D-Link DWS-3160 Series Cli Reference Manual Download Page 947 | Manualshive

Page: 947 / 983

background image

DWS-3160 Series Gigabit Ethernet Unified Switch CLI Reference Guide

943

prevent ARP spoofing attack, we will demonstrate here via using Packet Content ACL on the
Switch to block the invalid ARP packets which contain faked gateway’s MAC and IP binding.

Configuration

The configuration logic is as follows:

•

Only if the ARP matches Source MAC address in Ethernet, Sender MAC address and Sender
IP address in ARP protocol can pass through the Switch. (In this example, it is the gateway’s
ARP.)

•

The Switch will deny all other ARP packets which claim they are from the gateway’s IP.

The design of Packet Content ACL on the Switch enables users to inspect any offset chunk. An
offset chunk is a 4-byte block in a HEX format, which is utilized to match the individual field in an
Ethernet frame. Each profile is allowed to contain up to a maximum of four offset chunks.
Furthermore, only one single profile of Packet Content ACL can be supported per Switch. In other
words, up to 16 bytes of total offset chunks can be applied to each profile and a Switch. Therefore,
a careful consideration is needed for planning and configuration of the valuable offset chunks.

In Table 6, you will notice that the Offset_Chunk0 starts from the 127th byte and ends at the 128th
byte. It also can be found that the offset chunk is scratched from 1 but not zero.

Offset

Chunk

Offset

Chunk0

Offset

Chunk1

Offset

Chunk2

Offset

Chunk3

Offset

Chunk4

Offset

Chunk5

Offset

Chunk6

Offset

Chunk7

Offset

Chunk8

Offset

Chunk9

Offset

Chunk10

Offset

Chunk11

Offset

Chunk12

Offset

Chunk13

Offset

Chunk14

Offset

Chunk15

Byte

127

3

7

11

15

19

23

27

31

35

39

43

47

51

55

59

Byte

128

4

8

12

16

20

24

28

32

36

40

44

48

52

56

60

Byte

1

5

9

13

17

21

25

29

33

37

41

45

49

53

57

61

Byte

2

6

10

14

18

22

26

30

34

38

42

46

50

54

58

62

Offset

Chun

k

Offset

Chunk1

6

Offset

Chunk1

7

Offset

Chunk1

8

Offset

Chunk1

9

Offset

Chunk2

0

Offset

Chunk2

1

Offset

Chunk2

2

Offset

Chunk2

3

Offset

Chunk2

4

Offset

Chunk2

5

Offset

Chunk2

6

Offset

Chunk2

7

Offset

Chunk2

8

Offset

Chunk2

9

Offset

Chunk3

0

Offset

Chunk3

1

Byte

63

67

71

75

79

83

87

91

95

99

103 107 111 115 119 123

Byte

64

68

72

76

80

84

88

92

96

100 104 108 112 116 120 124

Byte

65

69

73

77

81

85

89

93

97

101 105 109 113 117 121 125

Byte

66

70

74

78

82

86

90

94

98

102 106 110 114 118 122 126

Table 6. Chunk and Packet Offset

The following table indicates a completed ARP packet contained in Ethernet frame which is the
pattern for the calculation of packet offset.

«
...
945
946
947
948
949
...
»

Summary of Contents for DWS-3160 Series

Page 1: ......

Page 2: ... List 158 Chapter 16 Command Logging Command List 194 Chapter 17 Compound Authentication Command List 196 Chapter 18 Configuration Command List 205 Chapter 19 Connectivity Fault Management Command List 210 Chapter 20 Connectivity Fault Management CFM Extension Command List 237 Chapter 21 CPU Interface Filtering Command List 242 Chapter 22 Debug Software Command List 253 Chapter 23 DHCP Local Relay...

Page 3: ...LB Command List 499 Chapter 50 Network Monitoring Command List 503 Chapter 51 OAM Command List 509 Chapter 52 Peripherals Command List 517 Chapter 53 Ping Command List 520 Chapter 54 Port Security Command List 522 Chapter 55 Power over Ethernet PoE Command List 530 Chapter 56 Power Saving Command List 535 Chapter 57 Protocol VLAN Command List 537 Chapter 58 QinQ Command List 542 Chapter 59 Quality...

Page 4: ...eless Ad Hoc Status Command List 747 Chapter 86 Wireless Detected Client Database Command List 749 Chapter 87 Wireless Local Access Point Database Command List 757 Chapter 88 Wireless Managed AP Command List 763 Chapter 89 Wireless Network Command List 784 Chapter 90 Wireless Peer Switch Command List 800 Chapter 91 Wireless Provisioning and Mutual Authentication Command List 808 Chapter 92 Wireles...

Page 5: ...e following equipment is needed 1 A terminal or a computer with both an RS 232 serial port and the ability to emulate a terminal 2 A console cable with a male DB 9 connector on one end and an RJ 45 connection on the other This cable should be included with the Switch It establishes the physical connection to the console port Connect the male DB 9 connector on the console cable shipped with the Swi...

Page 6: ... unauthorized users from accessing the Switch or changing its settings This section will explain how to log into the Switch s Command Line Interface via the out of band console connection Upon initial connection to the Switch the login screen appears see example below DWS 3160 24PC Gigabit Ethernet Switch Command Line Interface Firmware Build 1 00 034 Copyright C 2012 D Link Corporation All rights...

Page 7: ...nd line interface as displayed below DWS 3160 24PC admin show switch Command show switch Device Type DWS 3160 24PC Gigabit Ethernet Switch MAC Address 00 11 22 33 45 67 IP Address 10 90 90 90 Manual VLAN Name default Subnet Mask 255 0 0 0 Default Gateway 0 0 0 0 Boot PROM Version Build 1 00 001 Firmware Version Build 1 00 034 Hardware Version A1 System Name System Location System Uptime 0 days 6 h...

Page 8: ...Switch can now be configured and accessed using TELNET or the Web based management The Switch s IP address can also automatically be obtained by using the BOOTP or DHCP protocol There are a number of helpful features included in the CLI Entering the command will display a list of all of the top level commands DWS 3160 24PC admin Command cable_diag ports cd cfm linktrace cfm lock md cfm loopback ch...

Page 9: ...t is unrecognized by the CLI the top level commands will be displayed under the Available commands prompt DWS 3160 24PC admin the Available commands cable_diag cd cfm change clear config copy create debug del delete dir disable download enable erase format install login logout md move no ping ping6 rd reboot reconfig rename reset save show telnet traceroute traceroute6 upload DWS 3160 24PC admin T...

Page 10: ...ulticast multicast_fdb nlb packet password_recovery per_queue poe port port_group port_security port_security_entry port_vlan ports power_saving private_vlan pvid qinq radius rmon router_ports rspan safeguard_engine scheduling scheduling_mechanism serial_port session sflow sim snmp sntp ssh ssl storage_media_info stp switch syslog system_severity tech_support terminal time time_range traffic traff...

Page 11: ...n optional value or a list of optional arguments One or more values or arguments can be specified For example in the syntax reset config system force_agree users may choose configure or system in the command DO NOT TYPE THE BRACES parentheses Indicates at least one or more of the values or arguments in the preceding syntax enclosed by braces must be specified For example in the syntax config bpdu_...

Page 12: ...ext Page ENTER Next Entry a All In the below table all possible keystroke commands for the screen pause and the normal command prompt are explained Keys Description CTRL C Quit from displaying more pages and return to the command prompt ESC Quit from displaying more pages and return to the command prompt q Quit from displaying more pages and return to the command prompt Space or n Display the next...

Page 13: ...DWS 3160 Series Gigabit Ethernet Unified Switch CLI Reference Guide 9 R refresh the displayed pages ...

Page 14: ...l width default value 80 200 show terminal width config ports portlist all medium_type fiber copper speed auto 10_half 10_full 100_half 100_full 1000_full master slave flow_control enable disable learning enable disable state enable disable mdix auto normal cross description desc 1 32 clear_description show ports portlist description err_disabled details media_type 2 1 show session Description Thi...

Page 15: ...play the serial port configuration Format show serial_port Parameters None Restrictions None Example To display the serial port configuration DWS 3160 24PC admin show serial_port Command show serial_port Baud Rate 115200 Data Bits 8 Parity Bits None Stop Bits 1 Auto Logout Never DWS 3160 24PC admin 2 3 config serial_port Description This command is used to configure the serial port configuration w...

Page 16: ...ogout time will be set to 2 minutes 5_minutes Specifies that the automatic logout time will be set to 5 minutes 10_minutes Specifies that the automatic logout time will be set to 10 minutes 15_minutes Specifies that the automatic logout time will be set to 15 minutes Restrictions Only Administrators and Operators can issue this command Example To configure baud rate DWS 3160 24PC admin config seri...

Page 17: ...command is used to disable the CLI paging command that disables the pausing of the screen display when the output reaches the end of the page The default setting is enabled Format disable clipaging Parameters None Restrictions Only Administrators and Operators can issue this command Example To disable pausing of the screen display when the output reaches the end of the page DWS 3160 24PC admin dis...

Page 18: ...ple To login the Switch with a username dlink DWS 3160 24PC admin login Command login UserName dlink PassWord DWS 3160 24PC admin 2 7 logout Description This command is used to logout from the CLI interface of the Switch Format logout Parameters None Restrictions None Example To logout from the CLI Interface of the Switch ...

Page 19: ...sage and description information for a specific command Format Command Parameters Command Optional Enter the CLI command that the usage and description information is needed from here If no parameter is specified then all top level commands will be displayed Restrictions None Example To get ping command s usage and description information DWS 3160 24PC admin ping Command ping Command ping Usage ip...

Page 20: ...he screen Format clear Parameters None Restrictions None Example To clear the screen DWS 3160 24PC admin clear Command clear DWS 3160 24PC admin 2 10 show command_history Description The command is used to display command history Format show command_history Parameters None Restrictions None Example To display command history ...

Page 21: ...the number of commands that the Switch can recall Format config command_history value 1 40 Parameters command_history Specifies the number of commands that the Switch can recall value 1 40 Enter the command history value here This value must be between 1 and 40 Restrictions None Example To configure the number of the command history DWS 3160 24PC admin config command_history 25 Command config comm...

Page 22: ...S 3160 24PC admin config greeting_message Command config greeting_message Greeting Messages Editor DWS 3160 24PC Gigabit Ethernet Switch Command Line Interface Firmware Build 1 00 034 Copyright C 2012 D Link Corporation All rights reserved Function Key Control Key Ctrl C Quit without save left right Ctrl W Save and quit up down Move cursor Ctrl D Delete line Ctrl X Erase all setting Ctrl L Reload ...

Page 23: ... prompt in the CLI interface It will modify the first part with a string consisting of a maximum of 16 characters or to be replaced with the users login user name When users issue the reset command the current command prompt will remain intact Yet issuing the reset system will return the command prompt to its original factory default value Format config command_prompt string 16 username default Pa...

Page 24: ...ut and log in again the terminal width is 120 2 If user did not save the configuration another user login the terminal width is default value 3 If at the same time two CLI sessions are running once section configure to 120 width and save it the other section will not be effected unless it log out and then log in Format config terminal width default value 80 200 Parameters default The default setti...

Page 25: ...rmat config ports portlist all medium_type fiber copper speed auto 10_half 10_full 100_half 100_full 1000_full master slave flow_control enable disable learning enable disable state enable disable mdix auto normal cross description desc 1 32 clear_description Parameters ports Specifies a range of ports to be configured portlist Enter a list of ports used here all Specifies that all the ports will ...

Page 26: ...abled status configure their state to enable will recover these ports from disabled to enable state enable Specifies that the port state will be enabled disable Specifies that the port state will be disabled mdix Optional MDIX mode can be specified as auto normal and cross If set to normal state the port is in MDIX mode and can be connected to PC NIC using a straight cable If set to cross state th...

Page 27: ...ys the port details media_type Optional Displays port transceiver type Restrictions None Example To display the port details DWS 3160 24PC admin show ports details Command show ports details Port 1 Port Status Link Down Description HardWare Type Gigabits Ethernet MAC Address 00 11 22 33 45 77 Bandwidth 1000000Kbit Auto Negotiation Enabled Duplex Mode Full Duplex Flow Control Disabled MDI Auto Addr...

Page 28: ... timer join value 100 100000 leave value 100 100000 leaveall value 100 100000 nni_bpdu_addr dot1d dot1ad show gvrp enable gvrp disable gvrp config private_vlan vlan_name 32 vid vlanid 1 4094 add isolated community remove vlan_name 32 vlanid vidlist show private_vlan vlan_name 32 vlanid vidlist 3 1 create vlan Description The command is used to create a VLAN on the Switch The VLAN ID must always be...

Page 29: ...the VLAN name will be VLAN100 If this VLAN name is in conflict with the name of an existing VLAN then it will be renamed based on the following rule 2 VLAN ID ALT collision count For example if this conflict is the second collision then the name will be VLAN100ALT2 Format create vlan vlanid vidlist type 1q_vlan private_vlan advertisement Parameters vlanid The VLAN ID list to be created vidlist Ent...

Page 30: ... the VLAN to be deleted vlan_name 32 Enter the VLAN name here This name can be up to 32 characters long Restrictions Only Administrators Operators and Power Users can issue this command Example To remove a vlan v1 DWS 3160 24PC admin delete vlan v1 Command delete vlan v1 Success DWS 3160 24PC admin 3 4 delete vlan vlanid Description This command is used to delete one or a number of previously conf...

Page 31: ..._name 32 Enter the VLAN name here This name can be up to 32 characters long add Optional Specifies to add tagged untagged or forbidden ports to the VLAN tagged Specifies the additional ports as tagged untagged Specifies the additional ports as untagged forbidden Specifies the additional ports as forbidden delete Optional Specifies to delete ports from the VLAN portlist Optional Enter the list of p...

Page 32: ...d Specifies the additional ports as tagged untagged Specifies the additional ports as untagged forbidden Specifies the additional ports as forbidden delete Optional Specifies to delete ports from the VLAN portlist Optional Enter the list of ports used for the configuration here advertisement Optional Specifies the GVRP state of this VLAN enable Specifies to enable advertisement for this VLAN disab...

Page 33: ...pecifies that all the port will be used for this configuration gvrp_state Optional Enabled or disables GVRP for the ports specified in the port list enable Specifies that GVRP for the specified ports will be enabled disable Specifies that GVRP for the specified ports will be disabled ingress_checking Optional Enables or disables ingress checking for the specified portlist enable Specifies that ing...

Page 34: ...ress_checking enable acceptable_frame tagged_only pvid 2 Command config port_vlan 1 5 gvrp_state enable ingress_checking enable acceptable_frame tagged_only pvid 2 Success DWS 3160 24PC admin 3 8 show vlan Description This command is used to display VLAN information including parameters settings and operational values Format show vlan vlan_name 32 Parameters vlan Specifies the VLAN to be displayed...

Page 35: ... Ports Total Static VLAN Entries 1 Total GVRP VLAN Entries 0 DWS 3160 24PC admin 3 9 show vlan ports Description This command is used to display the VLAN configuration per port Format show vlan ports portlist Parameters port Optional Specifies the list of ports for which the VLAN information will be displayed portlist Enter the list of ports that will be displayed here Restrictions None Example To...

Page 36: ... None Example To display the VLAN configuration for VLAN ID 1 DWS 3160 24PC admin show vlan vlanid 1 Command show vlan vlanid 1 VID 1 VLAN Name default VLAN Type Static Advertisement Enabled Member Ports 1 24 Static Ports 1 24 Current Tagged Ports Current Untagged Ports 1 24 Static Tagged Ports Static Untagged Ports 1 24 Forbidden Ports Total Entries 1 DWS 3160 24PC admin 3 11 show port_vlan Descr...

Page 37: ...Disabled Enabled All Frames 12 1 Disabled Enabled All Frames 13 1 Disabled Enabled All Frames 14 1 Disabled Enabled All Frames 15 1 Disabled Enabled All Frames 16 1 Disabled Enabled All Frames 17 1 Disabled Enabled All Frames 18 1 Disabled Enabled All Frames 19 1 Disabled Enabled All Frames 20 1 Disabled Enabled All Frames CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 3 12 enable pvid...

Page 38: ...enable pvid auto_assign Command enable pvid auto_assign Success DWS 3160 24PC admin 3 13 disable pvid auto assign Description This command is used to disable auto assignment of the PVID Format disable pvid auto_assign Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To disable the auto assign PVID DWS 3160 24PC admin disable pvid auto_assign...

Page 39: ...lue 100 100000 leaveall value 100 100000 nni_bpdu_addr dot1d dot1ad Parameters timer Specifies that the GVRP timer parameter will be configured join Optional Specifies the Join time will be set value 100 100000 Enter the join time used here This value must be between 100 and 100000 The default value is 200 milliseconds leave Optional Specifies the Leave time will be set value 100 100000 Enter the ...

Page 40: ... set to Dot1d dot1ad Specifies that the NNI BPDU protocol address value will be set to Dot1ad Restrictions Only Administrators Operators and Power Users can issue this command Example To set the Join time to 200 milliseconds DWS 3160 24PC admin config gvrp timer join 200 Command config gvrp timer join 200 Success DWS 3160 24PC admin 3 16 show gvrp Description This command is used to display the GV...

Page 41: ...seconds NNI BPDU Address dot1d DWS 3160 24PC admin 3 17 enable gvrp Description This command is used to enable GVRP Format enable gvrp Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To enable GVRP DWS 3160 24PC admin enable gvrp Command enable gvrp Success DWS 3160 24PC admin 3 18 disable gvrp Description This command is used to disable GV...

Page 42: ... of the private VLAN vid Specifies the VLAN ID of the private VLAN vlanid 1 4094 Enter the VLAN ID used here This value must be between 1 and 4094 add Specifies that a secondary VLAN will be added to the private VLAN isolated Specifies the secondary VLAN as isolated VLAN community Specifies the secondary VLAN as community VLAN remove Specifies that a secondary VLAN will be removed from the private...

Page 43: ...y VLAN This name can be up to 32 characters long vlanid Optional Specifies the VLAN ID of the private VLAN or its secondary VLAN vidlist Enter the VLAN ID used here Restrictions Only Administrators and Operators can issue this command Example To display the private VLAN configuration DWS 3160 24PC admin show private_vlan Command show private_vlan Private VLAN 100 Promiscuous Ports 1 Trunk Ports 2 ...

Page 44: ...fig 802 1x init port_based ports portlist all mac_based ports portlist all mac_address macaddr config 802 1x reauth port_based ports portlist all mac_based ports portlist all mac_address macaddr create 802 1x guest_vlan vlan_name 32 delete 802 1x guest_vlan vlan_name 32 config 802 1x guest_vlan ports portlist all state enable disable show 802 1x guest_vlan config radius add server_index 1 3 server...

Page 45: ...WS 3160 24PC admin enable 802 1x Command enable 802 1x Success DWS 3160 24PC admin 4 2 disable 802 1x Description This command is used to disable the 802 1X function Format disable 802 1x Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To disable the 802 1X function DWS 3160 24PC admin disable 802 1x Command disable 802 1x Success DWS 3160 ...

Page 46: ...issue this command Example To create an 802 1x user called test DWS 3160 24PC admin create 802 1x user test Command create 802 1x user test Enter a case sensitive new password Enter the new password again for confirmation Success DWS 3160 24PC admin 4 4 delete 802 1x user Description This command is used to delete an 802 1X user Format delete 802 1x user username 15 Parameters user Specifies the a...

Page 47: ...and is used to display the 802 1X user s login information Format show 802 1x user Parameters None Restrictions None Example To display the 802 1X user s login information DWS 3160 24PC admin show 802 1x user Command show 802 1x user Username Password user1 abcds Total Entries 1 DWS 3160 24PC admin 4 6 config 802 1x auth_protocol Description This command is used to configure the 802 1X authenticat...

Page 48: ... system Description This command is used to configure the control of forwarding EAPOL PDUs When the 802 1X functionality is disabled for a port and if the 802 1X forwarding PDU is enabled both globally and for the port a received EAPOL packet on the port will be flooded on the same VLAN to those ports of which the 802 1X forwarding PDU is enabled and 802 1X is disabled globally or just for the por...

Page 49: ...nable disable Parameters ports Specifies a range of ports to be configured portlist Enter the list of ports used for the configuration here all Specifies that all the ports will be used enable Enable forwarding EAPOL PDU receive on the ports disable Disable forwarding EAPOL PDU receive on the ports This is the default option Restrictions Only Administrators Operators and Power Users can issue this...

Page 50: ...RADIUS server DWS 3160 24PC admin config 802 1x authorization attributes radius disable Command config 802 1x authorization attributes radius disable Success DWS 3160 24PC admin 4 10 show 802 1x Description This command is used to display the 802 1X state or configurations Format show 802 1x auth_state auth_configuration ports portlist Parameters auth_state Optional Used to display 802 1X authenti...

Page 51: ...e port capabilities Format config 802 1x capability ports portlist all authenticator none Parameters ports Specifies a range of ports to be configured portlist Enter the list of ports used for the configuration here all Specifies all ports to be configured authenticator The port that wishes to enforce authentication before allowing access to services that are accessible via that port adopts the au...

Page 52: ...t the maximum user limit will be set to 448 Restrictions Only Administrators Operators and Power Users can issue this command Example To configure a maximum of 200 802 1X users DWS 3160 24PC admin config 802 1x max_users 200 Command config 802 1x max_users 200 Success DWS 3160 24PC admin 4 13 config 802 1x auth_parameter Description This command is used to configure the parameters that control the...

Page 53: ...icant Its default value is 30 seconds and can be any integer value among 1 to 65535 sec 1 65535 Enter the supplicant timeout value here This value must be between 1 and 65535 seconds server_timeout Optional The initialization value of the aWhile timer when timing out the authentication server Its default value is 30 seconds and can be any integer value among 1 to 65535 sec 1 65535 Enter the server...

Page 54: ...ed Configure the authentication as MAC based mode Restrictions Only Administrators Operators and Power Users can issue this command Example To configure the 802 1X authentication mode DWS 3160 24PC admin config 802 1x auth_mode port_based Command config 802 1x auth_mode port_based Success DWS 3160 24PC admin 4 15 config 802 1x init Description This command is used to initialize the authentication ...

Page 55: ...reauth Description This command is used to re authenticate the device connected to the port During the re authentication period the port status will remain authorized until re authentication failed Format config 802 1x reauth port_based ports portlist all mac_based ports portlist all mac_address macaddr Parameters port_based Configure the authentication as port based mode portlist Enter the list o...

Page 56: ...ameters guest_vlan Specifies the VLAN to be guest VLAN vlan_name 32 Optional Enter the VLAN name here The VLAN name can be up to 32 characters long Restrictions Only Administrators Operators and Power Users can issue this command Example To assign a static VLAN called guestVLAN to be a guest VLAN DWS 3160 24PC admin create 802 1x guest_vlan guestVLAN Command create 802 1x guest_vlan guestVLAN Succ...

Page 57: ... command is used to configure a guest VLAN If the specific port state is changed from enabled to disabled this port will then be reassigned to its original VLAN Format config 802 1x guest_vlan ports portlist all state enable disable Parameters ports A range of ports enable or disable guest VLAN function portlist Enter the list of ports used for the configuration here all Specifies that all the por...

Page 58: ...his command is used to display the information of guest VLANs Format show 802 1x guest_vlan Parameters None Restrictions None Example To display the information of a guest VLAN DWS 3160 24PC admin show 802 1x guest_vlan Command show 802 1x guest_vlan Guest VLAN Setting Guest VLAN guestVLAN Enabled Guest VLAN Ports 1 8 DWS 3160 24PC admin 4 21 config radius add Description This command is used to a...

Page 59: ...is used to transmit RADIUS authentication data between the Switch and the RADIUS server The range is 1 to 65535 udp_port_number 1 65535 Enter the authentication port number here This value must be between 1 and 65535 acct_port Optional Specifies the UDP port number which is used to transmit RADIUS accounting statistics between the Switch and the RADIUS server The range is 1 to 65535 udp_port_numbe...

Page 60: ...s value must be between 1 and 3 ipaddress Optional The IP address of the RADIUS server server_ip Enter the RADIUS server IP address here ipv6addr Enter the RADIUS server IPv6 address used here key Optional The key pre negotiated between Switch and RADIUS server It is used to encrypt user s authentication data before being transmitted over internet The maximum length of the key is 32 password 32 En...

Page 61: ...ue will be used retransmit Optional The count for re transmitting The default value is 2 int 1 20 Enter the re transmit value here This value must be between 1 and 20 default Specifies that the default re transmit value will be used Restrictions Only Administrators Operators and Power Users can issue this command Example To configure a RADIUS server DWS 3160 24PC admin config radius 1 auth_port 60...

Page 62: ... dlink Total Entries 1 DWS 3160 24PC admin 4 25 show auth_statistics Description This command is used to display information of authenticator statistics Format show auth_statistics ports portlist Parameters ports Optional Specifies a range of ports to be displayed portlist Enter the list of ports that will be displayed here Restrictions None Example To display authenticator statistics information ...

Page 63: ...EapolFramesRx 0 EapLengthErrorFramesRx 0 LastEapolFrameVersion 0 LastEapolFrameSource 00 00 00 00 00 00 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 4 26 show auth_diagnostics Description This command is used to display information of authenticator diagnostics Format show auth_diagnostics ports portlist Parameters ports Optional Specifies a range of ports to be displayed portlist ...

Page 64: ...henticated 0 EapLogoffWhileAuthenticated 0 BackendResponses 0 BackendAccessChallenges 0 BackendOtherRequestsToSupplicant 0 BackendNonNakResponsesFromSupplicant 0 BackendAuthSuccesses 0 BackendAuthFails 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 4 27 show auth_session_statistics Description This command is used to display information of authenticator session statistics Format s...

Page 65: ...sRx 0 SessionFramesTx 0 SessionId SessionAuthenticMethod Remote Authentication Server SessionTime 0 SessionTerminateCause SupplicantLogoff SessionUserName CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 4 28 show auth_client Description This command is used to display information of RADIUS authentication client Format show auth_client Parameters None Restrictions None Example To disp...

Page 66: ...ientAccessRetransmissions 0 radiusAuthClientAccessAccepts 0 radiusAuthClientAccessRejects 0 radiusAuthClientAccessChallenges 0 radiusAuthClientMalformedAccessResponses 0 radiusAuthClientBadAuthenticators 0 radiusAuthClientPendingRequests 0 radiusAuthClientTimeouts 0 radiusAuthClientUnknownTypes 0 radiusAuthClientPacketsDropped 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 4 29 sh...

Page 67: ...us Page r Refresh 4 30 config accounting service Description This command is used to configure the state of the specified RADIUS accounting service Format config accounting service network shell system state enable disable Parameters network Accounting service for 802 1X port access control By default the service is disabled shell Accounting service for shell events When user logs on or out the Sw...

Page 68: ...e enable Success DWS 3160 24PC admin 4 31 show accounting service Description This command is used to display the status of RADIUS accounting services Format show accounting service Parameters None Restrictions None Example To display information of RADIUS accounting services DWS 3160 24PC admin show accounting service Command show accounting service Accounting State Network Disabled Shell Enabled...

Page 69: ...cation create authen server_group string 15 config authen server_group tacacs xtacacs tacacs radius string 15 add delete server_host ipaddr protocol tacacs xtacacs tacacs radius delete authen server_group string 15 show authen server_group string 15 create authen server_host ipaddr protocol tacacs xtacacs tacacs radius port int 1 65535 key key_string 254 none timeout int 1 255 retransmit int 1 20 ...

Page 70: ... can be applied to the system later When password encryption is disabled if the user specifies the password in plain text form the password will be in plain text form However if the user specifies the password in encrypted form or if the password has been converted to encrypted form by the last enable password encryption command the password will still be in the encrypted form It cannot be reverte...

Page 71: ...t enable authen_policy Parameters None Restrictions Only Administrators can issue this command Example To enable system access authentication policy DWS 3160 24PC admin enable authen_policy Command enable authen_policy Success DWS 3160 24PC admin 5 4 disable authen_policy Description This command is used to disable system access authentication policy Disable system access authentication policy Whe...

Page 72: ... to display that system access authentication policy is enabled or disabled Format show authen_policy Parameters None Restrictions Only Administrators can issue this command Example To display system access authentication policy DWS 3160 24PC admin show authen_policy Command show authen_policy Authentication Policy Enabled DWS 3160 24PC admin 5 6 create authen_login Description This command is use...

Page 73: ...e second server host in TACACS group and so on If all server hosts in TACACS group are missing the authentication request will be sent to the first server host in TACACS group If all server hosts in TACACS group are missing the local account database in the device is used to authenticate this user When user logins the device successfully while using methods like TACACS XTACACS TACACS RADIUS built ...

Page 74: ...a user defined method list for user login DWS 3160 24PC admin config authen_login method_list_name login_list_1 method tacacs tacacs local Command config authen_login method_list_name login_list_1 method tacacs tacacs local Success DWS 3160 24PC admin 5 8 delete authen_login Description This command is used to delete a user defined method list of authentication methods for user login Format delete...

Page 75: ...ogin Restrictions Only Administrators can issue this command Example To display a user defined method list for user login DWS 3160 24PC admin show authen_login method_list_name login_list_1 Command show authen_login method_list_name login_list_1 Method List Name Priority Method Name Comment login_list_1 1 tacacs Built in Group 2 tacacs Built in Group 3 mix_1 User defined Group 4 local Keyword DWS ...

Page 76: ... are missing the authentication request will be sent to the first server host in TACACS group If all server hosts in TACACS group are missing the local enable password in the device is used to authenticate this user s password Format config authen_enable default method_list_name string 15 method tacacs xtacacs tacacs radius server_group string 15 local _enable none Parameters default The default m...

Page 77: ...promoting user s privilege to Admin level Format delete authen_enable method_list_name string 15 Parameters string 15 The user defined method list name This value can be up to 15 characters long Restrictions Only Administrators can issue this command Example To delete a user defined method list for promoting user s privilege to Admin level DWS 3160 24PC admin delete authen_enable method_list_name ...

Page 78: ...enable method_list_name enable_list_1 Method List Name Priority Method Name Comment enable_list_1 1 tacacs Built in Group 2 tacacs Built in Group 3 mix_1 User defined Group 4 local Keyword Total Entries 1 DWS 3160 24PC admin 5 14 config authen application Description This command is used to configure login or enable method list for all or the specified application Format config authen application ...

Page 79: ...ogin method_list_name login_list_1 Success DWS 3160 24PC admin 5 15 show authen application Description This command is used to display the login enable method list for all applications Format show authen application Parameters None Restrictions Only Administrators can issue this command Example To display the login enable method list for all applications DWS 3160 24PC admin show authen applicatio...

Page 80: ... mix_1 Command create authen server_group mix_1 Success DWS 3160 24PC admin 5 17 config authen server_group Description This command is used to add or remove an authentication server host to or from the specified server group Built in server group TACACS XTACACS TACACS RADIUS accepts the server host with the same protocol only but user defined server group can accept server hosts with different pr...

Page 81: ...uthentication protocol will be used Restrictions Only Administrators can issue this command Example To add an authentication server host to an server group DWS 3160 24PC admin config authen server_group mix_1 add server_host 10 1 1 222 protocol tacacs Command config authen server_group mix_1 add server_host 10 1 1 222 protocol tacacs Success DWS 3160 24PC admin 5 18 delete authen server_group Desc...

Page 82: ...15 characters long Restrictions Only Administrators can issue this command Example To display all authentication server groups DWS 3160 24PC admin show authen server_group Command show authen server_group Group Name IP Address Protocol mix_1 10 1 1 222 TACACS 10 1 1 223 TACACS radius 10 1 1 224 RADIUS tacacs 10 1 1 225 TACACS tacacs 10 1 1 226 TACACS xtacacs 10 1 1 227 XTACACS Total Entries 5 DWS ...

Page 83: ...1 and 65535 key Optional The key for TACACS and RADIUS authentication If the value is null no encryption will apply This value is meaningless for TACACS and XTACACS key_string 254 Enter the TACACS or the RADIUS key here This key can be up to 254 characters long none No encryption for TACACS and RADIUS authentication This value is meaningless for TACACS and XTACACS timeout Optional The time in seco...

Page 84: ...This value must be between 1 and 65535 key Optional The key for TACACS and RADIUS authentication If the value is null no encryption will apply This value is meaningless for TACACS and XTACACS key_string 254 Enter the TACACS key here This value can be up to 254 characters long none No encryption for TACACS and RADIUS authentication This value is meaningless for TACACS and XTACACS timeout Optional T...

Page 85: ...authentication protocol xtacacs Server host s authentication protocol tacacs Server host s authentication protocol radius Server host s authentication protocol Restrictions Only Administrators can issue this command Example To delete an authentication server host DWS 3160 24PC admin delete authen server_host 10 1 1 222 protocol tacacs Command delete authen server_host 10 1 1 222 protocol tacacs Su...

Page 86: ...time waiting or user input on console TELNET SSH application Format config authen parameter response_timeout int 0 255 Parameters response_timeout The amount of time for user input on console or TELNET or SSH 0 means there is no time out Default value is 30 seconds int 0 255 Enter the response timeout value here This value must be between 0 and 255 Restrictions Only Administrators can issue this c...

Page 87: ... console or TELNET or SSH Default value is 3 int 1 255 Enter the attempt amount here This value must be between 1 and 255 Restrictions Only Administrators can issue this command Example To configure the maximum attempts for user s trying to login or promote the privilege to be 9 DWS 3160 24PC admin config authen parameter attempt 9 Command config authen parameter attempt 9 Success DWS 3160 24PC ad...

Page 88: ... TACACS user defined server groups local_enable or none will be used to authenticate the user Because TACACS XTACACS and RADIUS don t support enable function in itself if user wants to use either one of these 3 protocols to do enable authentication user must create a special account on the server host first which has a username enable and then configure its password as the enable password to suppo...

Page 89: ...t the password interactively For this case the user can only input the plain text password If the password is present in the command the user can select to input the password in the plain text form or in the encrypted form The encryption algorithm is based on SHA I Format config admin local_enable Parameters None Restrictions Only Administrators can issue this command Example To configure the admi...

Page 90: ...ask hex 0x0 0xffff dst_port value 0 65535 mask hex 0x0 0xffff protocol_id value 0 255 user_define hex 0x0 0xffffffff mask hex 0x0 0xffffffff packet_content offset_chunk_1 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_2 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_3 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_4 hex 0x0 0xffffffff mask hex 0x0 0xffffffff ipv6 class v...

Page 91: ...eters profile_id Specifies the index of the access list profile value 1 6 Enter the profile ID here This value must be between 1 and 6 profile_name The name of the profile must be specified The maximum length is 32 characters name 1 32 Enter the profile name here ethernet Specifies this is an ethernet mask vlan Optional Specifies a VLAN mask Only the last 12 bits of the mask will be considered hex...

Page 92: ...must be between 0 and 31 hex 0x0 0xffffffff Enter the offset chunk 1 mask here offset_chunk_2 Optional Specifies that the offset chunk 2 will be used value 0 31 Enter the offset chunk 2 value here This value must be between 0 and 31 hex 0x0 0xffffffff Enter the offset chunk 2 mask here offset_chunk_3 Optional Specifies that the offset chunk 3 will be used value 0 31 Enter the offset chunk 3 value ...

Page 93: ... DWS 3160 24PC admin create access_profile profile_id 4 profile_name 4 packet_content_mask offset_chunk_1 3 0xFFFF offset_chunk_2 5 0xFF00 offset_chunk_3 14 0xFFFF0000 offset_chunk_4 16 0xFF000000 Command create access_profile profile_id 4 profile_name 4 packet_content_mask offset_chunk_1 3 0xFFFF offset_chunk_2 5 0xFF00 offset_chunk_3 14 0xFFFF0000 offset_chunk_4 16 0xFF000000 Success DWS 3160 24...

Page 94: ...lue 0 65535 mask hex 0x0 0xffff dst_port value 0 65535 mask hex 0x0 0xffff flag all urg ack psh rst syn fin udp src_port value 0 65535 mask hex 0x0 0xffff dst_port value 0 65535 mask hex 0x0 0xffff protocol_id value 0 255 user_define hex 0x0 0xffffffff mask hex 0x0 0xffffffff packet_content offset_chunk_1 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_2 hex 0x0 0xffffffff mask hex 0x0 0xf...

Page 95: ...he 802 1p priority tag value here ethernet_type Optional Specifies the Ethernet type hex 0x0 0xffff Enter the Ethernet type mask here ip Optional Specifies to configure the IP access profile vlan Optional Specifies a VLAN name vlan_name 32 Enter the name of the VLAN here This name can be up to 32 characters long vlan_id Optional Specifies that VLAN ID used vlanid 1 4094 Enter the VLAN ID used here...

Page 96: ...y to the value of IP protocol ID traffic value 0 255 Enter the protocol ID used here user_define Optional Specifies that the rule will apply to the IP protocol ID and that the mask options behind the IP header which has a length of 20 bytes hex 0x0 0xffffffff Enter the user defined mask value here mask Specifies an additional mask parameter that can be configured hex 0x0 0xffffffff Enter the mask ...

Page 97: ...x0 0xffff Enter the UDP destination port mask value here icmp Optional Specifies to configure the ICMP parameters used type Specifies that the rule applies to the value of ICMP type traffic value 0 255 Enter the ICMP type traffic value here This value must be between 0 and 255 code Specifies that the rule applies to the value of ICMP code traffic value 0 255 Enter the ICMP code traffic value here ...

Page 98: ...r of entries depends on the project If the auto_assign option is selected the access ID is automatically assigned when adding multiple ports value 1 256 Enter the access ID used here This value must be between 1 and 256 Restrictions Only Administrators Operators and Power Users can issue this command Example To configure a rule entry for a packet content mask profile option 3 DWS 3160 24PC admin c...

Page 99: ...rofile name t1 Type Ethernet MASK on VLAN 0xFFF Source MAC 00 00 00 00 00 01 Destination MAC 00 00 00 00 00 02 802 1p Ethernet Type Available HW Entries 256 Profile ID 2 Profile name 2 Type IPv4 MASK on VLAN 0xFFF Source IP 20 0 0 0 Dest IP 10 0 0 0 DSCP ICMP Type Code Available HW Entries 256 Profile ID 4 Profile name 4 Type User Defined MASK on offset_chunk_1 3 value 0x0000FFFF offset_chunk_2 5 ...

Page 100: ...s profile that supports an entry mask for each rule DWS 3160 24PC admin show access_profile profile_id 2 Command show access_profile profile_id 2 Access Profile Table Profile ID 2 Profile name 2 Type IPv4 MASK on VLAN 0xFFF Source IP 20 0 0 0 Dest IP 10 0 0 0 DSCP ICMP Type Code Available HW Entries 256 DWS 3160 24PC admin The following example displays the packet content mask profile for the prof...

Page 101: ...t the preferred bandwidth for this rule in Kbps and once the bandwidth has been exceeded overflowing packets will either be dropped or have a drop precedence set depending on the user configuration For single rate three color mode users need to Specifies the committed rate in Kbps the committed burst size and the excess burst size For the two rate three color mode users need to Specifies the commi...

Page 102: ... two color mode Specifies the committed bandwidth in Kbps for the flow value 0 1048576 Enter the rate for single rate two color mode here This value must be between 0 and 1048576 burst_size Optional This specifies the burst size for the single rate two color mode The unit is Kbytes value 0 131072 Enter the burst size value here This value must be between 0 and 131072 rate_exceed This specifies the...

Page 103: ...he packet replace_dscp Changes the DSCP of the packet value 0 63 Enter the replace DSCP value here This value must be between 0 and 63 drop Drops the packet counter Optional Specifies the ACL counter This is optional The default is disable The resource may be limited so that a counter cannot be turned on Counters will be cleared when the function is disabled enable Specifies that the ACL counter o...

Page 104: ...le Specifies that the ACL counter option will be enabled disable Specifies that the ACL counter option will be disabled delete Deletes the specified flow_meter Restrictions Only Administrators Operators and Power Users can issue this command Example To configure a two rate three color flow meter DWS 3160 24PC admin config flow_meter profile_id 1 access_id 1 tr_tcm cir 1000 cbs 2000 pir 2000 pbs 20...

Page 105: ...specific range of time to activate a function on the Switch by specifying which time range in a day and which days in a week are covered in the time range NOTE The specified time range is based on the SNTP time or the configured time If this time is not available the time range will not be met Format config time_range range_name 32 hours start_time time hh mm ss end_time time hh mm ss weekdays day...

Page 106: ... delete Deletes a time range profile When a time_range profile has been associated with ACL entries deleting the time_range profile will fail Restrictions Only Administrators Operators and Power Users can issue this command Example To configure a time range named 1 that starts every Monday at 01 01 01am and ends at 02 02 02am DWS 3160 24PC admin config time_range 1 hours start_time 1 1 1 end_time ...

Page 107: ...l Entries 1 DWS 3160 24PC admin 6 9 show current_config access_profile Description This command is used to display the ACL part of the current configuration when logged in with user level privileges The overall current configuration can be displayed by using the show config command which is accessible with administrator level privileges Format show current_config access_profile Parameters None Res...

Page 108: ... 00 11 22 33 44 55 destination_mac 00 12 34 56 78 90 802 1p 1 ethernet_type 0xFFFF port 10 permit priority 1 replace_priority replace_tos 1 counter enable time_range 1 create access_profile profile_id 2 profile_name 2 ip vlan source_ip_mask 20 0 0 0 destination_ip_mask 10 0 0 0 dscp icmp type code create access_profile profile_id 4 profile_name 4 packet_content_mask offset_chunk_1 3 0xFFFF offset_...

Page 109: ...35 mask hex 0x0 0xffff dst_port value 0 65535 mask hex 0x0 0xffff protocol_id value 0 255 user_define hex 0x0 0xffffffff mask hex 0x0 0xffffffff ipv6 class value 0 255 source_ipv6 ipv6addr mask ipv6mask destination_ipv6 ipv6addr mask ipv6mask tcp src_port value 0 65535 mask hex 0x0 0xffff dst_port value 0 65535 mask hex 0x0 0xffff udp src_port value 0 65535 mask hex 0x0 0xffff dst_port value 0 655...

Page 110: ...cified The maximum length is 32 characters name 1 32 Enter the profile name used here This name can be up to 32 characters long ethernet Specifies this is an Ethernet mask vlan Optional Specifies a VLAN mask hex 0x0 0x0fff Enter the VLAN mask used here source_mac Optional Specifies the source MAC mask macmask Enter the source MAC mask used here destination_mac Optional Specifies the destination MA...

Page 111: ...value here destination_ipv6_mask Specifies an IPv6 destination sub mask ipv6mask Enter the IPv6 destination sub mask value here tcp Optional Specifies that the following parameter are application to the TCP configuration src_port_mask Specifies an IPv6 Layer 4 TCP source port mask hex 0x0 0xffff Enter the Ipv6 TCP source port mask value here dst_port_mask Specifies an IPv6 Layer 4 TCP destination ...

Page 112: ...rofile_name name 1 32 add access_id auto_assign value 1 128 ethernet vlan vlan_name 32 vlan_id vlanid 1 4094 mask hex 0x0 0x0fff source_mac macaddr mask macmask destination_mac macaddr mask macmask 802 1p value 0 7 ethernet_type hex 0x0 0xffff ip vlan vlan_name 32 vlan_id vlanid 1 4094 mask hex 0x0 0x0fff source_ip ipaddr mask netmask destination_ip ipaddr mask netmask dscp value 0 63 icmp type va...

Page 113: ...ination MAC address used here mask Specifies that destination MAC mask used macmask Enter the destination MAC mask value here 802 1p Optional Specifies the value of the 802 1p priority tag The priority tag ranges from 1 to 7 value 0 7 Enter the 802 1p priority tag used here ethernet_type Optional Specifies the Ethernet type hex 0x0 0xffff Enter the Ethernet type mask used here ip Specifies an IP e...

Page 114: ... the following parameters configured will apply to the UDP configuration src_port Specifies the UDP source port range value 0 65535 Enter the UDP source port range value here mask Specifies the UDP source port mask here hex 0x0 0xffff Enter the UDP source port mask value here dst_port Specifies the UDP destination port range value 0 65535 Enter the UDP destination port range value here mask Specif...

Page 115: ...n_name 32 Enter the VLAN name used for this configuration here This name can be up to 32 characters long vlanid Specifies a VLAN ID vlanid 1 4094 Enter the VLAN ID used for this configuration here This value must be between 1 and 4094 port_group Specifies the port group value here id Specifies the ID of the port group which the rule applies value 1 64 Enter the group ID value here This value must ...

Page 116: ...permit Success DWS 3160 24PC admin To configure a vlan base egress access rule that when the packet go out Switch which match the specified source MAC field it will be dropped DWS 3160 24PC admin config egress_access_profile profile_id 2 add access_id 1 ethernet source_mac 11 22 33 44 55 66 vlan_based vlan_id 1 deny Command config egress_access_profile profile_id 2 add access_id 1 ethernet source_...

Page 117: ... Hardware Entries 3 Total Available Hardware Entries 509 Profile ID 1 Profile name 1 Type Ethernet Mask on Source MAC FF FF FF FF FF FF Available Hardware Entries 127 Rule ID 1 Port group Match on VLAN ID 1 Source MAC 00 00 00 00 00 01 Action Permit Profile ID 2 Profile name 2 Type IPv4 Mask on Source IP 255 255 255 255 Destination IP 255 255 255 255 DSCP Available Hardware Entries 126 Rule ID 1 a...

Page 118: ...ofile_id 1 Command show egress_access_profile profile_id 1 Egress Access Profile Table Profile ID 1 Profile name 1 Type Ethernet Mask on Source MAC FF FF FF FF FF FF Available Hardware Entries 127 Rule ID 1 Port group Match on VLAN ID 1 Source MAC 00 00 00 00 00 01 Action Permit DWS 3160 24PC admin 7 5 show current_config egress_access_profile Description This command is used to display the egress...

Page 119: ...ip_mask 255 255 255 255 destination_ip_mask 255 255 255 255 dscp config egress_access_profile profile_id 2 add access_id auto_assign ip source_ip 10 0 0 2 destination_ip 10 90 90 90 dscp 25 port_group id 1 permit counter enable config egress_access_profile profile_id 2 add access_id auto_assign ip source_ip 10 0 0 1 destination_ip 10 90 90 90 dscp 25 port_group id 1 permit DWS 3160 24PC admin 7 6 ...

Page 120: ...ode value here cbs Optional Specifies the Committed Burst Size The unit is Kbytes That is to say 1 means 1Kbytes This parameter is an optional parameter The default value is 4 1024 value Enter the committed burst size value here pir Specifies the Peak Information Rate The unit is in Kbps PIR should always be equal to or greater than CIR value Enter the peak information rate value here pbs Optional...

Page 121: ...tional Permit the packet replace_dscp Changes the DSCP of the packet value 0 63 Enter the replace DSCP value here This value must be between 0 and 63 counter Optional Specifies the ACL counter This is optional The default is disable The resource may be limited so that a counter cannot be turned on Counters will be cleared when the function is disabled enable Specifies that the ACL counter paramete...

Page 122: ...Description This command is used to display the egress flow based metering configuration Format show egress_flow_meter profile_id value 1 4 profile_name name 1 32 access_id value 1 128 Parameters profile_id Optional Specifies the index of access list profile value 1 4 Enter the profile ID used here This value must be between 1 and 4 profile_name Optional Specifies the name of the profile name 1 32...

Page 123: ...byte 100 EBS Kbyte 200 Action Conform Permit Counter Enabled Exceed Permit Replace DSCP 60 Counter Enabled Violate Drop Counter Disabled Total Entries 2 DWS 3160 24PC admin 7 8 create port_group Description This command is used to create a port group Format create port_group id value 1 64 name name 16 Parameters id Specifies the port group ID value 1 64 Enter the port group ID here This value must...

Page 124: ...Specifies the port group name name 16 Enter the port group name here This name can be up to 16 characters long add Add a port list to this port group delete Delete a port list from this port group portlist Enter a list of ports used for the configuration here all Specifies that all the ports will be used for this configuration Restrictions Only Administrators and Operators can issue this command E...

Page 125: ...e port_group id 2 Command delete port_group id 2 Success DWS 3160 24PC admin 7 11 show port_group Description This command is used to display the port group information Format show port_group id value 1 64 name name 16 Parameters id Optional Specifies the port group ID value 1 64 Enter the port group ID used here This value must be between 1 and 64 name Optional Specifies the port group name name ...

Page 126: ...fied Switch CLI Reference Guide 122 DWS 3160 24PC admin show port_group Command show port_group Port Group Table Group ID Group Name Ports 1 group1 1 2 5 2 group2 4 5 7 9 11 13 15 17 19 25 4 group3 5 7 Total Entries 3 DWS 3160 24PC admin ...

Page 127: ...create arpentry ipaddr macaddr Parameters ipaddr The IP address of the end node or station macaddr The MAC address corresponding to the IP address above Restrictions Only Administrators Operators and Power Users can issue this command Example To create a static ARP entry for the IP address 10 48 74 121 and MAC address 00 50 BA 00 07 36 DWS 3160 24PC admin create arpentry 10 48 74 121 00 50 BA 00 0...

Page 128: ...4 121 Command delete arpentry 10 48 74 121 Success DWS 3160 24PC admin 8 3 config arpentry Description This command is used to configure a static entry s MAC address in the ARP table Specifies the IP address and MAC address of the entry Format config arpentry ipaddr macaddr Parameters ipaddr The IP address of the end node or station macaddr The MAC address corresponding to the IP address above Res...

Page 129: ...accessed before it is dropped from the table Format config arp_aging time minutes 0 65535 Parameters time The ARP age out time in minutes the default is 20 minutes 0 65535 Enter the ARP age out time here This value must be between 0 and 65535 minutes Restrictions Only Administrators Operators and Power Users can issue this command Example To configure ARP aging time to 30 minutes DWS 3160 24PC adm...

Page 130: ...ace name or static entries Format show arpentry ipif ipif_name 12 ipaddress ipaddr static mac_address macaddr Parameters ipif Optional The name of the IP interface the end node or station for which the ARP table entry was made resides on ipif_name 12 Enter the IP interface name here This value can be up to 12 characters long ipaddress Optional The IP address of the end node or station ipaddr Enter...

Page 131: ...face IP Address MAC Address Type System 10 0 0 0 FF FF FF FF FF FF Local Broadcast System 10 48 74 121 00 50 BA 00 07 37 Static System 10 90 90 20 00 22 B0 3C DD C0 Dynamic System 10 90 90 90 00 11 22 33 45 67 Local System 10 90 90 91 00 11 22 33 32 32 Dynamic System 10 255 255 255 FF FF FF FF FF FF Local Broadcast Total Entries 6 DWS 3160 24PC admin ...

Page 132: ...spoofing_prevention add gateway_ip ipaddr gateway_mac macaddr ports portlist all delete gateway_ip ipaddr Parameters add Specifies to add an ARP spoofing prevention entry gateway_ip Specifies a gateway IP address to be configured ipaddr Enter the IP address used for this configuration here gateway_mac Specifies a gateway MAC address to be configured macaddr Enter the MAC address used for this conf...

Page 133: ...Success DWS 3160 24PC admin 9 2 show arp_spoofing_prevention Description This command is used to display the ARP spoofing prevention entry Format show arp_spoofing_prevention Parameters None Restrictions Only Administrators and Operators can issue this command Example To display the ARP spoofing prevention entries DWS 3160 24PC admin show arp_spoofing_prevention Command show arp_spoofing_preventio...

Page 134: ...he asymmetric VLAN function on the Switch Format enable asymmetric_vlan Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To enable asymmetric VLANs DWS 3160 24PC admin enable asymmetric_vlan Command enable asymmetric_vlan Success DWS 3160 24PC admin 10 2 disable asymmetric_vlan Description This command is used to disable the asymmetric VLAN ...

Page 135: ... asymmetric_vlan Command disable asymmetric_vlan Success DWS 3160 24PC admin 10 3 show asymmetric_vlan Description This command is used to display the asymmetric VLAN state on the Switch Format show asymmetric_vlan Parameters None Restrictions None Example To display the asymmetric VLAN state currently set on the Switch DWS 3160 24PC admin show asymmetric_vlan Command show asymmetric_vlan Asymmetr...

Page 136: ... TFTP server IP address from the DHCP server Then the Switch will download the configuration file from the TFTP server for configuration of the system Format enable autoconfig Parameters None Restrictions Only Administrators and Operators can issue this command Example To enable autoconfig DWS 3160 24PC admin enable autoconfig Command enable autoconfig Success DWS 3160 24PC admin 11 2 disable auto...

Page 137: ... autoconfig Command disable autoconfig Success DWS 3160 24PC admin 11 3 show autoconfig Description This command is used to display if the auto configuration is enabled or disabled Format show autoconfig Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To display autoconfig status DWS 3160 24PC admin show autoconfig Command show autoconfig A...

Page 138: ... 12 ipv6address ipv6networkaddr all enable ipif ipif_name 12 all disable ipif ipif_name 12 all show ipif ipif_name 12 enable ipif_ipv6_link_local_auto ipif_name 12 all disable ipif_ipv6_link_local_auto ipif_name 12 all show ipif_ipv6_link_local_auto ipif_name 12 12 1 create account Description This command is used to create user accounts It is case sensitive The number of account include admin and...

Page 139: ...60 24PC admin create account user Remote Manager Command create account user Remote Manager Enter a case sensitive new password Enter the new password again for confirmation Success DWS 3160 24PC admin 12 2 config account Description This command is used to configure a user account created on this Switch When the password information is not specified in the command the system will prompt the user ...

Page 140: ... long The password is case sensitive Restrictions Only Administrators can issue this command Example To configure the user password of dlink account DWS 3160 24PC admin config account dlink Command config account dlink Enter a old password Enter a case sensitive new password Enter the new password again for confirmation Success DWS 3160 24PC admin To configure the user password of superuser accoun...

Page 141: ...s Level admin Admin operator Operator power Power_user user User Total Entries 4 DWS 3160 24PC admin 12 4 delete account Description This command is used to delete an existing account Format delete account username Parameters username Name of the user who will be deleted Restrictions Only Administrators can issue this command Example To delete the user account System DWS 3160 24PC admin delete acc...

Page 142: ...igabit Ethernet Switch MAC Address 00 01 02 03 04 00 IP Address 10 90 90 90 Manual VLAN Name default Subnet Mask 255 0 0 0 Default Gateway 0 0 0 0 Boot PROM Version Build 1 00 001 Firmware Version Build 1 00 034 Hardware Version A1 System Name System Location System Uptime 0 days 3 hours 0 minutes 36 seconds System Contact Spanning Tree Disabled GVRP Disabled IGMP Snooping Disabled MLD Snooping Di...

Page 143: ... 1 and 65535 The well known TCP port for the TELNET protocol is 23 Restrictions Only Administrators and Operators can issue this command Example To enable TELNET and configure port number DWS 3160 24PC admin enable telnet 23 Command enable telnet 23 Success DWS 3160 24PC admin 12 7 disable telnet Description This command is used to disable the Switch s TELNET based management software Format disab...

Page 144: ...5 Parameters tcp_port_number 1 65535 Optional The TCP port number TCP ports are numbered between 1 and 65535 The well known TCP port for the WEB protocol is 80 Restrictions Only Administrators and Operators can issue this command Example To enable HTTP and configure port number DWS 3160 24PC admin enable web 80 Command enable web 80 Success DWS 3160 24PC admin 12 9 disable web Description This com...

Page 145: ...ptional When force_agree is specified the reboot command will be executed immediately without further confirmation Restrictions Only Administrators can issue this command Example To reboot the Switch DWS 3160 24PC admin reboot Command reboot Are you sure to proceed with the system reboot y n Please wait the switch is rebooting 12 11 reset Description This command is used to reset the Switch The co...

Page 146: ...eset to default settings Then the Switch will do factory reset save and reboot force_agree Optional When force_agree is specified the reset command will be executed immediately without further confirmation Restrictions Only Administrators can issue this command Example To reset the Switch DWS 3160 24PC admin reset system Command reset system Are you sure you want to proceed with system reset y t n...

Page 147: ...ere This name can be up to 32 characters long secondary Optional Specifies the IPv4 secondary interface to be created state Optional Specifies the state of the IP interface enable Specifies that the IP interface state will be enabled disable Specifies that the IP interface state will be disabled proxy_arp Optional Enable or disable of proxy ARP function It is for IPv4 function Default Disabled ena...

Page 148: ...dress will overwrite the original one network_address Enter the network address used here vlan Specifies the name of the VLAN here vlan_name 32 Enter the VLAN name used here This name can be up to 32 characters long proxy_arp Enable disable of proxy ARP function It is for IPv4 function Default Disabled enable Specifies that the proxy ARP option will be enabled disable Specifies that the proxy ARP ...

Page 149: ... Operators and Power Users can issue this command Example To configure an interface s IPv4 network address DWS 3160 24PC admin config ipif System ipaddress 192 168 69 123 24 vlan default Command config ipif System ipaddress 192 168 69 123 24 vlan default Success DWS 3160 24PC admin 12 15 delete ipif Description This command is used to delete an IP interface Format delete ipif ipif_name 12 ipv6addr...

Page 150: ...ace ipif_name 12 Enter the IP interface name used here This name can be up to 12 characters long all Specifies that all the IP interfaces will be enabled Restrictions Only Administrators Operators and Power Users can issue this command Example To enable an IP interface DWS 3160 24PC admin enable ipif newone Command enable ipif newone Success DWS 3160 24PC admin 12 17 disable ipif Description This ...

Page 151: ...sers can issue this command Example To disable an IP interface DWS 3160 24PC admin disable ipif newone Command disable ipif newone Success DWS 3160 24PC admin 12 18 show ipif Description This command is used to display an IP interface Format show ipif ipif_name 12 Parameters ipif_name Specifies the name of the IP interface ipif_name 12 Optional Enter the IP interface name used here This name can b...

Page 152: ...of a link local address when there are no IPv6 addresses explicitly configured When an IPv6 address is explicitly configured the link local address will be automatically configured and the IPv6 processing will be started When there is no IPv6 address explicitly configured by default link local address is not configured and the IPv6 processing will be disabled By enable this automatic configuration...

Page 153: ...name used here This name can be up to 12 characters long all Specifies that all the IP interfaces will be used Restrictions Only Administrators Operators and Power Users can issue this command Example To disable the IP interface for IPv6 link local automatic DWS 3160 24PC admin disable ipif_ipv6_link_local_auto newone Command disable ipif_ipv6_link_local_auto newone Success DWS 3160 24PC admin 12 ...

Page 154: ... Only Administrators Operators and Power Users can issue this command Example T o display the link local address automatic configuration state DWS 3160 24PC admin show ipif_ipv6_link_local_auto Command show ipif_ipv6_link_local_auto IPIF System Automatic Link Local Address Enabled DWS 3160 24PC admin ...

Page 155: ...us BPDU protection can only be enabled on STP disabled port BPDU protection has high priority than FBPDU setting configured by configure STP command in determination of BPDU handling That is when FBPDU is configured to forward STP BPDU but BPDU protection is enabled then the port will not forward STP BPDU Format config bpdu_protection ports portlist all state enable disable mode drop block shutdow...

Page 156: ... port the user needs to disable and re enable the port Format config bpdu_protection recovery_timer sec 60 1000000 infinite Parameters recovery_timer Specifies the BPDU protection Auto Recovery recovery_timer The default value of recovery_timer is 60 sec 60 1000000 The timer in seconds used by the Auto Recovery mechanism to recover the port The valid range is 60 to 1000000 infinite The port will n...

Page 157: ...The events of attack_detected and attack_cleared shall be trapped or logged Restrictions Only Administrators Operators and Power Users can issue this command Example To config the BPDU protection trap state as both for the entire Switch DWS 3160 24PC admin config bpdu_protection trap both Commands config bpdu_protection trap both Success DWS 3160 24PC admin 13 4 enable bpdu_protection Description ...

Page 158: ...strictions Only Administrators Operators and Power Users can issue this command Example To disable the BPDU protection function globally DWS 3160 24PC admin disable bpdu_protection Commands disable bpdu_protection Success DWS 3160 24PC admin 13 6 show bpdu_protection Description This command is used to display the BPDU protection global configuration or per port configuration of the Switch and its...

Page 159: ...h BPDU Protection Log Status Both DWS 3160 24PC admin To display the BPDU protection status ports 1 12 DWS 3160 24PC admin show bpdu_protection ports 1 12 Commands show bpdu_protection ports 1 12 Port State Mode Status 1 Enabled shutdown Normal 2 Enabled shutdown Normal 3 Enabled shutdown Normal 4 Enabled shutdown Normal 5 Enabled shutdown Under Attack 6 Enabled shutdown Normal 7 Enabled shutdown ...

Page 160: ...able Since the status is link up the cable will not have the short or open problem But the test may still detect the crosstalk problem When a port is in link down status the link down may be caused by many factors When the port has a normal cable connection but the remote partner is powered off the cable diagnosis can still diagnose the health of the cable as if the remote partner is powered on Wh...

Page 161: ...orts 1 2 3 23 24 Command cable_diag ports 1 3 23 24 Perform Cable Diagnostics Port Type Link Status Test Result Cable Length M 1 1000BASE T Link Up OK 1 2 1000BASE T Link Up OK 1 3 1000BASE T Link Down Pair 1 Open at 3M Pair 2 Open at 3M Pair 3 Open at 3M Pair 4 Open at 3M 23 1000BASE T Link Up OK 4 24 1000BASE T Link Down No Cable DWS 3160 24PC admin ...

Page 162: ..._msg string 512 title_text string 512 user_label string 128 welcome_text string 1024 welcome_title string 512 wip_msg string 512 max_bandwidth_down int 0 536870911 default max_bandwidth_up int 0 536870911 default max_input_octets uint 0 4294967295 default max_output_octets uint 0 4294967295 default max_total_octets uint 0 4294967295 default name name 32 default protocol http https redirect enable ...

Page 163: ...ions Only Administrators can issue this command Example To enable the Captive Portal DWS 3160 24PC admin enable captive_portal Command enable captive_portal Success DWS 3160 24PC admin 15 2 disable captive_portal Description This command is used to disable the Captive Portal operation on the Switch Format disable captive_portal Parameters None Restrictions Only Administrators can issue this comman...

Page 164: ...additional HTTPS port int 0 65535 Enter the additional HTTPS port value used here This value must be between 0 and 65535 Ports 80 and 443 cannot be used as they are reserved The default value is 0 The value 0 specifies that no additional HTTPS port will be used default Specifies that the default value will be used statistics_interval Specifies the time interval at which statistics are reported in ...

Page 165: ... Captive Portal SNMP traps Format config captive_portal trap enable disable all client_auth_failure client_connect client_disconnect client_db_full Parameters enable Specifies that the Captive Portal trap option will be enabled disable Specifies that the Captive Portal trap option will be disabled all Specifies that all trap concerning the Captive Portal will be sent client_auth_failure Specifies ...

Page 166: ...ption This command is used to display the Captive Portal s global settings and status on the Switch Format show captive_portal status trap Parameters status Optional Specifies to display the Captive Portal s global status trap Optional Specifies to display the Captive Portal s SNMP trap configuration If no parameter is specified then summarized information about the Captive Portal configuration wi...

Page 167: ...s 1 Active Captive Portals 0 Local Supported Users 128 Configured Local Users 0 System Supported Users 1024 Authenticated Users 0 DWS 3160 24PC admin To display which Captive Portal SNMP traps are enabled DWS 3160 24PC admin show captive_portal trap Command show captive_portal trap Client Authentication Failure Traps Enable Client Connection Traps Enable Client Database Full Traps Enable Client Di...

Page 168: ...tive Portal instances that are operationally enabled Local Supported Users Displays the number of users that can be added and configured using the local user database Configured Local Users Displays the number of users that are configured from the local user database System Supported Users Displays the total number of authenticated users that the system can support Authenticated Users Displays the...

Page 169: ...24PC admin delete captive_portal configuration 2 Command delete captive_portal configuration 2 Success DWS 3160 24PC admin 15 8 config captive_portal configuration Description This command is used to configure the Captive Portal s configurations on the Switch NOTE Due to the complex nature of this command it is advised to rather use the Web User Interface to customize the captive portal login page...

Page 170: ...t Specifies that the default value will be used block Specifies to enable or disable the blocking of all traffic using the Captive Portal enable Specifies that traffic blocking using the Captive Portal will be enabled disable Specifies that traffic blocking using the Captive Portal will be disabled clear Specifies to clear this instance to the default values state Specifies to enables or disable t...

Page 171: ... aup_text Specifies that the web user must enter the text to display in the Acceptance Use Policy field The acceptance use policy instructs users about the conditions under which they are allowed to access the network string 32768 Optional Enter the Acceptance Use Policy text here This text can be up to 32768 characters long background_image Specifies that the web user must select the name of the ...

Page 172: ...tring can be up to 1024 characters long logout_success_title Specifies that the web user must enter the text used as the page title This is the text that identifies the page string 512 Optional Enter the Logout success title string here This string can be up to 512 characters long logout_text Specifies that the web user must enter a more detailed text display that confirms that the user has been a...

Page 173: ...cation failure error message that will be displayed here This string can be up to 512 characters long max_bandwidth_down Specifies the maximum rate at which a client can receive data from the network int 0 536870911 Enter the maximum down bandwidth value used here This value must be between 0 and 536870911 bits per second The value 0 indicates that there will be no limit The default value is 0 def...

Page 174: ...value used here This value can be up to 32 characters long The default value is 326BA0 default Specifies that the default value will be used session_timeout Specifies the session timeout for the Captive Portal configuration int 0 86400 Enter the session timeout value used here This value must be between 0 and 86400 seconds The value of 0 indicates that no timeout will be enforced The default value...

Page 175: ...und color of the Captive Portal authentication page DWS 3160 24PC admin config captive_portal configuration 1 background_color FFFFFF Command config captive_portal configuration 1 background_color FFFFFF Success DWS 3160 24PC admin To configure the session timeout value for the Captive Portal configuration DWS 3160 24PC admin config captive_portal configuration 1 session_timeout 1200 Command confi...

Page 176: ...on 1 redirect_url http www company com Command config captive_portal configuration 1 redirect_url http www company com Success DWS 3160 24PC admin To configure the name for the Captive Portal configuration DWS 3160 24PC admin config captive_portal configuration 1 name Training Command config captive_portal configuration 1 name Training Success DWS 3160 24PC admin To configure the protocol for the ...

Page 177: ..._network int 1 64 status locales client Parameters int 1 10 Optional Enter the Captive Portal configuration instance ID here This value must be between 1 and 10 If this variable is not specified then this command will display information of all the configured Captive Portal configurations interface Optional Specifies to display all interfaces assigned to the Captive Portal configuration phy_port S...

Page 178: ...in show captive_portal configuration 1 Command show captive_portal configuration 1 CP ID 1 CP Name Training Operational Status Enabled Block Status Blocked Configured Locales 1 Authenticated Users 0 DWS 3160 24PC admin To display all the interfaces assigned to the Captive Portal configuration 1 DWS 3160 24PC admin show captive_portal configuration 1 interface Command show captive_portal configurat...

Page 179: ...nticated Users 0 Total Entries 0 DWS 3160 24PC admin To display the status of the wireless interface 1 for the Captive Portal configuration 1 DWS 3160 24PC admin show captive_portal configuration 1 interface wireless_network 10 Command show captive_portal configuration 1 interface wireless_network 10 CP ID 1 CP Name Training Interface Wireless Network 10 Interface Description Wireless Network 10 d...

Page 180: ...iguration 1 DWS 3160 24PC admin show captive_portal configuration 1 locales Command show captive_portal configuration 1 locales Locale Code en DWS 3160 24PC admin To display the client s status which authenticated to the Captive Portal configuration 1 DWS 3160 24PC admin show captive_portal configuration 1 client Command show captive_portal configuration 1 client CP ID 1 CP Name Training No Captiv...

Page 181: ...is allowed to transmit Max Total Octets bytes Displays the maximum number of octets a client is allowed to transfer i e the sum of octets transmitted and received Session Timeout seconds Displays the number of seconds a user is permitted to remain connected to the network Once the Session Timeout value is reached the user is logged out automatically A value of 0 means that the user does not have a...

Page 182: ...ortal client DWS 3160 24PC admin config captive_portal client deauthenticate 00 23 7D BC 2E 18 Command config captive_portal client deauthenticate 00 23 7D BC 2E 18 Are you sure you want to deauthenticate the client y n y CP client deauthenticated Success DWS 3160 24PC admin 15 11 show captive_portal client Description This command is used to display information about the clients connected to the ...

Page 183: ...8 Command show captive_portal client 00 23 7D BC 2E 18 Client MAC Address 00 23 7D BC 2E 18 Client IP Address 192 168 69 66 Protocol Mode HTTP Verification Mode Guest CP ID 1 CP Name Default Interface Physical Port 23 Interface Description Physical Port 23 Gigabit L User Name localuser Session Time 0d 00 00 31 Switch MAC Address 00 11 22 33 45 67 Switch IP Address 192 168 69 123 Switch Type Local ...

Page 184: ...Type local or peer Displays the current switch type which is local or peer Bytes Received Displays the total bytes the client has received Bytes Transmitted Displays the total bytes the client has transmitted Packets Transmitted Displays the total packets the client has transmitted Packets Received Displays the total packets the client has received 15 12 show captive_portal interface client Descri...

Page 185: ...al Port 19 Gigabit Level Physical Port 20 Gigabit Level Physical Port 21 Gigabit Level Physical Port 22 Gigabit Level Physical Port 23 Gigabit Level 00 23 7D BC 2E 18 192 168 69 66 Physical Port 24 Gigabit Level Wireless Network 1 dlink1 Wireless Network 2 dlink2 Wireless Network 3 dlink3 Wireless Network 4 dlink4 Wireless Network 5 dlink5 Wireless Network 6 dlink6 Wireless Network 7 dlink7 Wirele...

Page 186: ...0 24PC admin 15 13 show captive_portal configuration client Description This command is used to display the clients authenticated to all Captive Portal configurations on the Switch Format show captive_portal configuration client Parameters None Restrictions None Example To display the clients authenticated to all Captive Portal configurations on the Switch DWS 3160 24PC admin show captive_portal c...

Page 187: ...al configurations DWS 3160 24PC admin show captive_portal interface configuration Command show captive_portal interface configuration CP ID CP Name Interface Description Type 1 Default Physical Port 23 Gigabit Level Physical DWS 3160 24PC admin To display the interface configuration assignments for a specific Captive Portal configuration DWS 3160 24PC admin show captive_portal interface configurat...

Page 188: ...cal Physical Port 4 Gigabit Level Physical Physical Port 5 Gigabit Level Physical Physical Port 6 Gigabit Level Physical Physical Port 7 Gigabit Level Physical Physical Port 8 Gigabit Level Physical Physical Port 9 Gigabit Level Physical Physical Port 10 Gigabit Level Physical Physical Port 11 Gigabit Level Physical Physical Port 12 Gigabit Level Physical Physical Port 13 Gigabit Level Physical Ph...

Page 189: ...unter Supported Bytes Transmitted Counter Supported Packets Received Counter Supported Packets Transmitted Counter Supported Roaming Supported DWS 3160 24PC admin In the above examples the following display parameters can be noticed Interface Description Displays the interface description Interface Type Displays the type of interface Session Timeout Displays whether or not this field is supported ...

Page 190: ...s name is used at the client station for authentication name 32 Enter the user s name used here This name can be up to 32 characters long password Specifies the user ID s password Restrictions Only Administrators can issue this command Example To create a user using a name DWS 3160 24PC admin create captive_portal user 2 name newuser Command create captive_portal user 2 name newuser Success DWS 31...

Page 191: ...7295 default max_total_octets uint 0 4294967295 default name name 32 password encrypted password 128 session_timeout int 0 86400 default Parameters int 1 128 Enter the User ID used here This value must be between 1 and 128 group Specifies to add or delete the group ID of the associated Captive Portal user add Specifies to add a group ID to the associated Captive Portal user int 1 10 Enter the grou...

Page 192: ...he default value will be used max_total_octets Specifies to limit the number of octets in bytes that the user is allowed to transmit and receive The maximum number of octets is the sum of the octets transmitted and received After this limit has been reached the user will be disconnected uint 0 4294967295 Enter the maximum total octets value used here This value must be between 0 and 4294967295 byt...

Page 193: ...t value for a Captive Portal user DWS 3160 24PC admin config captive_portal user 1 session_timeout 600 Command config captive_portal user 1 session_timeout 600 Success DWS 3160 24PC admin To configure the maximum bandwidth up value for a Captive Portal user DWS 3160 24PC admin config captive_portal user 1 max_bandwidth_up 102400 Command config captive_portal user 1 max_bandwidth_up 102400 Success ...

Page 194: ... admin To display the information of Captive Portal user 1 DWS 3160 24PC admin show captive_portal user 1 Command show captive_portal user 1 User ID 1 User Name CPuser Password Configured Yes Session Timeout 600 Idle Timeout 0 Max Bandwidth Up bytes sec 102400 Max Bandwidth Down bytes sec 0 Max Input Octets bytes 0 Max Output Octets bytes 0 Max Total Octets bytes 0 Group ID Group Name 1 Default 2 ...

Page 195: ...ccess DWS 3160 24PC admin 15 21 delete captive_portal user group Description This command is used to delete a Captive Portal user group The default user group ID is 1 and is not allowed to be deleted Format delete captive_portal user group int 1 10 Parameters int 1 10 Enter the Captive Portal user group ID used here This value must be between 1 and 10 Restrictions Only Administrators can issue thi...

Page 196: ...st before a move can be successful int 1 10 Enter the Captive Portal user group ID used here This value must be between 1 and 10 Restrictions Only Administrators can issue this command Example To configure the name of a Captive Portal user group DWS 3160 24PC admin config captive_portal user group 2 name group2 Command config captive_portal user group 2 name group2 Success DWS 3160 24PC admin To m...

Page 197: ...r groups in the Captive Portal local user group database DWS 3160 24PC admin show captive_portal user group Command show captive_portal user group Group ID Group Name User ID User Name 1 Default 2 group2 1 CPuser 2 newuser Total Groups 2 DWS 3160 24PC admin To display a specific user group in the Captive Portal local user group database DWS 3160 24PC admin show captive_portal user group 2 Command ...

Page 198: ...l not be logged When the user accesses the Switch under the AAA authentication mode the username should not changed if user uses enable admin command to replace its privilege Format enable command logging Parameters None Restrictions Only Administrators can issue this command Example To enable the command logging function DWS 3160 24PC admin enable command logging Command enable command logging Su...

Page 199: ...gging Success DWS 3160 24PC admin 16 3 show command logging Description This command is used to display the Switch s general command logging configuration status Format show command logging Parameters None Restrictions Only Administrators and Operators can issue this command Example To display the command logging configuration status DWS 3160 24PC admin show command logging Command show command lo...

Page 200: ...tion attributes disable authorization attributes show authorization config authentication server failover local permit block show authentication 17 1 create authentication guest_vlan Description This command is used to assign a static VLAN to be a guest VLAN The specific VLAN which assigned to guest VLAN must be existed The specific VLAN which assigned to guest VLAN can t be deleted Format create ...

Page 201: ...s vlan Specifies the guest VLAN by VLAN name vlan_name 32 Enter the VLAN name here This name can be up to 32 characters long vlanid Specifies the guest VLAN by VLAN ID vlanid 1 4094 Enter the VLAN ID here This ID must be between 1 and 4094 Restrictions Only Administrators Operators and Power Users can issue this command Example To delete guest VLAN configuration DWS 3160 24PC admin delete authenti...

Page 202: ...nfig authentication ports Description This command is used to configure security port s Format config authentication ports portlist all auth_mode port_based host_based vlanid vid_list state enable disable multi_authen_methods none any dot1x_impb impb_cp mac_impb cp_configuration int 1 10 Parameters ports Specifies port s to configure portlist Enter the list of ports to be configured here all Speci...

Page 203: ...cation method 802 1X MAC based Access Control and CP passes then pass dot1x_impb Dot1x will be verified first and then IMPB will be verified Both authentication need to be passed impb_cp IMPB will be verified first and then CP will be verified Both authentication need to be passed mac_impb MAC AC will be verified first and then IMPB will be verified Both authentication need to be passed cp_configu...

Page 204: ... Ports Total Entries 2 DWS 3160 24PC admin 17 6 show authentication ports Description This command is used to display authentication setting on port s Format show authentication ports portlist Parameters ports Optional Display compound authentication on the specified port s portlist Enter the list of ports to be configured here If not Specifies the port list displays compound authentication settin...

Page 205: ... 9 Any Host based 1 10 Any Host based 1 11 Any Host based 1 12 Any Host based 1 13 Any Host based 1 14 Any Host based 1 15 Any Host based 1 16 Any Host based 1 17 Any Host based 1 18 Any Host based 1 19 Any Host based 1 20 Any Host based 1 CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 17 7 enable authorization Description This command is used to enable authorization Format enable auth...

Page 206: ...able authorization Format disable authorization attributes Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To disable the authorization global state DWS 3160 24PC admin disable authorization attributes Command disable authorization attributes Success DWS 3160 24PC admin 17 9 show authorization Description This command is used to display aut...

Page 207: ...g authentication server failover local permit block Parameters local Use local DB to authenticate the client permit The client is always regarded as authenticated block Block the client Default setting Restrictions Only Administrators Operators and Power Users can issue this command Example To configure the authentication server s failover state DWS 3160 24PC admin config authentication server fai...

Page 208: ...authentication configuration DWS 3160 24PC admin show authentication Command show authentication Authentication Server Failover Block DWS 3160 24PC admin show authentication Command show authentication Authentication Server Failover Permit DWS 3160 24PC admin show authentication Command show authentication Authentication Server Failover Local DWS 3160 24PC admin ...

Page 209: ...y up to three filter strings ex stp A filter string is enclosed by symbol The following describes the meaning of the each filter type include includes lines that contain the specified filter string exclude excludes lines that contain the specified filter string begin The first line that contains the specified filter string will be the first line of the output The relationship of multiple filter st...

Page 210: ... the character The filter string is case sensitive This value can be up to 80 characters long include Includes lines that contain the specified filter string exclude Excludes lines that contain the specified filter string begin The first line that contains the specified filter string will be the first line of the output Restrictions Only Administrators can issue this command Example The following ...

Page 211: ... ESC q Quit SPACE n Next Page ENTER Next Entry a All 18 2 config configuration Description This command is used to select a configuration file as the next boot up configuration or to apply a specific configuration to the system This command is required when multiple configuration files are supported Format config configuration pathname 64 boot_up active Parameters pathname 64 Specifies a configura...

Page 212: ...ve config pathname 64 log all Parameters config Specifies to save the configuration to a file pathname 64 Optional The pathname specifies the absolute pathname on the device file system If pathname is not specified it refers to the boot up configuration file This name can be up to 64 characters long log Specifies to save the log all Specifies to save the configuration and the log Restrictions Only...

Page 213: ...I Reference Guide 209 Format show boot_file Parameters None Restrictions None Example To display the boot file DWS 3160 24PC admin show boot_file Command show boot_file Bootup Firmware c runtime had Bootup Configuration c config cfg DWS 3160 24PC admin ...

Page 214: ... ma_index uint 1 4294967295 md string 22 md_index uint 1 4294967295 delete cfm md string 22 md_index uint 1 4294967295 enable cfm disable cfm config cfm ports portlist state enable disable show cfm ports portlist show cfm md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 mepid int 1 8191 mepname string 32 show cfm fault md string 22 md_index uint 1 4294967295 ma strin...

Page 215: ...ter the maintenance domain level here This value must be between 0 and 7 Restrictions Only Administrators Operators and Power Users can issue this command Example To create a maintenance domain called op_domain and assign a maintenance domain level of 2 DWS 3160 24PC admin create cfm md op_domain level 2 Command create cfm md op_domain level 2 Success DWS 3160 24PC admin 19 2 config cfm md Descrip...

Page 216: ... Transmit the sender ID TLV with the chassis ID information manage Transmit the sender ID TLV with the managed address information chassis_manage Transmit sender ID TLV with chassis ID information and manage address information Restrictions Only Administrators Operators and Power Users can issue this command Example To configure the maintenance domain called op_domain and Specifies the explicit op...

Page 217: ... explicitly An MEP will transmit a CCM packet periodically across the MA The receiving MEP will verify these received CCM packets from the other MEPs against this MEP list for the configuration integrity check Format config cfm ma string 22 ma_index uint 1 4294967295 md string 22 md_index uint 1 4294967295 vlanid vlanid 1 4094 mip none auto explicit defer sender_id none chassis manage chassis_mana...

Page 218: ... This is the default value ccm_interval Optional This is the CCM interval 10ms Specifies that the CCM interval will be set to 10 milliseconds Not recommended 100ms Specifies that the CCM interval will be set to 100 milliseconds Not recommended 1sec Specifies that the CCM interval will be set to 1 second 10sec Specifies that the CCM interval will be set to 10 seconds This is the default value 1min ...

Page 219: ...ecifies the maintenance association name string 22 Enter the maintenance association name used here This name can be up to 22 characters long ma_index Specifies the maintenance association index uint 1 4294967295 Enter the maintenance association index value here This value must be between 1 and 4294967295 direction This is the MEP direction inward Specifies the inward facing up MEP outward Specif...

Page 220: ...on name used here This name can be up to 22 characters long ma_index Specifies the maintenance association index uint 1 4294967295 Enter the maintenance association index value here This value must be between 1 and 4294967295 state Optional This is the MEP administrative state enable Specifies that the MEP will be enabled disable Specifies that the MEP will be disabled This is the default value cc...

Page 221: ...e cfm mep Description This command is used to delete a previously created MEP Format delete cfm mep mepname string 32 mepid int 1 8191 md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 Parameters mepname Specifies the MEP name string 32 Enter the MEP name used here This name can be up to 32 characters long mepid Specifies the MEP ID int 1 8191 Enter the MEP ID used he...

Page 222: ...ex uint 1 4294967295 Parameters ma Specifies the maintenance association name string 22 Enter the maintenance association name used here This name can be up to 22 characters long ma_index Specifies the maintenance association index uint 1 4294967295 Enter the maintenance association index value here This value must be between 1 and 4294967295 md Specifies the maintenance domain name string 22 Ente...

Page 223: ...ndex uint 1 4294967295 Parameters md Specifies the maintenance domain name string 22 Enter the maintenance domain name used here This name can be up to 22 characters long md_index Specifies the maintenance domain index uint 1 4294967295 Enter the maintenance domain index value here This value must be between 1 and 4294967295 Restrictions Only Administrators Operators and Power Users can issue this...

Page 224: ...globally DWS 3160 24PC admin enable cfm Command enable cfm Success DWS 3160 24PC admin 19 11 disable cfm Description This command is used to disable the CFM globally Format disable cfm Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To disable the CFM globally DWS 3160 24PC admin disable cfm Command disable cfm Success DWS 3160 24PC admin ...

Page 225: ...t the CFM function is disabled on that port Format config cfm ports portlist state enable disable Parameters ports Specifies the logical port list portlist Enter the list of ports used for this configuration here state Specifies that the CFM function will be enabled or disabled enable Specifies that the CFM function will be enabled disable Specifies that the CFM function will be disabled Restricti...

Page 226: ...e domain name string 22 Enter the maintenance domain name used here This name can be up to 22 characters long md_index Optional Specifies the maintenance domain index uint 1 4294967295 Enter the maintenance domain index value here This value must be between 1 and 4294967295 ma Optional Specifies the maintenance association name string 22 Enter the maintenance association name used here This name c...

Page 227: ...MD MD Index 1 MD Name MD MD Level 0 MIP Creation None SenderID TLV None MA Index MA Name VID 1 MA 1 DWS 3160 24PC admin show cfm md MD ma MA Command show cfm md MD ma MA MA Index 1 MA Name MA MA VID 1 MIP Creation Defer CCM Interval 10 seconds SenderID TLV Defer MEPID List 1 MEPID Direction Port Name MAC Address 1 Inward 1 MEP 00 11 22 33 45 77 DWS 3160 24PC admin show cfm mepname MEP Command show...

Page 228: ...Status CCMs 0 received If Status CCMs 0 received CCMs transmitted 0 In order LBRs 0 received Out of order LBRs 0 received Next LTM Trans ID 0 Unexpected LTRs 0 received LBMs Transmitted 0 AIS PDUs 0 received AIS PDUs Transmitted 0 LCK PDUs 0 received LCK PDUs Transmitted 0 DWS 3160 24PC admin 19 15 show cfm fault Description This command is used to display all the fault conditions detected by the ...

Page 229: ...atus LCK Status op_domain op1 1 Cross connect CCM Received DWS 3160 24PC admin 19 16 show cfm port Description This command is used to display MEPs and MIPs created on a port Format show cfm port port level int 0 7 direction inward outward vlanid vlanid 1 4094 Parameters port Specifies the port number used port Enter the port number used here level Optional Specifies the MD Level If not specified ...

Page 230: ...s the MEP name used string 32 Enter the MEP name used here This name can be up to 32 characters long mepid Optional Specifies the MEP ID used int 1 8191 Enter the MEP ID used here This value must be between 1 and 8191 md Optional Specifies the maintenance domain name string 22 Enter the maintenance domain name her This name can be up to 22 characters long md_index Optional Specifies the maintenanc...

Page 231: ...r 00 01 02 03 04 05 Packets Sent 4 Received 1 Lost 3 75 loss DWS 3160 24PC admin 19 18 cfm linktrace Description This command is used to issue a CFM link track message Format cfm linktrace macaddr mepname string 32 mepid int 1 8191 md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 ttl int 2 255 pdu_priority int 0 7 Parameters macaddr Specifies the destination MAC addr...

Page 232: ...4 05 mepname mep1 Transaction ID 26 Success DWS 3160 24PC admin 19 19 show cfm linktrace Description This command is used to display the link trace responses The maximum link trace responses a device can hold is 128 Format show cfm linktrace mepname string 32 mepid int 1 8191 md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 trans_id uint Parameters mepname Optional S...

Page 233: ...ame mep1 trans_id 26 Transaction ID 26 From MEP mep1 to 00 11 22 33 44 55 Start Time 2008 01 01 12 00 00 Hop MEPID MAC Address Forwarded Relay Action 1 00 22 33 44 55 66 Yes FDB 2 00 33 44 55 66 77 Yes MPDB 3 00 11 22 33 44 55 No Hit DWS 3160 24PC admin To display the link trace reply when the all MPs reply LTRs function is disabled DWS 3160 24PC admin show cfm linktrace mep mep1 trans_id 26 Comma...

Page 234: ...tring 22 Enter the maintenance association name her This name can be up to 22 characters long ma_index Optional Specifies the maintenance association index uint 1 4294967295 Enter the maintenance association index value here This value must be between 1 and 4294967295 mepid Optional Specifies the MEP ID used int 1 8191 Enter the MEP ID used here This value must be between 1 and 8191 mepname Option...

Page 235: ...otal 2 DWS 3160 24PC admin 19 22 config cfm mp_ltr_all Description This command is used to enable or disable the all MPs reply LTRs function Format config cfm mp_ltr_all enable disable Parameters mp_ltr_all Specifies that the MP s reply to the LTR function will be set to all enable Specifies that this function will be enabled disable Specifies that this function will be disabled Restrictions Only ...

Page 236: ...p_ltr_all Parameters None Restrictions None Example To display the configuration of the all MPs reply LTRs function DWS 3160 24PC admin show cfm mp_ltr_all Command show cfm mp_ltr_all All MPs reply LTRs Disabled DWS 3160 24PC admin 19 24 show cfm remote_mep Description This command is used to display remote MEPs Format show cfm remote_mep mepname string 32 md string 22 md_index uint 1 4294967295 m...

Page 237: ...dex value here This value must between 1 and 4294967295 mepid Optional Specifies the MEP ID used int 1 8191 Enter the MEP ID used here This value must be between 1 and 8191 remote_mepid Specifies the Remote MEP ID used int 1 8191 Enter the remote MEP ID used here This value must be between 1 and 8191 Restrictions None Example To display the CFM Remote MEP information DWS 3160 24PC admin show cfm r...

Page 238: ...displayed ccm Optional Specifies the CCM RX counters Restrictions None Example To display the CFM packet s RX TX counters DWS 3160 24PC admin show cfm pkt_cnt Command show cfm pkt_cnt CFM RX Statistics Port AllPkt CCM LBR LBM LTR LTM VidDrop OpcoDrop all 204 204 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 2 204 204 0 0 0 0 0 0 3 0 0 0 0 0 0 0 0 4 0 0 0 0 0 0 0 0 5 0 0 0 0 0 0 0 0 6 0 0 0 0 0 0 0 0 7 0 0 0 0 0 0...

Page 239: ... packet s RX TX counters Format clear cfm pkt_cnt ports portlist rx tx rx tx ccm Parameters ports Optional The ports which require need the counters clearing If not specified all ports will be cleared portlist Enter the list of ports used for this configuration here rx Optional Specifies to clear the RX counter tx Optional Specifies to clear the TX counter If not specified both of them will be cle...

Page 240: ...it Ethernet Unified Switch CLI Reference Guide 236 DWS 3160 24PC admin clear cfm pkt_cnt Command clear cfm pkt_cnt Success DWS 3160 24PC admin clear cfm pkt_cnt ccm Command clear cfm pkt_cnt ccm Success DWS 3160 24PC admin ...

Page 241: ...ed value It may change when creating or deleting higher level MDs and MAs on the device When the most immediate client layer MIPs and MEPs do not exist the default client MD level cannot be calculated If the default client MD level cannot be calculated and user doesn t designate a client level the AIS and LCK PDU cannot be transmitted Format config cfm ais md string 22 md_index uint 1 4294967295 m...

Page 242: ...e the AIS function enabled and client level is 5 DWS 3160 24PC admin config cfm ais md op domain ma op ma mepid 1 state enable level 5 Command config cfm ais md op domain ma op ma mepid 1 state enable level 5 Success DWS 3160 24PC admin 20 2 config cfm lock Description This command is used to configure the parameters of LCK function on a MEP The default client MD level is MD level at which the mos...

Page 243: ...t MD level is MD level at which the most immediate client layer MIPs and MEPs exist int 0 7 Enter the client level ID here This value must be between 0 and 7 state Optional Specifies to enable or disable the LCK function enable Specifies that the LCK function will be enabled disable Specifies that the LCK function will be disabled Restrictions Only Administrators Operators and Power Users can issu...

Page 244: ...e between 1 and 8191 action Specifies to start or to stop the management lock function start Specifies to start the management lock function stop Specifies to stop the management lock function Restrictions Only Administrators Operators and Power Users can issue this command Example To start management lock DWS 3160 24PC admin cfm lock md op domain ma op ma mepid 1 remote_mepid 2 action start Comma...

Page 245: ... hardware Success DWS 3160 24PC admin 20 5 show cfm ccm_fwd Description This command is used to display the CCM PDUs forwarding mode Format show cfm ccm_fwd Parameters None Restrictions None Example To display the CCM PDUs forwarding mode DWS 3160 24PC admin show cfm ccm_fwd Command show cfm ccm_fwd CFM CCM PDUs forwarding mode Software DWS 3160 24PC admin ...

Page 246: ...ue 0 63 icmp type value 0 255 code value 0 255 igmp type value 0 255 tcp src_port value 0 65535 dst_port value 0 65535 flag all urg ack psh rst syn fin udp src_port value 0 65535 dst_port value 0 65535 protocol_id value 0 255 user_define hex 0x0 0xffffffff packet_content offset_0 15 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_16 31 hex 0x0 0xffffffff hex 0x0 ...

Page 247: ...o IGMP traffic type Optional Specifies that the rule applies to IGMP type traffic tcp Specifies that the rule applies to TCP traffic src_port_mask Optional Specifies the TCP source port mask hex 0x0 0xffff Enter the source TCP port mask here dst_port_mask Optional Specifies the TCP destination port mask hex 0x0 0xffff Enter the destination TCP port mask here flag_mask Optional Specifies the TCP fl...

Page 248: ...flowlabel Optional Specifies the IPv6 flowlabel source_ipv6_mask Optional Specifies an IPv6 source subnet mask ipv6mask Enter the IPv6 source subnet mask here destination_ipv6_mask Optional Specifies an IPv6 destination subnet mask ipv6mask Enter the IPv6 destination subnet mask here tcp Optional Specifies that the rule applies to TCP traffic src_port_mask Specifies an IPv6 Layer 4 TCP source port...

Page 249: ...0 0 0 destination_ip_mask 10 0 0 0 dscp icmp type code Success DWS 3160 24PC admin 21 2 delete cpu access_profile Description This command is used to delete CPU access list rules Format delete cpu access_profile profile_id value 1 5 all Parameters profile_id Specifies the index of access list profile value 1 5 Enter the profile ID value here This value must be between 1 and 5 all Specifies that al...

Page 250: ... must be between 1 and 5 access_id Specifies the index of access list entry The range of this value is 1 100 value 1 100 Enter the access ID here This value must be between 1 and 100 ethernet Specifies that the profile type will be Ethernet vlan Optional Specifies the VLAN name used vlan_name 32 Enter the name of the VLAN here This name can be up to 32 characters long vlan_id Optional Specifies th...

Page 251: ...the TCP flag field mask will be set to urg ack Specifies that the TCP flag field mask will be set to ack psh Specifies that the TCP flag field mask will be set to psh rst Specifies that the TCP flag field mask will be set to rst syn Specifies that the TCP flag field mask will be set to syn fin Specifies that the TCP flag field mask will be set to fin udp Specifies that the rule applies to UDP traf...

Page 252: ...hat can be configured hex 0x0 0xffff Enter the TCP source port mask value here dst_port Optional Specifies the value of the IPv6 Layer 4 TCP destination port value 0 65535 Enter the TCP destination port value here This value must be between 0 and 65535 mask Specifies an additional mask parameter that can be configured hex 0x0 0xffff Enter the TCP destination port mask value here udp Optional Speci...

Page 253: ... 1 ip vlan default source_ip 20 2 2 3 destination_ip 10 1 1 252 dscp 3 icmp type 11 code 32 port 1 deny Command config cpu access_profile profile_id 1 add access_id 1 ip vlan default source_ip 20 2 2 3 destination_ip 10 1 1 252 dscp 3 icmp type 11 code 32 port 1 deny Success DWS 3160 24PC admin 21 4 enable cpu interface filtering Description This command is used to enable CPU interface filtering c...

Page 254: ...o disable cpu_interface_filtering DWS 3160 24PC admin disable cpu_interface_filtering Command disable cpu_interface_filtering Success DWS 3160 24PC admin 21 6 show cpu access_profile Description This command is used to display current access list table Format show cpu access_profile profile_id value 1 5 Parameters profile_id Optional Specifies the index of access list profile value 1 5 Enter the p...

Page 255: ...le Table Total Unused Rule Entries 497 Total Used Rule Entries 3 Profile ID 1 Type IPv6 MASK on Source IPv6 Addr FFFF FFFF FFFF Unused Rule Entries 99 Rule ID 1 Ports 20 Match on Source IPv6 2103 16 16 Action Deny Profile ID 2 Type IPv4 MASK on Source IP 255 255 0 0 Unused Rule Entries 99 Rule ID 1 Ports 20 Match on Source IP 172 18 0 0 Action Deny Profile ID 3 Type Ethernet MASK on Source MAC FF ...

Page 256: ... Profile ID 4 Type User Defined MASK on Offset 0 15 0xFFF000FF 0xFFFFFFFF 0xFFFFFFFF 0xFFFFFFFF Offset 16 31 0xFFFFFFFF 0xFFFFFFFF 0xFF00FFFF 0xFFFFFFFF Offset 32 47 0xFFFFFFFF 0xFFFFFFFF 0x000FFFFF 0xFFFFFFFF Offset 48 63 0xFFFFFFFF 0xFFFFFFFF 0xFFFFF000 0xFFFFFFFF Offset 64 79 0xFFFFFFFF 0xFFFFFFFF 0xFFFFFFFF 0xFFFFF000 Unused Rule Entries 100 DWS 3160 24PC admin ...

Page 257: ...tail debug stp show information debug stp show flag ports portlist debug stp show counter ports portlist all debug stp clear counter ports portlist all debug stp state enable disable 22 1 debug error_log Description This command is use to dump clear or upload the software error log to a TFTP server Format debug error_log dump clear upload_toTFTP ipaddr path_filename 64 Parameters dump Display the ...

Page 258: ...C 8013B8A4 802AE754 802A5E0C To clear the error log DWS 3160 24PC admin debug error_log clear Command debug error_log clear Success DWS 3160 24PC admin To upload the error log to TFTP server DWS 3160 24PC admin debug error_log upload_toTFTP 10 0 0 90 debug log txt Command debug error_log upload_toTFTP 10 0 0 90 debug log txt Connecting to server Done Upload error log Done DWS 3160 24PC admin 22 2 ...

Page 259: ...name or an absolute pathname This value can be up to 64 characters long Restrictions Only Administrators can issue this command Example To display the debug buffer s state DWS 3160 24PC admin debug buffer utilization Command debug buffer utilization Allocate from System memory pool Total size 2 MB Utilization rate 30 DWS 3160 24PC admin To clear the debug buffer DWS 3160 24PC admin debug buffer cl...

Page 260: ...nly Administrators can issue this command Example To set all module debug message outputs to local console DWS 3160 24PC admin debug output all console Command debug output all console Success DWS 3160 24PC admin 22 4 debug config error_reboot Description This command is used to set if the Switch needs to be rebooted when a fatal error occurs When the error occurs the watchdog timer will be disabl...

Page 261: ...24PC admin 22 5 debug config state Description Use the command to set the state of the debug Format debug config state enable disable Parameters enable Enable the debug state disable Disable the debug state Restrictions Only Administrators can issue this command Example To set the debug state to disabled DWS 3160 24PC admin debug config state disable Command debug config state disable Success DWS ...

Page 262: ...ebug show arpunresolved_list Command debug show arpunresolved_list Unresolved ARP list IP Address last_send send_int send_cnt flag DWS 3160 24PC admin 22 7 debug show error_reboot state Description This command is used to display show error reboot status Format debug show error_reboot state Parameters None Restrictions Only Administrators can issue this command Example To display show error reboot...

Page 263: ...he input module list is empty the states of all the registered modules that support the debug module will be displayed Format debug show status module module_list Parameters module Optional Specifies the module list module_list Enter the module list here Restrictions Only Administrators can issue this command Example To display the specified module s debug state DWS 3160 24PC admin debug show stat...

Page 264: ... dhcp all state enable disable Parameters event To print out the debug messages when IMPB module receives ARP IP packets dhcp To print out the debug messages when the IMPB module receives the DHCP packets all Print out all debug messages state This parameter configures the IMPB debug state to be enabled or disabled enable Specifies that the state will be enabled disable Specifies that the state wi...

Page 265: ...4PC admin 22 11 debug stp config ports Description This command used to configure per port STP debug level on the specified ports Format debug stp config ports portlist all event bpdu state_machine all state disable brief detail Parameters ports Specifies the STP port range to debug portlist Enter the list of port used for this configuration here all Specifies to debug all ports on the Switch even...

Page 266: ...cess DWS 3160 24PC admin 22 12 debug stp show information Description This command used to display STP detailed information such as the hardware tables the STP state machine etc Format debug stp show information Parameters None Restrictions Only Administrators can issue this command Example To display STP debug information DWS 3160 24PC admin debug stp show information Command debug stp show infor...

Page 267: ... 70 33 21 02 Designated Port 0 Message Age 0 Max Age 20 Forward Delay 15 Hello Time 2 Designated Priority And Times Instance 0 Port Priority And Times Instance 0 DWS 3160 24PC admin 22 13 debug stp show flag Description This command used to display the STP debug level on specified ports Format debug stp show flag ports portlist Parameters ports Optional Specifies the STP ports to display portlist ...

Page 268: ...f Brief Brief 13 Brief Brief Brief 14 Brief Brief Brief 15 Brief Brief Brief 16 Brief Brief Brief 17 Brief Brief Brief 18 Brief Brief Brief 19 Brief Brief Brief 20 Brief Brief Brief 21 Brief Brief Brief 22 Brief Brief Brief 23 Brief Brief Brief 24 Brief Brief Brief DWS 3160 24PC admin 22 14 debug stp show counter Description This command used to display the STP counters Format debug stp show count...

Page 269: ...U 0 TCN BPDU 0 TCN BPDU 0 RSTP TC Flag 0 RSTP TC Flag 0 RST BPDU 0 RST BPDU 0 Discard Total Discarded BPDU 0 Global STP Disabled 0 Port STP Disabled 0 Invalid packet Format 0 Invalid Protocol 0 Configuration BPDU Length 0 TCN BPDU Length 0 RST BPDU Length 0 Invalid Type 0 Invalid Timers 0 DWS 3160 24PC admin 22 15 debug stp clear counter Description This command used to clear the STP counters Form...

Page 270: ...Description This command is used to enable or disable the STP debug state Format debug stp state enable disable Parameters state Specifies the STP debug state enable Enable the STP debug state disable Disable the STP debug state Restrictions Only Administrators can issue this command Example To configure the STP debug state to enable and then disable the STP debug state DWS 3160 24PC admin debug s...

Page 271: ...DWS 3160 Series Gigabit Ethernet Unified Switch CLI Reference Guide 267 ...

Page 272: ...way address DHCP option 82 will be automatically added Format config dhcp_local_relay vlan vlan_name 32 state enable disable Parameters vlan Specifies the VLAN name that the DHCP local relay function will be enabled vlan_name 32 Enter the name of the VLAN here This name can be up to 32 characters long state Enable or disable DHCP local relay for specified vlan enable Specifies that the DHCP local ...

Page 273: ...ble Specifies that the DHCP local relay function will be enabled disable Specifies that the DHCP local relay function will be disabled Restrictions Only Administrators Operators and Power Users can issue this command Example To enable DHCP local relay for default VLAN DWS 3160 24PC admin config dhcp_local_relay vlan vlanid 1 state enable Command config dhcp_local_relay vlan vlanid 1 state enable S...

Page 274: ...ly disable the DHCP local relay function on the Switch Format disable dhcp_local_relay Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To disable the DHCP local relay function DWS 3160 24PC admin disable dhcp_local_relay Command disable dhcp_local_relay Success DWS 3160 24PC admin 23 5 show dhcp_local_relay Description This command is use t...

Page 275: ... CLI Reference Guide 271 Restrictions None Example To display local dhcp relay status DWS 3160 24PC admin show dhcp_local_relay Command show dhcp_local_relay DHCP BOOTP Local Relay Status Enabled DHCP BOOTP Local Relay VID List 1 DWS 3160 24PC admin ...

Page 276: ...fig dhcp_relay option_61 state enable disable config dhcp_relay option_61 add mac_address macaddr string desc_long 255 relay ipaddr drop config dhcp_relay option_61 default relay ipaddr drop config dhcp_relay option_61 delete mac_address macaddr string desc_long 255 all show dhcp_relay option_61 24 1 config dhcp_relay Description This command is use to configure the DHCP relay feature of the Switc...

Page 277: ...eters ipif_name The name of the IP interface which contains the IP address below ipif_name 12 Enter the IP interface name used here This name can be up to 12 characters long ipaddr The DHCP BOOTP server IP address Restrictions Only Administrators Operators and Power Users can issue this command Example To add a DHCP BOOTP server to the relay table DWS 3160 24PC admin config dhcp_relay add ipif Sys...

Page 278: ...ipif System 10 43 21 12 Success DWS 3160 24PC admin 24 4 config dhcp_relay option_82 check Description This command is used to configure the checking of the DHCP Option 82 for the DHCP relay function Format config dhcp_relay option_82 check enable disable Parameters check When the state is enabled For packet come from client side the packet should not have the option 82 s field If the packet has t...

Page 279: ... that comes from the client side contains and Option 82 value then the packet will be dropped If the packet that comes from the client side doesn t contain an Option 82 value then insert its own Option 82 value into the packet keep Retain the existing option 82 field in the packet If the packet that comes from the client side contains and Option 82 value then keep the old Option 82 value If the pa...

Page 280: ...ommand config dhcp_relay option_82 remote_id user_define D Link Switch Success DWS 3160 24PC admin 24 7 config dhcp_relay option_82 state Description This command is used to configure the state of the DHCP Option 82 for the DHCP relay function Format config dhcp_relay option_82 state enable disable Parameters state Optional When the state is enabled the DHCP packet will be inserted with the option...

Page 281: ... 24 8 enable dhcp_relay Description This command is use to enable the DHCP relay function on the Switch Format enable dhcp_relay Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To enable the DHCP relay function DWS 3160 24PC admin enable dhcp_relay Command enable dhcp_relay Success DWS 3160 24PC admin 24 9 disable dhcp_relay Description Thi...

Page 282: ...p_relay Success DWS 3160 24PC admin 24 10 show dhcp_relay Description This command is use to display the current DHCP relay configuration Format show dhcp_relay ipif ipif_name 12 Parameters ipif Optional Specifies the IP interface name ipif_name 12 Enter the IP interface name used here This name can be up to 12 characters long If no parameter is specified the system will display all DHCP relay con...

Page 283: ...em DHCP BOOTP Relay Status Enabled DHCP BOOTP Hops Count Limit 4 DHCP BOOTP Relay Time Threshold 2 DHCP Vendor Class Identifier Option 60 State Disabled DHCP Client Identifier Option 61 State Disabled DHCP Relay Agent Information Option 82 State Enabled DHCP Relay Agent Information Option 82 Check Disabled DHCP Relay Agent Information Option 82 Policy Replace DHCP Relay Agent Information Option 82...

Page 284: ...Command config dhcp_relay option_60 state enable Success DWS 3160 24PC admin 24 12 config dhcp_relay option_60 add Description This command is use to configure the Option 60 relay rules NOTE Different string values can be specified using the same relay server and the same string can be specified with multiple relay servers The system will relay the packet to all the matching servers Format config ...

Page 285: ...packet the relay servers will be determined based on the default relay servers When drop is specified the packet with no matching rules found will be dropped without further process If the setting is not set as drop then the packet will be processed further based on Option 61 The final relay servers will be the union of Option 60 default relay servers and the relay servers determined by Option 61 ...

Page 286: ...nd IP address are equal to the string and IP address specified by the user ipaddr Enter the IP address used for this configuration here ipaddress Delete all the entry whose ipaddress is equal to the specified ipaddress ipaddr Enter the IP address used for this configuration here all Delete all the entry Default relay servers are excluded default Delete the default relay ipaddress that is specified...

Page 287: ...ns None Example To display DHCP Option 60 information DWS 3160 24PC admin show dhcp_relay option_60 Command show dhcp_relay option_60 Default Processing Mode Drop Default Servers Matching Rules String Match Type IP Address abc Exact Match 10 90 90 1 Total Entries 1 DWS 3160 24PC admin 24 16 config dhcp_relay option_61 Description This command is use to decide whether the DHCP relay will process th...

Page 288: ...to add a rule to determine the relay server based on Option 61 The match rule can base on either MAC address or a user specified string Only one relay server can be specified for a MAC address or a string If relay servers are determined based on Option 60 and one relay server is determined based on Option 61 the final relay servers will be the union of these two sets of the servers Format config d...

Page 289: ...ruler for Option 61 Format config dhcp_relay option_61 default relay ipaddr drop Parameters relay Specifies to relay the packet that has no option matching 61 matching rules to an IP address ipaddr Enter the IP address used for this configuration here drop Specifies to drop the packet that have no Option 61 matching rules Restrictions Only Administrators Operators and Power Users can issue this co...

Page 290: ...haracters long all All rules excluding the default rule will be deleted Restrictions Only Administrators Operators and Power Users can issue this command Example To remove a DHCP relay Option 61 entry DWS 3160 24PC admin config dhcp_relay option_61 delete mac_address 00 11 22 33 44 55 Command config dhcp_relay option_61 delete mac_address 00 11 22 33 44 55 Success DWS 3160 24PC admin 24 20 show dh...

Page 291: ... 287 DWS 3160 24PC admin show dhcp_relay option_61 Command show dhcp_relay option_61 Default Relay Rule 10 90 90 200 Matching Rules Client ID Type Relay Rule abc String Drop abcde String 10 90 90 1 00 11 22 33 44 55 MAC Address Drop Total Entries 3 DWS 3160 24PC admin ...

Page 292: ... the DHCP server to service specific DHCP clients This is useful when two DHCP servers are present on the network one of them provides the private IP address and one of them provides the IP address Enabling filtering of the DHCP server port state will create one access profile and create one access rule per port UDP port 67 Filter commands in this file will share the same access profile Addition o...

Page 293: ...egal server log suppress duration value will be set to 5 minutes 30min Specifies that illegal server log suppress duration value will be set to 30 minutes trap_log Specifies if the trap log option will be enabled or disabled enable Specifies that the trap log option will be enabled disable Specifies that the trap log option will be disabled Restrictions Only Administrators Operators and Power User...

Page 294: ...er list created on the Switch DWS 3160 24PC admin show filter dhcp_server Command show filter dhcp_server Enabled Ports 1 10 Trap Log State Disabled Illegal Server Log Suppress Duration 5 minutes Filter DHCP Server Client Table Server IP Address Client MAC Address Port 10 1 1 1 00 00 00 00 00 01 1 24 Total Entries 1 DWS 3160 24PC admin ...

Page 295: ...g 25 Parameters string 25 Enter the DLMS activation code here This code can be up to 25 characters long Restrictions Only Administrators can issue this command Example To input a legal activation code DWS 3160 24PC admin install dlms activation_code ABCDEF1234567890ABCDFE000 Command install dlms activation_code ABCDEF1234567890ABCDFE000 Success Please reboot the device to active the license DWS 31...

Page 296: ...how dlms license Parameters None Restrictions None Example To display license information DWS 3160 24PC admin show dlms license Command show dlms license License Model Activation Code Time Remaining DWS 3160 AP12 LIC ABCDEF1234567890ABCDFE000 No Limited DWS 3160 AP24 LIC ABCDEF1234567890ABCDFE001 No Limited expired Total Model Entries 2 Key Entries 2 DWS 3160 24PC admin ...

Page 297: ...g enable disable config erps trap enable disable show erps raps_vlan vlanid sub_ring 27 1 enable erps Description This command is used to enable the global ERPS function on a Switch When both the global state and the specified ring ERPS state are enabled the specified ring will be activated The global ERPS function cannot be enabled when any ERPS ring on the device is enabled and the integrity of ...

Page 298: ...tors Operators and Power Users can issue this command Example To disable ERPS DWS 3160 24PC admin disable erps Command disable erps Success DWS 3160 24PC admin 27 3 create erps raps_vlan Description This command is used to create an R APS VLAN on a Switch Only one R APS VLAN should be used to transfer R APS messages NOTE The R APS VLAN can only be created after it was created using the create vlan...

Page 299: ...delete erps raps_vlan Description This command is used to delete an R APS VLAN on a Switch When an R APS VLAN is deleted all parameters related to this R APS VLAN will also be deleted This command can only be issued when the ring is not active Format delete erps raps_vlan vlanid Parameters raps_vlan Specifies the VLAN which will be the R APS VLAN vlanid Enter the VLAN ID used here Restrictions Onl...

Page 300: ...d when ERPS is enabled and the virtual channel cannot be configured as RPL For example if a ring port is configured on the virtual channel and the ring port is configured as an RPL port an error message will be display and the configuration will fail The R APS VLAN cannot be the protected VLAN The protected VLAN can be one that has already been created or it can be used for a VLAN that has not yet...

Page 301: ...s raps_vlan vlanid state enable disable ring_mel value 0 7 ring_port west port virtual_channel east port virtual_channel rpl_port west east none rpl_owner enable disable protected_vlan add delete vlanid vidlist sub_ring raps_vlan vlanid tc_propagation state enable disable add delete sub_ring raps_vlan vlanid revertive enable disable timer holdoff_time millisecond 0 10000 guard_time millisecond 10 ...

Page 302: ...e R APS VLAN vlanid Enter the VLAN ID used here revertive Specifies the state of the R APS revertive option enable Specifies that the R APS revertive option will be enabled disable Specifies that the R APS revertive option will be disabled timer Specifies the R APS timer used holdoff_time Optional Specifies the holdoff time of the R APS function The default holdoff time is 0 milliseconds milliseco...

Page 303: ...anid 10 20 Command config erps raps_vlan 100 protected_vlan add vlanid 10 20 Success DWS 3160 24PC admin To configure the ring state of the ERPS DWS 3160 24PC admin config erps raps_vlan 100 state enable Command config erps raps_vlan 100 state enable Success DWS 3160 24PC admin To configure a sub ring connected to another ring DWS 3160 24PC admin config erps raps_vlan 3 add sub_ring raps_vlan 100 ...

Page 304: ... Administrators Operators and Power Users can issue this command Example To configure the ERPS log state DWS 3160 24PC admin config erps log enable Command config erps log enable Success DWS 3160 24PC admin 27 7 config erps trap Description This command is used to configure trap state of ERPS events Format config erps trap enable disable Parameters trap Specifies to enable or disable the ERPS trap...

Page 305: ...nal failure is detected on the port and traffic is blocked by ERPS The RPL owner administrative state could be configured to Enabled or Disabled But the RPL owner operational state may be different from the RPL owner administrative state for example the RPL owner conflict occurs Active is used to indicate that the RPL owner administrative state is enabled and the device is operated as the active R...

Page 306: ...Admin RPL Port None Operational RPL Port None Admin Owner Disabled Operational Owner Disabled Protected VLANs Ring MEL 1 Holdoff Time 0 milliseconds Guard Time 500 milliseconds WTR Time 5 minutes Revertive mode Enabled Current Ring State Protection CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All To display ERPS information of R APS VLAN 3 DWS 3160 24PC admin show erps raps_vlan 3 sub_ri...

Page 307: ...Parameters portlist Specifies the list of ports used all Specifies that all the ports will be used for the configuration state Specifies the state of the filter to block the NETBIOS packet enable Specifies that the state will be enabled disable Specifies that the state will be disabled Restrictions Only Administrators and Operators can issue this command Example To configure filter netbios state D...

Page 308: ...r extensive_netbios portlist all state enable disable Parameters portlist Enter the list of ports used for this configuration here all Specifies that all the ports will be used this configuration state Enable or disable the filter to block the NETBIOS packet over 802 3 frame enable Specifies that the filter state will be enabled disable Specifies that the filter state will be disabled Restrictions...

Page 309: ...ommand is used to display the extensive netbios state on the Switch Format show filter extensive_netbios Parameters None Restrictions None Example To display the extensive state created on the Switch DWS 3160 24PC admin show filter extensive_netbios Command show filter extensive_netbios Enabled Ports 1 10 DWS 3160 24PC admin ...

Page 310: ...list mac_address macaddr static aging_time security tunnel show multicast vlan_filtering_mode vlanid vidlist vlan vlan_name 32 29 1 create fdb Description This command is used to create a static entry in the unicast MAC address forwarding table database Format create fdb vlan_name 32 macaddr port port drop Parameters vlan_name 32 Specifies a VLAN name associated with a MAC address The maximum leng...

Page 311: ...id vidlist macaddr port port drop Parameters vidlist Specifies a VLAN ID associated with a MAC address macaddr The MAC address to be added to the static forwarding table port The port number corresponding to the MAC destination address The Switch will always forward traffic to the specified device through this port port Enter the port number corresponding to the MAC destination address here drop S...

Page 312: ...imum name length is 32 macaddr The multicasts MAC address to be added to the static forwarding table Restrictions Only Administrators Operators and Power Users can issue this command Example To create a multicast MAC forwarding entry to the default VLAN DWS 3160 24PC admin create multicast_fdb default 01 00 5E 00 00 00 Command create multicast_fdb default 01 00 5E 00 00 00 Success DWS 3160 24PC ad...

Page 313: ...FDB age out time in seconds The aging time affects the learning process of the Switch Dynamic forwarding table entries which are made up of the source MAC addresses and their associated port numbers are deleted from the table if they are not accessed within the aging time The aging time can be from 10 to 1000000 seconds with a default value of 300 seconds A very long aging time can result in dynam...

Page 314: ...LAN name can be up to 32 characters long all Specifies all configured VLANs forward_all_groups Both the registered group and the unregistered group will be forwarded to all member ports of the specified VLAN where the multicast traffic comes in forward_unregistered_groups The unregistered group will be forwarded to all member ports of the VLAN where the multicast traffic comes in filter_unregister...

Page 315: ...Success DWS 3160 24PC admin 29 8 clear fdb Description This command is used to clear the Switch s forwarding database for dynamically learned MAC addresses Format clear fdb vlan vlan_name 32 port port all Parameters vlan Clears the FDB entry by Specifiesing the VLAN name vlan_name 32 The name of the VLAN on which the MAC address resides The maximum name length is 32 port Clears the FDB entry by Sp...

Page 316: ...MAC address resides vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Optional Displays the entries for the VLANs indicated by VID list vidlist Enter the VLAN ID list here mac_address Optional Specifies a MAC address for which FDB entries will be displayed macaddr Enter the MAC address here If no parameter is specified all multicast FDB entries will be disp...

Page 317: ...ere mac_address Optional Displays a specific MAC address macaddr Enter the MAC address here static Optional Displays all permanent entries aging_time Optional Displays the unicast MAC address aging time security Optional Displays the FDB entries that are created by the security module tunnel Optional Display all entries in the tunnel If no parameter is specified system will display the unicast add...

Page 318: ...VLANs NOTE A product that supports the multicast VLAN filtering mode can not use the port filtering mode and the VLAN filtering mode at the same time Format show multicast vlan_filtering_mode vlanid vidlist vlan vlan_name 32 Parameters vlanid Optional Specifies a list of VLANs to be configured vidlist Enter the VLAN ID list here vlan Optional Specifies the name of the VLAN The maximum name length ...

Page 319: ...4PC admin show multicast vlan_filtering_mode Command show multicast vlan_filtering_mode VLAN ID VLAN Name Multicast Filter Mode 1 default forward_unregistered_groups 2 v2 forward_unregistered_groups 3 v3 forward_unregistered_groups 100 guestVLAN forward_all_groups DWS 3160 24PC admin ...

Page 320: ...mat drive_id fat16 fat32 label_name 30 1 show storage_media_info Description This command is used to display the information of the storage media available on the system There can be one or multiple media on the system The information for a media includes the drive number the media identification Format show storage_media_info Parameters None Restrictions None Example To display the storage media ...

Page 321: ... change drive c Command change drive c Success DWS 3160 24PC admin 30 3 md Description This command is used to create a directory Format md pathname 64 Parameters pathname 64 Specifies the directory to be removed The path name can be specified either as a full path name or partial name For partial path name it indicates the file is in the current directory The drive ID also included in this parame...

Page 322: ...ame For partial path name it indicates the file is in the current directory This name can be up to 64 characters long Restrictions Only Administrators and Operators can issue this command Example To remove a directory DWS 3160 24PC admin rd c abc Command rd c abc Success DWS 3160 24PC admin 30 5 cd Description This command is used to change the current directory The current directory is changed un...

Page 323: ... DWS 3160 24PC admin cd Command cd Current work directory c DWS 3160 24PC admin 30 6 dir Description This command is used to list all of the files located in a directory of a drive If pathname is not specified then all of the files in the specified drive will be displayed If none of the parameters are specified the files in the current drive will be displayed Format dir pathname 64 Parameters path...

Page 324: ... in the file system The pathname specifies the file in path form to be renamed and the filename specifies the new filename If the pathname is not a full path then it refers to a path under the current directory for the drive The renamed file will stay in the same directory Format rename pathname 64 filename 64 Parameters pathname 64 Specified the file in path form to be renamed This name can be up...

Page 325: ...oftly deleted file is not acceptable System will prompt if the target file is a FW or configuration whose type is boot up or backup Format del pathname 64 recursive Parameters pathname 64 Specifies the file or directory to be deleted If it is specified in the associated form then it is related to the current directory This name can be up to 64 characters long recursive Optional Used on directory t...

Page 326: ...kup info DWS 3160 24PC admin del 12 recursive Command del 12 recursive Success DWS 3160 24PC admin dir Command dir Directory of c Idx Info Attr Size Update Time Name 1 CFG rw 77149 2000 01 15 03 26 52 config cfg 2 drw 0 2000 01 01 00 09 17 wireless 3 RUN rw 8236612 2000 01 01 00 03 36 runtime had 4 d 0 2000 01 15 03 22 33 system 29618 KB total 21369 KB free with boot up info b with backup info DWS...

Page 327: ...5 03 26 52 config cfg 2 drw 0 2000 01 01 00 09 17 wireless 3 RUN rw 8236612 2000 01 01 00 03 36 runtime had 4 d 0 2000 01 15 03 22 33 system 1 CFG rw 77149 2000 01 15 03 28 52 config2 cfg 29618 KB total 21292 KB free with boot up info b with backup info DWS 3160 24PC admin erase config2 cfg Command erase config2 cfg Success DWS 3160 24PC admin dir Command dir Directory of c Idx Info Attr Size Upda...

Page 328: ... 64 Specifies the new path where the file will be moved The path name can be For partial path name it indicates the file is in the current directory This name can be up to 64 characters long Restrictions Only Administrators and Operators can issue this command Example To move a file from one location to another location DWS 3160 24PC admin move c log txt c log1 txt Command move c log txt c log1 tx...

Page 329: ...s can issue this command Example To copy a file DWS 3160 24PC admin copy c log txt c log1 txt Command copy c log txt c log1 txt Success DWS 3160 24PC admin 30 12 format Description This command is used to format a specific drive Format format drive_id fat16 fat32 label_name Parameters drive_id Specifies drive to be formatted fat16 Specifies a FAT16 file system fat32 Specifies a FAT32 file system l...

Page 330: ...DWS 3160 Series Gigabit Ethernet Unified Switch CLI Reference Guide 326 DWS 3160 24PC admin format d fat32 aaaa Command format d fat32 aaaa Formatting Done Success DWS 3160 24PC admin ...

Page 331: ...nodes By default the state is disabled and only one gratuitous ARP packet will be broadcast Format config gratuitous_arp send ipif_status_up enable disable Parameters enable Enable sending of gratuitous ARP when IPIF status become up disable Disable sending of gratuitous ARP when IPIF status become up Restrictions Only Administrators Operators and Power Users can issue this command Example To enab...

Page 332: ...p send dup_ip_detected enable Command config gratuitous_arp send dup_ip_detected enable Success DWS 3160 24PC admin 31 3 config gratuitous_arp learning Description This command is used to enable or disable learning of ARP entry in ARP cache based on the received gratuitous ARP packet Normally the system will only learn the ARP reply packet or a normal ARP request packet that asks for the MAC addre...

Page 333: ..._arp send periodically ipif ipif_name 12 interval value 0 65535 Parameters ipif Interface name of Layer 3 interface ipif_name 12 Enter the IP interface name here This name can be up to 12 characters long interval Periodically send gratuitous ARP interval time in seconds 0 means not send gratuitous ARP periodically value 0 65535 Enter the gratuitous ARP interval time here This value must be between...

Page 334: ... log function Restrictions Only Administrators Operators and Power Users can issue this command Example To enable the system interface s gratuitous ARP log and trap DWS 3160 24PC admin enable gratuitous_arp ipif System trap log Command enable gratuitous_arp ipif System trap log Success DWS 3160 24PC admin 31 6 disable gratuitous_arp Description The command is used to disable gratuitous ARP trap an...

Page 335: ...trap DWS 3160 24PC admin disable gratuitous_arp ipif System trap log Command disable gratuitous_arp ipif System trap log Success DWS 3160 24PC admin 31 7 show gratuitous_arp Description This command is used to display the gratuitous ARP configuration Format show gratuitous_arp ipif ipif_name Parameters ipif Optional Interface name of Layer 3 interface ipif_name Enter the IP interface name here Res...

Page 336: ...Up Enabled Send on Duplicate IP Detected Enabled Gratuitous ARP Learning Enabled IP Interface Name Inter2 Gratuitous ARP Trap Disabled Gratuitous ARP Log Enabled Gratuitous ARP Periodical Send Interval 0 IP Interface Name System Gratuitous ARP Trap Enabled Gratuitous ARP Log Enabled Gratuitous ARP Periodical Send Interval 5 Total Entries 2 DWS 3160 24PC admin ...

Page 337: ...n_name 32 vlanid vlanid_list ipaddr config igmp_snooping data_driven_learning all vlan_name vlan_name vlanid vlanid_list state enable disable aged_out enable disable expiry_time sec 1 65535 1 config igmp_snooping data_driven_learning max_learned_entry value 1 1024 clear igmp_snooping data_driven_group all vlan_name vlan_name vlanid vlanid_list ipaddr all show igmp_snooping vlan vlan_name 32 vlanid...

Page 338: ...s only for IGMPv1 and IGMPv2 reports the Switch forwards only the first IGMPv1 or IGMPv2 report from all hosts for a group to all the multicast routers If the multicast router query also includes requests for IGMPv3 reports the Switch forwards all IGMPv3 reports for a group to the multicast devices enable Enter enable to enable the report suppression function disable Enter disable to disable the r...

Page 339: ...ing Format config igmp_snooping querier vlan_name vlan_name 32 vlanid vlanid_list all query_interval sec 1 65535 max_response_time sec 1 25 robustness_variable value 1 7 last_member_query_interval sec 1 25 state enable disable version value 1 3 1 Parameters vlan_name Specifies the name of the VLAN for which IGMP snooping querier is to be configured vlan_name 32 Enter the VLAN name here The VLAN na...

Page 340: ...eiving a leave message the router will assume there are no local members on the interface if there are no reports received after the response time which is last member query interval robustness variable sec 1 25 Enter the last member query interval value here This value must be between 1 and 25 seconds state Optional If the state is enabled it allows the Switch to be selected as an IGMP Querier se...

Page 341: ... Specifies to delete the router ports portlist Specifies a range of ports to be configured Restrictions Only Administrators Operators and Power Users can issue this command Example To set up static router ports DWS 3160 24PC admin config router_ports default add 1 10 Command config router_ports default add 1 10 Success DWS 3160 24PC admin 32 5 config router_ports_forbidden Description This command...

Page 342: ...uter ports of default VLAN DWS 3160 24PC admin config router_ports_forbidden default add 20 Command config router_ports_forbidden default add 20 Success DWS 3160 24PC admin 32 6 enable igmp_snooping Description This command is used to enable IGMP snooping on the Switch Format enable igmp_snooping Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Exam...

Page 343: ...oping Success DWS 3160 24PC admin 32 8 create igmp_snooping static_group Description This command is used to create an IGMP snooping static group Member ports can be added to the static group The static member and the dynamic member port form the member ports of a group The static group will only take effect when IGMP snooping is enabled on the VLAN For those static member ports the device needs t...

Page 344: ...9 1 1 1 DWS 3160 24PC admin create igmp_snooping static_group vlanid 2 239 1 1 1 Command create igmp_snooping static_group vlanid 2 239 1 1 1 Success DWS 3160 24PC admin 32 9 delete igmp_snooping static_group Description This command is used to delete an IGMP snooping multicast static group The deletion of an IGMP snooping static group will not affect the IGMP snooping dynamic member ports for a g...

Page 345: ...The IGMP protocol will resume once this port is removed from static member ports The static member port will only affect V2 IGMP operation Format config igmp_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipaddr add delete portlist Parameters vlan Specifies the name of the VLAN on which the static group resides vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 charact...

Page 346: ...name can be up to 32 characters long vlanid Specifies the ID of the VLAN on which the static group resides vlanid_list Enter the VLAN ID here ipaddr Specifies the multicast group IP address Restrictions None Example To display all the IGMP snooping static groups DWS 3160 24PC admin show igmp_snooping static_group Command show igmp_snooping static_group VLAN ID Name IP Address Static Member Ports 2...

Page 347: ...vlanid_list state enable disable aged_out enable disable expiry_time sec 1 65535 1 Parameters vlan_name Specifies the VLAN name to be configured vlan_name Enter the VLAN name here vlanid Specifies the VLAN ID to be configured vlanid_list Enter the VLAN ID here all Specifies all VLANs to be configured state Optional Specifies to enable or disable the data driven learning of an IGMP snooping group e...

Page 348: ..._learning max_learned_entry value 1 1024 Parameters max_learned_entry Specifies the maximum number of groups that can be learned by data driven The suggested default setting is 56 This default setting may vary depending on projects value 1 1024 Enter the maximum learning entry value here This value must be between 1 and 1024 Restrictions Only Administrators Operators and Power Users can issue this...

Page 349: ... groups learned by data driven DWS 3160 24PC admin clear igmp_snooping data_driven_group all Command clear igmp_snooping data_driven_group all Success DWS 3160 24PC admin 32 15 show igmp_snooping Description This command is used to display the current IGMP snooping configuration on the Switch Format show igmp_snooping vlan vlan_name 32 vlanid vlanid_list Parameters vlan Optional Specifies the name...

Page 350: ...ecs State Disabled Fast Leave Disabled Rate Limit No Limitation Report Suppression Enabled Version 3 Data Driven Learning State Enabled Data Driven Learning Aged Out Disabled Data Driven Group Expiry Time 260 VLAN Name v2 CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 32 16 show igmp_snooping rate_limit Description This command is used to display the IGMP snooping rate limit setting Fo...

Page 351: ...s the name of the VLAN for which you want to view IGMP snooping group information If VLAN ports and IP address are not specified the system will display all current IGMP snooping group information vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Optional Specifies the ID of the VLAN for which you want to view IGMP snooping group information vlanid_list Ent...

Page 352: ...comes from the source VLAN They will be forwarded to the forwarding VLAN The IGMP snooping further restricts the forwarding ports Format show igmp_snooping forwarding vlan vlan_name 32 vlanid vlanid_list Parameters vlan Optional Specifies the name of the VLAN for which you want to view IGMP snooping forwarding table information vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 ch...

Page 353: ...s vlan Optional Specifies the name of the VLAN on which the router port resides vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Specifies the ID of the VLAN on which the router port resides vlanid_list Enter the VLAN ID list here static Optional Displays router ports that have been statically configured dynamic Optional Displays router ports that have bee...

Page 354: ... Router Port CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 32 20 show igmp_snooping statistics counter Description This command is used to display the statistics counter for IGMP protocol packets that are received by the Switch since IGMP snooping was enabled Format show igmp_snooping statistic counter vlan vlan_name vlanid vlanid_list ports portlist Parameters vlan Specifies a VLAN t...

Page 355: ...lanid 2 VLAN Name v2 Group Number 1 Receive Statistics Query IGMP v1 Query 0 IGMP v2 Query 0 IGMP v3 Query 0 Total 0 Dropped By Rate Limitation 0 Dropped By Multicast VLAN 0 Report Leave IGMP v1 Report 0 IGMP v2 Report 0 IGMP v3 Report 0 IGMP v2 Leave 0 Total 0 Dropped By Rate Limitation 0 Dropped By Max Group Limitation 0 CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All To display the I...

Page 356: ...st VLAN 0 Report Leave IGMP v1 Report 0 IGMP v2 Report 0 IGMP v3 Report 0 IGMP v2 Leave 0 Total 0 Dropped By Rate Limitation 0 Dropped By Max Group Limitation 0 CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 32 21 clear igmp_snooping statistics counter Description This command is used to clear the IGMP snooping statistics counter Format clear igmp_snooping statistics counter Parameters...

Page 357: ...WS 3160 Series Gigabit Ethernet Unified Switch CLI Reference Guide 353 DWS 3160 24PC admin clear igmp_snooping statistic counter Command clear igmp_snooping statistic counter Success DWS 3160 24PC admin ...

Page 358: ...ig igmp_snooping multicast_vlan forward_unmatched disable enable show igmp_snooping multicast_vlan vlan_name 32 33 1 create igmp_snooping multicast_vlan Description This command is used to create an IGMP snooping multicast VLAN More than one multicast VLANs can be created Newly created IGMP snooping multicast VLANs must use a unique VLAN ID and name They cannot use the VLAN ID or name of any exist...

Page 359: ... before the multicast VLAN can be configured Format config igmp_snooping multicast_vlan vlan_name 32 add delete member_port portlist source_port portlist untag_source_port portlist tag_member_port portlist state enable disable replace_source_ip ipaddr remap_priority value 0 7 none replace_priority 1 Parameters multicast_vlan The name of the multicast VLAN to be configured vlan_name 32 Enter the VL...

Page 360: ...rity is used The default setting is none value 0 7 Enter the remap priority value here This value must be between 0 and 7 none Specifies that the remap priority value will be set to none replace_priority Optional Specifies that the packet priority will be changed to the remap_priority but only if remap_priority is set Restrictions Only Administrators Operators and Power Users can issue this comman...

Page 361: ...1 32 Enter the multicast VLAN group name here This name can be up to 32 characters long add Adds a multicast address list to or from this multicast VLAN profile The mcast_address_list can be a continuous single multicast address such as 225 1 1 1 225 1 1 3 225 1 1 8 a multicast address range such as 225 1 1 1 225 2 2 2 or both of types such as 225 1 1 1 225 1 1 18 225 1 1 20 delete Deletes a multi...

Page 362: ...e_name Specifies the multicast VLAN profile name profile_name 1 32 Enter the multicast VLAN profile name here This name can be up to 32 characters long all Specifies to delete all the multicast VLAN profiles Restrictions Only Administrators Operators and Power Users can issue this command Example To delete an IGMP snooping multicast group profile with the name FGroup DWS 3160 24PC admin delete igm...

Page 363: ...his command is used to configure the IGMP snooping profile learned with the specific multicast VLAN group The following two cases can be considered for examples The multicast group is not configured multicast VLANs do not have any member ports overlapping and the join packet received by the member port is learned on only the multicast VLAN that this port is a member of The join packet is learned w...

Page 364: ...xample To add an IGMP snooping profile to a multicast VLAN group with the name mv1 DWS 3160 24PC admin config igmp_snooping multicast_vlan_group mv1 add profile_name IGroup Command config igmp_snooping multicast_vlan_group mv1 add profile_name IGroup Success DWS 3160 24PC admin 33 8 show igmp_snooping multicast_vlan_group Description This command is used to display an IGMP snooping multicast VLAN ...

Page 365: ...t_vlan vlan_name 32 Parameters vlan_name 32 Enter the multicast VLAN name here The VLAN name can be up to 32 characters long Restrictions Only Administrators Operators and Power Users can issue this command Example To delete an IGMP snooping multicast VLAN called v10 DWS 3160 24PC admin delete igmp_snooping multicast_vlan v10 Command delete igmp_snooping multicast_vlan v10 Success DWS 3160 24PC ad...

Page 366: ...t_vlan Success DWS 3160 24PC admin 33 11 disable igmp_snooping multicast_vlan Description This command is used to disable the IGMP snooping multicast VLAN function By default this features is disabled Format disable igmp_snooping multicast_vlan Parameters None Restrictions Only Administrators can issue this command Example To disable the IGMP snooping multicast VLAN function DWS 3160 24PC admin di...

Page 367: ...l be flooded on the VLAN disable Specifies that the packet will be dropped This is the default option Restrictions Only Administrators Operators and Power Users can issue this command Example To configure the forwarding mode for IGMP multicast VLAN unmatched packets DWS 3160 24PC admin config igmp_snooping multicast_vlan forward_unmatched enable Command config igmp_snooping multicast_vlan forward_...

Page 368: ...how igmp_snooping multicast_vlan Command show igmp_snooping multicast_vlan IGMP Multicast VLAN Global State Enabled IGMP Multicast VLAN Forward Unmatched Disabled VLAN Name mv1 VID 2 Member Untagged Ports 10 Tagged Member Ports Source Ports 1 Untagged Source Ports Status Enabled Replace Source IP 10 90 90 254 Remap Priority 0 Replaced Total Entries 1 DWS 3160 24PC admin ...

Page 369: ...entry ports portlist all limit value 1 50 no_limit enable address_binding trap_log disable address_binding trap_log config address_binding recover_learning ports portlist all 34 1 config address_binding ip_mac Description This command is used to configure the state of IMPB on the Switch for each port Format config address_binding ip_mac ports portlist all arp_inspection strict loose disable ip_ins...

Page 370: ... when DHCP Snooping is enabled in this case DHCP packets trapped by the CPU must be forwarded by the software This setting controls the forwarding behavior in this situation enable Specifies that the forward DHCP packets option will be enabled disable Specifies that the forward DHCP packets option will be disabled stop_learning_threshold Optional When the number of blocked entries exceeds the thre...

Page 371: ...g ip_mac ipaddress 10 1 1 1 mac_address 00 00 00 00 00 11 Success DWS 3160 24PC admin 34 3 delete address_binding blocked Description This command is used to delete a blocked entry from the address binding database Format delete address_binding blocked all vlan_name vlan_name mac_address macaddr Parameters blocked Specifies the address database that the system has automatically learned and blocked...

Page 372: ... user created IMPB database ipaddress Specifies the learned IP address of the entry in the database ipaddr Enter the IP address used here mac_address Specifies the MAC address used for this configuration macaddr Enter the MAC address used here all Specifies that all the MAC address will be used Restrictions Only Administrators Operators and Power Users can issue this command Example To delete an I...

Page 373: ...rts will be used Restrictions Only Administrators Operators and Power Users can issue this command Example To configure an IMPB entry DWS 3160 24PC admin config address_binding ip_mac ipaddress 10 1 1 1 mac_address 00 00 00 00 00 11 Command config address_binding ip_mac ipaddress 10 1 1 1 mac_address 00 00 00 00 00 11 Success DWS 3160 24PC admin 34 6 show address_binding Description This command i...

Page 374: ... Not Allow Forward 500 Normal 6 Disabled Disabled IPv4 Not Allow Forward 500 Normal 7 Disabled Disabled IPv4 Not Allow Forward 500 Normal 8 Disabled Disabled IPv4 Not Allow Forward 500 Normal 9 Disabled Disabled IPv4 Not Allow Forward 500 Normal 10 Disabled Disabled IPv4 Not Allow Forward 500 Normal 11 Disabled Disabled IPv4 Not Allow Forward 500 Normal 12 Disabled Disabled IPv4 Not Allow Forward ...

Page 375: ...show address_binding blocked all Command show address_binding blocked all VID VLAN Name MAC Address Port 1 default 00 01 02 03 29 38 7 1 default 00 0C 6E 5C 67 F4 7 1 default 00 0C F8 20 90 01 7 1 default 00 0E 35 C7 FA 3F 7 1 default 00 0E A6 8F 72 EA 7 1 default 00 0E A6 C3 34 BE 7 1 default 00 11 2F 6D F3 AC 7 1 default 00 50 8D 36 89 48 7 1 default 00 50 BA 00 05 9E 7 1 default 00 50 BA 10 D8 ...

Page 376: ...e all ports which have IMPB disabled will become server ports The Switch will learn the IP addresses through server ports by using DHCP Offer and DHCP ACK packets NOTE The DHCP discover packet cannot be passed through the user ports if the allow zero IP function is disabled on the port The auto learned IMPB entry will be mapped to a specific source port based on the MAC address learning function T...

Page 377: ...d In a situation where the entry is statically configured on one port and the entry is auto learned on another port the auto learned entry will not be created Format enable address_binding dhcp_snoop Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To enable DHCP IPv4 snooping mode DWS 3160 24PC admin enable address_binding dhcp_snoop Comman...

Page 378: ...eters ports Specifies the list of ports to clear the DHCP snooping learned entries portlist Enter the list of ports used here all Specifies that all the ports will be used Restrictions Only Administrators Operators and Power Users can issue this command Example To clear DHCP IPv4 snooping entries on ports 1 3 DWS 3160 24PC admin clear address_binding dhcp_snoop binding_entry ports 1 3 Command clea...

Page 379: ...3160 24PC admin show address_binding dhcp_snoop Command show address_binding dhcp_snoop DHCP Snoop IPv4 Enabled DWS 3160 24PC admin To display DHCP snooping maximum entry configuration DWS 3160 24PC admin show address_binding dhcp_snoop max_entry Command show address_binding dhcp_snoop max_entry Port Max Entry 1 No Limit 2 No Limit 3 No Limit 4 No Limit 5 No Limit 6 No Limit 7 No Limit 8 No Limit ...

Page 380: ...he DHCP snooping binding entries DWS 3160 24PC admin show address_binding dhcp_snoop binding_entry Command show address_binding dhcp_snoop binding_entry S Status A Active I Inactive Time Left Time sec IP Address MAC Address S LT sec Port 10 62 58 35 00 0B 5D 05 34 0B A 35964 1 10 33 53 82 00 20 c3 56 b2 ef I 2590 2 Total entries 2 DWS 3160 24PC admin 34 14 config address_binding dhcp_snoop max_ent...

Page 381: ...Only Administrators Operators and Power Users can issue this command Example To set the maximum number of DHCP IPv4 snooping entries that ports 1 3 can learn to 10 DWS 3160 24PC admin config address_binding dhcp_snoop max_entry ports 1 3 limit 10 Command config address_binding dhcp_snoop max_entry ports 1 3 limit 10 Success DWS 3160 24PC admin 34 15 enable address_binding trap_log Description This...

Page 382: ... Only Administrators Operators and Power Users can issue this command Example To disable IMPB traps and logs DWS 3160 24PC admin disable address_binding trap_log Command disable address_binding trap_log Success DWS 3160 24PC admin 34 17 config address_binding recover_learning Description This command is used to recover IMPB checking Format config address_binding recover_learning ports portlist all...

Page 383: ...tions Only Administrators Operators and Power Users can issue this command Example To recover IMPB checking for ports 6 to 7 DWS 3160 24PC admin config address_binding recover_learning ports 6 7 Command config address_binding recover_learning ports 6 7 Success DWS 3160 24PC admin ...

Page 384: ...ache Description This command is used to create a static neighbor on an IPv6 interface Format create ipv6 neighbor_cache ipif ipif_name 12 ipv6addr macaddr Parameters ipif Specifies the interface s name ipif_name 12 Enter the IP interface name here This name can be up to 12 characters long ipv6addr The address of the neighbor macaddr The MAC address of the neighbor Restrictions Only Administrators...

Page 385: ...onfiguration ipv6addr The neighbor s address static Delete the static entry dynamic Delete those dynamic entries all All entries include static and dynamic entries will be deleted Restrictions Only Administrators Operators and Power Users can issue this command Example Delete a neighbor cached entry on IP interface System DWS 3160 24PC admin delete ipv6 neighbor_cache ipif System 3ffc 1 Command de...

Page 386: ...55 Port NA Interface System VID 1 Total Entries 1 DWS 3160 24PC admin 35 4 config ipv6 nd ns retrans_time Description This command is used to configure the IPv6 ND neighbor solicitation retransmit time which is between retransmissions of neighbor solicitation messages to a neighbor when resolving the address or when probing the reach ability of a neighbor Format config ipv6 nd ns ipif ipif_name 12...

Page 387: ...ighbor detection on the Switch Format show ipv6 nd ipif ipif_name 12 Parameters ipif Optional The name of the interface ipif_name 12 Enter the IP interface name here This name can be up to 12 characters long If no IP interface is specified it will display the IPv6 ND related configuration of all interfaces Restrictions Only Administrators Operators and Power Users can issue this command Example To...

Page 388: ...ifies the interface for the route This name can be up to 12 characters long ipv6addr Specifies the next hop address for this route metric 1 65535 Enter the metric value here The default setting is 1 This value must between 1 and 65535 primary Specifies the route as the primary route to the destination backup Specifies the route as the backup route to the destination The backup route can only be ad...

Page 389: ...ies the default route ipif_name 12 Enter the IP interface name used here This name can be up to 12 characters long ipv6addr Specifies the next hop address for the default route all Specifies that all static created routes will be deleted Restrictions Only Administrators Operators and Power Users can issue this command Example Delete an IPv6 static route DWS 3160 24PC admin delete ipv6route default...

Page 390: ...I Reference Guide 386 Example Display all the IPv6 routes DWS 3160 24PC admin show ipv6route Command show ipv6route IPv6 Prefix 0 Protocol Static Metric 1 Next Hop 3001 254 IPIF System Backup Primary Status Inactive Total Entries 1 DWS 3160 24PC admin ...

Page 391: ... frame setting as enable Format enable jumbo_frame Parameters None Restrictions Only Administrators and Operators can issue this command Example To enable the Jumbo frame DWS 3160 24PC admin enable jumbo_frame Command enable jumbo_frame The maximum size of jumbo frame is 13312 bytes Success DWS 3160 24PC admin 37 2 disable jumbo_frame Description This command is used to configure the jumbo frame s...

Page 392: ...able jumbo_frame Command disable jumbo_frame Success DWS 3160 24PC admin 37 3 show jumbo_frame Description This command is used to display the current configuration of jumbo frame Format show jumbo_frame Parameters None Restrictions None Example To display the Jumbo frame DWS 3160 24PC admin show jumbo_frame Command show jumbo_frame Jumbo Frame State Enabled Maximum Jumbo Frame Size 13312 Bytes DW...

Page 393: ...regation group_id Description This command is used to create a link aggregation group on the Switch Format create link_aggregation group_id value 1 32 type lacp static Parameters group_id Specifies the group id The group number identifies each of the groups value 1 32 Enter the group ID value here This value must be between 1 and 32 type Optional Specifies the group type that belongs to static or ...

Page 394: ...gation group Format config link_aggregation group_id value 1 32 master_port port ports portlist state enabled disabled Parameters group_id Specifies the group id The group number identifies each of the groups value 1 32 Enter the group ID value here This value must be between 1 and 32 master_port Optional Master port ID Specifies which port by port number of the link aggregation group will be the ...

Page 395: ... egress port for transmitting load sharing data This feature is available using the address based load sharing algorithm only Format config link_aggregation algorithm mac_source mac_destination mac_source_dest ip_source ip_destination ip_source_dest l4_src_port l4_dest_port l4_src_dest_port Parameters mac_source Indicates that the Switch should examine the MAC source address mac_destination Indica...

Page 396: ...sed to display the current link aggregation configuration on the Switch Format show link_aggregation group_id value 1 32 algorithm Parameters group_id Optional Specifies the group id The group number identifies each of the groups value 1 32 Enter the group ID value here This value must be between 1 and 32 algorithm Optional Allows you to Specifies the display of link aggregation by the algorithm i...

Page 397: ... Member Port 1 8 Active Port 7 Status Enabled Flooding Port 7 Total Entries 1 DWS 3160 24PC admin Link aggregation group enable and no member linkup DWS 3160 24PC admin show link_aggregation Command show link_aggregation Link Aggregation Algorithm MAC Source Dest Group ID 1 Type LACP Master Port 1 Member Port 1 8 Active Port Status Enabled Flooding Port Total Entries 1 DWS 3160 24PC admin Link agg...

Page 398: ...gure the per port LACP mode Format config lacp_port portlist mode active passive Parameters lacp_port Specified a range of ports to be configured portlist Enter the list of port used for the configuration here mode Specifies the LACP mode used active Specifies to set the LACP mode as active passive Specifies to set the LACP mode as passive Restrictions Only Administrators Operators and Power Users...

Page 399: ... list of ports used for this configuration here If no parameter specified the system will display current LACP and all port status Restrictions None Example To display port lacp mode DWS 3160 24PC admin show lacp_port Command show lacp_port Port Activity 1 Active 2 Active 3 Active 4 Active 5 Active 6 Active 7 Active 8 Active 9 Active 10 Active 11 Active 12 Active 13 Passive 14 Passive 15 Passive 1...

Page 400: ...disable dot3_tlvs all mac_phy_configuration_status link_aggregation power_via_mdi maximum_frame_size enable disable config lldp forward_message enable disable show lldp show lldp mgt_addr ipv4 ipaddr ipv6 ipv6addr show lldp ports portlist show lldp local_ports portlist mode brief normal detailed show lldp remote_ports portlist brief normal detailed show lldp statistics show lldp statistics ports p...

Page 401: ...uccess DWS 3160 24PC admin 39 2 disable lldp Description This command is used to globally disable the LLDP function Format disable lldp Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To disable LLDP DWS 3160 24PC admin disable lldp Command disable lldp Success DWS 3160 24PC admin 39 3 config lldp Description This command is used to change ...

Page 402: ...default setting 2 seconds sec 1 8192 Enter the transmit delay value here This value must be between 1 and 8192 seconds reinit_delay Specifies the minimum time of re initialization delay interval The default setting 2 seconds sec 1 10 Enter the re initiate delay value here This value must be between 1 and 10 seconds Restrictions Only Administrators Operators and Power Users can issue this command E...

Page 403: ..._name 32 vlanid vidlist enable disable dot1_tlv_protocol_identity all eapol lacp gvrp stp enable disable dot3_tlvs all mac_phy_configuration_status link_aggregation power_via_mdi maximum_frame_size enable disable Parameters portlist Enter a list of ports used for the configuration here all Specifies that all the ports will be used for this configuration notification Enables or disables the SNMP tr...

Page 404: ...ion will be disabled dot1_tlv_protocol_vid This TLV optional data type determines whether the IEEE 802 1 organizationally defined port and protocol VLAN ID TLV transmission is allowed on a given LLDP transmission capable port The default state is disabled vlan Specifies the VLAN used for this configuration all Specifies that all the configured VLANs will be used for this configuration vlan_name 32...

Page 405: ... transmit Link Aggregation TLV This type indicates the current link aggregation status of IEEE 802 3 MACs More precisely the information should include whether the port is capable of doing link aggregation whether the port is aggregated in a aggregated link and the aggregated port ID The default state is disabled power_via_mdi Optional This TLV optional data type indicates that LLDP agent should t...

Page 406: ...nts for all ports DWS 3160 24PC admin config lldp ports all dot1_tlv_pvid enable Command config lldp ports all dot1_tlv_pvid enable Success DWS 3160 24PC admin To configure exclude the port and protocol VLAN ID TLV from the outbound LLDP advertisements for all ports DWS 3160 24PC admin config lldp ports all dot1_tlv_protocol_vid vlanid 1 3 enable Command config lldp ports all dot1_tlv_protocol_vid...

Page 407: ...config lldp ports all dot3_tlvs mac_phy_configuration_status enable Success DWS 3160 24PC admin 39 6 config lldp forward_ message Description This command is used to configure forwarding of LLDP PDU packets when LLDP is disabled Format config lldp forward_message enable disable Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To configure LL...

Page 408: ...n Gigabit Ethernet Switch System Capabilities Repeater Bridge LLDP Configurations LLDP Status Enabled LLDP Forward Status Enabled Message TX Interval 30 Message TX Hold Multiplier 4 ReInit Delay 2 TX Delay 2 Notification Interval 10 DWS 3160 24PC admin 39 8 show lldp mgt_addr Description This command is used to display the LLDP management address information Format show lldp mgt_addr ipv4 ipaddr i...

Page 409: ...mgt_addr ipv4 10 90 90 90 Address 1 Subtype IPv4 Address 10 90 90 90 IF Type IfIndex OID 1 3 6 1 4 1 171 11 124 2 Advertising Ports 5 6 DWS 3160 24PC admin 39 9 show lldp ports Description This command is used to display the LLDP per port configuration for advertisement options Format show lldp ports portlist Parameters portlist Optional Specifies a range of ports to be displayed If the port list ...

Page 410: ...Via MDI Disabled Link Aggregation Disabled Maximum Frame Size Disabled CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 39 10 show lldp local_ports Description This command is used to display the per port information currently available for populating outbound LLDP advertisements Format show lldp local_ports portlist mode brief normal detailed Parameters portlist Optional Specified a ran...

Page 411: ... 10 117 1 2 PPVID Entries Count 0 None VLAN Name Entries Count 1 Entry 1 VLAN ID 1 VLAN Name default Protocol Identity Entries Count 0 None MAC PHY Configuration Status Auto Negotiation Support Supported Auto Negotiation Enabled Enabled Auto Negotiation Advertised Capability 6c01 hex Auto Negotiation Operational MAU Type 0000 hex Power Via MDI Port Class PSE PSE MDI Power Support Supported PSE MDI...

Page 412: ...ntries Count 1 Protocol Identity Entries Count 0 MAC PHY Configuration Status See Detail Power Via MDI See Detail Link Aggregation See Detail Maximum Frame Size 1542 DWS 3160 24PC admin To display outbound LLDP advertisements for port 1 in brief mode DWS 3160 24PC admin show lldp local_ports 1 mode brief Command show lldp local_ports 1 mode brief Port ID 1 Port ID Subtype Local Port ID 1 1 Port De...

Page 413: ...rief Command show lldp remote_ports 23 mode brief Port ID 23 Remote Entities Count 1 Entity 1 Chassis ID Subtype MAC Address Chassis ID 00 11 22 33 32 32 Port ID Subtype Local Port ID 1 23 Port Description D Link DWS 3160 24TC R1 00 034 Port 23 DWS 3160 24PC admin To display remote table in normal mode DWS 3160 24PC admin show lldp remote_ports 23 mode normal Command show lldp remote_ports 23 mode...

Page 414: ...nd show lldp remote_ports 23 mode detailed Port ID 23 Remote Entities Count 1 Entity 1 Chassis ID Subtype MAC Address Chassis ID 00 11 22 33 32 32 Port ID Subtype Local Port ID 1 23 Port Description D Link DWS 3160 24TC R1 00 034 Port 23 System Name System Description Gigabit Ethernet Switch System Capabilities Repeater Bridge Management Address Count 0 None Port PVID 0 PPVID Entries Count 0 None ...

Page 415: ...160 24PC admin show lldp statistics Command show lldp statistics Last Change Time 40600 Number of Table Insert 1 Number of Table Delete 0 Number of Table Drop 0 Number of Table Ageout 0 DWS 3160 24PC admin 39 13 show lldp statistics ports Description This command is used to display per port LLDP statistics Format show lldp statistics ports portlist Parameters portlist Optional Specified a range of...

Page 416: ...PC admin show lldp statistics ports 1 Command show lldp statistics ports 1 Port ID 1 LLDPStatsTXPortFramesTotal 22 LLDPStatsRXPortFramesDiscardedTotal 0 LLDPStatsRXPortFramesErrors 0 LLDPStatsRXPortFramesTotal 0 LLDPStatsRXPortTLVsDiscardedTotal 0 LLDPStatsRXPortTLVsUnrecognizedTotal 0 LLDPStatsRXPortAgeoutsTotal 0 DWS 3160 24PC admin ...

Page 417: ...ed a user would need to manually recover a disabled port The default value for the recover timer is 60 seconds value 0 0 is a special value that specifies that the auto recovery mechanism should be disabled When the auto recovery mechanism is disabled a user would need to manually recover a disabled port sec 60 1000000 Enter the recovery timer value here This value must be between 60 and 1000000 s...

Page 418: ...rts Specifies the range of ports that LBD will be configured on portlist Enter a list of ports all To set all ports in the system you may use the all parameter state Specifies whether the LBD function should be enabled or disabled on the ports specified in the port list The default state is disabled enable Specifies to enable the LBD function disable Specifies to disable the LBD function Restricti...

Page 419: ...To enable the LBD function globally DWS 3160 24PC admin enable loopdetect Command enable loopdetect Success DWS 3160 24PC admin 40 4 disable loopdetect Description This command is used to disable the LBD function globally on the Switch Format disable loopdetect Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To disable the LBD function glob...

Page 420: ... the LBD global configuration Format show loopdetect Parameters None Restrictions None Example To display the LBD global settings DWS 3160 24PC admin show loopdetect Command show loopdetect LBD Global Settings Status Disabled Mode VLAN based Interval 20 sec Recover Time 0 sec Trap State None Log State Enabled DWS 3160 24PC admin 40 6 show loopdetect ports Description This command is used to displa...

Page 421: ...9 Port Loopdetect State Loop VLAN 1 Enabled None 2 Enabled None 3 Enabled None 4 Enabled None 5 Enabled None 6 Disabled None 7 Disabled None 8 Disabled None 9 Disabled None CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 40 7 config loopdetect trap Description This command is used to configure the trap modes for LBD Format config loopdetect trap none loop_detected loop_cleared both P...

Page 422: ...etect log Description This command is used to configure the log state for LBD The default value is enabled Format config loopdetect log state enable disable Parameters state Specifies the state of the LBD log feature enable Enable the LBD log feature disable Disable the LBD log feature All LBD related logs will not be recorded Restrictions Only Administrators Operators and Power Users can issue th...

Page 423: ... 41 1 enable mac_notification Description This command is used to globally enable MAC address table notification on the Switch Format enable mac_notification Parameters None Restrictions Only Administrators and Operators can issue this command Example To enable mac_notification function DWS 3160 24PC admin enable mac_notification Command enable mac_notification Success DWS 3160 24PC admin 41 2 dis...

Page 424: ...rysize int 1 500 Parameters interval Optional The time in seconds between notifications int 1 2147483647 Enter the interval time here This value must be between 1 and 2147483647 seconds historysize Optional This is maximum number of entries listed in the history log used for notification Up to 500 entries can be specified int 1 500 Enter the history log size here This value must be between 1 and 5...

Page 425: ...d for this configuration enable Enable the port s MAC address table notification disable Disable the port s MAC address table notification Restrictions Only Administrators and Operators can issue this command Example To enable 7th port s MAC address table notification DWS 3160 24PC admin config mac_notification ports 7 enable Command config mac_notification ports 7 enable Success DWS 3160 24PC adm...

Page 426: ...tification Settings State Enabled Interval 1 History Size 500 DWS 3160 24PC admin 41 6 show mac_notification ports Description This command is used to display the port s MAC address table notification status settings Format show mac_notification ports portlist Parameters portlist Optional Enter a list of ports used for the configuration here Restrictions None Example To display all port s MAC addr...

Page 427: ...ation ports Port MAC Address Table Notification State 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Enabled 8 Disabled 9 Disabled 10 Disabled 11 Disabled 12 Disabled 13 Disabled 14 Disabled 15 Disabled 16 Disabled 17 Disabled 18 Disabled 19 Disabled 20 Disabled CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh ...

Page 428: ...e mac_based_access_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 config mac_based_access_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 clear_vlan delete mac_based_access_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 config mac_based_access_control authorization attributes radius enable disable local enable disable 1 show mac_based_access_con...

Page 429: ...cess Control Format disable mac_based_access_control Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To disable the MAC based Access Control global state DWS 3160 24PC admin disable mac_based_access_control Command disable mac_based_access_control Success DWS 3160 24PC admin 42 3 config mac_based_access_control password Description This com...

Page 430: ...config mac_based_access_control password switch Success DWS 3160 24PC admin 42 4 config mac_based_access_control method Description This command is used to configure the MAC based Access Control authentication method Format config mac_based_access_control method local radius Parameters local Specifies to authenticate via the local database radius Specifies to authenticate via a RADIUS server Restr...

Page 431: ...uccess DWS 3160 24PC admin 42 6 config mac_based_access_control ports Description This command is used to configure the MAC based Access Control port s setting When the MAC based Access Control function is enabled for a port and the port is not a MAC based Access Control guest VLAN member the user who is attached to this port will not be forwarded unless the user passes the authentication A user t...

Page 432: ... Specifies that the port s MAC based Access Control states will be disabled mode Optional Specifies the MAC based access control port mode used port_based Specifies that the MAC based access control port mode will be set to port based host_based Specifies that the MAC based access control port mode will be set to host based aging_time Optional A time period during which an authenticated host will ...

Page 433: ...d_access_control ports 1 8 aging_time infinite block_time 120 Success DWS 3160 24PC admin 42 7 create mac_based_access_control Description This command is used to assign a static 802 1Q VLAN as a MAC based Access Control guest VLAN Format create mac_based_access_control guest_vlan vlan_name 32 guest_vlanid vlanid 1 4094 Parameters guest_vlan Specifies MAC based Access Control guest VLAN by name it...

Page 434: ...uest_vlanid Specifies the VID of the MAC based Access Control s guest VLAN vlanid 1 4094 Enter the VLAN ID here This value must be between 1 and 4094 Restrictions Only Administrators Operators and Power Users can issue this command Example To delete the MAC based Access Control guest VLAN called mbacv15 DWS 3160 24PC admin delete mac_based_access_control guest_vlan mbacv15 Command delete mac_based...

Page 435: ... Control authentication information for the host that has a MAC address of 00 00 00 47 04 65 DWS 3160 24PC admin clear mac_based_access_control auth_state mac_addr 00 00 00 47 04 65 Command clear mac_based_access_control auth_state mac_addr 00 00 00 47 04 65 Success DWS 3160 24PC admin 42 10 create mac_based_access_control_local Description This command is used to create a MAC based Access Control...

Page 436: ...l_local mac 00 00 00 00 00 01 vlan default Success DWS 3160 24PC admin 42 11 config mac_based_access_control_local Description This command is used to configure a MAC based Access Control local database entry Format config mac_based_access_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 clear_vlan Parameters mac Specifies the authenticated host s MAC address macaddr Enter the MAC ...

Page 437: ...eters mac Delete local database entry by specific MAC address macaddr Enter the MAC address used here vlan Delete local database entries by specific target VLAN name vlan_name 32 Enter the VLAN name here This name can be up to 32 characters long vlanid Delete local database entries by specific target VLAN ID vlanid 1 4094 Enter the VLAN ID here This value must be between 1 and 4094 Restrictions On...

Page 438: ... disable local enable disable 1 Parameters radius Optional If specified to enable the authorized attributes for example VLAN 802 1p default priority and ACL assigned by the RADUIS server will be accepted if the global authorization status is enabled The default state is enabled enable Specifies that the RADIUS attributes will be enabled disable Specifies that the RADIUS attributes will be disabled...

Page 439: ...To display the MAC based Access Control port configuration for ports 5 to 10 DWS 3160 24PC admin show mac_based_access_control ports 5 10 Command show mac_based_access_control ports 5 10 Port State Aging Time Block Time Auth Mode Max User min sec 5 Disabled Infinite 120 Host based No Limit 6 Disabled Infinite 120 Host based No Limit 7 Disabled Infinite 120 Host based No Limit 8 Disabled Infinite 1...

Page 440: ...lays all MAC based Access Control local database entries Restrictions None Example To display MAC based Access Control local database for the VLAN called default DWS 3160 24PC admin show mac_based_access_control_local vlan default Command show mac_based_access_control_local vlan default MAC Address VID 00 00 00 00 00 01 1 Total Entries 1 DWS 3160 24PC admin 42 16 show mac_based_access_control auth...

Page 441: ...ed to configure the maximum number of authorized clients Format config mac_based_access_control max_users value 1 1000 no_limit Parameters max_users Specifies to set the maximum number of authorized clients on the whole device value 1 1000 Enter the maximum users here This value must be between 1 and 1000 no_limit Specifies to not limit the maximum number of users on the system By default there is...

Page 442: ...er Users can issue this command Example To enable trap state of MAC based Access Control DWS 3160 24PC admin config mac_based_access_control trap state enable Command config mac_based_access_control trap state enable Success DWS 3160 24PC admin 42 19 config mac_based_access_control log state Description This command is used to enable or disable generating of MAC based Access Control logs Format co...

Page 443: ...Switch CLI Reference Guide 439 Example To disable log state of MAC based Access Control DWS 3160 24PC admin config mac_based_access_control log state disable Command config mac_based_access_control log state disable Success DWS 3160 24PC admin ...

Page 444: ... entry Format create mac_based_vlan mac_address macaddr vlan vlan_name 32 vlanid vlanid 1 4094 Parameters mac_address Specifies the MAC address used macaddr Enter the MAC address here vlan The VLAN to be associated with the MAC address vlan_name 32 Enter the VLAN name here This name can be up to 32 characters long vlanid Specifies the VLAN by VLAN ID vlanid 1 4094 Enter the VLAN ID here This value...

Page 445: ...een 1 and 4094 If no parameter is specified ALL static configured entries will be removed Restrictions Only Administrators Operators and Power Users can issue this command Example To delete a static MAC based VLAN entry DWS 3160 24PC admin delete mac_based_vlan mac_address 00 11 22 33 44 55 vlanid 100 Command delete mac_based_vlan mac_address 00 11 22 33 44 55 vlanid 100 Success DWS 3160 24PC admi...

Page 446: ...s None Example In the following example MAC address 00 80 c2 33 c3 45 is assigned to VLAN 300 by manual config It is assigned to VLAN 400 by Voice VLAN Since Voice VLAN has higher priority than manual configuration the manual configured entry will become inactive To display the MAC based VLAN entry DWS 3160 24PC admin show mac_based_vlan Command show mac_based_vlan MAC Address VLAN ID Status Type ...

Page 447: ...t add delete source ports portlist rx tx both Parameters port The port that will receive the packets duplicated at the mirror port port Enter the port number to be configured here add Optional The mirror entry to be added delete Optional The mirror entry to be deleted source ports Optional The port that will be mirrored All packets entering and leaving the source port can be duplicated in the mirr...

Page 448: ...None Restrictions Only Administrators and Operators can issue this command Example To enable mirroring function DWS 3160 24PC admin enable mirror Command enable mirror Success DWS 3160 24PC admin 44 3 disable mirror Description This command is used to disable the mirror function without having to modify the mirror session configuration Format disable mirror Parameters None Restrictions Only Admini...

Page 449: ...admin 44 4 show mirror Description This command is used to display the mirror function s state and mirror session configuration on the Switch Format show mirror Parameters None Restrictions None Example To display mirroring configuration DWS 3160 24PC admin show mirror Command show mirror Current Settings Mirror Status Enabled Target Port 3 Mirrored Port RX 7 12 TX 7 12 DWS 3160 24PC admin ...

Page 450: ...anid vlanid_list ipv6addr delete mld_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipv6addr config mld_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipv6addr add delete portlist show mld_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipv6addr config mld_snooping data_driven_learning all vlan_name vlan_name vlanid vlanid_list state enable disable aged_out enabl...

Page 451: ... includes requests only for MLDv1 reports the Switch forwards only the first MLDv1 report from all hosts for a group to all the multicast routers If the multicast router query also includes requests for MLDv2 reports the Switch forwards all MLDv2 reports for a group to the multicast devices enable Enter enable to enable the report suppression disable Enter disable to disable the report suppression...

Page 452: ...fore a multicast router decides that there is no longer another multicast router that is the querier This interval is calculated as follows robustness variable query interval 0 5 query response interval 3 Last listener query count Number of group specific queries sent before the router assumes there are no local listeners of a group The default number is the value of the robustness variable 4 By d...

Page 453: ...on which the router port resides vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Specifies the ID of the VLAN on which the router port resides vlanid_list Enter the VLAN ID list here add Specifies to add the router ports delete Specifies to delete the router ports portlist Specifies a range of ports to be configured Restrictions Only Administrators Operat...

Page 454: ... router ports of VLAN ID 2 DWS 3160 24PC admin config mld_snooping mrouter_ports_forbidden vlanid 2 add 11 12 Command config mld_snooping mrouter_ports_forbidden vlanid 2 add 11 12 Success DWS 3160 24PC admin 45 5 enable mld_snooping Description This command is used to enable MLD snooping on the Switch The forward MC router only function is disabled by default If forward multicast router only is e...

Page 455: ...ves an MLD report packet from a port this port will be learned as a member port of the multicast group that the port is reported and the router will be a default member of this multicast group The multicast packet destined for this multicast group will be forwarded to all the members of this multicast group Restrictions Only Administrators Operators and Power Users can issue this command Example T...

Page 456: ...em will display all current MLD snooping configurations Restrictions None Example To display MLD snooping DWS 3160 24PC admin show mld_snooping Command show mld_snooping MLD Snooping Global State Enabled Data Driven Learning Max Entries 128 VLAN Name default Query Interval 125 Max Response Time 10 Robustness Value 2 Last Listener Query Interval 1 Querier State Enabled Querier Role Non Querier Quer...

Page 457: ...lanid_list Enter the VLAN ID list here ports Optional Specifies a list of ports for which you want to view MLD snooping group information portlist Enter the list of port here ipv6addr Optional Specifies the group IPv6 address for which you want to view MLD snooping group information data_driven Optional Display the data driven groups Restrictions None Example To display an MLD snooping group when ...

Page 458: ...er Mode EXCLUDE Source Group NULL FE1E 2 VLAN Name VID default 1 Member Ports 4 5 UP Time 40 Expiry Time 205 Filter Mode EXCLUDE Source Group NULL FF1E 5 VLAN Name VID default 1 Reports 0 Member Ports Router Ports 24 UP Time 100 Expiry Time 200 Filter Mode EXCLUDE Total Entries 4 DWS 3160 24PC admin DWS 3160 24PC admin show mld_snooping group data_driven Command show mld_snooping group data_driven...

Page 459: ... of the VLAN for which you want to view MLD snooping forwarding table information vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Optional Specifies the ID of the VLAN for which you want to view MLD snooping forwarding table information vlanid_list Enter the VLAN ID list here If no parameter is specified the system will display all current MLD snooping fo...

Page 460: ...ays router ports that have been statically configured dynamic Optional Displays router ports that have been dynamically configured forbidden Optional Displays forbidden router ports that have been statically configured If no parameter is specified the system will display all currently configured router ports on the Switch Restrictions None Example To display the mld_snooping router ports DWS 3160 ...

Page 461: ...h the static group resides vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Specifies the ID of the VLAN on which the static group resides vlanid_list Enter the VLAN ID list here ipv6addr Specifies the multicast group IPv6 address Restrictions Only Administrators Operators and Power Users can issue this command Example To create an MLD snooping static grou...

Page 462: ...erate on this port For example suppose that a port is a dynamic member port learned by MLD If this port is configured as a static member later then the MLD protocol will stop operating on this port The MLD protocol will resume once this port is removed from static member ports Format config mld_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipv6addr add delete portlist Parameters vlan ...

Page 463: ...ld_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipv6addr Parameters vlan Optional Specifies the name of the VLAN on which the static group resides vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Optional Specifies the ID of the VLAN on which the static group resides vlanid_list Enter the VLAN ID list here ipv6addr Optional Specifies the mult...

Page 464: ...snooping entry That is the aging out mechanism will follow the ordinary MLD snooping entry Format config mld_snooping data_driven_learning all vlan_name vlan_name vlanid vlanid_list state enable disable aged_out enable disable expiry_time sec 1 65535 1 Parameters vlan_name Specifies the VLAN name to be configured vlan_name Enter the VLAN name here vlanid Specifies the VLAN ID to be configured vlan...

Page 465: ... max_learned_entry value 1 1024 Parameters max_learned_entry Specifies the maximum number of groups that can be learned by data driven The suggested default setting is 56 This default setting may vary depending on project value 1 1024 Enter the maximum learned entry value here This value must be between 1 and 1024 Restrictions Only Administrators Operators and Power Users can issue this command Ex...

Page 466: ...can issue this command Example To delete all the groups learned by data driven DWS 3160 24PC admin clear mld_snooping data_driven_group all Command clear mld_snooping data_driven_group all Success DWS 3160 24PC admin 45 18 show mld_snooping statistic counter Description This command is used to display the statistics counter for MLD protocol packets that are received by the Switch since MLD snoopin...

Page 467: ...By Multicast VLAN 0 Report Done MLD v1 Report 0 MLD v2 Report 0 MLD v1 Done 0 Total 0 Dropped By Rate Limitation 0 Dropped By Max Group Limitation 0 Dropped By Group Filter 0 Dropped By Multicast VLAN 0 CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 45 19 clear mld_snooping statistic counter Description This command is used to clear MLD snooping statistics counters Format clear mld_sno...

Page 468: ... Configure the rate limit of MLD control packets that the Switch can process on a specific port or VLAN The rate is specified in packet per second The packets that exceed the limited rate will be dropped no_limit Configure the rate limit of MLD control packets that the Switch can process on a specific port or VLAN The rate is specified in packet per second The packets that exceed the limited rate ...

Page 469: ... a list of VLANs vlanid_list Enter the VLAN ID list here Restrictions None Example To configure the mld_snooping per port rate_limit DWS 3160 24PC admin show mld_snooping rate_limit ports 1 15 Command show mld_snooping rate_limit ports 1 15 Port Rate Limit 1 100 2 No Limit 3 No Limit 4 No Limit 5 No Limit 6 No Limit 7 No Limit 8 No Limit 9 No Limit 10 No Limit 11 No Limit 12 No Limit 13 No Limit 1...

Page 470: ...g mld_snooping multicast_vlan forward_unmatched disable enable show mld_snooping multicast_vlan vlan_name 32 46 1 create mld_snooping multicast_vlan Description This command is used to create an MLD snooping multicast VLAN More than one multicast VLANs can be created Newly created MLD snooping multicast VLANs must use a unique VLAN ID and name They cannot use the VLAN ID or name of any existing 80...

Page 471: ...VLAN However member ports of one multicast VLAN are allowed to overlap with member ports on a different multicast VLAN Format config mld_snooping multicast_vlan vlan_name 32 add delete member_port portlist source_port portlist untag_source_port portlist tag_member_port portlist state enable disable replace_source_ip ipv6addr remap_priority value 0 7 none replace_priority 1 Parameters multicast_vla...

Page 472: ...ic to be forwarded on the multicast VLAN If none is specified the packet s original priority is used The default setting is none value 0 7 Enter the remap priority value here This value must be between 0 and 7 replace_priority Optional The packet priority is changed to the remap_priority but only if the remap_priority is set Restrictions Only Administrators Operators and Power Users can issue this...

Page 473: ...ile name The maximum length is 32 characters profile_name 1 32 Enter the multicast VLAN group profile name here This name can be up to 32 characters long add Add a multicast address list to or from this multicast VLAN profile The mcast_v6address_list can be a continuous single multicast addresses such as FF1E 1 a multicast address range such asFF1E 1 FF1E 2 or both of them such as FF1E 1 FF1E 10 F...

Page 474: ...pecifies the multicast VLAN profile name profile_name 1 32 Enter the multicast VLAN profile name here This name can be up to 32 characters long all Specifies to delete all the multicast VLAN profiles Restrictions Only Administrators Operators and Power Users can issue this command Example To delete an MLD snooping multicast group profile with the name MGroup DWS 3160 24PC admin delete mld_snooping...

Page 475: ...mand is used to configure the MLD snooping profile learned with the specific multicast VLAN group The following two cases can be considered for examples The multicast group is not configured multicast VLANs do not have any member ports overlapping and the join packet received by the member port is learned on only the multicast VLAN that this port is a member of The join packet is learned with the ...

Page 476: ...xample To add an MLD snooping profile to a multicast VLAN group with the name mv2 DWS 3160 24PC admin config mld_snooping multicast_vlan_group mv2 add profile_name MGroup Command config mld_snooping multicast_vlan_group mv2 add profile_name MGroup Success DWS 3160 24PC admin 46 8 show mld_snooping multicast_vlan_group Description This command is used to display an MLD snooping multicast VLAN group...

Page 477: ...t_vlan vlan_name 32 Parameters vlan_name 32 Enter the multicast VLAN name here The VLAN name can be up to 32 characters long Restrictions Only Administrators Operators and Power Users can issue this command Example To delete an MLD snooping multicast VLAN called v10 DWS 3160 24PC admin delete mld_snooping multicast_vlan v10 Command delete mld_snooping multicast_vlan v10 Success DWS 3160 24PC admin...

Page 478: ...ast_vlan Success DWS 3160 24PC admin 46 11 disable mld_snooping multicast_vlan Description This command is used to disable the MLD snooping multicast VLAN function By default this features is disabled Format disable mld_snooping multicast_vlan Parameters None Restrictions Only Administrators can issue this command Example To disable the MLD snooping multicast VLAN function DWS 3160 24PC admin disa...

Page 479: ...ooded on the VLAN disable Specifies that the packet will be dropped This is the default option Restrictions Only Administrators Operators and Power Users can issue this command Example To configure the forwarding mode for MLD multicast VLAN unmatched packets DWS 3160 24PC admin config mld_snooping multicast_vlan forward_unmatched enable Command config mld_snooping multicast_vlan forward_unmatched ...

Page 480: ...n show mld_snooping multicast_vlan Command show mld_snooping multicast_vlan MLD Multicast VLAN Global State Enabled MLD Multicast VLAN Forward Unmatched Enabled VLAN Name mv2 VID 4 Member Untagged Ports 1 3 Tagged Member Ports Source Ports Untagged Source Ports Status Enabled Replace Source IP Remap Priority None Total Entries 1 DWS 3160 24PC admin ...

Page 481: ... 1 1024 infinite action drop replace 1 show max_mcast_group ports portlist vlanid vlanid_list ipv4 ipv6 show limited_multicast_addr ports portlist vlanid vlanid_list ipv4 ipv6 47 1 create mcast_filter_profile Description This command is used to configure a multicast address profile Multiple ranges of multicast addresses can be defined in the profile If the IPv4 or ipv6 option is not specified IPv4...

Page 482: ...e can be up to 32 characters long profile_name Optional Provides a meaningful description for the profile name 32 Enter the profile name here The profile name can be up to 32 characters long add Specifies to add a multicast address delete Specifies to delete a multicast address mcast_address_list Optional List of the multicast addresses to be put in the profile You can either Specifies a single mu...

Page 483: ... the profile You can either Specifies a single IPv6 multicast IP address or a range of IPv6 multicast addresses connected by Restrictions Only Administrators Operators and Power Users can issue this command Example To add the IPv6 multicast address range FFF0E 100 0 0 20 FFF0E 100 0 0 22 to profile ID 4 DWS 3160 24PC admin config mcast_filter_profile ipv6 profile_id 4 add FF0E 100 0 0 20 FF0E 100 ...

Page 484: ...min delete mcast_filter_profile profile_name MOD Command delete mcast_filter_profile profile_name MOD Total entries 2 DWS 3160 24PC admin 47 5 show mcast_filter_profile Description This command is used to display the defined multicast address profiles If the IPv4 or IPv6 option is not specified IPv4 is implied Format show mcast_filter_profile ipv4 ipv6 profile_id value 1 24 profile name name 1 32 ...

Page 485: ...id value 1 24 profile_name name 1 32 access permit deny 1 Parameters ports Specifies the range of ports to configure the multicast address filtering function portslist Enter the list of port to be configured here vlanid Specifies the VLAN ID of the VLAN that the multicast address filtering function will be configured on vlanid_list Enter the VLAN ID list here ipv4 Optional Specifies the IPv4 multi...

Page 486: ..._mcast_group ports portlist vlanid vlanid_list ipv4 ipv6 max_group value 1 1024 infinite action drop replace 1 Parameters ports Specifies the range of ports to configure the max_mcast_group portlist Enter the list of ports to be configured here vlanid Specifies the VLAN ID to configure max_mcast_group vlanid_list Enter the VLAN ID list here ipv4 Optional Specifies that the maximum number of IPv4 l...

Page 487: ...aying information about the maximum number of multicast groups that the specified ports can join portlist Optional Enter the list of ports to be configured here vlanid Specifies the VLAN ID for displaying the maximum number of multicast groups vlanid_list Optional Enter the VLAN ID list here ipv4 Optional Specifies to display the maximum number of IPv4 learned addresses ipv6 Optional Specifies to ...

Page 488: ... groups operated by the IGMP or MLD Layer 3 functions If the IPv4 or IPv6 option is not specified IPv4 is implied Format show limited_multicast_addr ports portlist vlanid vlanid_list ipv4 ipv6 Parameters ports Specifies the range of ports that require information displaying about the multicast address filtering function portlist Optional Enter the list of port to be configured here vlanid Specifie...

Page 489: ...multicast_addr ports 1 3 Command show limited_multicast_addr ports 1 3 Port 1 Access Deny Profile ID Name Multicast Addresses 2 MOD 225 1 1 1 225 1 1 10 234 1 1 1 238 244 244 244 Port 3 Access Deny Profile ID Name Multicast Addresses 2 MOD 225 1 1 1 225 1 1 10 234 1 1 1 238 244 244 244 DWS 3160 24PC admin ...

Page 490: ...e_id value 0 15 config stp maxage value 6 40 maxhops value 6 40 hellotime value 1 2 forwarddelay value 4 30 txholdcount value 1 10 fbpdu enable disable nni_bpdu_addr dot1d dot1ad config stp ports portlist externalCost auto value 1 200000000 hellotime value 1 2 migrate yes no edge true false auto p2p true false auto state enable disable restricted_role true false restricted_tcn true false fbpdu ena...

Page 491: ...ax Hops 20 TX Hold Count 6 Forwarding BPDU Disabled NNI BPDU Address dot1d DWS 3160 24PC admin 48 2 show stp instance Description This command is used to displays each STP instance configuration Format show stp instance value 0 15 Parameters instance Specifies the MSTP instance ID value 0 15 Optional Enter the MSTP instance ID value here This value must be between 0 and 15 Restrictions None Exampl...

Page 492: ... Cost 0 Designated Bridge 61440 00 11 22 33 45 67 Root Port None Max Age 25 Forward Delay 15 Last Topology Change 22 Topology Changes Count 1 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 48 3 show stp ports Description This command is used to display the port information includes parameters setting and operational value Format show stp ports portlist Parameters ports To display pa...

Page 493: ...F000 001122334567 20000 128 Forwarding Designated 2 8002 001122334567 20000 128 Forwarding Designated CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 48 4 show stp mst_config_id Description This command is used to display the MST configuration identification Format show stp mst_config_id Parameters None Restrictions None Example To display STP MST configuration ID DWS 3160 24PC admin...

Page 494: ...ministrators Operators and Power Users can issue this command Example To create MSTP instance DWS 3160 24PC admin create stp instance_id 2 Command create stp instance_id 2 Warning There is no VLAN mapping to this instance_id Success DWS 3160 24PC admin 48 6 delete stp instance_id Description This command is used to delete an MST Instance Format delete stp instance_id value 1 15 Parameters instance...

Page 495: ...nce CIST value 1 15 Enter the MSTP instance ID here This value must be between 1 and 15 add_vlan Specifies to map the specified VLAN list to an existing MST instance remove_vlan Specifies to delete the specified VLAN list from an existing MST instance vidlist Specifies a list of VLANs by VLAN ID Restrictions Only Administrators Operators and Power Users can issue this command Example To map a VLAN...

Page 496: ...revision level also represents different MST regions int 0 65535 Enter the revision level here This value must be between 0 and 65535 Restrictions Only Administrators Operators and Power Users can issue this command Example To change the name and revision level of the MST configuration identification DWS 3160 24PC admin config stp mst_config_id name R D_BlockG revision_level 1 Commands config stp ...

Page 497: ...ion This command is used to disable STP globally Format disable stp Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To disable STP DWS 3160 24PC admin disable stp Command disable stp Success DWS 3160 24PC admin 48 11 config stp version Description This command is used to configure the STP version used Format config stp version mstp rstp stp...

Page 498: ... 3160 24PC admin To configure the STP version with the same value of old configuration DWS 3160 24PC admin config stp version mstp Command config stp version mstp Configure value is the same with current value Success DWS 3160 24PC admin 48 12 config stp priority Description This command is used to configure the STP instance s priority Format config stp priority value 0 61440 instance_id value 0 1...

Page 499: ...1 2 Enter the hello time value here This value must be between 1 and 2 forwarddelay Optional The maximum delay time for one BPDU to be transmitted by a bridge and received from another bridge The default value is 15 value 4 30 Enter the maximum delay time here This value must be between 4 and 30 txholdcount Optional Used to restrict the numbers of BPDU transmitted in a time interval value 1 10 Ent...

Page 500: ... be between 1 and 2 migrate Optional Operation of management in order to Specifies the port to send MSTP BPDU for a delay time yes Specifies that the MSTP BPDU for a delay time will be sent no Specifies that the MSTP BPDU for a delay time will not be sent edge Optional To decide if this port is connected to a LAN or a Bridged LAN true Specifies that the specified port s is edge false Specifies tha...

Page 501: ...uto Command config stp ports 1 externalCost auto Success DWS 3160 24PC admin 48 15 config stp mst_ports Description This command is used to configure the ports management parameters Format config stp mst_ports portlist instance_id value 0 15 internalCost auto value 1 200000000 priority value 0 240 Parameters mst_ports Specifies to be distinguished from the parameters of ports only at CIST level po...

Page 502: ...ified Switch CLI Reference Guide 498 Example To configure STP MST ports DWS 3160 24PC admin config stp mst_ports 1 instance_id 0 internalCost auto Command config stp mst_ports 1 instance_id 0 internalCost auto Success DWS 3160 24PC admin ...

Page 503: ...n unicast mode the client use unicast MAC address as the destination MAC to reach the server In multicast mode the client use the multicast MAC address as the destination MAC to reach the server Regarding of the mode this destination MAC is the named the shared MAC The server uses its own MAC address rather than the shared MAC as the source MAC address of the reply packet The NLB multicast FDB ent...

Page 504: ... be deleted vlanid Specifies the VLAN by VLAN ID vlanid Enter the VLAN ID here macaddr Specifies the MAC address of the NLB multicast FDB entry to be deleted Restrictions Only Administrators Operators and Power Users can issue this command Example To delete an NLB multicast FDB entry DWS 3160 24PC admin delete nlb multicast_fdb default 03 bf 01 01 01 01 Command delete nlb multicast_fdb default 03 ...

Page 505: ...forwarding ports to be deleted portlist Enter the list of ports used for this configuration Restrictions Only Administrators Operators and Power Users can issue this command Example To configure NLB multicast MAC forwarding database DWS 3160 24PC admin config nlb multicast_fdb default 03 bf 01 01 01 01 add 1 5 Command config nlb multicast_fdb default 03 bf 01 01 01 01 add 1 5 Success DWS 3160 24PC...

Page 506: ... Series Gigabit Ethernet Unified Switch CLI Reference Guide 502 DWS 3160 24PC admin show nlb fdb Command show nlb fdb MAC Address VLAN ID Egress Ports 03 BF 01 01 01 01 1 1 5 Total Entries 1 DWS 3160 24PC admin ...

Page 507: ...ion cpu ports show utilization dram show utilization flash clear counters ports portlist 50 1 show packet ports Description This command is used to display statistics about the packets sent and received by the Switch Format show packet ports portlist Parameters portlist Specifies a range of ports to be displayed Restrictions None Example To display the packets analysis for port 23 ...

Page 508: ...0 Unicast RX 603 0 Multicast RX 37 0 Broadcast RX 40 0 Frame Type Total Total sec RX Bytes 92853 0 RX Frames 680 0 TX Bytes 682310 0 TX Frames 1042 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 50 2 show error ports Description This command is used to display error statistics for a range of ports Format show errors ports portlist Parameters portlist Specifies a range of ports to ...

Page 509: ... Excessive Collision 0 Jabber 0 Single Collision 0 Drop Pkts 11 Collision 0 Symbol Error 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 50 3 show utilization Description This command is used to display real time CPU or port utilization statistics Format show utilization cpu ports Parameters cpu Specifies to display information regarding the CPU ports Specifies a range of ports to ...

Page 510: ...0 9 0 0 0 10 0 0 0 11 0 0 0 12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0 16 0 0 0 17 0 0 0 18 0 0 0 19 0 0 0 20 0 0 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh To display the CPU utilization DWS 3160 24PC admin show utilization cpu Command show utilization cpu CPU Utilization Five seconds 11 One minute 11 Five minutes 11 DWS 3160 24PC admin 50 4 show utilization dram Description This co...

Page 511: ...m Command show utilization dram DRAM utilization Total DRAM 262144 KB Used DRAM 232732 KB Utilization 88 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 50 5 show utilization flash Description This command is used to display the flash memory utilization Format show utilization flash Parameters None Restrictions None Example To display FLASH utilization ...

Page 512: ...configured The port list is specified by listing the lowest Switch number and the beginning port number on that Switch separated by a colon Then highest Switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separated by a dash portlist Enter a list of ports used for the configuration here If no parameter is s...

Page 513: ... Start or stop remote loopback NOTE When a port is OAM enabled changing the OAM mode will cause the OAM discovery to restart This command is also used to enable or disable a port s Ethernet OAM function Enabling a port s OAM will cause the port if active to start the OAM discovery or it will react to a discovery packet received from the peer Disabling a port s OAM will cause the port to send out a...

Page 514: ...e mode state Specifies the OAM function status enable Specifies to enable the OAM function disable Specifies to disable the OAM function link_monitor Used to detect and indicate link faults under a variety of conditions error_symbol Used to generate an error symbol period event to notify the remote OAM peer threshold Specifies the number of symbol errors in the period that is required to be equal ...

Page 515: ...If start is specified it will request the peer to change to the remote loopback mode stop If stop is specified it will request the peer to change to the normal operation mode received_remote_loopback Specifies receive remote loop back process Specifies to process the received Ethernet OAM remote loopback command ignore Specifies to ignore the received Ethernet OAM remote loopback command The defau...

Page 516: ...itor error_frame_seconds threshold 2 window 10000 notify_state enable Success DWS 3160 24PC admin To configure the error frame threshold to10 and period to 1000000 ms for port 1 DWS 3160 24PC admin config ethernet_oam ports 1 link_monitor error_frame_period threshold 10 window 1000000 notify_state enable Command config ethernet_oam ports 1 link_monitor error_frame_period threshold 10 window 100000...

Page 517: ...ut has not yet accepted or rejected the configuration of the peer o SendLocalAndRemoteOk The local device agrees the OAM peer entity o PeeringLocallyRejected The local OAM entity rejects the remote peer OAM entity o PeeringRemotelyRejected The remote OAM entity rejects the local device o Operational The local OAM entity learns that both it and the remote OAM entity have accepted the peering o NonO...

Page 518: ...n The Switch can buffer 1000 event logs The event log is different from sys log as it provides more detailed information than sys log Each OAM event will be recorded in both OAM event log and syslog Format show ethernet_oam ports portlist status configuration statistics event_log index value_list Parameters portlist Optional Specifies the range of ports to display status Specifies to display the E...

Page 519: ...onse OAMPDU TX 0 Variable Response OAMPDU RX 0 Organization Specific OAMPDUs TX 0 Organization Specific OAMPDUs RX 0 Unsupported OAMPDU TX 0 Unsupported OAMPDU RX 0 Frames Lost Due To OAM 0 DWS 3160 24PC admin 51 3 clear ethernet_oam ports Description This command is used to clear Ethernet OAM information Format clear ethernet_oam ports portlist all event_log statistics Parameters portlist Specifi...

Page 520: ...0 24PC admin clear ethernet_oam ports 1 statistics Command clear ethernet_oam ports 1 statistics Success DWS 3160 24PC admin To clear port 1 OAM events DWS 3160 24PC admin clear ethernet_oam ports 1 event_log Command clear ethernet_oam ports 1 event_log Success DWS 3160 24PC admin ...

Page 521: ...evice_status Description This command is used to display current status of power s and fan s on the Switch Format show device_status Parameters None Restrictions None Example To display the device status DWS 3160 24PC admin show device_status Command show device_status Internal Power Active External Power Fail Right Fan OK DWS 3160 24PC admin 52 2 show environment Description This command is used ...

Page 522: ...onfig temperature threshold Description This command is used to configure the warning threshold for high and low temperature When the temperature is above the high threshold limit or below the low threshold limit the Switch will send out alarm traps or automatically shut the Switch system down Format config temperature threshold high temperature 500 500 low temperature 500 500 Parameters threshold...

Page 523: ...le Parameters trap state Specifies the trap state for the warning temperature event enable Enable trap state for warning temperature event The default state is enabled disable Disable trap state for warning temperature event log state Specifies the log state for the warning temperature event enable Enable log state for warning temperature event The default state is enabled disable Disable log stat...

Page 524: ... 0 will send an infinite ICMP echo messages The maximum value is 255 The default is 0 indicating infinity Press the CTRL C to break the ping test value 1 255 Enter the number of individual ICMP echo messages to be sent here This value must be between 1 and 255 timeout Optional Defines the time out period while waiting for a response from the remote device A value of 1 to 99 seconds can be specifie...

Page 525: ... break the ping test value 1 255 Enter the number of individual ICMP echo messages to be sent here This value must be between 1 and 255 size Optional Size of the test packet value 1 6000 Enter the size of the test packet here This value must be between 1 and 6000 timeout Optional Defines the time out period while waiting for a response from the remote device A value of 1 to 10 seconds can be speci...

Page 526: ...mmand is used to configure the maximum number of port security entries that can be authorized system wide There are four levels of limitations on the learned entry number for the entire system for a port for a VLAN and for a specific VLAN on a port If any limitation is exceeded the new entry will be discarded The setting for system level maximum learned users must be greater than the total of maxi...

Page 527: ...e maximum number of port security entries that can be learned on this port If the value is set to 0 it means that no user can be authorized by the port security function on this port If the setting is smaller than the number of current learned entries on the port the command will be rejected The default value is 32 max_lock_no 0 3072 Enter the maximum number of port security entries that can be le...

Page 528: ...N and a specific VLAN on a port If any limitation is exceeded the new entry will be discarded Format config port_security vlan vlan_name 32 vlanid vidlist max_learning_addr max_lock_no 0 3072 no_limit Parameters vlan Specifies the VLAN by name vlan_name 32 Enter the VLAN name here This name can be up to 32 characters long vlanid Specifies a list of VLANs by VLAN ID vidlist Enter the VLAN ID list h...

Page 529: ...lan_name 32 Enter the VLAN name here This name can be up to 32 characters long vlanid Specifies the VLAN by VLAN ID vlanid 1 4094 Enter the VLAN ID list here This value must be between 1 and 4094 mac_address Specifies the MAC address of the entry macaddr Enter the MAC address used here Restrictions Only Administrators Operators and Power Users can issue this command Example To delete the port secu...

Page 530: ...lear port_security_entry ports 6 Success DWS 3160 24PC admin 54 6 show port_security_entry Description This command is used to display the port security entries If more than one parameter is selected only the entries matching all the selected parameters will be displayed If the user specifies ports and VLANs either the VLAN name or VLAN ID list only the entries matching all the parameters will be ...

Page 531: ...nd show port_security_entry ports MAC Address VID Port Lock Mode 00 11 22 33 32 32 1 23 Permanent 00 22 B0 3C 43 C0 1 23 Permanent 00 22 B0 3C DD C0 1 2 Permanent 00 23 7D BC 2E 18 1 1 Permanent 02 23 7D BC 08 44 1 1 Permanent F0 7D 68 78 92 A4 1 1 Permanent The Total Entry Number 6 DWS 3160 24PC admin 54 7 show port_security Description This command is used to display the port security related in...

Page 532: ...rictions None Example To display the global configuration of port security DWS 3160 24PC admin show port_security Command show port_security Port Security Trap Log Disabled System Maximum Address 256 VLAN Configuration Only VLANs with limitation are displayed VID VLAN Name Max Learning Addr 1 default 64 DWS 3160 24PC admin 54 8 enable port_security trap_log Description This command is used to enab...

Page 533: ...urity trap_log Description This command is used to disable the port security trap log If the port security trap is disabled no trap will be sent out for a MAC violation Format disable port_security trap_log Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To disable the port security trap log DWS 3160 24PC admin disable port_security trap_lo...

Page 534: ...hen the power budget is running out When the system attempts to supply power to a new port if the power budget is insufficient to do this PoE controller will initiate port disconnection procedure to prevent overloading the power supply The controller uses one of the following two ways to perform the disconnection procedure deny_next_port The port with max port number will be denied regardless of i...

Page 535: ...ip vendor Class 0 15400mW Class 1 4000mW Class 2 7000mW Class 3 15400mW Other than these four pre defined settings users can directly specify any value that the chip supports Normally the minimum setting is 1000mW and the maximum setting is 15400mW for 802 3af and 35000mW for 802 3at Format config poe ports all portlist state enable disable time_range range_name 32 clear_time_range priority critic...

Page 536: ...1 Specifies that the power limit will be set to class 1 class_2 Specifies that the power limit will be set to class 2 class_3 Specifies that the power limit will be set to class 3 user_define Optional Specifies that a user defined per port power limit will be used value 1000 35000 Enter the user defined per port power limit here This value must be between 1000 and 35000 Restrictions Only Administr...

Page 537: ...ethod Deny Low Priority Port Detection Legacy PD Disabled If Power Disconnection Method is set to deny next port then the system can not utilize out of its maximum power capacity The maximum unused watt is 19W DWS 3160 24PC admin 55 4 show poe ports Description This command is used to display the configuration and actual values of the PoE port s Format show poe ports portlist Parameters portlist O...

Page 538: ...s 1 0 0 0 0 OFF Interim state during line detection 2 Enabled Critical 4000 Class 1 3 0 0 0 OFF Overload state according to 802 3af 3 Enabled Critical 4000 Class 1 0 0 0 0 OFF Interim state during line detection 4 Enabled Critical 4000 Class 1 0 0 0 0 OFF Interim state during line detection 5 Enabled Critical 1000 User defined 0 0 0 0 OFF Interim state during line detection 6 Enabled Low 15400 Cla...

Page 539: ...t the port capabilities while it s link up When the port is link up for shorter cable the power consumption can be reduced by lowering the signal amplitude since the signal attenuation is proportional to the cable length The port will adjust the power based on cable length and still maintain error free applications from both side of the link This mechanism will only be supported when hardware supp...

Page 540: ...160 24PC admin 56 2 show power_saving Description This command is used to display the current state of power saving Format show power_saving Parameters None Restrictions None Example This example display the power saving function setting DWS 3160 24PC admin show power_saving Command show power_saving Power Saving State Enabled Length Detection State Disabled DWS 3160 24PC admin ...

Page 541: ...group_id id group_name name 32 Parameters group_id The ID of protocol group which is used to identify a set of protocols id Enter the group ID used here group_name Optional The name of the protocol group The maximum length is 32 chars If group name is not specified the group name will be automatically generated in accordance with ProtocolGroup group_id For example the auto generated name for group...

Page 542: ... protocol will be added to the specified group delete Specifies that the protocol will be removed from the specified group protocol The protocol value is used to identify a protocol of the frame type specified ethernet_2 Specifies that the Ethernet 2 protocol will be used ieee802 3_snap Specifies that the IEEE 802 3 Snap protocol will be used ieee802 3_llc Specifies that the IEEE 802 3 LLC protoco...

Page 543: ...e dot1v_protocol_group group_id 100 Command delete dot1v_protocol_group group_id 100 Success DWS 3160 24PC admin 57 4 show dot1v_protocol_group Description This command is used to display the protocols defined in a protocol group Format show dot1v_protocol_group group_id id group_name name 32 Parameters group_id Optional Specifies the ID of the group to be displayed id Enter the group ID used here...

Page 544: ...figuration add Specifies that the group specified will be added protocol_group Specifies that parameters for the group will follow group_id Specifies the group ID of the protocol group id Enter the group ID used here group_name Specifies the name of the protocol group name 32 Enter the name of the group used here This name can be up to 32 characters long vlan The VLAN that is to be associated with...

Page 545: ...show port dot1v Description This command is used to display the VLAN associated with untagged packet ingressed from a port based on the protocol group Format show port dot1v ports portlist Parameters ports Optional Specifies a range of ports to be displayed portlist Enter a list of ports used for the configuration here If not port is specified information for all ports will be displayed Restrictio...

Page 546: ...n_translation ports portlist cvid vidlist 58 1 enable qinq Description This command is used to enable QinQ When QinQ is enabled all network port roles will be NNI ports and outer TPID will be set to 0x88A8 all existing static VLANs will run as S VLAN all dynamic learned Layer 2 address will be cleared all dynamic registered VLAN entries will be cleared and GVRP will be disabled To run GVRP on the ...

Page 547: ...s Only Administrators Operators and Power Users can issue this command Example To disable QinQ DWS 3160 24PC admin disable qinq Command disable qinq Success DWS 3160 24PC admin 58 3 config qinq inner_tpid Description The command is used to configure the inner TPID of the system The inner TPID is used to decide if the ingress packet is c tagged Inner tag TPID is per system configurable Format confi...

Page 548: ...mer network nni Specifies that the port is connecting to the service provider network missdrop Optional Specifies the state of the miss drop of ports option enable Specifies that the miss drop of ports option will be enabled disable Specifies that the miss drop of ports option will be disabled outer_tpid Optional Specifies the outer TPID of a port hex 0x1 0xffff Enter the outer TPID value used her...

Page 549: ... 24PC admin 58 5 show qinq Description This command is used to display the global QinQ status Format show qinq Parameters None Restrictions None Example To display the global QinQ status DWS 3160 24PC admin show qinq Command show qinq QinQ Status Enabled DWS 3160 24PC admin 58 6 show qinq inner_tpid Description This command is used to display the inner TPID of a system Format show qinq inner_tpid ...

Page 550: ...and show qinq inner_tpid Inner TPID 0x9100 DWS 3160 24PC admin 58 7 show qinq ports Description This command is used to display the QinQ configuration of the ports Format show qinq ports portlist Parameters ports Specifies a list of ports to be displayed portlist Optional Enter the list of ports to be displayed here Restrictions None Example To display the QinQ mode for ports 1 2 ...

Page 551: ...stripped Format create vlan_translation ports portlist all add cvid vidlist replace cvid vlanid 1 4094 svid vlanid 1 4094 priority priority 0 7 Parameters ports Specifies a list of ports to be configured portlist Enter the list of ports to be configured here all Specifies that all the ports will be used for the configuration add Specifies to add an S Tag to the packet cvid Specifies the customer V...

Page 552: ...mand create vlan_translation ports 1 add cvid 3 svid 2 Success DWS 3160 24PC admin 58 9 delete vlan_translation ports Description This command is used to delete translation relationships between the C VLAN and the S VLAN Format delete vlan_translation ports portlist all cvid vidlist Parameters ports Specifies a list of ports to be configured portlist Enter the list of ports to be configured here a...

Page 553: ... show vlan_translation ports portlist cvid vidlist Parameters ports Optional Specifies a list of ports to be displayed portlist Enter the list of ports to be displayed here cvid Optional Specifies the rules for the specified CVIDs vidlist Enter the CVID value used here Restrictions None Example To display C VLANs based on VLAN translation rules in the system DWS 3160 24PC admin show vlan_translati...

Page 554: ...ority dscp_dscp dscp dscp_list 59 1 config bandwidth_control Description This command is used to configure the port bandwidth limit control Format config bandwidth_control portlist all rx_rate no_limit value 64 1024000 tx_rate no_limit value 64 1024000 Parameters portlist Specifies a range of ports to be configured all Specifies that all the ports will be used for this configuration rx_rate Option...

Page 555: ...e RADIUS server through the authentication process If RADIUS server has assigned the bandwidth then the RADIUS assigned bandwidth will be the effective bandwidth The authentication with the RADIUS sever can be per port or per user For per user authentication there may be multiple bandwidth control values assigned when there are multiple users attached to this specific port In this case the largest...

Page 556: ...l ports in the system you may use all parameter If no parameter is specified system will set all ports cos_id_list 0 7 Specifies a list of priority queues The priority queue number is ranged from 0 to 7 min_rate Optional Specifies that one of the parameters below no_limit or value m n will be applied to the mini rate at which the above specified class will be allowed to receive packets no_limit Sp...

Page 557: ...er_queue bandwidth_control ports 1 10 1 min_rate 130 max_rate 1000 Granularity TX 64 Actual Rate MIN 128 MAX 960 Success DWS 3160 24PC admin 59 4 show per_queue bandwidth_control Description This command is used to display the per port CoS bandwidth control settings Format show per_queue bandwidth_control portlist Parameters portlist Optional Specifies a range of ports to be displayed If no parame...

Page 558: ...rs ports Specifies a range of ports to be configured portlist Enter the list of port used for this configuration here class_id 0 7 This specifies the 8 hardware priority queues which the config scheduling command will apply to The four hardware priority queues are identified by number from 0 to 7 with the 0 queue being the lowest priority strict The queue will operate in strict mode weight Specifi...

Page 559: ...s strict All queues operate in strict mode wrr Each queue operates based on its setting Restrictions Only Administrators Operators and Power Users can issue this command Example To configure the traffic scheduling mechanism for each CoS queue DWS 3160 24PC admin config scheduling_mechanism strict Command config scheduling_mechanism strict Success DWS 3160 24PC admin To configure the traffic schedu...

Page 560: ...ues for example DWS 3160 24PC admin show scheduling 1 Command show scheduling 1 QOS Output Scheduling On Port 1 Class ID Weight Class 0 1 Class 1 2 Class 2 3 Class 3 4 Class 4 5 Class 5 6 Class 6 7 Class 7 8 DWS 3160 24PC admin 59 8 show scheduling_mechanism Description This command is used to display the traffic scheduling mechanism Format show scheduling_mechanism portlist Parameters portlist Op...

Page 561: ...s available on the Switch Format config 802 1p user_priority priority 0 7 class_id 0 7 Parameters priority 0 7 The 802 1p user priority you want to associate with the class_id the number of the hardware queue with class_id 0 7 The number of the Switch s hardware priority queue The Switch has 8 hardware priority queues available They are numbered between 0 the lowest priority and 7 the highest prio...

Page 562: ...ow 802 1p user_priority QOS Class of Traffic Priority 0 Class 2 Priority 1 Class 3 Priority 2 Class 1 Priority 3 Class 3 Priority 4 Class 4 Priority 5 Class 5 Priority 6 Class 6 Priority 7 Class 7 DWS 3160 24PC admin 59 11 config 802 1p default_priority Description This command is used to configure the 802 1p default priority settings on the Switch If an untagged packet is received by the Switch t...

Page 563: ...e To configure the 802 1p default priority settings on the Switch DWS 3160 24PC admin config 802 1p default_priority all 5 Command config 802 1p default_priority all 5 Success DWS 3160 24PC admin 59 12 show 802 1p default_priority Description This command is used to display the current configured default priority settings on the Switch The default priority can also be assigned by the RADIUS server...

Page 564: ..._priority 1 10 Port Priority Effective Priority 1 5 5 2 5 5 3 5 5 4 5 5 5 5 5 6 5 5 7 5 5 8 5 5 9 5 5 10 5 5 DWS 3160 24PC admin 59 13 enable hol_prevention Description This command is used to enable head of line HOL prevention on the Switch Format enable hol_prevention Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To enable HOL preventio...

Page 565: ...evention on the Switch Format disable hol_prevention Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To disable HOL prevention on the Switch DWS 3160 24PC admin disable hol_prevention Command disable hol_prevention Success DWS 3160 24PC admin 59 15 show hol_prevention Description This command is used to display the HOL prevention state on t...

Page 566: ...g dscp trust portlist all state enable disable Parameters portlist Enter the list of port used for this configuration here all Specifies that the command apply to all ports on the Switch state Enable or disable to trust DSCP By default DSCP trust is disabled enable Specifies that the DSCP trust state will be enabled disable Specifies that the DSCP trust state will be disabled Restrictions Only Adm...

Page 567: ...t DSCP Trust 1 Enabled 2 Enabled 3 Enabled 4 Enabled 5 Enabled 6 Enabled 7 Enabled 8 Enabled DWS 3160 24PC admin 59 18 config dscp map Description This command is used to configure the mapping of DSCP priorities The mapping of DSCP to priority will be used to determine the priority of the packet which will be then used to determine the scheduling queue when the port is in DSCP trust state The mapp...

Page 568: ...lt priority of mapping dscp_dscp Specifies a list of DSCP value to be mapped to a specific DSCP dscp_list Enter the DSCP to DSCP list here to Specifies that the above or following parameter will be mapped to the previously mentioned parameter dscp 0 63 Specifies the result DSCP of mapping Restrictions Only Administrators Operators and Power Users can issue this command Example To configure the map...

Page 569: ...mapped to a specific DSCP dscp Optional This specifies DSCP value that will be mapped dscp_list Enter the DSCP list here Restrictions Only Administrators Operators and Power Users can issue this command Example To display DSCP map configuration on port 1 DWS 3160 24PC admin show dscp map 1 dscp_dscp Command show dscp map 1 dscp_dscp DSCP to DSCP Mapping Port 1 0 1 2 3 4 5 6 7 8 9 0 0 1 2 3 4 5 6 7...

Page 570: ...ror packets to a remote Switch A packet travels from the Switch where the monitored packet is received passing through the intermediate Switch and then to the Switch where the sniffer is attached The first Switch is also named the source Switch To make the RSPAN function work the RSPAN VLAN source setting must be configured on the source Switch For the intermediate and the last Switch the RSPAN VL...

Page 571: ...d to disable the RSPAN function Format disable rspan Parameters None Restrictions Only Administrators and Operators can issue this command Example To disable the RSPAN function DWS 3160 24PC admin disable rspan Command disable rspan Success DWS 3160 24PC admin 60 3 create rspan vlan Description This command is used to create an RSPAN VLAN Up to 16 RSPAN VLANs can be created Format create rspan vla...

Page 572: ...n_name v2 Command create rspan vlan vlan_name v2 Success DWS 3160 24PC admin To create an RSPAN VLAN entry by VLAN ID 3 DWS 3160 24PC admin create rspan vlan vlan_id 3 Command create rspan vlan vlan_id 3 Success DWS 3160 24PC admin 60 4 delete rspan vlan Description This command is used to delete an RSPAN VLAN Format delete rspan vlan vlan_name vlan_name vlan_id value 1 4094 Parameters vlan_name D...

Page 573: ...AN ID value 1 4094 Enter the VLAN ID here This value must be between 1 and 4094 redirect Specifies output portlist for the RSPAN VLAN packets If the redirect port is a Link Aggregation port there will perform the Link Aggregation behavior for RSPAN packets add Specifies to add output ports for the RSPAN VLAN packets delete Specifies to delete output ports for the RSPAN VLAN packets ports Specifies...

Page 574: ...n vlan_id 2 source Command config rspan vlan vlan_id 2 source Success DWS 3160 24PC admin To add redirect ports for special RSPAN VLAN on intermediate or destination Switch DWS 3160 24PC admin config rspan vlan vlan_name v2 redirect add ports 18 19 Command config rspan vlan vlan_name v2 redirect add ports 18 19 Success DWS 3160 24PC admin config rspan vlan vlan_id 2 redirect add ports 18 19 Comman...

Page 575: ...s the RSPAN VLAN by VLAN ID value 1 4094 Enter the VLAN ID here This value must be between 1 and 4094 Restrictions None Example To display the RSPAN settings DWS 3160 24PC admin show rspan Command show rspan RSPAN Enabled RSPAN VLAN ID 2 Source Port RX 2 5 TX Redirect Port 18 19 RSPAN VLAN ID 3 Total RSPAN VLAN 2 DWS 3160 24PC admin ...

Page 576: ...old the range is between 20 100 if the CPU utilization is lower than the falling threshold the Switch enters normal mode 20 100 Enter the utilization falling value here This value must be between 20 and 100 trap_log Optional Configure the state of CPU protection related trap log mechanism to enable or disable If set to enable trap and log will be active while cpu protection current mode changed If...

Page 577: ...iption This command is used to display safeguard engine information Format show safeguard_engine Parameters None Restrictions None Example To display safeguard_engine information DWS 3160 24PC admin show safeguard_engine Command show safeguard_engine Safeguard Engine State Enabled Safeguard Engine Current Status Normal Mode CPU Utilization Information Rising Threshold 50 Falling Threshold 30 Trap ...

Page 578: ...four blowfish cast128 twofish128 twofish192 twofish256 MD5 SHA1 RSA DSA enable disable Parameters 3DES The 3DES cipher is three key triple DES encrypt decrypt encrypt where the first 8 bytes of the key are used for the first encryption the next 8 bytes for the decryption and the following 8 bytes for the final encryption AES 128 192 256 Advanced Encryption Standard arcfour RC4 also known as ARC4 o...

Page 579: ...orithm DWS 3160 24PC admin config ssh algorithm DSA enable Command config ssh algorithm DSA enable Success DWS 3160 24PC admin 62 2 show ssh algorithm Description This command is used to display the SSH service algorithm Format show ssh algorithm Parameters None Restrictions None Example To display server algorithm ...

Page 580: ...abled Public Key Algorithm RSA Enabled DSA Enabled DWS 3160 24PC admin 62 3 config ssh authmode Description This command is used to configure the user authentication method for SSH Format config ssh authmode password publickey hostbased enable disable Parameters password Specifies user authentication method publickey Specifies user authentication method hostbased Specifies user authentication meth...

Page 581: ...authentication method Format show ssh authmode Parameters None Restrictions None Example To display user authentication method DWS 3160 24PC admin show ssh authmode Command show ssh authmode The SSH Authentication Method Password Enabled Public Key Enabled Host based Enabled DWS 3160 24PC admin 62 5 config ssh user Description This command is used to configure user information for SSH Format confi...

Page 582: ...ss if configuring Host based method ipv6addr Specifies host IPv6 address if configuring Host based method password Specifies user authentication method publickey Specifies user authentication method Restrictions Only Administrators can issue this command Example To update the user called superuser authentication method DWS 3160 24PC admin config ssh user superuser authmode publickey Command config...

Page 583: ...ction time out in the unit of second sec 120 600 Enter the connection time out value here This value must be between 120 and 600 seconds authfail Optional Specifies user maximum fail attempts int 2 20 Enter the user maximum fail attempts value here This value must be between 2 and 20 rekey Optional Specifies time to re generate session key There are 10 minutes 30 minutes 60 minutes and never for t...

Page 584: ...n 62 8 enable ssh Description This command is used to enable SSH server services When enabling SSH TELNET will be disabled Format enable ssh Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To enable the SSH server DWS 3160 24PC admin enable ssh Command enable ssh Success DWS 3160 24PC admin 62 9 disable ssh Description This command is used ...

Page 585: ...and disable ssh Success DWS 3160 24PC admin 62 10 show ssh server Description This command is used to display the SSH server general information Format show ssh server Parameters None Restrictions None Example To display SSH server DWS 3160 24PC admin show ssh server Command show ssh server The SSH Server Configuration Maximum Session 3 Connection Timeout 120 Authentication Fail Attempts 2 Rekey T...

Page 586: ...DWS 3160 Series Gigabit Ethernet Unified Switch CLI Reference Guide 582 ...

Page 587: ...user can download the specified certificate to the device which must according to desired key exchange algorithm For RSA key exchange the user must download RSA type certificate and for DHS_DSS is using the DSA certificate for key exchange Format download ssl certificate ipaddr certfilename path_filename 64 keyfilename path_filename 64 Parameters ipaddr Enter the TFTP server IP address used for th...

Page 588: ...h_3DES_EDE_CBC_SHA DHE_DSS_with_3DES_EDE_CBC_SHA RSA_EXPORT_with_RC4_40_MD5 Parameters ciphersuite Optional Specifies the cipher suite combination used for this configuration RSA_with_RC4_128_MD5 Indicate RSA key exchange with RC4 128 bits encryption and MD5 hash RSA_with_3DES_EDE_CBC_SHA Indicate RSA key exchange with 3DES_EDE_CBC encryption and SHA hash DHE_DSS_with_3DES_EDE_CBC_SHA Indicate DH ...

Page 589: ...meters ciphersuite Optional Specifies the cipher suite combination used for this configuration RSA_with_RC4_128_MD5 Indicate RSA key exchange with RC4 128 bits encryption and MD5 hash RSA_with_3DES_EDE_CBC_SHA Indicate RSA key exchange with 3DES_EDE_CBC encryption and SHA hash DHE_DSS_with_3DES_EDE_CBC_SHA Indicate DH key exchange with 3DES_EDE_CBC encryption and SHA hash RSA_EXPORT_with_RC4_40_MD...

Page 590: ...cate RSA type or DSA type certificate Format show ssl certificate Parameters certificate Optional Specifies that the SSL certificate will be displayed Restrictions None Example To display SSL DWS 3160 24PC admin show ssl Command show ssl SSL Status Enabled RSA_WITH_RC4_128_MD5 Enabled RSA_WITH_3DES_EDE_CBC_SHA Enabled DHE_DSS_WITH_3DES_EDE_CBC_SHA Enabled RSA_EXPORT_WITH_RC4_40_MD5 Enabled DWS 316...

Page 591: ...eout DWS 3160 24PC admin show ssl cachetimeout Command show ssl cachetimeout Cache timeout is 600 second s DWS 3160 24PC admin 63 6 config ssl cachetimeout Description This command is used to configure the cached timeout value which is designed for the dlktimer library to remove the session ID after expiration In order to support the resume session feature the SSL library keeps the session ID in w...

Page 592: ...h CLI Reference Guide 588 Restrictions Only Administrators can issue this command Example To configure the SSL cache timeout value to 60 DWS 3160 24PC admin config ssl cachetimeout 60 Commands config ssl cachetimeout 60 Success DWS 3160 24PC admin ...

Page 593: ...analyzer_server 64 1 create sflow flow_sampler Description This command is used to create the sFlow flow sampler By configuring the sampling function for a port a sample packet received by this port will be encapsulated and forwarded to analyzer server at the specified interval Format create sflow flow_sampler ports portlist all analyzer_server_id value 1 4 rate value 0 65535 maxheadersize value 1...

Page 594: ... rate value 0 65535 maxheadersize value 18 256 Parameters ports Specifies the list of ports to be configured portlist Enter the list of ports that will be used for this configuration here all Specifies all ports on the Switch rate Optional The sampling rate for packet Rx sampling If set to 0 the sampler is disabled If the rate is not specified its default value is 0 value 0 65535 Enter the samplin...

Page 595: ...t Enter the list of ports that will be used for this configuration here all Specifies all ports on the Switch Restrictions Only Administrators and Operators can issue this command Example To delete the sFlow sampler port 1 DWS 3160 24PC admin delete sflow flow_sampler ports 1 Command delete sflow flow_sampler ports 1 Success DWS 3160 24PC admin 64 4 create sflow counter_poller Description This com...

Page 596: ...ample To create an sFlow counter poller which sample port 1 to analyzer server 1 DWS 3160 24PC admin create sflow counter_poller ports 1 analyzer_server_id 1 Command create sflow counter_poller ports 1 analyzer_server_id 1 Success DWS 3160 24PC admin 64 5 config sflow counter_poller Description This command is used to configure the sFlow counter poller parameters If the user wants the change the a...

Page 597: ...ifies the list of ports to delete the counter poller portlist Enter the list of ports that will be used for this configuration here all Specifies all ports on the Switch Restrictions Only Administrators and Operators can issue this command Example To delete sFlow counter poller on port 1 DWS 3160 24PC admin delete sflow counter_poller ports 1 Command delete sflow counter_poller ports 1 Success DWS...

Page 598: ...s is 0 and the entry is not active ipaddr Enter the IP address used for the configuration here collectorport Optional The destination UDP port for sending the sFlow datagram If not specified the default value is 6364 The specified UDP port number can NOT conflict with other applications udp_port_number 1 65535 Enter the destination UDP port number here This value must be between 1 and 65535 maxdat...

Page 599: ...kets will not be sent to this server ipaddr Enter the IP address used for the configuration here collectorport Optional The destination UDP port for sending the sFlow datagram If not specified the default value is 6364 udp_port_number 1 65535 Enter the destination port number here This value must be between 1 and 65535 maxdatagramsize Optional The maximum number of data bytes that can be packed in...

Page 600: ...e this command Example To delete an analyzer server DWS 3160 24PC admin delete sflow analyzer_server 1 Command delete sflow analyzer_server 1 Success DWS 3160 24PC admin 64 10 enable sflow Description This command is used to enable the sFlow function on the Switch Format enable sflow Parameters None Restrictions Only Administrators and Operators can issue this command Example To enable sFlow globa...

Page 601: ... Only Administrators and Operators can issue this command Example To disable the sFlow globally DWS 3160 24PC admin disable sflow Command disable sflow Success DWS 3160 24PC admin 64 12 show sflow Description This command is used to display the sFlow information Format show sflow Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To display th...

Page 602: ...of packets sent to the CPU when the rate of traffic to the CPU is high the sampling rate will be decreased This is specified as the active rate Format show sflow flow_sampler Parameters None Restrictions Only Administrators Operators and Power Users can issue this command Example To display the sFlow flow sampler information of ports which have been created DWS 3160 24PC admin show sflow flow_samp...

Page 603: ...ler Port Analyzer Server ID Polling Interval sec 1 1 Disable Total Entries 1 DWS 3160 24PC admin 64 15 show sflow analyzer_server Description This command is used to display the sFlow analyzer server information The Timeout field specifies the time configured by user The Current Countdown Time is the current time remaining before the server timeout Format show sflow analyzer_server Parameters None...

Page 604: ...sFlow Analyzer_server Information Server ID 1 Owner sflowowner Timeout 400 Current Countdown Time 361 Collector Address 10 90 90 90 Collector Port 6343 Max Datagram Size 1400 Server ID 2 Owner monitor Timeout Infinite Current Countdown Time Infinite Collector Address 10 0 0 1 Collector Port 65524 Max Datagram Size 300 Total Entries 2 DWS 3160 24PC admin ...

Page 605: ...h_support_toTFTP ipaddr path_filename 64 65 1 show tech_support Description This command is used by the technical support personnel to dump the device overall operation information Format show tech_support Parameters None Restrictions Only Administrators and Operators can issue this command Example To display the information of technique s support ...

Page 606: ...xt 16 2000 01 15 00 20 08 INFO 6 Successful Enable Admin through Console authenticated by AAA local_enable method Username power 15 2000 01 15 00 20 02 INFO 6 Successful login through Console authenticated by AAA local method Username power 14 2000 01 15 00 20 00 INFO 6 Logout through Console Username admin 13 2000 01 15 00 19 59 INFO 6 Configuration saved to flash by console Username admin 12 200...

Page 607: ...to store the information of technique s support in TFTP server The max size of the file name is 64 Restrictions Only Administrators and Operators can issue this command Example To upload the technical information DWS 3160 24PC admin upload tech_support_to_TFTP 10 0 0 66 tech_report txt Command upload tech_support_to_TFTP 10 0 0 66 tech_report txt Connecting to server Done Upload techsupport file D...

Page 608: ...type included excluded delete snmp view view_name 32 all oid show snmp view view_name 32 create snmp host ipaddr v6host ipv6addr v1 v2c v3 noauth_nopriv auth_nopriv auth_priv auth_string 32 delete snmp host ipaddr v6host ipv6addr show snmp host ipaddr show snmp v6host ipv6addr config snmp engineID snmp_engineID 10 64 show snmp engineID enable snmp disable snmp config snmp system_name sw_name confi...

Page 609: ...aracters used to authentication of users wanting access to the Switch s SNMP agent community_string Enter the community string value here view_name Specifies to view a MIB name view_name 32 Enter the MIB view name here This name can be up to 32 characters long readonly Allows the user using the above community string to have read only access to the Switch s SNMP agent readwrite Allows the user usi...

Page 610: ... command Example To delete a SNMP community System DWS 3160 24PC admin delete snmp community System Command delete snmp community System Success DWS 3160 24PC admin 66 3 show snmp community Description This command is used to display the community string configurations Format show snmp community community_string 32 Parameters community_string 32 Optional Specifies the Community string If not Speci...

Page 611: ...Optional Indicate input password for authentication and privacy auth Initiates an authentication level setting session The options are md5 and sha md5 The HMAC MD5 96 authentication level auth_password 8 16 Enter the MD5 authentication password here This value must be between 8 and 16 characters sha The HMAC SHA 96 authentication level auth_password 8 20 Enter the SHA authentication password here ...

Page 612: ...eate snmp user user123 group123 encrypted by_password auth md5 12345678 priv des 12345678 Command create snmp user user123 group123 encrypted by_password auth md5 12345678 priv des 12345678 Success DWS 3160 24PC admin 66 5 delete snmp user Description This command is used to remove a user from an SNMP group and delete the associated group in SNMP group Format delete snmp user username 32 Parameter...

Page 613: ...dmin show snmp user Command show snmp user Username Group Name VerAuthPriv initial initial V3 NoneNone user123 group123 V3 MD5 DES Total Entries 2 DWS 3160 24PC admin 66 7 create snmp group Description This command is used to create a new SNMP group or a table that maps SNMP users to SNMP views Format create snmp group groupname 32 v1 v2c v3 noauth_nopriv auth_nopriv auth_priv read_view view_name ...

Page 614: ...ld be write view_name 32 Enter the write view name here This name can be up to 32 characters long notify_view Optional Specifies that the view name would be notify view_name 32 Enter the notify view name here This name can be up to 32 characters long Restrictions Only Administrators can issue this command Example To create SNMP group group123 DWS 3160 24PC admin create snmp group group123 v3 auth_...

Page 615: ...e snmp group group123 Command delete snmp group group123 Success DWS 3160 24PC admin 66 9 show snmp groups Description This command is used to display the names of groups on the Switch and the security model level the status of the different views Format show snmp groups Parameters None Restrictions None Example To display SNMP groups ...

Page 616: ...Name Notify View Name CommunityView Securiy Model SNMPv1 Securiy Level NoAuthNoPriv CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 66 10 create snmp view Description This command is used to assign views to community strings to limit which MIB objects an SNMP manager can access Format create snmp view view_name 32 oid view_type included excluded Parameters view View name to be created v...

Page 617: ...mp view view_name 32 all oid Parameters view View name to be deleted view_name 32 Enter the view name here The name can be up to 32 characters long all Specifies that all view records will be removed oid Object Identified tree MIB tree Restrictions Only Administrators can issue this command Example To delete SNMP view view123 DWS 3160 24PC admin delete snmp view view123 all Command delete snmp vie...

Page 618: ...d CommunityView 1 Included CommunityView 1 3 6 1 6 3 Excluded CommunityView 1 3 6 1 6 3 1 Included Total Entries 9 DWS 3160 24PC admin 66 13 create snmp Description This command is used to create a recipient of an SNMP trap operation Format create snmp host ipaddr v6host ipv6addr v1 v2c v3 noauth_nopriv auth_nopriv auth_priv auth_string 32 Parameters host Specifies the recipient for which the trap...

Page 619: ...trators can issue this command Example To create SNMP host 10 0 0 1 with community string public DWS 3160 24PC admin create snmp host 10 0 0 1 v1 public Command create snmp host 10 0 0 1 v1 public Success DWS 3160 24PC admin 66 14 delete snmp Description This command is used to delete a recipient of an SNMP trap operation Format delete snmp host ipaddr v6host ipv6addr Parameters host The IP addres...

Page 620: ...ess of the recipient for which the traps are targeted ipaddr Enter the IP address used for the configuration here If no parameter specified all SNMP hosts will be displayed Restrictions None Example To display SNMP host s DWS 3160 24PC admin show snmp host Command show snmp host SNMP Host Table Host IP Address SNMP Version Community Name SNMPv3 User Name 10 0 0 1 V1 public Total Entries 1 DWS 3160...

Page 621: ...E 3 SNMP Version V3 na np Community Name SNMPv3 User Name initial Host IPv6 Address 3FFE 2 SNMP Version V2c Community Name SNMPv3 User Name private Host IPv6 Address 3FFE 1 SNMP Version V1 Community Name SNMPv3 User Name public Host IPv6 Address 3FFE 3 SNMP Version V3 a np Community Name SNMPv3 User Name user123 Host IPv6 Address 3FFE 3 SNMP Version V3 a p Community Name SNMPv3 User Name user234 T...

Page 622: ...D 1023457890 Command config snmp engineID 1023457890 Success DWS 3160 24PC admin 66 18 show snmp engineID Description This command is used to display the identification of the SNMP engine on the Switch The default value is suggested in RFC2271 The very first bit is 1 and the first four octets are set to the binary equivalent of the agent s SNMP management private enterprise number as assigned by I...

Page 623: ...ble snmp Description This command is used to enable the SNMP function Format enable snmp Parameters None Restrictions Only Administrators and Operators can issue this command Example To enable SNMP DWS 3160 24PC admin enable snmp Command enable snmp Success DWS 3160 24PC admin 66 20 disable snmp Description This command is used to disable the SNMP function Format disable snmp Parameters None ...

Page 624: ...tch Format config snmp system_name sw_name Parameters system_name A maximum of 128 characters is allowed And NULL string is accepted sw_name Optional Enter the system name used here Restrictions Only Administrators and Operators can issue this command Example To configure the Switch name for Technical DWS 3160 24PC admin config snmp system_name Technical Command config snmp system_name Technical S...

Page 625: ...snmp system_location HQ 5F Success DWS 3160 24PC admin 66 23 config snmp system_contact Description This command is used to enter the name of a contact person who is responsible for the Switch Format config snmp system_contact sw_contact Parameters system_contact A maximum of 128 characters is allowed And NULL string is accepted sw_contact Optional Enter the system contact string here Restrictions...

Page 626: ... Operators can issue this command Example To enable SNMP trap support DWS 3160 24PC admin enable snmp traps Command enable snmp traps Success DWS 3160 24PC admin 66 25 disable snmp traps Description This command is used to disable SNMP trap support on the Switch Format disable snmp traps Parameters None Restrictions Only Administrators and Operators can issue this command Example To prevent SNMP t...

Page 627: ... support Format enable snmp authenticate_traps Parameters None Restrictions Only Administrators and Operators can issue this command Example To enable SNMP authentication trap support DWS 3160 24PC admin enable snmp authenticate_traps Command enable snmp authenticate_traps Success DWS 3160 24PC admin 66 27 disable snmp authenticate_traps Description This command is used to disable SNMP authenticat...

Page 628: ...linkchange_traps Description This command is used to configure the sending of link change traps Format enable snmp linkchange_traps Parameters None Restrictions Only Administrators and Operators can issue this command Example To enable the sending of link change traps DWS 3160 24PC admin enable snmp linkchange_traps Command enable snmp linkchange_traps Success DWS 3160 24PC admin 66 29 disable snm...

Page 629: ...onfigure the sending of link change traps and per port control for sending of change trap Format config snmp linkchange_traps ports all portlist enable disable Parameters all Specifies all ports portlist Specifies a port range enable Enable sending of the link change trap for this port disable Disable sending of the link change trap for this port Restrictions Only Administrators can issue this com...

Page 630: ...ns Only Administrators can issue this command Example To configure the trap for cold start event DWS 3160 24PC admin config snmp coldstart_traps enable Command config snmp coldstart_traps enable Success DWS 3160 24PC admin 66 32 config snmp warmstart_traps Description This command is used to configure the trap state for warm start event Format config snmp warmstart_traps enable disable Parameters ...

Page 631: ...ps ports portlist Parameters linkchange_traps Optional Specifies that the SNMP trap sending status will be displayed ports Optional Specifies the ports for the display portlist Enter the list of ports used for the display here Restrictions None Example To display the SNMP traps information DWS 3160 24PC admin show snmp traps Command show snmp traps SNMP Traps Enabled Authenticate Trap Enabled Link...

Page 632: ... for falling alarm The default state is enabled enable Specifies that the falling alarm function will be enabled disable Specifies that the falling alarm function will be disabled Restrictions Only Administrators can issue this command Example To configure the trap state for RMON events DWS 3160 24PC admin config rmon trap rising_alarm disable Command config rmon trap rising_alarm disable Success ...

Page 633: ...WS 3160 Series Gigabit Ethernet Unified Switch CLI Reference Guide 629 DWS 3160 24PC admin show rmon Command show rmon RMON Rising Alarm Trap Disabled RMON Falling Alarm Trap Enabled DWS 3160 24PC admin ...

Page 634: ...ec 30 90 hold_time sec 100 255 download sim_ms firmware_from_tftp configuration_from_tftp ipaddr path_filename members mslist 1 4 all upload sim_ms configuration_to_tftp log_to_tftp ipaddr path_filename members mslist all 67 1 enable sim Description This command is used to enable the Single IP Management SIM feature on the Switch Format enable sim Parameters None Restrictions Only Administrators c...

Page 635: ... sim candidates candidate_id 1 100 members member_id 1 4 group commander_mac macaddr neighbor Parameters candidates Optional Specifies the candidate devices candidate_id 1 100 Enter the candidate device ID here This value must be between 1 and 100 members Optional Specifies the member devices member_id 1 4 Enter the member device ID here This value must be between 1 and 4 group Optional Specifies ...

Page 636: ...user Specifies candidate id it would display information in detail DWS 3160 24PC admin show sim candidates Command show sim candidates ID MAC Address Platform Hold Firmware Device Name Capability Time Version 1 00 11 22 33 32 32 DWS 3160 24TC L2 Switch 80 1 00 034 Total Entries 1 DWS 3160 24PC admin To display the member information in summary if user Specifies member id it will display informatio...

Page 637: ...ember Info 1 1 MAC Address 00 11 22 33 32 32 DWS 3160 24PC admin To display neighbor table of SIM DWS 3160 24PC admin show sim neighbor Command show sim neighbor Neighbor Info Table Port MAC Address Role 23 00 11 22 33 32 32 Member Total Entries 1 DWS 3160 24PC admin 67 4 reconfig Description This command is used to reconnect to a SIM member by using the member ID Format reconfig member_id value 1...

Page 638: ...rs add Specifies to add a specific candidate to the group candidate_id 1 100 Enter the candidate ID to be added to the group here This value must be between 1 and 100 password Optional The password of candidate if necessary delete Specifies to delete a member from the group member_id 1 4 Enter the member ID of the member to be removed from the group here This value must be between 1 and 4 Restrict...

Page 639: ... Specifies that if the user is the commander the user can update the name of group groupname 64 Enter the group name here This name can be up to 64 characters long candidate Optional Specifies to transfer the role to the candidate dp_interval Optional The time in seconds between discoveries sec 30 90 Enter the discovery time here in seconds This value must be between 30 and 90 seconds hold_time Op...

Page 640: ...he hold time of discovery protocol DWS 3160 24PC admin config sim hold_time 200 Command config sim hold_time 200 Success DWS 3160 24PC admin 67 7 download sim_ms Description This command is used to download firmware or a configuration to a specific device Format download sim_ms firmware_from_tftp configuration_from_tftp ipaddr path_filename members mslist 1 4 all Parameters firmware_from_tftp Spec...

Page 641: ...m_tftp 10 55 47 1 D dwl600x tfp members 1 This device is updating configuration Please wait several minutes Download Status ID MAC Address Result 1 00 01 02 03 04 00 Success DWS 3160 24PC admin To download the firmware DWS 3160 24PC admin download sim_ms firmware_from_tftp 10 55 47 1 D test txt members 1 Commands download sim_ms firmware_from_tftp 10 55 47 1 D test txt members 1 This device is upd...

Page 642: ...ecifies a range of members who can up this configuration mslist Enter the member list used here all Specifies that all members will be used Restrictions Only Administrators Operators and Power Users can issue this command Example To upload the configuration DWS 3160 24PC admin upload sim_ms configuration_to_tftp 10 55 47 1 D configuration txt members 1 Command upload sim_ms configuration_to_tftp 1...

Page 643: ...ies this parameter the least IPv4 address and the smallest IPv6 address of ipif_name will be used as source IP addresses ipif_name 12 Enter the IP interface name here This name can be up to 12 characters long ipaddr Optional Enter the IP address used for the configuration here ipv6addr Optional Enter the IPv6 address used for the configuration here none Specifies to clear the configured source IP ...

Page 644: ...rface Format show syslog source_ipif Parameters None Restrictions None Example To display the syslog source IP interface DWS 3160 24PC admin show syslog source_ipif Command show syslog source_ipif Syslog Source IP Interface Configuration IP Interface System IPv4 Address 10 90 90 90 IPv6 Address None DWS 3160 24PC admin 68 3 config trap source_ipif Description This command is used to configure the ...

Page 645: ...used for the configuration here none Specifies to clear the configured source IP interface Restrictions Only Administrators and Operators can issue this command Example To configure the trap source IP interface DWS 3160 24PC admin config trap source_ipif System Command config trap source_ipif System Success DWS 3160 24PC admin To clear the configured trap source IP interface DWS 3160 24PC admin co...

Page 646: ... Reference Guide 642 Example To display the trap source IP interface DWS 3160 24PC admin show trap source_ip Command show trap source_ipif Trap Source IP Interface Configuration IP Interface System IPv4 Address None IPv6 Address None DWS 3160 24PC admin ...

Page 647: ..._number ipaddress ipaddr ipv6addr state enable disable create syslog host index 1 4 ipaddress ipaddr ipv6addr severity emergency alert critical error warning notice informational debug level 0 7 facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number state enable disable delete syslog host index 1 4 all show syslog host index 1 4 config log_save_timing time_interv...

Page 648: ...upport_module command Use a comma to separate multiple modules module_list Enter the module list value here emergency Optional Severity level 0 alert Optional Severity level 1 critical Optional Severity level 2 error Optional Severity level 3 warning Optional Severity level 4 notice Optional Severity level 5 informational Optional Severity level 6 debug Optional Severity level 7 level_list 0 7 Spe...

Page 649: ...mand is used to display the protocols or applications that support the enhanced log The enhanced log adds the module name and module ID Network administrators can display logs by module name or module ID Format show log_software_module Parameters None Restrictions None Example To display the protocols or applications that support the enhanced log DWS 3160 24PC admin show log_software_module Comman...

Page 650: ...ges DWS 3160 24PC admin enable syslog Command enable syslog Success DWS 3160 24PC admin 69 5 disable syslog Description This command is used to disable the sending of syslog messages Format disable syslog Parameters None Restrictions Only Administrators and Operators can issue this command Example To disable the sending of syslog messages DWS 3160 24PC admin disable syslog Command disable syslog S...

Page 651: ...n choose and report a specific level of messages to a specific host When the user chooses a specific level for a specific host messages which are at that severity level or higher will be reported to the specified host Format config syslog host index all severity emergency alert critical error warning notice informational debug level 0 7 facility local0 local1 local2 local3 local4 local5 local6 loc...

Page 652: ...e set to local 5 local6 Specifies that the user defined facility will be set to local 6 local7 Specifies that the user defined facility will be set to local 7 udp_port Optional Specifies the UDP port number udp_port_number Enter the UDP port number used here ipaddress Optional Specifies IP address for the host ipaddr Enter the IP address used for the configuration here ipv6addr Enter the IPv6 addr...

Page 653: ... in the syslog packet when it is sent to a specific syslog server local0 Specifies that the user defined facility will be set to local 0 local1 Specifies that the user defined facility will be set to local 1 local2 Specifies that the user defined facility will be set to local 2 local3 Specifies that the user defined facility will be set to local 3 local4 Specifies that the user defined facility wi...

Page 654: ...o delete a syslog host s Format delete syslog host index 1 4 all Parameters host The host index or all hosts index Enter the host index value here all Specifies that all the host indexes will be used Restrictions Only Administrators and Operators can issue this command Example To delete the specific syslog host DWS 3160 24PC admin delete syslog host 4 Command delete syslog host 4 Success DWS 3160 ...

Page 655: ...host Syslog Global State Enabled Host 1 IP Address 10 90 90 1 Severity Debug 7 Facility Local0 UDP Port 514 Status Disabled Host 2 IP Address 3000 501 100 ffff 101 202 303 1 Severity Emergency Facility Local0 UDP port 514 Status Disabled Host 3 IP Address 10 21 13 1 Severity All Facility Local0 UDP port 514 Status Disabled Total Entries 3 DWS 3160 24PC admin 69 11 config log_save_timing Descriptio...

Page 656: ...command The default setting is on_demand log_trigger Save log to flash whenever a new log event arrives Restrictions Only Administrators and Operators can issue this command Example To configure the method for saving a log as on demand DWS 3160 24PC admin config log_save_timing on_demand Command config log_save_timing on_demand Success DWS 3160 24PC admin 69 12 show log_save_timing Description Thi...

Page 657: ... the system log with the rest of them being stored in a separate table named attack log Format show attack_log index value_list Parameters index Optional The list of index numbers of the entries that need to be displayed For example show attack_log index 1 5 will display the attack log messages from 1 to 5 value_list Enter the index numbers of the entries that needs to be displayed here If no para...

Page 658: ...erence Guide 654 Format clear attack_log Parameters None Restrictions Only Administrators and Operators can issue this command Example To clear the master s attack log DWS 3160 24PC admin clear attack_log Command clear attack_log Success DWS 3160 24PC admin ...

Page 659: ...rning notice information debug level 0 7 Parameters trap Specifies the severity level control for traps log Specifies the severity level control for the log all Specifies the severity level control for traps and the log emergency Severity level 0 alert Severity level 1 critical Severity level 2 error Severity level 3 warning Severity level 4 notice Severity level 5 information Severity level 6 deb...

Page 660: ...ed to display the severity level controls for the system Format show system_severity Parameters None Restrictions None Example To display severity level control for system DWS 3160 24PC admin show system_severity Command show system_severity System Severity Trap information 6 System Severity Log information 6 DWS 3160 24PC admin ...

Page 661: ...alue 1 65535 Parameters ipaddr The IP address of the TELNET server ipv6addr The IPv6 address of the TELNET server tcp_port Optional Specifies the TELNET server port number to be connected If not specified the default port is 23 value 1 65535 Enter the TCP port number used here This value must be between 1 and 65535 Restrictions Only Administrators Operators and Power Users can issue this command E...

Page 662: ...t_file pathname 64 Parameters firmware_fromTFTP Specifies to download firmware from a TFTP server ipaddr Optional The IP address of the TFTP server ipv6addr Optional The IPv6 address of the TFTP server src_file Optional Used to identify the parameter path_filename path_filename 64 Enter the source file path name here This name can be up to 64 characters long dest_file Optional Used to identify the...

Page 663: ...nclude exclude begin filter_string 80 filter_string 80 filter_string 80 log_toTFTP ipaddr ipv6addr dest_file path_filename 64 attack_log_toTFTP ipaddr ipv6addr dest_file path_filename 64 firmware_toTFTP ipaddr ipv6addr dest_file path_filename 64 src_file path_filename 64 Parameters cfg_toTFTP Specifies that the configuration file will be uploaded to the TFTP server ipaddr Optional The IP address o...

Page 664: ...name 64 Specifies the path name on the TFTP server to hold the attack log This name can be up to 64 characters long firmware_toTFTP Specifies that the firmware file will be uploaded to the TFTP server ipaddr Optional The IP address of the TFTP server ipv6addr Optional The IPv6 address of the TFTP server dest_file Optional Used to identify the parameter path_filename path_filename 64 The pathname s...

Page 665: ...g Command upload cfg_toTFTP 10 90 90 99 dest_file 111 cfg src_file c config cfg Connecting to server Done Upload configuration Done DWS 3160 24PC admin In case that the designated file does not exist DWS 3160 24PC admin upload cfg_toTFTP 10 90 90 99 dest_file 111 cfg src_file c config2 cfg Command upload cfg_toTFTP 10 90 90 99 dest_file 111 cfg src_file c config2 cfg No such file Failure DWS 3160 ...

Page 666: ...12 s_time start_time hh mm e_date end_date 1 31 e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 show time 73 1 config sntp Description This command is used to configure the Simple Network Time Protocol SNTP feature Format config sntp primary ipaddr secondary ipaddr poll interval int 30 99999 Parameters primary Optional SNTP primary server IP address ipaddr Enter the IP address used fo...

Page 667: ... sntp Description This command is used to display the SNTP current time source and configuration Format show sntp Parameters None Restrictions None Example To display SNTP DWS 3160 24PC admin show sntp Command show sntp Current Time Source System Clock SNTP Disabled SNTP Primary Server 10 1 1 1 SNTP Secondary Server 10 1 1 2 SNTP Poll Interval 30 sec DWS 3160 24PC admin 73 3 enable sntp Descriptio...

Page 668: ... sntp Success DWS 3160 24PC admin 73 4 disable sntp Description This command is used to disable the SNTP feature Format disable sntp Parameters None Restrictions Only Administrators and Operators can issue this command Example To disable SNTP DWS 3160 24PC admin disable sntp Command disable sntp Success DWS 3160 24PC admin 73 5 config time Description This command is used to configure the time and...

Page 669: ...19sep2011 16 30 30 Success DWS 3160 24PC admin 73 6 config time_zone Description This command is used to configure time zone of the Switch Format config time_zone operator hour gmt_hour 0 13 min minute 0 59 Parameters operator Optional Specifies the operator of time zone Specifies that time should be added or subtracted to or from the GMT hour Optional Specifies the hour of time zone gmt_hour 0 13...

Page 670: ... here This value must be between 1 and 4 s_day e_day Optional Configure the start end day number of Daylight Saving Time start_day sun sat Enter the starting day value of Daylight Saving Time here This value must either be sun mon tue wed thu fri or sat end_day sun sat Enter the ending day value of Daylight Saving Time here This value must either be sun mon tue wed thu fri or sat s_mth e_mth Optio...

Page 671: ...ing time of Daylight Saving Time here This value must be in the hh mm format end_time hh mm Enter the starting time of Daylight Saving Time here This value must be in the hh mm format offset Optional Indicates number of minutes to add or to subtract during summertime The ranges of offset are 30 60 90 120 default value is 60 30 Specifies that the offset range will 30 minutes 60 Specifies that the o...

Page 672: ...60 24PC admin show time Command show time Current Time Source System Clock Boot Time 19 Sep 2011 23 50 43 Current Time 20 Sep 2011 01 01 51 Time Zone GMT 08 00 Daylight Saving Time Repeating Offset In Minutes 30 Repeating From Apr 2nd Tue 15 00 To Oct 2nd Wed 15 30 Annual From 29 Apr 00 00 To 12 Oct 00 00 DWS 3160 24PC admin ...

Page 673: ... command will cross while seeking the network path between two devices The range for the TTL is 1 to 60 hops value 1 60 Enter the time to live value here This value must be between 1 and 60 port Optional The port number The value range is from 30000 to 64900 value 30000 64900 Enter the port number here This value must be between 30000 and 64900 timeout Optional Defines the timeout period while wai...

Page 674: ...nation end station ttl Optional The time to live value of the trace route request This is the maximum number of routers that a trace route packet can pass The traceroute command will cross while seeking the network path between two devices The range for the TTL is 1 to 60 hops value 1 60 Enter the time to live value here This value must be between 1 and 60 port Optional The port number The value r...

Page 675: ...0 24PC admin traceroute6 3000 1 probe 3 Command traceroute6 3000 1 probe 3 1 10 ms 1345 142 11 2 10 ms 2011 14 100 3 10 ms 3000 1 Trace complete DWS 3160 24PC admin To trace the IPv6 routed path between the Switch and 1210 100 11 with port 40000 DWS 3160 24PC admin traceroute6 1210 100 11 port 40000 Command traceroute6 1210 100 11 port 40000 1 10 ms 3100 25 2 10 ms 4130 100 3 10 ms 1210 100 11 Tra...

Page 676: ...ifies that broadcast storm control will be enabled disable Specifies that broadcast storm control will be disabled multicast Optional Enable or disable multicast storm control enable Specifies that multicast storm control will be enabled disable Specifies that multicast storm control will be disabled unicast Optional Enable or disable unknown packet storm control Supported for drop mode only enabl...

Page 677: ...To configure the parameters so that the traffic control status is enabled on ports 1 12 DWS 3160 24PC admin config traffic control 1 12 broadcast enable action shutdown threshold 1 countdown 5 time_interval 10 Command config traffic control 1 12 broadcast enable action shutdown threshold 1 countdown 5 time_interval 10 Success DWS 3160 24PC admin 75 2 config traffic trap Description This command is...

Page 678: ... DWS 3160 24PC admin 75 3 show traffic control Description This command is used to display the current traffic control settings Format show traffic control portlist Parameters portlist Optional Used to Specifies the range of ports to be displayed If no parameter is specified the system will display the packet storm control configuration for all ports Restrictions None Example To display the traffi...

Page 679: ...Disabled shutdown 5 10 9 1 Enabled Disabled Disabled shutdown 5 10 10 1 Enabled Disabled Disabled shutdown 5 10 DWS 3160 24PC admin 75 4 config traffic control log state Description This command is used to configure the traffic control log state When the log state is enabled traffic control states are logged when a storm occurs and when a storm is cleared If the log state is disabled traffic contr...

Page 680: ...uto recovery from shutdown for a port The default value is 0 so no auto recovery is possible the port remains in shutdown forever mode This requires manual entry of the CLI command config ports portlist all state enable to return the port to a forwarding state The default value is 0 which means disable auto recover mode shutdown forever min 0 Specifies that the auto recovery time will be disabled ...

Page 681: ...ll the ports will be used for this configuration forward_list Specifies a range of port forwarding domain null Specifies a range of port forwarding domain is null all Specifies all ports to be configured portlist Specifies a range of ports to be configured Restrictions Only Administrators Operators and Power Users can issue this command Example To configure traffic segmentation DWS 3160 24PC admin...

Page 682: ...ied the system will display all current traffic segmentation tables Restrictions None Example To display traffic segmentation table DWS 3160 24PC admin show traffic_segmentation 1 10 Command show traffic_segmentation 1 10 Traffic Segmentation Table Port Forward Portlist 1 11 15 2 11 15 3 11 15 4 11 15 5 11 15 6 11 15 7 11 15 8 11 15 9 11 15 10 11 15 DWS 3160 24PC admin ...

Page 683: ...ng to prevent any IP address from accessing the Switch provided the user knows the Username and Password When the access interface is not specified the trusted host will be created for all interfaces Format create trusted_host ipaddr ipv6addr network network_address ipv6_prefix ipv6networkaddr snmp telnet ssh http https ping Parameters ipaddr Enter the IP address of the trusted host here ipv6addr ...

Page 684: ... here ipv6addr The IPv6 address of the trusted host ipv6addr Enter the IPv6 address used for this configuration here network The network address of the trusted network network_address Enter the network address used for this configuration here ipv6_prefix The IPv6 subnet prefix of the trusted network ipv6networkaddr Enter the IPv6 subnet prefix here all All trusted hosts will be deleted Restriction...

Page 685: ...sted host delete Delete interfaces for that trusted host snmp Optional Specifies trusted host for SNMP telnet Optional Specifies trusted host for TELENT ssh Optional Specifies trusted host for SSH http Optional Specifies trusted host for HTTP https Optional Specifies trusted host for HTTPs ping Optional Specifies trusted host for PING all Optional Specifies trusted host for all application Restric...

Page 686: ...ctions None Example To display trusted hosts DWS 3160 24PC admin show trusted_host Command show trusted_host Management Stations IP Address Access Interface 10 48 74 121 32 SNMP Telnet SSH HTTP HTTPs Ping 1234 1 SNMP HTTP 1234 SNMP Telnet HTTP Total Entries 3 DWS 3160 24PC admin ...

Page 687: ...ave the same destination 4 Fail to create if there has been one static multipath route that has the same destination It will fail if a user wants to create a floating static route and there has been one static multipath route with the same destination It will fail if a user wants to create a static multipath route and there has been a floating static route whether primary or backup Format create i...

Page 688: ... Deletes an IP default route 0 0 0 0 0 network_address Specifies the network address used ipaddr Specifies the next hop IP address of the route need to be deleted Restrictions Only Administrators Operators and Power Users can issue this command Example To delete an IP default route DWS 3160 24PC admin delete iproute default 10 1 1 254 Command delete iproute default 10 1 1 254 Success DWS 3160 24PC...

Page 689: ...3160 24PC admin 78 4 show ipfdb Description This command is used to display the current network address forwarding database Format show ipfdb ip_address ipaddr interface ipif_name 12 port port Parameters ip_address Optional Displays the specified host IP address ipaddr Enter the IP address used here interface Optional Specifies a IP interface ipif_name 12 Enter the IP interface name here This name...

Page 690: ...thernet Unified Switch CLI Reference Guide 686 DWS 3160 24PC admin show ipfdb Command show ipfdb Interface IP Address Port Learned System 192 168 69 1 1 Dynamic System 192 168 69 66 1 Dynamic Total Entries 2 DWS 3160 24PC admin ...

Page 691: ... 254 ipaddress ipaddr advertisement_interval int 1 255 preempt true false critical_ip ipaddr critical_ip_state enable disable config vrrp ipif ipif_name 12 authtype none simple authdata string 8 ip authdata string 16 delete vrrp vrid vrid 1 255 ipif ipif_name 12 show vrrp ipif ipif_name 12 vrid vrid 1 255 79 1 enable vrrp Description This command is used to enable VRRP globally Format enable vrrp ...

Page 692: ...ame 12 ipaddress ipaddr state enable disable priority int 1 254 advertisement_interval int 1 255 preempt true false critical_ip ipaddr critical_ip_state enable disable Parameters vrid Specifies the ID of the Virtual Router used vrid 1 255 Enter the Virtual Router ID used here This value must be between 1 and 255 ipif Specifies the IP interface used for this configuration ipif_name 12 Enter the IP ...

Page 693: ...l IP address of a real device on the network If the connection from the virtual router to this IP address fails the virtual router will automatically be disabled A new Master will be elected from the backup routers participating in the VRRP group Different critical IP addresses may be assigned to different routers participating in the VRRP group and can therefore define multiple routes to the Inte...

Page 694: ...ity is set higher than the master s priority it will become the master instead of the current one false Specifies if the backup router s priority is higher than the master s priority it will not become the master until the master failed critical_ip Optional specifies an IP address that will provide the most direct route to the Internet or other critical network connections from this virtual router...

Page 695: ...here This value can be up to 8 characters long ip Specifies that the authentication algorithm will be set to IP authentication header on this interface authdata Specifies the authentication data used in the IP authentication header algorithm string 16 Enter the authentication data used in the IP authentication header algorithm here This value can be up to 16 characters long Restrictions Only Admin...

Page 696: ...te vrrp vrid 3 ipif System Success DWS 3160 24PC admin 79 7 show vrrp Description This command is used to display the VRRP settings Format show vrrp ipif ipif_name 12 vrid vrid 1 255 Parameters ipif Optional Specifies the IP interface name to be displayed ipif_name 12 Enter the IP interface name to be displayed here This name can be up to 12 characters long vrid Optional Specifies the Virtual Rout...

Page 697: ...cation type Simple Text Password Authentication Data 12345678 VRID 1 Virtual IP Address 10 90 90 91 Virtual MAC Address 00 00 5E 00 01 01 Virtual Router State Master State Enabled Priority 100 Master IP Address 10 90 90 90 Critical IP Address 0 0 0 0 Checking Critical IP Disabled Advertisement Interval 1 secs Preempt Mode True Virtual Router Up Time 10064 centi secs Total Entries 1 DWS 3160 24PC a...

Page 698: ...ble the VLAN trunk function When the VLAN trunk function is enabled the VLAN trunk ports shall be able to forward all tagged frames with any VID Format enable vlan_trunk Parameters None Restrictions Only Administrators can issue this command Example To enable the VLAN Trunk DWS 3160 24PC admin enable vlan_trunk Command enable vlan_trunk Success DWS 3160 24PC admin 80 2 disable vlan_trunk Descripti...

Page 699: ... all VLANs automatically created by VLAN Trunk enabled shall be destroyed and all the automatically added port membership will be removed A VLAN trunk port and a non VLAN trunk port cannot be grouped as an aggregated link To change the VLAN trunk setting for an aggregated link the user must apply the command to the master port However this setting will disappear as the aggregated link is destroyed...

Page 700: ...ts 1 5 state enable Success DWS 3160 24PC admin Port 6 is LA 1 member port port 7 is LA 2 master port DWS 3160 24PC admin config vlan_trunk ports 6 7 state enable Command config vlan_trunk ports 6 7 state enable The link aggregation member port cannot be configured Fail DWS 3160 24PC admin config vlan_trunk ports 7 state disable Command config vlan_trunk ports 7 state disable Success DWS 3160 24PC...

Page 701: ... have the same VLAN configuration before enabling VLAN trunk Port 6 is LA 1 member port port 7 is LA 1 master port DWS 3160 24PC admin config vlan_trunk ports 7 state disable Command config vlan_trunk ports 7 state disable Success DWS 3160 24PC admin config vlan_trunk ports 6 7 state disable Command config vlan_trunk ports 6 7 state disable Success DWS 3160 24PC admin 80 4 show vlan_trunk Descript...

Page 702: ...isplays the VLAN information which will also display VLAN trunk setting DWS 3160 24PC admin show vlan Command show vlan VLAN Trunk State Enabled VLAN Trunk Member Ports 1 7 VID 1 VLAN Name default VLAN Type Static Advertisement Enabled Member Ports 1 24 Static Ports 1 24 Current Tagged Ports Current Untagged Ports 1 24 Static Tagged Ports Static Untagged Ports 1 24 Forbidden Ports Total Static VLA...

Page 703: ...obal voice VLAN function on a Switch To enable the voice VLAN the voice VLAN must be also assigned At the same time the VLAN must be an existing static 802 1Q VLAN To change the voice VLAN the user must disable the voice VLAN function and re issue this command By default the global voice VLAN state is disabled Format enable voice_vlan vlan_name 32 vlanid vlanid 1 4094 Parameters vlan_name 32 Enter...

Page 704: ...admin disable voice_vlan Command disable voice_vlan Success DWS 3160 24PC admin 81 3 config voice_vlan priority Description This command is used to configure the voice VLAN priority value used by this Switch The voice VLAN priority will be the priority associated with the voice VLAN traffic to distinguish the QoS of the voice traffic from data traffic Format config voice_vlan priority int 0 7 Para...

Page 705: ...r Mnemonic name 00 E0 BB 3COM 3com 00 03 6B Cisco cisco 00 E0 75 Veritel veritel 00 D0 1E Pingtel pingtel 00 01 E3 Siemens siemens 00 60 B9 NEC Philips nec philips 00 0F E2 Huawei 3COM huawei 3com 00 09 6E Avaya avaya Format config voice_vlan oui add delete macaddr macmask description desc 32 Parameters oui Specifies the OUI used for this configuration add Adding a user defined OUI of a voice devi...

Page 706: ...oice VLAN function state on ports The default state is disabled enable Specifies that the voice VLAN function for this Switch will be enabled disable Specifies that the voice VLAN function for this Switch will be disabled mode The voice VLAN mode The default mode is auto auto Specifies that the voice VLAN mode will be set to auto manual Specifies that the voice VLAN mode will be set to manual Rest...

Page 707: ...g timer If the voice traffic resumes during the aging time the aging timer will be stopped and reset Format config voice_vlan aging_time min 1 65535 Parameters aging_time The aging time to set The default value is 720 minutes min 1 65535 Enter the aging time value here This value must be between 1 and 65535 Restrictions Only Administrators Operators and Power Users can issue this command Example T...

Page 708: ...ime 60 minutes Log State Enabled Member Ports Dynamic Member Ports DWS 3160 24PC admin To display the voice VLAN global information when voice VLAN is disabled DWS 3160 24PC admin show voice_vlan Command show voice_vlan Voice VLAN State Disabled Voice VLAN Unassigned Priority 6 Aging Time 60 minutes Log State Enabled DWS 3160 24PC admin 81 8 show voice_vlan oui Description This command is used to ...

Page 709: ... FF FF 00 00 00 00 0F E2 00 00 00 FF FF FF 00 00 00 Huawei 3COM 00 60 B9 00 00 00 FF FF FF 00 00 00 NEC Philips 00 D0 1E 00 00 00 FF FF FF 00 00 00 Pingtel 00 E0 75 00 00 00 FF FF FF 00 00 00 Veritel 00 E0 BB 00 00 00 FF FF FF 00 00 00 3COM Total Entries 9 DWS 3160 24PC admin 81 9 show voice_vlan ports Description This command is used to display the port voice VLAN information Format show voice_vl...

Page 710: ...ice Description This command is used to display voice devices that are connected to the ports The start time is the time when the device is detected on this port and the activate time is the latest time the device sent traffic Format show voice_vlan voice_device ports portlist Parameters ports Optional Specifies the list of ports to be configured here portlist Enter a list of ports used to be disp...

Page 711: ...PC admin 81 11 config voice_vlan log state Description This command is used to configure the log state for voice VLAN If there is a new voice device detected or a port joins leaves the voice VLAN dynamically and the log is enabled a log will be triggered Format config voice_vlan log state enable disable Parameters log Specifies to enable or disable the sending of a voice VLAN log enable Specifies ...

Page 712: ...r int 1 100 default protection auto off default qos ap_edca background best_effort video voice aifs int 1 255 default cwmax 1 3 7 15 31 63 127 255 511 1023 default cwmin 1 3 7 15 31 63 127 255 511 1023 default max_burst int 0 999900 default station_edca background best_effort video voice aifs int 1 255 default cwmax 1 3 7 15 31 63 127 255 511 1023 default cwmin 1 3 7 15 31 63 127 255 511 1023 defa...

Page 713: ...ription This command is used to create a copy of an entire existing AP profile If the destination profile does not exist it will be created Format create wireless ap_profile copy int 1 16 int 1 16 Parameters int 1 16 Enter the source AP Profile ID here This value must be between 1 and 16 int 1 16 Enter the destination AP Profile ID here This value must be between 1 and 16 Restrictions Only Adminis...

Page 714: ...isting profile y n y AP Profile Configuration Copy Successful Success DWS 3160 24TC admin show wireless ap_profile Command show wireless ap_profile AP Profile ID Profile Name Profile Status 1 Default Configured 2 Default Configured 3 Default Configured Total Entries 3 DWS 3160 24TC admin 82 3 delete wireless ap_profile Description This command is used to delete an AP profile If the profile is refe...

Page 715: ...agmentation_threshold int 256 2346 default incorrect_frame_no_ack enable disable load_balance state enable disable utilization int 1 100 default mcs_index add int 0 15 all delete int 0 15 all max_clients int 0 200 default mode a a_n bg bg_n n_only_a n_only_g default multicast tx_rate float power auto enable disable default_power int 1 100 default protection auto off default qos ap_edca background ...

Page 716: ...ffic when the AP loses connection with the wireless Switch If this field is disabled the AP will not allow clients to forward data if the AP loses its connection with the Switch that is managing it enable Specifies that the AP s forwarding mode will be enabled disable Specifies that the AP s forwarding mode will be disabled This is the default option management_mode Specifies to configure the AP s...

Page 717: ...ll be enabled The guard interval value is set as 400ns This is the default option disable Specifies that the short guard interval will be disabled The guard interval value is set as 800ns default Specifies that the default option will be used stbc_mode Specifies the Space Time Block Code STBC mode when operating in 802 11n mode The STBC enables the AP to send the same data stream on multiple anten...

Page 718: ...physical mode This option is only available for Radio 2 n_only_a Specifies that 802 11n in the 5GHz band will be used in the physical mode This option is only available for Radio 1 n_only_g Specifies that 802 11n in the 2 4GHz band will be used in the physical mode This option only available for Radio 2 default Specifies that the default option will be used The default option for Radio 1 is 802 11...

Page 719: ...t the Maximum Contention Window value will be set as 7ms 15 Specifies that the Maximum Contention Window value will be set as 15ms 31 Specifies that the Maximum Contention Window value will be set as 31ms 63 Specifies that the Maximum Contention Window value will be set as 63ms 127 Specifies that the Maximum Contention Window value will be set as 127ms 255 Specifies that the Maximum Contention Win...

Page 720: ...ue will be set as 1ms 3 Specifies that the Minimum Contention Window value will be set as 3ms 7 Specifies that the Minimum Contention Window value will be set as 7ms 15 Specifies that the Minimum Contention Window value will be set as 15ms 31 Specifies that the Minimum Contention Window value will be set as 31ms 63 Specifies that the Minimum Contention Window value will be set as 63ms 127 Specifie...

Page 721: ...ies that the default value will be used other_channel Specifies that the access point can perform RF scans to collect information about other wireless devices within range and then report this information to the UWS mode Specifies to enable or disable the radio to perform RF scanning on channels other than its operating channel enable Specifies that the radio will perform RF scanning on channels o...

Page 722: ...onfigured VAP on the radio VAP0 cannot be disabled If you want to disable VAP0 you must turn off the radio option enable Specifies that the configured VAP on the radio will be enabled disable Specifies that the configured VAP on the radio will be disabled This is the default option network Specifies the network to apply to the VAP A VAP must be configured with a network int 1 64 Enter the network ...

Page 723: ... ap_profile 1 hwtype any Success DWS 3160 24PC admin To configure the profile name on AP Profile 1 DWS 3160 24PC admin config wireless ap_profile 1 name approfile Command config wireless ap_profile 1 name approfile Success DWS 3160 24PC admin To configure the VLAN on AP Profile 1 DWS 3160 24PC admin config wireless ap_profile 1 vlan 3 Command config wireless ap_profile 1 vlan 3 Success DWS 3160 24...

Page 724: ...PC admin config wireless ap_profile 1 radio 1 beacon_interval 200 Command config wireless ap_profile 1 radio 1 beacon_interval 200 Success DWS 3160 24PC admin To enable auto channel adjustment for the radio 1 of AP Profile 1 DWS 3160 24PC admin config wireless ap_profile 1 radio 1 channel auto enable Command config wireless ap_profile 1 radio 1 channel auto enable Success DWS 3160 24PC admin To en...

Page 725: ... Code STBC Mode on radio 1 of AP Profile 1 DWS 3160 24PC admin config wireless ap_profile 1 radio 1 dot11n stbc_mode enable Command config wireless ap_profile 1 radio 1 dot11n stbc_mode enable Success DWS 3160 24PC admin To configure the DTIM period for the Radio 1 of AP Profile 1 DWS 3160 24PC admin config wireless ap_profile 1 radio 1 dtim_period 100 Command config wireless ap_profile 1 radio 1 ...

Page 726: ...e Radio 1 of AP Profile 1 DWS 3160 24PC admin config wireless ap_profile 1 radio 1 load_balance state enable Command config wireless ap_profile 1 radio 1 load_balance state enable Success DWS 3160 24PC admin To configure the utilization parameter of load balancing for the Radio 1 of AP Profile 1 DWS 3160 24PC admin config wireless ap_profile 1 radio 1 load_balance utilization 60 Command config wir...

Page 727: ...1 multicast tx_rate 9 Command config wireless ap_profile 1 radio 1 multicast tx_rate 9 Success DWS 3160 24PC admin To enable the auto power adjustment for the Radio 1 of AP Profile 1 DWS 3160 24PC admin config wireless ap_profile 1 radio 1 power auto enable Command config wireless ap_profile 1 radio 1 power auto enable Success DWS 3160 24PC admin To configure the power setting of the Radio 1 of AP...

Page 728: ...ile 1 radio 1 qos ap_edca video cwmax 7 Command config wireless ap_profile 1 radio 1 qos ap_edca video cwmax 7 Success DWS 3160 24PC admin config wireless ap_profile 1 radio 1 qos ap_edca video cwmin 3 Command config wireless ap_profile 1 radio 1 qos ap_edca video cwmin 3 Success DWS 3160 24PC admin config wireless ap_profile 1 radio 1 qos ap_edca video max_burst 11 Command config wireless ap_prof...

Page 729: ... 3160 24PC admin config wireless ap_profile 1 radio 1 qos station_edca voice txop_limit 222 Command config wireless ap_profile 1 radio 1 qos station_edca voice txop_limit 222 Success DWS 3160 24PC admin To configure the list of basic client data rates for the Radio 1 of AP Profile 1 DWS 3160 24PC admin config wireless ap_profile 1 radio 1 rate basic add 9 Command config wireless ap_profile 1 radio...

Page 730: ...0 Success DWS 3160 24PC admin To configure the RF scan duration for the Radio 1 of AP Profile 1 DWS 3160 24PC admin config wireless ap_profile 1 radio 1 rf_scan duration 1000 Command config wireless ap_profile 1 radio 1 rf_scan duration 1000 Success DWS 3160 24PC admin To enable the RF scanning other channels and scanning interval time for the Radio 1 of AP Profile 1 DWS 3160 24PC admin config wir...

Page 731: ...ireless ap_profile 1 radio 1 rts_threshold 2312 Success DWS 3160 24PC admin To configure the Station Isolation mode for the Radio 1 of AP Profile 1 DWS 3160 24PC admin config wireless ap_profile 1 radio 1 station_isolation enable Command config wireless ap_profile 1 radio 1 station_isolation enable Success DWS 3160 24PC admin To enable VAP and settings associated with the network for the Radio 1 o...

Page 732: ...etail is displayed int 1 2 Enter the radio configuration for an AP profile here This value must be between 1 and 2 auto_eligible Optional Specifies to display supported channels on the radio that are eligible for auto channel selection mcs_index Optional Specifies to displays MCS information qos Optional Specifies to display the configured values for a radio interface per QoS Queue AP EDCA and Sta...

Page 733: ...le Hardware Type Any Wired Network Detection VLAN ID 3 Disconnected AP Data Forwarding Mode Enable Disconnected AP Management Mode Enable Profile Status Associated Modified Valid APs Configured 1 Managed APs Configured 1 DWS 3160 24PC admin To display a summary of AP Profile 1 s radios DWS 3160 24PC admin show wireless ap_profile 1 radio Command show wireless ap_profile 1 radio AP Profile ID 1 Pro...

Page 734: ...cast Rate Limit Burst 30 DTIM Period 10 Fragmentation Threshold 2312 RTS Threshold bytes 2312 Short Retry Limit 7 Long Retry Limit 4 Maximum Transmit Lifetime 512 Maximum Receive Lifetime 512 Maximum Clients 100 Automatic Channel Adjustment Enable Automatic Power Adjustment Enable Default Power 60 Load Balancing Enable Load Utilization 60 Station Isolation Enable Channel Bandwidth 20 MHz Primary C...

Page 735: ... DWS 3160 24PC admin show wireless ap_profile 1 radio 1 qos Command show wireless ap_profile 1 radio 1 qos AP Profile ID 1 Profile Name approfile Radio 1 Sentry Mode 802 11a n Template Custom WMM Mode Enable AP EDCA Configuration QoS Minimum Maximum Maximum Queues AIFS Contention Window Contention Window Burst Voice 0 1 3 7 1500 Video 1 11 3 7 11 Best Effort 2 3 15 63 0 Background 3 7 15 1023 0 St...

Page 736: ... admin show wireless ap_profile 1 radio 1 rates Command show wireless ap_profile 1 radio 1 rates AP Profile ID 1 Profile Name approfile Radio 1 Sentry Mode 802 11a n Advertised Rates Mbps 6 Mbps 9 Mbps 12 Mbps 24 Mbps Supported Rates Mbps 6 Mbps 9 Mbps 12 Mbps 18 Mbps 24 Mbps 36 Mbps 48 Mbps 54 Mbps DWS 3160 24PC admin To display a summary of AP Profile radio 1 s VAPs ...

Page 737: ...link6 6 Disabled 7 dlink7 7 Disabled 8 dlink8 8 Disabled 9 dlink9 9 Disabled 10 dlink10 10 Disabled 11 dlink11 11 Disabled 12 dlink12 12 Disabled 13 dlink13 13 Disabled 14 dlink14 14 Disabled 15 dlink15 15 Disabled 16 dlink16 DWS 3160 24PC admin To display a detailed configuration of VAP 1 of AP Profile 1 s radio 1 DWS 3160 24PC admin show wireless ap_profile 1 radio 1 vap 1 Command show wireless ...

Page 738: ... AP here all Specifies that all failed managed AP entries will be deleted Restrictions Only Administrators can issue this command Example To delete all managed AP entries with a failed status DWS 3160 24PC admin delete wireless ap_failed all Command delete wireless ap_failed all Are you sure you want to delete all the failed managed AP entries y n y delete wireless ap failed All the failed managed...

Page 739: ...ar the entire AP failure list y n y clear wireless ap failure list All AP failure entries cleared Success DWS 3160 24PC admin 83 3 show wireless ap_failure Description This command is used to display a summary or detailed information for entries in the AP failure list Entries are added to the list when the Wireless Switch fails to validate or authenticate with an AP Format show wireless ap_failure...

Page 740: ...ific failure AP status DWS 3160 24PC admin show wireless ap_failure 00 22 B0 3C DD C0 Command show wireless ap_failure 00 22 B0 3C DD C0 MAC Address 00 22 B0 3C DD C0 IP Address 192 168 69 126 Reporting Switch Local Switch Switch MAC Address 00 11 22 33 45 67 Switch IP Address 192 168 69 123 Last Failure Type No Database Entry Validation Failure Count 1 Authentication Failure Count 1 Vendor ID D L...

Page 741: ...t config wireless client disassociate all macaddr ap macaddr ssid ssid vap macaddr Parameters all Specifies to disassociate all clients associated macaddr Enter an associated client MAC address to disassociate here ap Specifies to disassociate all the clients associated with the WS Managed AP macaddr Enter the MAC address of the WS Managed AP here ssid Specifies to disassociate all the clients ass...

Page 742: ...ddress used here client_qos Optional Specifies to display detailed client QoS data for the client radius Specifies to display the configured values successfully obtained from a RADIUS server for the specified client neighbor ap Optional Specifies to display all the APs that an associated client can see in its RF area statistics Optional Specifies to display statistics for a specified client associ...

Page 743: ...E9 C3 EB 77 client_qos radius Command show wireless client 00 15 E9 C3 EB 77 client_qos radius MAC address 00 15 E9 C3 EB 77 SSID DWS01 Bandwidth Limit Down none Bandwidth Limit Up none Access Control Down none Access Control Up none Diffserv Policy Down none Diffserv Policy Up none DWS 3160 24PC admin To display the neighbor AP of the specified client DWS 3160 24PC admin show wireless client 00 1...

Page 744: ...ted 0 Transmit Retry Count 40 Failed Retry Count 1 DWS 3160 24PC admin To display association statistics of a specified client DWS 3160 24PC admin show wireless client 00 15 E9 C3 EB 77 statistics association Command show wireless client 00 15 E9 C3 EB 77 statistics association MAC address 00 15 E9 C3 EB 77 Packets Received 210 Packets Transmitted 198 Bytes Received 37472 Bytes Transmitted 105559 ...

Page 745: ... QoS Operational Status Displays whether client QoS operation is enabled on this network Bandwidth Limit Down Displays the default maximum rate limit in bits per second for traffic flowing from the AP to the client A value of 0 disables rate limiting in this direction This default is used for clients that do not obtain their own value via RADIUS Bandwidth Limit Up Displays the default maximum rate...

Page 746: ...total receive packets from the client station that were discarded by the AP Packets Transmit Dropped Displays the totals packets discarded by the AP prior to transmission to the client station Bytes Receive Dropped Displays the total receive bytes from the client station that were discarded by the AP Bytes Transmit Dropped Displays the total bytes discarded by the AP prior to transmission to the c...

Page 747: ...tributed Tunneling Status Displays whether this client is associated with a network that supports Layer 2 distributed tunneling or not Distributed Tunnel Client Roam Status Displays whether the client is on the Home AP or has roamed to another AP and is using a tunnel The field can display one of the following values Home Specifies that the client is not using a tunnel Roaming Specifies that the c...

Page 748: ...splay associated clients on a specific SSID DWS 3160 24PC admin show wireless ssid DWS01 client Command show wireless ssid DWS01 client Client SSID MAC Address DWS01 00 15 E9 C3 EB 77 Total Entries 1 DWS 3160 24PC admin 84 4 show wireless switch client Description This command is used to display summary data for all Switches with associated clients If the Wireless Switch is a Cluster Controller th...

Page 749: ...dmin 84 5 show wireless vap Description This command is used to display summary data for all managed AP VAPs with associated clients If the optional VAP MAC address is specified the display will only show clients associated to the specific managed AP VAP Format show wireless vap macaddr client Parameters macaddr Optional Enter the WS managed AP VAP MAC address here client Specifies to display summ...

Page 750: ...22 B0 3C 43 C0 00 22 B0 3C 43 C0 1 00 15 E9 C3 EB 77 Total Entries 1 DWS 3160 24PC admin To display clients associated to the specific managed AP VAP DWS 3160 24PC admin show wireless vap 00 22 B0 3C 43 C0 client Command show wireless vap 00 22 B0 3C 43 C0 client VAP MAC Address AP MAC Address Location Radio Client MAC Address 00 22 B0 3C 43 C0 00 22 B0 3C 43 C0 1 00 15 E9 C3 EB 77 Total Entries 1...

Page 751: ...mat delete wireless adhoc_list Parameters None Restrictions Only Administrators can issue this command Example To delete all entries from the Ad Hoc client list DWS 3160 24PC admin delete wireless adhoc_list Command delete wireless adhoc_list Are you sure you want to delete all Ad Hoc client entries y n y All Ad Hoc client entries deleted Success DWS 3160 24PC admin 85 2 show wireless adhoc Descri...

Page 752: ...ary of the Ad Hoc list DWS 3160 24PC admin show wireless adhoc Command show wireless adhoc MAC Address AP MAC Address Location Radio Det Mode Age 00 01 01 30 01 01 00 01 01 02 01 01 FirstFloor 1 Beacon 0d 00 06 31 00 01 01 42 01 01 00 01 01 02 03 01 Eng 1 Beacon 0d 00 06 34 00 01 01 45 01 01 00 01 01 02 01 01 FirstFloor 1 Beacon 0d 00 06 36 Total Entries 3 DWS 3160 24PC admin ...

Page 753: ...s used to delete the client entry for the specified MAC address or all the entries present in the database If the client has authenticated then this command has no effect Format delete wireless detected_client all macaddr Parameters all Specifies that all entries present in detected client database will be deleted macaddr Enter the MAC address of the specified client here Restrictions Only Adminis...

Page 754: ...wireless detected_client ack_rogue all Are you sure you want to acknowledge all rogue client status in the Detected clients database y n y All rogue clients acknowledged Success DWS 3160 24PC admin 86 3 config wireless detected_client preauth_history_purge Description This command is used to clear the detected client s pre authentication history Format config wireless detected_client preauth_histo...

Page 755: ...arameters roam_history_purge Specifies to clear the roaming history maintained for a specific MAC address or all the clients present in the detected client database all Specifies to clear the roaming history maintained for all the clients present in the detected client database macaddr Enter the MAC address of a specific client here Restrictions Only Administrators can issue this command Example T...

Page 756: ...D 18 63 Detected 0d 00 12 02 0d 00 12 02 68 A3 C4 CA CC 8D Detected 0d 00 10 31 0d 00 11 31 70 F3 95 3A 05 CC Detected 0d 00 11 02 0d 00 12 02 F4 9F 54 6B 48 50 Detected 0d 00 11 02 0d 00 11 31 Total Entries 7 DWS 3160 24PC admin 86 6 show wireless detected_client pre_auth_history Description This command is used to display the pre authentication history of the detected clients Format show wireles...

Page 757: ...client pre_auth_history 00 02 BB 00 0A 01 Command show wireless detected_client pre_auth_history 00 02 BB 00 0A 01 AP MAC Addr Radio VAP MAC Address SSID Pre Auth Time Since Status Event 00 22 BB 00 0A 00 1 00 22 BB 00 0A 01 Test Network1 Success 0d 00 01 51 00 22 BB 00 14 10 2 00 22 BB 00 14 12 Test Network3 Failure 0d 00 04 40 00 22 BB 00 0A 00 1 00 22 BB 00 0A 01 Test Network2 Success 0d 00 04 ...

Page 758: ...0 14 00 00 00 91 00 50 00 00 00 87 00 50 10 00 22 BB 00 14 00 00 00 91 00 50 00 00 02 BB 00 0A 02 00 22 BB 00 14 00 00 00 91 00 50 00 00 22 BB 00 14 00 00 00 91 00 50 00 00 02 BB 00 0A 03 00 22 BB 00 14 00 Total History Entries 15 DWS 3160 24PC admin To display the roam history of a specific client detected DWS 3160 24PC admin show wireless detected_client roam_history 00 02 BB 00 0A 01 Command sh...

Page 759: ...7 59 0d 00 17 10 WIDSCLNTROGUE3 False 00 22 B0 3C 43 C0 2 Enable 0d 00 37 59 0d 00 17 10 WIDSCLNTROGUE4 False 00 22 B0 3C 43 C0 2 Enable 0d 00 37 59 0d 00 17 10 WIDSCLNTROGUE5 False 00 22 B0 3C 43 C0 2 Enable 0d 00 37 59 0d 00 17 10 WIDSCLNTROGUE6 False 00 22 B0 3C 43 C0 2 Disable 0d 00 37 59 0d 00 17 10 WIDSCLNTROGUE7 True 00 22 B0 3C 43 C0 2 Disable 0d 00 17 39 0d 00 17 10 WIDSCLNTROGUE1 Known C...

Page 760: ...ified detected client here Restrictions None Example To display the signal triangulation status for the specified client entry DWS 3160 24PC admin show wireless detected_client triangulation F4 9F 54 6B 48 50 Command show wireless detected_client triangulation F4 9F 54 6B 48 50 RSSI Signal Noise AP Function AP MAC Address Radio dBm dBm Age Non Sentry 00 22 B0 3C 43 C0 2 1 90 92 0d 00 17 41 DWS 316...

Page 761: ...ed default rogue show wireless ap_database macaddr 87 1 create wireless ap_database Description This command is used to add an AP to the local valid AP database Format create wireless ap_database macaddr Parameters macaddr Enter the MAC address of a physical AP here Restrictions Only Administrators can issue this command Example To add an AP to the local valid AP database DWS 3160 24PC admin creat...

Page 762: ...pick up any configuration changes in the valid AP database Format config wireless ap_database macaddr location desc 1 32 clear mode ws_managed profile int 1 16 default password encrypted password 128 radio int 1 2 channel int 0 165 power int 0 100 standalone channel int 0 165 default security any open wep wpa default ssid desc 1 32 clear wire_mode allowed not_allowed default rogue Parameters macad...

Page 763: ... by the Wireless Switch channel Specifies the wireless channel number for the radio The valid range is based on the configured country code int 0 165 Enter a valid channel from the all country aggregate channel list here This value must be between 0 and 165 Channel 0 indicates that any valid channel is allowed The default value is 0 default Specifies that the default value will be used security Sp...

Page 764: ...base 00 22 B0 3C DD C0 mode ws_managed radio 1 channel 36 Command config wireless ap_database 00 22 B0 3C DD C0 mode ws_managed radio 1 channel 36 Success DWS 3160 24PC admin To configure the stand alone AP to use an SSID of 123 DWS 3160 24PC admin config wireless ap_database 00 22 B0 3C DD C0 mode standalone ssid 123 Command config wireless ap_database 00 22 B0 3C DD C0 mode standalone ssid 123 A...

Page 765: ...dress used here Restrictions None Example To display the wireless AP database table DWS 3160 24PC admin show wireless ap_database Command show wireless ap_database Valid AP List MAC Address Location AP Mode 00 22 B0 3C DD C0 5F rogue Total Entries 1 DWS 3160 24PC admin To display a specific AP entry in the AP database DWS 3160 24PC admin show wireless ap_database 00 22 B0 3C DD C0 Command show wir...

Page 766: ...DWS 3160 Series Gigabit Ethernet Unified Switch CLI Reference Guide 762 ...

Page 767: ...ss Switch The new channel power debug mode and required password are not saved in the configuration on the Switch They are only maintained until the next time the AP is discovered Format config wireless ap macaddr debug disable enable radio int 1 2 channel int 1 165 power int 1 100 1 Parameters macaddr Enter the Managed AP MAC Address used here debug Specifies to enable or disable the AP debug mod...

Page 768: ...S 3160 24PC admin To configure the managed AP s power DWS 3160 24PC admin config wireless ap 00 22 B0 3C DD C0 radio 1 power 90 Command config wireless ap 00 22 B0 3C DD C0 radio 1 power 90 Success DWS 3160 24PC admin 88 2 delete wireless ap_neighbors Description This command is used to delete entries from the managed AP client and AP neighbor lists NOTE Client neighbor entries added via a client ...

Page 769: ...t the AP image type is for the DWL 3600 and DWL 6600 url Enter the AP image URL used here An example is tftp ipaddress filepath fileName group_size Specifies to configure the maximum number of simultaneous AP TFTP server downloads int 1 12 Enter the group size value here This value must be between 1 and 12 The default value is 10 abort Specifies to abort the current code download on managed APs st...

Page 770: ...dwl ap 3600 6600 6600_D_9_5_3 tar Success DWS 3160 24PC admin To configure an AP code download group size of 12 DWS 3160 24PC admin config wireless ap_download group_size 12 Command config wireless ap_download group_size 12 Success DWS 3160 24PC admin To start an AP code download for all managed APs running a specific image type DWS 3160 24PC admin config wireless ap_download start image_type img_...

Page 771: ...ddress 10 254 254 254 Group Size 12 Download Type img_dwl8600 Download Status Failure Total Count 2 Success Count 0 Failure Count 2 Abort Count 0 MAC Address Location Status 00 22 B0 3C 43 C0 Failure 00 22 B0 3C DD C0 Failure DWS 3160 24PC admin 88 5 show wireless ap Description This command is used to display the operational status for a wireless managed AP If no parameters are specified a summar...

Page 772: ...status for each client detected as a neighbor to the specified managed AP radio vap Optional Specifies the Virtual AP VAP ID If no VAP ID is specified a summary of all VAPs for a managed AP is displayed int 0 15 Enter the Virtual AP ID used here This value must be between 0 and 15 statistics Optional Specifies to display statistics for a managed AP each physical radio on a WS managed AP or each VA...

Page 773: ...l Version 2 Software Version 4 0 0 1 Hardware Type DWL 8600AP Dual Radio a b g n Serial Number H06301226 Part Number dwl8600ap Discovery Reason L2 Poll Received Authenticated Clients 0 System Up Time 0d 01 15 19 Age 0d 00 00 01 DWS 3160 24PC admin To display the summary status of a managed AP on radio 1 DWS 3160 24PC admin show wireless ap 00 22 B0 3C DD C0 radio 1 Command show wireless ap 00 22 B...

Page 774: ...mand show wireless ap 00 22 B0 3C DD C0 radio 1 power Manual Power Adjustment Status Success Transmit Power 90 DWS 3160 24PC admin To display the radar status of a managed AP on radio 1 DWS 3160 24PC admin show wireless ap 00 22 B0 3C DD C0 radio 1 radar Command show wireless ap 00 22 B0 3C DD C0 radio 1 radar Radar Detection Radar Detected Last Radar Channel Required Status Detected Time 36 No No...

Page 775: ... MAC SSID RSSI Status Age 00 22 B0 3C 43 C0 DWS01 12 Rogue 0d 00 06 20 Total Neighbor APs 1 DWS 3160 24PC admin To display the neighbor clients of a managed AP on radio 1 DWS 3160 24PC admin show wireless ap 00 22 B0 3C DD C0 radio 1 neighbor client Command show wireless ap 00 22 B0 3C DD C0 radio 1 neighbor client MAC address 00 22 B0 3C DD C0 Location Radio 1 802 11a n No neighbor clients exist ...

Page 776: ...2 B0 3C DD C7 dlink8 0 8 00 22 B0 3C DD C8 dlink9 0 9 00 22 B0 3C DD C9 dlink10 0 10 00 22 B0 3C DD CA dlink11 0 11 00 22 B0 3C DD CB dlink12 0 12 00 22 B0 3C DD CC dlink13 0 13 00 22 B0 3C DD CD dlink14 0 14 00 22 B0 3C DD CE dlink15 0 15 00 22 B0 3C DD CF dlink16 0 DWS 3160 24PC admin To display the detailed status of a managed AP on radio 1 VAP 1 DWS 3160 24PC admin show wireless ap 00 22 B0 3C...

Page 777: ...statistics of a managed AP on radio 1 DWS 3160 24PC admin show wireless ap 00 22 B0 3C DD C0 radio 1 statistics Command show wireless ap 00 22 B0 3C DD C0 radio 1 statistics MAC address 00 22 B0 3C DD C0 Location Radio 1 802 11a n WLAN Packets Received 0 WLAN Packets Transmitted 1808 WLAN Bytes Received 0 WLAN Bytes Transmitted 208808 WLAN Packets Receive Dropped 0 WLAN Packets Transmit Dropped 0 ...

Page 778: ...ytes Received 0 WLAN Bytes Transmitted 418436 WLAN Packets Receive Dropped 0 WLAN Packets Transmit Dropped 0 WLAN Bytes Receive Dropped 0 WLAN Bytes Transmit Dropped 0 Ethernet Packets Received 1425 Ethernet Packets Transmitted 2707 Ethernet Bytes Received 181479 Ethernet Bytes Transmitted 1531606 Ethernet Multicast Packets Received 357 Total Transmit Errors 0 Total Receive Errors 0 ARP Reqs Conve...

Page 779: ...cal Mode 802 11a n Channel 36 Status Managed Initial Status Managed AP MAC Address 00 22 B0 3C DD C0 Radio 1 802 11a n Transmit Rate Mbps 60 Beacon Interval msecs 100 Discovered Age 0d 01 02 23 Age 0d 00 17 23 Security Mode Open Highest supported rate Mbps 144 4 Mbps 802 11n Mode Supported Ad hoc Network Not Ad hoc Peer Managed AP Managed by the local switch Rogue Mitigation Not Required DWS 3160 ...

Page 780: ...0 Enable 0d 00 00 00 0d 00 00 00 WIDSAPROGUE09 False 00 00 00 00 00 00 0 Enable 0d 00 00 00 0d 00 00 00 WIDSAPROGUE11 False 00 00 00 00 00 00 0 Enable 0d 00 00 00 0d 00 00 00 WIDSAPROGUE01 Administrator configured rogue AP WIDSAPROGUE02 Managed SSID from an unknown AP WIDSAPROGUE03 Managed SSID from a fake managed AP WIDSAPROGUE04 AP without an SSID WIDSAPROGUE05 Fake managed AP on an invalid chan...

Page 781: ...e Timed 0 Distributed Tunnel Client Limit Denials 0 Distributed Tunnel Client Max Replication Denials 0 DWS 3160 24PC admin To display the summary of all managed APs DWS 3160 24PC admin show wireless ap Command show wireless ap MAC Address Configuration Peer Managed IP Address Profile Status Status Age 00 22 B0 3C 43 C0 192 168 69 125 1 Managed Success 0d 00 00 04 00 22 B0 3C DD C0 192 168 69 126 ...

Page 782: ...11b g 6 Unknown 0d 00 00 29 1E 00 02 25 55 20 james2555guest 802 11b g 9 Unknown 0d 00 18 30 1E 05 5D 55 93 80 hankguest 802 11b g 6 Unknown 0d 00 00 29 1E 18 02 6D B2 E0 kayguest 802 11b g 10 Unknown 0d 00 40 30 5C 22 B0 FF E8 30 802 11b g 6 Rogue 0d 00 00 29 F0 7D 68 82 85 F4 dlink 802 11b g 9 Unknown 0d 00 40 30 Total Entries 25 DWS 3160 24PC admin In the above examples the following display pa...

Page 783: ...signed to the AP This is learned from the AP during discovery Part Number Displays the Hardware part number for the AP This is learned from the AP during discovery Access Category Displays the access category to which the following values pertain Number of Active Traffic Streams Displays the current number of traffic streams for the designated access category of the WS managed AP Number of Traffic...

Page 784: ...ork The valid values are Managed The neighbor AP is managed by this switch or another switch within the peer group The neighbor AP status can be referenced using its base MAC address Unknown The neighbor APs detected in the RF scan are initially categorized as Unknown APs Standalone The AP is managed in standalone mode and configured as a valid AP entry local or RADIUS Rogue The AP intrusion Detec...

Page 785: ...o transmit attempts exceeding either the short retry limit or the long retry limit Retry Count Displays the number of time a MSDU is successfully transmitted after one or more retries Multiple Retry Count Displays the number of times a MSDU is successfully transmitted after more than one retry Frame Duplicated Count Displays the number of times a frame is received and the Sequence Control field in...

Page 786: ...l WS managed APs Success DWS 3160 24PC admin 88 7 download wireless ap_image image_type Description This command is used to initiate an AP code image file download process to the wireless Switch Format download wireless ap_image image_type img_dwl8600 img_dwl3600 6600 tftpserver ipaddr src_file path_filename 64 Parameters image_type Specifies the AP image type to be configured for downloading img_...

Page 787: ...ownload an image file from the DWL 8600AP to the Switch through TFTP DWS 3160 24PC admin download wireless ap_image image_type img_dwl8600 tftpserver 192 168 69 66 src_file d apimage tar Command download wireless ap_image image_type img_dwl8600 tftpserver 192 168 69 66 src_file d apimage tar Connecting to server Done Download AP image 100 Download AP image process Done DWS 3160 24PC admin ...

Page 788: ...url clear security mode none static_wep wep_dot1x wpa_enterprise wpa_personal default ssid ssid 32 vlan int 1 4094 default wep authentication open_system shared_key shared_key default key index int 1 4 value string clear length 64 128 default type ascii hex default tx_key int 1 4 default wpa ciphers ccmp tkip tkip default key value string clear versions wpa wpa2 wpa2 default wpa2 key_chching holdt...

Page 789: ...arameters int 1 64 Enter the wireless network ID that will be deleted here This value must be between 1 and 64 Restrictions Only Administrators can issue this command Example To delete a wireless network configuration DWS 3160 24PC admin delete wireless network 17 Command delete wireless network 17 Delete Network ID 17 Success DWS 3160 24PC admin 89 3 config wireless network Description This comma...

Page 790: ...casted ARP requests on the wireless interfaces will be enabled disable Specifies that the state of the mode that allows the APs to reduce the number of broadcasted ARP requests on the wireless interfaces will be disabled This is the default option clear Specifies to restores a network configuration to its default values client_qos Specifies the client QoS parameters that allows the Switch to apply...

Page 791: ...ameter configured for this network deny_broadcast Specifies the state of the deny broadcast mode for the network If enabled the AP will not respond to client probe requests broadcasted to all available SSIDs enable Specifies that the state of the deny broadcast mode for the network will be enabled disable Specifies that the state of the deny broadcast mode for the network will be disabled This is ...

Page 792: ...separately wep_dot1x Specifies to use dynamic WEP authentication using 802 1X wpa_enterprise Specifies to use WPA 802 1X and authentication wpa_personal Specifies to use WPA shared key authentication default Specifies that the default option will be used ssid Specifies the SSID for the wireless network A network must be configured with an SSID of one or more characters The SSID can be modified but...

Page 793: ...shared key This is an alphanumeric string in the range 8 64 characters The configured key is used when the network security mode is set as WPA shared key value Specifies the shared secret key for WPA Personal string Enter a string of at least 8 characters to a maximum of 63 characters Acceptable characters include upper and lower case alphabetic letters numeric digits and special symbols like and ...

Page 794: ...P address that is in the tunnel subnet enable Specifies that the Layer 3 tunnel feature will be enabled disable Specifies that the Layer 3 tunnel feature will be disabled This is the default option subnet Specifies the network IP address subnet used This field must be in the same subnet as the routing interface for the WLAN defined on the Switch ipaddr Enter the network IP address subnet used here...

Page 795: ...k 1 client_qos access_control down ip acl_num 1 Success DWS 3160 24PC admin config wireless network 1 client_qos access_control up ip acl_name ipacl Command config wireless network 1 client_qos access_control up ip acl_name ipacl Success DWS 3160 24PC admin To configure a MAC ACL rule to Client QoS on Network 1 DWS 3160 24PC admin create wireless access_list mac macacl Command create wireless acce...

Page 796: ...bandwidth_limit up 11111 Granularity of bandwidth limit 8192 bps Actual up bandwidth Limit 8192 bps Success DWS 3160 24PC admin To configure a differentiated service DiffServ policy to Client QoS on Network 1 DWS 3160 24PC admin create wireless diffserv policy_map qos_policy Command create wireless diffserv policy_map qos_policy Success DWS 3160 24PC admin config wireless network 1 client_qos diff...

Page 797: ...ion_key_refresh_rate 2345 Command config wireless network 1 dot1x session_key_refresh_rate 2345 Success DWS 3160 24PC admin To enable hidden SSID on Network 1 DWS 3160 24PC admin config wireless network 1 hide_ssid enable Command config wireless network 1 hide_ssid enable Success DWS 3160 24PC admin To enable MAC Authentication on Network 1 DWS 3160 24PC admin config wireless network 1 mac_authent...

Page 798: ...4PC admin config wireless network 1 redirect url www dlink com Command config wireless network 1 redirect url www dlink com Success DWS 3160 24PC admin To configure the security mode on Network 1 DWS 3160 24PC admin config wireless network 1 security mode static_wep Command config wireless network 1 security mode static_wep Success DWS 3160 24PC admin To configure the SSID on Network 1 DWS 3160 24...

Page 799: ...twork 1 DWS 3160 24PC admin config wireless network 1 wep key length 64 Command config wireless network 1 wep key length 64 Success DWS 3160 24PC admin To configure the WEP key value on Network 1 DWS 3160 24PC admin config wireless network 1 wep key index 1 value wk3y1 Command config wireless network 1 wep key index 1 value wk3y1 Success DWS 3160 24PC admin To configure the WEP TX key on Network 1...

Page 800: ...Network 1 DWS 3160 24PC admin config wireless network 1 wpa2 key_chching holdtime 1200 Command config wireless network 1 wpa2 key_chching holdtime 1200 Success DWS 3160 24PC admin To configure the WPA2 pre authentication state on Network 1 DWS 3160 24PC admin config wireless network 1 wpa2 pre_authentication state enable Command config wireless network 1 wpa2 pre_authentication state enable Succes...

Page 801: ... subnet 20 20 0 0 mask 255 255 0 0 Command config wireless network 1 ip_tunnel subnet 20 20 0 0 mask 255 255 0 0 Success DWS 3160 24PC admin 89 4 show wireless network Description This command is used to display the network configuration parameters If no parameter is specified a summary of the all the configured networks will be displayed Format show wireless network int 1 64 Parameters int 1 64 O...

Page 802: ...ble None 16 dlink16 Disable None Total Entries 16 DWS 3160 24PC admin To display a detailed view of a specific network DWS 3160 24PC admin show wireless network 1 Command show wireless network 1 Network ID 1 SSID ssid1 Interface ID 7169 Default VLAN 2 Hide SSID Enable Deny Broadcast Enable Redirect Mode HTTP Redirect URL www dlink com L2 Distributed Tunneling Mode Enable Bcast Key Refresh Rate 123...

Page 803: ...e minutes 1200 WEP Authentication Type Shared Key WEP Key Type ASCII WEP Key Length bits 64 WEP Transfer Key Index 2 WEP Key 1 wk3y1 WEP Key 2 WEP Key 3 WEP Key 4 Client Qos Mode Enable Client QoS Bandwidth Limit Down bps 0 Client QoS Bandwidth Limit Up bps 11111 Client QoS Access Control Down IP 1 Client QoS Access Control Up IPv6 ipv6acl Client QoS Diffserv Policy Down qos_policy Client QoS Diff...

Page 804: ...sed to initiate a configuration push to one or all peer Switches Format config wireless peer_switch all ipaddr Parameters all Specifies that a configuration will be pushed to all peer Switches ipaddr Enter the IP address of the specific Switch that will receive the pushed configuration Restrictions Only Administrators can issue this command Example To initiate the configuration push for all peer S...

Page 805: ...he IP discovery list from one Switch to another make sure that the list contains IP addresses of all the Switches including the Switch that is pushing the configuration By default this option is disabled global Specifies to include basic and advanced global settings in the configuration that the Switch pushes to its peers The configuration does not include the Switch IP address since that is a uni...

Page 806: ... peer Switch s configuration received status Restrictions None Example To display a wireless configuration request DWS 3160 24PC admin show wireless configuration request Command show wireless configuration request Configuration Request Status Complete Total Count 1 Success Count 1 Failure Count 0 Peer IP Address Configuration Request Status 192 168 69 124 Success DWS 3160 24PC admin To display a ...

Page 807: ...ress that pushed the configuration Configuration Displays the configuration groups received as part of the configuration push Timestamp Displays the configuration push received time 90 4 show wireless peer_switch Description This command is used to displays status information for peer Wireless Switches Format show wireless peer_switch ipaddr configure status ap macaddr Parameters ipaddr Optional E...

Page 808: ...tch 192 168 69 124 configure status Command show wireless peer_switch 192 168 69 124 configure status IP Address 192 168 69 124 Configuration Switch IP Address 192 168 69 123 Configuration AP Database AP Profile Channel Power Global Known Client Captive Portal RADIUS Client QoS ACL QoS DiffServ Timestamp Sun Jan 2 01 59 36 GMT 2000 DWS 3160 24PC admin To display a summary of all wireless Switch an...

Page 809: ...tus of the peer Wireless Switch s managed AP s If no parameter are specified this command will display a summary of all the Wireless Switch s managed APs If an AP MAC address is specified a detailed status is displayed Format show wireless peer_switch ap macaddr Parameters macaddr Optional Enter the Wireless Switch s managed AP MAC address here Restrictions None Example To display a summary of all...

Page 810: ...ow wireless peer_switch configuration Description This show command is used to display the peer Switch s group configuration mode Format show wireless peer_switch configuration Parameters None Restrictions None Example To display the peer Switch s group configuration mode DWS 3160 24PC admin show wireless peer_switch configuration Command show wireless peer_switch configuration AP Database Enabled...

Page 811: ...re status Command show wireless peer_switch configure status Configuration Configuration Peer IP Address Switch IP Address Status Timestamp 192 168 69 124 192 168 69 123 Success Sun Jan 2 01 59 36 GMT 2000 Total Entries 1 DWS 3160 24PC admin In the above examples the following display parameters can be noticed Peer IP Address Displays the IP address of the peer switch Configuration Switch IP Addre...

Page 812: ...r ipaddr start show wireless ap_provisioning macaddr show wireless certificate_request show wireless switch_provisioning 91 1 delete wireless ap_provisioning Description This command is used to remove the specified AP from the AP provisioning list or removes all APs from the AP provisioning list Format delete wireless ap_provisioning macaddr all Parameters macaddr Enter the MAC Address of the AP h...

Page 813: ...witch ipaddr Enter the IP address of the primary or backup Switch used here profile Specifies the profile ID used when provisioning of the AP takes place int 1 16 Enter the profile ID used here This value must be between 1 and 16 The default value is 1 default Specifies that the default value will be used start Specifies to initiate provisioning of the specified MAC address all start Specifies to ...

Page 814: ...s ap_provision 00 22 B0 3C 43 C0 profile default Command config wireless ap_provision 00 22 B0 3C 43 C0 profile default Success DWS 3160 24PC admin To initiate the provisioning of the specified MAC address in the AP Provisioning database DWS 3160 24PC admin config wireless ap_provision 00 22 B0 3C 43 C0 start Command config wireless ap_provision 00 22 B0 3C 43 C0 start Success DWS 3160 24PC admin ...

Page 815: ...a X 509 certificate from the cluster controller The X 509 mutual certificate exchange is the only mechanism for peer Switches to authenticate with each other because Switches do not support a pass phrase authentication The X 509 certificate is automatically generated by the Switch and does not communicate with any trusted certificate authority Format config wireless certificate_request peer ipaddr...

Page 816: ...in config wireless cluster exchange_certificate Command config wireless cluster exchange_certificate Are you sure you want to trigger exchange of X 509 certificates in the cluster y n y X 509 certificates exchange has been triggered Success DWS 3160 24PC admin 91 6 config wireless mutual_authentication_mode Description This command is used to configure the mutual authentication mode for the entire...

Page 817: ...ght result in network traffic disruption Are you sure you want to continue y n y Network Mutual Authentication Mode set Success DWS 3160 24PC admin To disable mutual authentication DWS 3160 24PC admin config wireless mutual_authentication_mode disable Command config wireless mutual_authentication_mode disable Changing Mutual Authentication Mode might result in network traffic disruption Are you su...

Page 818: ... unmanaged mode is always allowed Format config wireless re_provisioning_unmanaged enable disable Parameters enable Specifies that the re provisioning of APs in the unmanaged mode will be enabled This is the default option disable Specifies that the re provisioning of APs in the unmanaged mode will be enabled Restrictions Only Administrators can issue this command Example To enable the unmanaged A...

Page 819: ...dress of the Switch in a cluster here start Specifies to start Switch provisioning Restrictions Only Administrators can issue this command Example To enabling Switch provisioning DWS 3160 24PC admin config wireless switch_provisioning enable Command config wireless switch_provisioning enable Success DWS 3160 24PC admin To start Switch provisioning DWS 3160 24PC admin config wireless switch_provisi...

Page 820: ...ress of the backup Switch with the Switch Administrator that wants to provision the AP New Profile ID Displays the Profile ID configured in the local valid AP database of new primary and backup Switches AP Provisioning Status Displays the status of the most recently issued AP provisioning command AP Certificate and Profile Transmit Status Displasy the status of the last AP profile and certificate ...

Page 821: ...us Not Started AP Profile and Certificate Tx Status Not Started Time Since Last Update 0d 00 00 05 DWS 3160 24PC admin 91 10 show wireless certificate_request Description This command is used to display the status of Switch certificate requests Format show wireless certificate_request Parameters None Restrictions None Example To display the Switch s certificate request status DWS 3160 24PC admin s...

Page 822: ...ch_provisioning Parameters None Restrictions None Example To display the Switch s certificate request status DWS 3160 24PC admin show wireless switch_provisioning Command show wireless switch_provisioning Provisioning Switch IP Address 192 168 69 123 Provisioning Status Success DWS 3160 24PC admin ...

Page 823: ...ce ip_precedence value 0 7 ip_tos tos_bit hex 0x00 0xff tos_mask hex 0x00 0xff ip_dscp af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef other int 0 63 del_rule value 1 12 edit_rule value 1 12 type deny permit match_every true false srcip ipaddr srcmask netmask src_layer4_port domain echo ftp ftpdata http smtp snmp telnet tftp other int 0 65535 dstip...

Page 824: ...k netmask src_layer4_port domain echo ftp ftpdata http smtp snmp telnet tftp other int 0 65535 vlan vlanid 0 4095 ipv6 any dstipv6 ipv6addr prefix_length int 1 128 dst_layer4_port domain echo ftp ftpdata http smtp snmp telnet tftp other int 0 65535 flow_label uint 0 1048575 ip_dscp af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef other int 0 63 prot...

Page 825: ...e new IP ACL name used here This parameter is a case sensitive alphanumeric field This name can be up to 31 characters long ipv6 Specifies to create an IPv6 ACL that is identified by its name name 1 31 Enter the new IPv6 ACL name used here This parameter is a case sensitive alphanumeric field This name can be up to 31 characters long Restrictions Only Administrators can issue this command Example ...

Page 826: ...fies to delete an IPv6 ACL that is identified by its name name 1 31 Enter the IPv6 ACL name used here This parameter is a case sensitive alphanumeric field This name can be up to 31 characters long Restrictions Only Administrators can issue this command Example To delete a MAC ACL DWS 3160 24PC admin delete wireless access_list mac aclMac Command delete wireless access_list mac aclMac Success DWS ...

Page 827: ...hat every packet is considered to match the selected ACL Rule false Specifies that it is not mandatory for every packet to match the selected ACL Rule srcip Specifies the source IP address of the IP ACL rule ipaddr Enter the source IP address of the IP ACL rule here srcmask Specifies the source netmask of the IP ACL rule netmask Enter the source netmask of the IP ACL rule here dstip Specifies the ...

Page 828: ... filter for an extended IP ACL rule is IP icmp Specifies that the protocol used to filter for an extended IP ACL rule is ICMP igmp Specifies that the protocol used to filter for an extended IP ACL rule is IGMP tcp Specifies that the protocol used to filter for an extended IP ACL rule is TCP udp Specifies that the protocol used to filter for an extended IP ACL rule is UDP other Specifies a custom p...

Page 829: ... from an extended IP ACL value 1 12 Enter the extended IP ACL number used here This value must be between 1 and 12 type Specifies what action should be taken if a packet matches the rule s criteria The possible values are Permit or Deny deny Specifies that the action that will take place if a packet matches the rule s criteria is deny permit Specifies that the action that will take place if a pack...

Page 830: ...custom destination Layer 4 port number used here This value must be between 0 and 65535 protocol Specifies the protocol to filter for an extended IP ACL rule identified by number The protocol number is a standard value assigned by IANA and is interpreted as an integer from 1 to 255 You can use the protocol number or you Specifies a protocol keyword ip Specifies that the protocol used to filter for...

Page 831: ...e set as cs0 cs1 Specifies that the IP DiffServ Code Point value will be set as cs1 cs2 Specifies that the IP DiffServ Code Point value will be set as cs2 cs3 Specifies that the IP DiffServ Code Point value will be set as cs3 cs4 Specifies that the IP DiffServ Code Point value will be set as cs4 cs5 Specifies that the IP DiffServ Code Point value will be set as cs5 cs6 Specifies that the IP DiffSe...

Page 832: ...xff ip_dscp af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 cs5 cs6 cs7 ef other int 0 63 del_rule value 1 12 edit_rule value 1 12 type deny permit match_every true false srcip ipaddr srcmask netmask src_layer4_port domain echo ftp ftpdata http smtp snmp telnet tftp other int 0 65535 dstip ipaddr dstmask netmask dst_layer4_port domain echo ftp ftpdata http smtp s...

Page 833: ...o port number of the service called HTTP smtp Specifies that the source Layer 4 port match condition will use to port number of the service called SMTP snmp Specifies that the source Layer 4 port match condition will use to port number of the service called SNMP telnet Specifies that the source Layer 4 port match condition will use to port number of the service called TELNET tftp Specifies that th...

Page 834: ...k value hex 0x00 0xff Enter the ToS Mask value used here This value must be between 0x00 and 0xff ip_dscp Specifies the IP DiffServ Code Point DSCP field The DSCP is defined as the high order six bits of the Service Type octet in the IP header The IP DSCP is configured by a possible selection of one of the DSCP keywords or a numerical values af11 Specifies that the IP DiffServ Code Point value wil...

Page 835: ...yer 4 port match condition will use to port number of the service called HTTP smtp Specifies that the source Layer 4 port match condition will use to port number of the service called SMTP snmp Specifies that the source Layer 4 port match condition will use to port number of the service called SNMP telnet Specifies that the source Layer 4 port match condition will use to port number of the service...

Page 836: ...valued bits in the ToS Mask denote the bit positions in the ToS bits value that are used for comparison against the IP ToS field of a packet tos_bit Specifies the ToS Bit value hex 0x00 0xff Enter the ToS Bit value used here This value must be between 0x00 and 0xff tos_mask Specifies the ToS Mask value hex 0x00 0xff Enter the ToS Mask value used here This value must be between 0x00 and 0xff ip_dsc...

Page 837: ...ch_every false srcip 10 90 200 1 srcmask 255 255 255 0 dst_layer4_port ftp Command config wireless access_list ip name aclIPNamed 1 add_rule 2 type deny match_every false srcip 10 90 200 1 srcmask 255 255 255 0 dst_layer4_port ftp Success DWS 3160 24PC admin To update the match_every value of a specified rule of a IP named ACL to be false DWS 3160 24PC admin config wireless access_list ip name acl...

Page 838: ...cip Specifies the source IP address of the IP ACL rule ipaddr Enter the source IP address of the IP ACL rule here srcmask Specifies the source netmask of the IP ACL rule netmask Enter the source netmask of the IP ACL rule here del_rule Specifies to delete a specified rule from a standard IP ACL value 1 12 Enter the standard IP ACL number here This value must be between 1 and 12 edit_rule Specifies...

Page 839: ...Pv6 wireless access lists Format config wireless access_list ipv6 name 1 31 rename name 1 31 add_rule value 1 10 type deny permit match_every true false src_ipv6 src_prefix ipv6addr src_prefix_length int 1 128 dst_ipv6 dst_prefix ipv6addr dst_prefix_length int 1 128 src_layer4_port domain echo ftp ftpdata http smtp snmp telnet tftp other int 0 65535 dst_layer4_port domain echo ftp ftpdata http smt...

Page 840: ...pv6addr Enter the destination IPv6 prefix value used here dst_prefix_length Specifies the destination IPv6 prefix length of the IPv6 ACL rule int 1 128 Enter the destination IPv6 prefix length of the IPv6 ACL rule here src_layer4_port Specifies the source Layer 4 port match condition for the IP ACL rule domain Specifies that the source Layer 4 port match condition will use to port number of the se...

Page 841: ...r six bits of the Service Type octet in the IPv6 header The IPv6 DSCP is configured by a possible selection of one of the DSCP keywords or a numerical values af11 Specifies that the IPv6 DiffServ Code Point value will be set as af11 af12 Specifies that the IPv6 DiffServ Code Point value will be set as af12 af13 Specifies that the IPv6 DiffServ Code Point value will be set as af13 af21 Specifies th...

Page 842: ...yer 4 port match condition will use to port number of the service called HTTP smtp Specifies that the source Layer 4 port match condition will use to port number of the service called SMTP snmp Specifies that the source Layer 4 port match condition will use to port number of the service called SNMP telnet Specifies that the source Layer 4 port match condition will use to port number of the service...

Page 843: ...pecifies that the IPv6 DiffServ Code Point value will be set as af11 af12 Specifies that the IPv6 DiffServ Code Point value will be set as af12 af13 Specifies that the IPv6 DiffServ Code Point value will be set as af13 af21 Specifies that the IPv6 DiffServ Code Point value will be set as af21 af22 Specifies that the IPv6 DiffServ Code Point value will be set as af22 af23 Specifies that the IPv6 Di...

Page 844: ...less access_list ipv6 aclIpv6 1 edit_rule 1 type permit Command config wireless access_list ipv6 aclIpv6 1 edit_rule 1 type permit Success DWS 3160 24PC admin To delete a rule from an existed IPv6 ACL DWS 3160 24PC admin config wireless access_list ipv6 aclIpv6 1 del_rule 3 Command config wireless access_list ipv6 aclIpv6 1 del_rule 3 Success DWS 3160 24PC admin 92 7 config wireless access_list ma...

Page 845: ...dress mask for this rule indicating which bits in the source MAC to compare against an Ethernet frame macmask Enter the source MAC address mask for this rule here dstmac Specifies that the destination MAC address for this rule will be configured mac Specifies the destination MAC address for this rule to compare against an Ethernet frame macaddr Enter the destination MAC address for this rule here ...

Page 846: ...is rule here dstmac Specifies that the destination MAC address for this rule will be configured mac Specifies the destination MAC address for this rule to compare against an Ethernet frame macaddr Enter the destination MAC address for this rule here mask Specifies the destination MAC address mask for this rule Specifiesing which bits in the destination MAC to compare against an Ethernet frame macm...

Page 847: ...CL to be IPv6 DWS 3160 24PC admin config wireless access_list mac aclMac edit_rule 2 ethertypekey ipv6 Command config wireless access_list mac aclMac edit_rule 2 ethertypekey ipv6 Success DWS 3160 24PC admin To delete a rule from an existed MAC ACL DWS 3160 24PC admin config wireless access_list mac aclMac del_rule 2 Command config wireless access_list mac aclMac del_rule 2 Success DWS 3160 24PC a...

Page 848: ...PC admin create wireless diffserv class_map cm2 match_all ipv4 Command create wireless diffserv class_map cm2 match_all ipv4 Success DWS 3160 24PC admin create wireless diffserv class_map cm3 match_all ipv6 Command create wireless diffserv class_map cm3 match_all ipv6 Success DWS 3160 24PC admin 92 9 delete wireless diffserv class_map Description This command is used to delete an existing wireless...

Page 849: ...ommand is used to create a new DiffServ policy Use the DiffServ policy commands to specify wireless traffic conditioning actions such as policing and marking to apply to traffic classes Format create wireless diffserv policy_map name 1 31 Parameters name 1 31 Enter the class map name used here This name can be up to 31 characters long This name is a case sensitive alphanumeric string that uniquely...

Page 850: ...p name 1 31 rename name 1 31 match ipv4 any cos value 0 7 dstmac macaddr mask macmask dstip ipaddr dstmask netmask dst_layer4_port domain echo ftp ftpdata http smtp snmp telnet tftp other int 0 65535 ethertypekey appletalk arp ibmsna ipv4 ipv6 ipx mplsmcast mplsucast netbios rarp user_value hex 0x600 0xffff ip_dscp af11 af12 af13 af21 af22 af23 af31 af32 af33 af41 af42 af43 be cs0 cs1 cs2 cs3 cs4 ...

Page 851: ... the destination Layer 4 port of a packet will use the service called Echo ftp Specifies that the destination Layer 4 port of a packet will use the service called FTP ftpdata Specifies that the destination Layer 4 port of a packet will use the service called FTP Data http Specifies that the destination Layer 4 port of a packet will use the service called HTTP smtp Specifies that the destination La...

Page 852: ...s4 cs5 Specifies that the IP DiffServ Code Point DSCP field value will be set to cs5 cs6 Specifies that the IP DiffServ Code Point DSCP field value will be set to cs6 cs7 Specifies that the IP DiffServ Code Point DSCP field value will be set to cs7 ef Specifies that the IP DiffServ Code Point DSCP field value will be set to ef other Specifies that a custom IP DiffServ Code Point DSCP field value w...

Page 853: ...and 65535 vlan Specifies the Layer 2 VLAN Identifier field value the only tag in a single tagged packet or the first or outer tag of a double VLAN tagged packet vlanid 1 4095 Enter the VLAN ID used here This value must be between 1 and 4095 ipv6 Specifies that the Layer 3 protocol for this class is IPv6 any Specifies that all packets will be considered to belong to the class dstipv6 Specifies the ...

Page 854: ...ld value will be set to be cs0 Specifies that the IPv6 DiffServ Code Point DSCP field value will be set to cs0 cs1 Specifies that the IPv6 DiffServ Code Point DSCP field value will be set to cs1 cs2 Specifies that the IPv6 DiffServ Code Point DSCP field value will be set to cs2 cs3 Specifies that the IPv6 DiffServ Code Point DSCP field value will be set to cs3 cs4 Specifies that the IPv6 DiffServ ...

Page 855: ...Specifies that the source Layer 4 port of a packet will use the service called SMTP snmp Specifies that the source Layer 4 port of a packet will use the service called SNMP telnet Specifies that the source Layer 4 port of a packet will use the service called TELNET tftp Specifies that the source Layer 4 port of a packet will use the service called TFTP other Specifies that a custom source Layer 4 ...

Page 856: ...name can be up to 31 characters long del_class_member Specifies to delete the instance of a particular class and its defined treatment from the specified policy This command removes the reference to the class definition for the specified policy name 1 31 Enter the name of the class member here This name can be up to 31 characters long class Specifies the name of an existing wireless DiffServ class...

Page 857: ...forming traffic allowed int 1 128 Enter the committed burst size used to determine the amount of conforming traffic allowed here This value must be between 1 and 128 Kbytes conform_action drop Specifies that packets are immediately dropped upon conforming that packets match the policing metrics set_prec_transmit Specifies that packets are marked by DiffServ with the specified IP Precedence value b...

Page 858: ...e presented unmodified by DiffServ to the system s forwarding element upon conforming that packets match the policing metrics Restrictions Only Administrators can issue this command Example To change the name of an existing wireless DiffServ policy DWS 3160 24PC admin config wireless diffserv policy_map df_policy1 rename df_policy2 Command config wireless diffserv policy_map df_policy1 rename df_p...

Page 859: ...eld This name can be up to 31 characters long ip Specifies to display an IP ACL standard Optional Specifies to display a standard IP ACL that is identified by the access list number int 1 99 Enter the standard IP ACL access list number used here This value must be between 1 and 99 extended Optional Specifies to display an extended IP ACL that is identified by the access list number int 100 199 Ent...

Page 860: ...s 2 DWS 3160 24PC admin To display all details of the rules that are defined for a MAC ACL DWS 3160 24PC admin show wireless access_list mac aclMac Command show wireless access_list mac aclMac ACL Name aclMac Rule Number 1 Action permit Match Every TRUE Rule Number 2 Action permit Match Every FALSE Destination MAC Address 00 ED 12 BA 34 CF Destination MAC Mask FF FF FF FF 00 00 Ethertype ipv6 Tota...

Page 861: ...0 aclIPNamed 1 2 Total IP ACLs 5 DWS 3160 24PC admin To display all the details of the rules that are defined for an IP extended ACL DWS 3160 24PC admin show wireless access_list ip extended 100 Command show wireless access_list ip extended 100 Rule Number 1 Action permit Match Every TRUE Rule Number 2 Action permit Match Every FALSE Protocol 6 tcp Source L4 Port Keyword 80 http Total Rules 2 DWS ...

Page 862: ... Match Every FALSE Source IP Address 2001 FECD BA23 CD1F DCB1 1010 9234 4088 22 Total Rules 2 DWS 3160 24PC admin 92 15 show wireless diffserv Description This command is used to display the wireless DiffServ general status information a list of all the defined wireless DiffServ classes all configuration information of the specified class a list of all defined wireless DiffServ policies or all con...

Page 863: ...Serv class Restrictions None Example To display the wireless DiffServ general status information DWS 3160 24PC admin show wireless diffserv Command show wireless diffserv Class Table Size Current Max 5 32 Class Rule Table Size Current Max 2 192 Policy Table Size Current Max 4 64 Policy Instance Table Size Current Max 1 640 Policy Attribute Table Size Current Max 0 1280 DWS 3160 24PC admin To displ...

Page 864: ...all defined wireless DiffServ policy maps DWS 3160 24PC admin show wireless diffserv policy_map Command show wireless diffserv policy_map Policy Name Policy Type Class Members pm1 In cm1 pm2 In cm2 Total Policies 2 DWS 3160 24PC admin To display configuration information for the specified policy DWS 3160 24PC admin show wireless diffserv policy_map policy_name df_policy1 Command show wireless diff...

Page 865: ... all access points known by the Wireless Switch via the RF scan data obtained from the managed access points Format delete wireless ap_rf_scan_list Parameters None Restrictions Only Administrators can issue this command Example To delete all entries from the RF scan list DWS 3160 24PC admin delete wireless ap_rf_scan_list Command delete wireless ap_rf_scan_list Are you sure you want to delete all ...

Page 866: ... g n frequency band interval Specifies to compute and apply new wireless channel plans at the configured interval manual Specifies to compute and apply new wireless channel plans only when requested via the user interface This is the default option time Specifies to compute and apply new wireless channel plans at the configured time interval Specifies the wireless channel plan interval int 6 24 En...

Page 867: ...less channel_plan an interval 24 Command config wireless channel_plan an interval 24 Success DWS 3160 24PC admin To configure the history depth DWS 3160 24PC admin config wireless channel_plan an history depth 10 Command config wireless channel_plan an history depth 10 Success DWS 3160 24PC admin To apply the entire proposed wireless channel plan DWS 3160 24PC admin config wireless channel_plan an...

Page 868: ... default value will be used action Specifies to trigger manual power adjustment actions on the managed APs apply Specifies to apply the proposed power adjustments clear Specifies to clear the proposed power adjustments start Specifies to compute new proposed power adjustments Restrictions Only Administrators can issue this command Example To configure the power plan mode DWS 3160 24PC admin config...

Page 869: ...d show wireless channel_plan an Channel Plan 802 11a Channel Configuration Channel Plan Mode Manual Channel Plan Interval hours 24 Channel Plan Fixed Time hh mm 00 00 Channel Plan History Depth 10 DWS 3160 24PC admin 94 4 show wireless channel_plan history Description This command is used to display a history for the automatic channel algorithm Format show wireless channel_plan history an bgn Para...

Page 870: ...hannel_plan proposed Description This command is used to display a proposed channel plan change for a manual request to run the channel algorithm Format show wireless channel_plan proposed an bgn Parameters proposed Specifies to display proposed channel plan changes for a manual request to run the channel algorithm The channel plan type argument must be specified an Specifies that the configured w...

Page 871: ...ed to display the status and configuration for automatic power adjustments Format show wireless power_plan Parameters None Restrictions None Example To display the power plan global status DWS 3160 24PC admin show wireless power_plan Command show wireless power_plan Power Adjustment Mode Interval Power Adjustment Interval minutes 24 DWS 3160 24PC admin a show wireless power_plan proposed Descripti...

Page 872: ...xample To display the proposed power plan DWS 3160 24PC admin show wireless power_plan proposed Command show wireless power_plan proposed Current Status Algorithm Completed Current New AP MAC Address Location Radio Power Power 00 22 B0 3D A9 40 2 80 90 00 22 B0 3D AA C0 1 60 70 00 22 B0 3D AA C0 2 80 90 00 22 B0 3D AB 40 2 80 90 DWS 3160 24PC admin ...

Page 873: ...e disable config wireless client roam_timeout int 1 120 default config wireless cluster priority int 0 255 config wireless country_code country_code default config wireless dist_tunnel max_clients int 1 8000 default idle_timeout int 30 3600 default max_timeout int 30 86400 default mcast_repl int 1 1024 default 1 config wireless ip_control_port int 1 65000 default config wireless mac_authentication...

Page 874: ...ireless Switch functionality Format enable wireless Parameters None Restrictions Only Administrators can issue this command Example To enable the Wireless Switch functionality DWS 3160 24PC admin enable wireless Command enable wireless Success DWS 3160 24PC admin 95 2 disable wireless Description This command is used to disable the Wireless Switch functionality Format disable wireless Parameters N...

Page 875: ...d By default there is one entry in the list The IP list is used when the discovery via IP polling feature is enabled The VLAN list is used when the discovery via Layer 2 multicast feauters is enabled Format create wireless discovery ip ipaddr vlan vlanid 1 4094 Parameters ip Specifies that a valid IP address will be used ipaddr Enter the valid IP address used here vlan Specifies that the VLAN ID w...

Page 876: ...re all Specifies that all IP addresses will be deleted from the polling list vlan Specifies that a specific VLAN ID will be deleted from the discovery list vlanid 1 4094 Enter the VLAN ID that will be deleted here This value must be between 1 and 4094 all Specifies that all VLAN IDs will be deleted from the discovery list Restrictions Only Administrators can issue this command Example To delete a ...

Page 877: ... based discovery of APs and peer Switches will be enabled disable Specifies that Layer 2 MAC based discovery of APs and peer Switches will be disabled Although the above mentioned parameters are all listed as optional the user is required to at least select one parameter to successfully utilize this command Restrictions Only Administrators can issue this command Example To enable Layer 3 IP based ...

Page 878: ...ireless known_client 00 18 DE D7 B4 C1 Success DWS 3160 24PC admin 95 7 delete wireless known_client Description This command is used to delete a client MAC address from the local known client database Format delete wireless known_client macaddr Parameters macaddr Enter a valid MAC address of a physical wireless client here Restrictions Only Administrators can issue this command Example To delete ...

Page 879: ...eny Parameters macaddr Enter a valid MAC address of a physical wireless client here name Specifies the name of the physical wireless client used for identification here name 32 Enter the name of the physical wireless client used for identification here This name can be up to 32 alphanumeric characters long action Specifies the type of MAC authentication action to be taken for the specified physica...

Page 880: ...ng Format create wireless oui_database ouival desc 1 32 Parameters ouival Enter the OUI Value which is composed of the higher three octets of the Ethernet MAC address of the vendor AP or Client here desc 1 32 Optional Enter the organization name for the OUI here This name can be up to 32 alphanumeric characters long Restrictions Only Administrators can issue this command Example To create an OUI v...

Page 881: ...nfig wireless oui_database Description This command is used to configure the name of an OUI value Format config wireless oui_database ouival desc 1 32 Parameters ouival Enter the OUI Value which is composed of the higher three octets of the Ethernet MAC address of the vendor AP or Client here desc 1 32 Enter the organization name for the OUI here This name can be up to 32 alphanumeric characters l...

Page 882: ...config wireless agetime Description This command is used to configure database entry age times for the Wireless Switch A time value of 0 indicates that entries in the corresponding database will not age and that the user must manually delete them Format config wireless agetime ad_hoc int 0 168 default ap_failure int 0 168 default rf_scan int 0 168 default detected_client int 0 168 default ap_provi...

Page 883: ...re This value must be between 0 and 168 hours The default value is 24 hours default Specifies that the default value will be used ap_provisioning_db Specifies the time to maintain an entry in the AP provisioning database A value of 0 indicates that the entries should never age out int 0 240 Enter the time to maintain an entry in the AP provisioning database here This value must be between 0 and 24...

Page 884: ...ireless ap_authentication enable Success DWS 3160 24PC admin 95 15 config wireless ap_auto_upgrade Description This command is used to globally enable or disable the AP automatic upgrade mode on the Switch This feature will be enforced on all supported APs When the AP s automatic upgrade mode is enabled the Switch that manages the AP will automatically load the code image for the AP stored on the ...

Page 885: ... clients associated to that network may have one or more of the following QoS characteristics in effect in the down and or up directions for access control bandwidth limiting and differentiated services This command takes effect on an AP without requiring that the AP profile be re applied Format config wireless ap_client_qos enable disable Parameters enable Specifies that the AP Client QoS mode wi...

Page 886: ...dation radius Command config wireless ap_validation radius Success DWS 3160 24PC admin 95 18 config wireless auto_ip_assign Description This command is used to enable or disable the automatic IP address assignment mode for the wireless Switch Use this command to allow the wireless feature to automatically assign itself an IP address from one of the active interfaces If this option is cleared you m...

Page 887: ...ciation database Format config wireless client roam_timeout int 1 120 default Parameters int 1 120 Enter the roam timeout value used here This value must be between 1 and 120 seconds The default value is 30 seconds default Specifies that the default value will be used Restrictions Only Administrators can issue this command Example To configure the client s roaming timeout value DWS 3160 24PC admin...

Page 888: ...cluster priority 1 Success DWS 3160 24PC admin 95 21 config wireless country_code Description This command is used to globally configure the country code for the Wireless Switch and all managed access points The code may be entered in either upper or lower case When you change the country code the wireless function is disabled and re enabled automatically Format config wireless country_code countr...

Page 889: ...This value must be between 1 and 8000 The default value is 128 default Specifies that the default value will be used idle_timeout Optional Specifies the number of seconds of no activity by the client before the tunnel to that client is terminated and the client is forced to change its IP address int 30 3600 Enter the idle timeout value used for the tunnel here This value must be between 30 and 360...

Page 890: ... feature will automatically be disabled and re enabled The default wireless IP port number is not sent as part of the global Switch configuration in the cluster configuration distribution command Every Switch in the cluster must be configured independently with the new IP port number When the wireless IP port number is changed from its default value on the Switch then it must also be changed on th...

Page 891: ...eters white_list Specifies that access is granted only to clients with MAC addresses in the Known Client database This is the default option black_list Specifies that access is denied to clients with MAC addresses in the Known Client database Restrictions Only Administrators can issue this command Example To configure that MAC authentication mode as black_list DWS 3160 24PC admin config wireless m...

Page 892: ..._group 168 Success DWS 3160 24PC admin 95 26 config wireless radius Description This command is used to configure the global RADIUS setting NOTE This command only configures the accounting status for wireless use Format config wireless radius accounting enable disable Parameters accounting Specifies the state of the wireless RADIUS accounting feature enable Specifies that the wireless RADIUS accou...

Page 893: ...lear Parameters ipaddr Enter a valid IP address for the wireless Switch here clear Specifies that the static IP address will reset to 0 0 0 0 Restrictions Only Administrators can issue this command Example To configure a static IP address for the wireless Switch DWS 3160 24PC admin config wireless static_ip 10 72 72 110 Command config wireless static_ip 10 72 72 110 Success DWS 3160 24PC admin 95 ...

Page 894: ... related events By default this option is disabled rogue_ap Specifies the SNMP traps associated with rogue access points By default this option is disabled wids_status Specifies the SNMP traps associated with WIDS status events By default this option is disabled ws_status Specifies the SNMP traps associated with wireless status events By default this option is disabled Restrictions Only Administra...

Page 895: ...ess tunnel_mtu default Command config wireless tunnel_mtu default Warning When Tunnel IP MTU Size is changed all the clients will be disassociated Success DWS 3160 24PC admin 95 30 clear wireless statistics Description This command is used to reset the global wireless Switch statistics Format clear wireless statistics Parameters None Restrictions Only Administrators can issue this command Example ...

Page 896: ...ion This command is used to display the configured wireless Switch s global parameters and the operational status Format show wireless Parameters None Restrictions None Example To display the wireless Switch s global parameters NOTE The Switch will take several minutes to elect the Cluster Controller ...

Page 897: ...rk Mutual Authentication Mode Disabled Unmanaged AP Re provisioning Mode Enabled Network Mutual Authentication Status Not Started Regenerate X 509 Certificate Status Not In Progress DWS 3160 24PC admin 95 32 show wireless agetime Description This command is used to display the configured age times for the status database entries Format show wireless agetime Parameters None Display parameters that ...

Page 898: ...ardware image and dual boot support capabilities Format show wireless ap_capability any hw_dwl8600 hw_dwl3600 hw_dwl6600 radio int 1 2 image_table dual_boot Parameters any Optional Specifies that a summary of access point hardware type capabilities for all supported AP hardware types is displayed hw_dwl8600 Specifies that detailed hardware type capabilities will be displayed for the DWL 8600 hw_dw...

Page 899: ...display the detailed hardware type capability DWS 3160 24PC admin show wireless ap_capability hw_dwl8600 radio 1 Command show wireless ap_capability hw_dwl8600 radio 1 Hardware Type Description DWL 8600AP Dual Radio a b g n Radio Count 2 Image Type DLink 8600 AP Radios Radio 1 Radio Type Description D Link DWL 8600 a n VAP Count 16 802 11a Support Enable 802 11bg Support Disable 802 11n Support En...

Page 900: ...rted DWS 3160 24PC admin 95 34 show wireless ap_image availability Description This command is used to display the version information of AP images stored on the Switch Format show wireless ap_image availability Parameters None Restrictions None Example To display AP image version information DWS 3160 24PC admin show wireless ap_image availability Command show wireless ap_image availability Image ...

Page 901: ...Netherlands Antilles AR Argentina AS American Samoa AT Austria AU Australia AW Aruba AZ Azerbaijan BA Bosnia BB Barbados BD Bangladesh BE Belgium BG Bulgaria BH Bahrain BM Bermuda BN Brunei BO Bolivia BR Brazil BS Bahamas CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 95 36 show wireless discovery Description This command is used to display the configured wireless Switch discovery meth...

Page 902: ...ry Command show wireless discovery Wireless Discovery Status IP Polling Mode Enabled L2 Multicast Discovery Mode Enabled DWS 3160 24PC admin To display information about the configured wireless Switch s IP polling list for Layer 3 discovery DWS 3160 24PC admin show wireless discovery ip_list Command show wireless discovery ip_list Maximum Number of Configurable Entries 256 Total Number of Configur...

Page 903: ...buted Tunnel Idle Timeout Displays the number of seconds of no activity by the client before the tunnel to that client is terminated and the client is forced to change its IP address Distributed Tunnel Timeout Displays the number of seconds before the tunnel to the roamed client is terminated and the client is forced to change its IP address Distributed Tunnel Max Multicast Replications Displays t...

Page 904: ...the wireless distributed tunnel s statistics DWS 3160 24PC admin show wireless dist_tunnel statistics Command show wireless dist_tunnel statistics Distributed Tunnel Packets Transmitted 0 Distributed Tunnel Roamed Clients 0 Distributed Tunnel Client Denials 0 DWS 3160 24PC admin 95 38 show wireless known_client Description This command is used to display the content of the local Known Client datab...

Page 905: ...or RADIUS and are not explicitly denied access are granted access If a MAC address is not in the list then access to this client is denied If the global MAC Authentication action is configured as Black List then any wireless clients with MAC addresses that are specified in the known client list local or RADIUS and are not explicitly granted access are denied access If a MAC address is not in the l...

Page 906: ...fies that multicast TX rates of the physical mode 802 11a will be displayed bg Specifies that multicast TX rates of the physical mode 802 11b g will be displayed Restrictions Only Administrators Operators and Power Users can issue this command Example To display multicast TX rates of the physical mode 802 11a DWS 3160 24PC admin show wireless multicast tx_rates a Command show wireless multicast tx...

Page 907: ...min 95 41 show wireless oui_database Description This command is used to display all the OUI entries created by the Administrator in the local OUI database Format show wireless oui_database ouival Parameters ouival Optional Enter the OUI Value composed of the higher three octets of the Ethernet MAC address of the vendor AP or Client here If no parameter is specified then all entries will be displa...

Page 908: ...nfiguration for wireless clients Format show wireless radius Parameters None Restrictions None Example To display the global RADIUS configuration for wireless clients DWS 3160 24PC admin show wireless radius Command show wireless radius RADIUS Accounting Enabled DWS 3160 24PC admin 95 43 show wireless rates Description This command is used to display the rates valid for a specific physical mode Th...

Page 909: ...f the physical mode 802 11a DWS 3160 24PC admin show wireless rates a Command show wireless rates a Mode 802 11a Valid Rates Mbps 6 Mbps 9 Mbps 12 Mbps 18 Mbps 24 Mbps 36 Mbps 48 Mbps 54 Mbps DWS 3160 24PC admin To display TX rates of the physical mode 802 11b g DWS 3160 24PC admin show wireless rates bg Command show wireless rates bg Mode 802 11b g Valid Rates Mbps 1 Mbps 2 Mbps 5 5 Mbps 6 Mbps 9...

Page 910: ...Switch s statistics DWS 3160 24PC admin show wireless statistics Command show wireless statistics WLAN Bytes Received 0 WLAN Bytes Transmitted 0 WLAN Packets Received 0 WLAN Packets Transmitted 0 WLAN Bytes Receive Dropped 0 WLAN Bytes Transmit Dropped 0 WLAN Packets Receive Dropped 0 WLAN Packets Transmit Dropped 0 DWS 3160 24PC admin 95 45 show wireless status Description This command is used to...

Page 911: ...Points 2 Standalone Access Points 0 AP Provisioning Count 2 Maximum AP Provisioning Entries 96 Distributed Tunnel Clients 0 WLAN Utilization 0 Maximum Pre authentication History Entries 500 Total Pre authentication History Entries 0 Maximum Roam History Entries 500 Total Roam History Entries 0 DWS 3160 24PC admin 95 46 show wireless switch Description This command is used to display the wireless S...

Page 912: ...ccess Points 0 Maximum Managed Access Points 12 Total Clients 0 Authenticated Clients 0 Distributed Tunnel Clients 0 WLAN Utilization 0 DWS 3160 24PC admin To display the local Switch s statistics DWS 3160 24PC admin show wireless switch local statistics Command show wireless switch local statistics WLAN Bytes Received 0 WLAN Bytes Transmitted 0 WLAN Packets Received 0 WLAN Packets Transmitted 0 W...

Page 913: ...nd is used to display the wireless trap status on the Switch Format show wireless trap Parameters None Restrictions None Example To display the wireless trap status on the Switch DWS 3160 24PC admin show wireless trap Command show wireless trap AP Failure Traps Enabled AP State Change Traps Disabled Client Failure Traps Disabled Client State Change Traps Disabled Peer Switch Traps Disabled RF Scan...

Page 914: ...to display the configured network s MTU size This is a global configuration for all managed access points Format show wireless tunnel_mtu Parameters None Restrictions None Example To display the configured network s MTU size DWS 3160 24PC admin show wireless tunnel_mtu Command show wireless tunnel_mtu tunnel mtu 1500 DWS 3160 24PC admin ...

Page 915: ...ent threshold_interval_prob int 1 3600 default config wireless wids_security client threshold_value_auth int 1 99999 default config wireless wids_security client threshold_value_deauth int 1 99999 default config wireless wids_security client threshold_value_prob int 1 99999 default config wireless wids_security fakeman_ap_chan_invalid enable disable config wireless wids_security fakeman_ap_managem...

Page 916: ...not Format config wireless wids_security ap_chan_illegal enable disable Parameters enable Specifies to manage rogue reporting for APs operating on an illegal channels This is the default option disable Specifies not to manage rogue reporting for APs operating on an illegal channels Restrictions Only Administrators can issue this command Example To enable WIDS security for rogue reporting for APs o...

Page 917: ...ack enable Success DWS 3160 24PC admin 96 4 config wireless wids_security client auth_with_unknown_ap Description This command is used to enable or disable the test to check if a known client is authenticated with an unknown AP If yes then the client is marked as a rogue Format config wireless wids_security client auth_with_unknown_ap enable disable Parameters enable Specifies to enable the test t...

Page 918: ...1 authentication requests This is the default option disable Specifies to disable the test which marks the client as rogue if it exceeds the configured rate for transmitting 802 11 authentication requests Restrictions Only Administrators can issue this command Example To enable the test which marks the client as rogue if it exceeds the configured rate for transmitting 802 11 authentication request...

Page 919: ...able Command config wireless wids_security client configured_deauth_rate enable Success DWS 3160 24PC admin 96 7 config wireless wids_security client configured_probe_rate Description This command is used to enable or disable the test which marks the client as rogue if it exceeds the configured rate for transmitting probe requests Format config wireless wids_security client configured_probe_rate e...

Page 920: ...test which marks the client as a rogue if it is not in the Known Clients database disable Specifies to disable the test which marks the client as a rogue if it is not in the Known Clients database This is the default option Restrictions Only Administrators can issue this command Example To enable WIDS security for the known client database DWS 3160 24PC admin config wireless wids_security client k...

Page 921: ...is command is used to enable or disable the test which marks the client as rogue if it exceeds the maximum number of authentication failures Format config wireless wids_security client max_auth_failure enable disable Parameters enable Specifies to enable the test which marks the client as rogue if it exceeds the maximum number of authentication failures This is the default option disable Specifies...

Page 922: ...est DWS 3160 24PC admin config wireless wids_security client oui_database enable Command config wireless wids_security client oui_database enable Success DWS 3160 24PC admin 96 12 config wireless wids_security client rogue_det_trap_interval Description This command is used to Specifies the interval between transmissions of the trap telling you that rogue clients are present in the detected client ...

Page 923: ...at_mitigation enable disable Parameters enable Specifies to enable the transmission of de authentication messages to known clients associated with unknown APs disable Specifies to disable the transmission of de authentication messages to known clients associated with unknown APs This is the default option Restrictions Only Administrators can issue this command Example To enable the transmission of...

Page 924: ...threshold_auth_failure 100 Command config wireless wids_security client threshold_auth_failure 100 Success DWS 3160 24PC admin 96 15 config wireless wids_security client threshold_interval_auth Description This command is used to Specifies the threshold interval for counting the authentication messages at the Switch Format config wireless wids_security client threshold_interval_auth int 1 3600 def...

Page 925: ...ssage here This value must be between 1 and 3600 The default value is 60 default Specifies that the default value will be used Restrictions Only Administrators can issue this command Example To Specifies the threshold interval for counting the de authentication message DWS 3160 24PC admin config wireless wids_security client threshold_interval_deauth 600 Command config wireless wids_security clien...

Page 926: ...e maximum number of authentication messages that a Switch can receive during the threshold interval Format config wireless wids_security client threshold_value_auth int 1 99999 default Parameters int 1 99999 Enter the maximum number of authentication messages that a Switch can receive during the threshold interval here This value must be between 1 and 99999 The default value is 10 default Specifie...

Page 927: ... can issue this command Example To Specifies the maximum number of de authentication messages which a Switch can receive during the threshold interval DWS 3160 24PC admin config wireless wids_security client threshold_value_deauth 100 Command config wireless wids_security client threshold_value_deauth 100 Success DWS 3160 24PC admin 96 20 config wireless wids_security client threshold_value_prob D...

Page 928: ...eacon was received from a fake managed AP on an invalid rogue channel or not Format config wireless wids_security fakeman_ap_chan_invalid enable disable Parameters enable Specifies to manage when a beacon was received from a fake managed AP on an invalid rogue channel This is the default option disable Specifies not to manage when a beacon was received from a fake managed AP on an invalid rogue ch...

Page 929: ... Administrators can issue this command Example To manage rogue reporting for fake managed AP s detected with a managed SSID DWS 3160 24PC admin config wireless wids_security fakeman_ap_managemed_ssid enable Command config wireless wids_security fakeman_ap_managemed_ssid enable Success DWS 3160 24PC admin 96 23 config wireless wids_security fakeman_ap_no_ssid Description This command is used to man...

Page 930: ...t Format config wireless wids_security managed_ap_ssid_invalid enable disable Parameters enable Specifies to manage invalid SSIDs received from a rogue managed AP This is the default option disable Specifies not to manage invalid SSIDs received from a rogue managed AP Restrictions Only Administrators can issue this command Example To manage invalid SSIDs received from a rogue managed AP DWS 3160 2...

Page 931: ...ess wids_security managed_ssid_secu_bad enable Success DWS 3160 24PC admin 96 26 config wireless wids_security rogue_det_trap_interval Description This command is used to Specifies the rogue detected trap interval Use this variable to set the interval in seconds between transmissions of the trap telling you that rogues are present in the RF Scan database Format config wireless wids_security rogue_...

Page 932: ...ity or WIDS mode This is the default option disable Specifies not to manage standalone APs when operating with an unexpected channel SSID security or WIDS mode Restrictions Only Administrators can issue this command Example To manage standalone APs when operating with an unexpected channel SSID security or WIDS mode DWS 3160 24PC admin config wireless wids_security standalone_cfg_invalid enable Co...

Page 933: ...rity unmanaged_ap_wired Description This command is used to manage unmanaged APs that are detected on the wired network or not Format config wireless wids_security unmanaged_ap_wired enable disable Parameters enable Specifies to manage unmanaged APs that are detected on the wired network This is the default option disable Specifies not to manage unmanaged APs that are detected on the wired network...

Page 934: ... value must be between 0 and 3600 seconds The default option is 60 seconds This value 0 means that detection will be disabled default Specifies that the default value will be used Restrictions Only Administrators can issue this command Example To disable the wired detection interval DWS 3160 24PC admin config wireless wids_security wired_detection_interval 0 Command config wireless wids_security w...

Page 935: ...nable Rogue standalone AP unexpected config Enable Rogue unknown AP managed SSID Enable Rogue fake managed AP managed SSID Enable Rogue unmanaged AP on a wired network Enable Rogue detected trap interval 300 seconds Wired network detection interval 60 seconds AP De Authentication Attack Disable DWS 3160 24PC admin 96 32 show wireless wids_security client Description This command is used to display...

Page 936: ...Client Threat Mitigation Disable De auth threshold interval 60 seconds De auth threshold value 10 Auth threshold interval 60 seconds Auth threshold value 10 Probe threshold interval 60 seconds Probe threshold value 120 Auth failure threshold 5 Known DB Location Local DWS 3160 24PC admin 96 33 show wireless wids_security client rogue_test_descriptions Description This command is used to display to ...

Page 937: ...I not in the OUI Database DWS 3160 24PC admin 96 34 show wireless wids_security de_authentication Description This command is used to display information about APs against which the Cluster Controller initiated a de authentication attack Format show wireless wids_security de_authentication Parameters None Restrictions None Example To display information about APs against which the Cluster Controll...

Page 938: ...criptions Command show wireless wids_security rogue_test_descriptions WIDSAPROGUE01 Administrator configured rogue AP WIDSAPROGUE02 Managed SSID from an unknown AP WIDSAPROGUE03 Managed SSID from a fake managed AP WIDSAPROGUE04 AP without an SSID WIDSAPROGUE05 Fake managed AP on an invalid channel WIDSAPROGUE06 Managed SSID detected with incorrect security WIDSAPROGUE07 Invalid SSID from a managed...

Page 939: ...mand is used to enable the password recovery mode Format enable password_recovery Parameters None Restrictions Only Administrators can issue this command Example To enable the password recovery mode DWS 3160 24PC admin enable password_recovery Command enable password_recovery Success DWS 3160 24PC admin 97 2 disable password_recovery Description This command is used to disable the password recover...

Page 940: ...le password_recovery Success DWS 3160 24PC admin 97 3 show password_recovery Description This command is used to display the password recovery state Format show password_recovery Parameters None Restrictions Only Administrators can issue this command Example To display the password recovery state DWS 3160 24PC admin show password_recovery Command show password_recovery Running Configuration Enable...

Page 941: ...P spoofing This document is intended to introduce the ARP protocol ARP spoofing attacks and the countermeasures brought by D Link s switches to thwart ARP spoofing attacks Figure 1 In the process of ARP PC A will first issue an ARP request to query PC B s MAC address The network structure is displayed in Figure 1 In the meantime PC A s MAC address will be written into the Sender H W Address and it...

Page 942: ... broadcast the Destination address is in a format of Ethernet broadcast FF FF FF FF FF FF Table 2 Ethernet Frame Format When the Switch receives the frame it will check the Source Address in the Ethernet frame s header If the address is not in its Forwarding Table the Switch will learn PC A s MAC and the associated port into its Forwarding Table In addition when the Switch receives the broadcasted...

Page 943: ...re 3 When PC B replies to the ARP request its MAC address will be written into Target H W Address in the ARP payload displayed in Table 3 The ARP reply will be then encapsulated into an Ethernet frame again and sent back to the sender The ARP reply is in a form of Unicast communication ...

Page 944: ...amine the Source Address of the Ethernet frame and find that the address is not in the Forwarding Table The Switch will learn PC B s MAC and update its Forwarding Table How ARP Spoofing Attacks a Network ARP spoofing also known as ARP poisoning is a method to attack an Ethernet network which may allow an attacker to sniff data frames on a LAN modify the traffic or stop the traffic altogether known...

Page 945: ...ress are filled with the same source IP address itself The Sender H W Address and Target H W address are filled with the same source MAC address itself The destination MAC address is the Ethernet broadcast address FF FF FF FF FF FF All nodes within the network will immediately update their own ARP table in accordance with the sender s MAC and IP address The format of Gratuitous ARP is displayed in...

Page 946: ...ter and cheats the router that it is the victim As can be seen in Figure 5 all traffic will be then sniffed by the hacker but the users will not discover Prevent ARP Spoofing via Packet Content ACL D Link managed switches can effectively mitigate common DoS attacks caused by ARP spoofing via a unique Package Content ACL For the reason that basic ACL can only filter ARP packets based on packet type...

Page 947: ...e offset chunks In Table 6 you will notice that the Offset_Chunk0 starts from the 127th byte and ends at the 128th byte It also can be found that the offset chunk is scratched from 1 but not zero Offset Chunk Offset Chunk0 Offset Chunk1 Offset Chunk2 Offset Chunk3 Offset Chunk4 Offset Chunk5 Offset Chunk6 Offset Chunk7 Offset Chunk8 Offset Chunk9 Offset Chunk10 Offset Chunk11 Offset Chunk12 Offset...

Page 948: ... profile_name 2 packet_content_mask offset1 l2 0 0xFF offset2 l2 1 0xFF offset3 l2 16 0xFF offset4 l2 17 0xFF offset5 l2 18 0xFF offset6 l2 19 0xFF 4 Create access profile 2 5 The first chunk starts from offset 1 2 mask for Ethernet Type Blue in Table 6 13th and 14th bytes 6 The second chunk starts from offset 3 4 mask for Sender IP in ARP packet Green in Table 6 29th and 30th bytes 7 The third ch...

Page 949: ...ct connection to the console port of the device It is necessary for the user needs to attach a terminal or PC with terminal emulation to the console port of the Switch Power on the Switch After the runtime image and UART init are loaded to 100 the Switch will allow 2 seconds for the user to press the hotkey Shift 6 to enter the Password Recovery Mode Once the Switch enters the Password Recovery Mo...

Page 950: ... reset account command deletes all the previously created accounts reset password username The reset password command resets the password of the specified user If a username is not specified the passwords of all users will be reset show account The show account command displays all previously created accounts ...

Page 951: ...d to flash by console Username username IP ipaddr Informational by console and IP ipaddr are XOR displaye d in log string which means if user login by console there will no IP informati on for logging System log saved to flash System log saved to flash by console Username username IP ipaddr Informational by console and IP ipaddr are XOR displaye d in log string which means if user login by console...

Page 952: ...ssfully Username username IP ipaddr Informational by console and IP ipaddr are XOR displaye d in log string which means if user login by console there will no IP informati on for logging Firmware upgrade was unsuccessful Firmware upgrade by console was unsuccessful Username username IP ipaddr Warning by console and IP ipaddr are XOR displaye d in log string which means if user login by console the...

Page 953: ...formational by console and IP ipaddr are XOR displaye d in log string which means if user login by console there will no IP informati on for logging Configuration upload was unsuccessful Configuration upload by console was unsuccessful Username username IP ipaddr Warning by console and IP ipaddr are XOR displaye d in log string which means if user login by console there will no IP informati on for...

Page 954: ...ipaddr are XOR displaye d in log string which means if user login by console there will no IP informati on for logging Firmware upload was unsuccessful Firmware upload by console was unsuccessful Username username IP ipaddr Warning by console and IP ipaddr are XOR displaye d in log string which means if user login by console there will no IP informati on for logging Interface Port link up Port por...

Page 955: ...e username IP ipaddr Informational TELNET Successful login through TELNET Successful login through TELNET Username username IP ipaddr Informational Login failed through TELNET Login failed through TELNET Username username IP ipaddr Warning Logout through TELNET Logout through TELNET Username username IP ipaddr Informational TELNET session timed out TELNET session timed out Username username IP ipa...

Page 956: ...formational SSH server is disabled SSH server is disabled Informational AAA Authentication Policy is enabled Authentication Policy is enabled Module AAA Informational Authentication Policy is disabled Authentication Policy is disabled Module AAA Informational Successful login through Console authenticated by AAA local method Successful login through Console authenticated by AAA local method Userna...

Page 957: ...onsole due to AAA server timeout or improper configuration Login failed through Console due to AAA server timeout or improper configuration Username username Warning Successful login through Web authenticated by AAA server Successful login through Web from userIP authenticated by AAA server serverIP Username username Informational Login failed through Web authenticated by AAA server Login failed t...

Page 958: ...nable Admin failed through Web SSL from userIP authenticated by AAA local_enable method Username username Warning Successful Enable Admin through TELNET authenticated by AAA local_enable method Successful Enable Admin through TELNET from userIP authenticated by AAA local_enable method Username username Informational Enable Admin failed through TELNET authenticated by AAA local_enable method Enable...

Page 959: ... through Web SSL due to AAA server timeout or improper configuration Enable Admin failed through Web SSL from userIP due to AAA server timeout or improper configuration Username username Warning Successful Enable Admin through TELNET authenticated by AAA server Successful Enable Admin through TELNET from userIP authenticated by AAA server serverIP Username username Informational Enable Admin faile...

Page 960: ... discarded by IMPB IP ipaddr MAC macaddr Port portNum Warning Dynamic IMPB entry is conflict with static ARP Dynamic IMPB entry conflicts with static ARP IP ipaddr MAC macaddr Port portNum Warning Dynamic IMPB entry is conflict with static FDB Dynamic IMPB entry conflicts with static FDB IP ipaddr MAC macaddr Port portNum Warning Dynamic IMPB entry conflicts with static IMPB Dynamic IMPB entry con...

Page 961: ...mational Gratuitous ARP Gratuitous ARP detected duplicate IP Conflict IP was detected with this device IP ipaddr MAC macaddr Port portNum Interface ipif_name Warning DHCP Detect untrusted DHCP server IP address Detected untrusted DHCP server IP ipaddr Port portNum Informational DHCP Server Screenin g BPDU Protection BPDU attack happened Port portNum enter BPDU under attacking state mode drop block...

Page 962: ...vid Informational ERPS Signal failure detected Signal failure detected on node macaddr Notice Signal failure cleared Signal failure cleared on node macaddr Notice RPL owner conflict RPL owner conflicted on the ring macaddr Warning Command logging Command Logging username execute command string Informational Wireless State Wireless Switch enabled Wireless switch enabled Informational Wireless Switc...

Page 963: ...macaddr AP MAC macaddr Radio If int detected Informational Wireless Client Association detected Wireless Client Association MAC macaddr VAP MAC macaddr AP MAC macaddr SSID ssid Security Mode string detected Informational Wireless Client Disassociation detected Wireless Client Disassociation MAC macaddr VAP MAC macaddr AP MAC macaddr detected Informational Wireless Client Roam detected Wireless Cli...

Page 964: ...mplete Wireless Power Algorithm is complete Informational Captive Portal CP Client Connected CP Client Connected MAC macaddr IP ipaddr SwMAC macaddr CPID int Interface int Informational CP Client Disconnected CP Client Disconnected MAC macaddr IP ipaddr SwMAC macaddr CPID int Interface int Informational CP Client Auth Failure CP Client Auth Failure MAC macaddr IP ipaddr SwMAC macaddr CPID int Inte...

Page 965: ...171 12 35 11 1 0 2 MacBasedAuthAgesOut This trap is sent when a MAC based access control host ages out 1 3 6 1 4 1 171 12 35 11 1 0 3 FilterDetectedTrap This trap is sent when an illegal DHCP server is detected The same illegal DHCP server IP address detected is just sent once to the trap receivers within the log ceasing unauthorized duration 1 3 6 1 4 1 171 12 37 100 0 1 SingleIPMSColdStart The c...

Page 966: ...h capacity alarm entry crosses its rising threshold and generates an event that is configured for sending SNMP traps 1 3 6 1 2 1 16 29 2 0 1 fallingAlarm This trap is an SNMP notification that is generated when a high capacity alarm entry crosses its falling threshold and generates an event that is configured for sending SNMP traps 1 3 6 1 2 1 16 29 2 0 2 newRoot The newRoot trap indicates that th...

Page 967: ...ed trap signifies that the SNMP entity acting in an agent role has detected the failed AP 1 3 6 1 4 1 171 12 96 11 0 13 wsManagedAPUnknownProtocol A wsManagedAPUnknownProtocol trap signifies that the SNMP entity acting in an agent role has detected the unknown protocol between wireless Switch and managed AP communication 1 3 6 1 4 1 171 12 96 11 0 14 wsAPAssociationFailure A wsAPAssociationFailure...

Page 968: ...er in the peer group 1 3 6 1 4 1 171 12 96 11 0 32 wsClusterMaxAPExceeded A wsClusterMaxAPExceeded trap signifies that the SNMP entity acting in an agent role has detected that the managed APs in the network has exceeded 1 3 6 1 4 1 171 12 96 11 0 33 wsRoguesPresent A wsRoguesPresent trap signifies that the SNMP entity acting in an agent role has detected one or more Rogues present in the network ...

Page 969: ...onnection 1 3 6 1 4 1 171 12 97 4 0 2 cpClientDatabaseFull A cpClientDatabaseFull trap signifies that the SNMP entity acting in an agent role has detected that client authentication database is full 1 3 6 1 4 1 171 12 97 4 0 3 cpClientDisconnect A cpClientDisconnect trap signifies that the SNMP entity acting in an agent role has detected a client disconnection 1 3 6 1 4 1 171 12 97 4 0 4 ...

Page 970: ... of a port Unit Kbits Required If the user has configured the bandwidth attribute of the RADIUS server for example ingress bandwidth 1000Kbps and the 802 1X authentication is successful the device will assign the bandwidth according to the RADIUS server to the port However if the user does not configure the bandwidth attribute and authenticates successfully the device will not assign any bandwidth...

Page 971: ...f a tunnel initiator or the tunneling protocol in use in the case of a tunnel terminatior 13 VLAN Required Tunnel Medium Type This attribute indicates the transport medium being used 6 802 Required Tunnel Private Group ID This attribute indicates group ID for a particular tunneled session A string VID Required A summary of the Tunnel Private Group ID Attribute format is shown below 0 1 2 3 0 1 2 3...

Page 972: ...ile create access_profile profile_id 6 profile_name 1 ethernet vlan 0xFFF ACL rule config access_profile profile_id 6 add access_id auto_assign ethernet vlan_id 1 port all deny Required If the user has configured the ACL attribute of the RADIUS server for example ACL profile create access_profile profile_id 6 profile_name 1 ethernet ACL rule config access_profile profile_id 6 add access_id auto_as...

Page 973: ...atic channel assignment Optional if defined and valid will override auto channel configuration 0 Vendor Specifc 26 D Link 171 Radio 2 Chan 106 Indicates a fixed channel for the radio 0 1 13 36 40 44 48 52 56 60 64 104 108 112 116 120 124 128 132 140 149 153 157 161 165 0 indicates automatic channel assignment Optional if defined and valid will override auto channel configuration 0 Vendor Specifc 2...

Page 974: ...ation is not used is used but is not successful or is successful but a particular QoS RADIUS attribute is either not configured or not valid for the client entry The corresponding AP network client QoS default parameter is used instead for the client Each such RADIUS attribute is evaluated this way case by case Attribute Description Range Usage Vendor Specific 26 D Link 171 Client ACL Dn 120 Acces...

Page 975: ... D Link 171 Client Policy Up 123 Name of DiffServ policy to be applied to 802 1X authenticated wireless client traffic in the inbound up direction If this attribute is not present then the Client QoS Default Policy Up parameter defined in the Network configuration is used instead If this attribute is present but refers to an undefined policy name in the system all packets for this client will be d...

Page 976: ... in the list and are not explicitly denied access are granted access If MAC address is not in the list then the access to the client is denied If the global MAC Authentication action is configured as Black List then any wireless clients with MAC addresses that are specified in the list and are not explicitly granted access are denied access If MAC address is not in the list then the access to the ...

Page 977: ...0 Vendor Specific 26 D Link 171 LVL7 Max Input Octets 124 Maximum number of octets the user is allowed to transmit After this limit has been reached the user will be disconnected If the attribute is 0 or not present then use the value configured for the Captive Portal Integer Optional 0 Vendor Specific 26 D Link 171 LVL7 Max Output Octets 125 Maximum number of octets the user is allowed to receive...

Page 978: ...CLI Reference Guide 974 Vendor Specific 26 D Link 171 LVL7 Captive Portal Groups 127 Acomma delimited list of group names that correspond to the configured CP instance configurations String Optional None The default group is used if not defined here ...

Page 979: ...iority field The Switch with higher priority becomes the Cluster Controller If the priority is the same then the Switch with lower IP address becomes the Cluster Controller The Cluster priority is conveyed in the initial identification message The Cluster priority has a range from 0 to 255 Setting the priority to 0 disables the Cluster Controller function on the Switch Customers may want to disabl...

Page 980: ...and the network operates without the Cluster Controller The Cluster priority is a global Switch configuration setting When the global configuration is pushed from one peer Switch to another the Cluster priority is not included in this configuration because its purpose is to differentiate the preference level for the Cluster Controller function for each Switch There are two Switch status parameters...

Page 981: ...ed When the mutual authentication mode is disabled the Wireless System uses anonymous cipher and disables certificate exchange and verification In order to verify the certificate each device generates a private key and an X 509 certificate The private key is kept on the device and is not given out to other Switches or APs The certificate contains a matching public key The device certificate is giv...

Page 982: ...routing interface optionally The wireless software automatically selects the IP Address of the lowest interface index The System interface is always the interface with the lowest index 1 If the System interface is deleted then the software automatically selects the IP address of a lowest index routing interface If no interfaces are defined then the wireless function is disabled IP Address Assignme...

Page 983: ...rsus MBA and IMPB In addition when a wireless tunnel client is added by Wireless Switch the Wireless Switch will notify the MBA module to remove the client MAC if it added the MAC In other words MBA and IMPB will not work when the MAC belongs to a tunnel client To achieve IP in IP tunnel forwarding the MAC addresses of the devices under the tunnel are learned and marked as static FDB entries on th...

Reviews:

No comments

Related manuals for DWS-3160 Series

dominion kx III

Brand: Raritan Pages: 6

Brand: Raritan Pages: 5

DOMINION KSX II

Brand: Raritan Pages: 7

Brand: Raritan Pages: 2

Brand: Ubiquiti Pages: 24

Brand: Ubiquiti Pages: 13

Brand: Ubisys Pages: 2

PIXIE Smart Switch G3

Brand: SAL Pages: 2

Brand: Tecsis Pages: 2

Brand: SMC Networks Pages: 102

Brand: F&G Pages: 6

Brand: ATEN Pages: 2

Brand: Ruby Tech Pages: 2

Brand: Kohler Pages: 170

S5130S-EI series

Brand: H3C Pages: 67

Brand: F&F Pages: 10

Brand: Vega Pages: 36

Brand: Origin Instruments Pages: 6

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands