Alaxala AX3630S Software Manual Download Page 350

Page: 350 / 875

18. Access Lists

322

Number of access lists that can be created

The number of access lists that can be created is the number of names that can be used as access

list IDs.

Number of specifications that can be set for an interface

The number of specifications that can be set for an interface is the total number of access lists that

can be set for an interface.
Specifications are counted separately for the receiving side and sending side. For example, if an

access list is set for both the receiving side and sending side of the same interface, two lists are

counted regardless of whether the same access list name is specified.

Examples for calculating the number of access lists that can be created and the

number of specifications that can be set for an interface

The following table provides examples for calculating the number of access lists that can be

created and the number of specifications that can be set for an interface.

Table 18-13:

Examples for calculating the number of access lists that can be created and the

number of specifications that can be set for an interface

parameter-option

Parameter option problems

parameter-problem

All parameter problems

Not specified

port-unreachable

Port unreachable

reassembly-timeout

Reassembly timeout

renum-command

Router renumbering command

138

renum-result

Router renumbering result

138

renum-seq-number

Router renumbering sequence number

reset

138

255

router-advertisement

Neighbor discovery router advertisements

134

Not specified

router-renumbering

All router renumbering

138

Not specified

router-solicitation

Neighbor discovery router solicitations

133

Not specified

time-exceeded

All time exceeded

Not specified

unreachable

All unreachable

Not specified

Sample code

Number of

access lists

created

Number of

specifications

set for the

interface

In this example, access list

AAA

is created and applied to inbound on Ethernet

interface 0/1.

interface gigabitethernet 0/1
ip access-group AAA in

ip access-list extended AAA
10 permit tcp any any
20 deny udp any any

1 list

Message name

Message

Type

Code

Summary of Contents for AX3630S

Page 1: ...AX3640S AX3630S Software Manual Configuration Command Reference Vol 1 For Version 11 7 AX36S S004X F0...

Page 2: ...either a registered trademark or trademark of Microsoft Corporation in the United States and other countries Octpower is a registered trademark of NEC Corporation RSA and RSA SecurID are trademarks o...

Page 3: ...nsport input Login Security and RADIUS or TACACS A parameter related to VRF was added to the following commands ip access group ipv6 access class The following commands were added aaa authentication e...

Page 4: ...etection holdtime multi fault detection interval multi fault detection mode multi fault detection vlan Flow detection mode The layer3 dhcp 1 parameter was added to the flow detection mode command DHCP...

Page 5: ...command Error messages displayed when editing the configuration The subsection Uplink redundancy information was added Item Changes Layer 2 Authentication It was now possible to use the following comm...

Page 6: ...b Authentication A parameter was added to the web authenticaion ip address command MAC based Authentication The mac authentication dot1q vlan force authorized command was added GSRP A parameter was ad...

Page 7: ...ed Ring Protocol The axrp virtual link command was added Flow detection mode The layer3 5 parameter was added to the flow detection mode command The flow detection out mode command was added Access Li...

Page 8: ...E T the behavior when a value smaller than 2000 milliseconds is specified for the link debounce command was changed VLAN For the mac address command a description of the number of MAC addresses that c...

Page 9: ...ed to the method parameter of the aaa authorization commands command The commands exec parser view and username commands were added MAC Address Table The description of the mac address table static co...

Page 10: ...values for the GROUP ID parameter of the vlan group priority command was modified SNMP The snmp server engineID local snmp server group snmp server user and snmp server view commands were added 3 noa...

Page 11: ...nalities not common to OS L3A A OS L3A and OS L3L A OS L3L are indicated as follows AX3640S The description applies to AX3640S switches AX3630S The description applies to AX3630S switches OS L3A The d...

Page 12: ...your requirements determined from the following workflow for installing setting up and starting regular operation of the Switch Conventions The terms Switch and switch The term Switch upper case S is...

Page 13: ...ision Detection CSNP Complete Sequence Numbers PDU CST Common Spanning Tree DA Destination Address DC Direct Current DCE Data Circuit terminating Equipment DHCP Dynamic Host Configuration Protocol DIS...

Page 14: ...ork Address Translation NCP Network Control Protocol NDP Neighbor Discovery Protocol NET Network Entity Title NLA ID Next Level Aggregation Identifier NPDU Network Protocol Data Unit NSAP Network Serv...

Page 15: ...TCP IP Transmission Control Protocol Internet Protocol TLA ID Top Level Aggregation Identifier TLV Type Length and Value TOS Type Of Service TPID Tag Protocol Identifier TTL Time To Live UDLD Uni Dir...

Page 16: ......

Page 17: ...from an Operation Terminal 9 ftp server 10 line console 11 line vty 12 speed 13 transport input 14 3 Editing and Working with Configurations 15 end 16 quit exit 17 save write 19 show 21 status 22 top...

Page 18: ...st Names and DNS 83 ip domain lookup 84 ip domain name 85 ip domain reverse lookup 86 ip host 87 ip name server 88 ipv6 host 90 7 Device Management 91 swrt_multicast_table 92 swrt_table_resource 93 sy...

Page 19: ...y 149 lacp system priority 151 port channel load balance 152 shutdown 154 PART 4 Layer 2 Switching 11 MAC Address Table 155 mac address table aging time 156 mac address table static 157 12 VLAN 159 do...

Page 20: ...ning tree portfast 229 spanning tree portfast bpduguard default 230 spanning tree portfast default 231 spanning tree single 232 spanning tree single cost 233 spanning tree single forward time 235 span...

Page 21: ...v6 mld snooping global 300 ipv6 mld snooping interface 301 ipv6 mld snooping mrouter 302 ipv6 mld snooping querier 304 PART 5 Common to Filtering and QoS 17 Flow Detection Modes and Flow Operations 30...

Page 22: ...queue list 449 remark 453 traffic shape rate 454 PART 8 Layer 2 Authentication 20 Layer 2 Authentication 457 Configuration command and applicable Layer 2 authentication types 458 authentication arp r...

Page 23: ...t1x vlan timeout quiet period 522 dot1x vlan timeout reauth period 524 dot1x vlan timeout server timeout 526 dot1x vlan timeout supp timeout 528 dot1x vlan timeout tx period 530 22 Web Authentication...

Page 24: ...on VLANs OP VAA 585 fense alive timer OP VAA 586 fense retry count OP VAA 588 fense retry timer OP VAA 590 fense server OP VAA 591 fense vaa name OP VAA 593 fense vaa sync OP VAA 595 fense vlan OP VAA...

Page 25: ...657 track ip route 659 track recovery detection interval 661 track recovery detection times 663 vrrp accept 665 vrrp authentication 666 vrrp ietf ipv6 spec 07 mode 667 vrrp ip 668 vrrp ipv6 669 vrrp p...

Page 26: ...nterface 717 ethernet cfm mep 718 ethernet cfm mip 720 ma name 721 ma vlan group 723 PART 12 Remote Network Management 34 SNMP 725 hostname 726 rmon alarm 727 rmon collection history 731 rmon event 73...

Page 27: ...time 806 oadp run 807 PART 14 Port Mirroring 39 Port Mirroring 809 monitor session 810 PART 15 Configuration Error Messages 40 Error Messages Displayed When Editing the Configuration 813 40 1 Error m...

Page 28: ...tion 835 40 1 19 MAC based authentication information 836 40 1 20 Authentication VLAN information OP VAA 836 40 1 21 DHCP snooping information 837 40 1 22 GSRP information 837 40 1 23 VRRP information...

Page 29: ...1 PART 1 Reading the Manual Chapter 1 Reading the Manual Command description format Command mode list Specifiable values for parameters...

Page 30: ...ode of a configuration command mode corresponds to the name displayed on the command prompt Parameters Describes in detail the parameters that can be set by the command The default value and the value...

Page 31: ...g ip access list standard 11 config ipv6 acl Configures an IPv6 filter config ipv6 access list 12 config ext macl Configures a MAC filter config mac access list extended 13 config ip qos Configures IP...

Page 32: ...ernet cfm domain 27 config track object Configures the tracking functionality for policy based routing config track object 28 config pol Configures the policy based routing list information config pol...

Page 33: ...n about multiple interfaces Specifiable interfaces are gigabitethernet tengigabitethernet vlan and port channel You can specify gigabitethernet and tengigabitethernet interfaces at the same time but c...

Page 34: ...de Char acte r Code Char acte r Code Char acte r Code Char acte r Code Space 0x20 0 0x30 0x40 P 0x50 0x60 p 0x70 0x21 1 0x31 A 0x41 Q 0x51 a 0x61 q 0x71 0x22 2 0x32 B 0x42 R 0x52 b 0x62 r 0x72 0x23 3...

Page 35: ...alues Table 1 7 Range of channel group number values Range of values that can be set for vlan id The following table lists the range of vlan id values Right curly bracket 0x7D Model Range of values ni...

Page 36: ...specification displayed in multiple lines switchport trunk allowed vlan 100 200 300 switchport trunk allowed vlan add 400 500 How to specify interface id list and the range of specifiable values If i...

Page 37: ...9 PART 2 Operation and Management of Switches Chapter 2 Connecting from an Operation Terminal ftp server line console line vty speed transport input...

Page 38: ...ation ftp server To delete information no ftp server Input mode config Parameters None Default behavior Does not allow remote FTP access Impact on communication None When the change is applied The cha...

Page 39: ...CONSOLE RS232C port Syntax To set information line console 0 To delete information no line console Input mode config Parameters None Default behavior The console can be connected to a CONSOLE RS232C...

Page 40: ...is parameter is omitted This parameter cannot be omitted 2 Range of values 0 to 15 The number of users who can log in can be set to any value from 1 to 16 Default behavior Does not accept remote acces...

Page 41: ...32C in bit s 1 Default value when this parameter is omitted Sets the communication speed of CONSOLE RS232C to 9600 bit s 2 Range of values 1200 2400 4800 9600 19200 Default behavior The communication...

Page 42: ...protocol currently only Telnet is supported none Does not accept remote access using any protocol 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values teln...

Page 43: ...15 Chapter 3 Editing and Working with Configurations end quit exit save write show status top...

Page 44: ...iguration file in internal flash memory and the running configuration in RAM will not be the same For this reason if you enter configuration command mode again and then enter the end command the same...

Page 45: ...emory If you do so the editing process of the configuration file will still be incomplete so save the file after you finish making changes 2 After editing the running configuration in RAM if you execu...

Page 46: ...3 Editing and Working with Configurations 18 inconsistency occurred to be output If this message is output use the end command to end configuration command mode Related commands None...

Page 47: ...mote file name in either of the following URL formats FTP ftp user name password host port file path TFTP tftp host port file path 1 Default value when this parameter is omitted The startup configurat...

Page 48: ...e saved Use the show flash operation command to check the free capacity in the user area Saving a new startup configuration file config system cnf requires free capacity equivalent to the size of the...

Page 49: ...ems in the configuration the command might take time to execute 2 If the configuration is edited or the copy command is executed while this command is being executed this command might be aborted 3 If...

Page 50: ...dited since the switch was started Date by User not modified The file has been edited and changed but not saved using the save command Date by User not saved The file has been edited changed and chang...

Page 51: ...If the remaining capacity becomes very small it might not be sufficient to execute some configuration commands 2 Before and after a switch is restarted the last modified time displayed on the first li...

Page 52: ...a level 2 or level 3 configuration command mode to global configuration mode level 1 Syntax top Input mode Configuration command mode Parameters None Default behavior None Impact on communication None...

Page 53: ...le end by reject aaa authentication login aaa authentication login console aaa authentication login end by reject aaa authorization commands aaa authorization commands console banner commands exec ip...

Page 54: ...rigger of accounting for commands start stop Sends a start instruction before a command is executed and a stop instruction after the command is executed stop only Sends a stop instruction before a com...

Page 55: ...he TACACS server is used as the accounting server Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes...

Page 56: ...roadcast If this parameter is specified accounting information is sent in turn to all servers a maximum of four set by the radius server host or tacacs server host command and continues regardless of...

Page 57: ...group radius or group tacacs Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes None Related comman...

Page 58: ...o administrator mode enable command for method Specify any of the parameters below for method You cannot set the same method more than once group radius RADIUS authentication is used group tacacs TACA...

Page 59: ...4 Login Security and RADIUS or TACACS 31 tacacs server...

Page 60: ...name is sent as the User attribute Syntax To set information aaa authentication enable attribute user per method To delete information no aaa authentication enable attribute user per method Input mode...

Page 61: ...aaa authentication enable end by reject To delete information no aaa authentication enable end by reject Input mode config Parameters None Default behavior If authentication fails regardless of the r...

Page 62: ...used at login for method Specify any of the parameters below for method You cannot set the same method more than once group radius RADIUS authentication is used group tacacs TACACS authentication is u...

Page 63: ...4 Login Security and RADIUS or TACACS 35 aaa authentication login end by reject...

Page 64: ...console RS232C Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 To perform RADIUS or TACACS authentication you must se...

Page 65: ...ogin end by reject To delete information no aaa authentication login end by reject Input mode config Parameters None Default behavior If authentication fails regardless of the reason for failure the n...

Page 66: ...when authentication is performed using a local password Syntax To set or change information aaa authorization commands default method method method To delete information no aaa authorization commands...

Page 67: ...it disable end set terminal show whoami and who am i if any of the following applies If the command class or the command list cannot be obtained as a vendor specific attribute or an attribute value wh...

Page 68: ...e Default behavior Authorization of commands is not required when a user logs in from the console RS232C Impact on communication None When the change is applied The changed setting takes effect from t...

Page 69: ...string After the command is entered the following message appears and you can enter a string in lines Press CTRL D or only on last line At this point enter the string you want to display for the login...

Page 70: ...pace key does not affect characters in other than the current line encode encoded message Enter a Base64 encoded string as a login message Any login message that was set previously is deleted Normally...

Page 71: ...e encoded message Enter a Base64 encoded string as a login message For details see the encode section under the login parameter above disable Does not display a login message for FTP access even when...

Page 72: ...tted This parameter cannot be omitted 2 Range of values include or exclude all command Specifies a command string to be added to the command list The Switch judges whether the initial character string...

Page 73: ...g takes effect from the next login Notes 1 A maximum of 40 commands including permitted and restricted commands can be set in a command list A string consisting of a maximum of 50 characters can be se...

Page 74: ...cess list ID for an access list 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values For access list number specify values from 1 to 99 or from 1300 to 199...

Page 75: ...4 Login Security and RADIUS or TACACS 47 Related commands line vty ftp server transport input ipv6 access class access list ip access list standard...

Page 76: ...when this parameter is omitted This parameter cannot be omitted 2 Range of values Specify a name that is no more than 31 characters long For details see Specifiable values for parameters Default beha...

Page 77: ...4 Login Security and RADIUS or TACACS 49 ip access group ipv6 access list...

Page 78: ...lue when this parameter is omitted This parameter cannot be omitted 2 Range of values Specify a name that is no more than 31 characters long An alphabetical character can be specified for the first ch...

Page 79: ...an vlan id For vlan id specify the VLAN ID set by the interface vlan command host name Specifies the host name of the RADIUS server with 64 or fewer characters For details about the characters that ca...

Page 80: ...is used as a server dedicated to authentication A RADIUS server specified with the acct only option is used as a server dedicated to accounting 1 Default value when this parameter is omitted The RADI...

Page 81: ...device 2 When multiple RADIUS servers are specified the RADIUS server that is first in the configuration file listing is the first server used for authentication 3 If the key parameter is omitted and...

Page 82: ...of no more than 64 characters in double quotation marks Specifiable characters are alphanumeric characters and special characters To enter a character string that does not include any special characte...

Page 83: ...fault value when this parameter is omitted This parameter cannot be omitted 2 Range of values 0 to 15 Default behavior The default value for the number of times an authentication request is retransmit...

Page 84: ...r 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 30 Default behavior The default response timeout value for the RADIUS server is 5 seconds Impac...

Page 85: ...shared private key used for encryption or authentication of communication with the TACACS server The same shared private key must be set for the client and the TACACS server 1 Default value when this...

Page 86: ...erver dedicated to accounting 1 Default value when this parameter is omitted The TACACS server can be used for all purposes authentication and accounting 2 Range of values None Default behavior Becaus...

Page 87: ...r string of no more than 64 characters in double quotation marks Specifiable characters are alphanumeric characters and special characters To enter a character string that does not include any special...

Page 88: ...efault value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 30 Default behavior The default response timeout value for the TACACS server is 5 seconds Impact on...

Page 89: ...ername user name view no username user name view class Input mode config Parameters user name Specifies the name of the user to be set 1 Default value when this parameter is omitted This parameter can...

Page 90: ...messages for all permissible operation commands to be displayed no utility Enables help messages for all permissible operation commands except for utility commands and file operation commands to be d...

Page 91: ...users with username command parameter settings for at least one of exec timeout terminal pager and terminal help which is all users if default_user is set with this command these username command para...

Page 92: ......

Page 93: ...hapter 5 Time Settings and NTP clock timezone ntp access group ntp authenticate ntp authentication key ntp broadcast ntp broadcast client ntp broadcastdelay ntp master ntp peer ntp server ntp trusted...

Page 94: ...dentify a time zone 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values A maximum of seven alphanumeric characters hours offset Specifies the offset from...

Page 95: ...5 Time Settings and NTP 67 Notes None Related commands set clock show clock show logging...

Page 96: ...permitted serve only NTP control queries and NTP broadcast messages are not permitted serve NTP broadcast messages are not permitted peer All accesses to NTP services are permitted 1 Default value whe...

Page 97: ...mplicit discard entries are invalid for access lists specified for this command 2 If at least one access group is created any accesses with a source IP address that does not match the specified access...

Page 98: ...henticate Input mode config Parameters None Default behavior The NTP authentication functionality is disabled Impact on communication None When the change is applied The change is applied immediately...

Page 99: ...be assigned to an authentication key 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values A maximum of 30 ASCII characters Default behavior None Impact on...

Page 100: ...5 Time Settings and NTP 72 ntp master ntp authenticate ntp trusted key ntp broadcast client...

Page 101: ...to use the default value do not set this parameter 2 Range of values 1 2 or 3 key key id Specifies the authentication key for access Specify key as the number in decimal set for authentication key 1 D...

Page 102: ...5 Time Settings and NTP 74 4 Do not specify 65536 or a larger value as the key number Related commands ntp broadcast client ntp authentication key...

Page 103: ...d synchronize its time with that of other switches When this command is omitted no NTP broadcast messages are accepted Syntax To set information ntp broadcast client To delete information no ntp broad...

Page 104: ...ro seconds Specifies a delay time The time is set as a decimal integer in microseconds 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 999999 Def...

Page 105: ...8 2 Range of values 1 to 15 Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 If you use the Swit...

Page 106: ...an NTP time source time reference Switch or an NTP client Switch version number Specifies the NTP version number 1 Default value when this parameter is omitted Version 4 is specified by default If you...

Page 107: ...to synchronize these switches If this happens we recommend that you reduce the number of switches in the configuration 4 When a switch references multiple time reference synchronization source switch...

Page 108: ...ress Input mode config Parameters ip address Specifies the IPv4 address of a Switch whose time is to be synchronized version number Specifies the NTP version number 1 Default value when this parameter...

Page 109: ...ization source switches if there is a 16 second or longer time difference between the time references synchronization of this Switch that references the other switches will succeed but any switches th...

Page 110: ...ig Parameters key id Specifies the key number to be used for authentication For this key the number in decimal set by using authentication key is specified 1 Default value when this parameter is omitt...

Page 111: ...83 Chapter 6 Host Names and DNS ip domain lookup ip domain name ip domain reverse lookup ip host ip name server ipv6 host...

Page 112: ...delete information ip domain lookup Input mode config Parameters None Default behavior The DNS resolver functionality is enabled Impact on communication None When the change is applied The change is a...

Page 113: ...rameter is omitted This parameter cannot be omitted 2 Range of values No more than 63 alphanumeric characters periods and hyphens can be used Default behavior None Impact on communication None When th...

Page 114: ...is enabled the reverse lookup functionality is also enabled Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 If the DN...

Page 115: ...ters For details about the characters that can be specified see Specifiable values for parameters ip address Specifies the IPv4 address of a switch for which a host name is set in dot notation Default...

Page 116: ...fter ip domain lookup is entered Notes 1 Set the IP address ip name server of the DNS server correctly If the IP address of a DNS server is not set correctly it might take time until a communication f...

Page 117: ...pecified as an IP address 3 Class D and class E addresses cannot be set as IP addresses 4 AAAA query information cannot be referenced by using IPv6 AAAA query information is referenced by IPv4 Related...

Page 118: ...s a host name with no more than 63 characters For details about the characters that can be specified see Specifiable values for parameters ipv6 address Specifies the IPv6 address of a switch for which...

Page 119: ...91 Chapter 7 Device Management swrt_multicast_table swrt_table_resource system fan mode system l2 table mode system memory soft error system recovery system temperature warning level...

Page 120: ...d If you set this command make sure you save the configuration and restart the Switch The new setting values do not take effect until the Switch is restarted Notes 1 When you set this command to use t...

Page 121: ...3switch 3 AX3640S l3switch 1 l3switch 2 AX3630S l3switch 1 IPv4 mode This pattern allocates resources to both IPv4 and IPv6 routing l3switch 2 IPv4 or IPv6 mode This pattern allocates resources to bot...

Page 122: ...is applied If you set this parameter make sure you save the configuration and restart the Switch The new setting values do not take effect until the Switch is restarted Notes 1 If you use this parame...

Page 123: ...low noise setting is specified Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 Models that have the following type na...

Page 124: ...ted to set this table search method for the hardware 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 5 auto Default behavior 1 is set as the meth...

Page 125: ...7 Device Management 97 Notes None Related commands None...

Page 126: ...g Input mode config Parameters log Outputs a log message when a soft error occurs in memory inside the switch processor 1 Default value when this parameter is omitted This parameter cannot be omitted...

Page 127: ...ity covers the send control section Syntax To set information no system recovery To delete information system recovery Input mode config Parameters None Default behavior Recovery is performed and fail...

Page 128: ...e in Celsius for the switch You can specify the temperature in degrees Celsius 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 25 to 40 Default behavi...

Page 129: ...101 Chapter 8 Power Saving Functionality schedule power control shutdown schedule power control time range...

Page 130: ...t format If you specify interface id list to change information the information is replaced with the contents of the specified list 1 Default value when this parameter is omitted This parameter cannot...

Page 131: ...ays be disabled regardless of the schedule you must set both the shutdown command and this command 2 If you use a comma to set shutdown interface for multiple Gigabit Ethernet interface lists and 10 G...

Page 132: ...en daily is specified everyday start time hhmm end time hhmm To delete information no schedule power control time range entry number Input mode config Parameters entry number Specifies the identifier...

Page 133: ...ge of values Specify a date for yymmdd and a time for hhmm The range of values is from 0 00 on January 1 2000 to 23 58 on January 17 2038 end time yymmdd hhmm Specifies the end date and time yy Specif...

Page 134: ...t Sets Saturday hh Specify the hour 00 to 23 mm Specify the minute 00 to 59 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Select sun mon tue wed thu...

Page 135: ...time hhmm Specifies the end time hh Specify the hour 00 to 23 mm Specify the minute 00 to 59 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Specify...

Page 136: ...n the change is applied The change is applied immediately after setting values are changed Notes 1 If there is an overlap of time of execution between different action parameters the action disable se...

Page 137: ...iption duplex flowcontrol frame error notice interface gigabitethernet interface tengigabitethernet link debounce link up debounce mdix auto media type mtu power inline AX3630S shutdown speed system f...

Page 138: ...used for the ifSpeed ifHighSpeed SNMP MIB value of the applicable port and has no impact on communication 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of val...

Page 139: ...s parameter is omitted This parameter cannot be omitted 2 Range of values Enclose a character string of no more than 64 characters in double quotation marks Specifiable characters are alphanumeric cha...

Page 140: ...cified full is set if a non specifiable parameter for 100BASE FX is specified Table 9 1 Specifiable parameters half Sets the port to half duplex fixed mode full Sets the port to full duplex fixed mode...

Page 141: ...is performed 2 For 1000BASE X if you do not want to use auto negotiation you must specify 1000 for speed and full for duplex If auto or auto 1000 is specified for speed full is set for duplex as a re...

Page 142: ...unctionality is specified whether pause packets are sent is determined through communication with the connected device on Pause packets are sent off Pause packets are not sent 1 Default value when thi...

Page 143: ...havior Behavior varies depending on the line type For 10BASE T 100BASE TX or 1000BASE T Receive operation is off but send operation is desired For 100BASE FX AX3640S Receive operation is off but send...

Page 144: ...ist of statistical items that correspond to frame reception and frame sending errors Table 9 2 List of statistical items If an error occurrence is reported a log entry is displayed and a private trap...

Page 145: ...5 or more 3 Yes Receiving The rate of reception error frames against the total number of reception frames is equal to or greater than the value set for rate This setting does not regard the number of...

Page 146: ...No log entries are displayed 1 Default value when this parameter is omitted one time display 2 Range of values everytime display one time display or off Default behavior When 15 or more errors occur...

Page 147: ...net nif no port no Input mode config Parameters nif no port no Specifies the NIF number and the port number 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of v...

Page 148: ...t nif no port no Input mode config Parameters nif no port no Specifies the NIF number and the port number 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of val...

Page 149: ...ds Sets the debounce timer value in milliseconds 1 Default value when this parameter is omitted 3000 milliseconds 2 Range of values Multiples of 100 from 0 to 10000 Default behavior 2000 milliseconds...

Page 150: ...This parameter cannot be omitted 2 Range of values Multiples of 100 from 0 to 10000 Default behavior When the line speed is fixed the operating value is 1000 milliseconds When the line speed is set to...

Page 151: ...ers None Default behavior During auto negotiation MDI and MDI X are switched automatically Impact on communication None When the change is applied The change is applied immediately after setting value...

Page 152: ...port rj45 An RJ45 port is used sfp An SFP port is used 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values rj45 or sfp Default behavior Sets sfp an SFP po...

Page 153: ...1 For Version 11 7 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1500 to 9216 Default behavior The following initial values are set Table 9 4 Initi...

Page 154: ...N interface 1 IP MTU value 2 Port MTU value if values differ among ports the minimum value is used 3 For two row VLAN tags in VLAN tunneling the frame length will be IP packet length 22 octets If an I...

Page 155: ...can ensure power supply for a maximum of 24 ports high Power is supplied to ports whose priority is set to high If power becomes insufficient the supply of power to ports with this specification stops...

Page 156: ...not support PoE functionality 2 If you enter this command for a selectable port and change media type to sfp the specification of the command is disabled but is not deleted from the configuration 3 If...

Page 157: ...cation None When the change is applied The change is applied immediately after setting values are changed Notes 1 This command can be set from the SNMP manager by using an SNMP SetRequest operation If...

Page 158: ...cifiable parameters auto is set if a non specifiable parameter for 10BASE T 100BASE TX 1000BASE T or 1000BASE X is specified 100 is set if a non specifiable parameter for 100BASE FX is specified Table...

Page 159: ...reafter the port restarts When the change is applied The change is applied immediately after setting values are changed Notes 1 If auto or a parameter containing auto is specified for speed or duplex...

Page 160: ...ontrol specified for each port is used for operation Impact on communication Communications that pass through the Switch stop while the Switch is restarting Restarting the VLAN program re initializes...

Page 161: ...ation system minimum tagged frame length 68 To delete information no system minimum tagged frame length 68 Input mode config Parameters None Default behavior If this command is not specified the minim...

Page 162: ...see 14 1 3 Control on the MAC and LLC sublayers in the manual Configuration Guide Vol 1 For Version 11 7 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of valu...

Page 163: ...ow VLAN tags set system mtu so that the port mtu value is set to a value larger than 1504 or set mtu on the port Related commands None Line type mtu setting system mtu setting Length of a frame that c...

Page 164: ......

Page 165: ...em priority channel group max active port channel group max detach port channel group mode channel group multi speed channel group periodic timer description interface port channel lacp port priority...

Page 166: ...f the lacp system priority command is used Impact on communication If a priority is set for an active channel group the channel group goes down and then restarts When the change is applied The change...

Page 167: ...ber of ports are used and the standby link functionality is applied to the rest of the ports 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 8 no...

Page 168: ...ndby link mode cannot be changed directly between the link down and no link down statuses To change the status delete this parameter and then set this parameter again To change the number of ports in...

Page 169: ...go down due to a limit on the number of detached ports When the change is applied The change is applied immediately after setting values are changed Notes 1 This command is effective only when LACP ba...

Page 170: ...10 Link Aggregation 142 channel group mode channel group lacp system priority lacp system priority...

Page 171: ...cannot be omitted 2 Range of values See Specifiable values for parameters mode on active passive Specifies the mode for link aggregation on Static link aggregation is performed active LACP based link...

Page 172: ...mmand you must either specify the same setting for the applicable interface and the port channel interface with the specified channel group number or else not set a common configuration command for th...

Page 173: ...formation no channel group multi speed Input mode config if Parameters None Default behavior None Impact on communication The ports that are in use might be changed by the standby link functionality a...

Page 174: ...ote device sends LACPDUs to a Switch long 30 seconds short one second 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values long or short Default behavior l...

Page 175: ...annot be omitted 2 Range of values Enclose a character string of no more than 64 characters in double quotation marks Specifiable characters are alphanumeric characters and special characters To enter...

Page 176: ...ace port channel channel group number Input mode config Parameters channel group number Specifies the channel group number 1 Default value when this parameter is omitted This parameter cannot be omitt...

Page 177: ...lues 0 to 65535 Default behavior 128 is set as the port priority Impact on communication If you specify the port priority for an active port by setting channel group mode to active or passive communic...

Page 178: ...10 Link Aggregation 150 channel group max active port...

Page 179: ...annel group lacp system priority command has not been set 128 is used Impact on communication If a priority is set for an active channel group the channel group goes down and then restarts When the ch...

Page 180: ...address are sent from the same port dst port Allocates frames according to the destination port numbers src dst ip Allocates frames according to the source and destination IP addresses src dst mac All...

Page 181: ...n the change is applied The change is applied immediately after setting values are changed Notes 1 If you specify dst ip src dst ip or src ip TCP UDP port numbers are not used for allocation in link a...

Page 182: ...t behavior None Impact on communication If a priority is specified for an active channel group the channel group goes down When the change is applied The change is applied immediately after setting va...

Page 183: ...155 PART 4 Layer 2 Switching Chapter 11 MAC Address Table mac address table aging time mac address table static...

Page 184: ...is not performed 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 0 10 to 1000000 seconds Default behavior 300 seconds is set as the aging time Impact...

Page 185: ...cannot be set vlan vlan id Specifies the VLAN ID of the VLAN for static entries 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values See Specifiable values...

Page 186: ...y set vlan 1 for the output destination interface 2 If interface has been specified a frame is output to the interface specified for frames matching the destination MAC address In addition if a frame...

Page 187: ...ss mac based vlan static only name protocol state switchport access switchport dot1q ethertype switchport isolation switchport mac switchport mode switchport protocol switchport trunk switchport vlan...

Page 188: ...that there are no longer any ports that can be used for relaying the VLAN Impact on communication None When the change is applied The change is applied immediately after setting values are changed No...

Page 189: ...ion None When the change is applied The change is applied immediately after setting values are changed Notes 1 If a VLAN ID which has not yet been set is specified for vlan id a VLAN is created Create...

Page 190: ...formation l2protocol tunnel eap To delete information no l2protocol tunnel eap Input mode config Parameters None Default behavior The EAPOL forwarding functionality is invalid Impact on communication...

Page 191: ...ormation l2protocol tunnel stp To delete information no l2protocol tunnel stp Input mode config Parameters None Default behavior The BPDU forwarding functionality is disabled Impact on communication N...

Page 192: ...o set information l2 isolation To delete information no l2 isolation Input mode config Parameters None Default behavior Layer 2 forwarding is not blocked Impact on communication None When the change i...

Page 193: ...No MAC address is specified Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 MAC addresses that are already assigned...

Page 194: ...12 VLAN 166 Related commands mac based vlan static only...

Page 195: ...efault behavior If this command is not used MAC addresses can be registered for MAC VLANs by using the mac address command and IEEE 802 1X Web authentication MAC based authentication and authenticatio...

Page 196: ...ation set by this command for an AX3630S series switch the number of MAC addresses set for a MAC VLAN must be 64 or less If there are 65 or more MAC addresses set this command cannot be set or deleted...

Page 197: ...otation marks Specifiable characters are alphanumeric characters and special characters To enter a character string that does not include any special characters such as a space you do not need to encl...

Page 198: ...o use multiple protocols in a single VLAN specify this command as many times as the number of protocol names 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of...

Page 199: ...g and receiving of all frames 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values suspend or active Default behavior The VLAN status is enable Impact on c...

Page 200: ...ues for parameters Default behavior In non VLAN tunneling mode the access port for the default VLAN VLAN ID 1 is used The default behavior in VLAN tunneling mode is for switch ports to not belong to a...

Page 201: ...e for ports 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Four digit hexadecimal Default behavior When the vlan dot1q ethertype command is set the s...

Page 202: ...es For details about how to specify interface id list and the specifiable range of values see Specifiable values for parameters interface add interface id list Adds ports forwarding from which is to b...

Page 203: ...interface of the switchport isolation command and discards frames output from the port on which the command is set To suppress forwarding on both ends set the command on both lines 2 If you use inter...

Page 204: ...ist 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values For details about how to set vlan id list and the specifiable values see Specifiable values for pa...

Page 205: ...to forward tagged frames on the port to the VLAN list VLANs configured by using the vlan parameter cannot be specified 1 Default value when this parameter is omitted This parameter cannot be omitted 2...

Page 206: ...en a valid MAC VLAN has not been set 2 If valid MAC VLANs have been set a MAC VLAN specified as a post authentication VLAN by the authentication functionality is available for communication only when...

Page 207: ...l VLAN mode In protocol VLAN mode untagged frames are sent and received When a frame is received the VLAN is determined by the protocol type of the frame Tagged frames are discarded mac vlan Sets an i...

Page 208: ...nd to set a protocol VLAN If protocol VLAN is not set the applicable port operates as if it were in access mode 3 If an interface is set to tunneling mode use the switchport access command to set an a...

Page 209: ...alue when this parameter is omitted This parameter cannot be omitted 2 Range of values For details about how to set vlan id list and the specifiable values see Specifiable values for parameters native...

Page 210: ...een set by using the switchport mode protocol command and the switchport protocol command is omitted the default VLAN is set Impact on communication None When the change is applied The change is appli...

Page 211: ...tive VLAN 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values See Specifiable values for parameters allowed vlan vlan id list Sets the VLANs that use a tr...

Page 212: ...cifiable values see Specifiable values for parameters Default behavior None If trunking mode has been set by using the switchport mode trunk command and the command is omitted communication is not pos...

Page 213: ...ior Tag translation is not performed Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 To enable tag translation you mu...

Page 214: ...es tag translation the user priority in the VLAN tag is set to 3 default If you want to change the default user priority when using tag translation use the marking functionality for QoS control Relate...

Page 215: ...translation you must specify switchport vlan mapping 2 Tag translation is enabled only when the applicable port is in trunking mode 3 Only VLAN tags for which switchport vlan mapping is set can be se...

Page 216: ...communication the VLAN interface comes up immediately Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 In the followi...

Page 217: ...12 VLAN 189 Related commands None...

Page 218: ...ote however that the default VLAN VLAN ID 1 cannot be specified when information is deleted vlan id list Specifies multiple VLAN IDs at one time If you specify a VLAN ID for the first time the applica...

Page 219: ...e When the change is applied The change is applied immediately after setting values are changed Notes 1 There is always a default VLAN VLAN ID 1 The configuration items for the default VLAN are differ...

Page 220: ...n command For VLANs created by using the vlan command use the no interface vlan command to delete information For a VLAN created by using the interface vlan command use the no vlan command to delete i...

Page 221: ...ts the default value of the entire Switch 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Four digit hexadecimal Default behavior 0x8100 is used as th...

Page 222: ...Switch performs Layer 3 forwarding including both frames originated by and frames addressed to and forwarded by the Switch from the MAC address of the Switch to an individual MAC address for each VLAN...

Page 223: ...nge of values mask Bit pattern with highest 8 to 34 bits turned on 3 Note on using this parameter Multicast MAC addresses cannot be set An address in which the lowest bit of the first byte is 1 Defaul...

Page 224: ...12 VLAN 196 Related commands vlan mac...

Page 225: ...ewer characters ethertype hex Specifies the EtherType value for an Ethernet V2 format frame 1 Default value when this parameter is omitted None 2 Range of values Four digit hexadecimal 3 Note on using...

Page 226: ...t behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed Note however that for protocols that have not been specified...

Page 227: ...ost method spanning tree port priority spanning tree portfast spanning tree portfast bpduguard default spanning tree portfast default spanning tree single spanning tree single cost spanning tree singl...

Page 228: ...this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 4094 3 Note on using this parameter All VLANs that do not belong to other MST instances participate in MST instance ID...

Page 229: ...ultiple Spanning Tree are used together the VLAN IDs of VLANs specified by this command and the VLAN IDs specified by VLAN mapping for the Ring Protocol must match Unmatched VLANs are put in the Block...

Page 230: ...special characters such as a space you do not need to enclose the character string in double quotation marks For details see Any character string in Specifiable values for parameters 3 Note on using t...

Page 231: ...5 3 Note on using this parameter To configure the same MST region the values for this parameter and the name parameter as well as those of the MST instance ID and the VLAN ID set by the vlans paramete...

Page 232: ...g tree bpdufilter enable To delete information no spanning tree bpdufilter Input mode config if Parameters None Default behavior None Impact on communication None When the change is applied The change...

Page 233: ...enable causes the BPDU guard functionality to take effect Setting disable stops operation of the BPDU guard functionality 1 Default value when this parameter is omitted This parameter cannot be omitte...

Page 234: ...n long is set by the spanning tree pathcost method command 1 to 200000000 3 Note on using this parameter Changing the path cost value might change the topology Default behavior The method of applying...

Page 235: ...ink set when both Spanning Tree Protocols and the Ring Protocol are used together Related commands spanning tree pathcost method spanning tree vlan pathcost method spanning tree vlan cost spanning tre...

Page 236: ...tion spanning tree disable To delete information no spanning tree disable Input mode config Parameters None Default behavior The Spanning Tree Protocols are enabled Impact on communication None When t...

Page 237: ...a port or channel group that does not receive BPDU even after one such port comes up communications of the port might remain disabled or it might take time until communication is enabled When the cha...

Page 238: ...nning Tree Protocol 210 occurs 4 This command is not applied to a virtual link set when both Spanning Tree Protocols and the Ring Protocol are used together Related commands spanning tree loopguard de...

Page 239: ...t shared If point to point is set point to point connection is used for the link type If shared is set a shared connection is used for the link type 1 Default value when this parameter is omitted This...

Page 240: ...13 Spanning Tree Protocol 212 spanning tree single mode...

Page 241: ...the spanning tree portfast command are deleted if you change the configuration stored in memory without setting the spanning tree portfast default command or the spanning tree portfast command the ch...

Page 242: ...Tree operation the Spanning Tree Protocol is re initialized If pvst is set PVST is applied to all Spanning Tree Protocols If rapid pvst is set rapid PVST is applied to all Spanning Tree Protocols If m...

Page 243: ...all previously set information for defining regions is deleted Syntax To set information spanning tree mst configuration To delete information no spanning tree mst configuration Input mode config Para...

Page 244: ...he path cost value The lower the cost value the higher the possibility that the port will be used for forwarding the applicable frames 1 Default value when this parameter is omitted This parameter can...

Page 245: ...13 Spanning Tree Protocol 217 2 This command is not applied to a virtual link set when both Spanning Tree Protocols and the Ring Protocol are used together Related commands spanning tree cost...

Page 246: ...g and learning states can be maintained for the specified period of time If a port is not in stp compatible mode only discarding and learning states are maintained for the specified period of time not...

Page 247: ...es the interval in seconds for sending BPDUs that are sent regularly from the Switch 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 10 3 Note on...

Page 248: ...seconds for BPDUs that are sent from the Switch 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 6 to 40 3 Note on using this parameter If you set a v...

Page 249: ...n MST instance ID One MST instance ID can be set You can use hyphens or commas to set multiple MST instance IDs at one time 1 Default value when this parameter is omitted All MST instances are selecte...

Page 250: ...rt priority Use a multiple of 16 as the port priority The lower the value the higher the priority 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 0 to...

Page 251: ...13 Spanning Tree Protocol 223 2 This command is not applied to a virtual link set when both Spanning Tree Protocols and the Ring Protocol are used together Related commands spanning tree port priority...

Page 252: ...e when this parameter is omitted This parameter cannot be omitted 2 Range of values 0 to 4095 priority Sets the bridge priority The lower the value the higher the priority Use a multiple of 4096 as th...

Page 253: ...panning tree mst transmission limit Input mode config Parameters count Sets the maximum number of BPDUs that can be sent per hello time interval 1 Default value when this parameter is omitted This par...

Page 254: ...tree pathcost method command settings When short is set by the spanning tree pathcost method command 10Mbit s 100 100 Mbit s 19 1 Gbit s 4 10 Gbit s 2 When long is set by the spanning tree pathcost m...

Page 255: ...ommand Multiple Spanning Tree operates using a 32 bit value To set a value of 65536 or larger for the path cost using the spanning tree cost command you must set long for this command You do not need...

Page 256: ...Note on using this parameter Changing the port priority might change the topology Default behavior The settings of the spanning tree vlan port priority spanning tree single port priority or spanning t...

Page 257: ...applied to access trunk protocol and MAC ports If disable is set the PortFast functionality stops 1 Default value when this parameter is omitted The PortFast functionality which is enabled on access...

Page 258: ...ast bpduguard default Input mode config Parameters None Default behavior If the spanning tree bpduguard command is set that setting is used If the spanning tree bpduguard command is not set this comma...

Page 259: ...ode config Parameters None Default behavior If the spanning tree portfast command has been set that setting is used If the spanning tree portfast command has not been set the spanning tree portfast de...

Page 260: ...anning tree single Input mode config Parameters None Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed No...

Page 261: ...spanning tree single pathcost method command 1 to 65535 When long is set by the spanning tree pathcost method or the spanning tree single pathcost method command 1 to 200000000 3 Note on using this pa...

Page 262: ...13 Spanning Tree Protocol 234 spanning tree pathcost method spanning tree single pathcost method...

Page 263: ...e and the learning state are maintained for the specified period of time If rapid stp 802 1w is set by the spanning tree single mode command the discarding state and the learning state are maintained...

Page 264: ...fies the interval in seconds for sending BPDUs that are sent regularly from the Switch 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 10 3 Note...

Page 265: ...in seconds for BPDUs that are sent from the Switch 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 6 to 40 3 Note on using this parameter If you set...

Page 266: ...rotocol is re initialized If stp is set Spanning Tree mode is used If rapid stp is set rapid Spanning Tree mode is used 1 Default value when this parameter is omitted This parameter cannot be omitted...

Page 267: ...command 10 Mbit s 2000000 100 Mbit s 200000 1 Gbit s 20000 10 Gbit s 2000 Syntax To set or change information spanning tree single pathcost method long short To delete information no spanning tree si...

Page 268: ...13 Spanning Tree Protocol 240 Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes None Related commands None...

Page 269: ...t be omitted 2 Range of values 0 to 240 3 Note on using this parameter Changing the port priority might change the topology Default behavior The setting of the spanning tree port priority command is u...

Page 270: ...iority Use a multiple of 4096 as the bridge priority 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 0 to 61440 3 Note on using this parameter Changin...

Page 271: ...valid only when rapid stp 802 1w is set by the spanning tree single mode command If stp 802 1D is set by the spanning tree single mode command the maximum number of BPDUs that can be sent per second...

Page 272: ...s vlan id list Starts configuration of PVST for the set VLAN 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values For details about how to set vlan id list...

Page 273: ...value the higher the possibility that the port will be used for forwarding the applicable frames 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values When...

Page 274: ...otes 1 vlan id list cannot be specified if the interface range command is used to set information 2 This command is not applied to a virtual link set when both Spanning Tree Protocols and the Ring Pro...

Page 275: ...quired for the state of a port to change If pvst 802 1D is set by the spanning tree mode command or the spanning tree vlan mode command the listening state and the learning state are maintained for th...

Page 276: ...13 Spanning Tree Protocol 248 Related commands None...

Page 277: ...of values For details about how to set vlan id list and the specifiable values see Specifiable values for parameters hello time Specifies the interval in seconds for sending BPDUs that are sent regul...

Page 278: ...ils about how to set vlan id list and the specifiable values see Specifiable values for parameters seconds Sets the maximum valid time in seconds for BPDUs that are sent from the Switch 1 Default valu...

Page 279: ...id pvst Sets the protocol to be used If the protocol is changed during Spanning Tree operation the Spanning Tree Protocol is re initialized If pvst is set PVST mode is used If rapid pvst is set rapid...

Page 280: ...2000000 100 Mbit s 200000 1 Gbit s 20000 10 Gbit s 2000 Syntax To set or change information spanning tree vlan vlan id list pathcost method long short To delete information no spanning tree vlan vlan...

Page 281: ...for the path cost you cannot change the parameter to short Default behavior The setting of the spanning tree pathcost method command is used Impact on communication None When the change is applied The...

Page 282: ...t priority Use a multiple of 16 as the port priority The lower the value the higher the priority 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 0 to...

Page 283: ...13 Spanning Tree Protocol 255 2 This command is not applied to a virtual link set when both Spanning Tree Protocols and the Ring Protocol are used together Related commands spanning tree port priority...

Page 284: ...d list and the specifiable values see Specifiable values for parameters priority Sets the bridge priority The lower the value the higher the priority Use a multiple of 4096 as the bridge priority 1 De...

Page 285: ...13 Spanning Tree Protocol 257 Related commands None...

Page 286: ...alues for parameters count Sets the maximum number of BPDUs that can be sent per hello time interval This parameter is effective only when rapid pvst 802 1w is set by the spanning tree mode command or...

Page 287: ...13 Spanning Tree Protocol 259 spanning tree vlan mode...

Page 288: ......

Page 289: ...ing port control vlan disable flush request count flush request transmit vlan forwarding shift time health check holdtime health check interval mode multi fault detection holdtime multi fault detectio...

Page 290: ...he same ring ID must be specified for all switches belonging to the same ring Specify a unique ring ID for each different ring in a network 1 Default value when this parameter is omitted This paramete...

Page 291: ...is omitted This parameter cannot be omitted 2 Range of values See Specifiable values for parameters Default behavior None Impact on communication None When the change is applied The change is applied...

Page 292: ...14 Ring Protocol 264 Related commands vlan...

Page 293: ...28 vlan vlan id list Sets the VLANs that participate in VLAN mapping When specifying multiple VLANs you can specify a range 1 Default value when this parameter is omitted This parameter cannot be omit...

Page 294: ...ng for a VLAN that is used as the control VLAN 3 You cannot specify a VLAN mapping for the multi fault monitoring VLAN 4 When the Ring Protocol is used with PVST only one VLAN ID can be specified for...

Page 295: ...e of values 1 to 65535 vlan group group id Specifies a VLAN group ID 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 2 Default behavior The prima...

Page 296: ...specify an Ethernet interface that is part of a channel group as the primary port Conversely an Ethernet interface that is set as the primary port cannot be assigned to a channel group Set the primary...

Page 297: ...a ring port that configures a shared link shared edge When a Switch operates as the edge node in a shared link non monitoring ring this parameter sets the ring port that will be a shared link Only on...

Page 298: ...terface that is the ring port in the shutdown state 3 An Ethernet interface that is part of a channel group cannot be specified as a ring port Conversely an Ethernet interface that is specified as a r...

Page 299: ...control vlan Input mode config axrp Parameters vlan id Specifies the VLAN to be used as the control VLAN 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of val...

Page 300: ...s applied To avoid a loop before entering this command place the interface that is the ring port in the shutdown state 5 The VLAN specified as a control VLAN cannot be used with Spanning Tree Protocol...

Page 301: ...change is applied The change is applied immediately after setting values are changed Notes 1 If this command is entered while the Ring Protocol is operating the Ring Protocol functionality is disable...

Page 302: ...imes that flush control frames are sent 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 10 Default behavior The number of times that flush contro...

Page 303: ...ghboring ring flush control frames are to be sent 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values See Specifiable values for parameters Default behavi...

Page 304: ...rwarding until a flush control frame is received 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 65535 seconds or infinity Default behavior 10 se...

Page 305: ...to 300000 Default behavior The reception hold time for health check frames is set to 3000 milliseconds Impact on communication None When the change is applied The change is applied immediately after s...

Page 306: ...000 milliseconds Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 Set a value greater than the setting value of this c...

Page 307: ...a shared link non monitoring ring a ring that does not monitor shared links as the attributes of the ring in a multi ring configuration with shared links and specifies the positioning of a Switch in t...

Page 308: ...le Ring Protocol is operating the functionality is temporarily disabled As a result a loop might occur depending on the network configuration ring configuration to which the functionality is applied T...

Page 309: ...es 1000 to 300000 Default behavior The reception hold time for multi fault monitoring frames is set to 6000 milliseconds Impact on communication None When the change is applied The change is applied i...

Page 310: ...eter is omitted This parameter cannot be omitted 2 Range of values 500 to 60000 Default behavior The interval for sending multi fault monitoring frames is 2000 milliseconds Impact on communication Non...

Page 311: ...the shared link monitoring rings in the shared edge node In addition specify the ring ID of the shared link non monitoring ring used as the backup ring for switching the path in the route when multipl...

Page 312: ...4 Ring Protocol 284 link If you enable the monitoring function monitor enable parameter for a device other than a shared node multi fault monitoring cannot be performed correctly Related commands None...

Page 313: ...parameter cannot be omitted 2 Range of values See Specifiable values for parameters Note that the default VLAN VLAN ID 1 cannot be specified for this parameter Default behavior Multi fault monitoring...

Page 314: ...more than 32 characters in double quotation marks Specifiable characters are alphanumeric characters and special characters To enter a character string that does not include any special characters suc...

Page 315: ...command is executed 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 3600 seconds or infinity Default behavior The path switchback operation is n...

Page 316: ...pecifies the mapping IDs of the VLANs participating in a VLAN group One VLAN ID can be set Use hyphens or commas to specify multiple VLAN IDs at the same time 1 Default value when this parameter is om...

Page 317: ...14 Ring Protocol 289 the specified interface has precedence and set as the primary port Related commands axrp vlan mapping...

Page 318: ......

Page 319: ...291 Chapter 15 IGMP Snooping ip igmp snooping global ip igmp snooping interface ip igmp snooping fast leave ip igmp snooping mrouter ip igmp snooping querier...

Page 320: ...ping To delete information ip igmp snooping Input mode config Parameters None Default behavior The IGMP snooping functionality is enabled on a Switch Impact on communication The IGMP snooping function...

Page 321: ...change is applied immediately after the setting value is changed Notes 1 To concurrently use IGMP snooping and the IP multicast routing functionality on the Switch make sure that you set the swrt_mul...

Page 322: ...ommunication will continue for a default value of three seconds for the check process after IGMP Leave and IGMPv3 Report detachment request messages are received Impact on communication None When the...

Page 323: ...ort no port channel channel group number For nif no port no specify a NIF number or a port number The specifiable ranges for nif no and port no is the numbers of the NIF and the port that belong to th...

Page 324: ...15 IGMP Snooping 296 Related commands ip igmp snooping...

Page 325: ...nooping querier Input mode config if Parameters None Default behavior None Impact on communication None When the change is applied The change is applied immediately after the setting value is changed...

Page 326: ......

Page 327: ...299 Chapter 16 MLD Snooping ipv6 mld snooping global ipv6 mld snooping interface ipv6 mld snooping mrouter ipv6 mld snooping querier...

Page 328: ...ooping To delete information ipv6 mld snooping Input mode config Parameters None Default behavior Enables the MLD snooping functionality on a Switch Impact on communication The MLD snooping functional...

Page 329: ...functionality on the Switch make sure that you set the swrt_multicast_table command The following describes the operations when the swrt_multicast_table command is set If a pattern that allocates res...

Page 330: ...ort no port channel channel group number For nif no port no specify a NIF number or a port number The specifiable ranges for nif no and port no is the numbers of the NIF and the port that belong to th...

Page 331: ...16 MLD Snooping 303 Related commands ipv6 mld snooping...

Page 332: ...oping querier Input mode config if Parameters None Default behavior None Impact on communication None When the change is applied The change is applied immediately after the setting value is changed No...

Page 333: ...305 PART 5 Common to Filtering and QoS Chapter 17 Flow Detection Modes and Flow Operations flow action change cos flow detection mode flow detection out mode AX3640S...

Page 334: ...peration proceeds as described in Default behavior Syntax To set information flow action change cos To delete information no flow action change cos Input mode config Default behavior The priority dete...

Page 335: ...e recommend that you do not make any changes during operation If you do not set this command or if the information has been deleted layer3 2 returns to its default state Syntax To set or change inform...

Page 336: ...ion Guide Vol 2 For Version 11 7 and 3 1 1 Receiving side flow detection mode in the manual Configuration Guide Vol 2 For Version 11 7 Default behavior Flow detection operates as Layer 3 2 flow detect...

Page 337: ...17 Flow Detection Modes and Flow Operations 309 Notes None Related commands ip access group ipv6 traffic filter mac access group ip qos flow group ipv6 qos flow group mac qos flow group...

Page 338: ...and during the first step of actual operation We recommend that you do not make any changes during operation If you do not set this command or if the information has been deleted layer3 1 out returns...

Page 339: ...flow detection mode AX3640S in the manual Configuration Guide Vol 2 For Version 11 7 Default behavior Sending side flow detection operates as Layer 3 1 out flow detection Impact on communication None...

Page 340: ......

Page 341: ...ny mac access list extended ip access group ip access list extended ip access list resequence ip access list standard ipv6 access list ipv6 access list resequence ipv6 traffic filter mac access group...

Page 342: ...0S The following table lists the names that can be specified as IPv6 protocol names Table 18 2 Protocol names that can be specified IPv6 Protocol name Applicable protocol number ah 51 esp 50 gre 47 ic...

Page 343: ...ta connections 20 gopher Gopher 70 hostname NIC Host Name Server 101 http HyperText Transfer Protocol 80 https HTTP over TLS SSL 443 ident Ident Protocol 113 imap3 Interactive Mail Access Protocol ver...

Page 344: ...bootpc Bootstrap Protocol BOOTP client 68 bootps Bootstrap Protocol BOOTP server 67 discard Discard 9 domain Domain Name System 53 echo Echo 7 isakmp Internet Security Association and Key Management P...

Page 345: ...and Key Management Protocol 500 mobile ip Mobile IP registration 434 nameserver Host Name Server 42 ntp Network Time Protocol 123 radius Remote Authentication Dial In User Service 1812 radius acct RAD...

Page 346: ...le lists the DSCP names that can be specified Table 18 8 DSCP names that can be specified tos name tos value max reliability 2 max throughput 4 min delay 8 min monetary cost 1 normal 0 precedence name...

Page 347: ...1 8 cs2 16 cs3 24 cs4 32 cs5 40 cs6 48 cs7 56 default 0 ef 46 Ethernet type name Ethernet value Remarks appletalk 0x809b arp 0x0806 axp 0x88f3 Alaxala Protocol eapol 0x888e gsrp Filters GSRP control p...

Page 348: ...ence 3 14 host redirect Host redirect 5 1 host tos redirect Host redirect for TOS 5 3 host tos unreachable Host unreachable for TOS 3 12 host unknown Host unknown 3 7 host unreachable Host unreachable...

Page 349: ...Traceroute 30 Not specified ttl exceeded TTL exceeded 11 0 unreachable All unreachable 3 Not specified Message name Message Type Code beyond scope Destination beyond scope 1 2 destination unreachable...

Page 350: ...Examples for calculating the number of access lists that can be created and the number of specifications that can be set for an interface parameter option Parameter option problems 4 2 parameter probl...

Page 351: ...on Ethernet interface 0 2 interface gigabitethernet 0 1 ip access group AAA in interface gigabitethernet 0 2 ip access group BBB in ip access list extended AAA 10 permit tcp any any 20 deny udp any an...

Page 352: ...cify the inbound side of the VLAN interface AX3640S OS L3A Syntax To set or change information Configuring supplementary information access list access list number remark remark Configures an IPv4 add...

Page 353: ...ipv4 any destination ipv4 destination ipv4 wildcard host destination ipv4 any tos tos precedence precedence dscp dscp vlan vlan id user priority priority action specification AX3640S OS L3A action po...

Page 354: ...d 2 Range of values Specify 1 to 4294967294 in decimal Filter condition parameters deny permit Specifies the filter action to take when filter conditions are met Specifying deny denies access Specifyi...

Page 355: ...ondition is an exact match of source ipv4 If any is specified the source IPv4 address is not used as a filter condition IPv4 address nnn nnn nnn nnn 0 0 0 0 to 255 255 255 255 eq source port range sou...

Page 356: ...Specify 0 to 65535 in decimal or a port name For details about the port names that can be specified see Table 18 3 Port names that can be specified for TCP and Table 18 4 Port names that can be specif...

Page 357: ...decimal or the DSCP name For details about the DSCP names that can be specified see Table 18 8 DSCP names that can be specified ack Specifies the detection of packets whose ACK flag in the TCP header...

Page 358: ...he parameter is not set as a detection condition 2 Range of values None urg Specifies the detection of packets whose URG flag in the TCP header is 1 This parameter option is available only when the pr...

Page 359: ...ange of values See Specifiable values for parameters user priority priority Specifies the user priority 1 Default value when this parameter is omitted None The parameter is not set as a detection cond...

Page 360: ...99 or 2000 to 2699 in the ip access list extended command 4 When 255 255 255 255 is entered for an IPv4 address wildcard mask a source address wildcard mask or a destination address wildcard mask any...

Page 361: ...ource port start source port end destination ipv4 destination ipv4 wildcard host destination ipv4 any eq destination port range destination port start destination port end tos tos precedence precedenc...

Page 362: ...or any Specify the source IPv4 address for source ipv4 For source ipv4 wildcard specify a wildcard mask in IPv4 address format that specifies bits in an IPv4 address whose permitted value is arbitrary...

Page 363: ...255 eq destination port range destination port start destination port end Specifies the destination port number This parameter option is available only when the protocol is TCP or UDP 1 Default value...

Page 364: ...its in the ToS field Its value is compared with the first 6 bits in the ToS field of the received packet 1 Default value when this parameter is omitted None The parameter is not set as a detection con...

Page 365: ...cifies the detection of packets whose SYN flag in the TCP header is 1 This parameter option is available only when the protocol is TCP 1 Default value when this parameter is omitted None The parameter...

Page 366: ...n effect only when it is applied to an Ethernet interface 1 Default value when this parameter is omitted None The parameter is not set as a detection condition 2 Range of values See Specifiable values...

Page 367: ...nn nnn nnn nnn 0 0 0 0 is entered as the source address and the destination address host nnn nnn nnn nnn is displayed Related commands access list ip access group ip access list resequence permit ip a...

Page 368: ...be omitted 2 Range of values Specify 1 to 4294967294 in decimal ipv4 ipv4 wildcard host ipv4 any Specify an IPv4 address To specify all IPv4 addresses specify any 1 Default value when this parameter...

Page 369: ...ge is applied immediately after setting values are changed Notes 1 When 255 255 255 255 is entered as the address wildcard mask any is displayed 2 When nnn nnn nnn nnn 0 0 0 0 is entered as the addres...

Page 370: ...n ipv6 length host destination ipv6 any eq destination port range destination port start destination port end traffic class traffic class dscp dscp vlan vlan id user priority priority When the upper l...

Page 371: ...sses specify any 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Specify source ipv6 length host source ipv6 or any Specify the source IPv6 address fo...

Page 372: ...is an exact match of destination ipv6 If any is specified the destination IPv6 address is not used as a filter condition destination ipv6 nnnn nnnn nnnn nnnn nnnn nnnn nnnn nnnn 0 0 0 0 0 0 0 0 to fff...

Page 373: ...3640S Specifies the detection of packets whose ACK flag in the TCP header is 1 This parameter option is available only when the protocol is TCP 1 Default value when this parameter is omitted None The...

Page 374: ...le only when the protocol is TCP 1 Default value when this parameter is omitted None The parameter is not set as a detection condition 2 Range of values None icmp type AX3640S Specifies the ICMP type...

Page 375: ...as a detection condition 2 Range of values Specify 0 to 7 in decimal Default behavior None Impact on communication If an entry is added or changed when an access list is applied to an interface packet...

Page 376: ...r that if the maximum value for the application sequence is greater than 4294967284 the value cannot be omitted 2 Range of values Specify 1 to 4294967294 in decimal source mac source mac mask host sou...

Page 377: ...packets are used as the filter condition This Switch uses slow protocol packets in LACP and IEEE 802 3ah UDLD functionality If lldp is specified LLDP control packets are used as the filter condition I...

Page 378: ...ed Notes 1 If nnnn nnnn nnnn ffff ffff ffff is entered as the source address and the destination address any is displayed 2 If a protocol name is set for the destination address or if the address of a...

Page 379: ...lete information no ip access group access list number access list name in out AX3640S no ip access group access list number access list name in AX3630S Input mode config if Parameters access list num...

Page 380: ...one IPv4 access list on the inbound side of an interface If a filter has already been set first remove it and then set it again AX3630S 3 If you specify a non existent IPv4 filter this will be ignore...

Page 381: ...st that contains a VLAN parameter as a flow detection condition can be set on the outbound side if no tunneling ports have been set for the Ethernet interface for the switch AX3640S 9 An access list t...

Page 382: ...group commands to apply the target access list to an interface specify the inbound side of the VLAN interface AX3640S OS L3A Syntax To set information ip access list extended access list number access...

Page 383: ...Pv4 address filter names IPv6 access list names and MAC access list names that have already been created Related commands access list ip access group ip access list resequence deny ip access list exte...

Page 384: ...ot be omitted 2 Range of values For access list number specify a number from 1 to 199 or from1300 to 2699 in decimal For access list name specify a name that is no more than 31 characters For details...

Page 385: ...18 Access Lists 357 Notes None Related commands access list ip access list standard ip access list extended...

Page 386: ...e To delete information no ip access list standard access list number access list name Input mode config Parameters access list number access list name Specifies the identifier of the IPv4 address fil...

Page 387: ...18 Access Lists 359 Related commands access list ip access group ip access list resequence deny ip access list standard permit ip access list standard remark...

Page 388: ...x To set information ipv6 access list access list name To delete information no ipv6 access list access list name Input mode config Parameters access list name Specifies the identifier of the IPv6 fil...

Page 389: ...18 Access Lists 361 remark...

Page 390: ...be omitted 2 Range of values Specify a name that is no more than 31 characters long For details see Specifiable values for parameters starting sequence Specifies the starting sequence number 1 Default...

Page 391: ...18 Access Lists 363 Related commands ipv6 access list...

Page 392: ...40S ipv6 traffic filter access list name in AX3630S VLAN interface ipv6 traffic filter access list name in out AX3640S To delete information Ethernet interface no ipv6 traffic filter access list name...

Page 393: ...the inbound and outbound sides of an interface If a filter has already been set first remove it and then set it again AX3640S 2 You can set one IPv6 access list on the inbound side of an interface If...

Page 394: ...arameters is included as a flow detection condition the flow detection mode can be set if the VLAN ID is included in the Ethernet interface settings to be applied 10 When IPv6 packet filtering is appl...

Page 395: ...list name in out AX3640S no mac access group access list name in AX3630S Input mode config if Parameters access list name Specifies the identifier of the MAC filter that is to be set 1 Default value...

Page 396: ...has already been set first remove it and then set it again AX3630S 3 If you specify a non existent MAC filter this will be ignored The identifier of a MAC access list is registered 4 The following ta...

Page 397: ...ion condition 8 An access list that contains a VLAN parameter as a flow detection condition can be set on the outbound side if no tunneling ports have been set for the Ethernet interface for the switc...

Page 398: ...ccess list extended access list name Input mode config Parameters access list name Specifies the identifier of the MAC filter that is to be set 1 Default value when this parameter is omitted This para...

Page 399: ...ted 2 Range of values Specify a name that is no more than 31 characters long For details see Specifiable values for parameters starting sequence Specifies the starting sequence number 1 Default value...

Page 400: ...18 Access Lists 372 Related commands mac access list extended...

Page 401: ...t syn urg tos tos precedence precedence dscp dscp vlan vlan id user priority priority When the upper layer protocol is UDP udp source ipv4 source ipv4 wildcard host source ipv4 any eq source port rang...

Page 402: ...For details about the protocol names that can be specified see Table 18 1 Protocol names that can be specified IPv4 source ipv4 source ipv4 wildcard host source ipv4 any Specifies the source IPv4 add...

Page 403: ...n ipv4 wildcard specify a wildcard mask in IPv4 address format that specifies bits in an IPv4 address whose permitted value is arbitrary If host destination ipv4 is specified the filter condition is a...

Page 404: ...ted None The parameter is not set as a detection condition 2 Range of values Specify 0 to 7 in decimal or the precedence name For details about the precedence names that can be specified see Table 18...

Page 405: ...of values None rst Specifies the detection of packets whose RST flag in the TCP header is 1 This parameter option is available only when the protocol is TCP 1 Default value when this parameter is omi...

Page 406: ...le only when the protocol is ICMP For details about the ICMP message names that can be specified see Table 18 11 Message names that can be specified for ICMP IPv4 1 Default value when this parameter i...

Page 407: ...ed temporarily until the entry is applied to the interface When the change is applied The change is applied immediately after setting values are changed Notes 1 When 255 255 255 255 is entered for the...

Page 408: ...not be omitted 2 Range of values Specify 1 to 4294967294 in decimal ipv4 ipv4 wildcard host ipv4 any Specify an IPv4 address To specify all IPv4 addresses specify any 1 Default value when this paramet...

Page 409: ...nge is applied immediately after setting values are changed Notes 1 When 255 255 255 255 is entered as the address wildcard mask any is displayed 2 When nnn nnn nnn nnn 0 0 0 0 is entered as the addre...

Page 410: ...tion ipv6 length host destination ipv6 any eq destination port range destination port start destination port end traffic class traffic class dscp dscp vlan vlan id user priority priority When the uppe...

Page 411: ...6 address To specify all source IPv6 addresses specify any 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Specify source ipv6 length host source ipv6...

Page 412: ...If host destination ipv6 is specified the filter condition is an exact match of destination ipv6 If any is specified the destination IPv6 address is not used as a filter condition destination ipv6 nn...

Page 413: ...8 8 DSCP names that can be specified ack AX3640S Specifies the detection of packets whose ACK flag in the TCP header is 1 This parameter option is available only when the protocol is TCP 1 Default val...

Page 414: ...TCP header is 1 This parameter option is available only when the protocol is TCP 1 Default value when this parameter is omitted None The parameter is not set as a detection condition 2 Range of value...

Page 415: ...ter is omitted None The parameter is not set as a detection condition 2 Range of values Specify 0 to 7 in decimal Default behavior None Impact on communication If an entry is added or changed when an...

Page 416: ...ever that if the maximum value for the application sequence is greater than 4294967284 the value cannot be omitted 2 Range of values Specify 1 to 4294967294 in decimal source mac source mac mask host...

Page 417: ...rotocol packets in LACP and IEEE 802 3ah UDLD functionality If lldp is specified LLDP control packets are used as the filter condition If oadp is specified OADP control packets are used as the filter...

Page 418: ...nnnn ffff ffff ffff is entered as the source address and the destination address any is displayed 2 If a protocol name is set for the destination address or if the address of a protocol name that can...

Page 419: ...rwrites the existing information 1 Default value when this parameter is omitted The initial value is null 2 Range of values Enclose a character string of no more than 64 characters in double quotation...

Page 420: ......

Page 421: ...ip qos flow list resequence ipv6 qos flow group ipv6 qos flow list ipv6 qos flow list resequence limit queue length mac qos flow group mac qos flow list mac qos flow list resequence qos ip qos flow li...

Page 422: ...llowing table lists the names that can be specified as IPv6 protocol names Table 19 2 Protocol names that can be specified IPv6 AX3640S Protocol name Applicable protocol number ah 51 esp 50 gre 47 icm...

Page 423: ...nnections 20 gopher Gopher 70 hostname NIC Host Name Server 101 http HyperText Transfer Protocol 80 https HTTP over TLS SSL 443 ident Ident Protocol 113 imap3 Interactive Mail Access Protocol version...

Page 424: ...c Bootstrap Protocol BOOTP client 68 bootps Bootstrap Protocol BOOTP server 67 discard Discard 9 domain Domain Name System 53 echo Echo 7 isakmp Internet Security Association and Key Management Protoc...

Page 425: ...ey Management Protocol 500 mobile ip Mobile IP registration 434 nameserver Host Name Server 42 ntp Network Time Protocol 123 radius Remote Authentication Dial In User Service 1812 radius acct RADIUS A...

Page 426: ...ists the DSCP names that can be specified Table 19 8 DSCP names that can be specified tos name tos value max reliability 2 max throughput 4 min delay 8 min monetary cost 1 normal 0 precedence name pre...

Page 427: ...24 cs4 32 cs5 40 cs6 48 cs7 56 default 0 ef 46 Ethernet type name Ethernet value Remarks appletalk 0x809b arp 0x0806 axp 0x88f3 Alaxala Protocol eapol 0x888e gsrp Performs flow detection for GSRP cont...

Page 428: ...3 14 host redirect Host redirect 5 1 host tos redirect Host redirect for TOS 5 3 host tos unreachable Host unreachable for TOS 3 12 host unknown Host unknown 3 7 host unreachable Host unreachable 3 1...

Page 429: ...ttl exceeded TTL exceeded 11 0 unreachable All unreachable 3 Not specified Message name Message Type Code beyond scope Destination beyond scope 1 2 destination unreachable Destination address is unrea...

Page 430: ...QoS flow lists that can be created and the number of specifications that can be set for an interface The following table provides examples of calculating the number of QoS flow lists that can be crea...

Page 431: ...s flow group AAA in interface gigabitethernet 0 2 ip qos flow group AAA in ip qos flow list AAA 10 qos tcp any any action max rate 10M 20 qos udp any any action min rate 10M 1 list 2 lists In this exa...

Page 432: ...if Parameters qos flow list name Specifies the IPv4 QoS flow list name 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Specify a name that is no more...

Page 433: ...s as a flow detection condition the list can be set if the VLAN ID is included in settings of the Ethernet interface 6 If you apply a list to an Ethernet interface you can apply the copy user priority...

Page 434: ...w list qos flow list name Input mode config Parameters qos flow list name Specifies the IPv4 QoS flow list name 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range...

Page 435: ...of values Specify a name that is no more than 31 characters long For details see Specifiable values for parameters starting sequence Specifies the starting sequence number 1 Default value when this p...

Page 436: ...19 QoS 408 Related commands ip qos flow list...

Page 437: ...set for an interface Syntax To set information ipv6 qos flow group qos flow list name in To delete information no ipv6 qos flow group qos flow list name in Input mode config if Parameters qos flow lis...

Page 438: ...estination IP address as a flow detection condition 5 When the receiving side flow detection mode is layer3 4 and the IPv6 QoS flow list is applied the mode can be set if any is specified for the dest...

Page 439: ...tion if VLAN tunneling is configured 9 If you apply a list to a VLAN interface you can set the list if no VLAN parameters are set in the flow detection conditions and the copy user priority parameter...

Page 440: ...w list qos flow list name Input mode config Parameters qos flow list name Specifies the IPv6 QoS flow list name 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range...

Page 441: ...ge of values Specify a name that is no more than 31 characters long For details see Specifiable values for parameters starting sequence Specifies the starting sequence number 1 Default value when this...

Page 442: ...19 QoS 414 Related commands ipv6 qos flow list...

Page 443: ...ge of values 64 or 1976 Default behavior 64 is used as the send queue length for a port on a Switch Impact on communication Communications that pass through the Switch stop while the Switch is restart...

Page 444: ...mmand the queue length is allocated to only queue 1 and queue 2 resulting in the following scheduling operations PQ RR and WRR Queues 1 and 2 operate with PQ RR or WRR specified 2PQ 6DRR Queues 1 and...

Page 445: ...g if Parameters qos flow list name Specifies the MAC QoS flow list name 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Specify a name that is no more...

Page 446: ...as a flow detection condition the list can be set if the VLAN ID is included in settings of the Ethernet interface 6 If you apply a list to an Ethernet interface you can apply the copy user priority...

Page 447: ...st qos flow list name Input mode config Parameters qos flow list name Specifies the MAC QoS flow list name 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of va...

Page 448: ...values Specify a name that is no more than 31 characters long For details see Specifiable values for parameters starting sequence Specifies the starting sequence number 1 Default value when this param...

Page 449: ...19 QoS 421 Related commands mac qos flow list...

Page 450: ...wildcard host source ipv4 any eq source port range source port start source port end destination ipv4 destination ipv4 wildcard host destination ipv4 any eq destination port range destination port sta...

Page 451: ...be specified see Table 19 1 Protocol names that can be specified IPv4 source ipv4 source ipv4 wildcard host source ipv4 any Specifies the source IPv4 address To specify all source IPv4 addresses spec...

Page 452: ...ue is arbitrary If host destination ipv4 is specified the flow detection condition is an exact match of destination ipv4 If any is specified the destination IPv4 address is not used as a flow detectio...

Page 453: ...edence name For details about the precedence names that can be specified see Table 19 7 precedence names that can be specified dscp dscp Specifies the DSCP value which is the first 6 bits in the ToS f...

Page 454: ...se RST flag in the TCP header is 1 This parameter option is available only when the protocol is TCP 1 Default value when this parameter is omitted None The parameter is not set as a detection conditio...

Page 455: ...that can be specified see Table 19 11 Message names that can be specified for ICMP IPv4 1 Default value when this parameter is omitted None The parameter is not set as a detection condition 2 Range o...

Page 456: ...ified class 1 Default value when this parameter is omitted The default queuing priority is used For details about the default CoS values see 3 10 2 CoS values and queuing priority in the manual Config...

Page 457: ...specifiable for bandwidth monitoring max rate burst kbyte Mbyte M Sets the burst size the maximum number of bytes of the packet that exceeds the maximum bandwidth and can be judged as a compliant pack...

Page 458: ...he queuing priority when non compliance occurs in minimum bandwidth monitoring The queuing priority of the packet that violates the minimum bandwidth monitoring criteria with min rate specified is cha...

Page 459: ...nged Notes 1 When 255 255 255 255 is entered for the source address wildcard mask and the destination address wildcard mask any is displayed 2 If nnn nnn nnn nnn 0 0 0 0 is entered as the source addre...

Page 460: ...tocol is UDP udp source ipv6 length host source ipv6 any eq source port range source port start source port end destination ipv6 length host destination ipv6 any eq destination port range destination...

Page 461: ...1 to 255 in decimal or a protocol name For details about the protocol names that can be specified see Table 19 2 Protocol names that can be specified IPv6 AX3640S ipv6 AX3630S Specifies the IPv6 addre...

Page 462: ...ation IPv6 addresses specify any 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Specify destination ipv6 length host destination ipv6 or any Specify...

Page 463: ...6 bits in the traffic class field Its value is compared with the first 6 bits in the traffic class field of the received packet 1 Default value when this parameter is omitted None The parameter is no...

Page 464: ...ckets whose SYN flag in the TCP header is 1 This parameter option is available only when the protocol is TCP 1 Default value when this parameter is omitted None The parameter is not set as a detection...

Page 465: ...D This parameter has an effect only when it is applied to an Ethernet interface 1 Default value when this parameter is omitted None The parameter is not set as a detection condition 2 Range of values...

Page 466: ...with the dscp value 1 Default value when this parameter is omitted None The DSCP value is not replaced 2 Range of values Specify 0 to 63 in decimal or the DSCP name For details about the DSCP names t...

Page 467: ...e of values AX3630S kbyte 16 32 64 128 256 512 1000 2000 4000 8000 16000 Mbyte M 1M 2M 4M 8M 16M min rate Performs minimum bandwidth monitoring Bandwidth monitoring is performed for sent and received...

Page 468: ...fy 1 to 3 in decimal penalty dscp dscp Specifies the value for rewriting DSCP when non compliance occurs in minimum bandwidth monitoring The DSCP field of the packet that violates the minimum bandwidt...

Page 469: ...nnnn nnnn nnnn nnnn 128 is entered as the source address and the destination address host nnnn nnnn nnnn nnnn nnnn nnnn nnnn nnnn is displayed Related commands ipv6 qos flow list ipv6 qos flow group i...

Page 470: ...1 Default value when this parameter is omitted 10 is set as the initial value if there are no conditions in the QoS flow list If conditions have been set the initial value is the maximum value for th...

Page 471: ...fied CDP control packets are used as the flow detection condition If lacp or slow protocol is specified slow protocol packets are used as the flow detection condition This Switch uses slow protocol pa...

Page 472: ...ee 3 10 2 CoS values and queuing priority in the manual Configuration Guide Vol 2 For Version 11 7 2 Range of values Specify 0 to 7 in decimal discard class class Specifies the queuing priority The qu...

Page 473: ...x rate burst kbyte Mbyte M Sets the burst size the maximum number of bytes of the packet that exceeds the maximum bandwidth and can be judged as a compliant packet for maximum bandwidth control 1 Defa...

Page 474: ...iolates the minimum bandwidth monitoring criteria with min rate specified is changed to class The queuing priority of compliant packets is specified with discard class 1 Default value when this parame...

Page 475: ...19 QoS 447 Related commands mac qos flow list mac qos flow group mac qos flow list resequence remark...

Page 476: ...he applicable line restarts causing communication on the line stop temporarily When the change is applied The change is applied immediately after setting values are changed Notes 1 If the scheduling m...

Page 477: ...irst character pq wrr packet1 packet2 packet3 packet4 packet5 packet6 packet7 packet8 wfq min rate1 minimum rate1 min rate2 minimum rate2 min rate3 minimum rate3 min rate4 minimum rate4 min rate5 mini...

Page 478: ...s parameter is omitted minimum rate None A minimum guaranteed bandwidth is not set 2 Range of values minimum rate See the table below You can specify k default M or G for the unit of the value minimum...

Page 479: ...erval shown below byte Setting range 16 to 4080 Setting interval 16 For AX3630S series switches byte You can set a value in units of Kbytes default or Mbytes byte byte M Setting in Kbytes 10 20 40 80...

Page 480: ...n changes are made all packets are removed from the queue While the packets are being removed from the queue no new packets can be queued You need to be careful if you logged in via a network 2 If the...

Page 481: ...ng new information overwrites the existing information 1 Default value when this parameter is omitted The initial value is null 2 Range of values Enclose a character string of no more than 64 characte...

Page 482: ...default M or G for the unit of the value Set the bandwidth so that it is equal to or smaller than the line speed Table 19 22 Setting range for port bandwidth control 1 1G is treated as 1000000000 1M i...

Page 483: ...nge is applied immediately after setting values are changed Notes 1 Port bandwidth control does not work when the line status is half duplex 2 When the set bandwidth for port bandwidth control exceeds...

Page 484: ......

Page 485: ...nd and applicable Layer 2 authentication types authentication arp relay authentication force authorized enable authentication force authorized vlan authentication ip access group authentication max us...

Page 486: ...yer 2 authentication coexists 1 For IEEE 802 1X the command cannot be applied in single terminal and multi terminal modes of port based authentication 2 For Web authentication the command is applied i...

Page 487: ...hentication arp relay To delete information no authentication arp relay Input mode config if Parameters None Default behavior None Impact on communication None When the change is applied The change is...

Page 488: ...tication force authorized enable Input mode config Parameters None Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values...

Page 489: ...20 Layer 2 Authentication 461 mac authentication system auth control radius server web authentication port web authentication system auth control...

Page 490: ...rs vlan id Sets a MAC VLAN as the port authentication VLAN that is assigned when forced authentication is performed 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Ra...

Page 491: ...er one IPv4 packet filter identifier can be specified per device 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values For access list number specify values...

Page 492: ...20 Layer 2 Authentication 464 Notes None Related commands dot1x system auth control mac authentication system auth control web authentication system auth control...

Page 493: ...024 Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 If the maximum number of terminals that can be authenticated is c...

Page 494: ...ting values are changed Notes 1 If the maximum number of terminals that can be authenticated is changed to a value smaller than the number of terminals currently authenticated the authenticated termin...

Page 495: ...based authentication dynamic mode which are set concurrently is restricted to 256 This is due to a restriction on MAC VLANs AX3630S Related commands dot1x port control dot1x vlan dot1x vlan dynamic m...

Page 496: ...mode config Parameters minutes Specify in minutes the time that elapses before access to the highest priority RADIUS server is made again after another RADIUS server starts operation 1 Default value...

Page 497: ...iod dot1x vlan dynamic enable dot1x vlan dynamic ignore eapol start dot1x vlan dynamic max req dot1x vlan dynamic max supplicant dot1x vlan dynamic radius vlan dot1x vlan dynamic reauthentication dot1...

Page 498: ...on is sent to the accounting server If authentication is canceled the accounting stop notification is sent to the accounting server 1 Default value when this parameter is omitted This parameter cannot...

Page 499: ...tication is performed by a RADIUS server 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values group radius Default behavior None Impact on communication No...

Page 500: ...nfig Parameters group radius IEEE 802 1X authentication is performed by a RADIUS server 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values group radius D...

Page 501: ...elete information no dot1x force authorized port Input mode config if Parameters None Default behavior None Impact on communication None When the change is applied The change is applied immediately af...

Page 502: ...en the dot1x system auth control command is set 2 This command takes effect only if the dot1x port control command has been set 3 This command can be set only on an interface for which both the dot1x...

Page 503: ...elete information no dot1x logging enable Input mode config Parameters None Default behavior Operation log information is not output to a syslog server Impact on communication None When the change is...

Page 504: ...rames is logged notice error warning notice and normal level messages are logged Information on whether authentication is supported and information on server connectivity is logged info error warning...

Page 505: ...P Request retransmissions 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 10 Default behavior The maximum number of EAP Request retransmissions i...

Page 506: ...nnected is 64 Impact on communication If the specified value is smaller than the number of terminals that are currently authenticated on the specified interface the authentication status of all suppli...

Page 507: ...x multiple authentication To delete information no dot1x multiple authentication Input mode config if Parameters None Default behavior The authentication submode is single mode Impact on communication...

Page 508: ...rmation no dot1x multiple hosts Input mode config if Parameters None Default behavior The authentication submode is single mode Impact on communication If the authentication submode is changed the aut...

Page 509: ...21 IEEE802 1X 481 dot1x multiple authentication...

Page 510: ...interface is always possible force unauthorized IEEE 802 1X authentication is not performed and communication by terminals connected to the specified interface is never possible 1 Default value when...

Page 511: ...b authentication or MAC based authentication 6 If you set this command for an authentication port for Web authentication or MAC based authentication set the authentication submode to terminal authenti...

Page 512: ...authentication Input mode config if Parameters None Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed Not...

Page 513: ...w terminal detection EAP Request Identity transmission when the authentication submode is set to terminal authentication mode Normal re authentication processing is performed for authenticated termina...

Page 514: ...ot1x supplicant detection command is valid only if the dot1x multiple authentication command has been set 4 disable cannot be set for the dot1x supplicant detection command on an interface for which t...

Page 515: ...IEEE 802 1X settings take effect when the dot1x system auth control command is set 2 If the EAPOL forwarding functionality has been set this command fails and IEEE 802 1X is not enabled 3 If an authe...

Page 516: ...communication disabled state when single authentication submode is set 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 65535 Default behavior 360...

Page 517: ...ters seconds Specifies the period of time in seconds for maintaining the unauthenticated state 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 0 to 65...

Page 518: ...as the interval for re authenticating a supplicant Impact on communication None When the change is applied When the operating timer times out the value of the timer becomes 0 When the clear dot1x auth...

Page 519: ...21 IEEE802 1X 491 dot1x system auth control dot1x port control...

Page 520: ...ait for a response 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 65535 Default behavior 30 seconds is used as the time to wait for a response I...

Page 521: ...onds to wait for a response from a supplicant 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 65535 Default behavior 30 seconds is used as the ti...

Page 522: ...nds is used as the interval for sending EAP Request Identity packets Impact on communication None When the change is applied When the operating timer times out the value of the timer becomes 0 When th...

Page 523: ...ange is applied immediately after setting values are changed Notes 1 All IEEE 802 1X settings take effect when the dot1x system auth control command is set 2 When you set the dot1x vlan dynamic enable...

Page 524: ...ommand takes effect only if the dot1x vlan dynamic enable command has been set 3 This command can be set only on an interface on which the dot1x vlan dynamic reauthentication command is set and disabl...

Page 525: ...of EAP Request retransmissions 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 10 Default behavior The maximum number of EAP Request retransmissi...

Page 526: ...series switch and 256 for an AX3630S series switch Impact on communication If the specified value is smaller than the number of terminals that are currently authenticated on the specified interface th...

Page 527: ...d list and the specifiable values see Specifiable values for parameters Note that the default VLAN VLAN ID 1 cannot be specified for this command add vlan id list Specifies VLANs to be added to the VL...

Page 528: ...enable command has been set 3 The sum of VLANs with dynamic and static VLAN based authentication can be no more than 1024 4 The sum of the ports and channel groups belonging to any of the VLANs having...

Page 529: ...ntication Input mode config Parameters None Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 All...

Page 530: ...etection and performs normal re authentication processing for authenticated terminals Specify this parameter when you use both a supplicant that operates abnormally if the authentication sequence is s...

Page 531: ...able cannot be set for the dot1x vlan dynamic supplicant detection command 4 If you specify full for this command the load on the Switch increases Therefore make sure that the number of terminals per...

Page 532: ...fig Parameters seconds Specifies the period of time in seconds for maintaining the unauthenticated state 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of valu...

Page 533: ...sed as the interval for re authenticating a supplicant Impact on communication None When the change is applied When the operating timer times out the value of the timer becomes 0 When the clear dot1x...

Page 534: ...21 IEEE802 1X 506 dot1x system auth control dot1x vlan dynamic enable...

Page 535: ...econds to wait for a response 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 65535 Default behavior 30 seconds is used as the time to wait for a...

Page 536: ...n seconds to wait for a response from a supplicant 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 65535 Default behavior 30 seconds is used as t...

Page 537: ...r 30 seconds is used as the interval for sending EAP Request Identity packets Impact on communication None When the change is applied When the operating timer times out the value of the timer becomes...

Page 538: ...ne When the change is applied The change is applied immediately after setting values are changed Notes 1 All IEEE 802 1X settings take effect when the dot1x system auth control command is set 2 If thi...

Page 539: ...21 IEEE802 1X 511 Related commands vlan dot1x system auth control dot1x port control dot1x vlan dynamic radius vlan switchport access...

Page 540: ...AN ID 1 cannot be specified for this command Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 Al...

Page 541: ...21 IEEE802 1X 513 Related commands dot1x vlan reauthentication dot1x vlan supplicant detection dot1x system auth control dot1x vlan enable...

Page 542: ...omitted This parameter cannot be omitted 2 Range of values For details about how to set vlan id list and the specifiable values see Specifiable values for parameters Note that the default VLAN VLAN ID...

Page 543: ...21 IEEE802 1X 515 Related commands dot1x system auth control dot1x vlan timeout supp timeout dot1x vlan enable...

Page 544: ...an id list and the specifiable values see Specifiable values for parameters Note that the default VLAN VLAN ID 1 cannot be specified for this command clients Specifies the maximum number of terminals...

Page 545: ...t 3 If the specified value is smaller than the number of terminals that are currently authenticated by VLAN based authentication static authentication status of all supplicants that are authenticated...

Page 546: ...Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values For details about how to set vlan id list and the specifiable values see Specifiable values for paramet...

Page 547: ...21 IEEE802 1X 519 dot1x vlan enable...

Page 548: ...cant operates abnormally if the authentication sequence is omitted in order to decrease switch load If this parameter is specified authentication processing for a supplicant for which authentication c...

Page 549: ...EEE 802 1X settings take effect when the dot1x system auth control command is set 2 This command takes effect only if the dot1x vlan vlan id list enable command has been set 3 On the interface on whic...

Page 550: ...ult value when this parameter is omitted This parameter cannot be omitted 2 Range of values For details about how to set vlan id list and the specifiable values see Specifiable values for parameters N...

Page 551: ...21 IEEE802 1X 523 Related commands dot1x system auth control dot1x vlan enable...

Page 552: ...this parameter is omitted This parameter cannot be omitted 2 Range of values For details about how to set vlan id list and the specifiable values see Specifiable values for parameters Note that the de...

Page 553: ...mand has been set 3 This command takes effect only if re authentication has been set by using the dot1x vlan vlan id list reauthentication command 4 For the parameter set a value greater than the valu...

Page 554: ...ameter cannot be omitted 2 Range of values For details about how to set vlan id list and the specifiable values see Specifiable values for parameters Note that the default VLAN VLAN ID 1 cannot be spe...

Page 555: ...21 IEEE802 1X 527 Related commands dot1x system auth control dot1x vlan enable...

Page 556: ...omitted This parameter cannot be omitted 2 Range of values For details about how to set vlan id list and the specifiable values see Specifiable values for parameters Note that the default VLAN VLAN ID...

Page 557: ...21 IEEE802 1X 529 Related commands dot1x system auth control dot1x vlan max req dot1x vlan enable...

Page 558: ...le values see Specifiable values for parameters Note that the default VLAN VLAN ID 1 cannot be specified for this command seconds Specifies the interval in seconds for sending EAP Request Identity pac...

Page 559: ...For the parameter set a value smaller than the value set by using the dot1x vlan vlan id list timeout reauth period command Related commands dot1x vlan timeout reauth period dot1x system auth control...

Page 560: ......

Page 561: ...g enable web authentication logout ping tos windows web authentication logout ping ttl web authentication logout polling count web authentication logout polling enable web authentication logout pollin...

Page 562: ...rized enable Y Y authentication force authorized vlan Y authentication ip access group Y Y authentication max user Y Y authentication max user interface Y Y authentication radius server dead interval...

Page 563: ...t but the setting is not applied N The command cannot be set web authentication static vlan max user Y web authentication system auth control Y Y Y web authentication vlan N N Y web authentication web...

Page 564: ...tication default Input mode config Parameters None Default behavior Notification to the accounting server is only performed after this is set Impact on communication None When the change is applied Th...

Page 565: ...s performed by using the internal Web authentication database instead of using the RADIUS server Impact on communication Authentications for all users will be canceled When the change is applied The c...

Page 566: ...ects MAC addresses that have been authenticated by Web authentication but have not been used for a certain period of time on the MAC address table authentication for these MAC addresses is canceled Im...

Page 567: ...ess fqdn fqdn To delete information no web authentication ip address Input mode config Parameters authentication address Sets the Web authentication IP address 1 Default value when this parameter is o...

Page 568: ...tication execute the restart web authentication web server operation command immediately to restart the Web server 4 In legacy mode in an environment without the web authentication port command config...

Page 569: ...aracters If an input character string does not include any special characters you do not have to enclose the character string in double quotation marks For details see Any character string in Specifia...

Page 570: ...e To delete information no web authentication logging enable Input mode config Parameters None Default behavior Operation log information is not output to a syslog server Impact on communication None...

Page 571: ...b authentication logout ping tos windows Input mode config Parameters tos Sets the TOS value of special packets for Web authentication 1 Default value when this parameter is omitted This parameter can...

Page 572: ...tication logout ping ttl Input mode config Parameters ttl Sets the TTL value of special packets for Web authentication 1 Default value when this parameter is omitted This parameter cannot be omitted 2...

Page 573: ...three times Impact on communication None When the change is applied The setting takes effect when the first sending interval has passed since the value was changed Notes 1 This command is enabled when...

Page 574: ...polling count To set the monitoring packet sending interval to be shorter than 300 seconds use the default values for the resending interval and the resending count Related commands web authentication...

Page 575: ...The interval set by using the web authentication logout polling retry interval command One second is set by default Number of retransmissions The number of retransmissions set by using the web authent...

Page 576: ...that retransmission when a no response state is detected does not exceed the polling interval so that the retransmission can complete during one polling interval 1 web authentication logout polling i...

Page 577: ...command the web authentication logout polling enable command has been set Impact on communication None When the change is applied The setting takes effect when the first sending interval has passed s...

Page 578: ...retry interval 3 web authentication logout polling count To set the monitoring packet sending interval to be shorter than 300 seconds use the default values for the resending interval and the resendin...

Page 579: ...vior The retransmission interval of monitoring packets is one second Impact on communication None When the change is applied The setting takes effect when the first sending interval has passed since t...

Page 580: ...ng retry interval 3 web authentication logout polling count To set the monitoring packet sending interval to be shorter than 300 seconds use the default values for the resending interval and the resen...

Page 581: ...is parameter is omitted This parameter cannot be omitted 2 Range of values 10 to 1440 or infinity Default behavior 60 minutes is set as the maximum connection time Impact on communication None When th...

Page 582: ...b authentication system auth control web authentication max user web authentication vlan web authentication auto logout aaa authentication web authentication default group radius aaa accounting web au...

Page 583: ...alues 1 to 1024 AX3640S 1 to 256 AX3630S Default behavior The maximum number of users who can be authenticated is 1024 for an AX3640S series switch and 256 for an AX3630S series switch Impact on commu...

Page 584: ...LAN mode if this command has been used to set another authenticating port to fixed VLAN mode Likewise the applicable port cannot be set to fixed VLAN mode if another authenticating port has been set t...

Page 585: ...ommunication None When the change is applied The change is applied after the restart web authentication web server operation command is used to restart the Web server Notes 1 This command is enabled w...

Page 586: ...e for https is displayed when the URL redirect functionality is enabled 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values http or https Default behavior...

Page 587: ...ed This parameter cannot be omitted 2 Range of values 1 to 1024 Default behavior The maximum users that can be authenticated 1024 users Impact on communication None When the change is applied The chan...

Page 588: ...led When the change is applied The change is applied immediately after setting values are changed Notes 1 If the no web authentication system auth control command is executed user information register...

Page 589: ...vlan id list and the specifiable values see Specifiable values for parameters Note that it cannot be specified for the default VLAN VLAN ID 1 Default behavior No VLANs are switched after authenticati...

Page 590: ...thentication web port http https port port To delete information no web authentication web port http https Input mode config Parameters http https http Adds a TCP port number for http https Adds a TCP...

Page 591: ...g in again 2 If OAN is also used the port numbers 832 and 9698 which are used by OAN cannot be used for login and logout operations for Web authentication 3 After this command is used to set or delete...

Page 592: ......

Page 593: ...adius mac authentication auth interval timer mac authentication auto logout mac authentication dot1q vlan force authorized mac authentication dynamic vlan max user mac authentication logging enable ma...

Page 594: ...Y aaa authentication mac authentication default group radius Y Y authentication arp relay Y Y authentication force authorized enable Y Y authentication force authorized vlan Y authentication ip acces...

Page 595: ...accounting mac authentication default Input mode config Parameters None Default behavior Notification to the accounting server is only performed after this is set Impact on communication None When the...

Page 596: ...config Parameters None Default behavior Authentication is performed by using the internal MAC based authentication database instead of using the RADIUS server Impact on communication All authenticatio...

Page 597: ...val until the next authentication is performed is set to the default value five minutes Impact on communication None When the change is applied The change is applied immediately after setting values a...

Page 598: ...23 MAC based Authentication 570 mac authentication port...

Page 599: ...ated by MAC based authentication has not been used for a certain period of time the authentication is canceled Impact on communication If this command is executed even when the Switch detects the MAC...

Page 600: ...e is applied The change is applied immediately after setting values are changed Notes 1 This command is valid for terminals that send tagged frames destined for the VLAN ID specified with the dot1q vl...

Page 601: ...ased authentication More MAC addresses than the set number cannot be authenticated 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 1024 AX3640S 1...

Page 602: ...ng enable To delete information no mac authentication logging enable Input mode config Parameters None Default behavior Operation log information is not output to a syslog server Impact on communicati...

Page 603: ...rameter is omitted This parameter cannot be omitted 2 Range of values 10 to 1440 or infinity Default behavior AAuAuthentication is not cancelled based on the maximum connection time Impact on communic...

Page 604: ...23 MAC based Authentication 576 Related commands mac authentication system auth control mac authentication port...

Page 605: ...g consisting of 1 to 32 characters in double quotation marks Specifiable characters are alphanumeric characters and special characters To enter a character string that does not include any special cha...

Page 606: ...sends and receives tagged frames and is configured on the port on which a MAC VLAN is set Syntax To set information mac authentication port To delete information no mac authentication port Input mode...

Page 607: ...IPv6 address of the RADIUS server in colon notation Specify the interface parameter only when a link local address is specified interface vlan vlan id For vlan id specify the VLAN ID set by the interf...

Page 608: ...r is disabled 2 Range of values Enclose a character string consisting of 1 to 64 characters in double quotation marks Specifiable characters are alphanumeric characters and special characters To enter...

Page 609: ...top of the display resulting from this configuration command is used for the first authentication Related commands mac authentication system auth control mac authentication port aaa authentication ma...

Page 610: ...f MAC based authentication More MAC addresses than the set number cannot be authenticated 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 1024 De...

Page 611: ...on system auth control To delete information no mac authentication system auth control Input mode config Parameters None Default behavior MAC based authentication is not performed Impact on communicat...

Page 612: ...this parameter is omitted VLAN is set 2 Range of values Enclose a character string consisting of 1 to 64 characters in double quotation marks Specifiable characters are alphanumeric characters and sp...

Page 613: ...585 Chapter 24 Authentication VLANs OP VAA fense alive timer OP VAA fense retry count OP VAA fense retry timer OP VAA fense server OP VAA fense vaa name OP VAA fense vaa sync OP VAA fense vlan OP VAA...

Page 614: ...the VLANaccessController in the authentication VLAN system 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 10 seconds Specifies the time interval...

Page 615: ...24 Authentication VLANs OP VAA 587 fense vlan...

Page 616: ...Switch uses to identify the connection to the VLANaccessController in the authentication VLAN system 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1...

Page 617: ...24 Authentication VLANs OP VAA 589 be set Related commands fense vaa name fense server fense vlan...

Page 618: ...sController in the authentication VLAN system 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 10 seconds Specifies the retry interval in seconds...

Page 619: ...ot be omitted 2 Range of values 1 to 10 server address Specifies the IPv4 address of the VLANaccessController in dot notation 1 Default value when this parameter is omitted This parameter cannot be om...

Page 620: ...configuration of an authentication VLAN system by using the fense vlan command be sure to restart the functions of the authentication server and then restart the authentication VLANs on the Switch 3 I...

Page 621: ...s Specify 1 to 64 characters Only alphanumeric characters forward slashes hyphens underscores _ and periods can be used The following character strings cannot be specified The first character is a per...

Page 622: ...ontrol command is set for IEEE 802 1X this command cannot be set 2 When you have modified the network configuration of an authentication VLAN system by using this command be sure to restart the functi...

Page 623: ...nc is set the Switch operates in selective registration mode Syntax To set information no fense vaa sync To delete information fense vaa sync Input mode config Parameters None Default behavior The Swi...

Page 624: ...t be omitted 2 Range of values 1 to 10 vlan id Specifies the VLAN ID of the authenticated VLAN 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Specify...

Page 625: ...red by the fense server command One or more entries have been set by the fense vlan command Notes 1 A MAC VLAN must be configured on the VLAN corresponding to the VLAN ID 2 For vaa id you cannot speci...

Page 626: ......

Page 627: ...vlan ip dhcp snooping ip dhcp snooping database url ip dhcp snooping database write delay ip dhcp snooping information option allow untrusted ip dhcp snooping limit rate ip dhcp snooping logging enabl...

Page 628: ...or change information ip arp inspection limit rate packet s To delete information no ip arp inspection limit rate Input mode config Parameters packet s Sets the number of ARP packets that can be rece...

Page 629: ...ection trust Input mode config if Parameters None Default behavior Dynamic ARP inspection is performed Impact on communication None When the change is applied The change is applied immediately after s...

Page 630: ...ceived ARP packet matches the sender MAC address in the ARP header 2 Range of values None dst mac When the dst mac option is specified the Switch checks whether the destination MAC address in the Laye...

Page 631: ...dynamic ARP inspections are not performed Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes None Related commands ip arp...

Page 632: ...n id list and the specifiable values see Specifiable values for parameters add vlan id list Adds the IDs of VLANs that will be used for dynamic ARP inspection to the VLAN list 1 Default value when thi...

Page 633: ...the change is applied The change is applied immediately after setting values are changed Notes 1 A VLAN ID for which DHCP snooping is enabled must be set for this command Related commands ip dhcp snoo...

Page 634: ...on ip dhcp snooping To delete information no ip dhcp snooping Input mode config Parameters None Default behavior DHCP snooping is not used Impact on communication None When the change is applied The c...

Page 635: ...d to a memory card 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values file name A maximum of 64 characters can be set Specify the name of a file on the m...

Page 636: ...When the clear ip dhcp snooping binding operation command is executed If the Switch power is turned off before the timer expires the binding database cannot be saved 2 If the no ip dhcp snooping data...

Page 637: ...tting takes effect at the next save event after the setting value has been changed Notes 1 For the save delay time set by using this command any of the save events below causes the timer to start When...

Page 638: ...25 DHCP Snooping 610 ip dhcp snooping vlan...

Page 639: ...nooping information option allow untrusted To delete information no ip dhcp snooping information option allow untrusted Input mode config Parameters None Default behavior DHCP packets that have the re...

Page 640: ...ip dhcp snooping limit rate packet s To delete information no ip dhcp snooping limit rate Input mode config Parameters packet s Sets the number of DHCP packets that can be received per second 1 Defau...

Page 641: ...dhcp snooping logging enable To delete information no ip dhcp snooping logging enable Input mode config Parameters None Default behavior Operation log information is not output to a syslog server Impa...

Page 642: ...ted error information such as information of an invalid packet is logged notice Error warning and notice level log messages are logged Information about detected unauthorized servers is logged info Er...

Page 643: ...if Parameters None Default behavior The applicable interface operates as an untrusted port Impact on communication None When the change is applied The change is applied immediately after setting value...

Page 644: ...Input mode config Parameters None Default behavior The source MAC address and the client hardware address are checked to see if they match Impact on communication None When the change is applied The c...

Page 645: ...to set vlan id list and the specifiable values see Specifiable values for parameters add vlan id list Adds to the VLAN list the IDs of VLANs on which DHCP snooping is to be enabled 1 Default value wh...

Page 646: ...618 When the change is applied The change is applied immediately after setting values are changed Notes 1 DHCP snooping is not valid in a VLAN in which this command has not been set Related commands...

Page 647: ...f ffff ffff vlan id Sets the ID of a VLAN to which the terminal is connected 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values See Specifiable values fo...

Page 648: ...arameters Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 If when entries are set the number of...

Page 649: ...value when this parameter is omitted The terminal filter is applied only to source IP addresses 2 Range of values port security mac only Default behavior The terminal filter is not applied Impact on...

Page 650: ...25 DHCP Snooping 622 ip dhcp snooping ip dhcp snooping trust ip dhcp snooping vlan ip source binding...

Page 651: ...623 PART 10 High Reliability Based on Redundant Configurations Chapter 26 Power Supply Redundancy power redundancy mode...

Page 652: ...nted the Switch displays a message notifying that the redundant power supply has not been implemented 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values...

Page 653: ...sh request count gsrp gsrp vlan gsrp direct link gsrp exception port gsrp limit control gsrp no flush port gsrp reset flush port layer3 redundancy no neighbor to master port up delay reset flush time...

Page 654: ...put mode config gsrp Parameters seconds Specifies the retention time of received GSRP Advertise frames in seconds 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Rang...

Page 655: ...efault value when this parameter is omitted This parameter cannot be omitted 2 Range of values 0 5 to 60 Default behavior The sending interval for GSRP Advertise frames is one second Impact on communi...

Page 656: ...ation backup lock To delete information no backup lock Input mode config gsrp Parameters None Default behavior None Impact on communication Communications are interrupted When the change is applied Th...

Page 657: ...s the number of times that GSRP Flush request frames are sent 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 10 Default behavior The number of t...

Page 658: ...on Communications are interrupted Even for the ports for which the gsrp exception port command has been set or for the ports that do not belong to any VLAN groups when the gsrp limit control command h...

Page 659: ...ecifies the ID of the VLAN to be used as the GSRP managed VLAN 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values See Specifiable values for parameters D...

Page 660: ...omitted 2 Range of values 1 to 65535 direct link Configures the direct link ports Default behavior None Impact on communication None When the change is applied The change is applied immediately after...

Page 661: ...nformation no gsrp exception port Input mode config if Parameters None Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting val...

Page 662: ...p limit control To delete information no gsrp limit control Input mode config Parameters None Default behavior All VLANs are controlled by GSRP regardless whether to belong to any VLAN group Therefore...

Page 663: ...er cannot be omitted 2 Range of values 1 to 65535 no flush port Sets the functionality of not sending GSRP Flush request frames Default behavior None Impact on communication None When the change is ap...

Page 664: ...tted This parameter cannot be omitted 2 Range of values 1 to 65535 reset flush port Configures port resetting Default behavior None Impact on communication None When the change is applied The change i...

Page 665: ...lied immediately after setting values are changed Notes 1 This command can be set only when the GSRP group ID is 1 to 4 2 To use the Layer 3 redundancy switching functionality also set this command fo...

Page 666: ...time seconds If all ports specified for a direct link are in failed status the Switch starts operating as the master To make a GSRP switch automatically run as the master when it is independently sta...

Page 667: ...gsrp master operation command Starting the switch Executing the restart vlan operation command Executing the restart gsrp operation command Specifying direct down in the no neighbor to master command...

Page 668: ...er of active ports the clear gsrp port up delay operation command Syntax To set or change information port up delay seconds To delete information no port up delay Input mode config gsrp Parameters sec...

Page 669: ...ime in seconds to be applied when port resetting is used 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 10 Default behavior The port down time i...

Page 670: ...es ports priority mac The number of active ports the priority and the MAC address of the switch are selected in that order priority ports mac The priority the number of active ports and the MAC addres...

Page 671: ...s vlan group id Specifies the ID of a VLAN group that operates under GSRP control 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 64 Default beha...

Page 672: ...GSRP control 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 64 priority priority Specifies the priority of the VLAN group The larger the value t...

Page 673: ...lan vlan id list Specifies the IDs of the VLANs participating in the VLAN group If you specify multiple VLAN IDs you can specify a range 1 Default value when this parameter is omitted This parameter c...

Page 674: ...able values see Specifiable values for parameters Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes...

Page 675: ...n interval track failure detection times track interface track ip route track recovery detection interval track recovery detection times vrrp accept vrrp authentication vrrp ietf ipv6 spec 07 mode vrr...

Page 676: ...o be saved 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 255 Default behavior Whether the interface that received a reply to a VRRP polling req...

Page 677: ...at a set interval and then packets are lost or recovered it is checked whether an interface fault has occurred or whether the interface has recovered from a fault For the track specified in this comm...

Page 678: ...28 VRRP 650 track interface track ip route vrrp ip vrrp track...

Page 679: ...mpted while checking whether an interface fault has occurred or whether the interface has recovered from a fault For the track specified in this command the track interface command must be set with th...

Page 680: ...28 VRRP 652 ip address track interface track ip route vrrp ip vrrp track...

Page 681: ...pecifies the interval in seconds for VRRP polling attempts to be performed during failure verification related to an interface For the track specified in this command the track interface command must...

Page 682: ...28 VRRP 654 track ip route vrrp ip vrrp track...

Page 683: ...retries for VRRP polling to be successful during failure verification Note that this value must be equal to or smaller than the check trial times value For the track specified in this command the trac...

Page 684: ...28 VRRP 656 track interface track ip route vrrp ip vrrp track...

Page 685: ...o track track number interface Input mode config Parameters track number Specifies the number of the track to which the setting is to be saved 1 Default value when this parameter is omitted This param...

Page 686: ...y after setting values are changed Notes 1 A maximum of 255 failure monitoring interfaces can be set per device 2 An IP address must be assigned to the VLAN interface for failure monitoring 3 When cha...

Page 687: ...ck specified in this command the track interface command must be set with the ip routing option specified The route to the destination IP address must be resolvable by using a routing protocol 1 Defau...

Page 688: ...28 VRRP 660 the configuration and then set the configuration again Related commands ip address track interface vrrp ip vrrp track...

Page 689: ...255 seconds Specifies the interval in seconds for VRRP polling attempts to be performed during failure recovery verification For the track specified in this command the track interface command must be...

Page 690: ...28 VRRP 662 track ip route vrrp ip vrrp track...

Page 691: ...etries for VRRP polling to be successful during failure recovery verification Note that this value must be equal to or smaller than the check trial times value For the track specified in this command...

Page 692: ...28 VRRP 664 track interface track ip route vrrp ip vrrp track...

Page 693: ...nged Notes 1 If accept mode is enabled for the IP address owner the virtual router acts as the IP address owner 2 This command can be specified only when both the real IP address and the virtual IP ad...

Page 694: ...e omitted 2 Range of values Enclose a character string of no more than 8 characters in double quotation marks Specifiable characters are alphanumeric characters and special characters To enter a chara...

Page 695: ...the change is applied The change is applied immediately after setting values are changed Notes 1 Setting this command also changes the format of advertisement packets If this setting is not the same o...

Page 696: ...IP address of the virtual router 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values IPv4 address Default behavior None Impact on communication None When...

Page 697: ...pecifies the IPv6 address 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values IPv6 address Default behavior None Impact on communication None When the cha...

Page 698: ...efault value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 255 Default behavior Automatic switchbacks are enabled Impact on communication None When the change...

Page 699: ...uter ID 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 255 seconds Specifies a period of time in seconds for suppressing automatic switchbacks 1...

Page 700: ...router is the owner of the IP address the virtual router operates with the priority 255 regardless of this setting 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Ra...

Page 701: ...tted 2 Range of values 1 to 255 seconds Specifies the sending interval of advertisement packets in seconds 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of va...

Page 702: ...tted 2 Range of values 1 to 255 seconds Specify the switchback suppression time in seconds to be applied when switchback processing is performed while automatic switchbacks are suppressed 1 Default va...

Page 703: ...value smaller than the priority of the virtual router set by using the vrrp priority command If the specified value is equal to or larger than the priority of the virtual router the setting specified...

Page 704: ...g interface per virtual router 2 To use the vrrp track decrement command to allocate additional failure monitoring interfaces to a virtual router to which a failure monitoring interface has been alloc...

Page 705: ...ncy switchport backup flush request transmit switchport backup interface switchport backup mac address table update exclude vlan switchport backup mac address table update transmit switchport backup s...

Page 706: ...is to be set for an access port flush control frames are sent to an access VLAN For a trunk port MAC VLAN port and protocol VLAN port flush control frames are sent to a native VLAN 2 Range of values S...

Page 707: ...lt value when this parameter is omitted This parameter cannot be omitted 2 Range of values For interface type interface number the following values can be set gigabitethernet nif no port no tengigabit...

Page 708: ...vent loops and then disable this function 2 You cannot specify an Ethernet interface that is part of a channel group as the primary port or the secondary port Also an Ethernet interface set as the pri...

Page 709: ...efault value when this parameter is omitted This parameter cannot be omitted 2 Range of values For details about how to set vlan id list and the specifiable values see Specifiable values for parameter...

Page 710: ...diately after setting values are changed However a change in the vlan id list value is applied the next time a switch or switchback is performed Notes 1 Setting the switchport backup mac address table...

Page 711: ...t backup mac address table update transmit Input mode config if Parameters count count Specifies the number of times MAC address update frames are sent 1 Default value when this parameter is omitted 1...

Page 712: ...ted as the active port at Switch startup Impact on communication None When the change is applied The change is operational as soon as the setting value is changed and every time the Switch starts Note...

Page 713: ...685 PART 11 High Reliability Based on Network Failure Detection Chapter 30 IEEE 802 3ah UDLD efmoam active efmoam disable efmoam udld detection count...

Page 714: ...this parameter is omitted The unidirectional link failure detection functionality is not executed on the applicable port 2 Range of values udld Default behavior The applicable port operates in passive...

Page 715: ...o efmoam disable command In passive mode the send process starts when an OAMPDU from the active mode is received Syntax To set information efmoam disable To delete information no efmoam disable Input...

Page 716: ...t occur to determine that a line failure has occurred when timeouts occur repeatedly When the occurrence reaches the specified number of times the applicable port is deactivated 1 Default value when t...

Page 717: ...689 Chapter 31 Storm Control storm control...

Page 718: ...change information storm control broadcast level pps packet s storm control multicast level pps packet s storm control unicast level pps packet s To set information storm control action inactivate st...

Page 719: ...m is detected 1 Default value when this parameter is omitted If a storm is detected no SNMP traps are issued action log Outputs a log message when a storm is detected and when a storm ends 1 Default v...

Page 720: ...ivate the port If a storm is detected and a port is deactivated no frames are received In this state the end of the storm cannot be detected 5 When using SNMP traps you must use the snmp server host c...

Page 721: ...693 Chapter 32 L2 Loop Detection loop detection loop detection auto restore time loop detection enable loop detection hold time loop detection interval time loop detection threshold...

Page 722: ...a port as an uplink port No L2 loop detection frames are sent When an L2 loop detection frame from the local switch is received log data is output to the frame source If the port type of the frame so...

Page 723: ...mes received until the port is deactivated Time before automatic restoration is performed 2 Even if the port type is changed the statistics for sending and receiving L2 loop detection frames for each...

Page 724: ...ivated automatically 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 60 to 86400 Default behavior A deactivated port is not reactivated automatically...

Page 725: ...p detection enable To delete information no loop detection enable Input mode config Parameters None Default behavior The L2 loop detection functionality is disabled Impact on communication None When t...

Page 726: ...onfig Parameters seconds Specifies the time in seconds that the number of received L2 loop detection frames is held before a port is changed to the inactive status 1 Default value when this parameter...

Page 727: ...Parameters seconds Specifies the interval in seconds for sending L2 loop detection frames 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 3600 D...

Page 728: ...port is deactivated 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 10000 Default behavior The number of L2 loop detection frames that must be re...

Page 729: ...riority ethernet cfm cc alarm reset time ethernet cfm cc alarm start time ethernet cfm cc enable ethernet cfm cc interval ethernet cfm domain ethernet cfm enable global ethernet cfm enable interface e...

Page 730: ...ter cannot be omitted 2 Range of values For strings enclose a character string consisting of no more than 43 characters in double quotation marks Specifiable characters are alphanumeric characters and...

Page 731: ...re changed Notes 1 When a parameter other than no present has been specified if a character string with more than 43 characters is specified for the str strings parameter in the ma name command the fi...

Page 732: ...been set by using the ma name command or the ma vlan group command Even if the ma name command is used to specify the MA name using a character string or a VLAN ID this parameter specifies the MA ID...

Page 733: ...t cfm domain ma name ma vlan group 2 DefMACstatus PortState A received CCM has information about whether a port or interface is in the down state 3 DefRemoteCCM Timeout A CCM from a remote MEP has tim...

Page 734: ...domain command 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 0 to 7 ma no Specifies an MA ID number that has been set by using the ma name command o...

Page 735: ...lliseconds Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes None Related commands ethernet cfm cc enable ethernet cfm do...

Page 736: ...by using the ma name command or the ma vlan group command Even if the ma name command is used to specify the MA name using a character string or a VLAN ID this parameter specifies the MA ID number 1 D...

Page 737: ...33 CFM 709 When the change is applied The change is applied immediately after setting values are changed Notes None Related commands ethernet cfm cc enable ethernet cfm domain ma name ma vlan group...

Page 738: ...en this parameter is omitted This parameter cannot be omitted 2 Range of values 0 to 7 ma no Specifies an MA ID number that has been set by using the ma name command or the ma vlan group command Even...

Page 739: ...33 CFM 711 ma vlan group...

Page 740: ...n MA ID number that has been set by using the ma name command or the ma vlan group command Even if the ma name command is used to specify the MA name using a character string or a VLAN ID this paramet...

Page 741: ...change is applied The change is applied immediately after setting values are changed Notes 1 If the interval for sending CCMs is set to a shorter value than the initial value the CPU usage of the devi...

Page 742: ...mitted 2 Range of values 0 to 7 direction up When up down is not explicitly set by using the ethernet cfm mep command you can set this parameter to have the Switch operate in Up MEP mode 1 Default val...

Page 743: ...33 CFM 715 Related commands domain name ethernet cfm cc enable ma name ma vlan group...

Page 744: ...information no ethernet cfm enable Input mode config Parameters None Default behavior CFM does not operate even if another CFM command has been set Impact on communication None When the change is app...

Page 745: ...arameters None Default behavior CFM PDUs can be received Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 This command...

Page 746: ...nge of values 0 to 7 ma no Specifies an MA ID number that has been set by using the ma name command or the ma vlan group command 1 Default value when this parameter is omitted This parameter cannot be...

Page 747: ...ed immediately after setting values are changed Notes 1 If the ethernet cfm mip command is set on the same interface a domain level equal to or higher than the ethernet cfm mip command cannot be speci...

Page 748: ...7 Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 If the ethernet cfm mep command is set on th...

Page 749: ...e of values For strings enclose a character string consisting of no more than 45 characters in double quotation marks Specifiable characters are alphanumeric characters and special characters To enter...

Page 750: ...33 CFM 722 Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes None Related commands ethernet cfm domain...

Page 751: ...MA 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values For details about how to set vlan id list and the specifiable values see Specifiable values for pa...

Page 752: ...33 CFM 724 When the change is applied The change is applied immediately after setting values are changed Notes None Related commands ethernet cfm domain...

Page 753: ...mon alarm rmon collection history rmon event snmp server community snmp server contact snmp server engineID local snmp server group snmp server host snmp server informs snmp server location snmp serve...

Page 754: ...parameter is omitted This parameter cannot be omitted 2 Range of values Enclose a character string of no more than 60 characters in double quotation marks Specifiable characters are alphanumeric char...

Page 755: ...B used for checking the threshold This parameter is equivalent to alarmVariable defined in RFC 1757 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values En...

Page 756: ...tIndex defined in RFC 1757 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values An information identification number from 1 to 65535 for the control inform...

Page 757: ...fault value when this parameter is omitted rising_falling 2 Range of values rising falling or rising_falling Default behavior None Impact on communication None When the change is applied The change is...

Page 758: ...interval value is too large valid 1 is returned for the time being until alarmStatus changes from valid 1 to invalid 4 as a guide it takes time of about half of the interval value Related commands snm...

Page 759: ...y the person who specified this setting This parameter is equivalent to historyControlOwner defined in RFC 1757 1 Default value when this parameter is omitted Blank 2 Range of values Enclose a charact...

Page 760: ...er you must register the SNMP manager by using the snmp server community command 2 A maximum of 32 entries can be set for the history groups set in the configuration and set from the SNMP manager by u...

Page 761: ...ent to eventType defined in RFC 1757 1 Default value when this parameter is omitted An alarm log is not generated 2 Range of values None trap community This parameter specifies the method for generati...

Page 762: ...ring in double quotation marks For details see Any character string in Specifiable values for parameters Default behavior None Impact on communication None When the change is applied The change is app...

Page 763: ...34 SNMP 735 of the operation will not be applied to the configuration Related commands snmp server host rmon alarm...

Page 764: ...ed to enclose the character string in double quotation marks For details see Any character string in Specifiable values for parameters ro rw Sets the MIB operating mode for the manager that has the sp...

Page 765: ...no more than 31 characters For details see Specifiable values for parameters Default behavior None Impact on communication None When the change is applied The change is applied immediately after sett...

Page 766: ...ined in RFC 1213 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Enclose a character string of no more than 60 characters in double quotation marks Sp...

Page 767: ...04 73 6E 6D 70 5F 54 6F 6B 79 6F 31 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Enclose a character string of no more than 27 characters in doubl...

Page 768: ...ues are changed Notes 1 If many users a maximum of 50 users are set by using the snmp server user command setting changing or deleting the snmp server engineID local command takes a maximum of 20 seco...

Page 769: ...that does not include any special characters such as a space you do not need to enclose the character string in double quotation marks For details see Any character string in Specifiable values for pa...

Page 770: ...g that does not include any special characters such as a space you do not need to enclose the character string in double quotation marks For details see Any character string in Specifiable values for...

Page 771: ...34 SNMP 743 information set by this command is invalid Related commands snmp server engineID local snmp server view snmp server user snmp server host...

Page 772: ...nge of values For manager address specify an IPv4 address in dot notation or an IPv6 address in colon notation traps informs Sets the type of event notification that will be sent to the SNMP manager I...

Page 773: ...thentication required and without encryption required If priv is specified traps are sent with both authentication and encryption required 1 Default value when this parameter is omitted 1 2 Range of v...

Page 774: ...PowerSupplyFailureTrap AX3630S login ax3640sLoginSuccessTrap AX3640S ax3630sLoginSuccessTrap AX3630S ax3640sLoginFailureTrap AX3640S ax3630sLoginFailureTrap AX3630S ax3640sLogoutTrap AX3640S ax3630sLo...

Page 775: ...dcastStormRecoverTrap AX3640S ax3630sBroadcastStormRecoverTrap AX3630S ax3640sMulticastStormRecoverTrap AX3640S ax3630sMulticastStormRecoverTrap AX3630S ax3640sUnicastStormRecoverTrap AX3640S ax3630sU...

Page 776: ...cket If ospf_error is specified a standard trap or inform that complies with the RFC is issued However if the OSPF domain is being partitioned all domains other than the domain with the smallest domai...

Page 777: ...or succeeds or when a logout occurs memory A trap or an inform is sent when a memory shortage occurs in the Switch system msg A trap or an inform is sent when a system message is output temperature A...

Page 778: ...trap or an inform is issued when the status of a gateway that uses dynamic monitoring for static routing changes policy base AX3640S OS L3A A trap is sent when the routing information for policy based...

Page 779: ...rsion 11 7 2 When 3 has been set for the version if a security user name that has not been set in the snmp server user command is set by this command the security user information set in this command...

Page 780: ...when this parameter is omitted 3 2 Range of values 0 to 100 timeout seconds Sets the timeout time in seconds for informs to the SNMP manager 1 Default value when this parameter is omitted 30 2 Range o...

Page 781: ...34 SNMP 753 When the change is applied The change is applied immediately after setting values are changed Notes None Related commands snmp server host...

Page 782: ...ined in RFC 1213 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Enclose a character string of no more than 60 characters in double quotation marks Sp...

Page 783: ...unlimited_coldstart_trap link_trap_bind_info private standard Configures the MIB to be added when a linkDown or linkUp trap is issued The following table describes the MIBs to be added when a linkDown...

Page 784: ...n set for interface loopback that address is used for the agent address If such an address has not been set the IPv4 address for the interface that has the lowest ifIndex is used as the agent address...

Page 785: ...er is omitted This parameter cannot be omitted 2 Range of values Enclose a character string of no more than 32 characters in double quotation marks Specifiable characters are alphanumeric characters a...

Page 786: ...entication password priv des privacy password or v3 auth sha authentication password priv des privacy password For authentication password and privacy password set a character string consisting of 8 t...

Page 787: ...of values Enclose a character string of no more than 32 characters in double quotation marks Specifiable characters are alphanumeric characters and special characters To enter a character string that...

Page 788: ...same as the entry for which the sub ID of the same position is a wildcard Therefore if you change information for one entry information of another entry is also overwritten If you delete information f...

Page 789: ...tax To set information no snmp trap link status To delete information snmp trap link status Input mode config if Parameters None Default behavior Sending traps or informs linkDown and linkUp traps is...

Page 790: ......

Page 791: ...Log Data Output Functionality logging email logging email event kind logging email from logging email interval logging email server logging event kind logging facility logging host logging syslog dum...

Page 792: ...ommunication None When the change is applied The change is applied immediately after setting values are changed Notes 1 You must use the logging email server command beforehand to set the SMTP server...

Page 793: ...35 Log Data Output Functionality 765 ip domain name ip name server ip domain lookup...

Page 794: ...is omitted This parameter cannot be omitted 2 Range of values Specify key rsp rtm err evt mrp mr6 aut dsn or tro AX3640S OS L3A Default behavior evt or err is set as the event type Impact on communica...

Page 795: ...rs hyphens underscores _ periods and at marks with no more than 255 characters Default behavior The sender of the email is device name nobody where device name is the name specified by the hostname co...

Page 796: ...or sending emails 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 3600 seconds Default behavior The interval for sending emails is set to 1 Impac...

Page 797: ...host name Specifies a host name with no more than 64 characters For details about the characters that can be specified see Specifiable values for parameters ip address Specifies the IPv4 address in do...

Page 798: ...er will be discarded 3 localhost cannot be set as a host name 4 Host names are not case sensitive 5 127 cannot be set as an IPv4 address 6 A class D or class E address cannot be specified as an IPv4 a...

Page 799: ...is omitted This parameter cannot be omitted 2 Range of values Specify key rsp rtm err evt mrp mr6 aut dsn or tro AX3640S OS L3A Default behavior evt or err is set as the event type Impact on communic...

Page 800: ...for syslog 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values Specify local0 local1 local2 local3 local4 local5 local6 or local7 Default behavior local0...

Page 801: ...es host name Specifies a host name with no more than 64 characters For details about the characters that can be specified see Specifiable values for parameters ip address Specifies the IPv4 address in...

Page 802: ...n IPv4 address 6 A class D or class E IPv4 address cannot be set 7 IPv6 addresses can be global addresses or site local addresses 8 If a large amount of log information is generated at one time some i...

Page 803: ...is applied immediately after setting values are changed Notes 1 Log data mentioned here includes operation logs usr var log system log and reference logs usr var log error log 2 We recommend that you...

Page 804: ...that if a level is specified information is displayed with the keyword Table 35 1 Priorities that can be specified Default behavior information priority level 6 is used Impact on communication None Wh...

Page 805: ...35 Log Data Output Functionality 777 Related commands logging host...

Page 806: ......

Page 807: ...stination sflow extended information type sflow forward egress sflow forward ingress sflow max header size sflow max packet size sflow packet information type sflow polling interval sflow sample sflow...

Page 808: ...omitted This parameter cannot be omitted 2 Range of values Specify IP addresses in IPv4 or IPv6 format udp port Specifies the UDP port number of the collector which is the destination for sFlow packe...

Page 809: ...on 11 7 Multiple parameters can be specified at one time When you specify multiple parameters separate pairs of parameters with a space character However note that you cannot specify any other paramet...

Page 810: ...ed The change is applied immediately after setting values are changed Notes 1 Any new setting of this command overwrites the old setting If you want to change a parameter enter all the necessary param...

Page 811: ...ne When the change is applied The change is applied immediately after setting values are changed Notes 1 You can specify either sflow forward egress or sflow forward ingress for the switch To specify...

Page 812: ...ameters None Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 You can specify either sflow forwa...

Page 813: ...e config Parameters bytes If the header type is used for the basic data format this parameter sets the maximum size to be copied in bytes starting from the beginning of the sample packet 1 Default val...

Page 814: ...s Specify a value equal to or smaller than the MTU length value in bytes assigned to the interface from which the sFlow packet is to be sent to the collector 1 Default value when this parameter is omi...

Page 815: ...e applicable packet is an IPv4 packet or in IPv6 format if the applicable packet is an IPv6 packet For details about the basic data format specified here see 24 1 3 2 b Basic data format in the manual...

Page 816: ...when this parameter is omitted This parameter cannot be omitted 2 Range of values 0 to 2147483647 231 1 Default behavior Counter samples are sent to the collector in every 20 seconds Impact on communi...

Page 817: ...lumn for the applicable total PPS value If you set a sampling interval that is significantly smaller than the recommended value the load on the CPU might be excessive 1 Default value when this paramet...

Page 818: ...5536 10 Gbit s Ethernet x 1 Up to 13 Mpps 131072 Up to 26 Mpps 262144 1 Gbit s Ethernet x 48 Up to 52 Mpps 524288 Up to 100 Mpps 1048576 Up to 200 Mpps 2097152 Sampling interval entered in the command...

Page 819: ...36 sFlow Statistics 791 Notes None Related commands None...

Page 820: ...et according to the priority below Similarly if the specified IP address format is different from the address type specified in the sflow destination command the IP address is set according to the fol...

Page 821: ...onfig Parameters url port When URL information is used in the extended data format sets the port number used for HTTP packets to a port number other than 80 1 Default value when this parameter is omit...

Page 822: ...the version of the sFlow packet to be sent The sFlow packet of the specified version is sent to the collector 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range o...

Page 823: ...795 PART 13 Management of Neighboring Device Information Chapter 37 LLDP lldp enable lldp hold count lldp interval time lldp run...

Page 824: ...formation lldp enable To delete information no lldp enable Input mode config if Parameters None Default behavior None Impact on communication None When the change is applied The change is applied imme...

Page 825: ...interval time command as the time that a neighboring device retains the LLDP frame sent from the Switch If the time exceeds 65535 which is the maximum value 65535 is used 1 Default value when this pa...

Page 826: ...he transmission interval in seconds between LLDP frames sent from the Switch 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 5 to 32768 Default behavi...

Page 827: ...p run To delete information no lldp run Input mode config Parameters None Default behavior The LLDP functionality is disabled Impact on communication None When the change is applied The change is appl...

Page 828: ......

Page 829: ...801 Chapter 38 OADP oadp cdp listener oadp enable oadp hold time oadp ignore vlan oadp interval time oadp run...

Page 830: ...formation oadp cdp listener To delete information no oadp cdp listener Input mode config Parameters None Default behavior The CDP reception functionality is disabled Impact on communication None When...

Page 831: ...s None Default behavior None Impact on communication None When the change is applied The change is applied immediately after setting values are changed Notes 1 Even if this command is set for a port t...

Page 832: ...annot be omitted 2 Range of values 10 to 255 Default behavior The period of time the neighboring devices will retain the OADP frames sent from the Switch is three times the value set by the oadp inter...

Page 833: ...VLAN from which received OADP frames are to be ignored 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values For details about how to set vlan id list and t...

Page 834: ...actually sent at the interval that changes randomly from 2 3 to 3 2 of the specified value 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values 5 to 254 De...

Page 835: ...p run To delete information no oadp run Input mode config Parameters None Default behavior The OADP functionality is disabled Impact on communication None When the change is applied The change is appl...

Page 836: ......

Page 837: ...809 PART 14 Port Mirroring Chapter 39 Port Mirroring monitor session...

Page 838: ...e when this parameter is omitted This parameter cannot be omitted 2 Range of values 1 to 4 source interface interface id list Specify a monitor port for port mirroring in list format 1 Default value w...

Page 839: ...specified gigabitethernet tengigabitethernet Specifies the mirror port type 1 Default value when this parameter is omitted This parameter cannot be omitted 2 Range of values gigabitethernet or tengig...

Page 840: ...bandwidth the frames are discarded 4 Regular frames cannot be sent or received on a port that has been set as a mirror port 5 A port for which Layer 2 information has been set cannot be set as a mirro...

Page 841: ...813 PART 15 Configuration Error Messages Chapter 40 Error Messages Displayed When Editing the Configuration 40 1 Error messages displayed when editing the configuration...

Page 842: ...eted because there is no matching data or duplicated data is specified Check if there is data to be deleted or duplicated data is specified Can t delete this configuration referred by other configurat...

Page 843: ...e port which is not mounted is specified Set the number of the port which is mounted or check the status of the applicable NIF and port in the Switch value1 A NIF number or a port number Syntax error...

Page 844: ...ts in the configuration Data transfer failed reason Transferring the configuration file to the remote server failed Re execute the command with the debug parameter specified for checking reason Additi...

Page 845: ...executed The command execution failed because configuration file is editing This command cannot be executed because another user is editing the configuration The command execution failed because confi...

Page 846: ...s one in channel group port The configured command and the port channel configuration do not match Match the configuration of the port channel to the configuration of the command Message Description C...

Page 847: ...the VLAN Delete the protocol command specification and then delete the protocol name Can t delete vlan vlan id configuration referred by value1 configuration The specified VLAN cannot be deleted beca...

Page 848: ...to the outbound side Delete the tag translation setting or specify an access list that does not contain a VLAN ID as a detection condition Relations between access list and vlan mapping are inconsist...

Page 849: ...fy a port VLAN VLAN is not Protocol VLAN A VLAN specified by switchport protocol vlan is not a protocol VLAN Specify a protocol VLAN Message Description Can not configure spanning tree when gsrp is co...

Page 850: ...ed ports shared edge is already set for another ring port To set another port as a shared edge shared port first delete a shared port that has already been set ring id Ring ID axrp ring id this interf...

Page 851: ...red in control vlan The specified VLAN has already set in the control VLAN Either delete the applicable VLAN from the control VLAN or use another VLAN link id Virtual link ID vlan id Indicates the VLA...

Page 852: ...router does not belong to the applicable VLAN Specify the port or the channel group that belongs to the VLAN Message Description Maximum number of VLAN are already defined The number of VLANs that can...

Page 853: ...o change the flow detection mode delete all the lists that are applied to the receiving side interface Cannot change the flow detection out mode The sending side flow detection mode cannot be changed...

Page 854: ...e is layer3 4 IPv4 and IPv6 access lists can be applied to the Ethernet interface To do so you can use the following commands ip access group command ipv6 traffic filter command Specify any for the so...

Page 855: ...and IPv6 access lists can be applied to the VLAN interface To do so you can use the following commands mac access group command ip access group command ipv6 traffic filter command Cannot set policy ba...

Page 856: ...in the configuration file can be checked by using the show system operation command This list cannot be set to the outbound because the list includes TCP UDP port range entry Flow detection condition...

Page 857: ...lists can be applied to the Ethernet interface To do so you can use the following command ip qos flow group command Cannot attach this list because flow detection mode layer3 3 If the receiving side...

Page 858: ...6 qos flow group command Cannot attach this list because flow detection mode layer3 6 If the flow detection mode is layer3 6 the QoS flow list cannot be applied If the flow detection mode is layer3 6...

Page 859: ...eded bandwidth of port The total of the specified minimum guaranteed bandwidths exceeds the bandwidth Set the value to be equal to or smaller than the bandwidth The total of WFQ min rate exceeded band...

Page 860: ...s not set then ignore eapol start cannot be set Set reauthentication first then set ignore eapol start channel group number Indicates the channel group number ChGr channel group number Inconsistency i...

Page 861: ...based authentication If VLAN based authentication static is set for a VLAN port based authentication cannot be set for ports that belong to the VLAN If port based authentication is set for a port VLAN...

Page 862: ...u configure a VLAN to use VLAN based authentication static use the vlan command to set the VLAN as a port VLAN vlan id Indicates the VLAN ID vlan vlan id Inconsistency is found between the reauthentic...

Page 863: ...setting and dynamic or fixed VLAN mode setting cannot co exist on the same device Invalid access list ID for authentication Only one authentication access list can be set per device Invalid max timer...

Page 864: ...LAN mode is either tunneling mode or protocol based VLAN mode Relations between the web authentication dynamic VLAN mode and the web authentication static VLAN mode are inconsistent Web authentication...

Page 865: ...e for a VAA ID vlan id Indicates the VLAN ID of an authenticated VLAN Message Description Cannot change the configuration because there is an inconsistency between flow detection mode and ip verify so...

Page 866: ...the two or more flush methods on the port nif no port no Two or more flush methods cannot be specified for one port Either delete the port from the relevant settings or use another port gsrp group id...

Page 867: ...tion Cannot configure this command to channel group port This command cannot be set for an interface participating in a port channel channel group channel group number is invalid The specified channel...

Page 868: ...s specified for the specified domain level level Indicates the domain level MA no is already configured in cfm domain The specified MA identification number is already being used by another domain no...

Page 869: ...er of entries are already defined The number of collectors that have been set exceeds the maximum The number of collectors that have been set must not exceed four Only either of the following commands...

Page 870: ...n Mirror port and monitor port are inconsistent Both mirror port and monitor port settings cannot be specified simultaneously Mirror port and switchport are inconsistent Both mirror port and switchpor...

Page 871: ...roup multi speed 145 channel group periodic timer 146 clock timezone 66 command description format 2 commands exec 44 control vlan 271 D deny ip access list extended 333 deny ip access list standard 3...

Page 872: ...nterface port channel 148 interface tengigabitethernet 120 interface vlan 161 ip access group access list 351 ip access group login security and RADIUS or TACACS 46 ip access list extended 354 ip acce...

Page 873: ...73 mac authentication logging enable 574 mac authentication max timer 575 mac authentication password 577 mac authentication port 578 mac authentication radius server host 579 mac authentication stati...

Page 874: ...ee mst root priority 224 spanning tree mst transmission limit 225 spanning tree pathcost method 226 spanning tree port priority 228 spanning tree portfast 229 spanning tree portfast bpduguard default...

Page 875: ...thentication 666 vrrp ietf ipv6 spec 07 mode 667 vrrp ip 668 vrrp ipv6 669 vrrp preempt 670 vrrp preempt delay 671 vrrp priority 672 vrrp timers advertise 673 vrrp timers non preempt swap 674 vrrp tra...

Search results

Summary of Contents for AX3630S

Reviews:

Related manuals for AX3630S

Brands by name

Popular brands

Alaxala AX3630S, Software Manual

Search results

Summary of Contents for AX3630S

Reviews:

Related manuals for AX3630S

Brands by name

Popular brands