuration digest As some partners switches adopt proprietary spanning tree protocols they cannot interwork with other switches in an MST region even if they are configured with the same MST region related settings as other switches in the MST region This kind of prob...

Page 263: ...h ports that connect to partners proprietary protocol adopted switches in the same MST region z With the digest snooping feature enabled the VLAN to MSTI mapping cannot be modified z The digest snooping feature is not applicable to MST region edge ports Example Enable the digest snooping feature for Ethernet1 0 1 port 3Com system view System View return to User View with Ctrl Z 3Com interface Ethe...

Page 264: ... By configuring different path costs for the same port in different MSTIs you can make flows of different VLANs traveling along different physical links so as to achieve VLAN based load balancing Changing the path cost of a port in a spanning tree instance may change the role of the port in the instance and put it in state transition Related command stp interface cost Example Set the path cost of ...

Page 265: ...d to configure the Ethernet ports directly connected to user terminals as edge ports to enable them to transit to the forwarding state rapidly Normally configuration BPDUs cannot reach an edge port because the port is not connected to another switch But when the BPDU protection function is disabled on an edge port configuration BPDUs sent deliberately by a malicious user may reach the port If an e...

Page 266: ... enable or disable MSTP on specified ports in system view By default MSTP is enabled on the ports of a switch if MSTP is globally enabled on the switch and is disabled on the ports if MSTP is globally disabled An MSTP disabled port does not participate in any calculation of spanning tree and is always in forwarding state Caution Disabling MSTP on ports may result in loops Related command stp mode ...

Page 267: ...switches determine whether or not they are in the same MST region by checking the configuration IDs of the BPDUs between them A configuration ID contains information such as region ID and configuration digest As some partners switches adopt proprietary spanning tree protocols they cannot interwork with other switches in an MST region even if they are configured with the same MST region related set...

Page 268: ...on z With the digest snooping feature enabled the VLAN to MSTI mapping cannot be modified z The digest snooping feature is not applicable to MST region edge ports Example Enable the digest snooping feature on Ethernet1 0 1 port in system view 3Com system view System View return to User View with Ctrl Z 3Com stp interface Ethernet 1 0 1 config digest snooping 1 1 17 stp interface cost Syntax stp in...

Page 269: ...ake flows of different VLANs traveling along different physical links so as to achieve VLAN based load balancing Changing the path cost of a port in a spanning tree instance may change the role of the port in the instance and put it in state transition The default port path cost differs with port speed Refer to Table 1 4 for details Related command stp cost Example Set the path cost of Ethernet1 0...

Page 270: ...pology changes You can enable a port to transit to the forwarding state rapidly by setting it to an edge port And you are recommended to configure the Ethernet ports directly connected to user terminals as edge ports to enable them to transit to the forwarding state rapidly Normally configuration BPDUs cannot reach an edge port because the port is not connected to another switch But when the BPDU ...

Page 271: ...p interface loop protection command to enable the loop prevention function in system view Use the undo stp interface loop protection command to revert to the default state of the loop prevention function in system view The loop prevention function is disabled by default Related command stp loop protection Caution Among loop prevention function root protection function and edge port setting only on...

Page 272: ...nnected from the port the port cannot toggle back to the MSTP mode automatically In this case you can force the port to toggle to the MSTP mode by performing the mCheck operation on the port Related command stp mcheck and stp mode Example Perform the mCheck operation for Ethernet1 0 3 port in system view 3Com system view System View return to User View with Ctrl Z 3Com stp interface Ethernet 1 0 3...

Page 273: ...root ports will then send agreement packets to their upstream ports after they receive proposal packets from the upstream designated ports instead of waiting for agreement packets from the upstream switch This enables designated ports of the upstream switch to change their states rapidly Related command stp no agreement check Note z The rapid transition feature can be enabled on root ports or alte...

Page 274: ...to keyword is used by default and so MSTP automatically determines the types of the links connected to the specified ports The rapid transition feature is not applicable to ports on non point to point links If an Ethernet port is the master port of an aggregated port or operates in full duplex mode the link connected to the port is a point to point link You are recommended to let MSTP automaticall...

Page 275: ...cription Use the stp interface port priority command to set a port priority for the specified ports in the specified spanning tree instance Use the undo stp interface port priority command to restore the specified ports to the default port priority in the specified spanning tree instance If you specify the instance id argument to be 0 these two commands apply to the port priorities on the CIST The...

Page 276: ...oot protection function is disabled Configuration errors or attacks may result in configuration BPDUs with their priorities higher than that of a root bridge which causes new root bridge to be elected and network topology jitter to occur In this case flows that should travel along high speed links may be led to low speed links and network congestion may occur You can avoid this by utilizing the ro...

Page 277: ...nt packetnum Also known as maximum transmitting speed the maximum number of configuration BPDUs a port can send in each Hello time This argument ranges from 1 to 255 and defaults to 3 Description Use the stp interface transmit limit command to set the maximum number of configuration BPDUs each specified port can send in each Hello time Use the undo stp interface transmit limit command to revert to...

Page 278: ...y get lost because of network congestions and link failures If a switch does not receive BPDUs from the upstream switch for a certain period the switch selects a new root port the original root port becomes a designated port and the blocked ports transit to forwarding state This may cause loops in the network The loop prevention function suppresses loops With this function enabled if link congesti...

Page 279: ...s the configuration BPDUs whose remaining hops are 0 After a configuration BPDU reaches a root bridge of a spanning tree in a MST region the value of the remaining hops field in the configuration BPDU is decreased by 1 every time the configuration BPDU passes a switch Such a mechanism disables the switches that are beyond the maximum hops from participating in spanning tree generation and thus lim...

Page 280: ...t to transit to the MSTP mode by performing the mCheck operation on the port Similarly when a port on an RSTP compatible upstream switch connects with an STP enabled downstream switch the port transits to the STP compatible mode But when the STP enabled downstream switch is then replaced by an MSTP enabled switch the port cannot automatically transit to the MSTP mode but remains in the STP compati...

Page 281: ... make a switch compatible with STP RSTP MSTP provides following three operation modes STP compatible mode where a switch sends out STP BPDU packets RSTP compatible mode where a switch sends out RSTP BPDU packets MSTP mode where a switch sends out MSTP BPDU packets Related command stp mcheck stp stp interface and stp interface mcheck Example Configure the switch to operate in STP compatible mode 3C...

Page 282: ...rietary spanning tree protocol you can enable the rapid transition feature on the ports of the Switch 7750 series switch operating as the downstream switch Among these ports those operating as the root ports will then send agreement packets to their upstream ports after they receive proposal packets from the upstream designated ports instead of waiting for agreement packets from the upstream switc...

Page 283: ...andard to calculate the default path costs of ports Table 1 4 Transmission speeds and the corresponding path costs Transm ission speed Operation mode half full duplex 802 1D 1998 IEEE 802 1t Standard defined by Private 0 65 535 200 000 000 200 000 10 Mbps Half duplex Full duplex Aggregated link 2 ports Aggregated link 3 ports Aggregated link 4 ports 100 95 95 95 200 000 1 000 000 666 666 500 000 2...

Page 284: ...sured in 100 Kbps Example Configure to use the IEEE 802 1D 1998 standard to calculate the default path costs of ports 3Com system view System View return to User View with Ctrl Z 3Com stp pathcost standard dot1d 1998 Configure to use the IEEE 802 1t standard to calculate the default path costs of ports 3Com system view System View return to User View with Ctrl Z 3Com stp pathcost standard dot1t 1 ...

Page 285: ...y determine the link types of ports These two commands only apply to CISTs and MSTIs If you configure the link to which a port is connected is a point to point link or a non point to point link the configuration applies to all spanning tree instances that is the port is configured to connect to a point to point link or a non point to point link in all spanning tree instances If the actual physical...

Page 286: ... A port on a MSTP enabled switch can have different port priorities and play different roles in different MSTIs This enables packets of different VLANs to be forwarded along different physical paths so as to achieve load balancing by VLANs Changing port priorities result in port roles being re determined and may cause state transitions Related command stp interface port priority Example Set the po...

Page 287: ...fy the instance id argument the two commands apply to the CIST Example Set the priority of the switch in spanning tree instance 1 to 4 096 3Com system view System View return to User View with Ctrl Z 3Com stp instance 1 priority 4096 1 1 35 stp region configuration Syntax stp region configuration undo stp region configuration View System view Parameter None Description Use the stp region configura...

Page 288: ...ime in centiseconds of the specified spanning tree This argument ranges from 100 to 1 000 and defaults to 200 Description Use the stp root primary command to configure the current switch as the root bridge of a specified spanning tree instance Use the undo stp root command to cancel the current configuration By default a switch is not configured as a root bridge If you do not specify the instance ...

Page 289: ...ified Example Configure the current switch as the root bridge of spanning tree instance 1 setting the network diameter of the switched network to 4 and the Hello time to 500 centiseconds 3Com system view System View return to User View with Ctrl Z 3Com stp instance 1 root primary bridge diameter 4 hello time 500 1 1 37 stp root secondary Syntax stp instance instance id root secondary bridge diamet...

Page 290: ...witch that you are configuring as a secondary root bridge The switch will then figures out the other two time parameters Forward delay and Max age You can configure only one root bridge for a spanning tree instance but you can configure one or more secondary root bridges for a spanning tree instance Once a switch is configured as the root bridge or a secondary root bridge its priority cannot be mo...

Page 291: ... tree instances When a port of this type receives configuration BPDUs with higher priorities it changes to Discarding state rather than becomes a non designated port and stops forwarding packets as if it is disconnected from the link It resumes the normal state if it does not receive any configuration BPDUs with higher priorities for a specified period Related command stp interface root protection...

Page 292: ...tions Example Enable the TC BPDU prevention function on the switch 3Com system view System View return to User View with Ctrl Z 3Com stp tc protection enable 1 1 40 stp timer forward delay Syntax stp timer forward delay centi seconds undo stp timer forward delay View System view Parameter centi seconds Forward delay in centiseconds to be set This argument ranges from 400 to 3 000 and defaults to 1...

Page 293: ...tiseconds 3Com system view System View return to User View with Ctrl Z 3Com stp timer forward delay 2000 1 1 41 stp timer hello Syntax stp timer hello centi seconds undo stp timer hello View System view Parameter centi seconds Hello time in centiseconds to be set This argument ranges from 100 to 1 000 and defaults to 200 Description Use the stp timer hello command to set the Hello time of the swit...

Page 294: ...m view System View return to User View with Ctrl Z 3Com stp timer hello 400 1 1 42 stp timer max age Syntax stp timer max age centi seconds undo stp timer max age View System view Parameter centi seconds Max age in centiseconds to be set This argument ranges from 600 to 4 000 and defaults to 2 000 Description Use the stp timer max age command to set the Max age of the switch Use the undo stp timer...

Page 295: ...stem View return to User View with Ctrl Z 3Com stp timer max age 1000 1 1 43 stp timer factor Syntax stp timer factor number undo stp timer factor View System view Parameter number Hello time factor This argument ranges from 1 to 10 and defaults to 3 Description Use the stp timer factor command to set the timeout time of MSTP protocol packets on a switch in the form of a multiple of the Hello time...

Page 296: ...onfiguration BPDUs a port can transmit in each Hello time This argument ranges from 1 to 255 and defaults to 5 Description Use the stp transmit limit command to set the maximum number of configuration BPDUs the current port can transmit in each Hello time Use the undo stp transmit limit command to revert to the default maximum number A larger number configured by the stp transmit limit command all...

Page 297: ... same time A VLAN to spanning tree instance mapping becomes invalid when you map the VLAN to another spanning tree instance Note You can map VLANs to specific spanning tree instances quickly by using the vlan mapping modulo modulo command The ID of the spanning tree instance to which a VLAN is mapped can be figured out by using the following expression VLAN ID 1 modulo 1 Where VLAN ID 1 modulo yie...

Page 298: ...d user networks through specified VLAN VPNs in operator s networks through which spanning trees can be generated across these user networks and are independent of those of the operator s network By default the BPDU Tunnel function is disabled Note z The BPDU Tunnel function can only be enabled on devices with STP employed z The BPDU Tunnel function can only be enabled on access ports z To enable t...

Page 299: ... 1 1 9 display ip routing table verbose 1 13 1 2 Static Route Configuration Commands 1 15 1 2 1 delete static routes all 1 15 1 2 2 ip route static 1 15 1 2 3 ip route static default preference 1 17 Chapter 2 RIP Configuration Commands 2 1 2 1 RIP Configuration Commands 2 1 2 1 1 checkzero 2 1 2 1 2 default cost 2 2 2 1 3 display rip 2 2 2 1 4 display rip routing 2 3 2 1 5 filter policy export 2 5...

Page 300: ...lay ospf abr asbr 3 11 3 1 13 display ospf asbr summary 3 11 3 1 14 display ospf brief 3 13 3 1 15 display ospf cumulative 3 15 3 1 16 display ospf error 3 16 3 1 17 display ospf interface 3 19 3 1 18 display ospf lsdb 3 19 3 1 19 display ospf nexthop 3 21 3 1 20 display ospf peer 3 25 3 1 21 display ospf request queue 3 27 3 1 22 display ospf retrans queue 3 28 3 1 23 display ospf routing 3 29 3 ...

Page 301: ...uration Commands 4 1 4 1 1 area authentication mode 4 1 4 1 2 cost style 4 2 4 1 3 default route advertise 4 3 4 1 4 display isis brief 4 4 4 1 5 display isis interface 4 5 4 1 6 display isis lsdb 4 6 4 1 7 display isis mesh group 4 6 4 1 8 display isis peer 4 7 4 1 9 display isis route 4 8 4 1 10 display isis spf log 4 9 4 1 11 domain authentication mode 4 10 4 1 12 filter policy export 4 11 4 1 ...

Page 302: ...Commands 5 1 5 1 BGP Configuration Commands 5 1 5 1 1 aggregate 5 1 5 1 2 bgp 5 3 5 1 3 balance 5 3 5 1 4 compare different as med 5 4 5 1 5 confederation id 5 5 5 1 6 confederation nonstandard 5 6 5 1 7 confederation peer as 5 6 5 1 8 dampening 5 7 5 1 9 default local preference 5 8 5 1 10 default med 5 9 5 1 11 display bgp group 5 10 5 1 12 display bgp network 5 11 5 1 13 display bgp paths 5 12 ...

Page 303: ... 1 38 peer description 5 35 5 1 39 peer ebgp max hop 5 36 5 1 40 peer enable 5 37 5 1 41 peer filter policy export 5 37 5 1 42 peer filter policy import 5 38 5 1 43 peer group 5 39 5 1 44 peer ip prefix export 5 40 5 1 45 peer ip prefix import 5 40 5 1 46 peer next hop local 5 41 5 1 47 peer password 5 42 5 1 48 peer public as only 5 43 5 1 49 peer reflect client 5 43 5 1 50 peer route policy expo...

Page 304: ...ip ip prefix 6 8 6 1 11 display route policy 6 9 6 1 12 if match acl ip prefix 6 10 6 1 13 if match as path 6 11 6 1 14 if match community 6 11 6 1 15 if match cost 6 12 6 1 16 if match interface 6 13 6 1 17 if match ip next hop 6 14 6 1 18 if match tag 6 15 6 1 19 ip as path acl 6 16 6 1 20 ip community list 6 16 6 1 21 ip ip prefix 6 17 6 1 22 route policy 6 19 Chapter 7 Route Capacity Configura...

Page 305: ...y view Parameter None Description Use the display ip routing table command to display the routing table summary This command displays the summary of the routing table Each line represents one route containing destination address mask length protocol preference cost next hop and output interface This command displays only the currently used routes that is the optimal routes Example Display the summ...

Page 306: ...hop address Interface Output interface through which the data packets destined for the destination network segment are sent 1 1 2 display ip routing table acl Syntax display ip routing table acl acl number acl name verbose View Any view Parameter acl number Number of the number identified ACL in the range of 2 000 to 2 999 acl name Name of the basic name identified ACL verbose Displays the detaile...

Page 307: ...e 1 1 for the description on the displayed information above Display the detailed information about the active and inactive routes filtered by the basic ACL 2000 3Com display ip routing table acl 2000 verbose Routes matched by access list 2000 Generate Default no Active Route Last Active Both Next hop in use Summary count 2 Destination 10 1 1 0 Mask 255 255 255 0 Protocol DIRECT Preference 0 NextH...

Page 308: ...Through Holddown a routing protocol can avoid the flooding of error routes and deliver route unreachable messages accurately It redistributes a certain route every a period of time regardless of whether the actually found routes destined for the same destination change For more details refer to the specific routing protocols Int The route is discovered by the interior gateway protocol IGP NoAdvise...

Page 309: ...s from 0 to 32 when expressed as an integer longer match Specifies all the routes that lead to the destination address and match the specified mask If you do not specify the mask argument those that match the natural mask are specified verbose With the verbose argument specified this command displays the verbose information of both the active and inactive routes Without the argument specified this...

Page 310: ...e Cost Nexthop Interface 169 0 0 0 16 Static 60 0 2 1 1 1 LoopBack1 For detailed description of the output information see Table 1 1 There is no corresponding route only the longest matching route is displayed in the natural mask range Display the summary 3Com display ip routing table 169 253 0 0 Destination Mask Protocol Pre Cost Nexthop Interface 169 0 0 0 8 Static 60 0 2 1 1 1 LoopBack1 There a...

Page 311: ...Syntax display ip routing table ip address1 mask1 ip address2 mask2 verbose View Any view Parameter ip address1 ip address2 Destination IP address in dotted decimal notation ip address1 mask1 and ip address2 mask2 determine one address range together ip address1 ANDed with mask1 specifies the start of the range while ip address2 ANDed with mask2 specifies the end This command displays the route in...

Page 312: ...ers verbose Displays the detailed information about active and inactive routes filtered by the ACL rules if this keyword is provided displays the brief information about the active routes filtered by the ACL rules Description Use the display ip routing table ip prefix command to display the routes filtered based on the specified ip prefix list This command is mainly used to track and display the r...

Page 313: ...inactive routes filtered by the ip prefix list named abc2 3Com display ip routing table ip prefix abc2 verbose Routes matched by ip prefix abc2 Generate Default no Active Route Last Active Both Next hop in use Summary count 2 Destination 10 1 1 0 Mask 255 255 255 0 Protocol DIRECT Preference 0 NextHop 10 1 1 2 Interface 10 1 1 2 Vlan interface1 Vlinkindex 0 State Int ActiveU Retain Unicast Age 3 2...

Page 314: ...d inactive route information verbose With this argument provided this command displays the verbose route information Without this argument provided this command displays route summary only Description Use the display ip routing table protocol command to display the route information of a specific protocol Example Display the summary of all direct connect routes 3Com display ip routing table protoc...

Page 315: ...t 0 STATIC Routing tables status inactive Summary count 1 Destination Mask Protocol Pre Cost Nexthop Interface 1 2 3 0 24 STATIC 60 0 1 2 4 5 Vlan interface10 For detailed description of the output information see Table 1 1 1 1 7 display ip routing table radix Syntax display ip routing table radix View Any view Parameter None Description Use the display ip routing table radix command to display th...

Page 316: ...iew Parameter None Description Use the display ip routing table statistics command to display the statistics information about routes The statistics information about routes includes the total number of routes the number of routes added by protocols the number of routes deleted by the protocols the number of routes which are not deleted though they are with the deleted tag the number of active rou...

Page 317: ...mber of routes active Number of active routes added Number of routes added after the router is rebooted or the routing table is cleared last time deleted Number of routes deleted Such routes will be freed in a period of time Total Total number of the different kinds of routes 1 1 9 display ip routing table verbose Syntax display ip routing table verbose View Any view Parameter None Description Use...

Page 318: ...col DIRECT Preference 0 NextHop 1 1 1 1 Interface 1 1 1 1 Vlan interface1 State Int ActiveU Retain Unicast Age 20 17 41 Cost 0 0 Destination 1 1 1 1 Mask 255 255 255 255 Protocol DIRECT Preference 0 NextHop 127 0 0 1 Interface 127 0 0 1 InLoopBack0 State NoAdvise Int ActiveU Retain Gateway Unicast Age 20 17 42 Cost 0 0 Destination 2 2 2 0 Mask 255 255 255 0 Protocol DIRECT Preference 0 NextHop 2 2...

Page 319: ...nd ip route static and display ip routing table Example Delete all the static routes in the router 3Com system view System View return to User View with Ctrl Z 3Com delete static routes all Are you sure to delete all the unicast static routes Y N y 1 2 2 ip route static Syntax ip route static ip address mask mask length interface type interface number next hop preference preference value reject bl...

Page 320: ...destined for this destination are dropped without the source host being notified Description Use the ip route static command to configure a static route Use the undo ip route static command to delete a manually configured static route By default the system can obtain the subnet route directly connected to the router When you configure a static route if no preference is specified for the route the ...

Page 321: ...is 60 by default Description Use the ip route static default preference command to set the default precedence of the static routes Use the undo ip route static default preference command to restore the default precedence to the default value If a static route is configured without the specified precedence its precedence is set to the default precedence value Related command display ip routing tabl...

Page 322: ...scription Use the checkzero command to enable zero field check of RIP 1 packets Use the undo checkzero command to disable zero field check By default RIP 1 performs zero field check According to the protocol RFC 1058 specifications some fields in RIP 1 packets must be zero and these fields are called zero fields You can use the checkzero command to enable disable zero field check of RIP 1 packets ...

Page 323: ...default routing cost of imported routes Use the undo default cost command to restore the default value If no routing cost is specified when you use the import route command to import routes from another routing protocol the routes will be imported with the default routing cost specified with the default cost command Related command import route Example Set the default routing cost of the routes im...

Page 324: ...router Network 10 0 0 0 Table 2 1 Description on the fields of the display rip command Field Description RIP is running RIP is active Checkzero is on Zero field checking is enabled Default cost 1 The default route cost is 1 Summary is on Routes are aggregated automatically Preference 100 The preference of RIP is 100 Traffic share across interface is off Traffic is shared across equivalent routes P...

Page 325: ...22 4s 10 153 25 22 A Table 2 2 Description on the fields of the display rip routing command Field Description Destination Mask Destination address Mask Cost Cost NextHop Net hop address Age The time that a route exists in the routing table namely the aging time SourceGateway Gateway originating the route Attribute value which may be one of the three following values A Active routes I Inactive rout...

Page 326: ... route policy name Name of the routing policy used to filter routing information containing 1 to 19 characters A routing policy can enable RIP to determine which routes are to be sent received based on such fields as acl cost interface ip ip prefix tag protocol Routing protocol whose routing information is to be filtered Currently this can be bgp direct isis ospf ospf ase ospf nssa or static inter...

Page 327: ...refix name Name of the address prefix list used to filter routing information by the address of the neighbor router advertising the information containing 1 to 19 characters route policy name Name of the routing policy used to filter routing information containing 1 to 19 characters A routing policy can enable RIP to determine which routes are to be sent received based on such fields as acl cost i...

Page 328: ... import 2 1 7 host route Syntax host route undo host route View RIP view Parameter None Description Use the host route command to enable RIP to accept host routes Use the undo host route command to reject host routes By default RIP accepts host routes In some special cases RIP receives a great number of host routes from the same network segment These routes are of little help to path searching and...

Page 329: ...mand to cancel the routes imported from another protocol By default RIP does not import routes from other protocols The import route command is used to import the routes of another protocol with a specified cost RIP regards the imported routes as its own routes and transmits them with the specified cost This command can greatly enhance the capability of RIP to obtain routes thereby improving RIP p...

Page 330: ...it is disabled on any interface To enable RIP routing on an interface you must use the network command The undo network command is similar to the undo rip work command in function But they are not identical Their similarity is that the interface using either command will not receive transmit RIP routes any more The difference between them is that in the case of undo rip work other interfaces will ...

Page 331: ...ation needs to be exchanged in dotted decimal notation Description Use the peer command to configure the destination address of the peer device with which routing information should be exchanged in unicast mode Use the undo peer command to cancel a unicast address By default RIP does not send packets to any address in unicast mode This command is used to for non broadcast networks to which protoco...

Page 332: ...nce Every routing protocol has its own preference Its default value is determined by the specific routing policy The preferences of routing protocols will finally determine which routing algorithm s routes will be selected as the optimal routes in the IP routing table You can use this command to modify the RIP preference manually Example Specify the RIP preference as 20 3Com system view System Vie...

Page 333: ...d restart RIP Y N y 2 1 13 rip Syntax rip undo rip View System view Parameter None Description Use the rip command to enable RIP and enter RIP view Use the undo rip command to disable RIP By default the system does not run RIP RIP must be enabled before you can enter the RIP view and configure various RIP global parameters You can however configure the interface based parameters regardless of whet...

Page 334: ... cipher text authentication key If it is input in a plain text form MD5 key is a character string not exceeding 16 characters And it will be displayed in a cipher text form in a length of 24 characters when you use the display current configuration command You can also input the MD5 key in a cipher text form with a length of 24 characters key id MD5 cipher text authentication identifier ranging fr...

Page 335: ...nterface10 rip version 2 3Com Vlan interface10 rip authentication mode md5 rfc2453 aaa 2 1 15 rip input Syntax rip input undo rip input View Interface view Parameter None Description Use the rip input command to enable an interface to receive RIP packets Use the undo rip input command to disable an interface from receiving RIP packets By default all interfaces except loopback interfaces can receiv...

Page 336: ...rom 0 to 16 By default the value is 0 Description Use the rip metricin command to configure the additional route metric added to the RIP routes received on an interface Use the undo rip metricin command to restore the default value of this additional route metric Related command rip metricout Example Set the additional route metric added to RIP routes received on Vlan interface 10 to 2 3Com system...

Page 337: ...oute metric Note The metricout configuration only applies to the RIP routes learnt by the router and those generated by the router itself It does not apply to any route imported to RIP by any other routing protocol Related command rip metricin Example Set the additional route metric added to the RIP routes to be transmitted on Vlan interface 10 to 2 3Com system view System View return to User View...

Page 338: ...mple Disable the interface Vlan interface 10 from transmitting RIP packets 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 10 3Com Vlan interface10 undo rip output 2 1 19 rip split horizon Syntax rip split horizon undo rip split horizon View Interface view Parameter None Description Use the rip split horizon command to configure an interface to use split ...

Page 339: ...se the rip version command to specify the version of RIP packets on an interface Use the undo rip version command to restore the default RIP packet version on the interface By default the interface RIP version is RIP 1 RIP 1 transmits packets in broadcast mode while RIP 2 transmits packets in multicast mode by default When running RIP 1 the interface only receives and transmits RIP 1 broadcast pac...

Page 340: ...an interface Use the undo rip work command to disable RIP from transmitting and receiving RIP packets on an interface By default RIP is enabled from transmitting and receiving RIP packets on an interface This command is used in cooperation with rip input rip output and network commands Related command network rip input rip output Example Disable RIP from transmitting and receiving RIP packets on t...

Page 341: ...used route aggregation function can be disabled with the undo summary command when it is necessary to broadcast subnet routes RIP 1 does not support subnet mask Forwarding subnet routes may cause ambiguity Therefore RIP 1always uses route aggregation Related command rip version Example Set RIP version on the interface Vlan interface 10 as RIP 2 and disable route aggregation 3Com system view System...

Page 342: ...out and Garbage collection timers are 30 seconds 180 seconds and 120 seconds respectively Generally it is regarded that the value of the Garbage collection timer is fixed at four times that of the Period Update timer Adjusting the Period Update timer will affect the Garbage collection timer The modification of RIP timers is validated immediately Related command display rip Example Set the values o...

Page 343: ...interfaces so as to distribute traffic evenly over equal cost routes across the interfaces on a router Use the undo traffic share across interface command to cancel traffic sharing By default traffic sharing across RIP interfaces is disabled Example Enable traffic sharing across RIP interfaces 3Com system view System View return to User View with Ctrl Z 3Com rip 3Com rip traffic share across inter...

Page 344: ...t address mask Network mask advertise Specifies to advertise the aggregated route that match a specific IP address and mask not advertise Specifies not to advertise the aggregated route that match a specific IP address and mask Description Use the abr summary command to enable route aggregation on an area border router ABR Use the undo abr summary command to disable route aggregation on an ABR By ...

Page 345: ...rl Z 3Com ospf 1 3Com ospf 1 area 1 3Com ospf 1 area 0 0 0 1 network 36 42 10 0 0 0 0 255 3Com ospf 1 area 0 0 0 1 network 36 42 110 0 0 0 0 255 3Com ospf 1 area 0 0 0 1 abr summary 36 42 0 0 255 255 0 0 3 1 2 area Syntax area area id undo area area id View OSPF view Parameter area id ID of an OSPF area which can be a decimal integer ranging from 0 to 4294967295 or in the form of an IP address Des...

Page 346: ...o configure the aggregation of imported routes by OSPF Use the undo asbr summary command to cancel the aggregation By default imported routes are not aggregated After the aggregation of imported routes is configured if the local router is an autonomous system border router ASBR this command aggregates the imported Type 5 LSAs in the aggregation address range If an NSSA is configured this command a...

Page 347: ...outers in one area must use the same authentication mode no authentication simple text authentication or MD5 cipher text authentication If the mode of supporting authentication is configured all routers on the same segment must use the same authentication key Use the ospf authentication mode simple command to configure a simple text authentication key Use the ospf authentication mode md5 command t...

Page 348: ...and to restore the default routing cost of external routes to its default value Since OSPF can import external routing information and propagate the information to the entire autonomous system routing cost of external routes can influence route selection and calculation Therefore it is necessary to specify the default routing cost for the protocol to import external routes Example Specify the defa...

Page 349: ... necessary to specify the default interval for the protocol to import external routes Example Specify the default interval for OSPF to import external routes as 10 seconds 3Com system view System View return to User View with Ctrl Z 3Com ospf 1 3Com ospf 1 default interval 10 3 1 7 default limit Syntax default limit routes undo default limit View OSPF view Parameter routes Default limit on the num...

Page 350: ... Default tag in the range of 0 to 4 294 967 295 which is 1 by default Description Use the default tag command to configure the default tag of OSPF when it imports an external route Use the undo default tag command to restore the default tag of OSPF when it imports the external route When OSPF imports a route found by another routing protocol in the router and uses it as the external routing inform...

Page 351: ...t type command to restore the default type when OSPF imports external routes By default the external routes of type 2 are imported OSPF specifies the two types of external routing information You can use the command described in this section to specify the default type when external routes are imported Related command default tag Example Configure OSPF to import external routes of type 1 by defaul...

Page 352: ...and default cost commands You must use the stub command on all the routers connected to a STUB area to configure the area with the STUB attribute Use the default cost command to configure the cost of the default route transmitted by an ABR to the STUB area or NSSA area Related command stub nssa Example Set area 1 as the STUB area and the cost of the default route transmitted to this STUB area to 6...

Page 353: ...route policy name argument is a string of 1 to 19 characters Description Use the default route advertise command to import the default route to OSPF route area Use the undo default route advertise command to cancel the import of the default route By default OSPF does not import the default route The import route command cannot import the default route To import the default route to the route area ...

Page 354: ...y the information about the OSPF ABRs and ASBRs 3Com display ospf abr asbr OSPF Process 1 with Router ID 1 1 1 1 Routing Table to ABR and ASBR I Intra i Inter A ASBR B ABR S SumASBR Destination Area Cost Nexthop Interface IA 2 2 2 2 0 0 0 0 10 10 153 17 89 Vlan interface1 Table 3 1 Description on the fields of the display ospf abr asbr command Field Description Destination Router ID of the ABR or ...

Page 355: ... ospf asbr summary command to display the summary information of OSPF imported route If you do not specify an IP address or mask the summary information of all OSPF imported routes will be displayed Related command asbr summary Example Display the summary information of all OSPF imported routes 3Com display ospf asbr summary OSPF Process 1 with Router ID 10 1 1 1 Summary Addresses Total summary ad...

Page 356: ...he network segment will be advertised 3 1 14 display ospf brief Syntax display ospf process id brief View Any view Parameter process id OSPF Process ID in the range of 1 to 65 535 If you do not specify a process ID this command applies to all current OSPF processes Description Use the display ospf brief command to display brief OSPF information Example Display brief OSPF information 3Com display o...

Page 357: ...e Authentication type of OSPF Routing preference Routing preference of OSPF The internal route of OSPF includes intra inter area route and its default routing preference is 10 while that of the external route of OSPF is 150 by default Default ASE parameters Default ASE parameters of OSPF including metric type and tag SPF computation count SPF computation count since OSPF is enabled Area Count Area...

Page 358: ... View Any view Parameter process id OSPF Process ID in the range of 1 to 65 535 If you do not specify a process ID this command applies to all current OSPF processes Description Use the display ospf cumulative command to display cumulative OSPF statistics Example Display cumulative OSPF statistics 3Com display ospf cumulative OSPF Process 1 with Router ID 10 1 1 1 Cumulations IO Statistics Type In...

Page 359: ... Output Number of transmitted packets ASE Number of all ASE LSAs checksum sum Checksum of ASE LSA originated Number of originated LSAs LSAs received Number of received LSAs generated by other routers Router Number of all Router LSAs SumNet Number of all Sumnet LSAs SumASB Number of all SumASB LSAs Neighbors Number of neighbors in this area Interfaces Number of interfaces in this area Spf Number of...

Page 360: ...transmit error 0 OSPF interface down 0 OSPF unknown neighbor 0 HELLO netmask mismatch 0 HELLO hello timer mismatch 0 HELLO dead timer mismatch 0 HELLO extern option mismatch 0 HELLO router id confusion 0 HELLO virtual neighbor unknown 0 HELLO NBMA neighbor unknown 0 DD neighbor state low 0 DD router id confusion 0 DD extern option mismatch 0 DD unknown LSA type 0 LS ACK neighbor state low 0 LS ACK...

Page 361: ...atch HELLO hello timer mismatch Interval of HELLO packet is mismatched HELLO dead timer mismatch Interval of dead neighbor packet is mismatched HELLO extern option mismatch Extern option of Hello packet is mismatched HELLO router id confusion Hello packet Router ID confusion HELLO virtual neighbor unknown Hello packet unknown virtual neighbor HELLO NBMA neighbor unknown Hello packet unknown NBMA n...

Page 362: ...ecent LSA Link state update packet received less recent LSA LS UPD unknown LSA type Link state update packet unknown LSA type LS UPD LSA length wrong Link state update packet LSA length error OSPF routing next hop not exist Next hop of OSPF routing does not exist DD MTU option mismatch MTU option of DD packet is mismatched ROUTETYPE wrong type value Route type the value of the type is wrong 3 1 17...

Page 363: ...p Designated Router 10 110 10 2 Timers Hello 10 Dead 40 Poll 10 Retransmit 5 Transmit Delay 1 Display the detailed information about the OSPF interface 3Com display ospf interface verbose OSPF Process 1 with Router ID 192 168 0 68 Interfaces Area 0 0 0 0 Vlan interface1 is up line protocol is up Internet Address is 192 168 0 68 24 Network Type Bcast Cost 10 State BackupDR Priority 1 Designated Rou...

Page 364: ...ined as follows Hell o Interval of hello packet Dea d Interval of dead neighbors Poll Interval of poll Timers Retr ans mit Interval of retransmitting LSA Transmit Delay Delay time of transmitting LSA 3 1 18 display ospf lsdb Syntax display ospf process id area id lsdb brief asbr ase network nssa router summary ip address verbose originate router ip address self originate View Any view Parameter pr...

Page 365: ...DB originate router ip address Specifies the IP address of the router advertising the LSAs self originate Displays the database information about the LSAs generated by the local router self originate LSAs Description Use the display ospf lsdb command to display the information about OSPF link state database LSDB If the verbose keyword is provided the detailed information about the LSAs of the spec...

Page 366: ...0 1 1 1 1 1188 36 80000002 1 Ase List Table 3 7 Description on the fields of the display ospf lsdb command Field Description Type Type of the LSA LinkStateID Link state ID of the LSA AdvRouter Router ID of the router that advertises the LSA Age Age of the LSA Len Length of the LSA Sequence Sequence number of the LSA Metric Cost from the router that advertises the LSA to LSA destination Where Locat...

Page 367: ...chksum Checksum of the LSA Options Options of the LSA Net mask Network mask E type Type of external route Forwarding Address Forwarding address Tag Tag 3 1 19 display ospf nexthop Syntax display ospf process id nexthop View Any view Parameter process id OSPF Process ID in the range of 1 to 65 535 If you do not specify a process ID this command applies to all current OSPF processes Description Use ...

Page 368: ...ce to the next hop nexthop Next hop 3 1 20 display ospf peer Syntax display ospf process id peer brief statistics View Any view Parameter process id OSPF Process ID in the range of 1 to 65 535 If you do not specify a process ID this command applies to all current OSPF processes Description Use the display ospf peer command to display the information about OSPF peer Use the display ospf peer brief ...

Page 369: ... Priority of DR BDR for neighbor election DR IP address of the interface of elected DR BDR IP address of the interface of elected BDR Dead timer expires in 31s If no hello packet is received from the peer within this interval the peer will be considered to be invalid Neighbor has been up for 01 14 14 Time of neighbor connection Display OSPF peer statistics 3Com display ospf peer statistics OSPF Pr...

Page 370: ...this state the router determines the sequence number of initial database description DD packet used for data exchange so that it can obtain the latest link state information Exchange It indicates that OSPF router sends DD packet to its neighbor routers to exchange link state information Loading In this state OSPF router requests neighbor routers based on the updated link state information from nei...

Page 371: ...escription on the fields of the display ospf request queue command Field Description RouterID Router ID of neighbor router Address Address of the interface through which neighbor routers communicate with the router Interface Address of the interface on the network segment Area Area number of OSPF LSID Link State ID of the LSA AdvRouter Router ID of the router that advertised the LSA Sequence Seque...

Page 372: ... 77 0 AdvRouter 103 160 1 1 Type ASE LSID 129 11 108 0 AdvRouter 103 160 1 1 Table 3 13 Description on the fields of the display ospf retrans queue command Field Description RouterID Router ID of neighbor router Address Address of the interface through which neighbor routers communicate with the router Interface Address of the interface on the network segment Area Area number of OSPF Type Type of ...

Page 373: ...16 1 Net 10 110 10 1 1 1 1 1 0 0 0 0 10 10 0 0 16 1 Stub 10 10 0 1 3 3 3 3 0 0 0 0 Total Nets 2 Intra Area 2 Inter Area 0 ASE 0 NSSA 0 Table 3 14 Description on the fields of the display ospf routing command Field Description Destination Destination network segment Cost Cost of route Type Type of route NextHop Next hop of route AdvRouter ID of the router that advertises the route Area Area ID Intr...

Page 374: ...ll Cost 0 State Full Type Virtual Transit Area 0 0 0 2 Timers Hello 10 Dead 40 Poll 0 Retransmit 5 Transmit Delay 1 Table 3 15 Description on the fields of the display ospf vlink command Field Description Virtual link Neighbor id Router ID of virtual link neighbor router State State Interface IP address of the interface on the virtual link Cost Route cost of the interface Type Type virtual link Tr...

Page 375: ... policy export command to cancel the filtering rule configured By default OSPF does not receive routes advertised by the other routing protocols Note z The filter policy export command take effect on only the routes imported to the local device through the import route command If the filter policy export command is configured while the import route command is not configured to import other externa...

Page 376: ...formation Description Use the filter policy import command to configure the OSPF rules for filtering the routing information received Use the undo filter policy import command to cancel the filtering of the routing information received By default no filtering of the received routing information is performed In some cases it may be required that only the routing information meeting some conditions ...

Page 377: ...te protocol process id View OSPF view Parameter protocol Source routing protocol whose routes will be imported At present it can be direct rip bgp isis static ospf ospf ase and ospf nssa process id Specifies to import OSPF cost value Specifies the cost of imported external routes in the range of 0 to 16 777 214 type value Specifies the cost type of imported external routes The value ranges from 1 ...

Page 378: ...p type 2 tag 33 cost 50 3 1 28 network Syntax network ip address ip mask undo network ip address ip mask View OSPF Area view Parameter ip address Address of the network segment where the interface resides ip mask IP address wildcard shielded text similar to the complement of the IP address mask Description Use the network command to enable an interface to run the OSPF protocol Use the undo network...

Page 379: ...oute to the NSSA area no summary An ABR is disabled from transmitting summary_net LSAs to the NSSA area Description Use the nssa command to configure an OSPF area as an NSSA area Use the undo nssa command to cancel the function By default no NSSA area is configured For all the routers connected to the NSSA area the nssa command must be used to configure the area as the NSSA attribute The default r...

Page 380: ...ess id OSPF Process ID ranging from 1 to 65535 By default the process ID is 1 process id is locally significant router id Router ID used by an OSPF process in dotted decimal notation Description Use the ospf command to enable OSPF Use the undo ospf command to disable OSPF After OSPF is enabled you can perform the related configuration in OSPF view By default the system does not run OSPF Related co...

Page 381: ...the display current configuration command is executed Inputting the MD5 key in a cipher text form with 24 characters in length is also supported Description Use the ospf authentication mode command to configure the authentication mode and key between adjacent routers Use the undo ospf authentication mode command to cancel the authentication key that has been set By default the interface does not a...

Page 382: ...e view Parameter value Cost for running OSPF protocol ranging from 1 to 65 535 Description Use the ospf cost command to configure the cost for running OSPF on the interface Use the undo ospf cost command to restore the default costs For the switch the default cost for running OSPF protocol on a VLAN interface is 1 Example Specify the cost spent when an interface runs OSPF as 33 3Com system view Sy...

Page 383: ...face 10 to 8 during DR election 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 10 3Com Vlan interface10 ospf dr priority 8 3 1 34 ospf mib binding Syntax ospf mib binding process id undo ospf mib binding View System view Parameter process id OSPF Process ID It ranges from 1 to 65535 and defaults to 1 Description Use the ospf mib binding command to bind M...

Page 384: ...u enable undo ospf mtu enable View Interface view Parameter None Description Use the ospf mtu enable command to enable the interface to write MTU value when sending DD packets Use the undo ospf mtu enable command to restore the default settings By default the MTU value is 0 when sending DD packets That is the actual MTU value of the interface is not written Database Description DD packets are used...

Page 385: ... Changes the interface network type to point to point Description Use the ospf network type command to configure the network type of OSPF interface Use the undo ospf network type command to restore the default network type of the OSPF interface OSPF divides networks into four types based on link layer protocol z Broadcast If Ethernet or FDDI is adopted OSPF defaults the network type to broadcast z...

Page 386: ...ters not directly reachable to each other through another router that is directly reachable to the two routers If only two routers run OSPF in the same network segment the network type of the interface can also be changed to point to point Note that you must use the peer command to configure the peer if the network type of the interface is NBMA or manually changed to NBMA with the ospf network typ...

Page 387: ...be identical Related command ospf timer hello Example Set the peer dead interval on the interface Vlan interface 10 to 80 seconds 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 10 3Com Vlan interface10 ospf timer dead 80 3 1 38 ospf timer hello Syntax ospf timer hello seconds undo ospf timer hello View Interface view Parameter seconds Interval in seconds...

Page 388: ...scription Use the ospf timer poll command to configure the poll Hello packet interval on NBMA and p2mp network Use the undo ospf timer poll command to restore the default poll interval On an NBMA or p2mp network if a neighbor becomes invalid Hello packet will be transmitted at the interval of poll seconds You can configure the poll seconds to specify how often the interface transmits Hello packet ...

Page 389: ...ion on the interface If a router running OSPF transmits a link state advertisement LSA to the peer it needs to wait for the acknowledgement packet from the peer If no acknowledgement is received from the peer within the LSA retransmission interval this LSA will be retransmitted The LSA retransmit between adjacent routers should not be set too short otherwise unexpected retransmission will occur Se...

Page 390: ... goes by 1 added every second but it does not age during network transmission Therefore it is necessary to add a period of time set by this command to the aging time of LSA before transmitting it Example Specify the trans delay of transmitting LSA on the interface Vlan interface 10 as 3 seconds 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 10 3Com Vlan ...

Page 391: ...Indicates the preference of an imported external route of the AS Description Use the preference command to configure the preference of an OSPF protocol route Use the undo preference command to restore the default value of the OSPF protocol route By default the preference of an OSPF protocol internal route is 10 and the preference of an external route is 150 Because multiple dynamic routing protoco...

Page 392: ... 3 multicast function is enabled in the system the system will multicast the broadcast routing protocol packets because the broadcast MAC address and multicast MAC address used by the delivered OSPF routing protocol are the same This makes broadcast packets unable to reach the destination host and adversely affects the running of the routing protocol You can disable the protocol multicast MAC addr...

Page 393: ...OSPF processes will be reset statistics Resets OSPF statistics Description Use the reset ospf all command to reset all OSPF processes Use the reset ospf process id command to reset the specified OSPF process and clear the statistics After you use this command to reset an OSPF process z Invalid LSA is cleared immediately before LSA times out z A new Router ID takes effect if the Router ID changes z...

Page 394: ... greatest IP address value will be the router ID Router ID is a 32 bit unsigned integer that uniquely identifies a router in an OSPF autonomous system You can specify the ID for a router If you do not specify a router ID the router will automatically select one from configured IP addresses as the ID of this router If no IP address is configured for any interface of the router the router ID must be...

Page 395: ...packet On the switch this command can be used to enable disable OSPF packet transmission through the specified VLAN interface Example Disable interface Vlan interface 20 from transmitting OSPF packet 3Com system view System View return to User View with Ctrl Z 3Com ospf 1 3Com ospf 1 silent interface Vlan interface 20 3 1 48 snmp agent trap enable ospf Syntax snmp agent trap enable ospf process id...

Page 396: ...he switch produces in case of OSPF anomalies Description Use the snmp agent trap enable ospf command to enable the OSPF TRAP function Use the undo snmp agent trap enable ospf command to disable the OSPF TRAP function This command does not apply to the OSPF processes that are started after the command is executed By default the switch does not send TRAP packets in case of OSPF anomalies For detaile...

Page 397: ...ee Adjusting SPF calculation interval restrains frequent network changes which may occupy too many bandwidth resources and router resources Example Set the OSPF route calculation interval of 3Com to 6 seconds 3Com system view System View return to User View with Ctrl Z 3Com ospf 1 3Com ospf 1 spf schedule interval 6 3 1 50 stub Syntax stub no summary undo stub View OSPF Area view Parameter no summ...

Page 398: ...from 1 to 8192 and defaults to 10 This value must equal the hello seconds value of the router virtually linked to the interface retransmit seconds Specifies the interval in seconds for retransmitting the LSA packets on an interface It ranges from 1 to 8192 and defaults to 5 trans delay seconds Specifies the delay in seconds for transmitting LSA packets on an interface It ranges from 1 to 8192 and ...

Page 399: ...ncel an existing virtual link According to RFC2328 an OSPF area must be connected to the backbone network You can use the vlink peer command to keep the connectivity Virtual link can be regarded as a common interface that uses OSPF because the principle for configuring the parameters such as hello retransmit and trans delay on it is similar Note that when configuring virtual link authentication yo...

Page 400: ...xt md5 Specifies to send the password encrypted with MD5 password Specifies the password to be set For the simple authentication mode the password must be plain text For the md5 authentication mode the password can be either plain text or ciphertext and the result depends on the input A plain password can be a string no longer than 16 bytes such as user918 A cipher password must be a ciphertext of...

Page 401: ...we also instruct the system to follow a specific mode to insert the area authentication password in all the level 1 routing packets sent from the local node Related command reset isis all domain authentication mode and isis authentication mode Example Set the area authentication password to hello and the authentication mode to simple 3Com system view System View return to User View with Ctrl Z 3Co...

Page 402: ...command to restore the default cost style Only narrow packets can be received and sent by default Related command isis cost Example Set the router to send only narrow packets but receive both narrow and wide ones 3Com system view System View return to User View with Ctrl Z 3Com isis 3Com isis cost style narrow compatible 4 1 3 default route advertise Syntax default route advertise route policy rou...

Page 403: ...icy will generate default routes in L1 LSP and L2 LSP respectively Example Configure the current router to generate default route in LSP 3Com system view System View return to User View with Ctrl Z 3Com isis default route advertise 4 1 4 display isis brief Syntax display isis brief View Any view Parameter None Description Use the display isis brief command to display the brief information about IS...

Page 404: ...ommand the display isis interface verbose command will display the IS IS configuration information related to the interface such as CSNP packets broadcast intervals Hello packets broadcast intervals and the number of invalid Hello packets Example Display the information about the IS IS enabled interface 3Com display isis interface Interface IP Address Id Link Sta IP Sta MTU Type DIS Vlan interface...

Page 405: ...ocal Specifies to display LSP information generated locally verbose Specifies to display the detailed information of link state database Description Use the display isis lsdb command to display IS IS link state database Example Display a piece of LSP information 3Com display isis lsdb 0050 0500 5005 00 00 IS IS Level 1 Link State Database Lsp ID Sequence Holdtime A_P_O Checksum 0050 0500 5005 00 0...

Page 406: ...Vlan interface 20 100 4 1 8 display isis peer Syntax display isis peer verbose View Any view Parameter verbose Displays the area address advertised in a neighbor s Hello packet when this keyword is provided displays only the brief information if this keyword is not specified Description Use the display isis peer command to display the information of the IS IS neighbor Besides all the information d...

Page 407: ...2 Up 24s L1 64 4 1 9 display isis route Syntax display isis route clns ip View Any view Parameter ip Displays IP based IS IS routing information clns Displays OSI based IS IS routing information Description Use the display isis route command to display the IS IS routing information Example Display the output information of the display isis ip route command 3Com display isis route ISIS IP Level 2 R...

Page 408: ...F calculation Example Display the log record of IS IS SPF calculation 3Com display isis spf log Details of Level 2 SPF Run Trig Event No Of Nodes Duration ms StartTime IS_SPFTRIG_NEWADJ 2 74 0 10 55 IS_SPFTRIG_NEWADJ 2 670 0 10 24 IS_SPFTRIG_NEWADJ 2 23 0 10 2 IS_SPFTRIG_NEWADJ 2 30 0 9 32 IS_SPFTRIG_NEWADJ 2 34 0 9 1 IS_SPFTRIG_NEWADJ 2 111 0 7 59 IS_SPFTRIG_NEWADJ 2 302 0 25 1 IS_SPFTRIG_NEWADJ ...

Page 409: ...rd can be a string no longer than 16 bytes such as user918 A cipher password must be a ciphertext of 24 bytes such as _ TT8F Y 5SQ Q MAF4 1 ip Specifies the system to check the configuration for the corresponding field of IP in LSP osi Specifies the system to check the configuration for the corresponding field of OSI in LSP Whether a password should use the ip keyword or the osi keyword is not aff...

Page 410: ...ew with Ctrl Z 3Com isis 3Com isis domain authentication mode simple 3Com 4 1 12 filter policy export Syntax filter policy acl number export protocol undo filter policy acl number export protocol View IS IS view Parameter acl number ACL number in the range of 2 000 to 3 999 protocol Protocol used to advertise routing information including direct static rip bgp ospf ospf ase ospf nssa currently Des...

Page 411: ...policy import Example Use ACL 2000 to filter the routes imported through IS IS 3Com system view System View return to User View with Ctrl Z 3Com isis 3Com isis filter policy 2000 export 4 1 13 filter policy import Syntax filter policy acl number import undo filter policy acl number import View IS IS view Parameter acl number ACL number in the range of 2 000 to 3 999 Description Use the filter poli...

Page 412: ... the LSP when it detects LSP checksum errors Use the undo ignore lsp checksum error command to set IS IS to ignore LSP checksum errors IS IS ignores LSP checksum errors by default When the local IS IS receives a LSP packet it will check the LSP packet and compare the checksum calculated with that in the LSP packet By default the LSP packets will not be dropped even if the checksum is wrong You can...

Page 413: ...2 Specifies to import routes to Level 2 routing table If no level is specified the routes are imported to level 2 routing table by default level 1 2 Specifies to import routes to Level 1 and level 2 routing tables route policy route policy name Specifies to import only those routes satisfying the matching condition of the designated route policy The route policy name argument is a string containin...

Page 414: ...import the routing information of Level 2 area to Level 1 area Use the undo import route isis level 2 into level 1 command to disable this function By using the filter policy to filter the routes during the route penetration from Level 2 to Level 1 you call advertise in the Level 1 area only those routes that have passed the filter The routing information in Level 2 area will not be advertised in ...

Page 415: ...ust first use the isis command to enable IS IS process then use the network entity command to configure a network entity title NET for the router and then use the isis enable command to enable each interface that need to run the IS IS process Note Only one IS IS routing process can be enabled on a router Related command isis enable and network entity Example Start the IS IS routing process with th...

Page 416: ...ield of IP in LSP osi Specifies the system to check the configuration for the corresponding field of OSI in LSP Whether a password should use the ip keyword or the osi keyword is not affected by the actual network environment Description Use the isis authentication mode command to authenticate the IS IS hello packets of the specified level using the specified authentication mode and password on th...

Page 417: ...can be configured level 1 2 adjacency by default This command is only available for a level 1 2 router If the local host is level 1 2 router and it need to set up some adjacency level 1 or level 2 with a peer router then you can use this command to prescribe the local interface to receive and send only the hello packets An interface can receive and send only one type of hello packet on a point to ...

Page 418: ...e link cost for SPF calculation Use the undo isis cost command to resume the default link cost value If neither level 1 nor level 2 is assigned in the configuration then both level 1 and level 2 are configured by default You are recommended to configure a proper link cost for each interface otherwise the link cost for IS IS route calculation may not reflect the correct cost Example Set the Level 2...

Page 419: ...sis dis priority command to resume the default priority Unlike DR of OSPF there is no backup DIS for IS IS and the router with 0 priority can also select DIS Related command area authentication mode and domain authentication mode Example Configure the priority as 127 for Vlan interface 10 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 10 3Com Vlan interf...

Page 420: ...work entity 10 0001 1010 1020 1030 00 3Com interface Vlan interface 10 3Com Vlan interface10 isis enable 3Com 4 1 23 isis mesh group Syntax isis mesh group mesh group number mesh blocked undo isis mesh group View Interface view Parameter mesh group number Mesh group number ranging from 1 to 4 294 967 295 mesh blocked After this parameter is configured the interface will be blocked to flood the rec...

Page 421: ...e view Parameter seconds Interval in seconds of sending CSNP packets over broadcast network ranging from 1 to 65 535 with the default as 10 seconds level 1 Specifies the Level 1 time interval for sending CSNP packets level 2 Specifies the Level 2 time interval for sending CSNP packets If neither the level 1 keyword nor the level 2 keyword is specified both the level 1 interval and the level 2 inte...

Page 422: ...val and the level 2 interval are set Description Use the isis timer hello command to specify the time interval for sending the corresponding level Hello packets Use the undo isis timer hello command to resume the default value of 10 seconds The hello time interval must be configured respectively for the Level 1 and Level 2 packets on a broadcast network because these two types of hello packets are...

Page 423: ...e the undo isis timer holding multiplier command to resume the default configuration The number of invalid Hello packets is three by default You can configure the time intervals of Hello packets separately for Level 1 and Level 2 peers But for point to point link as there is only one kind of Hello packet so you need not specify Level 1 or Level 2 In fact the number of invalid Hello packets is used...

Page 424: ... timer lsp command to configure the time interval for sending link state packets over interface Use the undo isis timer lsp command to resume the default configuration Related command isis timer retransmit Example Configure the time interval as 500 milliseconds for Vlan interface 10 to send LSP 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 10 3Com Vlan ...

Page 425: ...e interval as 10 seconds for Vlan interface 10 to retransmit LSP 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 10 3Com Vlan interface10 isis timer retransmit 10 4 1 29 is level Syntax is level level 1 level 1 2 level 2 undo is level View IS IS view Parameter level 1 Indicates the router works in Level 1 which means it only calculates routes within the a...

Page 426: ...nfigure the current route to work in Level 1 3Com system view System View return to User View with Ctrl Z 3Com isis 3Com isis is level level 1 4 1 30 log peer change Syntax log peer change undo log peer change View IS IS view Parameter None Description Use the log peer change command to enable the IS IS adjacency state change output Use the undo log peer change command to disable the output The ou...

Page 427: ...ble command to specify IS IS to adopt the default MD5 algorithm By default IS IS adopt the MD5 algorithm compatible with 3Com This command must be configured when the switch needs to perform IS IS MD5 authentication with the devices of manufacturers except 3Com Example Specify IS IS to adopt the MD5 algorithm compatible with other manufacturers 3Com system view System View return to User View with...

Page 428: ...h ranges from 1 to 13 bytes The routes of the same area have the same area ID The second part is the router s system ID of 6 bytes which is unique within the whole area and backbone area The third part is SEL the ending byte with the value of 00 You need to configure only 1 NET for a router When repartitioning an area such as merging or splitting you can reconfigure the router to ensure correct an...

Page 429: ...eral protocols find routes to the same destination the one with the highest preference dominates Example Configure the preference of IS IS protocol as 25 3Com system view System View return to User View with Ctrl Z 3Com isis 3Com isis preference 25 4 1 34 reset isis all Syntax reset isis all View User view Parameter None Description Use the reset isis all command to clear all ISIS data structure i...

Page 430: ...ommand to clear the data information of a specific IS IS peer The IS IS peer is not cleared by default This command is used when you need to re establish a specific peer Example Clear the IS IS peer with system ID as 0000 0c11 1111 3Com reset isis peer 0000 0c11 1111 4 1 36 set overload Syntax set overload undo set overload View IS IS view Parameter None Description Use the set overload command to...

Page 431: ...oad 4 1 37 silent interface Syntax silent interface interface type interface number undo silent interface interface type interface number View IS IS view Parameter interface type interface number Interface index Description Use the silent interface command to prohibit IS IS packet sending on the specified interface Use the undo silent interface command to permit IS IS packet sending on the specifi...

Page 432: ...lease CPU automatically after a certain number of routes are processed in order to prevent the SPF calculation from occupying the system resources for a long time to affect the response of the console The unprocessed routes are to be processed in one second You can adjust the number argument according to the size of the routing table If the spf slice size command is configured at the same time the...

Page 433: ...e too many routes in the routing table you can use this command to fragment the SPF calculation to avoid taking up the system resources for too long You are not recommended to change the default configuration If the spf delay interval command is configured at the same time the SPF calculation will be paused if the SPF calculation matches any of the setting Related command spf delay interval Exampl...

Page 434: ...ng the same next hop into one to reduce the routing table size as well as the LSP and LSDB generated by the router It is possible to summarize native IS IS routes and imported routes After summarization the route cost is the minimum cost of those summarized routes Example Set an aggregate route 202 0 0 0 8 3Com system view System View return to User View with Ctrl Z 3Com isis 3Com isis summary 202...

Page 435: ... 3Com system view System View return to User View with Ctrl Z 3Com isis 3Com isis timer lsp max age 1500 4 1 42 timer lsp refresh Syntax timer lsp refresh seconds undo timer lsp refresh View IS IS view Parameter seconds LSP updating period in seconds ranging from 1 to 65 535 It is 900 seconds by default Description Use the timer lsp refresh command to set LSP updating period Use the undo timer lsp...

Page 436: ...terval of both level 1 SPF calculation and the level 2 SPF calculation are set Description Use the timer spf command to set the time interval for SPF calculation Use the undo timer spf command to resume the default configuration In the IS IS protocol the short path must be calculated again when the LSDB changes If the SPF calculation is performed frequently plenty of system resources will be occup...

Page 437: ...ands 5 1 1 aggregate Syntax aggregate ip address mask as set attribute policy route policy name detail suppressed origin policy route policy name suppress policy route policy name undo aggregate ip address mask as set attribute policy route policy name detail suppressed origin policy route policy name suppress policy route policy name View BGP view Parameter ip address Address of the aggregated ro...

Page 438: ...frequent change of routes may lead to route vibration detail suppress ed This keyword does not establish any aggregated route but it restrains the advertisement of all the specific routes If only some specific routes are to be restrained use the peer filter policy command carefully suppress policy Create an aggregated route with this keyword at the same time the advertisement of the specified rout...

Page 439: ... the undo bgp command to disable BGP By default the BGP is disabled This command is used to enable disable BGP and specify the local AS number of BGP Example Enable BGP 3Com system view System View return to User View with Ctrl Z 3Com bgp 100 3Com bgp 5 1 3 balance Syntax balance num undo balance View BGP view Parameter num Number of BGP routes used for load balance This argument ranges from 1 to ...

Page 440: ...values from different AS neighboring routes when determining the best route Use the undo compare different as med command to disable the comparison By default it is not allowed to compare the MED attribute values from the routing paths of different AS peers If there are several routes available to one destination address the route with a smaller MED can be selected as the final route Do not use th...

Page 441: ... connected These sub ASs form a confederation Key BGP attributes of the route such as next hop MED local preference are not discarded across each sub ASs The sub ASs still look like a whole from the point of view of a confederation although these sub ASs have EBGP relations This can assure the integrality of the former AS domain and ease the problem of too many connections in the domain Related co...

Page 442: ... confederation Use the undo confederation nonstandard standard1965 standard3065 command to cancel the configuration By default the configured confederations are in compliance with RFC1965 For the communication with nonstandard devices you must execute the confederation nonstandard command on all the 3Com routers in the confederation Related command confederation id and confederation peer as Exampl...

Page 443: ...federation ID should be configured by using the confederation id command Otherwise this configuration is invalid The configured ASs in this command are inside the confederation and each AS uses fully meshed network The confederation appears as a single AS to the routers outside it Related command confederation nonstandard and confederation id Example Configure the confederation contains AS 2001 an...

Page 444: ...the range of 1 to 19 characters If no value is specified for the arguments their default values will take effect The half life reachable half life unreachable reuse suppress and ceiling arguments are independent of each other Therefore if you specify a value for any of these arguments you must specify a value for all the others Description Use the dampening command to make BGP route attenuation va...

Page 445: ...MED value in the range of 0 to 4294967295 The default med value is 0 Description Use the default med command to configure the default MED value of the system Use the undo default med command to restore the default MED value of the system The multi exit discriminator MED is an external route metric Different from the local preference the MED is exchanged between autonomous systems After the MED ent...

Page 446: ...ame of a peer group a string of 1 to 47 alphanumeric characters Description Use the display bgp group command to view the information of peer groups Example View the information of the peer group aaa 3Com display bgp group aaa Group aaa type external as number 200 members in this group 10 1 1 1 11 1 1 1 configuration within the group no export policy route policy no export policy filter policy no ...

Page 447: ... export and import route filter for BGP acl Configured access control list ip prefix Configured IP address prefix list default route produce Whether or not to advertise default routing information 5 1 12 display bgp network Syntax display bgp multicast network View Any view Parameter multicast Specifies multicast address family Description Use the display bgp network command to view the routing in...

Page 448: ...hs Example Display the information about the AS paths 3Com display bgp paths 500 Id Hash index References Aggregator Origin As Path 153 80 100 null IGP 500 500 400 600 Table 5 4 Description on fields of the display bgp paths command Field Description Id Value of sequence number Hash Index Value of Hash index References Number of routes with reference Aggregator Mask length of aggregate route Origi...

Page 449: ... avoided 5 1 14 display bgp peer Syntax display bgp multicast peer ip address verbose display bgp multicast peer verbose View Any view Parameter multicast Specifies multicast address family ip address IP address of the peer to be displayed verbose Displays detailed information of the specified peer Description Use the display bgp peer command to display the information about the specified BGP peer...

Page 450: ... and port number used by the peer to establish TCP connection Local IP address and port number used to establish TCP connection of local end Type Type of peer Internal for IBGP and External for EBGP State State of peer Flags Flags of peer Last State Last state before entering current state Last Event Last event of neighbor state machine Last Error Last error of neighbor state machine Options Optio...

Page 451: ...0 24 5 5 5 5 IGP 600 129 1 5 0 24 5 5 5 5 IGP 600 129 1 6 0 24 5 5 5 5 IGP 600 129 1 7 0 24 5 5 5 5 IGP 600 129 1 8 0 24 5 5 5 5 IGP 600 129 1 9 0 24 5 5 5 5 IGP 600 129 1 10 0 24 5 5 5 5 IGP 600 Routes total 10 Table 5 6 Description on fields of the display bgp routing table command Field Description Flags Status code valid valid route active selected optimal route I internal IBGP route D damped ...

Page 452: ...BGP sets the origin of the route imported through other IGP protocols as INCOMPLETE As path AS path attribute of a route which records all AS areas that the route passes to void route loop 5 1 16 display bgp routing table as path acl Syntax display bgp multicast routing table as path acl acl number View Any view Parameter acl number Matched AS path list number in the range of 1 to 199 multicast Sp...

Page 453: ... indicates that the route updates its origin relative to the route originating it from AS It has three optional values IGP The route belongs to inside of AS BGP treats aggregate route and the route defined by the command network as inside of AS and origin type as IGP EGP The route is learned from exterior gateway protocol EGP Origin INC Short for INCOMPLETE indicates that the original source of th...

Page 454: ...isplay bgp routing table community Syntax display bgp multicast routing table community aa nn no export subconfed no advertise no export whole match View Any view Parameter multicast Specifies multicast address family aa nn Community number no export subconfed Specifies not to export a route to the outside of the local AS or to other sub ASs in the confederation after the route is received no adve...

Page 455: ...72 10 0 2 100 IGP For detailed description of the fields in the output information see Table 5 6 5 1 19 display bgp routing table community list Syntax display bgp multicast routing table community list community list number whole match View Any view Parameter multicast Specifies multicast address family community list number Community list number in the range of 1 to 999 whole match Displays the ...

Page 456: ... 10 10 10 2 0 IGP 10 10 10 0 24 10 10 10 1 0 IGP 200 For detailed description of the fields in the output information see Table 5 6 5 1 20 display bgp routing table dampened Syntax display bgp routing table dampened View Any view Parameter None Description Use the display bgp routing table dampened command to display BGP dampened routes Example Display BGP dampened routes 3Com display bgp routing ...

Page 457: ...rigination of the route relative to the AS the route sourced from It can be one of the three value IGP This is an AS interior route BGP regards both aggregated routes and routes defined by the network command as AS interior routes and set their origin type to IGP EGP This route is learned from EGP exterior gateway protocol Origin INC INCOMPLETE indicates the route is obtained from an unknown sourc...

Page 458: ...tion of the fields in the output information see Table 5 6 5 1 22 display bgp routing table flap info Syntax display bgp routing table flap info regular expression as regular expression as path acl acl number network address mask longer match View Any view Parameter as regular expression Route flap info matching AS path regular expression acl number Number of the specified AS path to be matched in...

Page 459: ...1 0 0 Source The nexthop of the route Keepup time The time that route damping has continued Damping limi t The time before dampening turns invalid and the route can be reused Flap times The times of the route flap Origin attribute of route which indicates that the route updates its origin relative to the route originating it from AS It has three optional values IGP The route belongs to inside of A...

Page 460: ...etwork statistic Statistic routing information of peer Description Use the display bgp routing table peer command to view the routing information the specified BGP peer advertised or received Example Display the routing information advertised by BGP peer 1 1 1 2 3Com display bgp routing table peer 1 1 1 2 advertised Dest Mask Next hop Med Local pref Origin As path Appendant Flags Queued 1 1 1 0 24...

Page 461: ...tive I internal D damped H history S aggregate suppressed Dest Mask Next hop Med Local Pref Origin AS Path 1 1 1 0 24 10 10 10 1 0 IGP 200 1 1 2 0 24 10 10 10 1 0 IGP 200 1 1 3 0 24 10 10 10 1 0 IGP 200 2 2 3 0 24 10 10 10 1 0 INC 200 4 4 4 0 24 10 10 10 1 0 IGP 200 9 9 9 0 24 10 10 10 1 0 INC 200 10 10 10 0 24 10 10 10 1 0 IGP 200 For detailed description of the fields in the output information s...

Page 462: ...sa rip isis and static process id Routing protocol process ID in the range of 1 to 65535 This argument is valid only when the protocol is ospf Description Use the filter policy export command to filter the advertised routes and only the routes passing the filter can be advertised by BGP Use the undo filter policy export command to cancel the filtration to the advertised routes By default filtratio...

Page 463: ... routing information advertised by the peer with the specified address Use the undo filter policy gateway import command to cancel the filtration to the routing information advertised by the peer with specified address Use the filter policy import command to filter the received global routing information Use the undo filter policy import command to remove the filtration to the received global rout...

Page 464: ...fied with the group command an IBGP peer group is created The basic configurations of members in a peer group must be the same as those of the peer group The BGP peer cannot exist independently and it must belong to a peer group Therefore when configuring a BGP peer create a peer group first and then add the BGP peer to the group Routing update policies of peer members must be the same as those of...

Page 465: ...ute policy name Specifies a route policy to filter routes before importing The route policy name argument is an alphanumeric string of 1 to 19 characters Description Use the import route command to import and advertise routes of other protocols Use the undo import route command to cancel the existing configuration By default BGP does not import and advertise routes of other protocols Example Impor...

Page 466: ...1 peer advertise community Syntax peer group name advertise community undo peer group name advertise community View BGP view Parameter group name Name of a peer group containing 1 to 47 characters Description Use the peer advertise community command to enable the transmission of the community attribute to a peer group Use the undo peer advertise community command to cancel the existing configurati...

Page 467: ...r in the AS_Path attribute of the received route and configure the repeated times Use the undo peer allow as loop command to cancel the function Related command display current configuration display bgp routing table peer and display bgp routing table group Example Set the times of repeating the local AS that learns routes from 1 1 1 1 to 2 3Com system view System View return to User View with Ctr...

Page 468: ... multicast address family view Parameter group name Name of the peer group containing 1 to 47 characters ip address IP address of a peer acl number AS path ACL number in the range of 1 to 199 export Filter the advertised routes Description Use the peer as path acl export command to configure filtering Policy of BGP advertised routes based on AS path list Use the undo peer as path acl command to ca...

Page 469: ... range of 1 to 199 import Applies the AS path list in filtering the received routes Description Use the peer as path acl import command to configure filtering Policy of BGP received routes based on AS path list Use the undo peer as path acl import command to cancel the existing configuration By default the peer peer group has no AS path list Related command peer as path acl export and ip as path a...

Page 470: ...ource interface of route update packets Generally BGP uses the optimal source interface for route update packets In order for the system to be able to send route update packets in the case that this interface is faulty you can configure the loopback interface as the source interface of route update packets Example Specify the source interface that sends route update packets to the peer group named...

Page 471: ...System View return to User View with Ctrl Z 3Com bgp 100 3Com bgp peer test default route advertise 5 1 38 peer description Syntax peer group name ip address description description text undo peer group name ip address description View BGP view Parameter group name Name of the peer group containing 1 to 47 characters ip address IP address of the peer description text Description information config...

Page 472: ...group name Name of the peer group containing 1 to 47 characters hop count Maximum hop value in the range of 1 to 255 By default the value is 64 Description Use the peer ebgp max hop command to establish EBGP connection with the peer on indirectly connected network Use the undo peer ebgp max hop command to cancel the existing configuration By default it is not allowed to establish any EBGP connecti...

Page 473: ...ult BGP peer peer group is enabled If the specified peer peer group is disabled the router will not exchange routing information with the specified peer peer group Example Disable the specified peer 18 10 0 9 After the configuration the local router does not exchange BGP routing information with the peer 18 10 0 9 3Com system view System View return to User View with Ctrl Z 3Com bgp 100 3Com bgp p...

Page 474: ...eer filter policy import Example Configure to filter the routes advertised by the peer group named test by using ACL 2000 3Com system view System View return to User View with Ctrl Z 3Com bgp 100 3Com bgp peer test filter policy 2000 export 5 1 42 peer filter policy import Syntax peer group name ip address filter policy acl number import undo peer group name ip address filter policy acl number imp...

Page 475: ...ew Parameter group name Name of the peer group containing 1 to 47 characters ip address IP address of the peer as number Peer AS number of the peer peer group in the range of 1 to 65535 Description Use the peer group command to add a peer to the existing peer group Use the undo peer ip address command to delete a peer When adding a peer to a EBGP peer group without AS number you should also specif...

Page 476: ...x Use the undo peer ip prefix export command to cancel the route filtering policy of the peer peer group based on the ip prefix By default the route filtering policy of the peer group is not specified Related command ip ip prefix peer ip prefix import Example Configure the route filtering policy of the peer group based on the ip prefix 1 3Com system view System View return to User View with Ctrl Z...

Page 477: ... filtering policy of the peer group based on the ip prefix 1 3Com system view System View return to User View with Ctrl Z 3Com bgp 100 3Com bgp peer group1 ip prefix list1 import 5 1 46 peer next hop local Syntax peer group name next hop local undo peer group name next hop local View BGP view Parameter group name Name of the peer group containing 1 to 47 characters Description Use the peer next ho...

Page 478: ...cipher is configured in the command Description Use the peer password command to configure MD5 authentication for BGP during TCP connection setup Use the undo peer password command to cancel the configuration By default BGP does not perform MD5 authentication when TCP connection is set up Once MD5 authentication is enabled both parties involved in the authentication must be configured with identic...

Page 479: ...date packets Use the undo peer public as only command to configure to carry the AS number when transmitting BGP update packets By default private AS number is carried when transmitting BGP update packets Generally BGP transmits BGP update packets with the AS number either public AS number or private AS number To enable some outbound routers to ignore the AS number when transmitting update packets ...

Page 480: ...pplies to peer group Related command reflect between clients reflector cluster id Example Configure the peer group test as the route reflector client 3Com system view System View return to User View with Ctrl Z 3Com bgp 100 3Com bgp peer test reflect client 5 1 50 peer route policy export Syntax peer group name route policy route policy name export undo peer group name route policy route policy na...

Page 481: ... route policy route policy name import undo peer group name ip address route policy route policy name import View BGP view Parameter group name Name of peer group containing 1 to 47 characters ip address IP address of the peer in dotted decimal format route policy name Specified Route policy The length of route policy name parameter ranges from 1 to 19 character string Description Use the peer rou...

Page 482: ...r group name containing 1 to 47 characters seconds Minimum interval at which UPDATE packets are sent It is in the range of 0 to 600 seconds By default the advertisement interval is 5 seconds for internal peer group and 30 seconds for external peer group Description Use the peer route update interval command to configure the interval at which the same route update packet is sent to the peer group U...

Page 483: ... interval Holdtime timer in seconds It is in the range of 3 to 65535 and defaults to 180 seconds Description Use the peer timer command to configure the Keepalive and holdtime timers for a peer peer group Use the undo peer timer command to restore the default value of the timer The timer configured by using this command has a higher priority than the one configured by using the timer command Examp...

Page 484: ...ference values Example Set the preferences of EBGP IBGP and locally generated routes to 170 3Com system view System View return to User View with Ctrl Z 3Com bgp 100 3Com bgp preference 170 170 170 5 1 55 reflect between clients Syntax reflect between clients undo reflect between clients View BGP view Parameter None Description Use the reflect between clients command to configure the between clien...

Page 485: ...onfigure the cluster ID of the route reflector Use the undo reflector cluster id command to delete the cluster ID of the route reflector By default each route reflector uses its Router ID as the cluster ID Generally there is only one route reflector in a cluster In this case Router ID of the route reflector is used to identify the cluster Setting multiple route reflectors enhances network stabilit...

Page 486: ...s export Refreshes routes advertised to the peers Description Use the refresh bgp command to manually refresh BGP connections Refreshing BGP connections can refresh the BGP routing table without interruption any BGP connection and apply a new policy After a BGP connection is created only incremental routes are sent However in some cases such as when BGP routing policy changes the peer needs to re ...

Page 487: ...ion will make the new configured policy take effect immediately Example After using the timer command to configure new Keepalive and Holdtime intervals you can reset all BGP connections for the new configuration to take effects immediately 3Com reset bgp all 5 1 59 reset bgp dampening Syntax reset bgp dampening network address mask View User view Parameter network address IP address of the network...

Page 488: ... The range of the parameter acl number is 1 to 199 ip address Resets the flap info of a record at this IP address mask Network mask Description Use the reset bgp flap info command to reset the flap info of a route If no value is specified the flap info of all routes will be reset Related command dampening Example Reset the flap info of all the routes that go through filter list 10 3Com reset bgp f...

Page 489: ...ggregation of sub network routes Use the undo summary command to disable it By default no auto aggregation of sub network routes is executed After the summary is configured BGP cannot receive the sub network routes imported from the IGP so the amount of the routing information can be reduced Example Make the auto aggregation of the sub network routes 3Com system view System View return to User Vie...

Page 490: ...me timer as 90 seconds 3Com system view System View return to User View with Ctrl Z 3Com bgp 100 3Com bgp timer keepalive 120 hold 360 5 1 64 undo synchronization Syntax undo synchronization View BGP view Parameter None Description Use the undo synchronization command to cancel the synchronization of BGP and IGP By default BGP does not synchronize with IGP If the local BGP is not set synchronous w...

Page 491: ...nd Reference Guide Routing Protocol Chapter 5 BGP Configuration Commands 5 55 Example Cancel the synchronization of BGP and IGP 3Com system view System View return to User View with Ctrl Z 3Com bgp 100 3Com bgp undo synchronization ...

Page 492: ... Syntax apply as path as number list undo apply as path View Route policy view Parameter as number list AS number list in the form of as number 1 10 Here as number is an AS number which ranges from 1 to 65535 and 1 10 means you can input 1 to 10 AS numbers in one command Description Use the apply as path command to add AS number before original AS path in Router policy Use the undo apply as path c...

Page 493: ...ubconfed Specifies not to send matching routes out of sub autonomous system no advertise Specifies not to send matching routes to any peer entities no export Specifies not to send routes out of sub autonomous system or federation but to send to the other sub autonomous systems in the federation additive Additive community attributes Description Use the apply community command to set BGP community ...

Page 494: ...st value of route information The value ranges from 0 to 4294967295 Description Use the apply cost command to configure the route cost value of route information Use the undo apply cost command to cancel the apply statement By default no apply statement is defined An apply statement of Route policy sets the cost of the routes passing the filtering Related command if match interface if match acl if...

Page 495: ...will be used and is invalid for other protocols External This keyword is used only for IS IS and is invalid for other protocols Description Use the apply cost type command to set the routing cost type of routing information Use the undo apply cost type command to cancel the setting argument By default routing cost is not set Example Set IGP cost as the BGP MED value 3Com system view System View re...

Page 496: ...op in the routing information to 193 1 1 8 3Com system view System View return to User View with Ctrl Z 3Com route policy 10 permit node 10 3Com route policy apply ip next hop 193 1 1 8 6 1 6 apply isis Syntax apply isis level 1 level 2 level 1 2 undo apply isis View Route policy view Parameter level 1 Imports routes to level 1 area level 2 Imports routes to level 2 area level 1 2 Imports routes t...

Page 497: ...4294967295 Description Use the apply local preference command to set local preference for routing information Use the undo apply local preference command to cancel the apply statement setting Related command if match interface if match acl if match ip prefix if match ip next hop if match cost if match tag route policy apply ip next hop apply local preference apply origin and apply tag Example Defi...

Page 498: ...el the apply statement setting Related command if match interface if match acl if match ip prefix if match ip next hop if match cost if match tag route policy apply ip next hop apply local preference apply cost and apply tag Example Define an apply statement to specify that the BGP routing information source is igp 3Com system view System View return to User View with Ctrl Z 3Com route policy 10 p...

Page 499: ...cy_10 permit node 12 New sequence of this list 3Com route policy apply tag 100 6 1 10 display ip ip prefix Syntax display ip ip prefix ip prefix name View Any view Parameter ip prefix name Name of the address prefix list to be displayed containing 1 to 19 characters Description Use the display ip ip prefix command to display an address prefix list Related command ip ip prefix Example Display the i...

Page 500: ... be displayed containing 1 to 19 characters Description Use the display route policy command to display the configured Route policy If you do not specify a route policy name this command displays all route policies configured Related command route policy Example Display the information about Route policy named policy1 3Com display route policy policy1 Route policy policy1 Permit 10 if match prefix...

Page 501: ... filter ip prefix name Name of the prefix address list used for filter containing 1 to 19 characters Description Use the if match acl ip prefix command to configure a rule for the route policy and specify an matching IP address range Use the undo if match acl ip prefix command to cancel the setting of the rule The if match acl ip prefix command implements a filter by referencing an ACL or a prefix...

Page 502: ...command to cancel the AS path field matching By default AS regular expression is not set for matching in Route policy An if match statement of Route policy sets AS path attributes as matching conditions to filter BGP routing information Example Create as path 2 which permits the routing information of AS 200 and AS 300 Then create a Route policy named test and define an if match statement quoting ...

Page 503: ... community attribute matching settings Be default community attributes are not set for matching An if match statement of Route policy sets community attributes as matching conditions to filter BGP routing information Related command route policy and ip community list Example Create community list 1 which permits routing information of AS 100 and AS 200 Then create a Route policy named test and def...

Page 504: ...atch interface if match acl if match ip prefix if match ip next hop if match tag route policy apply ip next hop apply cost apply local preference apply origin and apply tag Example Define an if match statement and allow the routing information with a routing cost of 8 to pass this if match statement 3Com system view System View return to User View with Ctrl Z 3Com route policy policy permit node 1...

Page 505: ...iew System View return to User View with Ctrl Z 3Com route policy policy permit node 1 New sequence of this list 3Com route policy if match interface Vlan interface 1 6 1 17 if match ip next hop Syntax if match ip next hop acl acl number ip prefix ip prefix name undo if match ip next hop ip prefix View Route policy view Parameter acl number Number of the ACL used for filter It ranges from 2 000 to...

Page 506: ...Com system view System View return to User View with Ctrl Z 3Com route policy policy permit node 1 New sequence of this list 3Com route policy if match ip next hop ip prefix p1 6 1 18 if match tag Syntax if match tag value undo if match tag View Route policy view Parameter value Tag field value ranging from 0 to 4 294 967 295 Description Use the if match tag command to configure to match the tag f...

Page 507: ...s path acl command to configure an AS regular expression Use the undo ip as path acl command to cancel the defined regular expression The defined AS path list can be used in GBP policy Related command peer as path acl and display bgp routing table as path acl Example Configure an AS path list 3Com system view System View return to User View with Ctrl Z 3Com ip as path acl 10 permit 200 300 6 1 20 ...

Page 508: ...ub autonomous system or federation but to send to the other sub autonomous systems in the federation comm regular expression Community attribute in regular expression Description Use the ip community list command to set a BGP community list Use the undo ip community list command to cancel the community list settings The defined community list can be used in BGP policy Related command apply communi...

Page 509: ...ask length If it is specified as 0 0 0 0 0 all the IP addresses are matched greater equal less equal Address prefix range greater equal less equal to be matched after the address prefix network len has been matched The meaning of greater equal is greater than or equal to and the meaning of less equal is less than or equal to The range is len greater equal less equal 32 When only greater equal is u...

Page 510: ... node the entry is permitted to filter through the node and the apply statement of the node will be performed If a route entry does not meet the if match statement of the node the next node of the route policy will be tested deny Specifies the match mode of the defined Route policy node as deny mode When a route entry meets all the if match statements of the node the entry is prohibited from filte...

Page 511: ...OR That is filtering through one node means filtering through this Route policy If the information does not filter through any node it cannot filter through this Route policy Related command if match interface if match acl if match ip prefix if match ip next hop if match cost if match tag apply ip next hop apply local preference apply cost apply origin and apply tag Example Configure Route policy ...

Page 512: ...not be mentioned again in this manual 7 1 Route Capacity Configuration Commands 7 1 1 display memory Syntax display memory slot slot_number View Any view Parameter slot_number Number of the slot whose route capacity information is displayed Description Use the display memory command to display the memory setting Example Display the current memory setting of the switch 3Com display memory System To...

Page 513: ...splay memory limit command to display the memory setting and state information related to route capacity This command displays the current memory limit configuration free memory and state information about connections such as times of disconnection times of reconnection and whether the current state is normal Example Display the current memory setting and state information 3Com display memory limi...

Page 514: ...isabled is displayed Free Memory Size of the current free memory in bytes The times of disconnect 0 The times of the disconnection of the routing protocol is 0 The times of reconnect 0 The times of reconnection of the routing protocol is 0 The current state Normal The current state is normal If the current state is emergent Exigence is displayed 7 1 3 memory auto establish disable Syntax memory au...

Page 515: ...sh disable 7 1 4 memory auto establish enable Syntax memory auto establish enable View System view Parameter None Description Use the memory auto establish enable command to enable automatic restoration of routing protocol connections when the free memory of the switch recovers to the specified value Use the memory auto establish disable command to disable this function By default when the free me...

Page 516: ... limit value argument in the command must be less than the current free memory safety value otherwise the configuration will fail Use the memory safety safety value command to configure the safety value of the switch free memory If you use the memory auto establish enable command the default configuration the routing protocol connection that is forcibly disconnected automatically recovers when the...

Page 517: ...Routing Protocol Chapter 7 Route Capacity Configuration Commands 7 6 Example Set the lower limit of the switch free memory to 2 MB and the safety value to 4 MB 3Com system view System View return to User View with Ctrl Z 3Com memory safety 4 limit 2 ...

Page 518: ...bvlan 1 13 1 1 15 reset igmp snooping statistics 1 14 Chapter 2 Common IP Multicast Configuration Commands 2 1 2 1 Common IP Multicast Configuration Commands 2 1 2 1 1 display mpm forwarding table 2 1 2 1 2 display mpm group 2 2 2 1 3 display multicast forwarding table 2 5 2 1 4 display multicast routing table 2 6 2 1 5 display multicast source deny 2 8 2 1 6 multicast load sharing enable 2 9 2 1 ...

Page 519: ...4 igmp timer other querier present 4 14 4 1 15 igmp timer query 4 15 4 1 16 igmp version 4 16 4 1 17 reset igmp group 4 16 Chapter 5 PIM Configuration Commands 5 1 5 1 PIM Configuration Commands 5 1 5 1 1 bsr policy 5 1 5 1 2 c bsr 5 2 5 1 3 c rp 5 3 5 1 4 crp policy 5 4 5 1 5 display pim bsr info 5 5 5 1 6 display pim interface 5 6 5 1 7 display pim neighbor 5 7 5 1 8 display pim routing table 5 ...

Page 520: ...3Com Switch 7750 Series Command Reference Guide Multicast Table of Contents iii 5 1 22 static rp 5 20 ...

Page 521: ...gmp snooping configuration Syntax display igmp snooping configuration View Any view Parameter None Description Use the display igmp snooping configuration command to display IGMP Snooping configuration information When IGMP Snooping is enabled on the switch this command displays the following information IGMP Snooping status aging time of the router port query response timeout time and aging time ...

Page 522: ...formation about the IP and MAC multicast groups under one specified VLAN with vlan vlan id or all VLANs without vlan vlan id This command displays the following information VLAN ID router port IP multicast group address member ports included in the IP multicast group MAC multicast group MAC multicast group address and member ports included in the MAC multicast group Example Display information abo...

Page 523: ...messages IGMP V1 report messages IGMP V2 report messages IGMP leave messages and error IGMP messages received and the number of the IGMP group specific query messages sent Related command igmp snooping Example Display IGMP Snooping message statistics 3Com display igmp snooping statistics Received IGMP general query packet s number 0 Received IGMP specific query packet s number 0 Received IGMP V1 r...

Page 524: ...d VLAN Description Use the display multicast vlan command to display the configuration of the multicast VLAN If the vlan id argument is not provided when the command is executed the configuration information about all the VLANs in the network is displayed Example Display the configuration of multicast VLAN 2 3Com display multicast vlan 2 multicast vlan 2 s subvlan list Vlan 1024 The information ab...

Page 525: ...mp snooping fast leave vlan vlan list undo igmp snooping fast leave vlan vlan list View System view Ethernet port view Parameter vlan list Multiple VLANs in the form of vlan list vlan id to vlan id 1 10 The vlan id argument is the ID of the VLAN in the range of 1 to 4 094 1 10 means that you can provide the argument repeatedly for up to ten times Description Use the igmp snooping fast leave comman...

Page 526: ...e Ethernet 1 0 1 3Com Ethernet1 0 1 igmp snooping fast leave 1 1 7 igmp snooping group limit Syntax igmp snooping group limit limit vlan vlan list overflow replace overflow replace undo igmp snooping group limit vlan vlan list View Ethernet port view Parameter limit Maximum number of multicast groups the port can join in the range of 1 to 256 overflow replace Allows a new multicast group to replac...

Page 527: ...vlan vlan list View System view Ethernet port view Parameter acl number Basic ACL number in the range of 2000 to 2999 vlan id ID of the VLAN for the Ethernet port in the range of 1 to 4094 Description Use the igmp snooping group policy command to configure an IGMP Snooping filtering ACL Use the undo igmp snooping group policy command to remove the IGMP Snooping filtering ACL By default no IGMP Sno...

Page 528: ... one ACL z If the port does not belong to the specified VLAN the filter ACL you configured does not take effect on the port z If no ACL rule is configured in the command the system will reject the multicast packets from all the multicast groups z Since most devices broadcast unknown multicast packets this function is often used together with the unknown multicast packet drop function to prevent mu...

Page 529: ...P multicast groups except those defined in the deny rule of ACL 2001 3Com interface Ethernet 1 0 2 3Com Ethernet1 0 2 igmp snooping group policy 2001 vlan 2 1 1 9 igmp snooping host aging time Syntax igmp snooping host aging time seconds undo igmp snooping host aging time View System view Parameter seconds Aging time of multicast member ports in the range of 200 to 1000 in seconds Description Use ...

Page 530: ...n seconds Description Use the igmp snooping max response time command to configure the query response timeout time Use the undo igmp snooping max response time command to restore the default timeout time By default the query response timeout time is 10 seconds The maximum response time you configured determines how long the switch can wait for a response to an IGMP Snooping query message Related c...

Page 531: ...By default suppression on IGMP report packets is disabled Note z IGMP snooping must be enabled globally before the suppression on IGMP report packets is enabled z If IGMP snooping is disabled globally the suppression on IGMP report packets is disabled simultaneously Example Enable suppression on Layer 2 multicast IGMP report packets on the switch 3Com system view System View return to User View wi...

Page 532: ...e router through this port The aging time of the router port should be a value about 2 5 times of the general query interval Related command igmp snooping max response time igmp snooping Example Set the aging time of the router port to 500 seconds 3Com system view System View return to User View with Ctrl Z 3Com igmp snooping router aging time 500 1 1 13 multicast vlan enable Syntax multicast vlan...

Page 533: ...LAN 3Com system view Enter system view return to user view with Ctrl Z 3Com igmp snooping enable 3Com vlan 2 3Com vlan2 multicast vlan enable 1 1 14 multicast vlan subvlan Syntax multicast vlan vlan id subvlan vlan list undo multicast vlan vlan id subvlan vlan list View System view Parameter vlan id ID of the specified VLAN vlan list Multiple VLANs in the form of vlan list vlan id to vlan id 1 10 ...

Page 534: ...LAN z If multicast routing is enabled on a VLAN interface the corresponding VLAN cannot be configured as a multicast VLAN Example Configure VLAN 2 to VLAN 5 as the sub VLANs of the multicast VLAN 10 3Com system view Enter system view return to user view with Ctrl Z 3Com igmp snooping enable 3Com vlan 10 3Com vlan10 igmp snooping enable 3Com vlan10 multicast vlan enable 3Com vlan10 quit 3Com multic...

Page 535: ...3Com Switch 7750 Series Command Reference Guide Multicast Chapter 1 IGMP Snooping Configuration Commands 1 15 Example Clear IGMP Snooping statistics 3Com reset igmp snooping statistics ...

Page 536: ...ource Description Use the display mpm forwarding table command to display the information about multicast forwarding tables containing port information Only the S G entry is displayed when the group address or source address is specified Otherwise the command displays all the entries If you want to query the information about multicast forwarding tables without port information you can use the dis...

Page 537: ...ld Description Multicast Forwarding Cache Table Multicast forwarding table Total 1 entries Total number of entries 00001 Serial number of an entry 120 0 0 2 225 0 0 2 s g namely source address group address iif Vlan interface1200 The incoming VLANM of the multicast forwarding table is VLAN 1200 2 out vlan s There are two outgoing VLANs in the multicast forwarding table 2 out vlan s Vlan20 Ethernet...

Page 538: ...IP multicast group z Member ports in the IP multicast group z MAC multicast group z Address of the MAC multicast group z Member ports in the MAC multicast group Caution z The fields of this command are similar to those of the display igmp group command except that the information of the specific ports is added z The fields of this command are the same as those of the display igmp snooping group co...

Page 539: ... s MAC group address 0100 5e00 0000 Host port s GigabitEthernet2 0 12 Table 2 2 Description on the fields of the display mpm group command Field Description Vlan id 1200 Vlan id 2 Multicast groups in VLAN 1200 Static router port s Static router port s Dynamic router port s Dynamic router port s IP group s the following ip group s match to one mac group The following IP multicast groups match the s...

Page 540: ...y register Registration VLAN interface of the PIM SM protocol Description Use the display multicast forwarding table command to display the information about MAC forwarding tables Related command display multicast routing table Example Display the information about MAC forwarding tables 3Com display multicast forwarding table Multicast Forwarding Cache Table Total 1 entry 0 entry created by IP 1 e...

Page 541: ...ntax display multicast routing table group address mask mask mask length source address mask mask mask length incoming interface interface type interface number register View Any view Parameter group address Multicast group address to specify a multicast group and display the routing table information corresponding to this group in the range of 224 0 0 0 to 239 255 255 255 source address Unicast I...

Page 542: ...entries 4 4 4 4 224 2 149 17 Uptime 00 15 16 Timeout in 272 sec Upstream interface Vlan interface1 4 4 4 6 Downstream interface list Vlan interface2 2 2 2 4 Protocol 0x1 IGMP 4 4 4 4 224 2 254 84 Uptime 00 15 16 Timeout in 272 sec Upstream interface Vlan interface1 4 4 4 6 Downstream interface list NULL 4 4 4 4 239 255 2 2 Uptime 00 02 57 Timeout in 123 sec Upstream interface Vlan interface1 4 4 4...

Page 543: ...e is 4 4 4 6 Downstream interface list The IP address of the downstream interface is 2 2 2 4 The downstream interface is added by the IGMP protocol Matched 3 entries Three entries match the configuration 2 1 5 display multicast source deny Syntax display multicast source deny interface interface type interface number View Any view Parameter interface type Port type interface number Port number Des...

Page 544: ... port suppression state of all the 100M Ethernet ports 3Com display multicast source deny interface Ethernet 2 1 6 multicast load sharing enable Syntax multicast load sharing enable undo multicast load sharing enable View System view Parameter None Description Use the multicast load sharing enable command to enable multicast load sharing Use the undo multicast load sharing enable command to disabl...

Page 545: ...command to restore the default limit on the capacity of the multicast routing table The limit on the capacity of the multicast routing table is 256 by default If the number of existing routing entries exceeds the value to be configured when you configure this command the existing entries in the routing table will not be removed Instead the system will prompt that the number of existing routing ent...

Page 546: ...ature 3Com system view System View return to User View with Ctrl Z 3Com multicast routing enable 2 1 9 multicast static router port Syntax multicast static router port interface type interface number undo multicast static router port interface type interface number View VLAN view Parameter interface type Port type interface number Port number Description Use the multicast static router port comman...

Page 547: ...turn to User View with Ctrl Z 3Com vlan 2 3Com vlan2 multicast static router port Ethernet 1 0 1 2 1 10 multicast static router port vlan Syntax multicast static router port vlan vlan id undo multicast static router port vlan vlan id View Ethernet port view Parameter vlan id ID of the specified VLAN in the range of 1 to 4 094 Description Use the multicast static router port vlan command to specify...

Page 548: ...ds Holdtime to prevent wrongif packets from being reported to the CPU in the range of 0 to 300 seconds During the configuration if the seconds argument is less than 15 the system sets the holdtime to 15 if the seconds argument is more than 15 the system sets the holdtime to the multiples of 15 according to the user defined range For example if you set the seconds argument to 14 the system sets the...

Page 549: ...kets In the configured holdtime wrongif packets are not reported to the CPU so that the CPU can be prevented from being stricken by too many multicast packets Example Set the holdtime of wrongif packets to 60 seconds 3Com system view System View return to User View with Ctrl Z 3Com multicast wrongif holdtime 60 2 1 12 multicast source deny Syntax multicast source deny enable interface interface li...

Page 550: ...ature is enabled on the specified ports In Ethernet port view the interface list argument cannot be specified in the command and you can use the command to enable the multicast source port suppression feature on the current port only Example Enable the multicast source port suppression feature on all the ports of the switch 3Com system view System View return to User View with Ctrl Z 3Com multicas...

Page 551: ...oup address argument and the source address argument can be turned over However you must input valid group addresses and source addresses Otherwise the system prompts error Related command reset pim routing table reset multicast routing table and display multicast forwarding table Example Clear the forwarding entries whose group address is 225 5 4 3 in the MFC forwarding table 3Com reset multicast...

Page 552: ...r VLAN interface type and VLAN interface number Description Use the reset multicast routing table command to clear the routing entries in the multicast core routing table and remove the corresponding forwarding entries in the MFC forwarding table The order of the group address argument and the source address argument can be turned over However you must input valid group addresses and source addres...

Page 553: ...ommand to display the multicast MAC address entry entries configured on the switch Executing this command with the count keyword will display the information about the number of multicast MAC address entries configured on the switch Example Display all the multicast MAC address entries manually added in VLAN 1 3Com display mac address multicast count 1 mac address es found 3 1 2 mac address multic...

Page 554: ... 10 represents you can totally specify up to 10 ports and port ranges Description Use the mac address multicast command to manually add a multicast MAC address entry Use the undo mac address multicast command to remove a multicast MAC address entry Each multicast MAC address entry contains multicast address forward port VLAN ID and so on Related command display mac address multicast static Example...

Page 555: ...iew Parameter group address Address of the multicast group interface type interface number VLAN interface type and VLAN interface number of the router which are used to specify a VLAN interface Description Use the display igmp group command to view the member information of the IGMP multicast group You can specify to show the information of a group or the member information of the multicast group ...

Page 556: ...oup hh mm ss 4 1 2 display igmp interface Syntax display igmp interface interface type interface number View Any view Parameter interface type interface number VLAN interface type and VLAN interface number of the router which are used to specify a VLAN interface If this argument is not specified the information about all the VLAN interfaces where IGMP is running is displayed Description Use the di...

Page 557: ...e of the querier max query response time Maximum time of response to query robust count IGMP robust count that is the times of sending IGMP group specific query packets before the IGMP querier receives the IGMP leave packet from the host startup query interval The startup interval of IGMP to send query packets last member query interval The interval of sending IGMP group specific query packets whe...

Page 558: ...gure other IGMP features Related command multicast routing enable Example Enable IGMP on Vlan interface 10 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 10 3Com Vlan interface10 igmp enable 4 1 4 igmp group limit Syntax igmp group limit limit undo igmp group limit View VALN interface view Parameter limit Quantity of multicast groups in the range of 0 to...

Page 559: ...ce 10 3Com Vlan interface10 igmp group limit 100 4 1 5 igmp group policy Syntax igmp group policy acl number 1 2 port interface list undo igmp group policy port interface list View VLAN interface view Parameter acl number Number of the basic IP access control list number defining a multicast group range The value ranges from 2000 to 2999 1 IGMP version 1 2 IGMP version 2 If IGMP version is not spe...

Page 560: ...ced by the VLAN interface Related command igmp host join Caution Ethernet ports must belong to the igmp group policy enabled VLAN interfaces only Example Configure the access list 2000 3Com system view System View return to User View with Ctrl Z 3Com acl number 2000 3Com acl basic 2000 rule permit source 225 0 0 0 0 255 255 255 3Com acl basic 2000 quit Configure that only the hosts matching ACL 20...

Page 561: ... host join port Example Configure that only the hosts matching ACL 2000 rules on Ethernet1 0 1 in VLAN interface10 can be added to the multicast group 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 10 3Com Vlan interface10 igmp enable 3Com Vlan interface10 quit 3Com interface Ethernet 0 1 3Com Ethernet0 1 port access vlan 10 3Com Ethernet0 1 igmp group p...

Page 562: ... 0 1 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 10 3Com Vlan interface10 igmp host join 225 0 0 1 port Ethernet 1 0 1 4 1 8 igmp host join vlan Syntax igmp host join group address vlan vlan id undo igmp host join group address vlan vlan id View Port view Parameter group address Multicast address of the multicast group that an interface will join vlan...

Page 563: ...astmember queryinterval command to restore the default value The interval for the IGMP querier to send IGMP group specific query packets is one second by default In the shared network that is a same network segment including multiple hosts and multicast routers the query router also known as querier is responsible for maintaining the IGMP group membership on the interface When the IGMP v2 host lea...

Page 564: ...3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 10 3Com Vlan interface10 igmp lastmember queryinterval 3 4 1 10 igmp max response time Syntax igmp max response time seconds undo igmp max response time View VLAN interface view Parameter seconds Maximum response time in the IGMP query messages in second in the range from 1 to 25 By default the value is 10 s...

Page 565: ...sable this configuration The IGMP proxy feature is disabled by default You must enable the PIM protocol on the interface first before enabling the igmp proxy command on the interface Only one IGMP proxy interface can be configured for an interface One interface cannot serve as the IGMP proxy interface of two or more interfaces If the IGMP proxy feature is configured on the same interface for multi...

Page 566: ...e the igmp report aggregation command to enable suppression on Layer 3 multicast IGMP report packets On an IP multicast routing enabled switch the VLAN interface receives only the first IGMP report packet from a multicast group in a query interval Use the undo igmp snooping report aggregation command to disable suppression on Layer 3 multicast IGMP report packets By default suppression on IGMP rep...

Page 567: ...le hosts and multicast routers the query router is responsible for maintaining the IGMP group membership on the interface When the IGMP v2 host leaves a group it sends an IGMP Leave message When receiving the IGMP Leave message IGMP query router must send the IGMP group specific query message for specified times by the robust value parameter in the igmp robust count command with default value as 2...

Page 568: ... in the range of 1 to 131 070 in seconds Description Use the igmp timer other querier present command to configure the presence time of the IGMP querier Use the undo igmp timer other querier present command to restore the default value By default the presence time of the IGMP querier is twice the value of IGMP query message interval that is 120 seconds On a shared network i e there are multiple mu...

Page 569: ...command to configure the interval at which a router interface sends IGMP query messages Use the undo igmp timer query command to restore the default value By default a router interface transmits IGMP query messages at the interval of 60 seconds A multicast router periodically sends out IGMP query messages to attached segments to find hosts that belong to different multicast groups The query interv...

Page 570: ...n 2 All routers on a subnet must support the same version of IGMP After detecting the presence of IGMP Version 1 system a router cannot automatically switch to Version 1 Example Run IGMP Version 1 on VLAN interface10 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 10 3Com Vlan interface10 igmp version 1 4 1 17 reset igmp group Syntax reset igmp group all ...

Page 571: ...d to the VLAN interface again Example Delete all IGMP groups on all the VLAN interfaces 3Com reset igmp group all Delete all IGMP groups on Vlan interface10 3Com reset igmp group interface Vlan interface10 all Delete the group 225 0 0 1 from Vlan interface10 3Com reset igmp group interface Vlan interface10 225 0 0 1 Delete the IGMP groups ranging from 225 1 1 0 to 225 1 1 255 on Vlan interface10 3...

Page 572: ...rk the following two measures need to be taken z Prevent the router from being spoofed by hosts though faking legal BSR messages to modify RP mapping BSR messages are of multicast type and their TTL is 1 so this type of attacks often hit edge routers Fortunately BSRs are inside the network while assaulting hosts are outside therefore neighbor and RPF checks can be used to stop this type of attacks...

Page 573: ...g enable 3Com pim 3Com pim bsr policy 2000 3Com pim quit 3Com acl number 2000 3Com acl basic 2000 rule 0 permit source 101 1 1 1 0 5 1 2 c bsr Syntax c bsr interface type interface number hash mask len priority undo c bsr View PIM view Parameter interface type interface number Specifies the VLAN interface The candidate BSR is configured on the VLAN interface PIM SM must be enabled on the VLAN inte...

Page 574: ...rface type interface number all View PIM view Parameter interface type interface number Specifies the VLAN interface whose IP address is advertised as a candidate RP address acl number Number of the basic ACL that defines a group range which is the service range of the advertised RP The value ranges from 2000 to 2999 priority value Priority value of candidate RP in the range of 0 to 255 The greate...

Page 575: ...RP as well as target service group range of each C RP prevent C RP proofing Use the undo crp policy command to restore the default setting that is no range limit is set and all received messages are taken as legal In the PIM SM network using BSR mechanism every router can set itself as C RP candidate rendezvous point servicing particular groups If elected a C RP becomes the RP servicing the curren...

Page 576: ... only for the groups 225 1 0 0 16 3Com system view System View return to User View with Ctrl Z 3Com multicast routing enable 3Com pim 3Com pim crp policy 3000 3Com pim quit 3Com acl number 3000 3Com acl adv 3000 rule 0 permit source 1 1 1 1 0 destination 225 1 0 0 0 0 255 255 5 1 5 display pim bsr info Syntax display pim bsr info View Any view Parameter None Description Use the display pim bsr inf...

Page 577: ...m interface command to view the PIM configuration information of the interface If neither the VLAN interface type nor the VLAN interface number is specified the PIM configuration information of all VLAN interfaces is displayed if both the VLAN interface type and the VLAN interface number are specified the PIM configuration information about the specified VLAN interface is displayed Example Display...

Page 578: ...rs on the current interface PIM DR Designated router 5 1 7 display pim neighbor Syntax display pim neighbor interface interface type interface number View Any view Parameter interface type interface number Interface type and interface number used to specify the VLAN interface Description Use the display pim neighbor command to view the PIM neighbor information discovered by the VLAN interface of t...

Page 579: ... source address mask mask length mask incoming interface interface type interface number null dense mode sparse mode View Any view Parameter rp RP route entry g G route entry group address Address of the multicast group source address IP address of the multicast source incoming interface interface type interface number View the route entry whose incoming VLAN interface is the specified VLAN interf...

Page 580: ...2 224 2 181 90 Protocol 0x20 PIMSM Flag 0x4 SPT UpTime 23 59 Timeout after 196 seconds Upstream interface VLAN interface2 RPF neighbor NULL Downstream interface list NULL Total 2 entries listed Table 5 4 Description on the fields of the display routing table command Field Description RP Rendezvous Point S G source address multicast group PIM SM PIM Sparse Mode SPT Shortest Path Tree RPF Reverse Pa...

Page 581: ...on 2 Priority 0 Uptime 00 39 50 Expires 00 01 40 Table 5 5 Description on the fields of the display pim rp info command Field Description PIM SM RP SET information Combination of RP information sets BSR is 4 4 4 6 BSR is the VLAN interface of 4 4 4 6 in the network Group MaskLen 224 0 0 0 4 RP 4 4 4 6 Version 2 Priority 0 Uptime 00 39 50 Expires 00 01 40 The RP whose group address is 224 0 0 0 and...

Page 582: ... 3Com pim 5 1 11 pim bsr boundary Syntax pim bsr boundary undo pim bsr boundary View VLAN interface view Parameter None Description Use the pim bsr boundary command to configure a VLAN interface of the switch as the PIM domain boundary Use the undo pim bsr boundary command to remove the configured PIM domain boundary The switch does not set any PIM domain boundary by default After you use this com...

Page 583: ...e 3Com pim 3Com interface Vlan interface 10 3Com Vlan interface10 pim bsr boundary 5 1 12 pim dm Syntax pim dm undo pim dm View VLAN interface view Parameter None Description Use the pim dm command to enable PIM DM Use the undo pim dm command to disable PIM DM By default PIM DM is disabled Once enabled PIM DM on an interface PIM SM cannot be enabled on the same interface and vice versa Example Ena...

Page 584: ...hed Use the undo pim neighbor limit command to restore the default setting By default the number of PIM neighbors on a VLAN interface is limited within 128 If the number of existing PIM neighbors exceeds the configured limit they will not be deleted Example Limit the number of PIM neighbors on Vlan interface10 within 50 3Com system view System View return to User View with Ctrl Z 3Com multicast ro...

Page 585: ...hbor of the Vlan interface10 but not 10 10 1 1 3Com system view System View return to User View with Ctrl Z 3Com multicast routing enable 3Com interface Vlan interface 10 3Com Vlan interface10 pim neighbor policy 2000 3Com Vlan interface10 quit 3Com acl number 2000 3Com acl basic 2000 rule permit source 10 10 1 2 0 3Com acl basic 2000 rule deny source 10 10 1 1 0 5 1 15 pim sm Syntax pim sm undo p...

Page 586: ...ds Hello packets Use the undo pim timer hello command to restore the default value of the interval By default a VLAN interface sends Hello packets at the interval of 30 seconds When the PIM SM protocol is enabled on a VLAN interface the switch will periodically send Hello packets to the network devices supporting PIM If the VLAN interface receives Hello packets it means that the VLAN interface has...

Page 587: ...the PIM SM network and to accept the specified packets only Use the undo register policy command to remove the configured packet filtering Example If the local device is the RP in the network using the following command can only accept multicast message register of the source sending multicast address in the range of 225 1 0 0 16 on network segment 10 10 0 0 16 3Com system view System View return ...

Page 588: ...switchover Use the undo spt switch threshold command to restore the threshold to the default value In PIM SM an Ethernet switch forwards multicast packets over RPT initially If the multicast traffic sent by the multicast source exceeds the threshold value the multicast traffic will be switched from RPT to SPT when it passes the last hop Ethernet switch Note Currently the threshold value can be 0 o...

Page 589: ... neighbors on the specified VLAN interface Related command display pim neighbor Example Clear the PIM neighbor 25 5 4 3 3Com reset pim neighbor 25 5 4 3 5 1 20 reset pim routing table Syntax reset pim routing table all group address mask group mask mask length group mask length source address mask source mask mask length source mask length incoming interface interface type interface number View Us...

Page 590: ...s can have a mask but the resulted IP address must be 224 0 0 0 and source address has no mask then it means only the RP item will be cleared If in this command the group address is any a group address and source address is 0 where group address can have a mask and source address has no mask then only the G item will be cleared This command shall clear not only multicast route entries from PIM rou...

Page 591: ...s of all multicast data packets received Those not matched will be discarded When this feature is configured the router filters not only multicast data but the multicast data encapsulated in the registration packets The new configuration overwrites the old one if you run the command for a second time Example Set to receive the multicast data packets from source address 10 10 1 2 but discard those ...

Page 592: ...gure static RP Use the undo static rp command to remove the configuration Static RP function as the backup of dynamic RP so as to improve the network robusticity If the RP elected by BSR mechanism is valid static RP will not work All routers in the PIM domain must be configured with this command and be specified with the same RP address The new configuration overwrites the old one if you execute t...

Page 593: ...1 7 dot1x port control 1 10 1 1 8 dot1x port method 1 11 1 1 9 dot1x quiet period 1 12 1 1 10 dot1x re authenticate 1 13 1 1 11 dot1x retry 1 14 1 1 12 dot1x retry version max 1 15 1 1 13 dot1x supp proxy check 1 15 1 1 14 dot1x timer 1 18 1 1 15 dot1x version check 1 20 1 1 16 reset dot1x statistics 1 20 Chapter 2 HABP Configuration Commands 2 1 2 1 HABP Configuration Commands 2 1 2 1 1 display h...

Page 594: ...ace name interface type interface num where interface type specifies the type of an Ethernet port and interface num identifies the number of the port 1 10 means that up to 10 port indexes port index lists can be provided Description Use the display dot1x command to display 802 1x related information such as configuration information operation information session information and statistics By defau...

Page 595: ... Total current used 802 1x resource number is 0 GigabitEthernet1 0 1 is link up 802 1X protocol is disabled Proxy trap checker is disabled Proxy logoff checker is disabled Guest Vlan is disabled Version Check is disabled The port is a n authenticator Authenticate Mode is auto Port Control Type is Mac based ReAuthenticate is disabled Max on line user number is 1024 Display omitted here Table 1 1 De...

Page 596: ...sion period timer the tx period Handshake Period Setting of the handshake period timer the handshake period ReAuth Period 802 1x re authentication Quiet Period Setting of the quiet period timer the quiet period Quiet Period Timer is disabled The quiet period timer is disabled Supp Timeout Setting of the supplicant timeout timer supp timeout Server Timeout Setting of the server timeout timer server...

Page 597: ...s disabled Version Check is disabled The client version check function is disabled The port is a n authenticator The port acts as an authenticator Authenticate Mode is auto The port access control mode is auto Port Control Type is Mac based The port access control method is MAC based That is supplicant systems are authenticated based on their MAC addresses Max on line user number The maximum numbe...

Page 598: ... perform 802 1x related configurations globally or on specified ports either before or after 802 1x is enabled If you do not previously perform other 802 1x related configurations when enabling 802 1x globally the switch adopts the default 802 1x settings 802 1x related configurations take effect on a port only after 802 1x is enabled both globally and on the port Configurations of 8021 x and the ...

Page 599: ...In this method passwords are transmitted in plain text CHAP applies a three way handshaking procedure In this method user names are transmitted rather than passwords Therefore this method is safer In an EAP authentication method a switch sends 802 1x authentication information directly to the RADIUS server in EAP packets instead of having to convert them into RADIUS packets before forwarding to th...

Page 600: ...ot authenticate a supplicant system when the latter applies for a dynamic IP address through DHCP Related command display dot1x Example Configure to authenticate a supplicant system when it applies for a dynamic IP address through DHCP 3Com system view System View return to User View with Ctrl Z 3Com dot1x dhcp launch 1 1 5 dot1x guest vlan Syntax dot1x guest vlan vlan id interface interface list ...

Page 601: ...gument these two commands apply to the specified Ethernet ports When being executed in Ethernet port view these two commands apply to the current Ethernet port only In this case the interface list argument is not needed Caution z The Guest VLAN function is available only when the switch operates in a port based authentication mode z Only one Guest VLAN can be configured for each switch z The Guest...

Page 602: ...umber 1 10 means that up to 10 port indexes port index lists can be provided Description Use the dot1x max user command to set the maximum number of supplicant systems an Ethernet port can accommodate Use the undo dot1x max user command to revert to the default maximum supplicant system number When being executed in system view these two commands apply to all Ethernet ports of the switch if you do...

Page 603: ...t list You can specify multiple Ethernet ports by providing this argument in the form of interface list interface name to interface name 1 10 The interface name argument is the port index of an Ethernet port and can be specified in this form interface name interface type interface num where interface type specifies the type of a port and interface num identifies the port number 1 10 means that up ...

Page 604: ...interface name argument is the port index of an Ethernet port and can be specified in this form interface name interface type interface num where interface type specifies the type of a port and interface num identifies the port number 1 10 means that up to 10 port indexes port index lists can be provided The default access control method is MAC address based That is the macbased keyword is specifi...

Page 605: ...ument is not needed Related command display dot1x Example Specify to authenticate supplicant systems connected to Ethernet 3 0 1 port by port numbers 3Com system view System View return to User View with Ctrl Z 3Com dot1x port method portbased interface Ethernet 3 0 1 1 1 9 dot1x quiet period Syntax dot1x quiet period undo dot1x quiet period View System view Parameter None Description Use the dot1...

Page 606: ... port index lists can be provided Description Use the dot1x re authenticate command to enable 802 1x re authentication on the specified port or on all Authenticator ports of the switch Use the undo dot1x re authenticate command to disable 802 1x re authentication on the specified port or on all Authenticator ports of the switch By default 802 1x re authentication is disabled on all ports When you ...

Page 607: ...supplicant systems Use the undo dot1x retry command to revert to the default value Having sent authentication request packets to a supplicant system a switch will resend the packets if within a preset period it still has not received any response from the supplicant system The dot1x retry command is used to set the maximum number of times that a switch will resend the request packets When set to 1...

Page 608: ...ess user for up to three times repeatedly Having sent a version request packet to the supplicant system the switch will resend the packet if within a preset period as determined by the client version timer it still has not received any response from the supplicant system When the number set by this command has reached and there is still no response from the supplicant system the switch will contin...

Page 609: ... to cancel the setting By default 802 1X client checking is disabled for all Ethernet ports In system view execution of the dot1x supp proxy check command enables the supplicant system proxy checking function for specified ports if the interface list argument is provided in Ethernet port view the interface list argument is not needed only the current port can have the function In system view after...

Page 610: ...later version z The supplicant system proxy checking function takes effect only after it has been enabled on CAMS and the client version checking function is enabled on the switch using the dot1x version check command Related command display dot1x Example Configure to disconnect any supplicant system connected to Ethernet3 0 1 through Ethernet3 0 8 ports if it has been detected logging in through ...

Page 611: ... this timer period a supplicant system initializes 802 1x re authentication reauth period value Value in seconds of the re authentication period timer This value ranges from 1 to 86400 and defaults to 3600 quiet period Quiet period timer triggered after the user has failed the authentication After the time as specified by the quiet period timer has elapsed the user can resend the authentication re...

Page 612: ...ing period timer if within the period no response packet has been sent back from the supplicant system the switch will resend the client version checking request packet ver period value Value of the client version checking period timer in seconds This value can range from 1 to 30 with a default value of 30 Description Use the dot1x timer command to set a specified 802 1x timer Use the undo dot1x t...

Page 613: ... check command to enable 802 1x client version checking for specified Ethernet ports Use the undo dot1x version check command to disable 802 1x client version checking for specified Ethernet ports By default 802 1x client version checking is disabled on all Ethernet ports In system view execution of the dot1x version check command enables the client version checking function for specified ports if...

Page 614: ...e type of a port and interface num identifies the port number 1 10 means that up to 10 port indexes port index lists can be provided Description Use the reset dot1x statistics command to clear 802 1x related statistics Use this command to reset 802 1x related statistics In this command If the interface list argument is not specified this command clears statistics globally and the 802 1X statistics...

Page 615: ...ation and status information 3Com display habp Global HABP information HABP Mode Server Sending HABP request packets every 20 seconds Bypass VLAN 2 Table 2 1 Description on the fields of the display habp command Field Description HABP Mode Indicates the HABP mode of the switch A switch can operate as an HABP server displayed as Server or an HABP client displayed as Client Sending HABP request pack...

Page 616: ...y HABP 3Com display habp table MAC Holdtime Receive Port 001f 3c00 0030 53 Ethernet1 0 1 Table 2 2 Description on the fields of the display habp table command Field Description MAC MAC addresses listed in the HABP MAC address table Holdtime Hold time of the entries in the HABP MAC address table An address will be removed from the table if it has not been updated during the hold time Receive Port T...

Page 617: ...y habp traffic command Field Description Packets output Number of the HABP packets sent Input Number of the HABP packets received ID error Number of HABP packets with ID errors Type error Number of HABP packets with type errors Version error Number of HABP packets with version errors Sent failed Number of HABP packets that failed to be sent 2 1 4 habp enable Syntax habp enable undo habp enable Vie...

Page 618: ...re a switch to operate as an HABP server and HABP packets to be broadcast in specified VLAN Use the undo habp server vlan command to revert to the default HABP mode By default a switch operates as an HABP client To specify a switch to operate as an HABP server you need to enable HABP using the habp enable command for the switch first Even if HABP is not enabled the client can still configure the s...

Page 619: ... habp timer command to set the interval for a switch to send HABP request packets Use the undo habp timer command to revert to the default interval The default interval for a switch to send HABP request packets is 20 seconds Use these two commands on switches operating as HABP servers only Example Configure the switch to send HABP request packets once in every 50 seconds 3Com system view System Vi...

Page 620: ...enger 1 13 1 1 13 name 1 14 1 1 14 password 1 15 1 1 15 radius scheme 1 16 1 1 16 scheme 1 17 1 1 17 self service url 1 18 1 1 18 service type 1 19 1 1 19 state 1 20 1 1 20 vlan assignment mode 1 21 1 2 RADIUS Configuration Commands 1 23 1 2 1 accounting on enable 1 23 1 2 2 accounting optional 1 25 1 2 3 data flow format 1 26 1 2 4 display local server statistics 1 27 1 2 5 display radius 1 27 1 ...

Page 621: ...ata flow format 1 54 1 3 2 display hwtacacs 1 55 1 3 3 display stop accounting buffer 1 56 1 3 4 hwtacacs nas ip 1 57 1 3 5 hwtacacs scheme 1 58 1 3 6 key 1 58 1 3 7 nas ip 1 59 1 3 8 primary accounting 1 60 1 3 9 primary authentication 1 61 1 3 10 primary authorization 1 62 1 3 11 reset hwtacacs statistics 1 63 1 3 12 reset stop accounting buffer 1 63 1 3 13 retry stop accounting 1 64 1 3 14 seco...

Page 622: ...rent ISP domain The value of max user number ranges from 1 to 4120 Description Use the access limit command to set the maximum number of access users that can be contained in current ISP domain Use the undo access limit command to restore the default maximum number By default the number of access users that can be contained in current ISP domain is unlimited Because resource contention may occur b...

Page 623: ...nges from 60 to 7200 access limit max user number Sets the maximum number of users who can access the switch with current user name The value of max user number ranges from 1 to 4096 vlan vlan id Sets the VLAN to which the user is bound that is sets which VLAN the user belongs to vlan id is an integer ranging from 1 to 4094 location Sets the port binding attribute of the user nas ip ip address Set...

Page 624: ... interface number ip ip address mac mac address radius scheme radius scheme name vlan vlan id ucibindex ucib index user name user name View System view Parameter all Cuts down all user connections access type dot1x Cuts down all 802 1x user connections domain isp name Cuts down all user connections in the specified ISP domain isp name is the name of an ISP domain It is a character string of up to ...

Page 625: ... forcibly This command cuts down the connections of 802 1x users only Related command display connection Example Cut down all 802 1x user connections in the ISP domain named aabbcc net 3Com system view System View return to User View with Ctrl Z 3Com cut connection domain aabbcc net 1 1 4 display connection Syntax display connection access type dot1x domain domain name interface interface type int...

Page 626: ...ame is a character string of up to 32 characters The string cannot contain the following characters It can contain no more than one character The pure user name user ID that is the part before can contain no more than 24 characters Description Use the display connection command to display information about the specified user connection or all user connections so as to troubleshoot user connections...

Page 627: ... display domain 0 Domain system State Active Scheme LOCAL Access limit Disable Vlan assignment mode Integer accounting mode time Domain User Template Idle cut Disable Self service Disable Messenger Time Disable Default Domain Name system Total 1 domain s 1 listed Table 1 1 describes the fields shown in the display Table 1 1 Description on the fields of the display domain command Field Description ...

Page 628: ...the specified ISP domain isp name is the name of an ISP domain a character string of up to 24 characters You can only specify an existing ISP domain idle cut Displays the local users who are inhibited from enabling the idle cut function or the local users who are allowed to enable the idle cut function disable specifies the inhibited local users and enable specifies the allowed local users This ar...

Page 629: ...ll local users so as to troubleshoot local user configuration By default this command displays the information about all local users Related command local user service type Example Display information about all local users 3Com display local user The contents of local user user1 State Active ServiceType Mask T Idle cut Disable Access limit Disable Current AccessNum 0 Bind location Disable Vlan ID ...

Page 630: ...ISP domain to system Description Use the domain command to create an ISP domain or enter the view of an existing ISP domain Use the undo domain command to delete a specified ISP domain The default ISP domain is system An ISP domain is an ISP user group comprising the users of the same ISP Normally in a username such as gw20010608 aabbcc net in the userid isp name format isp name such as aabbcc net...

Page 631: ...Com isp aabbcc net 1 1 8 idle cut Syntax dle cut disable enable minute flow View ISP domain view Parameter disable Inhibits users from enabling the idle cut function enable Allows users to enable the idle cut function minute Maximum idle time ranging from 1 minute to 120 minutes flow Minimum data flow ranging from 1 byte to 10 240 000 bytes 10 M Description Use the idle cut command to set the user...

Page 632: ...ser It is an integer ranging from 0 to 3 and defaulting to 0 Description Use the level command to set the priority level of the user Use the undo level command to restore the default priority level of the user Note The commands that a user can access after login is determined by the priority level of the user and the level set on the user interface If the two levels are different z The command lev...

Page 633: ...part before cannot be longer than 55 characters The local user name is case insensitive service type Specifies the local users of the specified type You can specify one of the following user types telnet ftp and lan access generally this type of users are Ethernet access users for example 802 1x users ssh and terminal this type of users are terminal users who log into the switch through the Consol...

Page 634: ...to set the password display mode of all local users Use the undo local user password display mode command to restore the default password display mode of all local users When the cipher force mode is adopted all passwords will be displayed in cipher text even through some users have specified to display their passwords in plain text by using the password command with the simple keyword By default ...

Page 635: ... By default the messenger function is disabled on the switch The purpose of this function is to remind online users of their remaining online time through clients in the form of message dialog You can use messenger time enable command to set a remaining online time limit and the interval to send prompt messages After that the switch regularly sends prompt messages at the set interval to the client...

Page 636: ...uest vlan and vlan assignment mode Example Set the name of VLAN 100 to test 3Com system view System View return to User View with Ctrl Z 3Com vlan 100 3Com vlan100 name test 1 1 14 password Syntax password simple cipher password undo password View Local user view Parameter simple Specifies to display the password in plain text cipher Specifies to display the password in cipher text password Passwo...

Page 637: ... a user named 3Com1 to 20030422 and specify to display the password in plain text 3Com system view System View return to User View with Ctrl Z 3Com local user 3Com1 3Com luser 3Com1 password simple 20030422 1 1 15 radius scheme Syntax radius scheme radius scheme name View ISP domain view Parameter radius scheme name Name of a RADIUS scheme a character string of up to 32 characters Description Use ...

Page 638: ...d to specify the AAA scheme used by current ISP domain Use the undo scheme command to restore the default AAA scheme used by the ISP domain By default the ISP domain uses the local AAA scheme z If you execute the scheme radius scheme radius scheme name local command the local scheme becomes the secondary scheme in case the RADIUS server does not response normally That is if the communication betwe...

Page 639: ... actual URL of the self service server contains any question mark you should change it to an elect bar Description Use the self service url enable command to enable the self service server location function Use the self service url disable command to disable the self service server location function By default this function is disabled This command must be used with the cooperation of a self servi...

Page 640: ... 10 153 89 94 selfservice modPasswd1x jsp userName 1 1 18 service type Syntax service type ftp ftp directory directory lan access ssh telnet terminal level level undo service type ftp ftp directory lan access ssh telnet terminal View Local user view Parameter ftp Specifies that this is a ftp user ftp directory directory Specifies the path for FTP users directory is a string of up to 64 characters ...

Page 641: ...current ISP domain in ISP domain view or current user in local user view to allow users in current ISP domain or current user to access the network block Hangs up the current ISP domain in ISP domain view or current user in local user view to inhibit users in current ISP domain or current user from accessing the network Description Use the state command to set the status of current ISP domain or t...

Page 642: ... assignment mode to integer string Sets the VLAN assignment mode to string Description Use the vlan assignment mode command to set the VLAN assignment mode integer or string on the switch By default the VLAN assignment mode is integer that is the switch supports its RADIUS authentication server to assign integer VLAN IDs The dynamic VLAN assignment feature enables a switch to dynamically add the p...

Page 643: ...iving a string ID assigned by the RADIUS authentication server the switch compares the ID with existing VLAN names on the switch If it finds a match it adds the port to the corresponding VLAN Otherwise the VLAN assignment fails and the user cannot pass the authentication The two dynamic VLAN assignment modes integer and string supported by the switch are set according to the authentication server ...

Page 644: ... if the VLAN ID assigned by the RADIUS server is a character string containing only digits for example 1024 the switch first regards it as an integer VLAN ID the switch transforms the string to an integer value and judges if the value is in the valid VLAN ID range if it is the switch adds the authenticated port to the VLAN with the value as the VLAN ID VLAN 1024 for example Related command name do...

Page 645: ...m users cannot re log into the switch after the switch restarts because they are already online After this function is enabled every time the switch restarts z The switch generates an Accounting On packet which mainly contains the following information NAS ID NAS IP address source IP address and session ID z The switch sends the Accounting On packet to CAMS at regular intervals z Once the CAMS rec...

Page 646: ...ication upon device restart function for the RADIUS scheme named CAMS 3Com system view 3Com radius scheme CAMS 3Com radius CAMS accounting on enable 1 2 2 accounting optional Syntax accounting optional undo accounting optional View RADIUS scheme view ISP domain view Parameter None Description Use the accounting optional command to open the accounting optional switch Use the undo accounting optiona...

Page 647: ...byte mega byte packet giga packet kilo packet mega packet one packet undo data flow format View RADIUS scheme view Parameter data Sets the unit of measure for data byte Specifies to measure data in bytes giga byte Specifies to measure data in gigabytes kilo byte Specifies to measure data in kilobytes mega byte Specifies to measure data in megabytes packet Sets the unit of measure for packets giga ...

Page 648: ...ta kilo byte packet kilo packet 1 2 4 display local server statistics Syntax display local server statistics View Any view Parameter None Description Use the display local server statistics command to display the statistics about all local RADIUS authentication servers Related command local server Example Display the statistics about local RADIUS authentication server 3Com display local server sta...

Page 649: ...IUS schemes Related command radius scheme Example Display the configuration information about all RADIUS schemes 3Com display radius SchemeName system Index 0 Type 3Com Primary Auth IP 127 0 0 1 Port 1645 State active Primary Acct IP 127 0 0 1 Port 1646 State active Second Auth IP 0 0 0 0 Port 1812 State block Second Acct IP 0 0 0 0 Port 1813 State block Auth Server Encryption Key 3Com Acct Server...

Page 650: ... Second Acct IP Port State IP address access port number state of the secondary accounting server Auth Server Encryption Key Login password for the authentication servers Acct Server Encryption Key Login password for the accounting servers TimeOutValue seconds RADIUS server response timeout time RetryTimes Maximum number of transmission attempts Permitted send realtime PKT failed counts Maximum al...

Page 651: ...p 0 StateErr 0 Received and Sent packets statistic Sent PKT total 0 Received PKT total 0 RADIUS received packets statistic Code 2 Num 0 Err 0 Code 3 Num 0 Err 0 Code 5 Num 0 Err 0 Code 11 Num 0 Err 0 Running statistic RADIUS received messages statistic Normal auth request Num 0 Err 0 Succ 0 EAP auth request Num 0 Err 0 Succ 0 Account request Num 0 Err 0 Succ 0 Account off request Num 0 Err 0 Succ ...

Page 652: ...ing requests of the specified user Where user name is a character string of up to 32 characters Description Use the display stop accounting buffer command to display the no response stop accounting request packets buffered in the switch z You can choose to display the buffered stop accounting packets of a specified RADIUS scheme session ID or user name You can also specify a time range to display ...

Page 653: ...her The two parties verify the validity of the exchanged packets by using the encrypted keys that have been set on them and can accept and respond to the packets sent from each other only if both of them have the same encrypted keys If the authentication authorization server and the accounting server are two separate devices and the two servers have different encrypted keys you must set the encryp...

Page 654: ...nd a network access server and all authentications are performed locally Note that z The switch not only supports the traditional RADIUS client service to accomplish user AAA management through foreign authentication authorization server and accounting server but also provides a simple local RADIUS server function for authentication and authorization This function is called local RADIUS authentica...

Page 655: ...IUS packets an IP address of this device This address can neither be the all zero address nor be a Class D address Description Use the nas ip command to set the source IP address used by the switch to send RADIUS packets Use the undo nas ip command to remove the source IP address setting Note The nas ip command in RADIUS scheme view has the same function as the radius nas ip command in system view...

Page 656: ... restore the default IP address and port number of the primary RADIUS accounting server The IP address and UDP port number of the primary accounting server used by the default RADIUS scheme system are 127 0 0 1 and 1646 The IP address and the UDP port number of the primary accounting server used by a newly created RADIUS scheme are 0 0 0 0 and 1813 After creating a new RADIUS scheme you should con...

Page 657: ... server Use the undo primary authentication command to restore the default IP address and port number of the primary RADIUS authentication authorization server The IP address and UDP port number of the primary authentication server used by the default RADIUS scheme system are 127 0 0 1 and 1645 The IP address and UDP port number of the secondary authentication server is 0 0 0 0 and 1812 The IP add...

Page 658: ...ius scheme radius1 3Com radius radius1 primary authentication 10 110 1 1 1812 1 2 13 radius nas ip Syntax radius nas ip ip address undo radius nas ip View System view Parameter ip address Source IP address in dotted decimal notation Description Use the radius nas ip command to set the source address used by the NAS to send RADIUS packets Use the undo radius nas ip command to restore the default se...

Page 659: ... 14 radius scheme Syntax radius scheme radius scheme name undo radius scheme radius scheme name View System view Parameter radius scheme name Name of the RADIUS scheme a character string of up to 32 characters Description Use the radius scheme command to create a RADIUS scheme and enter its view Use the undo radius scheme command to delete the specified RADIUS scheme By default a RADIUS scheme nam...

Page 660: ...ltime accounting radius scheme timer realtime accounting stop accounting buffer enable retry stop accounting server type state user name format retry display radius and display radius statistics Example Create a RADIUS scheme named radius1 and enter its view 3Com system view System View return to User View with Ctrl Z 3Com radius scheme radius1 3Com radius radius1 1 2 15 reset radius statistics Sy...

Page 661: ...oth are in the format hh mm ss mm dd yyyy or hh mm ss yyyy mm dd With this argument specified this command displays the buffered stop accounting requests from the start time to the end time user name user name Deletes the buffered stop accounting request packets depending on the specified user name user name is a character string of up to 32 characters Description Use the reset stop accounting buf...

Page 662: ...mpts ranging from 1 to 20 and defaulting to 3 Description Use the retry command to set the maximum number of transmission attempts of RADIUS requests Use the undo retry command to restore the default maximum number of transmission attempts Note that z The communication in RADIUS is unreliable because this protocol adopts UDP packets to carry data Therefore it is necessary for the switch to retrans...

Page 663: ... default maximum number of real time accounting request attempts By default the system can allow five real time accounting request attempts at most Note that z Generally the RADIUS server uses the connection timeout timer to determine whether a user is online or not If the RADIUS server receives no real time accounting packet for a specified period of time it will consider that the line or the swi...

Page 664: ...econds after it sends out an accounting request it resends the request if the switch continuously sends the accounting request for three times but does not receive any response it considers this real time accounting a failure Then the switch sends the accounting request every 12 minutes if the number of accounting failures exceeds five the user connection is cut down Related command radius scheme ...

Page 665: ...ounting buffer radius scheme and display stop accounting buffer Example In RADIUS scheme radius1 specify that the switch can transmit a buffered stop accounting request at most 1 000 times 3Com system view System View return to User View with Ctrl Z 3Com radius scheme radius1 3Com radius radius1 retry stop accounting 1000 1 2 20 secondary accounting Syntax secondary accounting ip address port numb...

Page 666: ...tion authorization server is 0 0 0 0 port number UDP port number ranging from 1 to 65535 By default the UDP port number of the secondary authentication authorization service is 1812 Description Use the secondary authentication command to set the IP address and port number of the secondary RADIUS authentication authorization server Use the undo secondary authentication command to restore the defaul...

Page 667: ...ent on the switch and the RADIUS server interact with each other following the procedure and packet format of the standard RADIUS protocol RFC2865 2866 or above Description Use the server type command to specify the RADIUS server type supported by the switch Use the undo server type command to restore the default RADIUS server type supported by the switch By default the RADIUS server type of a new...

Page 668: ...vers or accounting servers in a RADIUS scheme note that z When the NAS fails to communicate with the primary server due to some server trouble the NAS will actively exchange packets with the secondary server z After the primary server recovers the NAS does not immediately restore the communication with the primary server but keeps communicating with the secondary server unit the secondary server a...

Page 669: ...equests are critical to billing and will eventually affect the charges they are important for both the users and the ISP Therefore the NAS should do its best to transmit them to the RADIUS accounting server If the RADIUS accounting server does not respond to such a request the switch should first buffer the request on itself and then retransmit the request to the RADIUS accounting server until it ...

Page 670: ...IUS request authentication authorization request or accounting request and waiting for a time it should retransmit the packet to ensure that the user can obtain the RADIUS service This wait time is called response timeout time of RADIUS server and the timer in the switch system that is used to control this time is called the response timeout timer of RADIUS server You can use the timer command to ...

Page 671: ...it time works as follows The switch sends a RADIUS packet to the primary RADIUS server After confirming that no response will be received from the primary server the switch starts to send RADIUS packets to the secondary RADIUS server At the interval of wait time the switch sets the state of the primary server to active and sends RADIUS packets to the primary server Example Set the wait time for th...

Page 672: ... the real time accounting interval depends to some degree on the performance of the NAS and the RADIUS server The higher the performance of the NAS and the RADIUS server is the shorter the interval can be You are recommended to set the interval as long as possible when the number of users is relatively great ƒ1000 Table 1 5 lists the numbers of users and the corresponding recommended intervals Tab...

Page 673: ...d waiting for a time it should retransmit the packet to ensure that the user can obtain the RADIUS service This wait time is called response timeout time of RADIUS servers and the timer in the switch system that is used to control this time is called the response timeout timer of RADIUS servers You can use the timer response timeout command to set the timeout time of this timer z Appropriately set...

Page 674: ...vers cannot accept the user names that carry ISP domain names In this case it is necessary to remove the domain names carried in the user names before sending the user names to the RADIUS server For this reason the user name format command is available for you to specify whether or not ISP domain names are carried in the user names sent to the RADIUS server Note For a RADIUS scheme if you have spe...

Page 675: ...cket unit giga packet Sets giga packet as the unit of packet flow This means each giga packet contains 1 G packets kilo packet Sets kilo packet as the unit of packet flow This means each kilo packet contains 1 K packets mega packet Sets mega packet as the unit of packet flow This means each mega packet contains 1 M packets one packet Sets one packet as the unit of packet flow This means each one p...

Page 676: ...stics Displays complete statistics about the HWTACACS scheme Description Use the display hwtacacs command to displays the configuration or statistics of the specified or all HWTACACS schemes By default this command displays the configuration of all HWTACACS schemes Related command hwtacacs scheme Example View configuration information of HWTACACS scheme gy 3Com display hwtacacs gy HWTACACS server ...

Page 677: ...cheme a character string of up to 32 characters session id session id Displays information on buffered stop accounting requests according to the session ID specified by session id a character string of up to 50 characters time range start time stop time Displays information on buffered stop accounting requests according to the request time where start time is the start time of the stop accounting ...

Page 678: ... of the hwtacacs packet sent from NAS Use the undo hwtacacs nas ip command to restore the default setting Note that z By specifying the source address of the hwtacacs packet you can avoid destination unreachable packets as returned from the server upon interface failure The source address is normally recommended to be a loopback interface address z When you configure the source address for the NAS...

Page 679: ...HWTACACS scheme view and create the specified HWTACACS scheme if it does not exist Use the undo hwtacacs scheme command to delete an HWTACACS scheme Example Create an HWTACACS scheme named test1 and enter the relevant HWTACACS view 3Com system view System View return to User View with Ctrl Z 3Com hwtacacs scheme test1 Create a new HWTACACS server scheme 3Com hwtacacs test1 1 3 6 key Syntax key acc...

Page 680: ...y using shared keys Either of them receives and responds to the packet sent from the other party only when their shared keys are the same Therefore the shared key set on the switch and that on the TACACS server must be the same If the authentication authorization server and the accounting server are different and the shared key for the two servers are different a shared key must be set for authent...

Page 681: ...ress of the sending interface Related command display hwtacacs and hwtacacs nas ip Example Set the source IP address of the HWTACACS packets sent by the NAS switch to 10 1 1 1 3Com system view System View return to User View with Ctrl Z 3Com hwtacacs scheme test1 3Com hwtacacs test1 nas ip 10 1 1 1 1 3 8 primary accounting Syntax primary accounting ip address port undo primary accounting View HWTA...

Page 682: ... 3Com hwtacacs test1 primary accounting 10 163 155 12 49 1 3 9 primary authentication Syntax primary authentication ip address port undo primary authentication View HWTACACS scheme view Parameter ip address IP address of the server a valid unicast address in dotted decimal format port Port number of the server which is in the range 1 to 65535 and defaults to 49 Description Use the primary authenti...

Page 683: ...ess IP address of the server a valid unicast address in dotted decimal format port Port number of the server which is in the range 1 to 65535 and defaults to 49 Description Use the primary authorization command to configure a primary TACACS authorization server Use the undo primary authorization command to delete the configured primary authorization server By default the IP address of TACACS autho...

Page 684: ...iew User view Parameter accounting Clears all the HWTACACS accounting statistics authentication Clears all the HWTACACS authentication statistics authorization Clears all the HWTACACS authorization statistics all Clears all statistics Description Use the reset hwtacacs statistics command to clear HWTACACS protocol statistics Related command display hwtacacs Example Clear all HWTACACS protocol stat...

Page 685: ...stop accounting request This argument is in the format hh mm ss mm dd yyyy or hh mm ss yyyy mm dd and is used to display the buffered stop accounting requests from the start time to the end time With this argument specified this command displays the buffered stop accounting requests from the start time to the end time user name user name Displays information on buffered stop accounting requests ac...

Page 686: ... reset stop accounting buffer hwtacacs scheme and display stop accounting buffer Example Enable stop accounting packet transmission and allow up to 50 attempts for each request 3Com system view System View return to User View with Ctrl Z 3Com hwtacacs scheme test1 3Com hwtacacs test1 retry stop accounting 50 1 3 14 secondary accounting Syntax secondary accounting ip address port undo secondary acc...

Page 687: ...hwtacacs test1 secondary accounting 10 163 155 12 49 1 3 15 secondary authentication Syntax secondary authentication ip address port undo secondary authentication View HWTACACS scheme view Parameter ip address IP address of the server a valid unicast address in dotted decimal format port Port number of the server which is in the range of 1 to 65535 and defaults to 49 Description Use the secondary ...

Page 688: ... Parameter ip address IP address of the server a valid unicast address in dotted decimal format port Port number of the server in the range of 1 to 65535 By default it is 49 Description Use the secondary authorization command to configure a secondary TACACS authorization server Use the undo secondary authorization command to delete the configured secondary authorization server By default the IP ad...

Page 689: ...p accounting requests that bring no response By default the switch is enabled to buffer the stop accounting requests that bring no response Stop accounting requests are critical to billing and will eventually affect the charges they are important for both the users and the ISP Therefore the switch should do its best to transmit them to the HWTACACS accounting server If the HWTACACS accounting serv...

Page 690: ... must wait before it can resume the active state Use the undo timer quiet command to restore the default five minutes With the timer quiet command configured the switch stops processing the request packets from users when the communication between the switch and the server is interrupted The switch does not send user request packets to the server until the wait time of the switch is equal to or gr...

Page 691: ...tion of online users to the TACACS accounting server at intervals of this value z The setting of real time accounting interval depends somewhat on the performance of the switch and the TACACS server A shorter interval requires higher device performance You are therefore recommended to adopt a longer interval when there are a large number of users more than 1000 inclusive Table 1 6 recommends the r...

Page 692: ...t the response timeout timer of the TACACS server Use the undo timer response timeout command to restore the default five seconds Note As the HWTACACS is based on TCP either the server response timeout and or the TCP timeout may cause disconnection to the TACACS server Related command display hwtacacs Example Set the response timeout time of the TACACS server to 30 seconds 3Com system view System ...

Page 693: ...omain However some earlier TACACS servers reject the user name including an ISP domain name In this case the user name is sent to the TACACS server after its domain name is removed Accordingly the switch provides this command to decide whether the username sent to the TACACS server carries an ISP domain name or not z If a HWTACACS scheme is configured to reject usernames including ISP domain names...

Page 694: ... the undo security policy server command to delete the specified IP address You may specify up to eight security policy servers in a RADIUS scheme Each RADIUS scheme supports at most eight IP addresses of security policy servers The switch only responds to the session control packets coming from the authentication server and security policy server Example Set the IP address of the security policy ...

Page 695: ...3Com Switch 7750 Series Command Reference Guide AAA RADIUS HWTACACS EAD Chapter 2 EAD Configuration Commands 2 2 user name format without domain ...

Page 696: ... authentication mode 1 4 1 1 5 vrrp method 1 5 1 1 6 vrrp ping enable 1 6 1 1 7 vrrp vrid preempt mode 1 6 1 1 8 vrrp vrid priority 1 8 1 1 9 vrrp vrid timer advertise 1 9 1 1 10 vrrp vrid track 1 9 1 1 11 vrrp vrid virtual ip 1 11 Chapter 2 HA Configuration Commands 2 1 2 1 HA Configuration Commands 2 1 2 1 1 display switchover state 2 1 2 1 2 slave auto update config 2 1 2 1 3 slave restart 2 2 ...

Page 697: ...te packet Debugs VRRP packets Description Use the debugging vrrp command to enable VRRP debugging Use the undo debugging vrrp command to disable VRRP debugging By default VRRP debugging is disabled Example Enable VRRP state debugging 3Com debugging vrrp state 1 1 2 display vrrp Syntax display vrrp interface Vlan interface valn id statistics Vlan interface vlan id virtual router id View Any view Pa...

Page 698: ...ndex and backup group ID are not specified the statistics about all the backup groups on the switch is displayed z If only the interface index is specified the statistics about all the backup groups on the interface is displayed z If both the interface index and backup group ID are specified the statistics about the specified backup group on the interface is displayed Example Display the statistic...

Page 699: ...of the occasions where the switch operates as the master Priority Zero Pkts Rcvd Number of the received advertisement packets with the priority of 0 Advertise Rcvd Number of the received advertisement packets Priority Zero Pkts Sent Number of the sent advertisement packets with the priority of 0 Invalid Type Pkts Rcvd Number of packet type errors 1 1 3 reset vrrp statistics Syntax reset vrrp stati...

Page 700: ...hentication key When you specify authentication type to be simple the authentication key can contain up to eight characters When you specify authentication type to be md5 the authentication key can be a string comprising up to eight characters in plain text or a 24 character encrypted string Description Use the vrrp authentication mode command to specify the authentication type and the authenticat...

Page 701: ...p method command to map the MAC address of a backup group to the virtual router IP addresses You can map the actual or virtual MAC address of a Layer 3 switch routing interface to virtual router IP addresses Use the undo vrrp method command to restore the default map settings By default the virtual MAC address of a backup group is mapped to the IP address of the virtual router Note that as the map...

Page 702: ...g operations destined for its virtual router IP address Use the undo vrrp ping enable command to revert to the default By default a backup group does not respond to ping operations destined for its virtual router IP address As these two commands are invalid to switches in backup groups use them before you create a backup group Example Enable a backup group to respond to ping operations destined fo...

Page 703: ...h operating in preemptive mode will become the master switch when it finds its priority is higher than that of the current master switch and the former master switch becomes a backup switch accordingly You can configure an Switch 7750 series switch to operate in preemptive mode You can also set the delay period A backup switch waits for a period of time the delay period before becoming a master sw...

Page 704: ...priority to be set This argument ranges from 1 to 254 Description Use the vrrp vrid priority command to set the priority of a switch in a backup group Use the undo vrrp vrid priority command to revert to the default priority By default the priority of a switch in a backup group is 100 Switch priority determines the possibility for the switch to become a master switch A switch with larger priority ...

Page 705: ...ckup group to send VRRP packets Use the undo vrrp vrid timer advertise command to revert to the default interval Note that configuration error occurs if switches of the same backup group are configured with different adver interval values By default the interval for the master switch in a backup group to send VRRP packets is 1 second Example Set the interval for the master switch to send VRRP pack...

Page 706: ...e related command you can track an interface Ethernet port When a tracked VLAN interface Ethernet port goes down the priority of the switch owning the interface port will reduce automatically by a specified value the value reduced argument If the switches with their priorities higher than that of the current master switch exist in the backup group a new master switch will be then determined Note z...

Page 707: ...create a backup group You can add up to 16 virtual router IP addresses to a backup group The undo vrrp vrid virtual ip command can also be used to remove an existing backup group A backup group is removed if all the virtual router IP addresses configured for it are removed Note that the virtual router IP address and the IP addresses used by the member switches in a backup group must belong to the ...

Page 708: ...3Com Switch 7750 Series Command Reference Guide VRRP HA Chapter 1 VRRP Configuration Commands 1 12 Remove a backup group 3Com Vlan interface2 undo vrrp vrid 1 ...

Page 709: ...tion Use the display switchover state command to display the backup status of master slave board This command displays the backup state of master slave board according to the specified slot number If the slot id is not specified the status of master board will be displayed Example Display the status of master board 3Com display switchover state HA FSM State master Slave is absent 2 1 2 slave auto ...

Page 710: ...ed Related command slave update configuration Example Enable automatic synchronization between master slave systems 3Com system view System View return to User View with Ctrl Z 3Com slave auto update config 2 1 3 slave restart Syntax slave restart View User view Parameter None Description Use the slave restart command to restart the slave board When the application of the backup system operates un...

Page 711: ...the new master board and controls the system and the original master board restarts automatically Example Perform master slave switchover manually 3Com slave switchover Caution Confirm switch slave to master Y N y Starting RAM Line OK 2 1 5 slave update configuration Syntax slave update configuration View User view Parameter None Description Use the slave update configuration command to synchronis...

Page 712: ...750 Series Command Reference Guide VRRP HA Chapter 2 HA Configuration Commands 2 4 Now saving the current configuration to the slave board Please wait The configuration has been saved to the slave board successfully ...

Page 713: ...1 3 1 1 5 arp proxy source vlan enable 1 3 1 1 6 arp source suppression limit 1 4 1 1 7 arp static 1 5 1 1 8 arp timer aging 1 6 1 1 9 display arp 1 7 1 1 10 display arp 1 8 1 1 11 display arp entry limit 1 9 1 1 12 display arp interface 1 10 1 1 13 display arp proxy 1 11 1 1 14 display arp slot 1 11 1 1 15 display arp source suppression 1 12 1 1 16 display arp vlan 1 12 1 1 17 display arp timer a...

Page 714: ...able a switch from creating multicast MAC address ARP entries for MAC addresses learned Use the undo arp check enable command to disable the ARP entry checking function In this case a switch creates multicast MAC address ARP entries for MAC addresses learned By default the ARP entry checking function is enabled Example Configure to create multicast MAC address ARP entries for MAC addresses learned...

Page 715: ... return to User View with Ctrl Z 3Com arp max entry 4096 1 1 3 arp max dynamic entry Syntax arp max dynamic entry number undo arp max dynamic entry number View Port view Parameter number Maximum number of dynamic ARP entries learnt by a port ranging from 0 to 8 192 Description Use the arp max dynamic entry command to set the maximum number of the dynamic ARP entries learnt by a port The value rang...

Page 716: ...nd to disable ARP proxy function With the arp proxy enable command configured a switch can realize the communication between hosts belong to different VLAN connected to the switch through its layer 3 forwarding function By default ARP proxy function is disabled Related command display arp proxy Example Enable ARP proxy for VLAN 2 interface 3Com system view System View return to User View with Ctrl...

Page 717: ...s Note that the incoming VLAN ARP function takes effect only after the ARP proxy function is enabled Related command arp proxy enable display arp proxy Example With ARP proxy enabled enable the incoming VLAN ARP proxy for VLAN 2 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 2 3Com Vlan interface2 arp proxy source vlan enable 1 1 6 arp source suppression...

Page 718: ...s of a type sent to the CPU at a time By default the maximum number of ARP packets sent to the CPU is related with the type of ARP packets z When total is adopted in the command the default value is 100 z When local is adopted in the command the default value is 3 When through is adopted in the command the default value is 3 When configuring each keyword make sure that the specified value of the t...

Page 719: ...ernet switch operates However an ARP mapping entry is removed if the corresponding VLAN is removed By default a dynamic ARP mapping entry remains valid for 20 minutes z As for the arp static command the value of the vlan id argument must be the ID of an existing VLAN and the port identified by the interface type and interface number arguments must belong to the VLAN Related command reset arp displ...

Page 720: ... timer aging 10 1 1 9 display arp Syntax display arp dynamic static ip address View Any view Parameter dynamic Displays dynamic ARP mapping entries static Displays static ARP mapping entries ip address IP address ARP mapping entries containing the IP address are to be displayed Description Use the display arp command to display specific ARP mapping entries If you execute this command with no keywo...

Page 721: ... 0 2 20 D 14 entries found Table 1 1 Description on the fields of the display arp command Field Description IP Address IP address contained in an ARP mapping entry MAC Address MAC address contained in an ARP mapping entry VLAN ID ID of the VLAN which an ARP mapping entry belongs to Port Name AL ID Index of the port which an ARP mapping entry belongs to Aging Aging time in minutes of a dynamic ARP ...

Page 722: ...rt Name AL ID Aging Type 192 168 0 77 0000 e8f5 6a4a 1 Ethernet1 0 2 12 D 1 entry found Display all the ARP entries that do not contain the string 68 3Com dis arp exclude 68 Type S Static D Dynamic IP Address MAC Address VLAN ID Port Name AL ID Aging Type 10 2 72 162 000a 000a 0aaa N A N A N A S 1 entry found Refer to Table 1 1 for the description on the above output information 1 1 11 display arp...

Page 723: ... of the port GigabitEthernet0 0 1 is 2048 The maximum dynamic ARP entry number of the port GigabitEthernet0 0 2 is 2048 The maximum dynamic ARP entry number of the port GigabitEthernet0 0 3 is 2048 The maximum dynamic ARP entry number of the port GigabitEthernet0 0 4 is 2048 The maximum dynamic ARP entry number of the port GigabitEthernet3 0 1 is 6000 1 1 12 display arp interface Syntax display ar...

Page 724: ...on Command Manual Description Use the display arp proxy command to display ARP proxy state enabled disabled Related command arp proxy enable Example Display ARP proxy state for VLAN 2 interface 3Com display arp proxy interface Vlan interface 2 Interface Vlan interface2 Proxy ARP status disabled 1 1 14 display arp slot Syntax display arp slot slot id View Any view Parameter slot id ID of a slot Des...

Page 725: ...play arp source suppression command to display the ARP source suppression configuration information about the current switch Example Display the ARP source suppression configuration information about the current switch 3Com display arp source suppression ARP suppression limit total 4294967295 ARP suppression limit local 3 ARP suppression limit through 3 1 1 16 display arp vlan Syntax display arp v...

Page 726: ...splay arp timer aging View Any view Parameter None Description Use the display arp timer aging command to display the setting of the ARP aging timer Related command arp timer aging Example Display the setting of the ARP aging timer 3Com display arp timer aging Current ARP aging time is 20 minute s default The displayed information shows that the ARP aging timer is set to 20 minutes 1 1 18 gratuito...

Page 727: ... the switch updates the ARP mapping entries using the sender hardware address carried in the gratuitous ARP packet If no ARP mapping entry in the cache matches the packet an ARP mapping entry corresponding to the packet is created Example Enable the gratuitous ARP packet learning function on the switch named 3ComA 3ComA system view System View return to User View with Ctrl Z 3ComA gratuitous arp l...

Page 728: ...3Com Switch 7750 Series Command Reference Guide ARP Chapter 1 ARP Configuration Commands 1 15 Example Clear static ARP mapping entries 3Com reset arp static ...

Page 729: ...hcp server ping 1 12 1 1 14 dhcp server static bind 1 13 1 1 15 display dhcp server conflict 1 14 1 1 16 display dhcp server expired 1 15 1 1 17 display dhcp server free ip 1 16 1 1 18 display dhcp server ip in use 1 17 1 1 19 display dhcp server statistics 1 18 1 1 20 display dhcp server tree 1 20 1 1 21 dns list 1 22 1 1 22 domain name 1 23 1 1 23 expired 1 24 1 1 24 gateway list 1 25 1 1 25 nbn...

Page 730: ...1 9 dhcp server ip 2 7 2 1 10 display dhcp security 2 7 2 1 11 display dhcp security tracker 2 8 2 1 12 display dhcp server 2 9 2 1 13 display dhcp server interface 2 11 2 1 14 reset dhcp server 2 11 Chapter 3 DHCP Snooping Configuration Commands 3 1 3 1 DHCP Snooping Configuration Commands 3 1 3 1 1 dhcp snooping 3 1 3 1 2 dhcp snooping trust 3 1 3 1 3 dhcp snooping information enable 3 2 3 1 4 d...

Page 731: ...iption Use the dhcp enable command to enable DHCP Use the undo dhcp enable command to disable DHCP By default DHCP is enabled You must first enable DHCP before performing other DHCP related configurations This configuration is necessary for both DHCP servers and DHCP relays Example Enable DHCP 3Com system view System View return to User View with Ctrl Z 3Com dhcp enable 1 1 2 dhcp select global Sy...

Page 732: ...onfigure the specified interface s or all interfaces to operate in global DHCP address pool mode Upon receiving a DHCP packet from a DHCP client through an interface operating in global DHCP address pool mode the DHCP server chooses an IP address from a global DHCP address pool of the local DHCP server and assigns the address to the DHCP client Use the undo dhcp select global command to restore th...

Page 733: ...terface address pool mode Upon receiving a DHCP packet from a DHCP client through an interface operating in interface address pool mode the DHCP server chooses an IP address from the interface address pool of the local DHCP server and assigns the address to the DHCP client Use the undo dhcp select interface command to restore the default DHCP packet processing mode By default an interface operates...

Page 734: ... in time and take proper measures Example Enable the private DHCP server detecting function 3Com system view System View return to User View with Ctrl Z 3Com dhcp server detect 1 1 5 dhcp server dns list Syntax VLAN interface view dhcp server dns list ip address 1 8 undo dhcp server dns list ip address all System view dhcp server dns list ip address 1 8 interface interface type interface number to...

Page 735: ...pool s of the specified interface s By default no DNS server IP address is configured for a DHCP interface address pool If you execute the dhcp server dns list command repeatedly the new configuration overwrites the previous one Related command dns list Example Configure the DNS server IP address 1 1 1 254 for the DHCP address pool of the VLAN interface 1 3Com system view System View return to Use...

Page 736: ... domain name command to remove the configured domain name By default no domain name is configured for the DHCP clients Related command domain name Example Set aabbcc com as the domain name of the DHCP client whose IP address is obtained from the DHCP address pool of the current VLAN interface 1 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 1 3Com Vlan i...

Page 737: ... Use the dhcp server expired command to configure the lease time of the IP addresses in the specified interface address pool s Use the undo dhcp server expired command to restore the default lease time The default lease time is one day Related command expired Example Set the lease time of the IP addresses in all interface address pools to be 1 day 2 hours and 3 minutes 3Com system view System View...

Page 738: ...assigned Note that the specified address range cannot contain statically bound addresses when you use the undo dhcp server forbidden ip command Related command dhcp server ip pool network static bind ip address and dhcp server static bind Example Forbid the IP addresses in the range 10 110 1 1 to 10 110 1 63 to be automatically assigned 3Com system view System View return to User View with Ctrl Z ...

Page 739: ...face type interface number to interface type interface number all undo dhcp server nbns list ip address all interface interface type interface number to interface type interface number all View System view VLAN interface view Parameter ip address 1 8 IP address of a NetBIOS server 1 8 means you can provide up to eight NetBIOS server IP addresses When inputting more than one NetBIOS server IP addre...

Page 740: ...S server IP address 10 12 1 99 for all the DHCP interface address pools 3Com system view System View return to User View with Ctrl Z 3Com dhcp server nbns list 10 12 1 99 all 1 1 11 dhcp server netbios type Syntax VLAN interface view dhcp server netbios type b node h node m node p node undo dhcp server netbios type System view dhcp server netbios type b node h node m node p node interface interfac...

Page 741: ...server netbios type command to restore the default NetBIOS node type By default no NetBIOS node type is specified and the default NetBIOS node type is h node Related command netbios type and dhcp server nbns list Example Specify p node as the NetBIOS node type of the DHCP clients whose IP addresses are from the DHCP address pool of VLAN interface 1 3Com system view System View return to User View ...

Page 742: ... more than one IP address separate two neighboring IP addresses with a space interface interface type interface number to interface type interface number Specifies the interface s through which you can specify the corresponding interface address pools all Specifies all interface address pools Description Use the dhcp server option command to customize DHCP options for the specified DHCP interface ...

Page 743: ...erver ping command to restore the default settings Example Set the maximum number of the packets the DHCP server sends in a ping test to 10 and the timeout time of each packet to 500 milliseconds 3Com system view System View return to User View with Ctrl Z 3Com dhcp server ping packets 10 1 1 14 dhcp server static bind Syntax dhcp server static bind ip address ip address mac address mac address un...

Page 744: ...nd the IP address 10 1 1 1 to the MAC address 0000 e03f 0305 Assume that the interface address pool of VLAN interface 1 already exists and the IP address belongs to the address pool 3Com system view System View return to User View with Ctrl Z 3Com interface vlan interface 1 3Com Vlan interface1 dhcp server static bind ip address 10 1 1 1 mac address 0000 e03f 0305 1 1 15 display dhcp server confli...

Page 745: ...e of an address pool If you do not provide this argument this command applies to all global address pools interface interface type interface number Specifies a VLAN interface If you do not specify a VLAN interface this command applies to all VLAN interfaces all Specifies all DHCP address pools Description Use the display dhcp server expired command to display the lease expiration information about...

Page 746: ...rmation about the expired IP addresses of interface address pools IP address Bound IP addresses Hardware address MAC addresses to which IP addresses are bound Lease expiration The time when a lease time expires Type Address binding type 1 1 17 display dhcp server free ip Syntax display dhcp server free ip View Any view Parameter None Description Use the display dhcp server free ip command to displ...

Page 747: ...and applies to all global address pools interface interface type interface number Specifies a VLAN interface If you do not specify a VLAN interface this command applies to all VLAN interfaces all Specifies all address pools Description Use the display dhcp server ip in use command to display the address binding information of one IP address the specified DHCP address pool s or all DHCP address poo...

Page 748: ... IP address Bound IP address Hardware address MAC address to which the IP address is bound Lease expiration Time when the lease expires Type Address binding type 1 1 19 display dhcp server statistics Syntax display dhcp server statistics View Any view Parameter None Description Use the display dhcp server statistics command to display the statistics on a DHCP server Related command reset dhcp serv...

Page 749: ...le 1 4 Description on the fields of the display dhcp server statistics command Field Description Global Pool Statistics about global address pools Interface Pool Statistics about interface address pools Pool Number Number of address pools Auto Number of the automatically bound IP addresses Manual Number of the manually bound IP addresses Expire Number of the expired IP addresses Boot Request 6 Dhc...

Page 750: ...ool name argument a string of 1 to 35 characters is the name of an address pool If you do not provide this argument this command applies to all global address pools interface interface type interface number Specifies a VLAN interface If you do not specify a VLAN interface this command applies to all VLAN interfaces all Specifies all address pools Description Use the display dhcp server tree comman...

Page 751: ...bling node 5 option 10 ip address 255 0 0 0 gateway list 2 2 2 2 dns list 1 1 1 1 domain name 444444 nbns list 3 3 3 3 expired 1 0 0 Table 1 5 Description on the fields of the display dhcp server tree command Field Description Global pool Information about global address pools Interface pool Information about interface address pools Pool name Address pool name network Assignable IP address range s...

Page 752: ...he information about the next sibling address pool of the current address pool The order of sibling address pools are determined by the time when they are configured PrevSibling node Displays the information about the previous sibling address pool of the current address pool option Customized DHCP options expired The address lease time in terms of number of days hours and minutes gateway list List...

Page 753: ...ool Use the undo dns list command to remove one or all DNS server IP addresses configured for the DHCP address pool By default no DNS server IP address is configured If you execute the dns list command repeatedly the new configuration overwrites the previous one Related command dhcp server dns list and dhcp server ip pool Example Configure the DNS server IP address 1 1 1 254 for global DHCP addres...

Page 754: ...ver ip pool 0 3Com dhcp pool 0 domain name mydomain com 1 1 23 expired Syntax expired day day hour hour minute minute unlimited undo expired View DHCP address pool view Parameter day day Specifies the number of days The day argument ranges from 0 to 365 hour hour Specifies the number of hours The hour argument ranges from 0 to 23 minute minute Specifies the number of minutes The minute argument ra...

Page 755: ...es When inputting more than one IP address separate two neighboring IP addresses with a space all Specifies all configured gateway IP addresses Description Use the gateway list command to configure one or multiple gateway IP addresses for the DHCP clients of a DHCP address pool Use the undo gateway list command to remove one or all the configured gateway IP addresses configured for the DHCP addres...

Page 756: ... or multiple NetBIOS server IP addresses for the DHCP clients of a global DHCP address pool Use the undo nbns list command to remove one or all NetBIOS server IP addresses configured for the DHCP clients By default no NetBIOS server IP address is configured If you execute the nbns list command repeatedly the new configuration overwrites the previous one Related command dhcp server ip pool dhcp ser...

Page 757: ...e the netbios type command to configure the DHCP clients of a global address pool to be of specified NetBIOS node type Use the undo netbios type command to restore the default NetBIOS node type By default no NetBIOS node type is specified In this case the client uses h node Related command dhcp server ip pool dhcp server netbios type and nbns list Example Configure the DHCP clients of the global D...

Page 758: ... pool and dhcp server forbidden ip Example Configure the dynamically assigned IP address range 192 168 8 0 24 for the global DHCP address pool 0 3Com system view System View return to User View with Ctrl Z 3Com dhcp server ip pool 0 3Com dhcp pool 0 network 192 168 8 0 mask 255 255 255 0 1 1 28 option Syntax option code ascii ascii string hex hex string 1 10 ip address ip address 1 8 undo option c...

Page 759: ...rites the previous one Related command dhcp server ip pool and dhcp server option Example Configure option 100 to be 0x11 and 0x22 for the global DHCP address pools 3Com system view System View return to User View with Ctrl Z 3Com dhcp server ip pool 0 3Com dhcp pool 0 option 100 hex 11 22 1 1 29 reset dhcp server conflict Syntax reset dhcp server conflict all ip ip address View User view Paramete...

Page 760: ...address pools ip ip address Clears the dynamic address binding information about a specified IP address pool pool name Clears the dynamic address binding information about a specified address pool The pool name argument a string of 1 to 35 characters is the name of an address pool If you do not provide this argument this command clears the dynamic address binding information about all global addre...

Page 761: ...specify the mask length or mask argument the default subnet mask is used mask mask Subnet mask of the specified IP address If you do not specify the mask length or mask argument the default subnet mask is used Description Use the static bind ip address command to specify an IP address which will be bound statically to a MAC address Use the undo static bind ip address command to remove a statically...

Page 762: ...e bound You need to provide this argument in the form of H H H Description Use the static bind mac address command to specify a MAC address to which an IP address will be bound statically Use the undo static bind mac address command to remove such a MAC address By default no such MAC address is specified Note that z The static bind ip address command must be used together with the static bind mac ...

Page 763: ...DHCP Chapter 1 DHCP Server Configuration Commands 1 33 System View return to User View with Ctrl Z 3Com dhcp server ip pool 0 3Com dhcp pool 0 static bind ip address 10 1 1 1 mask 255 255 255 0 3Com dhcp pool 0 static bind mac address 0000 e03f 0305 ...

Page 764: ...he address checking function of the DHCP relay Use the address check disable command to disable the address checking function of the DHCP relay By default the address checking function of the DHCP relay is disabled on a VLAN interface Example Enable the address checking function of the DHCP relay on VLAN interface 1 3Com system view System View return to User View with Ctrl Z 3Com interface vlan i...

Page 765: ...cify the clients as freely connected hosts By default the dynamic entries generated by the DHCP relay are valid Only valid entries can pass DHCP security check This configuration will take effect only after the address checking function of the DHCP relay on the VLAN interface is enabled Example Invalidate the dynamic entries generated by the DHCP relay 3Com system view System View return to User V...

Page 766: ... not allow freely connected clients to pass DHCP security check on VLAN interface 1 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 1 3Com Vlan interface1 address check enable 3Com Vlan interface1 address check no matched enable 2 1 4 dhcp relay information enable Syntax dhcp relay information enable undo dhcp relay information enable View System view Par...

Page 767: ... that carry option 82 unchanged replace Specifies to replace the option 82 carried by a DHCP request packet with that of the DHCP relay Description Use the dhcp relay information strategy command to instruct a DHCP relay to perform specified operations to DHCP request packets that carry option 82 Use the undo dhcp relay information strategy command to instruct a DHCP relay to perform the default o...

Page 768: ...d to configure a static user address entry Use the undo dhcp security command to remove one or all user address entries or all user address entries of a specified type Related Command display dhcp security Example Configure a user address entry for the DHCP server group with the user IP address being 1 1 1 1 and the user MAC address being 0005 5D02 F2B3 3Com system view System View return to User ...

Page 769: ...refresh interval to 100 seconds 3Com system view System View return to User View with Ctrl Z 3Com dhcp security tracker 100 2 1 8 dhcp server Syntax dhcp server groupNo undo dhcp server View VLAN interface view Parameter groupNo DHCP server group number This argument ranges from 0 to 19 Description Use the dhcp server command to map the current VLAN interface to a DHCP server group Use the undo dh...

Page 770: ...IP address es in a specified DHCP server group Use the undo dhcp server command to remove all DHCP server IP addresses in a DHCP server group Related command dhcp server and display dhcp server Example Configure three DHCP server IP addresses 1 1 1 1 2 2 2 2 and 3 3 3 3 for DHCP server group 1 so that this group contains three DHCP servers server 1 server 2 and server 3 3Com system view System Vie...

Page 771: ... group 3Com display dhcp security IP Address MAC Address IP Address Type 2 2 2 3 0005 5d02 f2b2 Static 3 3 3 3 0005 5d02 f2b3 Dynamic 2 dhcp security item s found Table 2 1 Description on the fields of the display dhcp security command Field Description IP Address IP address of a user of the DHCP server group MAC Address MAC address of the user of the DHCP server group IP Address Type Type of the ...

Page 772: ...d command dhcp server ip dhcp server and display dhcp server interface vlan interface Example Display information about DHCP server group 0 3Com display dhcp server 0 IP address of DHCP server group 0 1 1 1 1 IP address of DHCP server group 0 2 2 2 2 IP address of DHCP server group 0 3 3 3 3 IP address of DHCP server group 0 4 4 4 4 IP address of DHCP server group 0 5 5 5 5 IP address of DHCP serv...

Page 773: ...p Messages from clients to this server group Number of the packets received from the DHCP clients Messages from this server group to clients Number of the packets sent to the DHCP clients DHCP_OFFER messages Number of the received DHCP OFFER packets DHCP_ACK messages Number of the received DHCP ACK packets DHCP_NAK messages Number of the received DHCP NAK packets DHCP_DECLINE messages Number of th...

Page 774: ... and display dhcp server Example Display information about the DHCP server group to which VLAN 2 interface is mapped 3Com display dhcp server interface vlan interface 2 The DHCP server group of this interface is 2 The above display information indicates the VLAN 2 interface is mapped to DHCP server group 0 2 1 14 reset dhcp server Syntax reset dhcp server groupNo View User view Parameter groupNo D...

Page 775: ...3Com Switch 7750 Series Command Reference Guide DHCP Chapter 2 DHCP Relay Configuration Commands 2 12 Example Clear the statistics information of DHCP server group 2 3Com reset dhcp server 2 ...

Page 776: ...n Use the dhcp snooping command to enable the DHCP snooping function so as to allow the switch to listen to the DHCP broadcast packets Use the undo dhcp snooping command to disable the DHCP snooping function By default the DHCP snooping function is disabled Related command display dhcp snooping Example Enable the DHCP snooping function 3Com system view System View return to User View with Ctrl Z 3...

Page 777: ... DHCP servers or ports of other switches Untrusted ports can be used to connect DHCP clients or networks z Trusted ports forward any received DHCP packets to ensure that DHCP clients can obtain IP addresses from valid DHCP servers Untrusted ports discard the DHCP ACK and DHCP OFF responses received from DHCP servers z By default all the ports of a switch are untrusted ports Related command display...

Page 778: ... to User View with Ctrl Z 3Com dhcp snooping information enable DHCP snooping option 82 is enabled globally 3 1 4 display dhcp snooping Syntax display dhcp snooping View Any view Parameter None Description Use the display dhcp snooping command to display the IP MAC mapping relations recorded by the DHCP snooping enabled switch Related command dhcp snooping Example Display the IP MAC mapping relati...

Page 779: ... Related command dhcp snooping trust Example Display the state of the DHCP snooping function and the trusted ports 3Com display dhcp snooping trust DHCP Snooping is enabled DHCP Snooping trust become effective Interface Trusted Ethernet3 0 3 Trusted The above information indicates that the Ethernet3 0 3 port is a trusted port 3 1 6 display dhcp snooping vlan Syntax display dhcp snooping vlan vlan ...

Page 780: ...s assigned Type D Dynamic S Static Type IP Address MAC Address Lease VLAN Interface D 3 3 3 2 0012 3f83 6eef 0 2 Ethernet3 0 1 1 dhcp snooping item s found 3 1 7 reset dhcp snooping Syntax reset dhcp snooping ip address View User view Parameter ip address Clears the IP MAC mapping relations recorded by the DHCP Snooping enabled switch Description Use the reset dhcp snooping command to clear the sp...

Page 781: ...acl config 1 4 1 1 5 display acl config statistics 1 5 1 1 6 display acl mode 1 5 1 1 7 display acl order 1 6 1 1 8 display acl remaining entry 1 6 1 1 9 display acl running packet filter 1 8 1 1 10 display time range 1 8 1 1 11 packet filter 1 10 1 1 12 reset acl counter 1 13 1 1 13 rule Basic ACL 1 14 1 1 14 rule Advanced ACL 1 15 1 1 15 rule Layer 2 ACL 1 21 1 1 16 rule user defined ACL 1 24 1 ...

Page 782: ...of an access control list ACL in the range of 2 000 to 2 999 identifies basic ACLs 3 000 to 3 999 identifies advanced ACLs 4 000 to 4 999 identifies layer 2 ACLs 5 000 to 5 999 identifies user defined ACLs name acl name Character string which must be started with an English letter i e a z or A Z and there should not be a space or quotation mark in it case insensitive key word all is not allowed to...

Page 783: ...e ones You can use the match order keyword to specify whether to use the configured order or depth first order rules with smaller ranges are matched first to match rules If neither match orders are specified the configured match order will be adopted You cannot modify the match order for an ACL once you have specified it unless you delete all the entries of the ACL and specify the match order over...

Page 784: ...form traffic classification based on Layer 3 information 3Com system view System View return to User View with Ctrl Z 3Com acl mode ip based 1 1 3 acl order Syntax acl order auto first config first match last config first match View System view Parameter auto Specifies the ACL rules sent to a port are match according to the depth first order first config first match Specifies the ACL rules sent to...

Page 785: ...l number Sequence number of the ACL to be displayed It can be a number chosen from 2000 5999 acl name Name of the ACL to be displayed It is a case insensitive character string started with an English letter a z or A Z and there should not be a space or quotation mark in it the all keyword is not allowed to use in it Description Using the display acl config command you can view the detailed configu...

Page 786: ...config statistics to display the statistics of the current configured ACL rules including the basic advanced Layer 2 and user defined ACL rules number and the total number of ACL rules configured by the system Example Display statistics information about the current configured ACL rules 3Com display acl config statistics The configured rule statistics Basic rule s 5 Advanced rule s 132 Link rule s...

Page 787: ...urrent acl mode ip based 1 1 7 display acl order Syntax display acl order View Any view Parameter None Description Use the display acl order command to display the match order of the ACL rules sent to a port Example Display the match order of ACL rules sent to a port 3Com display acl order the current order is auto 1 1 8 display acl remaining entry Syntax display acl remaining entry slot slot numb...

Page 788: ...Number Number Number Number Port Name Port Name MASK 16 6 1 9 GE3 0 1 GE3 0 1 RULE 128 17 1 110 GE3 0 1 GE3 0 1 METER 128 11 1 116 GE3 0 1 GE3 0 1 COUNTER 128 14 1 113 GE3 0 1 GE3 0 1 MASK 16 6 1 9 GE3 0 2 GE3 0 2 RULE 128 17 1 110 GE3 0 2 GE3 0 2 METER 128 11 1 116 GE3 0 2 GE3 0 2 COUNTER 128 14 1 113 GE3 0 2 GE3 0 2 Table 1 1 Description on the fields of the display acl remaining entry slot comm...

Page 789: ...isplay acl running packet filter command to view the information of the activated ACL The displayed content includes the interface on which ACL is activated the activation direction ACL name ACL rule number and activation status Example Display the information of the activated ACL of all interfaces 3Com display acl running packet filter all Ethernet3 0 1 Inbound Acl 2000 rule 0 running 1 1 10 disp...

Page 790: ...and time range Example Display all time ranges 3Com display time range all Current time is 14 36 36 4 3 2003 Thursday Time range hhy Inactive from 08 30 2 5 2005 to 18 00 2 19 2005 Time range hhy1 Inactive from 08 30 2 5 2003 to 18 00 2 19 2003 Table 1 2 Description on the fields of the display time range command Field Description Current time is 14 36 36 4 3 2003 Thursday System time Time range h...

Page 791: ...ex not care for interface undo packet filter inbound outbound acl rule not care for interface II The command line format for the cards except A type ones packet filter inbound acl rule system index undo packet filter inbound acl rule Note Combined activating of IP ACL and Link ACL is supported by the cards except A type ones But the sum of the bytes number defined by IP ACL and that defined by the...

Page 792: ... simultaneously ip group acl number acl name rule rule id link group acl number acl name rule rule id Table 1 5 Combined application of ACLs on service board other than A type Combination mode Form of acl rule Apply all rules in an IP type ACL separately ip group acl number acl name Apply one rule in an IP type ACL separately ip group acl number acl name rule rule id Apply all rules in a link type...

Page 793: ...x value which is used when an ACL rule is applied to the port The index value ranges from 0 to 4294 967 295 This keyword is only available when the ACL rule number is specified in the command After the specified ACL takes effect there are three scenarios when you input the index value z If you do not input an index value or the index value you input is 0 the system will automatically assign an ind...

Page 794: ...ounter Syntax reset acl counter all acl number acl name View User view Parameter all All ACLs including those identified by a number or a name acl number The sequence number of an ACL ranging from 2000 3999 acl name ACL name a case insensitive character string which must start with an English letter a z or A Z and there should not be a space or quotation mark in it key word all is not allowed to u...

Page 795: ...eny Drops packets that satisfy the condition permit Permits packets that satisfy the condition to pass fragment Specifies that the rule takes effect on non initial fragment packets source sour addr sour wildcard any Specifies the source address information in the rule sour addr is used to specify the source IP address of the packet expressed in dotted decimal notation sour wildcard is used to spec...

Page 796: ...ny existing rule otherwise the rule modification or creation will fail and the system will prompt that the rule already exists If you do not specify a rule ID you will create and define a new rule and the system will assign an ID for the rule automatically Note The ACL rule configured with the fragment keyword can not be applied to the A type card Example Define a rule to deny the packets whose so...

Page 797: ...ifies the source address information in the rule sour addr sour wildcard is used to specify the source address of the packet expressed in dotted decimal notation any represents any source address destination dest addr dest wildcard any Destination address information Specifies the destination address information in the rule dest addr dest wildcard is used to specify the destination address of the ...

Page 798: ... IP address To define DSCP priority you can directly input a value ranging from 0 to 63 or input a keyword listed in Table 1 9 Table 1 9 Description of DSCP values Keyword DSCP value in decimal DSCP value in binary ef 46 101110 af11 10 001010 af12 12 001100 af13 14 001110 af21 18 010010 af22 20 010100 af23 22 010110 af31 26 011010 af32 28 011100 af33 30 011110 af41 34 100010 af42 36 100100 af43 38...

Page 799: ...inary routine 0 000 priority 1 001 immediate 2 010 flash 3 011 flash override 4 100 critical 5 101 internet 6 110 network 7 111 To define the ToS value you can directly input a value ranging from 0 to 15 or input a keyword listed in the following table Table 1 11 Description of ToS value Keyword ToS value in decimal ToS value in binary normal 0 0000 min monetary cost 1 0001 max reliability 2 0010 ...

Page 800: ...ed with name s or numerals when expressed with numerals the value range is 0 to 65 535 established TCP connection established flag Specifies that the rule will match TCP connection packets with the ack or rst flag TCP specific argument Note Only the A type card supports the range operation on the TCP UDP port If the protocol type is ICMP you can also define the following information Table 1 13 ICM...

Page 801: ... Type 3 Code 2 reassembly timeout Type 11 Code 1 source quench Type 4 Code 0 source route failed Type 3 Code 5 timestamp reply Type 14 Code 0 timestamp request Type 13 Code 0 ttl exceeded Type 11 Code 0 Description Use the rule command to define an ACL rule Use the undo rule command to delete an ACL rule or the attribute information of an ACL rule Before you can delete a rule you need to specify t...

Page 802: ...red with icmp type type code tos tos or fragment Example Define a rule to permit packets from hosts in the network segment of 129 9 0 0 to hosts in the network of 202 38 160 0 and with the port number of 80 to pass 3Com system view System View return to User View with Ctrl Z 3Com acl number 3101 3Com acl adv 3101 rule permit tcp source 129 9 0 0 0 0 255 255 destination 202 38 160 0 0 0 0 255 desti...

Page 803: ... VLAN ID in the range of 1 to 4 094 dest dest addr dest mask Destination MAC address information Specifies the destination MAC address range in the rule dest addr destination MAC address in the format of H H H dest mask destination MAC address mask in the format of H H H cos vlan pri Priority Defines the 802 1p priority of the rule vlan pri VLAN priority in the range of 0 to 7 time range time name...

Page 804: ...ify the rule ID when defining a rule z If the rule corresponding to the specified rule ID already exists you will edit the rule and the modified part in the rule will replace the original content while other parts remain unchanged z If the rule corresponding to the specified rule ID does not exists you will create and define a new rule z The content of a modified or created rule must not be identi...

Page 805: ...the same with that of rule string offset Mask offset of the rule It specifies a byte through its offset from the packet header in the packet as the starting point to perform logical AND operations It ranges from 0 to 79 bytes and the maximum value becomes one byte less when the value of rule string and rule mask has two more characters For example when rule string and rule mask contains two charac...

Page 806: ...e rule automatically Note Only cards other than A type ones support the user defined ACL Example Define a rule to forbid all TCP packets to pass through 3Com system view System View return to User View with Ctrl Z 3Com time range t1 18 00 to 23 00 sat 3Com acl number 5001 3Com acl user 5001 rule 25 deny 06 ff 35 time range t1 1 1 17 time range Syntax time range time name start time to end time day...

Page 807: ...ete a time range Use the undo time range all command to delete all time ranges The time range defined by means of the time range command can include absolute time sections and periodic time sections start time and end time days of the week jointly define a periodic time section while start time start date and end time end date jointly define an absolute time section If only a periodic time section...

Page 808: ...3Com Switch 7750 Series Command Reference Guide ACL Chapter 1 ACL Commands 1 27 3Com time range test from 0 0 2000 1 1 ...

Page 809: ...y qos interface traffic priority 1 7 1 1 9 display qos interface traffic red 1 8 1 1 10 display qos interface traffic redirect 1 9 1 1 11 display qos interface traffic remark vlanid 1 9 1 1 12 display qos interface traffic statistic 1 10 1 1 13 inboundcar 1 11 1 1 14 line rate 1 12 1 1 15 priority 1 13 1 1 16 priority trust 1 14 1 1 17 qos 1 15 1 1 18 qos cos local precedence map 1 17 1 1 19 queue...

Page 810: ...ameter None Description Use the display priority trust command to display the priority type according to which the switch puts a packet into an output queue on a port Related command priority trust Example Display the queue scheduling mode and the related parameters 3Com display priority trust Priority trust mode local precedence The information above shows that the switch put a packet into an out...

Page 811: ...xample Display the COS to local precedence mapping table 3Com display qos cos local precedence map cos local precedence map cos 0 1 2 3 4 5 6 7 local precedence 2 0 1 3 4 5 6 7 1 1 3 display qos interface all Syntax display qos interface interface type interface number all View Any view Parameter interface type interface number Port index Description Use the display qos interface all command to vi...

Page 812: ...y qos interface all GigabitEthernet0 0 1 Queue scheduling mode strict priority COS configuration Config max queues 8 Schedule mode strict Egress port queue statistics in bytes Priority CosQ Threshold Count Used 0 2 18432 0 0 1 3 2560 0 0 2 4 2560 0 0 3 1 2560 0 0 4 7 2560 0 0 5 0 2560 0 0 6 5 2560 0 0 7 6 2560 0 0 common queue statistics in bytes 49152 0 0 GigabitEthernet0 0 2 Queue scheduling mod...

Page 813: ...w the rate limit configuration for the outbound direction of the specified port Example Display the rate limit configuration of a specific port 3Com display qos interface line rate GigabitEthernet1 0 2 line rate Line rate 3072 kbps E GigabitEthernet1 0 4 line rate Line rate 5120 kbps Table 1 1 Description on the fields of the display qos interface line rate command Field Description GigabitEtherne...

Page 814: ... mode parameter of GigabitEthernet1 0 1 3Com display qos interface gigabitethernet 1 0 1 queue scheduler GigabitEthernet1 0 1 Queue scheduling mode weighted round robin weight of queue 1 10 weight of queue 2 5 weight of queue 3 10 weight of queue 4 10 weight of queue 5 5 weight of queue 6 10 weight of queue 7 5 weight of queue 8 10 COS configuration Config max queues 8 Schedule mode weighted round...

Page 815: ...e the display qos interface traffic bandwidth command to view the configuration information of the bandwidth guarantee Related command traffic bandwidth Example Display the parameters of traffic limit 3Com display qos interface traffic bandwidth Ethernet1 0 1 traffic bandwidth Outbound Matches Acl 2000 rule 0 running Minimum guaranteed bandwidth 64 Kbps Maximum available bandwidth 128 Kbps Bandwid...

Page 816: ...limit configuration 3Com display qos interface traffic limit GigabitEthernet1 0 1 traffic limit Inbound Matches Acl 3000 rule 1 running Target rate 20480 Kbps Exceed action remark dscp 4 1 1 8 display qos interface traffic priority Syntax display qos interface interface type interface number traffic priority View Any view Parameter interface type interface number Port index Description Use the dis...

Page 817: ...ace interface type interface number traffic red View Any view Parameter interface type interface number Port index Description Use the display qos interface traffic red command to view the configuration of the RED operation Related command traffic red Example Display the configuration of traffic red 3Com display qos interface traffic red Ethernet1 0 1 traffic red Outbound Matches Acl 2000 rule 0 r...

Page 818: ...e displayed content includes the corresponding ACLs of the traffics to be redirected and the port to which the traffic is redirected Related command traffic redirect Example Display the configuration of traffic redirect 3Com display qos interface traffic redirect GigabitEthernet1 0 1 traffic redirect Inbound Matches Acl 2002 rule 0 running Redirected to interface GigabitEthernet1 0 8 1 1 11 displa...

Page 819: ...et1 0 1 traffic remark vlanid Inbound Matches Acl 3000 rule 3 running RemarkVlanId action remark vlan 25 1 1 12 display qos interface traffic statistic Syntax display qos interface interface type interface number traffic statistic View Any view Parameter interface type interface number Port index Description Use the display qos interface traffic statistic command to view the traffic statistics inf...

Page 820: ...effect only after you restart the switch When the inbound CAR function is enabled and the same ACL rules are sent to the different ports they are treated as different rules thus seizing multiple entries If you enable the CAR function for the traffic matching the same rule on multiple ports the switch provides guaranteed bandwidth to the traffic matching the CAR rule on each port When the inbound C...

Page 821: ... function on the switch 3Com system view 3Com inboundcar enable 1 1 14 line rate Syntax line rate kbps target rate undo line rate View QoS view Parameter kbps Specifies the limit rate to be measured in kbps target rate Total limit rate of all the packets sent by the port If the kbps keyword is specified the rate is measured in kbps in the range of 64 to 1 024 000 with the granularity being 64 If t...

Page 822: ...alue of the port ranging from 0 to 7 Description Use the priority command to configure the priority of the Ethernet port Use the undo priority command to restore the default priority of the Ethernet port By default the priority of a port is 0 If the switch receives a packet without VLAN tags the switch will tag the packet with the default VLAN of the port receiving the packet In this case the swit...

Page 823: ...iption Use the priority trust command to specify the priority according to which the switch puts a packet into the output queue on a port By default the switch puts a packet into the output queue on a port according to the local precedence of the packet The switch ports support eight output queues with different levels of precedence The higher the precedence is the earlier it will be delivered The...

Page 824: ...edence value ranges from 0 to 7 The packet whose precedence value is 0 is put into queue 0 and so on You can choose the corresponding packet precedence as the basis for putting a packet into an output queue on a port as required Example Specify the switch to put a packet into an output queue according to the DSCP precedence of the packet 3Com system view 3Com priority trust dscp 1 1 17 qos Syntax ...

Page 825: ...uit Exit from current command view reset Reset operation return Exit to User View tracert Trace route function traffic limit Limit the rate of the packets traffic priority Specify new priority of the packets traffic redirect Redirect the packets traffic remark vlanid Remark vlan ID of the packets traffic statistic Count the packets undo Cancel current setting Enter QoS view of a type A LPU and que...

Page 826: ...rec undo qos cos local precedence map View System view Parameter cos0 map local prec Local precedence to which the CoS 0 is to be mapped in the range of 0 to 7 cos1 map local prec Local precedence to which the CoS 1 is to be mapped in the range of 0 to 7 cos2 map local prec Local precedence to which the CoS 2 is to be mapped in the range of 0 to 7 cos3 map local prec Local precedence to which the ...

Page 827: ...dence map command to restore the default values The following is the default CoS to local precedence mapping table Table 1 2 Default CoS to local precedence mapping table CoS value Local precedence 0 2 1 0 2 1 3 3 4 4 5 5 6 6 7 7 Example Configure the CoS to local precedence mapping table 3Com system view 3Com qos cos local precedence map 0 1 2 3 4 5 6 7 The following is the configured CoS to loca...

Page 828: ...e7 weight queue8 weight undo queue scheduler View QoS view Parameter rr Adopts round robin RR algorithm strict priority Adopts strict priority SP scheduling wrr queue1 weight queue2 weight queue3 weight queue4 weight queue5 weight queue6 weight queue7 weight queue8 weight Adopts the weighted round robin WRR algorithm with the weight in the range of 0 to 15 Description Use the queue scheduler comma...

Page 829: ... interface GigabitEthernet1 0 1 3Com GigabitEthernet1 0 1 qos 3Com qosb GigabitEthernet1 0 1 queue scheduler wrr 10 5 10 10 5 10 5 10 1 1 20 reset traffic statistic Syntax I For type A LPUs reset traffic statistic inbound outbound acl rule system index II For non type A LPUs reset traffic statistic inbound acl rule system index Note LPUs support applying the combination of IP ACL rules and link AC...

Page 830: ...ACL separately link group acl number acl name rule rule id Apply a rule in an IP ACL and a rule in a Link ACL at the same time ip group acl number acl name rule rule id link group acl number acl name rule rule id Table 1 5 Non type A LPUs ways of applying combined ACLs ACL combination Form of the acl rule argument Apply all the rules in an IP ACL separately ip group acl number acl name Apply a rul...

Page 831: ...paces or quotation marks It is not sensitive to capitals rule id ID of an ACL rule in the range of 0 to 127 If the rule id argument is not specified the rule keyword refers to all the rules in the ACL system index Specifies an interior index value which is used when an ACL rule is applied to the port The index value ranges from 0 to 4294 967 295 This keyword is only available when the ACL rule num...

Page 832: ...manual for the introduction to the reset acl counter command reset traffic statistic Clear the traffic statistics This command is applicable to ACLs applied to the hardware of the switch for filtering and classifying traffic during data forwarding Generally this command is used to clear the statistics information obtained through the traffic statistic command Example Clear the statistics about tra...

Page 833: ...index value is not 0 but conflicts with the interior index used by the system the system will reassign an index value When the specified ACL rule is not effective the system will adopt the index value input by you min guaranteed bandwidth Minimum guaranteed bandwidth in kbps in the range of 0 to 8 388 608 It must be the multiple s of 64 max guaranteed bandwidth Maximum guaranteed bandwidth in kbps...

Page 834: ...rresponding traffic This command is applicable to only the permit rule Use the undo traffic bandwidth command to remove this function This configuration provides the minimum guaranteed bandwidth and maximum available bandwidth for the specific traffic Note that the maximum available bandwidth must be no smaller than the minimum guaranteed bandwidth Related command display qos interface traffic ban...

Page 835: ...kets received by the port outbound Performs traffic policing on the packets sent by the port acl rule Applied ACL which can be the combination of various ACL rules For the ways of type A LPUs to combine ACLs and the description on related parameters refer to Table 1 4 and Table 1 6 For the ways of non type A LPUs to combine ACLs and the description on related parameters refer to Table 1 5 and Tabl...

Page 836: ...packets sent on a port For type A LPUs the target rate argument is in the range of 64 to 8 388 608 in kbps with the granularity being 64 If the kbps keyword is not provided the target rate argument is in mbps in the range of 1 to 1 000 exceed action Optional The action is taken when the traffic exceeds the threshold Only type A LPUs support this keyword The action argument can be z drop Drops the ...

Page 837: ...ty inbound outbound acl rule system index dscp dscp value ip precedence pre value local precedence pre value undo traffic priority inbound outbound acl rule II For non type A LPUs traffic priority inbound acl rule system index dscp dscp value ip precedence pre value cos cos local precedence pre value undo traffic priority inbound acl rule Note LPUs support applying the combination of IP ACL rules ...

Page 838: ...not input an index value or the index value you input is 0 the system will automatically assign an index whose value is greater than 0 z If the input index value is not 0 and does not conflict with the interior index used by the system the system will adopt the index value input by you z If the input index value is not 0 but conflicts with the interior index used by the system the system will reas...

Page 839: ... 9 Description on IP precedence values Keyword IP Precedence decimal IP Precedence binary routine 0 000 priority 1 001 immediate 2 010 flash 3 011 flash override 4 100 critical 5 101 internet 6 110 network 7 111 cos cos Sets 802 1p priority The pre value argument ranges from 0 to 7 You can also enter the keywords in Table 1 10 Table 1 10 Description on 802 1p priority values Keyword 802 1p priorit...

Page 840: ...ty command to enable ACLs for remarking priority Use the undo traffic priority command to remove the function of remarking priority Related command display qos interface traffic priority Note Only the permit rule can be referenced in this command and applied to hardware Example Remark the local precedence of the packets matching the permit rule in ACL 2000 as 0 3Com system view 3Com interface Ethe...

Page 841: ... index used by the system the system will adopt the index value input by you z If the input index value is not 0 but conflicts with the interior index used by the system the system will reassign an index value When the specified ACL rule is not effective the system will adopt the index value input by you qstart Queue length where the system starts to drop packets at random in the range of 0 to 262...

Page 842: ...s 3Com qoss Ethernet1 0 1 traffic red outbound ip group 2000 64 128 20 1 1 25 traffic redirect Syntax traffic redirect inbound acl rule system index cpu interface interface type interface number undo traffic redirect inbound acl rule View QoS view Parameter inbound Performs traffic redirect on the packets received by the port outbound Performs traffic redirect on the packets sent by the port acl r...

Page 843: ...alue input by you cpu Redirects the traffic to the CPU interface interface type interface number Redirects the packets to the specified Ethernet port The interface type argument refers to the port type and the interface number argument refers to the port number Description Use the traffic redirect command to enable the ACL to identify and redirect the traffic This command is applicable to the perm...

Page 844: ...l VLAN tags acl rule Applied ACL rules which can be the combination of various ACL rules For the ways of combining ACLs and the description on related parameters refer to Table 1 11 and Table 1 12 Table 1 11 Ways of applying combined ACL rules ACL combination Form of the acl rule argument Apply all the rules in an IP ACL separately ip group acl number acl name Apply a rule in an IP ACL separately ...

Page 845: ... number acl name User defined ACL acl number ACL number in the range of 5 000 to 5 999 acl name ACL name which contains up to 32 characters It must start with English letters a to z or A to Z and cannot contain spaces or quotation marks It is not sensitive to capitals rule id ID of an ACL rule in the range of 0 to 127 If the rule id argument is not specified the rule keyword refers to all the rule...

Page 846: ...g the traffic based flexible QinQ function 3Com system view 3Com vlan 25 3Com vlan25 quit 3Com acl number 2000 3Com acl basic 2000 rule permit source 10 1 1 1 0 0 0 255 3Com acl basic 2000 quit 3Com interface Ethernet1 0 1 3Com Ethernet1 0 1 port access vlan 25 3Com Ethernet1 0 1 vlan vpn enable 3Com Ethernet1 0 1 qos 3Com qoss Ethernet1 0 1 traffic remark vlanid inbound ip group 2000 remark vlan ...

Page 847: ...ied ACL takes effect there are three scenarios when you input the index value z If you do not input an index value or the index value you input is 0 the system will automatically assign an index whose value is greater than 0 z If the input index value is not 0 and does not conflict with the interior index used by the system the system will adopt the index value input by you z If the input index va...

Page 848: ...he permit rule can be referenced in this command and applied to hardware Example Perform traffic statistics on the packets matching the permit rule in ACL 2000 3Com system view 3Com interface Ethernet1 0 1 3Com Ethernet1 0 1 qos 3Com qoss Ethernet1 0 1 traffic statistic inbound ip group 2000 ...

Page 849: ...y qos interface mirrored to 1 2 1 1 3 mirrored to 1 3 1 1 4 mirroring group 1 6 1 1 5 mirroring group only for recovery 1 7 1 1 6 mirroring group mirroring port 1 8 1 1 7 mirroring group mirroring slot 1 9 1 1 8 mirroring group monitor port 1 9 1 1 9 mirroring group monitor slot 1 10 1 1 10 mirroring group reflector port 1 11 1 1 11 mirroring group remote probe vlan 1 12 1 1 12 remote probe vlan 1...

Page 850: ... destination group for remote mirroring remote source The specified mirroring group is the source group for remote mirroring all All mirroring groups Description Use the display mirroring group command to display the parameter settings of a mirroring group Local mirroring group information includes z Group number z Group type local z Group status z Information about the source port of mirroring z ...

Page 851: ... 0 1 both monitor port GigabitEthernet1 0 4 1 1 2 display qos interface mirrored to Syntax display qos interface interface type interface number mirrored to View Any view Parameter interface type interface number Port of the switch If you enter this argument the switch will display the parameter settings of the specified port If not the switch will display the parameters settings of all ports Desc...

Page 852: ...ved on the port acl rule Applied ACL rules which can be the combination of different types of ACL rules Table 1 1 and Table 1 3 describe the ACL combinations on service board of A type and the corresponding parameter description Table 1 2 and Table 1 3 describe the ACL combinations on service boards other than A type and the corresponding parameter description Table 1 1 Combined application of ACL...

Page 853: ...ed ACL separately user group acl number acl name rule rule id Apply one rule in an IP type ACL and one rule in a Link type ACL simultaneously ip group acl number acl name rule rule id link group acl number acl name rule rule id Table 1 3 Parameters description of ACL combinations Parameter Description ip group acl number acl name Basic and advanced ACL acl number ACL number of basic and advanced A...

Page 854: ...used by the system the system will adopt the index value input by you z If the input index value is not 0 but conflicts with the interior index used by the system the system will reassign an index value When the specified ACL rule is not effective the system will adopt the index value input by you Interface interface type interface number reflector Mirrors traffic flows to specific port interface ...

Page 855: ... id local remote destination remote source undo mirroring group group id all local remote destination remote source View System view Parameter group id Group number of a mirroring group in the range of 1 to 20 local Specifies the mirroring group as a local mirroring group remote destination Specifies the mirroring group as the destination mirroring group for remote port mirroring remote source Spe...

Page 856: ...ype interface number means an Ethernet port and 1 8 means you can specify eight Ethernet ports or Ethernet port lists mirrored to monitor port Specifies the destination port Description Use the mirroring group command to configure a mirroring group Use the undo mirroring group command to cancel the configuration This command is only used to recover configurations You cannot execute the command act...

Page 857: ...means an Ethernet port and 1 8 means you can specify eight source ports or source port lists Note For a centralized LPU if multiple source ports are specified in remote port mirroring configuration all the source ports must be on the same LPU both Mirrors packets both received and sent via the port inbound Mirrors only packets received via the port outbound Mirrors only packets sent via the port D...

Page 858: ...e the mirroring source LPU Use the undo mirroring group mirroring slot command to remove the mirroring source LPU Example Specify the LPU residing in slot 3 as the mirroring source LPU and mirror all the packets received on the LPU 3Com system view System View return to User View with Ctrl Z 3Com mirroring group 1 mirroring slot 3 inbound 1 1 8 mirroring group monitor port Syntax mirroring group g...

Page 859: ...gabitEthernet1 0 4 as the source port and monitor all packets received via this port 3Com system view System View return to User View with Ctrl Z 3Com mirroring group 1 monitor port Gigabitethernet1 0 4 1 1 9 mirroring group monitor slot Syntax mirroring group group id monitor slot slot number undo mirroring group group id monitor slot slot number View System view Parameter group id Group number o...

Page 860: ...ring group reflector port command to remove the configuration of the reflector port Note the following when you configure the reflector port z The reflector port must be an Access port z LACP must be disabled on the reflector port z The reflector ports are mutually exclusive with STP or DLDP That is if STP or DLDP is enabled on a port you are not recommended to configure it as a reflector port you...

Page 861: ...Use the mirroring group remote probe vlan command to specify the remote probe VLAN for a mirroring group Use the undo mirroring group remote probe vlan command to remove the configuration of remote probe VLAN for a mirroring group Example Configure VLAN 100 as the remote probe VLAN 3Com system view System View return to User View with Ctrl Z 3Com mirroring group 1 remote probe vlan 100 1 1 12 remo...

Page 862: ... VLAN Before configuring the remote probe VLAN make sure that no Access or Hybrid port belongs to this VLAN If any Trunk port exists in this VLAN the port PVID cannot be the ID of remote probe VLAN After setting a VLAN as remote probe VLAN it is recommended that you do not add Access or Hybrid port to the VLAN Note The undo vlan all command cannot be used to remove the specified remote probe VLAN ...

Page 863: ...wer max value 1 12 1 1 12 poe power management 1 12 1 1 13 poe priority 1 13 1 1 14 poe upgrade 1 14 Chapter 2 PoE PSU Supervision Configuration Commands 2 1 2 1 PoE PSU Supervision Display Commands 2 1 2 1 1 display poe power ac input state 2 1 2 1 2 display poe power alarm 2 2 2 1 3 display poe power dc output state 2 3 2 1 4 display poe power dc output value 2 4 2 1 5 display poe power switch s...

Page 864: ...on for details all Displays the PoE information of all the PoE ports on the switch Description Use the display poe interface command to view the PoE status of a specific port If the all keyword is specified the command displays the PoE status of all the PoE ports Example Display the PoE status of Ethernet3 0 1 3Com display poe interface Ethernet 3 0 1 Port power status PD searching Port power mode...

Page 865: ...t z high High z low Low Port max power The maximum available power on the port Port current power The current power on the port Port average power The average power on the port Port peak power The peak power on the port Port current The current on the port Port voltage The voltage on the port Display the PoE status of all ports 3Com display poe interface all Interface Ethernet3 0 1 power status de...

Page 866: ...atus PD searching Interface Ethernet3 0 29 power status PD searching Interface Ethernet3 0 30 power status PD searching Interface Ethernet3 0 31 power status PD searching Interface Ethernet3 0 32 power status PD searching Interface Ethernet3 0 33 power status PD searching Interface Ethernet3 0 34 power status PD searching Interface Ethernet3 0 35 power status PD searching Interface Ethernet3 0 36 ...

Page 867: ...ent power 700 mw Interface Ethernet3 0 2 current power 0 mw Interface Ethernet3 0 3 current power 0 mw Interface Ethernet3 0 4 current power 0 mw Interface Ethernet3 0 5 current power 0 mw Interface Ethernet3 0 6 current power 0 mw Interface Ethernet3 0 7 current power 0 mw Interface Ethernet3 0 8 current power 0 mw Interface Ethernet3 0 9 current power 0 mw Interface Ethernet3 0 10 current power ...

Page 868: ...Interface Ethernet3 0 35 current power 0 mw Interface Ethernet3 0 36 current power 0 mw Interface Ethernet3 0 37 current power 0 mw Interface Ethernet3 0 38 current power 0 mw Interface Ethernet3 0 39 current power 0 mw Interface Ethernet3 0 40 current power 0 mw Interface Ethernet3 0 41 current power 0 mw Interface Ethernet3 0 42 current power 0 mw Interface Ethernet3 0 43 current power 0 mw Inte...

Page 869: ...0 Table 1 2 Description on the fields of the display poe powersupply command Field Description Power Model Identification of the PSU manufacturer Power manufacturer Name of the power manufacturer Power Nominal Value Nominal power of the PSU Power Peak Value Peak power of the PSU Power Average Value Average power of the PSU Power Current Current Current current of the PSU Power Current Voltage Curr...

Page 870: ...lue 700 W Power Average Value 475 W Software Version 290 Hardware Version 000 CPLD Version 000 Table 1 3 Description on the fields of the display poe pse command Field Description Power Current Value Current power of the board Power Max Value Maximum power of the board Power Peak Value Peak power of the board Power Average Value Average power of the board Software Version Version of the PSE softwa...

Page 871: ...nd to enable the PoE feature on a board Use the undo poe enable slot command to disable the PoE feature on a board By default the PoE feature is disabled on a board Note z Before enabling the PoE feature on a board you must ensure that the remaining power output is not less than the maximum power required for the board Otherwise PoE cannot be enabled on the board correctly z After PoE is enabled o...

Page 872: ...perform PoE compatibility detection for the remote PDs Use the undo poe legacy slot command to disable PoE compatibility detection for the remote PDs By default PoE compatibility detection for PDs is disabled on the board Through the PoE compatibility detection the switch can detect the PDs incompatible with IEEE802 3af and supply power to them Caution PoE compatibility detection process is very s...

Page 873: ...ied by the current port Use the undo poe max power command to restore the maximum power supplied by the current port to the default value By default the maximum power that a port can supply is 15 400 mW Example Set the maximum power supplied by Ethernet3 0 1 to 12 000 mW 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet 3 0 1 3Com Ethernet3 0 1 poe max power 1200...

Page 874: ...power 400 slot 3 1 1 10 poe mode Syntax poe mode signal spare undo poe mode View Ethernet port view Parameter signal Supplies power through a signal cable spare Supplies power through a spare cable Description Use the poe mode command to configure the PoE mode on the current port Use the undo poe mode command to restore the PoE mode on the current port to the default mode By default the port suppl...

Page 875: ... that this command works only when the power you specify is greater than the power that has been distributed to the boards Example Set the maximum power output of the switch to 2 000 W 3Com system view System View return to User View with Ctrl Z 3Com poe power max value 2000 1 1 12 poe power management Syntax poe power management auto manual slot slot number View System view Parameter auto Manages...

Page 876: ...anual mode When the switch is reaching its full load in supplying power externally and a new PD is added it will neither take the priority into account nor make change to its original power supply status only the information about the newly added device is provided For example Port A has the priority of critical When the switch is reaching full load and a new PD is now connected to port A the swit...

Page 877: ... to critical 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet 3 0 1 3Com Ethernet3 0 1 poe priority critical 1 1 14 poe upgrade Syntax poe upgrade refresh full filename View System view Parameter refresh Upgrades the existing valid software in the PSE in the refresh mode full Reloads the software to the PSE when there is no valid software in the PSE filename Upg...

Page 878: ... reasons such as failure which cause restart if the update in the full mode fails after restart you must update the software in the full mode after power off and restart of the device and then restart the device manually In this way the former PoE configuration is restored Example Update the processing software in the PSE online 3Com system view System View return to User View with Ctrl Z 3Com poe...

Page 879: ...t state Syntax display poe power ac input state View Any view Parameter None Description Use the display poe power ac input state command to display the AC input state of the PoE power supply units PSUs contained in the external PoE power supply system Example Display the AC input state of the PoE PSUs 3Com display poe power ac input state PSU 1 AC Input State Lack Phrase PSU 2 AC Input State Norm...

Page 880: ...age is higher than the upper threshold Fuse Broken The fuse is broken AC input state of PoE PSU 1 Switch Off The switch is off 2 1 2 display poe power alarm Syntax display poe power alarm View Any view Parameter None Description Use the display poe power alarm command to display the detailed alarm information about the external PoE PSUs Example Display the detailed alarm information about the exte...

Page 881: ... the error OUTERROR PSU output error No normal DC output from the PSU HIGHVOL Overvoltage on the PSU the PSU is shut down because its outputs overvoltage HIGHTEP It is overheated in the PSU FANERROR The fan fails CLOSE The PSU is shut down CURLIMIT The current of the PSU is limited The alarm information about PoE PSU1 Absent The PSU is absent 2 1 3 display poe power dc output state Syntax display ...

Page 882: ...put state of the external PoE PSU Hardware Fault Hardware fails 2 1 4 display poe power dc output value Syntax display poe power dc output value View Any view Parameter None Description Use the display poe power dc output value command to display the DC output voltage current values of the external PoE PSUs Example Display the DC output voltage current values of the external PoE PSUs 3Com display ...

Page 883: ... to display the number and current state of the AC power distribution switches in the external PoE PSU Example Display the number and current state of the AC power distribution switches 3Com display poe power switch state Switch Number 0 Note Currently the Switch 7750 series do not use any AC power distribution switch so the returned value is always 0 2 1 6 display supervision module information S...

Page 884: ... Number 1 PSU 2 Rating Output Power 2500 W 220V 1250 W 110V Hard Version Info NP Series Table 2 5 Description on the fields of the display supervision module information command Field Description Supervision Module Version Software version of the supervision module Supervision Module Name Name of the supervision module Power Type Model of the external PoE PSU Power Rating Value Rated power of the ...

Page 885: ...o set the undervoltage alarm threshold of AC input for the external PoE PSUs For 220 VAC input the recommended value is 181 0 V for 110VAC input the recommended value is 90 0 V Example Set the undervoltage alarm threshold of AC input for the external PoE PSUs to 181 0 V 3Com system view System View return to User View with Ctrl Z 3Com poe power input thresh lower 181 0 Set lower input threshold po...

Page 886: ...t thresh upper 264 0 Set upper input threshold power successfully 2 2 3 poe power output thresh lower Syntax poe power output thresh lower string View System view Parameter string Undervoltage alarm threshold in volts V in the format of X X in the range of 45 0 to 47 0 Description Use the poe power output thresh lower command to set the undervoltage alarm threshold of DC output for the external Po...

Page 887: ...X X in the range of 55 0 to 57 0 Description Use the poe power output thresh upper command to set the overvoltage alarm threshold of DC output for the external PoE PSUs For either 220 VAC or 110 VAC input the recommended threshold is 55 0 V Example Set the overvoltage alarm threshold of DC output for the external PoE PSUs to 55 0 V 3Com system view System View return to User View with Ctrl Z 3Com ...

Page 888: ...ntents i Table of Contents Chapter 1 UDP Helper Configuration Commands 1 1 1 1 UDP Helper Configuration Commands 1 1 1 1 1 debugging udp helper 1 1 1 1 2 display udp helper server 1 1 1 1 3 reset udp helper packet 1 2 1 1 4 udp helper port 1 3 1 1 5 udp helper server 1 4 ...

Page 889: ...ugging for sending receiving UDP Helper packets receive Enables disables debugging for receiving UDP Helper packets send Enables disables debugging for sending UDP Helper packets Description Use the debugging udp helper command to enable debugging for UDP Helper Use the undo debugging udp helper command to disable debugging for UDP Helper By default debugging for UDP Helper is disabled Example Ena...

Page 890: ...the number of the packets forwarded to the destination servers 3Com display udp helper server interface Vlan interface 1 Interface name Server address Packets sent Vlan interface1 192 1 1 2 0 The information above shows that the server with its IP address being 192 1 1 2 is configured as a destination server and is connected to VLAN 1 interface and no packets are forwarded to it so far 1 1 3 reset...

Page 891: ... tacacs tftp time undo udp helper port port dns netbios ds netbios ns tacacs tftp time View System view Parameter port number of a UDP port to be configured as a UDP Helper destination port in the range 1 to 65535 except for 67 and 68 dns Specifies the DNS UDP port port 53 as a UDP Helper destination port netbios ds Specifies the NetBIOS DS UDP port port 138 as a UDP Helper destination port netbio...

Page 892: ...lper Example Configure the DNS UDP port as a UDP Helper destination port 3Com system view System View return to User View with Ctrl Z 3Com udp helper port dns 1 1 5 udp helper server Syntax udp helper server ip address undo udp helper server ip address View VLAN interface view Parameter ip address IP address of the device to be configured as a destination server in dotted decimal notation Descript...

Page 893: ... display udp helper server Example Configure the device with its IP address being 192 1 1 2 as a destination server for the UDP broadcast packets to be forwarded on VLAN 1 interface 3Com system view System View return to User View with Ctrl Z 3Com interface Vlan interface 1 3Com Vlan interface1 udp helper server 192 1 1 2 ...

Page 894: ...p 1 10 1 1 12 snmp agent local engineid 1 11 1 1 13 snmp agent mib view 1 12 1 1 14 snmp agent packet max size 1 13 1 1 15 snmp agent sys info 1 14 1 1 16 snmp agent target host 1 15 1 1 17 snmp agent trap enable 1 16 1 1 18 snmp agent trap life 1 17 1 1 19 snmp agent trap queue size 1 18 1 1 20 snmp agent trap source 1 19 1 1 21 snmp agent usm user 1 20 Chapter 2 RMON Configuration Commands 2 1 2...

Page 895: ...f the current device An SNMP engine ID identifies an SNMP entity uniquely within an SNMP domain As an indispensable part of an SNMP entity an SNMP engine performs the function of sending receiving and authenticating SNMP message extracting PDU packet encapsulation and the communication with SNMP application Example Display the local engine ID of the current device 3Com display snmp agent local eng...

Page 896: ...tly configured community names 3Com display snmp agent community Community name public Group name public Storage type nonVolatile Community name private Group name private Storage type nonVolatile Table 1 1 Description on the fields of the display snmp agent community command Field Description Community name Community name Group name Group name Storage type Storage type including volatile nonVolat...

Page 897: ...play snmp agent group command Field Description Group name SNMP group name Security model Security model of that group including authorization and encryption AuthPriv authorization and no encryption AuthnoPriv no authorization and no encryption noAuthnoPriv Readview Read only MIB view name corresponding to that group Writeview Writable MIB view corresponding to that group Notifyview The name of th...

Page 898: ...nfigured MIB view 3Com display snmp agent mib view View name system MIB Subtree system Subtree mask Storage type nonVolatile View Type included View status active View name ViewDefault MIB Subtree iso Subtree mask Storage type nonVolatile View Type included View status active View name ViewDefault MIB Subtree snmpUsmMIB Subtree mask Storage type nonVolatile View Type excluded View status active Vi...

Page 899: ...ve Caution For the above commands when the SNMP agent is disabled the system gives the prompt SNMP agent disabled 1 1 5 display snmp agent statistics Syntax display snmp agent statistics View Any view Parameter None Description Use the display snmp agent statistics command to view the statistics information about SNMP packets This command provides statistics for SNMP operations Example Display the...

Page 900: ...Response PDU accepted and processed 1 SetRequest PDU accepted and processed 34 Trap PDUs accepted and processed 1 1 6 display snmp agent sys info Syntax display snmp agent sys info contact location version View Any view Parameter contact Displays the contact information of the current device location Displays the physical location of the current device version Displays the version information abou...

Page 901: ...er engineid engineid username user name group group name View Any view Parameter engineid Displays the SNMPv3 user information of the specified engine ID which ranges from 10 to 64 hexadecimal numerals username Displays information about the specified SNMPv3 user which ranges from 1 to 32 bytes groupname Displays information about users in the specified group name which ranges from 1 to 32 bytes D...

Page 902: ...erface view Parameter None Description Use the enable snmp trap updown command to enable the sending of port interface linkUp and linkDown traps Use the undo enable snmp trap updown command to disable the sending of linkUp and linkDown traps By default the sending of port interface linkUp and linkDown traps is enabled The enable snmp trap updown and snmp agent trap enable snmp agent target host co...

Page 903: ... Syntax snmp agent undo snmp agent View System view Parameter None Description Use the snmp agent command to enable SNMP Agent Use the undo snmp agent command to disable SNMP Agent By default SNMP Agent is disabled Example Disable running SNMP Agent 3Com system view System View return to User View with Ctrl Z 3Com undo snmp agent 1 1 10 snmp agent community Syntax snmp agent community read write c...

Page 904: ...to SNMP Use the undo snmp agent community command to cancel the settings of community access name Example Configure community name as comaccess and permit read only access by this community name 3Com system view System View return to User View with Ctrl Z 3Com snmp agent community read comaccess Configure community name as mgr and permit read write access 3Com snmp agent community write mgr Remove...

Page 905: ...from 1 to 32 bytes notify view Sets notify view notify view Notification view name ranging from 1 to 32 bytes acl Sets an ACL acl number Indicates an ACL ranging from 2 000 to 2 099 Description Use the snmp agent group command to configure a new SNMP group that is to map SNMP user to SNMP view Use the undo snmp agent group command to cancel a specified SNMP group By default the SNMP group configur...

Page 906: ...ermined according to different products It can be an IP address MAC address or user defined hexadecimal numeral string Related command snmp agent usm user Example Configure the local device name as 1234512345 3Com system view System View return to User View with Ctrl Z 3Com snmp agent local engineid 1234512345 1 1 13 snmp agent mib view Syntax snmp agent mib view included excluded view name oid tr...

Page 907: ...stem view System View return to User View with Ctrl Z 3Com snmp agent mib view included mib2 1 3 6 1 2 1 1 1 14 snmp agent packet max size Syntax snmp agent packet max size byte count undo snmp agent packet max size View System view Parameter byte count Maximum size of the SNMP packet in bytes that the Agent can send receive ranging from 484 to 17 940 Description Use the snmp agent packet max size...

Page 908: ...ation of the device sys location The geographical location of the device version Specifies version of running SNMP v1 SNMP V1 v2c SNMP V2C v3 SNMP V3 all All SNMP versions including SNMP V1 SNMP V2C SNMP V3 Description Use the snmp agent sys info command to configure system information such as geographical location of the device information for system maintenance and version information of running...

Page 909: ...o be a Trap host address Specifies the address of the destination host for transmitting SNMP messages udp domain Specifies transport domain over UDP for the target host ip address The IPv4 address of the host receiving Trap packets port number Number of the port receiving Trap packets ranging from 0 to 65 535 characters params Specifies SNMP target host information to be used in the generation of ...

Page 910: ...stem View return to User View with Ctrl Z 3Com snmp agent trap enable standard 3Com snmp agent target host trap address udp domain 10 1 1 1 params securityname public 1 1 17 snmp agent trap enable Syntax snmp agent trap enable bgp backwardtransition established configuration flash ospf process id ospf trap list standard authentication coldstart linkdown linkup warmstart system vrrp authfailure new...

Page 911: ...uthfailure newmaster Configures to send VRRP trap information Description Use the snmp agent trap enable command to enable the device to send Trap packets Use the undo snmp agent trap enable command to disable the device to send Trap packets By default the device does not send Trap packets The snmp agent trap enable and snmp agent target host commands must be used at the same time The snmp agent t...

Page 912: ...d the system drops the trap packet Related command snmp agent trap enable snmp agent target host Example Set the aging time for Trap packets as 60 seconds 3Com system view System View return to User View with Ctrl Z 3Com snmp agent trap life 60 1 1 19 snmp agent trap queue size Syntax snmp agent trap queue size size undo snmp agent trap queue size View System view Parameter size Length of a queue ...

Page 913: ...ription Use the snmp agent trap source command to configure the source address for sending Trap message Use the undo snmp agent trap source command to cancel the source address for sending Trap message The SNMP Trap message sent from a server has a source IP address no matter which interface the Trap message is sent from By default SNMP chooses an outgoing interface You can configure this command ...

Page 914: ...me group name local engineid engineid string View System view Parameter v1 Configures to use V1 security model v2c Configures to use V2c security model v3 Configures to use V3 security model User name User name ranging from 1 to 32 bytes Group name Group name corresponding to that user a character string of 1 to 32 characters authentication mode Specifies the safety level as authentication require...

Page 915: ...n is required when you configure a remote user for an agent If you change engineID after configuring a user the user corresponding to the original engineID is not effective For V1 and V2C this command will add a new community name For SNMPv3 it will add a new user for an SNMP group Related command snmp agent group snmp agent community and snmp agent local engineid Example Add a user John to SNMPv3...

Page 916: ...lay the configuration of a specified alarm entry or all the alarm entries Related command rmon alarm Example Display the configuration of all the alarm entries 3Com display rmon alarm Alarm table 1 owned by abc is VALID Samples type delta Variable formula 1 3 6 1 2 1 2 2 1 11 67111554 ifInUcastPkts 67111554 Sampling interval 10 sec Rising threshold 100 linked with event 7 Falling threshold 10 link...

Page 917: ...alling threshold is reached Latest value Latest sampled value 2 1 2 display rmon event Syntax display rmon event event entry View Any view Parameter event entry Event entry index in the range of 1 to 65535 If you do not specify this argument the configuration of all the event entries is displayed Description Use the display rmon event command to display the configuration of a specified event entry...

Page 918: ...vent entry View Any view Parameter event entry Event entry index in the range of 1 to 65535 If you do not specify this argument the log of all the event entries is displayed Description Use the display rmon eventlog command to display the log of a specified event entry or all the event entries The displayed information includes the indexes and status of the event entries in the event table the tim...

Page 919: ...he time event 1 is first triggered Description Description of an event log 2 1 4 display rmon history Syntax display rmon history interface type interface number View Any view Parameter interface type Interface type interface number Interface number Description Use the display rmon history command to display the RMON history information about a specified port The information about the latest sampl...

Page 920: ...terval buckets Number of records in the history control table Latest sampled values Latest sampled information Dropevents Event about dropping packets octets Number of received or transmitted bytes during sampling duration packet Number of received or transmitted packets during sampling duration broadcastpackets Number of broadcast packets multicastpackets Number of multicast packets CRC alignment...

Page 921: ...Samples type delta Variable formula 1 3 6 1 2 1 2 2 1 10 641 Description ifInOctets Ethernet1 0 1 Sampling interval 10 sec Rising threshold 100 linked with event 2 Falling threshold 10 linked with event 2 When startup enables risingOrFallingAlarm This entry will exist forever Latest value 0 Table 2 5 Description on the fields of the display rmon prialarm command Field Description Prialarm table 1 ...

Page 922: ... This entry can exist forever or exist in the specified cycle Latest value Latest sampled value 2 1 6 display rmon statistics Syntax display rmon statistics interface type interface number View Any view Parameter interface type Interface type interface number Interface number Description Use the display rmon statistics command to display the RMON statistics of a specified port The displayed inform...

Page 923: ...cs information table abc Entry creator VALID The entry corresponding to this index is valid Interface Interface etherStatsOctets Number of received or transmitted bytes etherStatsPkts Number of received or transmitted packets etherStatsBroadcastPkts Number of broadcast packets etherStatsMulticastPkts Number of multicast packets etherStatsUndersizePkts Number of undersize packets etherStatsOversize...

Page 924: ...he latest sample absolute Specifies to sample absolute values rising_threshold threshold value1 Specifies the upper threshold The threshold value1 argument ranges from 0 to 2 147 483 647 event entry1 Index of the event entry corresponding to the upper threshold in the range of 1 to 65 535 falling_threshold threshold value2 Specifies the lower threshold The threshold value2 argument ranges from 0 t...

Page 925: ...maller than the set lower threshold threshold value2 Triggering the event identified by the event entry2 argument Note z Before adding an alarm entry you need to use the rmon event command to define the events to be referenced by the alarm entry z Make sure the node to be monitored exists before executing the rmon alarm command Example Add the alarm entry numbered 1 as follows z The node to be mon...

Page 926: ...cifies the community name of the NMS that receives the log messages none Specifies that the event triggers no action owner text Specifies the creator of the event entry The text argument is a string comprising 1 to 127 characters Description Use the rmon event command to add an entry to the event table Use the undo rmon event command to delete an entry from the event table When adding an event ent...

Page 927: ...story command to add an entry to a history control table Use the undo rmon history command to delete an entry from a history control table You can use the rmon history command to sample a specific port You can also set the sampling interval and the number of the samples that can be saved After you execute this command the RMON system samples the port periodically and stores the samples for later r...

Page 928: ... type To prevent invalid operation results make sure the operation results of each step are valid long integers prialarm des Alarm description a string comprising 1 to 256 characters sampling timer Sampling interval in seconds in the range of 10 to 65 535 delta absolute changeratio Specifies sample type which can be deltas absolute values or change ratios threshold value1 Upper threshold in the ra...

Page 929: ...ons on sampled values according to the defined extended alarm expressions prialarm formula z Comparing the operation result with the set thresholds and perform corresponding operations as described in Table 2 8 Table 2 8 Operation result and corresponding operation Comparison Operation The operation result is larger than or equal to the set upper threshold threshold value1 Triggering the event ide...

Page 930: ...35 owner text Specifies the owner of the entry a string comprising 1 to 127 characters Description Use the rmon statistics command to add an entry to the statistics table Use the undo rmon statistics command to remove an entry from the statistics table The RMON statistics management function is used to take statistics of the usage of the monitored ports and errors occurred to them The statistics i...

Page 931: ... Chapter 2 RMON Configuration Commands 2 16 Example Add the statistics entry numbered 20 to take statistics of Ethernet1 0 1 port 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet 2 0 1 3Com Ethernet2 0 1 rmon statistics 20 ...

Page 932: ...enable 1 5 1 1 6 ntp service authentication keyid 1 5 1 1 7 ntp service broadcast client 1 6 1 1 8 ntp service broadcast server 1 7 1 1 9 ntp service disable 1 8 1 1 10 ntp service in interface disable 1 8 1 1 11 ntp service max dynamic sessions 1 9 1 1 12 ntp service multicast client 1 10 1 1 13 ntp service multicast server 1 10 1 1 14 ntp service refclock master 1 11 1 1 15 ntp service reliable ...

Page 933: ...parameter the Ethernet switch displays the brief information about all the sessions Description Use the display ntp service sessions command to display the status of all the sessions maintained by NTP service provided by the local device Caution The sessions can be created in all NTP operating modes except the NTP server mode Example Display the status of all the sessions maintained by the NTP ser...

Page 934: ...100 0000 Hz Clock precision 2 18 Clock offset 0 0000 ms Root delay 0 00 ms Root dispersion 0 00 ms Peer dispersion 0 00 ms Reference time 00 00 00 000 UTC Jan 1 1900 00000000 00000000 The following table describes the displayed fields Table 1 1 NTP service status information Field Meaning Service status NTP service status enabled or disabled Clock status unsynchronized Local clock status is not sy...

Page 935: ...Root dispersion Dispersion of the local clock relative to the NTP server clock Peer dispersion Dispersion of the remote NTP server Reference time Reference timestamp 1 1 3 display ntp service trace Syntax display ntp service trace View Any view Parameter None Description Use the display ntp service trace command to display the brief information about every NTP server on the way from the local devi...

Page 936: ...s command to set the right to access the local device service Use the undo ntp service access command to cancel the access authority settings By default no right limit is configured Compared with authentication setting the right to access and control the NTP services is a basic and brief security measure From the highest NTP service access control right to the lowest one are peer server synchroniz...

Page 937: ...to disable this function By default the authentication is disabled Example Enable NTP authentication function 3Com system view System View return to User View with Ctrl Z 3Com ntp service authentication enable 1 1 6 ntp service authentication keyid Syntax ntp service authentication keyid number authentication mode md5 value undo ntp service authentication keyid number View System view Parameter nu...

Page 938: ...p service broadcast client command to configure NTP broadcast client mode Use the undo ntp service broadcast client command to disable NTP broadcast client mode By default the NTP broadcast client mode is disabled Designate an interface on the local device to receive NTP broadcast packets The local device operates in broadcast client mode The local device listens to the broadcast packets from the ...

Page 939: ...ging from 1 to 3 Description Use the ntp service broadcast server command to configure NTP broadcast server mode Use the undo ntp service broadcast server command to disable the NTP broadcast server mode By default the broadcast service is disabled When no NTP version number is specified the default version number is 3 Designate an interface on the local device to broadcast NTP packets The local d...

Page 940: ...unction By default the NTP service is enabled Example Disable NTP service on the device 3Com system view System View return to User View with Ctrl Z 3Com ntp service disable 1 1 10 ntp service in interface disable Syntax ntp service in interface disable undo ntp service in interface disable View VLAN interface view Parameter None Description Use the ntp service in interface disable command to disa...

Page 941: ...iew Parameter number The maximum number of sessions that can be created locally ranging from 0 to 100 Description Use the ntp service max dynamic sessions command to set the maximum number of dynamic sessions that can be created locally Use the undo ntp service max dynamic sessions command to restore the default value By default a local device allows up to 100 dynamic sessions Note Only the sessio...

Page 942: ... in the multicast client mode The local device listens to the multicast packets from the server When it receives the first multicast packet it starts a brief client server mode to exchange messages with a remote server for estimating the network delay Thereafter the local device enters the multicast client mode and continues listening to the multicast packets and synchronizes the local clock based...

Page 943: ...ess Use the undo ntp service multicast server command to disable NTP multicast server mode if no IP address is specified the switch will disable the configuration of the multicast IP address 224 0 1 1 By default the multicast service is disabled IP address defaults to 224 0 1 1 and the version number defaults to 3 Designate an interface on the local device to transmit NTP multicast packets The loc...

Page 944: ...atum is not specified the local clock is located at stratum 8 by default You can use this command to designate an external reference clock or the local clock as an NTP master clock to provide synchronized time to other devices ip address specifies the IP address of an external clock as 127 127 1 u If no IP address is specified the local clock is configured as the NTP master clock by default You ca...

Page 945: ...pt MD5 encryption and designate Key 37 BetterKey and configure it as a reliable key 3Com system view System View return to User View with Ctrl Z 3Com ntp service authentication enable 3Com ntp service authentication keyid 37 authentication mode md5 BetterKey 3Com ntp service reliable authentication keyid 37 1 1 16 ntp service source interface Syntax ntp service source interface interface type inte...

Page 946: ...ntax ntp service unicast peer ip address server name version number authentication key keyid source interface interface type interface number priority undo ntp service unicast peer ip address server name View System view Parameter ip address Specifies the IP address of a remote server server name Specifies the host name of an NTP server containing 1 to 20 characters version Defines an NTP version ...

Page 947: ... device can synchronize and be synchronized by a remote server Example Configure the local device to synchronize or to be synchronized by a peer at 128 108 22 44 Set the NTP version to 3 The IP address of the NTP packets is taken from that of VLAN interface 1 3Com system view System View return to User View with Ctrl Z 3Com ntp service unicast peer 131 108 22 33 version 3 source interface Vlan Int...

Page 948: ...the undo ntp service unicast server command to disable NTP server mode By default no NTP server mode is configured When you do not specify a version number the default version number is 3 When you do not specify authentication keyid authentication is disabled The command announces to use the remote server at ip address as the local time server ip address specifies a host address other than a broad...

Page 949: ...12 ssh authentication type default 1 12 1 1 13 ssh server authentication retries 1 13 1 1 14 ssh server compatible ssh1x enable 1 13 1 1 15 ssh server rekey interval 1 14 1 1 16 ssh server timeout 1 15 1 1 17 ssh user assign rsa key 1 16 1 1 18 ssh user authentication type 1 16 1 2 SSH Client Configuration Commands 1 18 1 2 1 display ssh server info 1 18 1 2 2 public key code begin 1 18 1 2 3 publ...

Page 950: ...ide SSH Terminal Service Table of Contents ii 1 4 6 exit 1 29 1 4 7 get 1 29 1 4 8 help 1 30 1 4 9 ls 1 31 1 4 10 mkdir 1 31 1 4 11 put 1 32 1 4 12 pwd 1 32 1 4 13 quit 1 33 1 4 14 remove 1 33 1 4 15 rename 1 34 1 4 16 rmdir 1 34 1 4 17 sftp 1 35 ...

Page 951: ...rsa local key pair public command to display the public key of the host key pair 3Com_Host and the public key of the server key pair 3Com_Server Related command rsa local key pair create Example Display the public keys of the server key pair and host key pair 3Com display rsa local key pair public Time of Key pair created 16 51 29 2006 04 27 Key name 3Com_Host Key type RSA encryption Key Key code ...

Page 952: ...OjmoID01dLaS8uv B7n5EZj mTfG7gx67huMBvCL8B82Bc8m2 eJotgjGC7L rsa key Time of Key pair created 16 51 55 2006 04 27 Key name 3Com_Server Key type RSA encryption Key Key code 3067 0260 E1D3BAFE 5E646CF2 241602A1 2FF9AF7F 4AE5A7DE 02894012 1A733A4B 3ABA2F65 DB8CE292 644BB45C 2613F773 BC67C912 DCDACBF6 11DF66CA B48A9F0F 97886142 DB845B18 9C956B16 76D7C8BC 7E355894 CC2854F0 0D29376C 5F30F7A5 98A64CAD 02...

Page 953: ...ress Bits Name 1024 192 168 0 39 Display the public key named abc of the client key pair 3Com display rsa peer public key name abc Key name abc Key address Key Code 308186 028180 739A291A BDA704F5 D93DC8FD F84C4274 631991C1 64B0DF17 8C55FA83 3591C7D4 7D5381D0 9CE82913 D7EDF9C0 8511D83C A4ED2B30 B809808E B0D1F52D 045DE408 61B74A0E 135523CC D74CAC61 F8E58C45 2B2F3F2D A0DCC48E 3306367F E187BDD9 44018...

Page 954: ... compatible with the client of SSHv1 x version the SSH version will be displayed as 1 99 z If you use the undo ssh server compatible ssh1x enable command to configure the server to be not compatible with the client of SSHv1 x version the SSH version will be displayed as 2 0 Display the session information about the SSH server 3Com display ssh server session Conn Ver Encry State Retry SerType Usern...

Page 955: ... characters Description Use the display ssh user information command to display information about the current SSH users including user name authentication mode corresponding public key name and authorized service types If the username is specified the command displays information about the specified user Example Display information about the current user 3Com display ssh user information Username ...

Page 956: ... Z 3Com rsa peer public key 3Com003 3Com rsa public key peer public key end 3Com 1 1 6 protocol inbound Syntax protocol inbound all ssh telnet View VTY user interface view Parameter all Supports all protocols including Telnet and SSH ssh Supports only SSH telnet Supports only Telnet Description Use the protocol inbound command to configure the protocols supported in the current user interface By d...

Page 957: ...nterface vty Example Configure vty0 through vty4 to support SSH only 3Com system view System View return to User View with Ctrl Z 3Com user interface vty 0 4 3Com ui vty0 4 authentication mode scheme 3Com ui vty0 4 protocol inbound ssh 1 1 7 public key code begin Syntax public key code begin View Public key view Parameter None Description Use the public key code begin command to enter public key e...

Page 958: ...F828D55A36F1CDDC4BB45504F020125 3Com key code public key code end 3Com rsa public key 1 1 8 public key code end Syntax public key code end View Public key edit view Parameter None Description Use the public key code end command to return from public key edit view to public key view and save the public keys you set After you use this command to terminate the public key editing public key validity w...

Page 959: ...le 3Com_Server Note z Server key pair 3Com_Server is not used in SSHv2 0 therefore when the rsa local key pair create command is executed the system only prompts you the host RSA key pair 3Com_Host is generated and does not inform you the information about the server key pair even if the server key pair is generated in the background for the purpose of SSHv1 x compatibility You can use the display...

Page 960: ...atible ssh1x enable Example Generate a local RSA key pair 3Com system view System View return to User View with Ctrl Z 3Com rsa local key pair create The key name will be 3Com_Host The range of public key size is 512 2048 NOTES If the key modulus is greater than 512 It will take a few minutes Input the bits in the modulus default 512 Generating keys 1 1 10 rsa local key pair destroy Syntax rsa loc...

Page 961: ...to 64 characters Description Use the undo rsa peer public key key name command to delete the configured client public key After you input the rsa peer public key command you will enter public key view You can use the command along with the public key code begin command to configure on the server client public keys which are generated randomly by the SSHv2 0 supporting client software Related comma...

Page 962: ...ey that is the user can pass the authentication if either the password or RSA public key is correct Description Use the ssh authentication type default command to specify a default authentication type for SSH users After the command is configured when a SSH user is added if you do not use the ssh user authentication type command to specify an authentication type for the user the user needs to pass...

Page 963: ... server authentication retries command to restore the default authentication retry times which will take effect at next login Related command display ssh server Note If you have used the ssh user authentication type command to configure the authentication type to password publickey you must set the authentication retry times to a number greater than or equal to 2 for one is counted when a client s...

Page 964: ...ble with the SSHv1 x version supporting client Example Specify the server compatible with the SSHv1 x version supporting client 3Com system view System View return to User View with Ctrl Z 3Com ssh server compatible ssh1x enable 1 1 15 ssh server rekey interval Syntax ssh server rekey interval hours undo ssh server rekey interval View System view Parameter hours Update period of the server key in ...

Page 965: ...Syntax ssh server timeout seconds undo ssh server timeout View System view Parameter seconds Authentication timeout time It is in the range of 1 to 120 seconds and defaults to 60 seconds Description Use the ssh server timeout command to set authentication timeout time for SSH connections Use the undo ssh server timeout command to restore the default timeout time The default value takes effect at n...

Page 966: ... key command to remove the association between the public keys and SSH users The configuration takes effect at the next login If the user already has a public key the new public key overrides the old one Related command display ssh user information Example Set the client public key for the kk user to key1 3Com system view System View return to User View with Ctrl Z 3Com ssh user kk assign rsa key ...

Page 967: ...f either the password or RSA public key is correct Description Use the ssh user authentication type command to define on the server the available authentication type for an SSH user Use the undo ssh user authentication type command to restore the default setting Note This command defines available authentication type on the server The actual authentication type however is determined by the client ...

Page 968: ...Example Display the association between the server public keys and the servers 3Com display ssh server info Server Name IP Server public key name ______________________________________________________ 192 168 0 1 abc_key01 192 168 0 2 abc_key02 1 2 2 public key code begin Syntax public key code begin View Public key view Parameter None Description Use the public key code begin command to enter pub...

Page 969: ...1D83CA4ED2B30B809808EB0D1F52D045DE4 3Com rsa key code 0861B74A0E135523CCD74CAC61F8E58C452B2F3F2DA0DC 3Com rsa key code C48E3306367FE187BDD944018B3B69F3CBB0A573202C16 3Com rsa key code BB2FC1ACF3EC8F828D55A36F1CDDC4BB45504F020125 3Com rsa key code public key code end 3Com rsa public key 1 2 3 public key code end Syntax public key code end View Public key edit view Parameter None Description Use the...

Page 970: ...in 3Com rsa key code public key code end 3Com rsa public key 1 2 4 quit Syntax quit View User view Parameter None Description Use the quit command to terminate the connection to the remote SSH server Example Terminate the connection to the remote SSH server 3Com quit 1 2 5 rsa peer public key Syntax rsa peer public key key name undo rsa peer public key key name View System view Parameter key name ...

Page 971: ...Ctrl Z 3Com rsa peer public key 3Com002 3Com rsa public key 1 2 6 ssh client assign rsa key Syntax ssh client server ip server name assign rsa key keyname undo ssh client server ip assign rsa key View System view Parameter server ip Server IP address server name Server name a string of 1 to 80 characters keyname Server public key name a string of 1 to 64 characters Description Use the ssh client a...

Page 972: ... client does not have the public key for the server which it accesses for the first time the client continues to access the server and save locally the public key of the server Then at the next access the client can authenticate the server with the public key saved locally When the initial authentication function is not available the client does not access the server if it does not have the public...

Page 973: ...hm preference Choose one of the two algorithms available dh_group1 Diffie Hellman group1 sha1 key exchange algorithm It is the default algorithm dh_exchange_group Diffie Hellman group exchange sha1 key exchange algorithm prefer_ctos_cipher Encryption algorithm preference from the client to server It defaults to AES128 prefer_stoc_cipher Encryption algorithm preference from the server to client It ...

Page 974: ...erence on the server and client Example Log in to the remote SSHv2 0 server with IP address 10 1 1 2 and adopt the default encryption algorithm 3Com system view System View return to User View with Ctrl Z 3Com ssh2 10 1 1 2 Username 123 Trying 10 1 1 2 Press CTRL K to abort Connected to 10 1 1 2 The Server is not authenticated Do you continue access it Y N y Do you want to save the server s public...

Page 975: ...trl Z 3Com sftp server enable 1 3 2 ssh user service type Syntax ssh user username service type stelnet sftp all undo ssh user username service type View System view Parameter username Local user name or the user name defined on the remote RADIUS server a string of 1 to 80 characters stelnet Sets the service type to Telnet sftp Sets the service type to SFTP all Includes Telnet and SFTP two service...

Page 976: ... user kk service type sftp 1 4 SFTP Client Configuration Commands 1 4 1 bye Syntax bye View SFTP Client view Parameter None Description Use the bye command to terminate the connection to the remote SFTP server and return to system view This command has the same function as the exit and quit commands Example Terminate the connection to the remote SFTP server sftp client bye Bye 3Com 1 4 2 cd Syntax...

Page 977: ...te You can use the cd command to return to the upper level directory You can use the cd command to return to the root directory of the system that is flash Example Change current path to new1 sftp client cd new1 Current Directory is flash new1 1 4 3 cdup Syntax cdup View SFTP Client view Parameter None Description Use the cdup command to return the current path on the remote SFTP server to the upp...

Page 978: ...command Example Delete file test txt from the server sftp client delete test txt The followed File will be deleted flash test txt Are you sure to delete it Y N y This operation may take a long time Please wait File successfully Removed 1 4 5 dir Syntax dir remote path View SFTP Client view Parameter remote path Name of the intended directory Description Use the dir command to display the specified...

Page 979: ...noone nogroup 225 Sep 28 08 28 pub1 drwxrwxrwx 1 noone nogroup 0 Sep 28 08 24 new1 drwxrwxrwx 1 noone nogroup 0 Sep 28 08 18 new2 rwxrwxrwx 1 noone nogroup 225 Sep 28 08 30 pub2 1 4 6 exit Syntax exit View SFTP Client view Parameter None Description Use the exit command to terminate the connection to the remote SFTP server and return to system view This command has the same function as the bye and...

Page 980: ...t Example Download file tt bak and save it with name tt txt sftp client get tt bak tt txt Remote file flash tt bak Local file tt txt Downloading file successfully ended 1 4 8 help Syntax help command View SFTP Client view Parameter command Name of a command Description Use the help command to get the help information about the specified or all SFTP client commands If the command argument is not sp...

Page 981: ...ctory are displayed This command has the same function as the dir command Example Display the files in directory flash sftp client ls flash rwxrwxrwx 1 noone nogroup 1759 Aug 23 06 52 vrpcfg cfg rwxrwxrwx 1 noone nogroup 225 Aug 24 08 01 pubkey2 rwxrwxrwx 1 noone nogroup 283 Aug 24 07 39 pubkey1 rwxrwxrwx 1 noone nogroup 225 Sep 28 08 28 pub1 drwxrwxrwx 1 noone nogroup 0 Sep 28 08 24 new1 drwxrwxr...

Page 982: ...ocal file Name of the source file at the local end remote file Name assigned to the file to be saved on the remote SFTP server Description Use the put command to upload a local file to the remote SFTP server If no name is specified for the file to be saved on the remote SFTP server the name of the source file is used Example Upload local file vrpcfg cfg to the remote SFTP server and save it with t...

Page 983: ... server sftp client pwd flash 1 4 13 quit Syntax quit View SFTP Client view Parameter None Description Use the quit command to terminate the connection to the remote SFTP server and exit to system view This command has the same function as the bye and exit commands Example Terminate the connection to the remote SFTP server sftp client quit Bye 3Com 1 4 14 remove Syntax remove remote file View SFTP...

Page 984: ...File will be deleted flash test2 txt Are you sure to delete it Y N y This operation may take a long time Please wait File successfully Removed 1 4 15 rename Syntax rename old name new name View SFTP Client view Parameter old name Original file name new name New file name Description Use the rename command to change the name of the specified file on the SFTP server Example Change the name of file t...

Page 985: ...r des aes128 prefer_stoc_cipher des aes128 prefer_ctos_hmac sha1 sha1_96 md5 md5_96 prefer_stoc_hmac sha1 sha1_96 md5 md5_96 View System view Parameter host ip IP address of the server host name Name of the server a string of 1 to 20 characters port num Port number of the server in the range 0 to 65 535 The default port number is 22 prefer_kex Key exchange algorithm preference Choose one of the tw...

Page 986: ..._96 sha1 HMAC SHA1 algorithm sha1_96 HMAC SHA1_96 algorithm md5 HMAC MD5 algorithm md5_96 HMAC MD5 96 algorithm Description Use the sftp command to establish a connection to the SFTP server and enter SFTP Client view Example Establish a connection to the SFTP server with IP address 10 1 1 2 and use the default encryption algorithms 3Com sftp 192 168 0 65 Input Username kk Trying 192 168 0 65 Press...

Page 987: ...s 1 1 1 1 File System Management Commands 1 1 1 1 1 cd 1 1 1 1 2 copy 1 2 1 1 3 delete 1 3 1 1 4 dir 1 4 1 1 5 execute 1 5 1 1 6 file prompt 1 6 1 1 7 fixdisk 1 6 1 1 8 format 1 7 1 1 9 mkdir 1 8 1 1 10 more 1 8 1 1 11 move 1 9 1 1 12 pwd 1 10 1 1 13 rename 1 11 1 1 14 reset recycle bin 1 12 1 1 15 rmdir 1 13 1 1 16 umount 1 13 1 1 17 undelete 1 14 ...

Page 988: ...file url argument in the following two ways in this chapter z In the form of drive path file name In this case the argument can be a string containing 1 to 64 characters z By specifying the name of a storage device such as flash and cf 1 1 File System Management Commands 1 1 1 cd Syntax cd directory device name View User view Parameter directory Target directory device name Target device Descripti...

Page 989: ...e the copy command to copy a file to a specified path with specified name You can use this command to copy a file in the current directory to another directory or copy a file in a directory to the current directory Make sure the path and the file identified by the fileurl source argument exist when executing this command If the fileurl dest argument identifies an existing file the system prompts y...

Page 990: ... VRP310 E3128 app 2 rw 553 Jan 21 2006 17 05 55 diaginfo txt 3 rw 3906 Apr 04 2006 17 23 54 vrpcfg cfg 4 rw 11779 Apr 05 2006 10 19 48 test txt 5 rw 11779 Apr 05 2006 10 23 03 test2 bak 31877 KB total 15961 KB free 1 1 3 delete Syntax delete unreserved file url View User view Parameter unreserved Deletes a file completely file url Path name and file name of a file to be deleted Description Use the...

Page 991: ...tory of the flash 3Com delete flash test txt Delete flash test txt Y N y Deleted file flash test txt 1 1 4 dir Syntax dir all file url View User view Parameter all Displays the information about all the files including those in the recycle bin file ur Path and the name of a file whose information is to be displayed You can use the character as a wildcard in this argument For example the dir txt co...

Page 992: ... rw 11779 Apr 05 2006 10 55 10 tt2 txt 31877 KB total 15935 KB free Note In the output information of the dir all command the names of the files in the recycle bin are embraced in brackets 1 1 5 execute Syntax execute file url View System view Parameter File url Path and the name of the batch file to be executed A batch file has an extension of bat Description Use the execute command to execute a ...

Page 993: ...t have potential risks quiet Disables prompts for file related operations Description Use the file prompt command to set the prompt mode for file related operations By default a switch prompts for confirmation before performing file related operations that have potential risks If you set the prompt mode of the file related operations to quiet the switch does not prompt for confirmation before perf...

Page 994: ...ixdisk flash may take some time to complete Fixdisk unit1 flash completed 1 1 8 format Syntax format device View User view Parameter device Device name Description Use the format command to format a storage device Note that all the files on a storage device get lost after the storage device is formatted The operation is irretrievable Moreover the configuration files get lost if you format the flas...

Page 995: ... the names of all the directories and files in the same directory must be unique Example Create a directory in the current directory with the name being dd 3Com mkdir dd Created dir flash dd 1 1 10 more Syntax more file url View User view Parameter file url Path and file name Description Use the more command to display the content of a specified file Currently the content of a file can only be dis...

Page 996: ... the confirmation to overwrite the existing file Example Display the information about the files in flash and flash hello 3Com dir Directory of flash 0 rw 4 Mar 09 2006 13 59 19 snmpboots 1 rw 16215134 Apr 04 2006 16 36 20 S6500 VRP310 E3128 app 2 rw 553 Jan 21 2006 17 05 55 diaginfo txt 3 rw 3906 Apr 04 2006 17 23 54 vrpcfg cfg 4 drw Apr 05 2006 10 53 23 hello 5 drw Apr 10 2005 19 07 59 dd 6 rw 1...

Page 997: ...5134 Apr 04 2006 16 36 20 S6500 VRP310 E3128 app 2 rw 553 Jan 21 2006 17 05 55 diaginfo txt 3 rw 3906 Apr 04 2006 17 23 54 vrpcfg cfg 4 drw Apr 05 2006 10 53 23 hello 5 drw Apr 10 2005 19 07 59 dd 6 rw 11779 Apr 05 2006 10 23 03 test2 bak 7 rw 11779 Apr 05 2006 11 30 13 tt txt 8 drw Jan 25 2005 11 08 59 backup 31877 KB total 15935 KB free 3Com dir flash hello Directory of flash hello 0 rw 11779 Ap...

Page 998: ...il to rename the file Example Display the information about the files in the current directory 3Com dir Directory of flash 0 rw 4 Mar 09 2006 13 59 19 snmpboots 1 rw 16215134 Apr 04 2006 16 36 20 S6500 VRP310 E3128 app 2 rw 553 Jan 21 2006 17 05 55 diaginfo txt 3 rw 3906 Apr 04 2006 17 23 54 vrpcfg cfg 4 drw Apr 05 2006 10 53 23 hello 5 drw Apr 10 2005 19 07 59 dd 6 rw 11779 Apr 05 2006 10 23 03 t...

Page 999: ... 59 backup 31877 KB total 15934 KB free 1 1 14 reset recycle bin Syntax reset recycle bin file url force View User view Parameter file url Path and the file name of the file to be deleted force Does not prompt for the confirmation before deleting all the files in the recycle bin Description Use the reset recycle bin command to clear a specified file or all the files in the recycle bin You can use ...

Page 1000: ... Name of a directory Description Use the rmdir command to delete a directory As only empty directories can be deleted you need to clear a directory before deleting it Example Delete the directory named hello 3Com rmdir hello The files in the recycle bin under this directory will be deleted permanently Remove flash hello Y N y Removed directory flash hello 1 1 16 umount Syntax umount cf View User v...

Page 1001: ...xample Disable the CF card 3Com umount cf Umount cf succeed Current directory is changed to flash Verify the above operation by displaying the information about the CF card 3Com dir cf Wrong device cf 1 1 17 undelete Syntax undelete file url View User view Parameter file url Path and the file name of a file in the recycle bin Description Use the undelete command to restore a deleted file in the re...

Page 1002: ...System Management Chapter 1 File System Management Commands 1 15 Example Restore the deleted file with its path and file name being flash hello tt2 txt 3Com undelete flash hello tt2 txt Undelete flash hello tt2 txt Y N y Undeleted file flash hello tt2 txt ...

Page 1003: ...Commands 1 4 1 2 1 ascii 1 4 1 2 2 binary 1 4 1 2 3 bye 1 5 1 2 4 cd 1 6 1 2 5 cdup 1 7 1 2 6 close 1 8 1 2 7 debugging 1 8 1 2 8 delete 1 9 1 2 9 dir 1 10 1 2 10 disconnect 1 11 1 2 11 ftp 1 12 1 2 12 get 1 13 1 2 13 lcd 1 14 1 2 14 ls 1 15 1 2 15 mkdir 1 16 1 2 16 open 1 17 1 2 17 passive 1 18 1 2 18 put 1 18 1 2 19 pwd 1 19 1 2 20 quit 1 20 1 2 21 remotehelp 1 21 1 2 22 rmdir 1 22 1 2 23 user 1...

Page 1004: ...as an FTP server You can use this command to verify FTP server related configurations Example Display the FTP server related settings of the switch assuming that the switch is operating as an FTP server 3Com display ftp server FTP server is running Max user number 1 User count 0 Timeout value in minute 30 Table 1 1 Description on the fields of the display ftp server command Field Description FTP s...

Page 1005: ...nection idle time and work directory Example Display FTP user settings 3Com display ftp user Username Host IP Port Idle Homedir 3Com 10 110 3 5 1074 2 flash 3Com If the user name exceeds ten characters characters behind the tenth will be displayed in a new line in the left aligning mode Take username username test for example the result is 3Com display ftp user Username Host IP Port Idle Homedir u...

Page 1006: ...Connection idle time in minutes ranging from 1 to 35 791 Description Use the ftp timeout command to set the connection idle time Use the undo ftp timeout command to restore the default connection idle time The default connection idle time is 30 minutes If a FTP connection between an FTP server and an FTP client breaks down abnormally and the FTP server is not acknowledged with this the FTP server ...

Page 1007: ...hat files be transferred in the ASCII mode By default files are transferred in the ASCII mode Example Enter FTP client view 3Com ftp 2 2 2 2 Trying Press CTRL K to abort Connected 220 WFTPD 2 0 service by Texas Imperial Software ready for new user User none switch 331 Give me your password please Password 230 Logged in successfully ftp Specify to transfer files in the ASCII mode ftp ascii 200 Type...

Page 1008: ...service by Texas Imperial Software ready for new user User none switch 331 Give me your password please Password 230 Logged in successfully ftp Specify to transfer files in the binary mode ftp binary 200 Type set to I 1 2 3 bye Syntax bye View FTP client view Parameter None Description Use the bye command to terminate the control connection and data connection with the remote FTP server and quit t...

Page 1009: ...e FTP server and quit to user view ftp bye 221 Server closing 3Com 1 2 4 cd Syntax cd pathname View FTP client view Parameter pathname Path name Description Use the cd command to change the work directory on the remote FTP server Note that you can use this command to enter the authorized directories only Example Enter FTP client view 3Com ftp 2 2 2 2 Trying Press CTRL K to abort Connected 220 WFTP...

Page 1010: ...meter None Description Use the cdup command to go to the parent directory of the current directory Example Enter FTP client view 3Com ftp 2 2 2 2 Trying Press CTRL K to abort Connected 220 WFTPD 2 0 service by Texas Imperial Software ready for new user User none switch 331 Give me your password please Password 230 Logged in successfully ftp Change the work directory to flash temp ftp cd flash temp...

Page 1011: ...quitting FTP client view This command has the same effect as that of the disconnect command Example Enter FTP client view 3Com ftp 2 2 2 2 Trying Press CTRL K to abort Connected 220 WFTPD 2 0 service by Texas Imperial Software ready for new user User none switch 331 Give me your password please Password 230 Logged in successfully ftp Terminate the FTP connection without quitting FTP client view ft...

Page 1012: ...Example Enter FTP client view 3Com ftp 2 2 2 2 Trying Press CTRL K to abort Connected 220 WFTPD 2 0 service by Texas Imperial Software ready for new user User none switch 331 Give me your password please Password 230 Logged in successfully ftp Enable system debugging ftp debugging Debug is on 1 2 8 delete Syntax delete remotefile View FTP client view Parameter remotefile Name of the file to be del...

Page 1013: ...ssful 1 2 9 dir Syntax dir filename localfile View FTP client view Parameter filename Name of the file to be queried localfile Name of the local file where the query result is to be saved Description Use the dir command to query specified files on a remote FTP server or to display file information in the current directory The output information which includes the name size and creation time of fil...

Page 1014: ...rwx 1 noone nogroup 430585 Dec 23 2005 6 app rwxrwxrwx 1 noone nogroup 430585 Dec 21 2005 6 app bak rwxrwxrwx 1 noone nogroup 638912 Nov 15 2005 abc BTM drwxrwxrwx 1 noone nogroup 0 Dec 15 2005 TEST rwxrwxrwx 1 noone nogroup 3212176 Jul 14 2005 21 bin 226 Transfer finished successfully FTP 5346 byte s received in 6 782 second s 788 00 byte s sec Display the information about the file named 4 app a...

Page 1015: ... ready for new user User none switch 331 Give me your password please Password 230 Logged in successfully ftp Terminate the FTP connection without quitting FTP client view ftp disconnect 221 Server closing ftp 1 2 11 ftp Syntax ftp cluster remote server port number View User view Parameter ip address Host name or the IP address of an FTP server Note that the host name can be a string comprising 1 ...

Page 1016: ...successfully ftp 1 2 12 get Syntax get remotefile localfile View FTP client view Parameter remotefile Name of a file on an FTP server localfile Name of a local file Description Use the get command to download a remote file and save it as a local file If you do not specify the localfile argument the downloaded file is saved using its original name Caution z When using the get command to download fi...

Page 1017: ... c ftp get temp c 200 Port command okay 150 Opening ASCII mode data connection for temp c 226 Transfer complete FTP 2162 byte s received in 4 163 second s 519 33 byte s sec 1 2 13 lcd Syntax lcd View FTP client view Parameter None Description Use the lcd command to display the local work directory on the FTP client Example Enter FTP client view 3Com ftp 2 2 2 2 Trying Press CTRL K to abort Connect...

Page 1018: ... Use the ls command to display the name of a specified file on a remote FTP server If you do not specify the remotefile argument the names of all the files in the current remote directory are displayed Caution The ls command only displays file names while the dir command displays file information in more detail including file size creation date and so on Example Enter FTP client view 3Com ftp 2 2 ...

Page 1019: ...d in 0 011 second s 17 18Kbyte s sec 1 2 15 mkdir Syntax mkdir pathname View FTP client view Parameter Pathname Name of the directory to be created Description Use the mkdir command to create a directory on an FTP server This command is available only to the FTP clients that are assigned the permission to create directories on FTP servers Example Enter FTP client view 3Com ftp 2 2 2 2 Trying Press...

Page 1020: ...f the FTP server a string comprising 1 to 20 characters port Port number on the remote FTP server ranging from 0 to 65535 The default value is 21 Description Use the open command to establish a control connection with an FTP server Related command close Example Enter FTP client view 3Com ftp ftp Establish a control connection with the FTP server whose IP address is 1 1 1 1 ftp open 1 1 1 1 Trying ...

Page 1021: ...ndo passive command to set the data transfer mode to the active mode By default the passive mode is adopted Example Enter FTP client view 3Com ftp 2 2 2 2 Trying Press CTRL K to abort Connected 220 WFTPD 2 0 service by Texas Imperial Software ready for new user User none switch 331 Give me your password please Password 230 Logged in successfully ftp Set the data transfer mode to the passive mode f...

Page 1022: ...sing the original name Example Enter FTP client view 3Com ftp 2 2 2 2 Trying Press CTRL K to abort Connected 220 WFTPD 2 0 service by Texas Imperial Software ready for new user User none switch 331 Give me your password please Password 230 Logged in successfully ftp Upload the local file named temp c to the FTP server ftp put temp c 200 Port command okay 150 Opening ASCII mode data connection for ...

Page 1023: ...ser User none switch 331 Give me your password please Password 230 Logged in successfully ftp Display the work directory on the FTP server ftp pwd 257 flash temp is current directory 1 2 20 quit Syntax quit View FTP client view Parameter None Description Use the quit command to terminate an FTP connection and quit to user view This command has the same effect as that of the bye command Example Ent...

Page 1024: ... command View FTP client view Parameter protocol command FTP protocol command Description Use the remotehelp command to display the on line help of an FTP protocol command This command works only when the FTP server provides the on line help information about FTP protocol commands Caution z This command is always valid when a 3Com series switch operates as an FTP server z If you use other FTP serv...

Page 1025: ...1 2 22 rmdir Syntax rmdir pathname View FTP client view Parameter pathname Name of a directory on an FTP server Description Use the rmdir command to remove a directory on an FTP server Note that you can only use this command to remove directories that are empty Example Enter FTP client view 3Com ftp 2 2 2 2 Trying Press CTRL K to abort Connected 220 WFTPD 2 0 service by Texas Imperial Software rea...

Page 1026: ...he user Description Use the user command to switch to a specified user Example Enter FTP client view 3Com ftp 2 2 2 2 Trying Press CTRL K to abort Connected 220 WFTPD 2 0 service by Texas Imperial Software ready for new user User none switch 331 Give me your password please Password 230 Logged in successfully ftp Switch to the user named tom assuming that the corresponding password is 111 ftp user...

Page 1027: ...the verbose function The verbose function is enabled by default Example Enter FTP client view 3Com ftp 2 2 2 2 Trying Press CTRL K to abort Connected 220 WFTPD 2 0 service by Texas Imperial Software ready for new user User none switch 331 Give me your password please Password 230 Logged in successfully ftp Enable the verbose function ftp verbose Verbose is on 1 3 TFTP Configuration Commands 1 3 1 ...

Page 1028: ...tftp server please wait TFTP 35 bytes received in 0 second s File downloaded successfully 1 3 2 tftp put Syntax tftp tftp server put source file dest file View User view Parameter tftp server IP address or the host name of a TFTP server source file Name of the file to be uploaded to the TFTP server dest file File name which the uploaded file is to be saved as Description Use the tftp put command t...

Page 1029: ...ew Parameter acl number Basic ACL number ranging from 2000 to 2999 Description Use the tftp server acl command to specify the ACL adopted for the connection between a TFTP client and a TFTP server Use the undo tftp server acl command to cancel all the ACLs adopted Example Specify to adopt ACL 2000 on the TFTP client 3Com system view System View return to User View with Ctrl Z 3Com tftp server acl ...

Page 1030: ... center channel 1 7 1 1 7 info center console channel 1 8 1 1 8 info center enable 1 9 1 1 9 info center logbuffer 1 9 1 1 10 info center loghost 1 10 1 1 11 info center loghost source 1 12 1 1 12 info center monitor channel 1 12 1 1 13 info center snmp channel 1 13 1 1 14 info center source 1 14 1 1 15 info center timestamp 1 20 1 1 16 info center trapbuffer 1 21 1 1 17 reset logbuffer 1 22 1 1 1...

Page 1031: ...the name of channel 0 to channel 9 is in turn console monitor loghost trapbuffer logbuffer snmpagent channel6 channel7 channel8 channel9 Description Use the display channel command to display the settings of an information channel If no argument is provided the settings of all channels are displayed Example Show details about the information channel 0 3Com display channel 0 channel number 0 channe...

Page 1032: ...bout information center 3Com display info center Information Center enabled Log host Console channel number 0 channel name console Monitor channel number 1 channel name monitor SNMP Agent channel number 5 channel name snmpagent Log buffer enabled max buffer size 1024 current buffer size 256 current messages 2 channel number 4 channel name logbuffer dropped messages 0 overwritten messages 0 Trap bu...

Page 1033: ...nd number dropped messages and overwritten messages Trap buffer Information about the trap buffer including its state enabled or disabled maximum size current size current messages channel number and name dropped messages and overwritten messages Information timestamp setting Information about time stamp setting describing log information trap information and the time stamp format of the debugging...

Page 1034: ...ticed informational 7 Normal prompting information debugging 8 Debugging information size buffersize Specifies the size of the log buffer number of messages the log buffer holds you want to display The buffersize argument ranges from 1 to 1024 and defaults to 256 Filters output log information with a regular expression begin Displays the log information beginning with the specified characters excl...

Page 1035: ... character is _ the number of consecutive _ should less than 5 If the _ characters are not consecutive the output information will be filtered by the first group of _ and the remain _ characters will not be processed The left parenthesis the push onto the stack flag in programming You are recommended not to use this character to establish a regular expression Description Use the isplay logbuffer c...

Page 1036: ... recorded in logbuffer 3Com display logbuffer summary SLOT EMERG ALERT CRIT ERROR WARN NOTIF INFO DEBUG 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 1 5 display trapbuffer Syntax display trapbuffer size buffersize View Any view Parameter size buffersize Specifies the size of the trap buffer number of messages the buffer holds you want to display The buffersize argument ranges from 1 to 1024 and defaults ...

Page 1037: ...ARD STATE CHANGE TO NORMAL Trap 1 3 6 1 4 1 2011 2 23 1 12 1 11 frameIndex is 0 slotIndex 0 2 Dec 31 14 01 40 2004 3Com DEV 2 BOARD STATE CHANGE TO NORMAL Trap 1 3 6 1 4 1 2011 2 23 1 12 1 11 frameIndex is 0 slotIndex 0 Omitted 1 1 6 info center channel Syntax info center channel channel number name channel name undo info center channel channel number View System view Parameter channel number Chan...

Page 1038: ...m 0 to 9 that is system has ten channels channel name Channel name by default the name of channel 0 to channel 9 is in turn console monitor loghost trapbuffer logbuffer snmpagent channel6 channel7 channel8 channel9 Description Use the info center console channel command to configure the channel through which the log information is output to the console Use the undo info center console channel comm...

Page 1039: ...ns only when the information center function is enabled By default the information center function is enabled Related command display info center info center loghost info center logbuffer info center console channel info center monitor channel info center trapbuffer info center snmp channel Example Enable the information center function 3Com system view System View return to User View with Ctrl Z ...

Page 1040: ...cified characters regular expression Regular expression For special characters used in the regular expression refer to Table 1 3 Description Use the info center logbuffer command to configure information output to the log buffer Use the undo info center logbuffer command to cancel the configuration By default the system outputs information to the log buffer which can hold 512 records This command ...

Page 1041: ...gging language chinese english Switches language used in log file between Chinese and English Description Use the info center loghost command to enable information output to loghost by setting the IP address of the loghost Use the undo info center loghost command to cancel the configuration By default the system does not output information to loghost This command works only when the information ce...

Page 1042: ...formation is sent to the loghost Use the undo info center loghost source command to cancel the source interface configuration Related command info center enable and display info center Example Specify source address of the packets sent to loghost as the address of the VLAN 1 interface 3Com system view System View return to User View with Ctrl Z 3Com info center loghost source Vlan interface 1 1 1 ...

Page 1043: ...bled Related command info center enable and display info center Example Configure channel 0 to output log information to user terminal 3Com system view System View return to User View with Ctrl Z 3Com info center monitor channel 0 1 1 13 info center snmp channel Syntax info center snmp channel channel number channel name undo info center snmp channel View System view Parameter channel number Chann...

Page 1044: ...channel number channel name debug level severity state state log level severity state state trap level severity state state undo info center source module name default channel channel number channel name View System view Parameter modu name Module name Refer to Table 1 4 for the detail Table 1 4 Modules generating the information Module name Description 8021X 802 1x module ACCOUNT L3 real time acc...

Page 1045: ...odule DNS Domain name system module ENTEXMIB Entity extended MIB module ENTITY ENTITY module ESIS End system to intermediate system routing protocol module ETH Ethernet module FIB Forwarding information base module FTPS FTP server module HA High availability module HTTPD HTTP server module IFNET Interface management module IGSP IGMP snooping module IP Internet protocol module IPX IPX protocol modu...

Page 1046: ...rotocol module NAT Network address translation module NDP Neighbor discovery protocol module NETSTREA Traffic statistic module NTDP Network topology discovery protocol module NTP Network time protocol module OSPF Open shortest path first module RDS Radius module RM Routing management module RMON Remote monitor module RMX IPX routing module RSA Revest Shamir and Adleman encryption module RTA L3 plu...

Page 1047: ...les channel number Number of information channel to be used channel name Channel name by default the name of channel 0 to channel 9 is in turn console monitor loghost trapbuffer logbuffer snmpagent channel6 channel7 channel8 channel9 log Specifies to output log information trap Specifies to output trap information debug Specifies to output debugging information level Specifies an information sever...

Page 1048: ...ging debugging Log host informational debugging debugging Trapbuffer informational warning debugging Logbuffer warning debugging debugging SNMPagent debugging warning debugging Channel6 debugging debugging debugging Channel7 debugging debugging debugging Channel8 debugging debugging debugging Channel9 debugging debugging debugging The default information state of each channel is shown in the follo...

Page 1049: ...ou can configure to output information with severity higher than warning to the log host and information with severity higher than informational to the log buffer You can also configure to output trap information to the log host at the same time The info center source command determines the output direction according to channel name or channel number Each output direction is assigned with a defaul...

Page 1050: ...g information trap Specifies trap information debugging Specifies debugging information boot Specifies to adopt the time elapsed since system boot which is in the format of xxxxxx yyyyyy where xxxxxx is the high 32 bits and yyyyyy the low 32 bits of the elapsed milliseconds date Specifies to adopt the current system date and time which is in format yyyy mm dd hh mm ss ms for Chinese environment an...

Page 1051: ...t to the trap buffer channel number Channel number ranging from 0 to 9 that is the system has ten channels channel name Channel name By default the name of channel 0 to channel 9 is in turn console monitor loghost trapbuffer logbuffer snmpagent channel6 channel7 channel8 channel9 Description Use the info center trapbuffer command to enable information output to the trap buffer Use the undo info ce...

Page 1052: ... logbuffer command to reset information in log buffer Example Clear information in log buffer 3Com reset logbuffer 1 1 18 reset trapbuffer Syntax reset trapbuffer View User view Parameter none Description Use the reset trapbuffer command to reset information in trap buffer Example Clear information in trap buffer 3Com reset trapbuffer 1 1 19 terminal debugging Syntax terminal debugging undo termin...

Page 1053: ...d Related command debugging commands in the System Maintaining and Debugging part of the manual Example Enable the terminal display debugging 3Com terminal debugging Current terminal debugging is on 1 1 20 terminal logging Syntax terminal logging undo terminal logging View User view Parameter none Description Use the terminal logging command to enable terminal log information display Use the undo ...

Page 1054: ...where the commands are input The debugging log trap information can be output to the current terminal beginning in user view When the terminal monitor is shut down no debugging log trap information will be displayed in local terminal which is equals to having performed undo terminal debugging undo terminal logging undo terminal trapping commands When the terminal monitor is enabled you can use ter...

Page 1055: ...ew User view Parameter None Description Use the terminal trapping command to enable terminal trap information display Use the undo terminal trapping command to disable this function By default this function is enabled Example Enable trap information display 3Com terminal trapping Current terminal trapping is on ...

Page 1056: ... DNS Configuration Commands 1 1 1 1 DNS Configuration Commands 1 1 1 1 1 display dns domain 1 1 1 1 2 display dns dynamic host 1 1 1 1 3 display dns server 1 2 1 1 4 display ip host 1 3 1 1 5 dns domain 1 4 1 1 6 dns resolve 1 5 1 1 7 dns server 1 6 1 1 8 ip host 1 6 1 1 9 reset dns dynamic host 1 7 ...

Page 1057: ...r None Description Use the display dns domain command to display the information in the DNS suffix list Related command dns domain Example Display the information in the DNS suffix list 3Com display dns domain No Domain name 0 aaa com Table 1 1 Description on the fields of the display dns domain command Field Description No Sequence number Domain name Domain name suffix 1 1 2 display dns dynamic h...

Page 1058: ...t sends a query to the DNS Server Example Display the information in the dynamic DNS cache 3Com display dns dynamic host No Domain name IpAddress TTL Alias 0 www baidu com 202 108 249 134 63000 1 www yahoo akadns net 66 94 230 39 24 2 www hotmail com 207 68 172 239 3585 3 www eyou com 61 136 62 70 3591 Table 1 2 Description on the field of the display dns dynamic host command Field Description No ...

Page 1059: ...ress 0 169 254 65 125 1 169 254 66 15 Table 1 3 Description on the fields of the display dns server command Field Description Domain server Sequence number of the DNS server The system automatically numbers the configured DNS servers starting from 0 IpAddress IP address of the DNS server 1 1 4 display ip host Syntax display ip host View Any view Parameter None Description Use the display ip host c...

Page 1060: ...atic entries Address IP address of the host 1 1 5 dns domain Syntax dns domain domain name undo dns domain domain name View System view Parameter domain name DNS suffix a string of 1 to 60 characters including alphanumeric characters hyphens underscores _ and dots Description Use the dns domain command to configure a DNS suffix Use the undo dns domain command to delete one or all DNS suffixes No D...

Page 1061: ...00 Server may be unable to resolve the _ Example Configure com as a DNS suffix 3Com system view System View return to User View with Ctrl Z 3Com dns domain com 1 1 6 dns resolve Syntax dns resolve undo dns resolve View System view Parameter None Description Use the dns resolve command to enable dynamic DNS resolution Use the undo dns resolve command to disable dynamic DNS resolution Dynamic DNS re...

Page 1062: ...r IP address No DNS server IP address is configured by default You can configure up to 6 DNS servers Related command display dns server Example Configure a DNS server with the IP address 172 16 1 1 3Com system view System View return to User View with Ctrl Z 3Com dns server 172 16 1 1 1 1 8 ip host Syntax ip host hostname ip address undo ip host hostname ip address View System view Parameter Hostn...

Page 1063: ... add multiple hostname to address mapping entries with the same hostname only the last one will be valid Related command display ip host Example Configure a mapping entry from the host named aaa to the IP address 10 110 0 1 3Com system view System View return to User View with Ctrl Z 3Com ip host aaa 10 110 0 1 1 1 9 reset dns dynamic host Syntax reset dns dynamic host View User view Parameter Non...

Page 1064: ...y users 1 8 1 2 4 display version 1 9 1 3 System Debugging Commands 1 11 1 3 1 debugging 1 11 1 3 2 display diagnostic information 1 12 1 3 3 terminal debugging 1 13 Chapter 2 Network Connectivity Test Commands 2 1 2 1 Network Connectivity Test Commands 2 1 2 1 1 ping 2 1 2 1 2 tracert 2 3 Chapter 3 Device Management Commands 3 1 3 1 Device Management Commands 3 1 3 1 1 boot boot loader 3 1 3 1 2 ...

Page 1065: ... 10 3 1 15 pause protection 3 11 3 1 16 qe monitor 3 11 3 1 17 qe monitor errpkt 3 12 3 1 18 qe monitor errpkt check time 3 13 3 1 19 qe monitor overflow threshold 3 14 3 1 20 rdram 3 14 3 1 21 reboot 3 15 3 1 22 schedule reboot at 3 15 3 1 23 schedule reboot delay 3 17 3 1 24 set backboard enhance 3 18 3 1 25 temperature limit 3 19 3 1 26 uplink monitor 3 19 ...

Page 1066: ...ear ranging from 2000 to 2099 MM is the month ranging from 1 to 12 and DD is the day the range of which is related with the month Description Use the clock datetime command to set the current date and time of the Ethernet switch In an environment that needs to obtain exact absolute time it is required to use this command to set the current date and time of the Ethernet switch Related command displ...

Page 1067: ... February March April May June July August September October November and December start week Start week the value of which is first second third fourth fifth and last start day Start day the value of which is Sunday Monday Tuesday Wednesday Thursday Friday Sunday end year End year which should be the same year as the start year ranges from 2000 to 2099 end month End month the value of which is Ja...

Page 1068: ... zone name add minus HH MM SS undo clock timezone View User view Parameter zone name Name of the time zone in length of 1 to 32 characters add Sets the time zone to a time before the UTC time minus Sets the time zone to a time behind the UTC time HH MM SS Time to be subtracted from the UTC time in the form of HH MM SS Description Use the clock timezone command to set the local time zone Use the un...

Page 1069: ... modes that is language environments of the command line interface CLI to meet your requirement By default the CLI language mode is english Example Toggle from the english mode to the chinese mode 3Com language mode chinese 1 1 5 quit Syntax quit View Any view Parameter None Description Use the quit command to return from current view to lower level view or exit the system if current view is user ...

Page 1070: ... Syntax return View System view and higher level views Parameter None Description Use the return command to return from current view to user view The composite key Ctrl Z has the same effect with the return command Related command quit Example Return from interface view to user view 3Com system view System View return to User View with Ctrl Z 3Com interface Ethernet 1 0 1 3Com Ethernet1 0 1 return...

Page 1071: ...e if the system name of the switch is 3Com the prompt for user view is 3Com Use the undo sysname command to restore the default system view of the Ethernet switch Example Set the system name of the Ethernet switch to 3ComLANSwitch 3Com system view System View return to User View with Ctrl Z 3Com sysname 3ComLANSwitch 3ComLANSwitch 1 1 8 system view Syntax system view View User view Parameter None ...

Page 1072: ...displayed by this command is 23 59 59 9999 12 31 Related command clock datetime Example Display the current date and time of the system 3Com display clock 18 36 31 beijing Sat 2002 02 02 Time Zone beijing add 01 00 00 Summer Time bj one off 01 00 00 2003 01 01 01 00 00 2003 08 08 01 00 00 Table 1 1 Description on the fields of the display clock command Field Description 18 36 31 beijing Sat 2002 0...

Page 1073: ... you want to view the current enabled debugging you can execute the display debugging command Executing this command without any parameter will display all enabled debugging Related command debugging Example Display all enabled debugging 3Com display debugging IP packet debugging is on The above information indicates that the IP packets debugging is enabled 1 2 3 display users Syntax display users...

Page 1074: ...tion on the output user terminal interface information Item Description UI User interface Delay Delay time when no interaction occurs between user and device Type User login type Ipaddress IP address used when login using telnet program Username User name 1 2 4 display version Syntax display version View Any view Parameter None Description Use the display version command to display the information...

Page 1075: ...s All rights reserved Switch 7750 uptime is 0 week 6 days 22 hours 45 minutes FAB96 0 uptime is 0 weeks 6 days 22 hours 45 minutes Switch 7750 with 1 MPC8245 Processor 256M bytes SDRAM 32768K bytes Flash Memory 512K bytes NVRAM Memory PCB Version VER B BootROM Version 525 CPLD Version 003 Second CPLD Ver 005 MOD 1 uptime is 0 weeks 6 days 22 hours 41 minutes Switch 7750 MOD with 1 MPC8241 Processo...

Page 1076: ...tion Debugging option Description Use the debugging command to enable system debugging Use the undo debugging command to disable system debugging By default all debugging is disabled for the system Ethernet switches provide various debugging functions for technical support specialists and senior maintenance personnel to do network fault diagnostics Enabling debugging will generate a great deal of ...

Page 1077: ...ion information MEMORY Memory information QUEUE Queue management information RXTX Packet transmission information STP STP information SYSTEM System status information Description Use the display diagnostic information command to display operation information about all or specified functional modules When the system goes wrong you need to collect much information to locate the fault However each mo...

Page 1078: ...it to file Y N y Please input the file name txt flash diaginfo txt This operation may take a few minutes continue Y N y Writing diagnostic information to flash diaginfo txt now 3Com 1 3 3 terminal debugging Syntax terminal debugging undo terminal debugging View User view Parameter None Description Use the terminal debugging command to enable terminal display for debugging information Use the undo ...

Page 1079: ...of fragmenting it if its length is greater than the MTU maximum transmission unit of the interface h ttl Sets the TTL time to live value of the echo request packets in the range of 1 to 255 By default the TTL value is 255 i Selects the specified interface to send the ICMP packets interface type Interface type interface number Inferface number n Specifies to regard the host argument as an IP addres...

Page 1080: ...ress NSAP address of the destination host Description Use the ping command to check the connectivity of IP network or IPX network and the reachability of a host The process of executing of the ping command in the IP network First the source host sends an ICMP ECHO REQUEST packet to the destination host If the connection to the destination network is normal the destination host receives this packet...

Page 1081: ... source IP address used by this command f first TTL Sets the initial TTL of the packets to be sent so that this command displays the addresses of only those gateways on the path whose hop counts are not smaller than the hop count specified by the first TTL argument For example if the first TTL argument is three the command displays the addresses of the gateways from the third hop The first TTL arg...

Page 1082: ... of the destination host Description Use the tracert command to trace the gateways the test packets passes through during its journey from the source to the destination This command is mainly used to check the network connectivity It can help you locate the trouble spot of the network The executing procedure of the tracert command is as follows First the source sends a packet with the TTL of 1 and...

Page 1083: ... 19 ms 19 ms 4 ccngw ner cc Berkeley EDU 128 32 136 23 19 ms 39 ms 39 ms 5 ccn nerif22 Berkeley EDU 128 32 168 22 20 ms 39 ms 39 ms 6 128 32 197 4 128 32 197 4 59 ms 119 ms 39 ms 7 131 119 2 5 131 119 2 5 59 ms 59 ms 39 ms 8 129 140 70 13 129 140 70 13 80 ms 79 ms 99 ms 9 129 140 71 6 129 140 71 6 139 ms 139 ms 159 ms 10 129 140 81 7 129 140 81 7 199 ms 180 ms 300 ms 11 129 140 72 17 129 140 72 17...

Page 1084: ...opted when the switch reboots next time You can use this command to specify a primary and backup boot application for a switch The boot process is as following z Normally primary boot application is adopted for boot z When the primary boot application goes wrong the switch automatically uses the backup boot application to startup z If the switch can not boot through primary and backup boot applica...

Page 1085: ...t you can specify up to N slot numbers or slot number ranges Description Use the boot bootrom command to update the BootROM Example Update the BootROM of the card in slot 1 of the switch using the file named S7750 btm 3Com boot bootrom S7750 btm slot 1 3 1 3 boot bootrom default Syntax boot bootrom default slot slot list View User view Parameter slot list Slot number list provided in the format of...

Page 1086: ...lidity check function when upgrading BootROM Use the undo bootrom update security check enable command to disable the validity check function when upgrading BootROM By default validity check function is enabled during BootROM upgrade The Switch 7750 series features manydifferent available cards Each card has its own BootROM application Upgrading to the wrong BootROM can seriously affect the operat...

Page 1087: ... app to boot of board 0 at this time is flash ccc app Table 3 1 Description on the fields of the display boot loader command Field Description The primary app to boot of board 0 at the next time Primary boot file used by the device for reboot next time The backup app to boot of board 0 at the next time Backup boot file used by the device for reboot next time The app to boot of board 0 at this time...

Page 1088: ...ds is 18 The CPU usage in the last one minute is 19 The CPU usage in the last five minutes is 19 3 1 7 display device Syntax display device detail shelf shelf no frame frame no slot slot number View Any view Parameter detail Detail information about the specified switch shelf no Shelf number of a switch frame no Frame number of a switch slot number Slot number of a switch Description Use the displ...

Page 1089: ...Absent None 3 3C16860 Normal 0 S7750R 3128 4 NONE Absent Absent None 5 3C16863A Normal 0 S7750R 3128 6 NONE Absent Absent None 7 NONE Absent Absent None 3 1 8 display environment Syntax display environment View Any view Parameter none Description Use the display environment command to display the environment information Example Display the environment information 3Com display environment System te...

Page 1090: ...e working state of the fans 3Com display fan Fan 1 State Normal The above information indicates that fan works normally 3 1 10 display memory Syntax display memory slot slot number limit View Any view Parameter slot slot number Specifies a slot number the usage state of the memory on the slot will be displayed limit Displays the memory configuration information of the device Description Use the di...

Page 1091: ...ytes Used Rate Percentage of the used memory Display the current configuration information of the switch 3Com display memory limit Current memory limit configuration information system memory safety 40 MBytes system memory limit 30 MBytes auto establish enabled Free Memory 108120672 Bytes The state information about connection The times of disconnect 0 The times of reconnect 0 The current state No...

Page 1092: ...lay schedule reboot Syntax display schedule reboot View Any view Parameter None Description Use the display schedule reboot command to display information about scheduled reboot Related command reboot schedule reboot at Example Display the information about scheduled reboot 3Com display schedule reboot System will reboot at 16 00 00 2004 11 1 in 2 hours and 5 minutes 3 1 13 display uplink monitor ...

Page 1093: ...5 04 29 16 15 04 The above information shows there are 135 Layer 3 connectivity errors between the local device and the remote device whose IP address is 192 168 0 35 3 1 14 loadsharing enable Syntax loadsharing enable undo loadsharing enable View System view Parameter None Description Use the loadsharing enable command to enable system load sharing Use the undo loadsharing enable command to disab...

Page 1094: ...protection command to enable disable pause frame protection mechanism Pause frame protection mechanism is disabled by default Pause frames which can be utilized as packets to attack a network are used in traffic controlling A switch that has pause frame protection mechanism enabled discards the detected pause frames that are utilized to attack the network it resides and logs these attacks in the l...

Page 1095: ...is that the queue is full and the traffic of the corresponding interface is less than the specified threshold Refer to the qe monitor overflow threshold command for information about how to set a threshold Example Enable queue traffic monitoring 3Com system view System View return to User View with Ctrl Z 3Com qe monitor enable 3 1 17 qe monitor errpkt Syntax qe monitor errpkt all none runt View E...

Page 1096: ...ew return to User View with Ctrl Z 3Com interface Ethernet 4 0 1 3Com Ethernet4 0 1 qe monitor errpkt runt 3 1 18 qe monitor errpkt check time Syntax qe monitor errpkt check time interval View System view Parameter interval Specifies the interval for detecting error packets The interval argument ranges from 1 to 3600 in seconds and defaults to 5 Description Use the qe monitor errpkt check time com...

Page 1097: ... With queue traffic monitoring enabled the switch monitors the queue traffic and relieves blocks in the output queue of its interfaces The criterion used to distinguish a block is that the queue is full and the traffic of the corresponding interface is less than the specified threshold Example Set the overall traffic threshold used in queue traffic monitoring to 90 Mbps 3Com system view System Vie...

Page 1098: ...ram disable 3 1 21 reboot Syntax reboot slot slot number View User view Parameter slot slot number Specifies the slot number Description Use the reboot command to restart the whole system or the specified card Example Restart the switch 3Com reboot System is checking configuration now Please wait This command will reboot the system The current configuration has not been saved and will be lost if y...

Page 1099: ...itch will reboot at the specified time with at most one minute delay After you execute the schedule reboot at command without specifying a date the switch will z Reboot at the specified time on the current day if the specified time is later than the current time z Reboot at the specified time on the next day if the specified time is earlier than the current time Note that the specified date can no...

Page 1100: ...e switch and set the reboot waiting delay Use the undo schedule reboot command to cancel the scheduled reboot By default no scheduled reboot is set on the switch Note There is at most one minute defer for scheduled reboot that is the switch will reboot within one minute after waiting for the specified delay You can set the reboot waiting delay in two formats the hours minutes format and the absolu...

Page 1101: ...rameters at 16 26 34 2005 04 06 And system will reboot at 17 54 2005 04 06 2005 3 1 24 set backboard enhance Syntax set backboard enhance undo set backboard enhance View System view Parameter None Description Use the set backboard enhance command to specify the clock of inter card HG tunnels to work in the enhanced mode at the frequency of 187 MHz Use the undo set backboard enhance command to spec...

Page 1102: ... Physical card slot number down value Lower temperature limit ranging from 0 to 70 in centigrade up value Upper temperature limit in centigrade ranging from 20 to 90 and must be greater than the down value Description Use the temperature limit command to configure temperature alarm threshold Use the undo temperature limit command to restore temperature alarm threshold to the default Example Set th...

Page 1103: ...hat is the IP address of the interface on the remote device that connects with the local device Use the undo uplink monitor ip to disable the Layer 3 connectivity detection function By default Layer 3 connectivity detection function is disabled on all ports Note This function requires no Layer 3 device existing between the local peer and the remote peer Example Enable Layer 3 connectivity detectio...

Page 1104: ...e of Contents Chapter 1 Remote Ping Commands 1 1 1 1 Remote Ping Commands 1 1 1 1 1 count 1 1 1 1 2 destination ip 1 1 1 1 3 display remote ping 1 2 1 1 4 frequency 1 5 1 1 5 remote ping 1 6 1 1 6 remote ping agent enable 1 7 1 1 7 test enable 1 7 1 1 8 test type 1 8 1 1 9 timeout 1 9 ...

Page 1105: ...the default A test timer is started when the system sends the first test packet In the event that the times argument is set greater than one the system continues to send the second one upon receipt of the reply to the first one If receiving no reply upon expiry of the timer the system sends the second and all the remaining packets likewise Related command frequency Example Set that the administrat...

Page 1106: ... view System View return to User View with Ctrl Z 3Com remote ping administrator icmp 3Com remote ping administrator icmp destination ip 1 1 1 99 1 1 3 display remote ping Syntax display remote ping result history administrator name operation tag View Any view Parameter result Displays the test result history Displays the test history administrator name Name of the administrator creating the test ...

Page 1107: ...eout number 0 System busy operation number 0 Connection fail number 0 Operation sequence errors 0 Drop operation number 0 Other operation errors 0 Table 1 1 Description on the fields of the display remote ping result command Field Description Destination ip address Destination IP address Send operation times Number of times the operation is sent Receive response times Number of times of the succes...

Page 1108: ...emote ping history command to display test results 3Com display remote ping history administrator icmp Remote Ping entry admin administrator tag icmp history record Index Response Status LastRC Time 1 1 1 0 2004 11 25 16 28 55 0 2 1 1 0 2004 11 25 16 28 55 0 3 1 1 0 2004 11 25 16 28 55 0 4 1 1 0 2004 11 25 16 28 55 0 5 1 1 0 2004 11 25 16 28 55 0 6 2 1 0 2004 11 25 16 28 55 0 7 1 1 0 2004 11 25 16...

Page 1109: ...ddress 7 interfaceInactiveToTarget It means the interface of destination address is not activated 8 arpFailure It means ARP operation fails 9 maxConcurrentLimitReached It means the maximum limit of concurrent accesses is reached 10 unableToResolveDnsName It means it is unable to resolve the DNS field 11 invalidHostAddress It means the invalid host address LastRC Receive the last response code base...

Page 1110: ...econds 3Com system view System View return to User View with Ctrl Z 3Com remote ping administrator icmp 3Com remote ping administrator icmp frequency 10 1 1 5 remote ping Syntax remote ping administrator name operation tag undo remote ping administrator name operation tag View System view Parameter administrator name Name of the administrator creating an Remote Ping test group a string of 1 to 32 ...

Page 1111: ...Description Use the remote ping agent enable command to enable the Remote Ping client function Use the undo remote ping agent enable command to disable the Remote Ping client function Before you can perform a test you must enable the Remote Ping client function By default Remote Ping client function is enabled Example Enable Remote Ping Client 3Com system view System View return to User View with ...

Page 1112: ... display remote ping Example Execute the Remote Ping test defined by the test group administrator icmp 3Com system view System View return to User View with Ctrl Z 3Com remote ping administrator icmp 3Com remote ping administrator icmp test enable 1 1 8 test type Syntax test type type View Remote Ping test group view Parameter type Test type Description Use the test type command to configure the t...

Page 1113: ...er time Timeout time It is in the range of 1 to 60 seconds and defaults to 3 seconds Description Use the timeout command to configure a timeout time for a test Use the undo timeout command to restore the default Example Set the timeout time of the administrator icmp test group to 10 seconds 3Com system view System View return to User View with Ctrl Z 3Com remote ping administrator icmp 3Com remote...

Page 1114: ...OM Upgrade with App File 1 1 1 1 1 boot bootrom default 1 1 1 1 2 boot bootrom file url 1 1 1 1 3 boot boot loader primary 1 2 1 2 Inter Card Link State Adjustment Configuration Commands 1 2 1 2 1 set inlink 1 2 1 3 Internal Channel Monitor Commands 1 3 1 3 1 monitor inner channel 1 3 1 3 2 monitor inner channel 1 4 1 4 Switch Chip Auto reset Configuration Commands 1 5 1 4 1 monitor slot 1 5 ...

Page 1115: ...rameters up to N times N is the number of slots Description Use the boot bootrom default command to use the current startup file to upgrade the Boot ROMs Example Use the current startup file to upgrade the Boot ROMs of all normal LPU boards in position 3Com boot bootrom default 1 1 2 boot bootrom file url Syntax boot bootrom file url slot slot number list View User view Parameter file url Specifie...

Page 1116: ...er primary Syntax boot boot loader primary file url View User view Parameter file url Specifies the Boot ROM file path and file name in the Flash memory Description Use the boot boot loader primary command to specify the primary startup file at next booting and use it to upgrade the Boot ROMs Example Specify the App file abcd app as the primary startup file for next booting and use it to upgrade t...

Page 1117: ...1 monitor inner channel Syntax monitor inner channel reboot lpu reboot switch undo monitor inner channel reboot lpu reboot switch View System view Parameter reboot lpu Restarts a service card reboot switch Restarts a switch Description Use the monitor inner channel command to enable the function of monitoring internal channels Use the undo monitor inner channel command to disable the function of m...

Page 1118: ...tem View return to User View with Ctrl Z 3Com monitor inner channel 1 3 2 monitor inner channel Syntax monitor inner channel upper limit upper timers undo monitor inner channel View System view Parameter upper times Specifies the upper limit Description Use the monitor inner channel upper limit command to set the maximum number of times of monitoring internal channels Use the undo monitor inner ch...

Page 1119: ... range depends on the products Description Use the monitor slot enable command to enable switch chip auto reset Use the monitor slot disable command to disable switch chip auto reset By default switch chips cannot be reset automatically when the internal channel handshake fails In actual application a switch may fail to process services normally due to internal channel block or because the switch ...

Page 1120: ...750 Series Command Reference Guide Hardware Commands Chapter 1 Hardware Configuration Comm ands 1 6 3Com system view System View return to User View with Ctrl Z 3Com monitor inner channel 3Com monitor slot 2 enable ...

Page 1121: ...iguration Commands 1 1 1 1 display password control 1 1 1 2 display password control blacklist 2 1 1 3 display password control super 3 1 1 4 password 3 1 1 5 password control 4 1 1 6 password control enable 6 1 1 7 password control super 8 1 1 8 reset password control history record 9 1 1 9 reset password control history record super 9 1 1 10 reset password control blacklist 10 ...

Page 1122: ...formation about the global password control for all users Example Display the information about the current password control for all users 3Com display password control Global password settings for all users Password Aging Enabled 90 days Password Length Enabled 10 Characters Password History Enabled Max history record num 6 Password alert before expire 7 days Password Authentication timeout 60 se...

Page 1123: ... 38 days ago Time when the history password record was last cleared 1 1 2 display password control blacklist Syntax display password control blacklist username username ipaddress ip address View Any view Parameter username Name of the user who has been added to the blacklist ip address IP address of the user who has been added to the blacklist Description Use the display password control blacklist...

Page 1124: ...passwords including the password aging time and the minimum password length Example Display the information about the password control for super passwords 3Com display password control super Super s password settings Password Aging Enabled 90 days Password min Length Enabled 10 Characters 1 1 4 password Syntax password View Local user view Parameter None Description Use the password command to con...

Page 1125: ...k locktime time password control history max record num password control alert before expire alert time password control authentication timeout authentication timeout undo password control aging length login attempt exceed history alert before expire authentication timeout View System view Parameter aging time Password aging time It ranges from 1 day to 365 days and defaults to 90 days length Mini...

Page 1126: ...to the switch again and again without any inhibition Description Use the password control aging aging time command to configure the aging time for system login passwords Use the password control length length command to configure the minimum password length for the system login passwords Use the password control login attempt login times command to configure the number of password attempts allowed...

Page 1127: ...ser password authentication to 100 seconds 3Com password control authentication timeout 100 Configure the maximum number of password attempts to five and configure the system to allow the attempt failure user to re log into the device 360 minutes after the failure 3Com password control login attempt 5 exceed locktime 360 1 1 6 password control enable Syntax password control aging length history en...

Page 1128: ...tected and become invisible If you want to modify the saved configuration file you need to use the save command To disable the password control feature globally however you need to use the undo password control aging enable undo password control length enable and undo password control history enable commands all All user passwords are cleared to avoid possible password cracking Related command pas...

Page 1129: ...er aging aging time length min length undo password control super aging length View System view Parameter aging time Aging time for super passwords It ranges from 1 day to 365 days and defaults to 90 days min length Minimum length for super passwords It ranges from 4 to 16 characters and defaults to 10 characters Description Use the password control super command to configure the parameters relate...

Page 1130: ...story password record of a specific user Example Delete the history password records of all users 3Com reset password control history record Are you sure to delete all the history record Y N If you input Y the system deletes all the history password records of all users and gives the following prompt All historical passwords have been cleared for all users Delete the history password records of th...

Page 1131: ...ory records of the super password for the users at level 2 3Com reset password control history record super level 2 Are you sure to clear the specified level super password history records Y N If you input Y the system deletes the history records of the super password for the users at level 2 1 1 10 reset password control blacklist Syntax reset password control blacklist username username View Use...

Page 1132: ...68 30 24 test2 192 168 30 23 Delete the user test from the blacklist 3Com reset password control blacklist user name test Are you sure to delete the blacklist users Y N y All the blacklist users have been cleared Check the current user information in the blacklist as you can see the user test has been deleted 3Com display password control blacklist USERNAME IP tes 192 168 30 24 test2 192 168 30 23...

Page 1133: ...ode traffic Traffic Accounting Command 1 2 accounting on enable AAA RADIUS HWTA CACS EAD Command 1 23 acl Login Command 2 1 acl ACL Command 1 1 acl mode ACL Command 1 2 acl order ACL Command 1 3 active region configuration MSTP Command 1 1 add member Cluster Command 1 14 address check DHCP Command 2 1 address check dhcp relay DHCP Command 2 1 address check no matched DHCP Command 2 2 administrator...

Page 1134: ...RP Command 1 2 arp max entry ARP Command 1 1 arp proxy enable ARP Command 1 3 arp proxy source vlan enable ARP Command 1 3 arp source suppression limit ARP Command 1 4 arp static ARP Command 1 5 arp timer aging ARP Command 1 6 asbr summary Routing Protocol Command 3 3 ascii FTP and TFTP Command 1 4 attack protection Telent Protection Command 1 3 attack protection disable defaultroute Telent Protec...

Page 1135: ... 2 boot bootrom default System Maintenance and Debugging Command 3 2 boot bootrom default Hardware dependent Software Configuration Command 1 1 boot bootrom file url Hardware dependent Software Configuration Command 1 1 bootrom update security check enable System Maintenance and Debugging Command 3 3 bridgemactocpu MAC Address Table Command 1 1 broadcast suppression VLAN Command 1 1 broadcast supp...

Page 1136: ...bugging Command 1 1 clock summer time System Maintenance and Debugging Command 1 1 clock timezone System Maintenance and Debugging Command 1 3 close FTP and TFTP Command 1 8 cluster Cluster Command 1 18 cluster enable Cluster Command 1 19 cluster switch to Cluster Command 1 20 command privilege level CLI Command 1 1 compare different as med Routing Protocol Command 5 4 confederation id Routing Pro...

Page 1137: ...S EAD Command 1 54 debugging FTP and TFTP Command 1 8 debugging System Maintenance and Debugging Command 1 11 debugging udp helper UDP Helper Command 1 1 debugging vrrp VRRP HA Command 1 1 default cost Routing Protocol Command 2 2 default cost Routing Protocol Command 3 5 default interval Routing Protocol Command 3 5 default limit Routing Protocol Command 3 6 default local preference Routing Proto...

Page 1138: ...ay information enable DHCP Command 2 3 dhcp relay information strategy DHCP Command 2 4 dhcp select global DHCP Command 1 1 dhcp select interface DHCP Command 1 2 dhcp server detect DHCP Command 1 3 dhcp server dns list DHCP Command 1 4 dhcp server domain name DHCP Command 1 5 dhcp server expired DHCP Command 1 6 dhcp server forbidden ip DHCP Command 1 7 dhcp server ip pool DHCP Command 1 8 dhcp s...

Page 1139: ...try ACL Command 1 6 display acl running packet filter ACL Command 1 8 display am user bind Port Binding Command 1 3 display arp ARP Command 1 7 display arp ARP Command 1 8 display arp entry limit ARP Command 1 9 display arp interface ARP Command 1 10 display arp proxy ARP Command 1 11 display arp slot ARP Command 1 11 display arp source suppression ARP Command 1 12 display arp timer aging ARP Comm...

Page 1140: ...ting Protocol Command 5 24 display bgp routing table statistic Routing Protocol Command 5 25 display boot loader System Maintenance and Debugging Command 3 3 display brief interface Port Basic Configuration Command 1 5 display channel Infomation Center Command 1 1 display clock System Maintenance and Debugging Command 1 7 display cluster Cluster Command 1 21 display cluster candidates Cluster Comm...

Page 1141: ... DHCP Command 3 4 display diagnostic information System Maintenance and Debugging Command 1 12 display dldp DLDP Command 1 1 display dns domain DNS Command 1 1 display dns dynamic host DNS Command 1 1 display dns server DNS Command 1 2 display domain AAA RADIUS HWTA CACS EAD Command 1 5 display dot1x 802 1x Command 1 1 display environment System Maintenance and Debugging Command 3 6 display fan Sy...

Page 1142: ...mand 1 1 display interface Port Basic Configuration Command 1 7 display interface Vlan interface VLAN Command 1 3 display ip host DNS Command 1 3 display ip interface IP Address IP Performance IPX Command 1 1 display ip ip prefix Routing Protocol Command 6 8 display ip routing table Routing Protocol Command 1 1 display ip routing table acl Routing Protocol Command 1 2 display ip routing table ip a...

Page 1143: ...e Routing Protocol Command 4 5 display isis lsdb Routing Protocol Command 4 6 display isis mesh group Routing Protocol Command 4 6 display isis peer Routing Protocol Command 4 7 display isis route Routing Protocol Command 4 8 display isis spf log Routing Protocol Command 4 9 display isolate port Port Isolation Command 1 1 display isolate user vlan Extended VLAN Application Command 2 1 display lacp...

Page 1144: ...g Command 1 1 display mpm forwarding table Multicast Command 2 1 display mpm group Multicast Command 2 3 display multicast forwarding table Multicast Command 2 5 display multicast routing table Multicast Command 2 6 display multicast source deny Multicast Command 2 8 display multicast vlan Multicast Command 1 4 display ndp Cluster Command 1 1 display ntdp Cluster Command 1 6 display ntdp device li...

Page 1145: ...ast Command 5 7 display pim routing table Multicast Command 5 8 display pim rp info Multicast Command 5 9 display poe interface PoE Command 1 1 display poe interface power PoE Command 1 3 display poe powersupply PoE Command 1 5 display poe pse PoE Command 1 6 display poe power ac input state PoE Command 2 1 display poe power alarm PoE Command 2 2 display poe power dc output state PoE Command 2 3 d...

Page 1146: ...lanid QoS Command 1 9 display qos interface traffic statistic QoS Command 1 10 display radius AAA RADIUS HWTA CACS EAD Command 1 27 display radius statistics AAA RADIUS HWTA CACS EAD Command 1 29 display rip Routing Protocol Command 2 2 display rip routing Routing Protocol Command 2 3 display rmon alarm SNMP RMON Command 2 1 display rmon event SNMP RMON Command 2 2 display rmon eventlog SNMP RMON ...

Page 1147: ...er information SSH Terminal Service Command 1 5 display startup Configuration File Management Command 1 9 display stop accounting buffer AAA RADIUS HWTA CACS EAD Command 1 30 display stop accounting buffer AAA RADIUS HWTA CACS EAD Command 1 56 display stp MSTP Command 1 3 display stp region configuration MSTP Command 1 5 display supervision module information PoE Command 2 5 display supervlan Exte...

Page 1148: ...Command 1 9 display vlan VLAN Command 1 4 display vlan Extended VLAN Application Command 1 3 display voice vlan oui Extended VLAN Application Command 1 1 display voice vlan status Extended VLAN Application Command 1 1 display vrrp VRRP HA Command 1 1 dldp DLDP Command 1 2 dldp authentication mode DLDP Command 1 3 dldp interval DLDP Command 1 4 dldp reset DLDP Command 1 5 dldp unidirectional shutdo...

Page 1149: ...mmand 1 15 dot1x supp proxy check 802 1x Command 1 15 dot1x timer 802 1x Command 1 18 dot1x version check 802 1x Command 1 20 duplex Port Basic Configuration Command 1 12 E enable snmp trap updown SNMP RMON Command 1 8 execute File System Management Command 1 5 exit SSH Terminal Service Command 1 29 expired DHCP Command 1 24 F file prompt File System Management Command 1 6 filter policy export Rou...

Page 1150: ...ntrol enable Port Basic Configuration Command 1 13 format File System Management Command 1 7 free user interface Login Command 1 7 frequency Remote Ping Command 1 5 ftp FTP and TFTP Command 1 12 ftp cluster Cluster Command 1 27 ftp server enable FTP and TFTP Command 1 2 ftp timeout FTP and TFTP Command 1 3 ftp server Cluster Command 1 28 G garp timer GVRP Command 1 2 garp timer leaveall GVRP Comma...

Page 1151: ...ost route Routing Protocol Command 2 7 Remote Ping Remote Ping Command 1 6 Remote Ping agent enable Remote Ping Command 1 7 hwtacacs nas ip AAA RADIUS HWTA CACS EAD Command 1 57 hwtacacs scheme AAA RADIUS HWTA CACS EAD Command 1 58 I idle cut AAA RADIUS HWTA CACS EAD Command 1 10 idle timeout Login Command 1 11 if match acl ip prefix Routing Protocol Command 6 10 if match as path Routing Protocol ...

Page 1152: ...mp version Multicast Command 4 15 igmp snooping Multicast Command 1 4 igmp snooping fast leave Multicast Command 1 5 igmp snooping group limit Multicast Command 1 6 igmp snooping group policy Multicast Command 1 7 igmp snooping host aging time Multicast Command 1 9 igmp snooping max response time Multicast Command 1 10 igmp snooping report aggregation Multicast Command 1 10 igmp snooping router ag...

Page 1153: ...r Command 1 20 info center trapbuffer Infomation Center Command 1 21 instance MSTP Command 1 6 interface Port Basic Configuration Command 1 16 interface Vlan interface VLAN Command 1 6 ip IP Address IP Performance IPX Command 2 12 ip address IP Address IP Performance IPX Command 1 3 ip address Cluster Command 1 29 ip as path acl Routing Protocol Command 6 16 ip community list Routing Protocol Comm...

Page 1154: ... ipx rip timer update IP Address IP Performance IPX Command 3 14 ipx route load balance path IP Address IP Performance IPX Command 3 14 ipx route max reserve path IP Address IP Performance IPX Command 3 15 ipx route static IP Address IP Performance IPX Command 3 16 ipx sap disable IP Address IP Performance IPX Command 3 17 ipx sap gns disable reply IP Address IP Performance IPX Command 3 17 ipx sa...

Page 1155: ...level Routing Protocol Command 4 18 isis cost Routing Protocol Command 4 19 isis dis priority Routing Protocol Command 4 19 isis enable Routing Protocol Command 4 20 isis mesh group Routing Protocol Command 4 21 isis timer csnp Routing Protocol Command 4 22 isis timer hello Routing Protocol Command 4 23 isis timer holding multiplier Routing Protocol Command 4 24 isis timer lsp Routing Protocol Com...

Page 1156: ...level AAA RADIUS HWTA CACS EAD Command 1 11 line rate QoS Command 1 12 link aggregation Link Aggregation Command 1 7 link aggregation group description Link Aggregation Command 1 8 link aggregation group mode Link Aggregation Command 1 9 loadsharing enable System Maintenance and Debugging Command 3 10 local server AAA RADIUS HWTA CACS EAD Command 1 33 local user AAA RADIUS HWTA CACS EAD Command 1 ...

Page 1157: ...Command 1 8 md5 compatible Routing Protocol Command 4 28 mdi Port Basic Configuration Command 1 19 memory safety limit Routing Protocol Command 7 5 memory auto establish disable Routing Protocol Command 7 3 memory auto establish enable Routing Protocol Command 7 4 messenger AAA RADIUS HWTA CACS EAD Command 1 13 mirrored to Mirroring Command 1 3 mirroring group Mirroring Command 1 6 mirroring group...

Page 1158: ...are Configuration Command 1 5 more File System Management Command 1 8 move File System Management Command 1 9 multicast route limit Multicast Command 2 9 multicast routing enable Multicast Command 2 10 multicast static router port Multicast Command 2 10 multicast static router port vlan Multicast Command 2 11 multicast wrongif holdtime Multicast Command 2 12 multicast source deny Multicast Command...

Page 1159: ...1 11 ntdp hop Cluster Command 1 11 ntdp timer Cluster Command 1 12 ntdp timer hop delay Cluster Command 1 13 ntdp timer port delay Cluster Command 1 13 ntp service access NTP Command 1 3 ntp service authentication enable NTP Command 1 5 ntp service authentication keyid NTP Command 1 5 ntp service broadcast client NTP Command 1 6 ntp service broadcast server NTP Command 1 7 ntp service disable NTP ...

Page 1160: ...ommand 3 39 ospf mtu enable Routing Protocol Command 3 40 ospf network type Routing Protocol Command 3 41 ospf timer dead Routing Protocol Command 3 42 ospf timer hello Routing Protocol Command 3 43 ospf timer poll Routing Protocol Command 3 44 ospf timer retransmit Routing Protocol Command 3 45 ospf trans delay Routing Protocol Command 3 45 P packet filter ACL Command 1 10 parity Login Command 1 ...

Page 1161: ...ax hop Routing Protocol Command 5 36 peer enable Routing Protocol Command 5 37 peer filter policy export Routing Protocol Command 5 37 peer filter policy import Routing Protocol Command 5 38 peer group Routing Protocol Command 5 39 peer ip prefix export Routing Protocol Command 5 40 peer ip prefix import Routing Protocol Command 5 40 peer next hop local Routing Protocol Command 5 41 peer password ...

Page 1162: ... legacy enable slot PoE Command 1 9 poe max power PoE Command 1 10 poe max power slot PoE Command 1 10 poe mode PoE Command 1 11 poe power max value PoE Command 1 12 poe power management PoE Command 1 12 poe priority PoE Command 1 13 poe upgrade PoE Command 1 14 poe power input thresh lower PoE Command 2 7 poe power input thresh upper PoE Command 2 7 poe power output thresh lower PoE Command 2 8 p...

Page 1163: ... 29 preference Routing Protocol Command 5 47 primary accounting AAA RADIUS HWTA CACS EAD Command 1 35 primary accounting AAA RADIUS HWTA CACS EAD Command 1 60 primary authentication AAA RADIUS HWTA CACS EAD Command 1 36 primary authentication AAA RADIUS HWTA CACS EAD Command 1 61 primary authorization AAA RADIUS HWTA CACS EAD Command 1 62 priority QoS Command 1 13 priority trust QoS Command 1 14 p...

Page 1164: ...intenance and Debugging Command 3 12 qe monitor errpkt System Maintenance and Debugging Command 3 13 qe monitor errpkt check time System Maintenance and Debugging Command 3 14 qe monitor overflow threshold System Maintenance and Debugging Command 3 14 qos QoS Command 1 15 qos cos local precedence map QoS Command 1 17 queue scheduler QoS Command 1 19 quit SSH Terminal Service Command 1 20 quit SSH ...

Page 1165: ...Command 5 50 region name MSTP Command 1 7 register policy Multicast Command 5 16 remotehelp FTP and TFTP Command 1 21 remote probe vlan Mirroring Command 1 12 remove SSH Terminal Service Command 1 33 rename SSH Terminal Service Command 1 34 rename File System Management Command 1 11 reset Routing Protocol Command 2 11 reset acl counter ACL Command 1 13 reset arp ARP Command 1 14 reset bgp Routing ...

Page 1166: ...eset ipx routing table statistics protocol IP Address IP Performance IPX Command 3 24 reset ipx statistics IP Address IP Performance IPX Command 3 25 reset isis all Routing Protocol Command 4 30 reset isis peer Routing Protocol Command 4 31 reset lacp statistics Link Aggregation Command 1 10 reset logbuffer Infomation Center Command 1 22 reset multicast forwarding table Multicast Command 2 14 rese...

Page 1167: ...p statistics VRRP HA Command 1 3 retry AAA RADIUS HWTA CACS EAD Command 1 41 retry realtime accounting AAA RADIUS HWTA CACS EAD Command 1 42 retry stop accounting AAA RADIUS HWTA CACS EAD Command 1 43 retry stop accounting AAA RADIUS HWTA CACS EAD Command 1 64 return System Maintenance and Debugging Command 1 5 revision level MSTP Command 1 8 rip Routing Protocol Command 2 12 rip authentication mo...

Page 1168: ...uter id Routing Protocol Command 3 50 rsa local key pair create SSH Terminal Service Command 1 9 rsa local key pair destroy SSH Terminal Service Command 1 10 rsa peer public key SSH Terminal Service Command 1 11 rsa peer public key SSH Terminal Service Command 1 20 rule Advanced ACL ACL Command 1 15 rule Basic ACL ACL Command 1 14 rule Layer 2 ACL ACL Command 1 21 rule user defined ACL ACL Command...

Page 1169: ... 1 18 send Login Command 1 16 server type AAA RADIUS HWTA CACS EAD Command 1 46 service type Login Command 1 17 service type AAA RADIUS HWTA CACS EAD Command 1 19 set authentication password Login Command 1 19 set backboard enhance System Maintenance and Debugging Command 3 19 set inlink Hardware dependent Software Configuration Command 1 2 set overload Routing Protocol Command 4 31 sftp SSH Termi...

Page 1170: ... 11 snmp agent mib view SNMP RMON Command 1 12 snmp agent packet max size SNMP RMON Command 1 13 snmp agent sys info SNMP RMON Command 1 14 snmp agent target host SNMP RMON Command 1 15 snmp agent trap enable SNMP RMON Command 1 16 snmp agent trap enable ospf Routing Protocol Command 3 51 snmp agent trap life SNMP RMON Command 1 17 snmp agent trap queue size SNMP RMON Command 1 18 snmp agent trap ...

Page 1171: ...Terminal Service Command 1 14 ssh server timeout SSH Terminal Service Command 1 15 ssh user assign rsa key SSH Terminal Service Command 1 16 ssh user authentication type SSH Terminal Service Command 1 16 ssh user service type SSH Terminal Service Command 1 25 ssh2 SSH Terminal Service Command 1 23 startup saved configuration Configuration File Management Command 1 12 state AAA RADIUS HWTA CACS EAD...

Page 1172: ...ommand 1 25 stp interface root protection MSTP Command 1 26 stp interface transmit limit MSTP Command 1 27 stp loop protection MSTP Command 1 28 stp max hops MSTP Command 1 29 stp mcheck MSTP Command 1 30 stp mode MSTP Command 1 30 stp no agreement check MSTP Command 1 31 stp pathcost standard MSTP Command 1 32 stp point to point MSTP Command 1 34 stp port priority MSTP Command 1 35 stp priority M...

Page 1173: ...and 1 5 system view System Maintenance and Debugging Command 1 6 T tcp timer fin timeout IP Address IP Performance IPX Command 2 15 tcp timer syn timeout IP Address IP Performance IPX Command 2 15 tcp window IP Address IP Performance IPX Command 2 16 telnet Login Command 1 23 temperature limit System Maintenance and Debugging Command 3 19 terminal debugging Infomation Center Command 1 23 terminal ...

Page 1174: ...9 timer Cluster Command 1 35 timer lsp max age Routing Protocol Command 4 35 timer lsp refresh Routing Protocol Command 4 36 timer quiet AAA RADIUS HWTA CACS EAD Command 1 50 timer quiet AAA RADIUS HWTA CACS EAD Command 1 69 timer realtime accounting AAA RADIUS HWTA CACS EAD Command 1 50 timer realtime accounting AAA RADIUS HWTA CACS EAD Command 1 69 timer response timeout AAA RADIUS HWTA CACS EAD...

Page 1175: ... QoS Command 1 37 U udp helper port UDP Helper Command 1 3 udp helper server UDP Helper Command 1 4 umount File System Management Command 1 13 undelete File System Management Command 1 14 undo synchronization Routing Protocol Command 5 54 uplink monitor System Maintenance and Debugging Command 3 20 user FTP and TFTP Command 1 23 user privilege level Login Command 1 24 user interface Login Command ...

Page 1176: ...d 1 4 voice vlan aging Extended VLAN Application Command 1 5 voice vlan enable Extended VLAN Application Command 1 5 voice vlan mac address Extended VLAN Application Command 1 6 voice vlan mode Extended VLAN Application Command 1 7 voice vlan security enable Extended VLAN Application Command 1 8 vrrp authentication mode VRRP HA Command 1 4 vrrp method VRRP HA Command 1 5 vrrp ping enable VRRP HA C...

Page 1177: ...3Com Switch 7750 Series Command Reference Guide Command Index Appendix A Command Indexx A 45 ...

Reviews:

No comments

Related manuals for 7750 Series

N-Tron 700 Series User Manual & Installation Manual preview
700 Series
Brand: N-Tron Pages: 101
Paradyne 4300 Installation Instructions Manual preview
4300
Brand: Paradyne Pages: 22
Wattle Pegasus Quick Installation Manual preview
Pegasus
Brand: Wattle Pages: 6
Baicells Nova430i Quick Manual preview
Nova430i
Brand: Baicells Pages: 8
Speedtouch IPQoS Configuration Manual preview
IPQoS
Brand: Speedtouch Pages: 124
Patton electronics SmartNode 4520 Series Getting Started Manual preview
SmartNode 4520 Series
Brand: Patton electronics Pages: 90
E-LINX EIR410-2SFP-T User Manual preview
EIR410-2SFP-T
Brand: E-LINX Pages: 24
Z-Wave RAZBERRY 7 PRO Quick Start Manual preview
RAZBERRY 7 PRO
Brand: Z-Wave Pages: 6
Lanner FW-7551 User Manual preview
FW-7551
Brand: Lanner Pages: 38
Allied Telesis AT-BSTACK1 Quick Install Manual preview
AT-BSTACK1
Brand: Allied Telesis Pages: 34
ADTRAN EXPRESS 6503 User Manual preview
EXPRESS 6503
Brand: ADTRAN Pages: 20
Teldat G1N Installation Manual preview
G1N
Brand: Teldat Pages: 23
Ubiquiti EdgeRouter X Quick Start Manual preview
EdgeRouter X
Brand: Ubiquiti Pages: 20
Thecus 1U4600 User Manual preview
1U4600
Brand: Thecus Pages: 148
CalAmp Sentry 4G 2500 User Manual preview
Sentry 4G 2500
Brand: CalAmp Pages: 52
Apposite Technologies Linktropy MINI-G User Manual preview
Linktropy MINI-G
Brand: Apposite Technologies Pages: 57
MikroTik RouterBOARD RB711-5HnD Quick Setup Manual And Warranty Information preview
RouterBOARD RB711-5HnD
Brand: MikroTik Pages: 2
Digi TransPort WR11 XT Quick Start Manual preview
TransPort WR11 XT
Brand: Digi Pages: 4

Brands by name

Popular brands

Load more brands