manualshive.com logo in svg

D-Link DXS-3227 - xStack Switch - Stackable, Cli Manual

The D-Link DXS-3227 xStack Switch is a reliable and high-performance stackable switch designed for improved network connectivity. To ensure seamless installation and configuration, we provide a comprehensive Web/Installation Manual, available for free download from our website. This manual includes step-by-step instructions and troubleshooting guides, enhancing your networking experience.

Share
Download
background image

ACL Commands

Page 41 

deny (MAC)

The 

deny

 MAC-Access List Configuration mode command denies

 

traffic if the conditions defined in the deny 

statement match.

Syntax

deny

 [

disable-port

] {

any

 | {

source source-wildcard

} {

any

 | {

destination destination- wildcard

}}[

vlan

 

vlan-id

[

cos cos

 

cos-wildcard

] [

ethtype

 

eth-type

Parameters

disable-port

 — Indicates that the port is disabled if the statement is deny.

source

 — Specifies the MAC address of the host from which the packet was sent.

source-wildcard

 — (Optional for the first type) Specifies wildcard bits by placing 1s in bit positions to be 

ignored.

destination

 — Specifies the MAC address of the host to which the packet is being sent.

destination-wildcard

 — (Optional for the first type) Specifies wildcard bits by placing 1s in bit positions to be 

ignored.

vlan-id

 — Specifies the ID of the packet vlan.

cos 

— Specifies the packets’s Class of Service (CoS).

cos-wildcard

 — Specifies wildcard bits to be applied to the CoS.

eth-type

 — Specifies the packet’s Ethernet type.

Default Configuration

This command has no default configuration.

Command Mode

MAC-Access List Configuration mode

User Guidelines

MAC BPDU packets cannot be denied.

This command defines an Access Control Element (ACE). An ACE can only be removed by deleting the ACL, 

using the 

no mac access-list

 Global Configuration mode command. Alternatively, the Web-based interface 

can be used to delete ACEs from an ACL.

Before an Access Control Element (ACE) is added to an ACL, all packets are permitted. After an ACE is 

added, an implied 

deny-any-any

 condition exists at the end of the list and those packets that do not match 

the conditions defined in the permit statement are denied.

If the VLAN ID is specified, the policy map cannot be connected to the VLAN interface.

Examples

The following example shows how to create a MAC ACL with deny rules.

Console(config)# 

mac access-list

 macl1

Console (config-mac-acl)# 

deny

 6:6:6:6:6:6:0:0:0:0:0:0 

any

Summary of Contents for DXS-3227 - xStack Switch - Stackable

Page 1: ... Copyright 2005 All rights reserved CLI Guide Product Model DXS 3200 Series L2 Stackable Gigabit Mngd Switch with Optional 10Gig Uplinks Release 1 ...

Page 2: ...ompletion 17 Nomenclature 17 Keyboard Shortcuts 18 CLI Command Conventions 18 Copying and Pasting Text 18 Section 2 AAA Commands 20 aaa authentication login 20 aaa authentication enable 22 login authentication 24 enable authentication 25 ip http authentication 26 ip https authentication 27 show authentication methods 28 password 29 enable password 30 username 31 Section 3 ACL Commands 32 stack lig...

Page 3: ...ge multicast address table 60 show bridge multicast filtering 62 show ports security 63 show ports security addresses 65 Section 5 Clock Commands 68 clock set 68 clock source 69 clock timezone 70 clock summer time 71 sntp authentication key 73 sntp authenticate 74 sntp trusted key 75 sntp client poll timer 76 sntp broadcast client enable 77 sntp anycast client enable 78 sntp client enable Interfac...

Page 4: ...st IC 119 port storm control broadcast enable 120 port storm control broadcast rate 121 show ports storm control 122 Section 8 GVRP Commands 124 gvrp enable Global 124 gvrp enable Interface 125 garp timer 126 gvrp vlan creation forbid 127 gvrp registration forbid 128 clear gvrp statistics 129 show gvrp configuration 130 show gvrp statistics 131 show gvrp error statistics 132 Section 9 IGMP Snoopin...

Page 5: ... ip name server 160 ip host 161 clear host 162 clear host dhcp 163 show hosts 164 Section 11 IP Routing Commands 166 ip route 166 show ip route 167 Section 12 LACP Commands 170 lacp system priority 170 lacp port priority 171 lacp timeout 172 show lacp ethernet 173 show lacp port channel 175 Section 13 Line Commands 176 line 176 speed 177 autobaud 178 exec timeout 179 history 180 history size 181 t...

Page 6: ...annel 203 Section 17 Port Monitor Commands 204 port monitor 204 port monitor vlan tagging 205 show ports monitor 206 Section 18 Power over Ethernet Commands 208 power inline 208 power inline powered device 209 power inline priority 210 power inline usage threshold 211 power inline traps enable 212 show power inline 213 Section 19 QoS Commands 216 qos 216 show qos 217 class map 218 show class map 2...

Page 7: ...dius server timeout 251 radius server deadtime 252 show radius servers 253 Section 21 RMON Commands 254 show rmon statistics 254 rmon collection history 256 show rmon collection history 257 show rmon history 258 rmon alarm 261 show rmon alarm table 263 show rmon alarm 264 rmon event 266 show rmon events 267 show rmon log 268 rmon table size 270 Section 22 SNMP Commands 272 snmp server community 27...

Page 8: ...ning tree portfast 305 spanning tree link type 306 spanning tree pathcost method 307 spanning tree bpdu 308 clear spanning tree detected protocols 309 spanning tree mst priority 310 spanning tree mst max hops 311 spanning tree mst port priority 312 spanning tree mst cost 313 spanning tree mst configuration 314 instance mst 315 name mst 316 revision mst 317 show mst 318 exit mst 319 abort mst 320 s...

Page 9: ...ow logging 357 show logging file 359 show syslog servers 361 Section 26 System Management Commands 362 ping 362 traceroute 364 telnet 366 resume 369 reload 370 hostname 371 stack master 372 stack reload 373 stack display order 374 stack light unit 375 show stack 376 set system mode 378 show system mode 379 show users 380 show sessions 381 show system 382 show version 383 service cpu utilization 38...

Page 10: ...413 switchport trunk native vlan 414 switchport general allowed vlan 415 switchport general map protocols group vlan 416 switchport general pvid 417 switchport general ingress filtering disable 418 switchport general acceptable frame type tagged only 419 switchport forbidden vlan 420 ip internal usage vlan 421 show vlan 422 show vlan internal usage 423 show interfaces switchport 424 Section 30 Web...

Page 11: ...imeout re authperiod 444 dot1x re authenticate 445 dot1x timeout quiet period 446 dot1x timeout tx period 447 dot1x max req 448 dot1x timeout supp timeout 449 dot1x timeout server timeout 450 show dot1x 451 show dot1x users 454 show dot1x statistics 456 ADVANCED FEATURES 458 dot1x auth not req 458 dot1x multiple hosts 459 dot1x single host violation 460 dot1x guest vlan 461 dot1x guest vlan enable...

Page 12: ...Page 11 ...

Page 13: ...d a 10G port DXS 3227P Stackabel Power over Ethernet device with 24 port 10 100 1000BASE T with one XFP fixed port and two 10G ports DXS 3227 Stackabel device with 24 port 10 100 1000BASE T with one XFP fixed port and two 10G ports The DXS 3250 DXS 3227P and DXS 3227 can operate as standalone systems or can be stacked together in the same system Most of the CLI commands are applicable to all devic...

Page 14: ...mode Privileged EXEC mode Global Configuration mode and Interface Configuration mode The following figure illustrates the command mode access path When starting a session the initial mode is the User EXEC mode Only a limited subset of commands are available in User EXEC mode This level is reserved for tasks that do not change the configuration To enter the next level the Privileged EXEC mode a pas...

Page 15: ...yed as The Privileged EXEC mode prompt is displayed The Privileged EXEC mode prompt consists of the device host name followed by To return from the Privileged EXEC mode to the User EXEC mode use the disable command The following example illustrates how to access the Privileged EXEC mode and return to the User EXEC mode The exit command is used to return from any mode to the previous mode except wh...

Page 16: ...ntains commands to configure port channels for example assigning ports to a port channel Most of these commands are the same as the commands in the Ethernet interface mode and are used to manage the member ports as a single entity The interface port channel Global Configuration mode command is used to enter the Port Channel Interface Configuration mode SSH Public Key chain Contains commands to man...

Page 17: ...quired tasks 4 When finished exit the session with the exit command When a different user is required to log onto the system use the login Privileged EXEC mode command This effectively logs off the current user and logs on the new user Editing Features Entering Commands A CLI command is a series of keywords and arguments Keywords identify a command and arguments specify configuration parameters Fo...

Page 18: ...r information about the command syntax for configuring the command history buffer see history size To display the history buffer see show history Negating the Effect of Commands For many configuration commands the prefix keyword no can be entered to cancel the effect of a command or reset the configuration to the default value This guide describes the negation effect for all applicable commands Co...

Page 19: ... recall successively more recent com mands Ctrl A Moves the cursor to the beginning of the command line Ctrl E Moves the cursor to the end of the command line Ctrl Z End Returns back to the Privileged EXEC mode from any configuration mode Backspace key Deletes one character left to the cursor position Convention Description In a command line square brackets indicates an optional entry In a command...

Page 20: ...nds only This feature is dependent on the baud rate of the device When copying and pasting commands from a configuration file make sure that the following conditions exist A device Configuration mode has been accessed The commands contain no encrypted data like encrypted passwords or keys Encrypted data cannot be copied and pasted into the device ...

Page 21: ...hentication methods activated when a user logs in Range 1 12 characters method1 method2 Specify at least one from the following table Default Configuration The local user database is checked This has the same effect as the command aaa authentication login list name local Note On the console login succeeds without any authentication check if the authentication method is not defined Command Mode Glo...

Page 22: ...used to name this list The method argument identifies the list of methods that the authentication algorithm tries in the given sequence The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Example The following...

Page 23: ...e password is used if it exists If no password is set the process still succeeds This has the same effect as using the command aaa authentication enable default enable none Command Mode Global Configuration mode User Guidelines The default and optional list names created with the aaa authentication enable command are used with the enable authentication command The additional methods of authenticat...

Page 24: ...AAA Commands Page 23 Example The following example sets the enable password for authentication when accessing higher privilege levels Console config aaa authentication enable default enable ...

Page 25: ...ation Parameters default Uses the default list created with the aaa authentication login command list name Uses the indicated list created with the aaa authentication login command Default Configuration Uses the default set with the command aaa authentication login Command Mode Line Configuration mode User Guidelines Changing login authentication from default to another value may disconnect the te...

Page 26: ...nable authentication Parameters default Uses the default list created with the aaa authentication enable command list name Uses the indicated list created with the aaa authentication enable command Default Configuration Uses the default set with the aaa authentication enable command Command Mode Line Configuration mode User Guidelines There are no user guidelines for this command Example The follo...

Page 27: ...command ip http authentication local Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Example The following example configures the HTTP authentication ...

Page 28: ...p https authentication local Command Mode Global Configuration mode User Guidelines The additional methods of authentication are used only if the previous method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line Example The following example configures HTTPS authentication Keyword Sou...

Page 29: ...e User Guidelines There are no user guidelines for this command Example The following example displays the authentication configuration Console show authentication methods Login Authentication Method Lists Default Radius Local Line Console_Login Line None Enable Authentication Method Lists Default Radius Enable Console_Enable Enable None Line Login Method List Enable Method List Console Console_Lo...

Page 30: ... for this level Range 1 159 characters encrypted Encrypted password to be entered copied from another device configuration Default Configuration No password is defined Command Mode Line Configuration mode User Guidelines If a password is defined as encrypted the required password length is 32 characters Example The following example specifies password secret on a console Console config line consol...

Page 31: ...rs password Password for this level Range 1 159 characters level Level for which the password applies If not specified the level is 15 Range 1 15 encrypted Encrypted password entered copied from another device configuration Default Configuration No enable password is defined Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following e...

Page 32: ...nge 1 20 characters password The authentication password for the user Range 1 159 characters level The user level Range 1 15 encrypted Encrypted password entered copied from another device configuration Default Configuration No user is defined Command Mode Global Configuration mode User Guidelines User account can be created without a password Example The following example configures user bob with...

Page 33: ...default configuration Command Mode EXEC User Guidelines Use this command to identify the unit number of each unit If you run the command with all as the unit number the software would turn off all the ports LEDs in all the units and then turn on at each unit the LED of the port with the identical number as the unit number If you run the command with a specific unit number the software would turn o...

Page 34: ...f this command Syntax ip access list name no ip access list name Parameters name Specifies the name of the ACL Default Configuration The default for all ACLs is deny all Command Mode Global Configuration mode User Guidelines This command has no default configuration Example The following example shows how to create an IP ACL Console config ip access list ip acl1 Console config ip al ...

Page 35: ...o indicate IP address 0 0 0 0 and mask 255 255 255 255 source wildcard Specifies wildcard to be applied to the source IP address Use 1s in bit positions to be ignored Specify any to indicate IP address 0 0 0 0 and mask 255 255 255 255 destination Specifies the destination IP address of the packet Specify any to indicate IP address 0 0 0 0 and mask 255 255 255 255 destination wildcard Specifies wil...

Page 36: ...P packets can be filtered by IGMP message type Enter a number or one of the following values dvmrp host query host report pim or trace Range 0 255 destination port Specifies the UDP TCP destination port Range 0 65535 source port Specifies the UDP TCP source port Range 0 65535 list of flags Specifies a list of TCP flags that can be triggered If a flag is set it is prefixed by If a flag is not set i...

Page 37: ...d to an ACL all packets are permitted After an ACE is added an implied deny any any condition exists at the end of the list and those packets that do not match the conditions defined in the permit statement are denied Examples The following example shows how to define a permit statement for an IP ACL Console config ip access list ip acl1 Console config ip al permit rsvp 192 1 1 1 0 0 0 0 any dscp ...

Page 38: ... 255 destination wildcard Optional for the first type Specifies wildcard bits by placing 1s in bit positions to be ignored Specify any to indicate IP address 0 0 0 0 and mask 255 255 255 255 protocol Specifies the abbreviated name or number of an IP protocol The following table lists protocols that can be specified IP Protocol Abbreviated Name Protocol Number Internet Control Message Protocol icmp...

Page 39: ...mode command to enable the IP Access List Configuration mode Before an Access Control Element ACE is added to an ACL all packets are permitted After an ACE is added an implied deny any any condition exists at the end of the list and those packets that do not match the defined conditions are denied Examples The following example shows how to define a permit statement for an IP ACL EIGRP routing pro...

Page 40: ... of this command Syntax mac access list name no mac access list name Parameters name Specifies the name of the ACL Default Configuration The default for all ACLs is deny all Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example shows how to create a MAC ACL Console config mac access list macl acl1 Console config mac al ...

Page 41: ... Specifies the ID of the packet vlan Range 0 4095 cos Specifies the Class of Service CoS for the packet Range 0 7 cos wildcard Specifies wildcard bits to be applied to the CoS eth type Specifies the Ethernet type of the packet Range 0 65535 Default Configuration No MAC ACL is defined Command Mode MAC Access List Configuration mode User Guidelines Before an Access Control Element ACE is added to an...

Page 42: ...ass of Service CoS cos wildcard Specifies wildcard bits to be applied to the CoS eth type Specifies the packet s Ethernet type Default Configuration This command has no default configuration Command Mode MAC Access List Configuration mode User Guidelines MAC BPDU packets cannot be denied This command defines an Access Control Element ACE An ACE can only be removed by deleting the ACL using the no ...

Page 43: ...acl name Specifies the ACL to be applied to the input interface Range 0 32 characters Default Configuration This command has no default configuration Command Mode Interface Ethernet port channel Configuration mode User Guidelines In advanced mode when an ACL is bound to an interface the port trust mode is set to trust 12 13 and not to 12 Example The following example binds services an ACL to VLAN ...

Page 44: ...s lists name Parameters name Name of the ACL Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays access lists Console show access lists IP access list ACL1 permit ip host 172 30 40 1 any permit rsvp host 172 30 8 8 any ...

Page 45: ...t channel number Parameters interface Valid Ethernet port Full syntax unit port port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays ACLs applied to the interfaces of a device Console show interfaces access ...

Page 46: ...ACL Commands Page 45 ...

Page 47: ...elete on reset The address is deleted after reset delete on timeout The address is deleted after age out time has expired secure The address is deleted after the port changes mode to unlock learning no port security command This parameter is only available when the port is in the learning locked mode Default Configuration No static addresses are defined The default mode for an added address is per...

Page 48: ...esses is disabled All multicast addresses are flooded to all ports Command Mode Global Configuration mode User Guidelines If multicast devices exist on the VLAN do not change the unregistered multicast addresses state to drop on the switch ports If multicast devices exist on the VLAN and IGMP snooping is not enabled the bridge multicast forward all command should be used to enable forwarding all m...

Page 49: ...address ip multicast address A vaid IP multicast address interface list Separate nonconsecutive Ethernet ports with a comma and no spaces a hyphen is used to designate a range of ports port channel number list Separate nonconsecutive port channels with a comma and no spaces a hyphen is used to designate a range of ports Default Configuration No multicast addresses are defined Command Mode Interfac...

Page 50: ...A valid MAC multicast address ip multicast address A valid IP multicast address interface list Separate nonconsecutive Ethernet ports with a comma and no spaces hyphen is used to designate a range of ports port channel number list Separate nonconsecutive valid port channels with a comma and no spaces a hyphen is used to designate a range of port channels Default Configuration No forbidden addresse...

Page 51: ...ts remove Do not force forwarding all multicast packets interface list Separate nonconsecutive Ethernet ports with a comma and no spaces a hyphen is used to designate a range of ports port channel number list Separate nonconsecutive port channels with a comma and no spaces a hyphen is used to designate a range of port channels Default Configuration This setting is disabled Command Mode Interface C...

Page 52: ...secutive Ethernet ports with a comma and no spaces a hyphen is used to designate a range of ports port channel number list Separates nonconsecutive port channels with a comma and no spaces a hyphen is used to designate a range of port channels Default Configuration This setting is disabled Command Mode Interface Configuration VLAN mode User Guidelines IGMP snooping dynamically discovers multicast ...

Page 53: ... no form of this command Syntax bridge aging time seconds no bridge aging time Parameters seconds Time in seconds Range 10 630 seconds Default Configuration The default setting is 300 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example In this example the bridge aging time is set to 250 Console config bridge aging time 250 ...

Page 54: ...y learned entries from the forwarding database Syntax clear bridge Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example the bridge tables are cleared Console clear bridge ...

Page 55: ...This is the default if no option is indicated discard shutdown Discards packets with unlearned source addresses The port is also shut down seconds Sends SNMP traps and defines the minimum amount of time in seconds between consecutive traps Range 1 1000000 Default Configuration This setting is disabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user...

Page 56: ...nd disables learning relearning and aging max addresses Deletes the current dynamic MAC addresses associated with the port and learns up to the maximum number addresses allowed on the port Relearning and aging are enabled Default Configuration This setting is disabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Examp...

Page 57: ...ult Configuration No addresses are defined Command Mode Interface Configuration Ethernet port channel mode Cannot be configured for a range of interfaces range context User Guidelines The command enables adding secure MAC addresses to a routed port in port security mode The command is available when the port is a routed port and in port security mode The address is deleted if the port exits the se...

Page 58: ...ration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines Internal usage VLANs VLANs that are automatically allocated on ports with a defined Layer 3 interface are presented in the VLAN column by a port number and not by a VLAN ID Special MAC addresses that were not statically defined or dynamically learned are displayed in the MAC address table This includ...

Page 59: ...h as VLAN 1 interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example all static entries in the bridge forwarding database are displayed Console show bridge address table static Aging time is 30...

Page 60: ...lan Specifies a valid VLAN such as VLAN 1 interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example the number of addresses present in all VLANs are displayed Console show bridge address table c...

Page 61: ...lticast address format Can be ip or mac If the format is unspecified the default is mac Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines A MAC address can be displayed in IP format only if it is in the range of 0100 5e00 0000 0100 5e7f ffff Example In this example multicast MAC address and IP address table information is displayed Co...

Page 62: ... Console show bridge multicast address table format ip Vlan IP MAC Address Type Ports 1 224 239 130 2 2 3 static 1 1 2 1 19 224 239 130 2 2 8 static 1 1 8 19 224 239 130 2 2 8 dynamic 1 9 11 Forbidden ports for multicast addresses Vlan IP MAC Address Ports 1 224 239 130 2 2 3 2 8 19 224 239 130 2 2 8 2 8 ...

Page 63: ...lt Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example In this example the multicast configuration for VLAN 1 is displayed Console show bridge multicast filtering 1 Filtering Enabled VLAN 1 Port Forward Unregistered Forward All Static Status Static Status 1 1 Forbidden Filter Forbidden Filter 1 2 ...

Page 64: ...vileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example all classes of entries in the port lock status are displayed The following tables describes the fields shown above Console show ports security Port Status Learning Action Maximum Trap Frequency 1 1 Locked Dynamic Discard 3 Enable 100 1 2 Unlocked Dynamic 28 1 3 Locked Disabled Discard Shutdown 8...

Page 65: ...D Link CLI Reference Guide Page 64 Trap Indicates if traps are sent in case of a violation Frequency Minimum time between consecutive traps ...

Page 66: ...el number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example In this example dynamic addresses in currently locked ports are displayed Console show ports security addresses Port Status Learning Current Maximum 1 1 Disabled Lock 1 1 2 Disabled Lock 1 1 3 Enabled Max addresses 0 1 1 4...

Page 67: ...I Reference Guide Page 66 In this example dynamic addresses in currently locked port 1 1 are displayed Console show ports security addresses ethernet 1 1 Port Status Learning Current Maximum 1 1 Disabled Lock 1 ...

Page 68: ...Address Table Commands Page 67 ...

Page 69: ...ry format minutes and seconds hh 0 23 mm 0 59 ss 0 59 day Current day by date in the month 1 31 month Current month using the first three letters by name Jan Dec year Current year 2000 2097 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example sets the system time...

Page 70: ...d to disable external time source Syntax clock source sntp no clock source Parameters sntp SNTP servers Default Configuration No external clock source Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example configures an external time source for the system clock Console config clock source sntp ...

Page 71: ...one Parameters hours offset Hours difference from UTC Range 12 13 minutes offset Minutes difference from UTC Range 0 59 acronym The acronym of the time zone Range 1 4 characters Default Configuration Clock set to UTC Command Mode Global Configuration mode User Guidelines The system internally keeps time in UTC so this command is used only for display purposes and when the time is manually set Exam...

Page 72: ... that summer time should start on the first specific date listed in the command and end on the second specific date in the command usa The summer time rules are the United States rules eu The summer time rules are the European Union rules week Week of the month Range 1 5 first last day Day of the week Range first three letters by name like sun date Date of the month Range 1 31 month Month Range fi...

Page 73: ...ing month is chronologically after the ending month the system assumes that you are in the southern hemisphere USA rule for daylight savings time Start First Sunday in April End Last Sunday in October Time 2 am local time EU rule for daylight savings time Start Last Sunday in March End Last Sunday in October Time 1 00 am 01 00 Examples The following example sets summer time starting on the first S...

Page 74: ...is command Syntax sntp authentication key number md5 value no sntp authentication key number Parameters number Key number Range 1 4294967295 value Key value Range 1 8 characters Default Configuration No authentication key is defined Command Mode Global Configuration mode User Guidelines Multiple keys can be generated Examples The following example defines the authentication key for SNTP Console co...

Page 75: ... form of this command Syntax sntp authenticate no sntp authenticate Default Configuration No authentication Command Mode Global Configuration mode User Guidelines The command is relevant for both unicast and broadcast Examples The following example defines the authentication key for SNTP and grants authentication Console config sntp authentication key 8 md5 ClkKey Console config sntp trusted key 8...

Page 76: ...p trusted key key number Parameters key number Key number of authentication key to be trusted Range 1 4294967295 Default Configuration No keys are trusted Command Mode Global Configuration mode User Guidelines The command is relevant for both received unicast and broadcast If there is at least 1 trusted key then unauthenticated messages will be ignored Examples The following example authenticates ...

Page 77: ... command Syntax sntp client poll timer seconds no sntp client poll timer Parameters seconds Polling interval in seconds Range 60 86400 Default Configuration Polling interval is 1024 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example sets the polling time for the Simple Network Time Protocol SNTP client to 120 ...

Page 78: ...f this command Syntax sntp broadcast client enable no sntp broadcast client enable Default Configuration The SNTP broadcast client is disabled Command Mode Global Configuration mode User Guidelines Use the sntp client enable Interface Interface Configuration mode command to enable the SNTP client on a specific interface Examples The following example enables the SNTP broadcast clients Console conf...

Page 79: ...o sntp anycast client enable Default Configuration The SNTP anycast client is disabled Command Mode Global Configuration mode User Guidelines Polling time is determined by the sntp client poll timer Global Configuration mode command Use the sntp client enable Interface Interface Configuration mode command to enable the SNTP client on a specific interface Examples The following example enables SNTP...

Page 80: ...t enable no sntp client enable Default Configuration The SNTP client is disabled on an interface Command Mode Interface configuration Ethernet port channel VLAN mode User Guidelines Use the sntp broadcast client enable Global Configuration mode command to enable broadcast clients globally Use the sntp anycast client enable Global Configuration mode command to enable anycast clients globally Exampl...

Page 81: ...ic from servers use the no form of this command Syntax sntp unicast client enable no sntp unicast client enable Default Configuration The SNTP unicast client is disabled Command Mode Global Configuration mode User Guidelines Use the sntp server Global Configuration mode command to define SNTP servers Examples The following example enables the device to use the Simple Network Time Protocol SNTP to ...

Page 82: ...nt use the no form of this command Syntax sntp unicast client poll no sntp unicast client poll Default Configuration Polling is disabled Command Mode Global Configuration mode User Guidelines Polling time is determined by the sntp client poll timer Global Configuration mode command Examples The following example enables polling for Simple Network Time Protocol SNTP predefined unicast clients Conso...

Page 83: ...nable polling keyid Authentication key to use when sending packets to this peer Range 1 4294967295 Default Configuration No servers are defined Command Mode Global Configuration mode User Guidelines Up to 8 SNTP servers can be defined Use the sntp unicast client enable Global Configuration mode command to enable predefined unicast clients globally To enable polling you should also use the sntp uni...

Page 84: ...y indicates the following Example The following example displays the time and date from the system clock Symbol Description Time is not authoritative blank Time is authoritative Time is authoritative but SNTP is not synchronized Console show clock 15 29 03 PDT UTC 7 Jun 17 2002 Time source is SNTP Console show clock detail 15 29 03 PDT UTC 7 Jun 17 2002 Time source is SNTP Time zone Acronym is PST...

Page 85: ...delines There are no user guidelines for this command Examples The following example displays the current SNTP configuration of the device Console show sntp configuration Polling interval 7200 seconds MD5 Authentication keys 8 9 Authentication is required for synchronization Trusted Keys 8 9 Unicast Clients Enabled Unicast Clients Polling Enabled Server Polling Encryption Key 176 1 1 8 Enabled 9 1...

Page 86: ...us of the SNTP Console show sntp status Clock is synchronized stratum 4 reference is 176 1 1 8 unicast Reference time is AFE2525E 70597B34 00 10 22 438 PDT Jul 5 1993 Unicast servers Server Status Last response Offset mSec Delay mSec 176 1 1 8 Up 19 58 22 289 PDT Feb 19 2002 7 33 117 79 176 1 8 179 Unknown 12 17 17 987 PDT Feb 19 2002 8 98 189 19 Anycast server Server Interface Status Last respons...

Page 87: ...le startup config Represents the startup configuration file image If the source file represents the active image file If the destination file represents the non active image file boot Boot file tftp Source or destination URL for a TFTP network server The syntax for this alias is tftp host directory filename The host can be represented by its IP address or hostname xmodem Source for the file from a...

Page 88: ...ration File To load a configuration file from a network server to the running configuration file of the device enter the copy source url running config command The commands in the loaded configuration file are added to those in the running configuration file as if the commands were typed in the command line interface CLI Thus the resulting configuration file is a combination of the previous runnin...

Page 89: ...er the copy running config file command To copy the startup configuration file to a backup configuration file enter the copy startup config file command Before copying from the backup configuration file to the running configuration file make sure that the backup configuration file has not been corrupted Example The following example copies system image file1 from the TFTP server 172 16 101 101 to ...

Page 90: ...d URL prefixes Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines sys prv image 1 and image 2 files cannot be deleted Examples The following example deletes file test from flash memory Keyword Source or Destination flash Source or destination URL for flash memory It s the default in case a URL is specified without a prefix startup conf...

Page 91: ...mber image 1 Specifies image 1 as the system startup image image 2 Specifies image 2 as the system startup image Default Configuration If the unit number is unspecified the default setting is the master unit number Command Mode Privileged EXEC mode User Guidelines Use the show bootvar command to find out which image is the active image Examples The following example loads system image 1 at device ...

Page 92: ...as no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays the contents of the running configuration file Console show running config software version 1 1 hostname device interface ethernet 1 1 ip address 176 242 100 100 255 255 255 0 duplex full speed 1000 interface ethernet 1 2 ip address 176...

Page 93: ...ult configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays the contents of the running configuration file Console show startup config software version 1 1 hostname device interface ethernet 1 1 ip address 176 242 100 100 255 255 255 0 duplex full speed 1000 interface ethernet 1 2 ip address 176 243 100 1...

Page 94: ...ault Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays the active system image file that is loaded by the device at startup Console show bootvar Images currently available on the FLASH image 1 active image 2 not active selected for next boot Unit Active Imag...

Page 95: ...gure an Ethernet type interface Syntax interface ethernet interface Parameters interface Valid Ethernet port Full syntax unit port Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables configuring Ethernet port 5 18 Console config interface ethernet 5...

Page 96: ...nd group a list seperated by commas in brackets all All Ethernet ports Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each active interface in the range If the command returns an error on one of the active interfaces it does not stop executing commands on...

Page 97: ...Default Configuration The interface is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Examples The following example disables Ethernet port 1 5 operations The following example restarts the disabled Ethernet port Console config interface ethernet 1 5 Console config if shutdown Console config interface ethernet 1...

Page 98: ...eters string Comment or a description of the port to enable the user to remember what is attached to the port Range 1 64 characters Default Configuration The interface does not have a description Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example adds a description to Ethernet port 1 5 Console ...

Page 99: ...es10 Mbps operation 100 Forces 100 Mbps operation 1000 Forces 1000 Mbps operation 10000 Forces 10000 Mbps operation Default Configuration Maximum port capability Command Mode Interface Configuration Ethernet port channel mode User Guidelines The no speed command in a port channel context returns each port in the port channel to its maximum capability Example The following example configures the sp...

Page 100: ...eration full Forces full duplex operation Default Configuration The interface is set to full duplex Command Mode Interface Configuration Ethernet mode User Guidelines When configuring a particular duplex mode on the port operating at 10 100 Mbps disable the auto negotiation on that port Half duplex mode can be set only for ports operating at 10 Mbps or 100 Mbps Example The following example config...

Page 101: ...ise Possible values 10h 10f 100h 100f 1000f Default Configuration Auto negotiation is enabled If unspecified the default setting is to enable all capabilities of the port Command Mode Interface Configuration Ethernet port channel mode User Guidelines If capabilities were specified when auto negotiation was previously entered not specifying capabilities when currently entering auto negotiation over...

Page 102: ...control auto on off no flowcontrol Parameters auto Indicates auto negotiation on Enables flow control off Disables flow control Default Configuration Flow control is off Command Mode Interface Configuration Ethernet port channel mode User Guidelines Negotiation should be enabled for flow control auto Example In the following example flow control is enabled on port 1 5 Console config interface ethe...

Page 103: ...terface Configuration Ethernet mode User Guidelines Auto All possibilities to connect a PC with cross or normal cables are supported and are automatically detected On It is possible to connect to a PC only with a normal cable and to connect to another device only with a cross cable No It is possible to connect to a PC only with a cross cable and to connect to another device only with a normal cabl...

Page 104: ... pressure use the no form of this command Syntax back pressure no back pressure Default Configuration Back pressure is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example In the following example back pressure is enabled on port 1 5 Console config interface ethernet 1 5 Console config if back pressure ...

Page 105: ...frames use the no form of this command Syntax port jumbo frame no port jumbo frame Default Configuration Jumbo frames are disabled on the device Command Mode Global Configuration mode User Guidelines This command takes effect only after resetting the device Examples In the following example jumbo frames are enabled on the device Console config port jumbo frame ...

Page 106: ...t channel number Parameters interface Valid Ethernet port Full syntax unit port port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example In the following example the counters for interface 1 1 are cleared Console clear counters ethernet 1 1 ...

Page 107: ...erface Valid Ethernet port Full syntax unit port port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command is used to activate interfaces that were configured to be active but were shutdown by the system for some reason e g port security Example The following example reactivates inter...

Page 108: ...guration Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following examples display autonegotiation information Console show interfaces advertise Port Type Neg Operational Link Advertisement 1 100M Copper Enabled 1 100M Copper Enabled 1 100M Copper Enabled 1 100M Copper Enabled 5 100M Copper Enabled 100f 100h 10f 10h 6 100M Copper Enabl...

Page 109: ...D Link CLI Reference Guide Page 108 16 100M Copper Enabled 17 100M Copper Enabled 18 100M Copper Enabled 19 100M Copper Enabled 10 100M Copper Enabled ...

Page 110: ...l configured interfaces Console show interfaces configuration Port Type Duplex Speed Neg Flow Ctrl Link State Back Pressure Mdix Mode 1 100M Copper Full 100 Enabled Off Up Disabled Auto 1 100M Copper Full 100 Enabled Off Up Disabled Auto 1 100M Copper Full 100 Enabled Off Up Disabled Auto 1 100M Copper Full 100 Enabled Off Up Disabled Auto 5 100M Copper Full 100 Enabled Off Up Disabled Auto 6 100M...

Page 111: ...isabled Auto 15 100M Copper Full 100 Enabled Off Up Disabled Auto 16 100M Copper Full 100 Enabled Off Up Disabled Auto 17 100M Copper Full 100 Enabled Off Up Disabled Auto 18 100M Copper Full 100 Enabled Off Up Disabled Auto 19 100M Copper Full 100 Enabled Off Up Disabled Auto ...

Page 112: ...o default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the status of all configured interfaces Console show interfaces status Port Type Duplex Speed Neg Flow Ctrl Link State Back Pressure Mdix Mode 1 100M Copper Down 1 100M Copper Down 1 100M Copper Down 1 100M Copper Down 5 100M Copper Full 100...

Page 113: ...D Link CLI Reference Guide Page 112 15 100M Copper Down 16 100M Copper Down 17 100M Copper Down 18 100M Copper Down 19 100M Copper Down ...

Page 114: ...rt channel number Parameters interface Valid Ethernet port Full syntax unit port port channel number A valid port channel number Default Configuration This command has no default configuration Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays descriptions of configured interfaces Console show interfaces descripti...

Page 115: ...port channel number Default Configuration This command has no default configuration Command Modes User EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays traffic seen by the physical interface Console show interfaces counters Port InOctets InUcastPkts InMcastPkts InBcastPkts 1 1 183892 0 0 0 2 1 0 0 0 0 3 1 123899 0 0 0 Port OutOctets Ou...

Page 116: ... MAC Rx Errors 0 Symbol Errors 0 Received Pause Frames 0 Transmitted Pause Frames 0 Field Description InOctets Counted received octets InUcastPkts Counted received unicast packets InMcastPkts Counted received multicast packets InBcastPkts Counted received broadcast packets OutOctets Counted transmitted octets OutUcastPkts Counted transmitted unicast packets OutMcastPkts Counted transmitted multica...

Page 117: ...ived that exceed the maximum permitted frame size Internal MAC Rx Errors Counted frames for which reception fails due to an internal MAC sublayer receive error Received Pause Frames Counted MAC Control frames received with an opcode indicating the PAUSE operation Transmitted Pause Frames Counted MAC Control frames transmitted on this interface with an opcode indi cating the PAUSE operation ...

Page 118: ...tax show ports jumbo frame Default Configuration This command has no default configuration Command Modes User EXEC mode User Guidelines This command has no default configuration Examples The following example displays the configuration of jumbo frames on the device Console show port jumbo frame Jumbo frames are disabled Jumbo frames will be enabled after reset ...

Page 119: ...he no form of this command Syntax port storm control include multicast no port storm control include multicast Default Configuration Multicast packets are not counted Command Modes Interface Configuration mode User Guidelines To control multicasts storms use the port storm control broadcast enable and port storm control broadcast rate commands Example The following example enables counting multica...

Page 120: ...Syntax port storm control include multicast unknown unicast no port storm control include multicast Parameters unknown unicast Specifies also counting unknown unicast packets Default Configuration Multicast packets are not counted Command Modes Interface Configuration Ethernet mode User Guidelines Example The following example enables counting broadcast and multicast packets on Ethernet port 2 1 C...

Page 121: ...uration Broadcast storm control is disabled Command Modes Interface Configuration Ethernet mode User Guidelines Use the port storm control broadcast rate Interface Configuration Ethernet mode command to set the maximum allowable broadcast rate Use the port storm control include multicast Global Configuration mode command to enable counting multicast packets in the storm control calculation Example...

Page 122: ... rate Parameters rate Maximum kilobits per second of broadcast and multicast traffic on a port Range 3500 1000000 Default Configuration The default storm control broadcast rate is 12 000 Kbits Sec Command Mode Interface Configuration Ethernet mode User Guidelines Use the port storm control broadcast enable Interface Configuration mode command to enable broadcast storm control Example The following...

Page 123: ... valid Ethernet port Full syntax unit port Default Configuration This command has no default configuration Command Modes User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the storm control configuration Console show ports storm control Unknown traffic limited to 1000 Kbits sec Port Broadcast and Multicast Storm Control Kbits Sec 1 1...

Page 124: ...Ethernet Configuration Commands Page 123 ...

Page 125: ...the network and all other devices on the network learn these VLANs dynamically The gvrp enable Global Configuration mode command enables GVRP globally To disable GVRP on the device use the no form of this command Syntax gvrp enable no gvrp enable Default Configuration GVRP is globally disabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Exam...

Page 126: ... disabled on all interfaces Command Mode Interface Configuration Ethernet port channel mode User Guidelines An access port does not dynamically join a VLAN because it is always a member in only one VLAN Membership in an untagged VLAN is propagated in the same way as in a tagged VLAN That is the PVID is manually defined as the untagged VLAN VID Example The following example enables GVRP on Ethernet...

Page 127: ... timer values Join timer 200 milliseconds Leave timer 600 milliseconds Leavall timer 10000 milliseconds Command Mode Interface configuration Ethernet port channel mode User Guidelines The following relationship must be maintained between the timers Leave time must be greater than or equal to three times the join time Leave all time must be greater than the leave time Set the same GARP timer values...

Page 128: ...n Dynamic VLAN creation or modification is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines This command forbids dynamic VLAN creation from the interface The creation or modification of dynamic VLAN registration entries as a result of the GVRP exchanges on an interface are restricted only to those VLANs for which static VLAN registration exists Example The fo...

Page 129: ...VLANs on a port use the no form of this command Syntax gvrp registration forbid no gvrp registration forbid Default Configuration Dynamic registration of VLANs on the port is allowed Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example forbids dynamic registration of VLANs on Ethernet port 1 6 Co...

Page 130: ... number Parameters interface A valid Ethernet port Full syntax unit port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example clears all GVRP statistical information on Ethernet port 1 6 Console clear gvrp statistic...

Page 131: ...valid Ethernet port Full syntax unit port port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays GVRP configuration information Console show gvrp configuration GVRP Feature is currently enabled on the device Timers...

Page 132: ... has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows GVRP statistical information Console show gvrp statistics GVRP Statistics Legend rJE Join Empty Received rJIn Join In Received rEmp Empty Received rLIn Leave In Received rLE Leave Empty Received rLA Leave All Received sJE Join Empty Sent sJIn J...

Page 133: ...number A valid port channel number Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays GVRP statistical information Console show gvrp error statistics GVRP Error Statistics Legend INVPROT Invalid Protocol Id INVALEN Invalid Attribute Length INVATYP Invalid At...

Page 134: ...GVRP Commands Page 133 ...

Page 135: ...g To disable IGMP snooping use the no form of this command Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled Command Mode Global Configuration mode User Guidelines IGMP snooping can only be enabled on static VLANs It must not be enabled on Private VLANs or their community VLANs Example The following example enables IGMP snooping Console config ip igmp snoo...

Page 136: ...erface use the no form of this command Syntax ip igmp snooping no ip igmp snooping Default Configuration IGMP snooping is disabled Command Mode Interface Configuration VLAN mode User Guidelines IGMP snooping can only be enabled on static VLANs It must not be enabled on Private VLANs or their community VLANs Example The following example enables IGMP snooping on VLAN 2 Console config interface vlan...

Page 137: ...x ip igmp snooping mrouter learn pim dvmrp no ip igmp snooping mrouter learn pim dvmrp Default Configuration Automatic learning of multicast device ports is enabled Command Mode Interface Configuration VLAN mode User Guidelines Multicast device ports can be configured statically using the bridge multicast forward all Interface Configuration VLAN mode command Example The following example enables a...

Page 138: ...nfiguration use the no form of this command Syntax ip igmp snooping host time out time out no ip igmp snooping host time out Parameters time out Host timeout in seconds Range 1 2147483647 Default Configuration The default host time out is 260 seconds Command Mode Interface Configuration VLAN mode User Guidelines The timeout should be at least greater than 2 query_interval max_response_time of the ...

Page 139: ...urn to the default configuration use the no form of this command Syntax ip igmp snooping mrouter time out time out no ip igmp snooping mrouter time out Parameters time out Multicast device timeout in seconds Range 1 2147483647 Default Configuration The default value is 300 seconds Command Mode Interface Configuration VLAN mode User Guidelines There are no user guidelines for this command Example T...

Page 140: ...ooping leave time out Parameters time out Specifies the leave time out in seconds for IGMP queries Range 0 2147483647 immediate leave Indicates that the port should be immediately removed from the members list after receiving IGMP Leave Default Configuration The default leave time out configuration is 10 seconds Command Mode Interface Configuration VLAN mode User Guidelines The leave timeout shoul...

Page 141: ...interface vlan id Parameters vlan id VLAN number Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays multicast device interfaces in VLAN 1000 Console show ip igmp snooping mrouter interface 1000 VLAN Ports 1000 1 1 Detected multicast devices that are forbidde...

Page 142: ...fault configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays IGMP snooping information on VLAN 1000 Console show ip igmp snooping interface 1000 IGMP Snooping is globaly enabled IGMP Snooping is enabled on VLAN 1000 IGMP host timeout is 300 sec IGMP Immediate leave is disabled IGMP leave timeout is 10 sec IGMP ...

Page 143: ...figuration This command has no default configuration Command Mode User EXEC mode User Guidelines To see the full multicast address table including static addresses use the show bridge multicast address table Privileged EXEC command Example The following example shows IGMP snooping information on multicast groups Console show ip igmp snooping groups Vlan IP Address Querier Ports 1 224 239 130 2 2 3...

Page 144: ...IGMP Snooping Commands Page 143 ...

Page 145: ...the IP address prefix length Specifies the number of bits that comprise the IP address prefix The prefix length must be preceded by a forward slash Range 8 30 Default Configuration No IP address is defined for interfaces Command Mode Interface Configuration Ethernet VLAN port channel mode User Guidelines An IP address cannot be configured for a range of interfaces range context Example The followi...

Page 146: ...ers require that the DHCPDISCOVER message have a specific host name The ip address dhcp hostname host name command is most typically used when the host name is provided by the system administrator If the device is configured to obtain its IP address from a DHCP server it sends a DHCPDISCOVER message to provide information about itself to the DHCP server on the network If the ip address dhcp comman...

Page 147: ...ommand Syntax ip default gateway ip address no ip default gateway Parameters ip address Valid IP address of the default gateway Default Configuration No default gateway is defined Command Mode Global Configuration mode User Guidelines Note The command is only valid when the device is in Switch mode Example The following example defines default gateway 192 168 1 1 Console config ip default gateway ...

Page 148: ...net port vlan id Valid VLAN number port channel number Valid Port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example the displays the configured IP interfaces and their types Console show ip interface Gateway IP Address Type Activity status 10 7 ...

Page 149: ...s hw_addr Valid MAC address to map to the specified IP address or IP alias interface number Valid Ethernet port vlan id Valid VLAN number port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines The software uses ARP cache entries to translate 32 bit IP addresses into 48 bit hardware address...

Page 150: ... Syntax arp timeout seconds no arp timeout Parameters seconds Time in seconds that an entry remains in the ARP cache Range 1 40000000 Default Configuration The default timeout is 60000 seconds Command Mode Global Configuration mode User Guidelines It is recommended not to set the timeout value to less than 3600 Example The following example configures the ARP timeout to 12000 seconds Console confi...

Page 151: ...ommand Syntax ip proxy arp no ip proxy arp Default Configuration By default ARP proxy is disabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example configures authentication login Note The command is only valid when the device is in Router mode Console config ip proxy arp ...

Page 152: ...mic entries from the ARP cache Syntax clear arp cache Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example deletes all dynamic entries from the ARP cache Console clear arp cache ...

Page 153: ...is command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays entries in the ARP table Console show arp ARP timeout 80000 Seconds Interface IP address HW address Status 1 1 10 7 1 102 00 10 B5 04 DB 4B Dynamic 2 1 10 7 1 135 00 50 22 00 2A A4 Static ...

Page 154: ...ne of the device IP addresses Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures an IP interface and enters the IP interface configuration mode Note The command is only valid when the device is in Router mode Console config interface ip 192 168 ...

Page 155: ...t no directed broadcast Default Configuration Disabled all IP directed broadcasts are dropped Command Mode IP Interface Configuration mode User Guidelines There are no user guidelines for this command Examples The following example enables the translation of directed broadcasts to physical broadcasts on IP interface 1 0 0 1 Note The command is only valid when the device is in Router mode Console c...

Page 156: ... 255 255 255 255 as the broadcast address 0 0 0 0 Use 0 0 0 0 as the broadcast address Default Configuration The default is 255 255 255 255 as the broadcast address Command Mode IP Interface Configuration mode User Guidelines There are no user guidelines for this command Examples The following example defines an interface broadcast address as 0 0 0 0 on IP interface 1 0 0 1 Console config interfac...

Page 157: ...g the function and no UDP port number is specified by default the device forwards UDP broadcast packets for the following six services IEN 116 Name Service port 42 DNS port 53 NetBIOS Name Server port 137 NetBIOS Datagram Server port 138 TACACS Server port 49 Time Service port 37 Command Mode IP Interface Configuration mode User Guidelines Many helper addresses can be defined The maximum number of...

Page 158: ...IP Addressing Commands Page 157 Console config ip helper address 172 16 9 9 49 53 ...

Page 159: ...s translation use the no form of this command Syntax ip domain lookup no ip domain lookup Default Configuration IP Domain Naming System DNS based host name to address translation is enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example enables IP Domain Naming System DNS based host name to address translation Con...

Page 160: ...n name name no ip domain name Parameters name Specifies the default domain name used to complete unqualified host names Do not include the initial period that separates an unqualified name from the domain name Range 1 158 characters Default Configuration A default domain name is not defined Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example...

Page 161: ...r server address1 server address8 Parameters server address Specifies IP addresses of the name server Default Configuration No name server addresses are specified Command Mode Global Configuration mode User Guidelines The preference of the servers is determined by the order in which they were entered Up to 8 servers can be defined using one command or using multiple commands Examples The following...

Page 162: ...ntax ip host name address no ip host name Parameters name Name of the host Range 1 158 characters address Associated IP address Default Configuration No host is defined Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example defines a static host name to address mapping in the host cache Console config ip host accounting D...

Page 163: ...e Parameters name Specifies the host entry to be removed Range 1 158 characters Removes all entries Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example deletes all entries from the host name to address cache Console clear host ...

Page 164: ...host entry to be removed Range 1 158 characters Removes all entries Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines This command deletes the host name to address mapping temporarily until the next renewal of the IP address Note The command is only valid when the device is in Switch mode Examples The following example deletes all ent...

Page 165: ...fault configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays host information Console show hosts Host name Device Default domain is gm com sales gm com usa sales gm com DHCP Name address lookup is enabled Name servers Preference order 176 16 1 18 176 16 1 19 Configured host name to address mapping Host A...

Page 166: ...IP Addressing Commands Page 165 ...

Page 167: ...ise the IP address prefix The prefix length must be preceded by a forward slash Range 0 32 gateway IP address or IP alias of the next hop that can be used to reach that network metric distance An administrative distance Range 1 255 reject Stop routing to the destination network via all gateways Default Configuration The metric default distance is 1 Command Mode Global Configuration mode User Guide...

Page 168: ...ss Address about which routing information should be displayed mask The IP address network mask prefix length Specifies the number of bits that comprise the IP address prefix The prefix length must be preceded by a forward slash Range 0 32 longer prefixes The address and mask pair becomes a prefix and any routes that match that prefix are displayed Default Configuration This command has no default...

Page 169: ... 10 8 1 0 24 30 2000 via 10 0 1 2 00 39 08 Ethernet g1 S 172 1 0 0 16 5 3 via 10 0 1 1 18 21 58 Ethernet g1 S 172 1 1 0 24 5 3 via 10 0 2 1 17 12 19 Ethernet g1 S 172 1 1 1 32 5 3 via 10 0 3 1 19 51 18 Ethernet g1 Console show ip route address 192 168 1 0 255 255 255 0 Codes C connected S static R RIP O OSPF E OSPF external candidate default Gateway of last resort is not set S 192 168 1 0 24 5 3 v...

Page 170: ...IP Routing Commands Page 169 Ethernet 1 Specifies the interface through which the specified network can be reached ...

Page 171: ...e the no form of this command Syntax lacp system priority value no lacp system priority Parameters value Specifies system priority value Range 1 65535 Default Configuration The default system priority is 1 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the system priority to 120 Console config lacp syste...

Page 172: ...lacp port priority value no lacp port priority Parameters value Specifies port priority Range 1 65535 Default Configuration The default port priority is 1 Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example defines the priority of Ethernet port 1 6 as 247 Console config interface ethernet 1 6 Console config ...

Page 173: ...ort no lacp timeout Parameters long Specifies the long timeout value short Specifies the short timeout value Default Configuration The default port timeout value is long Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example assigns a long administrative LACP timeout to Ethernet port 1 6 Console config interfac...

Page 174: ... protocol state information Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example display LACP information for Ethernet port 1 1 Console show lacp ethernet 1 1 Port 1 1 LACP parameters Actor system priority 1 system mac addr 00 00 12 34 56 78 port Admin key 30 por...

Page 175: ...REGATABLE synchronization FALSE collecting FALSE distributing FALSE expired FALSE Port 1 2 LACP Statistics LACP PDUs sent 2 LACP PDUs received 2 Port 1 3 LACP Protocol State LACP State Machines Receive FSM Port Disabled State Mux FSM Detached State Periodic Tx FSM No Periodic State Control Variables BEGIN FALSE LACP_Enabled TRUE Ready_N FALSE Selected UNSELECTED Port_moved FALSE NNT FALSE Port_ena...

Page 176: ...Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays LACP information about port channel 1 Console show lacp port channel 1 Port Channel 1 Port Type 1000 Ethernet Actor System Priority 1 MAC Address 00 02 85 0E 1C 00 Admin Key 29 Oper Key 29 Partner Syst...

Page 177: ... Console terminal line telnet Virtual terminal for remote console access Telnet ssh Virtual terminal for secured remote console access SSH Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example configures the device as a virtual terminal for remote console ac...

Page 178: ... values are 2400 9600 19200 38400 57600 and 115200 Default Configuration The default speed is 9600 bps Command Mode Line Configuration console mode User Guidelines This command is available only on the line console The configured speed is applied when Autobaud is disabled This configuration applies only to the current session Examples The following example configures the line baud rate Console con...

Page 179: ...he command Syntax autobaud no autobaud Default Configuration Autobaud is disabled Command Mode Line Configuration console mode User Guidelines This command is available only on the line console To start communication using Autobaud press Enter twice This configuration applies only to the current session Examples The following example enables autobaud Console config line console Console config line...

Page 180: ...ameters minutes Specifies the number of minutes Range 0 65535 seconds Specifies additional time intervals in seconds Range 0 59 Default Configuration The default configuration is 10 minutes Command Mode Line Configuration mode User Guidelines To specify no timeout enter the exec timeout 0 command Examples The following example configures the interval that the system waits until user input is detec...

Page 181: ...iguration The command history function is enabled Command Mode Line Configuration mode User Guidelines This command enables the command history function for a specified line To enable or disable the command history function for the current terminal session use the terminal history user EXEC mode command Example The following example enables the command history function for Telnet Console config li...

Page 182: ...mber of commands that the system records in its history buffer Range 10 216 Default Configuration The default history buffer size is 10 Command Mode Line Configuration mode User Guidelines This command configures the command history buffer size for a particular line To configure the command history buffer size for the current terminal session use the terminal history size User EXEC mode command Ex...

Page 183: ...o form of this command Syntax terminal history terminal no history Default Configuration The default configuration for all terminal sessions is defined by the history line configuration command Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Examples The following example disables the command history function for the current terminal session Console termin...

Page 184: ...stem may record in its command history buffer Range 10 216 Default Configuration The default command history buffer size is 10 Command Mode User EXEC mode User Guidelines The terminal history size user EXEC command configures the size of the command history buffer for the current terminal session To change the default size of the command history buffer use the history line configuration command Th...

Page 185: ...efault Configuration If the line is not specified the default value is console Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays the line configuration Console show line Console configuration Interactive timeout Disabled History 10 Baudrate 9600 Databits 8 Parity none Stopbits 1 Telnet configuration Interactive timeout...

Page 186: ...Line Commands Page 185 ...

Page 187: ...he permit Management and deny Management commands If no match criteria are defined the default is deny If you reenter an access list context the new rules are entered at the end of the access list Use the management access class command to select the active access list The active management list cannot be updated or removed Management ACL requires a valid management interface which is a port VLAN ...

Page 188: ...to be management interfaces except Ethernet interfaces 1 1 and 2 9 and makes the new access list the active list Console config management access list mlist Console config macl deny ethernet 1 1 Console config macl deny ethernet 2 9 Console config macl permit Console config macl exit Console config management access class mlist ...

Page 189: ...IP address mask A valid network mask of the source IP address prefix length Number of bits that comprise the source IP address prefix The prefix length must be preceded by a forward slash Range 0 32 service Service type Possible values telnet ssh http https and snmp Default Configuration If no permit rule is defined the default is set to deny Command Mode Management Access list Configuration mode ...

Page 190: ... mask A valid network mask of the source IP address mask prefix length Specifies the number of bits that comprise the source IP address prefix The prefix length must be preceded by a forward slash Range 0 32 service Service type Possible values telnet ssh http https and snmp Default Configuration This command has no default configuration Command Mode Management Access list Configuration mode User ...

Page 191: ... management access class Parameters console only Indicates that the device can be managed only from the console name Specifies the name of the access list to be used Range 1 32 characters Default Configuration If no access list is specified an empty access list is used Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example...

Page 192: ...s the name of a management access list Range 1 32 characters Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the mlist management access list Console show management access list mlist mlist permit ethernet 1 1 permit ethernet 2 1 Note all other acce...

Page 193: ...x show management access class Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information about the active management access list Console show management access class Management access class is enabled using access list mlist ...

Page 194: ...Management ACL Commands Page 193 ...

Page 195: ... Ethernet port Full syntax unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines The port to be tested should be shut down during the test unless it is a combination port with fiber port active The maximum length of the cable for the TDR test is 120 meter Examples The following example results in a report on the cable attached t...

Page 196: ...port Full syntax unit port Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines The maximum length of the cable for the TDR test is 120 meter Example The following example displays information on the last TDR test performed on all copper ports Console show copper ports tdr Port Result Length meters Date 1 1 OK 1 2 Short 50 13 32 00 23 July 200...

Page 197: ... Parameters interface A valid Ethernet port Full syntax unit port Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines The port must be active and working in 100M or 1000M mode Example The following example displays the estimated copper cable length attached to all ports Console show copper ports cable length Port Length meters 1 1 50 1 2 Copp...

Page 198: ...d EXEC mode User Guidelines To test optical transceivers ensure a fiber link is present Examples The following examples display the optical transceiver diagnostics Console show fiber ports optical transceiver Power Port Temp Voltage Current Output Input TX Fault LOS 1 1 W OK E OK OK OK OK 1 2 OK OK OK OK OK E OK 1 3 Copper Temp Internally measured transceiver temperature Voltage Internally measure...

Page 199: ...S C Volt mA mWatt mWatt 1 1 48 5 15 50 1 789 1 789 No No 1 2 43 5 15 10 1 789 1 789 No No 1 3 Copper Temp Internally measured transceiver temperature Voltage Internally measured supply voltage Current Measured TX bias current Output Power Measured TX output power Input Power Measured RX received power Tx Fault Transmitter fault LOS Loss of signal ...

Page 200: ...PHY Diagnostics Commands Page 199 ...

Page 201: ...port channel port channel number Parameters port channel number A valid port channel number Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Eight aggregated links can be defined with up to eight member ports per port channel The aggregated links valid IDs are 1 8 Example The following example enters the context of port channel ...

Page 202: ...channels to add Separate nonconsecutive port channels with a comma and no spaces A hyphen designates a range of port channels all All valid port channels Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each interface in the range Example The following exam...

Page 203: ...r of the valid port channel for the current port to join on Forces the port to join a channel without an LACP operation auto Allows the port to join a channel as a result of an LACP operation Default Configuration The port is not assigned to a port channel Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example ...

Page 204: ...mber Parameters port channel number Valid port channel number Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information on all port channels Console show interfaces port channel Channel Ports 1 Active 1 1 2 1 2 Active 2 1 2 7 Inactive 3 1 3 Active...

Page 205: ...affic on one port to be copied to another port or between the source port src interface and a destination port port being configured The following restrictions apply to ports configured as destination ports The port cannot be already configured as a source port The port cannot be a member in a port channel An IP interface is not configured on the port GVRP is not enabled on the port The port is no...

Page 206: ...tax port monitor vlan tagging no port monitor vlan tagging Default Configuration Ingress mirrored packets are transmitted untagged Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example configures all ingress mirrored packets from port 1 9 to be transmitted as tagged packets Console config interface ethernet 1 ...

Page 207: ...nfiguration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows how the port monitoring status is displayed Console show ports monitor Source Port Destination Port Type Status VLAN Tagging 1 1 1 7 RX TX Active No 1 2 1 7 RX TX Active No 1 18 1 7 RX Active No ...

Page 208: ...Port Monitor Commands Page 207 ...

Page 209: ...vice discovery protocol and if found supplies power to the device never Disables the device discovery protocol and stops supplying power to the device Default Configuration The device discovery protocol is enabled Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example enables powered device discovery protocol o...

Page 210: ...red device pd type no power inline powered device Parameters pd type Specifies the type of powered device attached to the interface Range 1 24 characters Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example configures a description to an IP phone...

Page 211: ...dicates that operating the powered device is critical high Indicates that operating the powered device has high priority low Indicates that operating the powered device has low priority Default Configuration The default setting is low priority Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Example The following example configures th...

Page 212: ...x power inline usage threshold percentage no power inline usage threshold Parameters percentage Specifies the threshold as a percentage to compare measured power Range 1 99 Default Configuration The default threshold is 95 percent Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the power usage threshold f...

Page 213: ... the no form of this command Syntax power inline traps enable no power inline traps Default Configuration Inline power traps are disabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables inline power traps to be sent when a power usage threshold is exceeded Console config power inline traps enable ...

Page 214: ...delines There are no user guidelines for this command Example The following example displays information about inline power Console show power inline Power On Nominal Power 150 Watt Consumed Power 120 Watts 80 Usage Threshold 95 Traps Enabled Port Powered Device State Priority Status Classification w 1 1 IP Phone Model A Auto High On 0 44 12 95 2 1 Wireless AP Model Auto Low On 0 44 3 84 3 1 Auto ...

Page 215: ...wered device type State Indicates if the port is enabled to provide power Can be Auto or Never Priority The priority of the port from the point of view of inline power management Can be Critical High or Low Status Describes the inline power operational status of the port Can be On Off Test Fail Testing Searching or Fault Classification The power consumption range of the powered device Can be 0 44 ...

Page 216: ...Power over Ethernet Commands Page 215 ...

Page 217: ...vanced mode which enables the full range of QoS configuration service QoS service mode which enables the user to define QOS in a simpler manner Default Configuration The QoS basic mode is enabled Command Mode Global Configuration mode User Guidelines When the QoS service mode is enabled Access Control Lists ACLs are no longer available Instead the user is prompted to import pre defined ACLs as Flo...

Page 218: ...Syntax show qos Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines Trust mode is displayed if QoS is enabled in basic mode Example The following example displays QoS attributes when QoS is enabled in basic mode on the device Console show qos Qos basic Basic tust dscp ...

Page 219: ...cy applied on a per interface basis The Class Map Configuration mode enables entering up to two match Class map Configuration mode commands to configure the classification criteria for the specified class If two match Class map Configuration mode commands are entered each should point to a different type of ACL e g one to an IP ACL and one to a MAC ACL Since packet classification is based on the o...

Page 220: ... map name Specifies the name of the class map to be displayed Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows the class map for class1 Console show class map class1 Class Map match any class1 id4 Match Ip dscp 11 21 ...

Page 221: ...match access group acl name Parameters acl name Specifies the name of an IP or MAC ACL Default Configuration No match criterion is supported Command Mode Class map Configuration mode User Guidelines There are no user guidelines for this command Example The following example defines the match criterion for classifying traffic as an access group called D Link in a class map called class1 Console con...

Page 222: ...re configuring policies for classes whose match criteria are defined in a class map use the policy map Global Configuration mode command to specify the name of the policy map to be created or modified Class policies in a policy map can only be defined if match criteria has already been defined for the classes Use the class map Global Configuration and match Class map Configuration commands to defi...

Page 223: ... an existing class or creating a policy for a new class use the policy map Global Configuration mode command to specify the name of the policy map to which the policy belongs and to enter the Policy map Configuration mode Use the service policy Ethernet Port channel Interface Configuration mode command to attach a policy map to an interface Use an existing class map to attach classification criter...

Page 224: ...of the class whose QoS policies are to be displayed Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays all policy maps Console show policy map Policy Map policy1 class class1 set Ip dscp 7 Policy Map policy2 class class 2 police 96000 4800 exceed action drop...

Page 225: ...uration The port is not in the trust mode If the port is in trust mode the internal DSCP value is derived from the ingress packet Command Mode Policy map Class Configuration mode User Guidelines Action serviced to a class so that if an IP packet arrives the queue is assigned per DSCP If a non IP packet arrives the queue is assigned per CoS VPT Example The following example configures the trust sta...

Page 226: ...Guidelines This command is mutually exclusive with the trust Policy map Class Configuration command within the same policy map Policy maps that contain set or trust Policy map Class Configuration commands or that have ACL classifications cannot be attached to an egress interface by using the service policy Ethernet Port channel Interface Configuration mode command To return to the Policy map Confi...

Page 227: ...SCP of the packet is remarked according to the policed DSCP map as configured by the qos map policed dscp Global Configuration mode command Default Configuration This command has no default configuration Command Mode Policy map Class Configuration mode User Guidelines Policing uses a token bucket algorithm CIR represents the speed with which the token is removed from the bucket CBS represents the ...

Page 228: ...licy map name no service policy input Parameters policy map name Specifies the name of the policy map to be applied to the input interface Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet port Channel mode User Guidelines Only one policy map per interface per direction is supported Example The following example attaches a policy map call...

Page 229: ...o the policed DSCP map as configured by the qos map policed dscp Global Configuration mode command Default Configuration No aggregate policer is define Command Mode Global Configuration mode User Guidelines Policers that contain set or trust Policy map Class Configuration commands or that have ACL classifications cannot be attached to an output interface Define an aggregate policer if the policer ...

Page 230: ... policer called policer1 that can be applied to multiple classes in the same policy map When the average traffic rate exceeds 124 000 bps or the normal burst size exceeds 96000 bps the packet is dropped Console config qos aggregate policer policer1 124000 96000 exceed action drop ...

Page 231: ...te policer name Specifies the name of the aggregate policer to be displayed Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines Example The following example displays the parameters of the aggregate policer called policer1 Console show qos aggregate policer policer1 aggregate policer policer1 96000 4800 exceed act...

Page 232: ...nfiguration This command has no default configuration Command Mode Policy map Class Configuration mode User Guidelines An aggregate policer can be applied to multiple classes in the same policy map An aggregate policer cannot be applied across multiple policy maps or interfaces To return to the Policy map Configuration mode use the exit command To return to the Privileged EXEC mode use the end com...

Page 233: ...to queue 3 Cos1 is mapped to queue 1 Cos2 is mapped to queue 2 Cos3 is mapped to queue 4 Cos4 is mapped to queue 5 Cos5 is mapped to queue 6 Cos6 is mapped to queue 7 Cos7 is mapped to queue 8 Command Mode Global Configuration mode User Guidelines This command can be used to distribute traffic into different queues where each queue is configured with different Weighted Round Robin WRR and Weighted...

Page 234: ...riority queue out num of queues Global Configuration mode command to configure a queue as WRR or Strict Priority Use this command to define a WRR weight per interface The weight ratio for each queue is defined by the queue weight divided by the sum of all queue weights i e the normalized weight This sets the bandwidth allocation for each queue A queue can be assigned a WRR weight of 0 in which cas...

Page 235: ...riority queue out num of queues Parameters number of queues Specifies the number of expedite queues Expedite queues have higher indexes Range 0 8 Default Configuration All queues are expedite queues Command Mode Global Configuration mode User Guidelines Configuring the number of expedite queues affects the Weighted Round Robin WRR weight ratio because fewer queues participate in the WRR Example Th...

Page 236: ...ault Configuration No shape is defined Command Mode Interface Configuration Ethernet port channel mode User Guidelines This command activates the shaper on a specified egress port or egress queue To activate the shaper on an egress port enter the Interface Configuration mode and specify the port number Then run this command without the queue id parameter The CIR and the CBS will be applied to the ...

Page 237: ...cers Displays the shaper of the specified interface and the shaper for the queue on the specified interface shapers Displays all the policers configured for this interface their setting and the number of policers currently unused Default Configuration There is no default configuration for this command Command Mode User EXEC mode User Guidelines If no keyword is specified port QoS QoS mode e g DSCP...

Page 238: ...in DP1 Max DP1 Prob DP1 Min DP2 Max DP2 Prob DP2 Weight 1 N A N A N A N A N A N A N A N A N A N A 2 N A N A N A N A N A N A N A N A N A N A 3 N A N A N A N A N A N A N A N A N A N A 4 N A N A N A N A N A N A N A N A N A N A 5 50 60 13 65 80 6 85 95 4 2 6 50 60 13 65 80 6 85 95 4 2 7 50 60 13 65 80 6 85 95 4 2 8 50 60 13 65 80 6 85 95 4 2 ...

Page 239: ...hernet Indicates that the thresholds are to be applied to Gigabit Ethernet ports tengigabitethernet Indicates that the thresholds are to be applied to 10 Gigabit Ethernet ports queue id Specifies the queue number to which the threshold is assigned threshold percentage0 1 2 Specifies the queue threshold percentage value Each value is separated by a space Range 0 100 Default Configuration 80 percent...

Page 240: ... DSCP values separated by a space Range 0 63 dscp mark down Specifies the DSCP value to mark down Range 0 63 Default Configuration The default map is the Null map which means that each incoming DSCP value is mapped to the same DSCP value Command Mode Global Configuration mode User Guidelines DSCP values 3 11 19 cannot be remapped to other values Example The following example marks down incoming DS...

Page 241: ...ifies up to 8 DSCP values separated by a space Range 0 63 queue id Specifies the queue number to which the DSCP values are mapped Default Configuration The following table describes the default map Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example maps DSCP values 33 40 and 41 to queue 1 DSCP value 0 7 8 15 16 23 24 3...

Page 242: ...quality of service QoS domain are classified at the edge of the QoS domain When packets are classified at the edge the switch port within the QoS domain can be configured to one of the trusted states because there is no need to classify the packets at every device in the domain A switch port on an inter QoS domain boundary can be configured to the DSCP trust state and if the DSCP values are differ...

Page 243: ... port use the no form of this command Syntax qos trust no qos trust Default Configuration qos trust is enabled on each port when the system is in basic mode Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures Ethernet port 1 15 to the default trust state Console config interface ether...

Page 244: ...ult cos Specifies the default CoS value of the port Range 0 7 Default Configuration Default CoS value of a port is 0 Command Mode Interface Configuration Ethernet port channel mode User Guidelines If the port is trusted the default CoS value of the port is used to assign a CoS value to all untagged packets entering the port Example The following example configures port 1 15 default CoS value to 3 ...

Page 245: ...ty of Service QoS administrative domain If two QoS domains have different DSCP definitions use the DSCP to DSCP mutation map to match one set of DSCP values with the DSCP values of another domain Apply the DSCP to DSCP mutation map only to ingress and to DSCP trusted ports Applying this map to a port causes IP packets to be rewritten with newly mapped DSCP values at the ingress ports If the DSCP t...

Page 246: ...rated by spaces Range 0 63 out dscp Specifies up to 8 DSCP values separated by spaces Range 0 63 Default Configuration The default map is the Null map which means that each incoming DSCP value is mapped to the same DSCP value Command Mode Global Configuration mode User Guidelines This is the only map that is not globally configured it is possible to have several maps and assign each one to differe...

Page 247: ...is skipped over by transaction requests Range 0 2000 key string Specifies the authentication and encryption key for all RADIUS communications between the device and the RADIUS server This key must match the encryption used on the RADIUS daemon To specify an empty string enter Range 0 128 characters source Specifies the source IP address to use for communication 0 0 0 0 is interpreted as request to...

Page 248: ...xample The following example specifies a RADIUS server host with IP address 192 168 10 1 authentication request port number 20 and a 20 second timeout period Console config radius server host 192 168 10 1 auth port 20 timeout 20 ...

Page 249: ...key string Specifies the authentication and encryption key for all RADIUS communications between the device and the RADIUS server This key must match the encryption used on the RADIUS daemon Range 0 128 characters Default Configuration The key string is an empty string Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example...

Page 250: ...adius server retransmit retries no radius server retransmit Parameters retries Specifies the retransmit value Range 1 10 Default Configuration The software searches the list of RADIUS server hosts 3 times Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the number of times the software searches the list of...

Page 251: ...orm of this command Syntax radius server source ip source no radius source ip source Parameters source Specifies a valid source IP address Default Configuration The source IP address is the IP address of the outgoing IP interface Command Mode Global Configuration mode User Guidelines Example The following example configures the source IP address used for communication with RADIUS servers to 10 1 1...

Page 252: ...the no form of this command Syntax radius server timeout timeout no radius server timeout Parameters timeout Specifies the timeout value in seconds Range 1 30 Default Configuration The timeout value is 3 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the timeout interval to 5 seconds Console conf...

Page 253: ...tion use the no form of this command Syntax radius server deadtime deadtime no radius server deadtime Parameters deadtime Length of time in minutes during which a RADIUS server is skipped over by transaction requests Range 0 2000 Default Configuration The deadtime setting is 0 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following...

Page 254: ...ration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays RADIUS server settings Console show radius servers IP address Port Auth TimeOut Retransmit DeadTime Source IP Priority Usage 172 16 1 1 1645 Global Global Global 1 All 172 16 1 2 1645 11 8 Global Global 2 All Global values TimeOut 3 Retransmit 3 Deadtime 0 ...

Page 255: ...Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays RMON Ethernet statistics for Ethernet port 1 1 Console show rmon statistics ethernet 1 1 Port 1 1 Octets 878128 Packets 978 Broadcast 7 Multicast 1 CRC Align Errors 0 Collisions 0 Undersize Pkts 0 Oversize P...

Page 256: ... of packets received less than 64 octets in length excluding framing bits but including FCS octets and either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Jabbers The total number of packets received longer than 1518 octets excluding framing bits but including FCS octets and either a bad Frame Check Seq...

Page 257: ...ts specified for the RMON collection history group of statistics If unspecified defaults to 50 Range 1 65535 seconds Number of seconds in each polling cycle Range 1 3600 Default Configuration RMON statistics group owner name is an empty string Number of buckets specified for the RMON collection history statistics group is 50 Number of seconds in each polling cycle is 1800 Command Mode Interface Co...

Page 258: ...uidelines There are no user guidelines for this command Example The following example displays all RMON history group statistics The following table describes significant fields shown above Console show rmon collection history Index Interface Interval Requested Samples Granted Samples Owner 1 1 1 30 50 50 CLI 2 1 2 1800 50 50 Manager Field Description Index An index that uniquely identifies the en...

Page 259: ... Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Examples The following examples displays RMON Ethernet history statistics for index 1 Console show rmon history 1 throughput Sample Set 1 Owner CLI Interface 1 1 Interval 1800 Requested samples 50 Granted samples 50 Maximum table size 500 Time O...

Page 260: ...he broadcast address Multicast The number of good packets received during this sampling interval that were directed to a mul ticast address This number does not include packets addressed to the broadcast address Util The best estimate of the mean physical layer network utilization on this interface during this sampling interval in hundredths of a percent CRC Align The number of packets received du...

Page 261: ...e hits Jabbers The number of packets received during this sampling interval that were longer than 1518 octets excluding framing bits but including FCS octets and had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Dropped The total number of events in which packets were dropped by the probe due to l...

Page 262: ...lue to be compared against the thresholds Possible values are absolute and delta If the method is absolute the value of the selected variable is compared directly with the thresholds at the end of the sampling interval If the method is delta the selected variable value of the last sample is sub tracted from the current value and the difference is compared with the thresholds direction Specifies th...

Page 263: ...ollowing alarm conditions Alarm index 1000 Variable identifier D Link Sample interval 360000 seconds Rising threshold 1000000 Falling threshold 1000000 Rising threshold event index 10 Falling threshold event index 20 Console config rmon alarm 1000 D Link 360000 1000000 1000000 10 20 ...

Page 264: ...uidelines There are no user guidelines for this command Example The following example displays the alarms table The following table describes significant fields shown above Console show rmon alarm table Index OID Owner 1 1 3 6 1 2 1 2 2 1 10 1 CLI 2 1 3 6 1 2 1 2 2 1 10 1 Manager 3 1 3 6 1 2 1 2 2 1 10 9 CLI Field Description Index An index that uniquely identifies the entry OID Monitored variable...

Page 265: ... table describes the significant fields shown in the display Console show rmon alarm 1 Alarm 1 OID 1 3 6 1 2 1 2 2 1 10 1 Last sample Value 878128 Interval 30 Sample Type delta Startup Alarm rising Rising Threshold 8700000 Falling Threshold 78 Rising Event 1 Falling Event 1 Owner CLI Field Description Alarm Alarm index OID Monitored variable OID Last Sample Value The statistic value during the las...

Page 266: ...alarm is equal to rising or rising and falling then a single rising alarm is generated If the first sample is less than or equal to the fall ing threshold and startup alarm is equal falling or rising and falling then a single falling alarm is generated Rising Threshold A sampled statistic threshold When the current sampled value is greater than or equal to this threshold and the value at the last ...

Page 267: ...e SNMP community specified by this octet string Range 0 127 characters description text Specifies a comment describing this event Range 0 127 characters name Specifies the name of the person who configured this event If unspecified the name is an empty string Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines If log is specified a...

Page 268: ... 23 58 17 2 High Broadcast Log Trap device Manager Jan 18 2002 23 59 48 Field Description Index An index that uniquely identifies the event Description A comment describing this event Type The type of notification that the device generates about this event Can have the following values none log trap log trap In the case of log an entry is made in the log table for each event In the case of trap an...

Page 269: ...User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the RMON log table Console show rmon log Maximum table size 500 Event Description Time 1 Errors Jan 18 2002 23 48 19 1 Errors Jan 18 2002 23 58 17 2 High Broadcast Jan 18 2002 23 59 48 Console show rmon log Maximum table size 500 800 after reset Event Description Time 1 Errors Jan 18...

Page 270: ... The following table describes the significant fields shown in the display Field Description Event An index that uniquely identifies the event Description A comment describing this event Time The time this entry was created ...

Page 271: ...size history log Parameters history entries Maximum number of history table entries Range 20 270 log entries Maximum number of log table entries Range 20 100 Default Configuration History table size is 270 Log table size is 200 Command Mode Global Configuration mode User Guidelines The configured table size taskes effect after the device is rebooted Example The following example configures the max...

Page 272: ...RMON Commands Page 271 ...

Page 273: ...ined group A group defines the objects available to the community Range 1 30 characters view name Specifies the name of a previously defined view The view defines the objects available to the community Range 1 30 characters router Indicates that a community is used for SNMP access to the device only Default Configuration No communities are defined Command Mode Global Configuration mode User Guidel...

Page 274: ...urity models is mapped to the group name Examples The following example defines community access string public to permit administrative access to SNMP protocol at an administrative station with IP address 192 168 1 20 Console config snmp server community public su 192 168 1 20 ...

Page 275: ...word such as system Replace a single subidentifier with the asterisk wildcard to specify a subtree family for example 1 3 4 included Indicates that the view type is included excluded Indicates that the view type is excluded Default Configuration No view entry exists Command Mode Global Configuration mode User Guidelines This command can be entered multiple times for the same view record The number...

Page 276: ...security model name Specifies the context of a packet The following context is supported Router If the context name is unspecified all contexts are defined readview Specifies a string that is the name of the view that enables only viewing the contents of the agent If unspecified all objects except for the community table and SNMPv3 user and access tables are available writeview Specifies a string ...

Page 277: ...ion level The user should enter a concatenated hexadecimal string of the MD5 key MSB and the privacy key LSB If authentication is only required 16 bytes should be entered if authentication and privacy are required 32 bytes should be entered Each byte in the hexadecimal character string is two hexadecimal digits Each byte can be separated by a period or colon 16 or 32 bytes auth sha key sha des key...

Page 278: ...SNMP Commands Page 277 Examples The following example configures an SNMPv3 user John in group user group Console config snmp server user John user group ...

Page 279: ...e If the SNMPv3 engine ID is deleted or the configuration file is erased SNMPv3 cannot be used By default SNMPv1 v2 are enabled on the device SNMPv3 is enabled only by defining the Local Engine ID If you want to specify your own ID you do not have to specify the entire 32 character engine ID if it contains trailing zeros Specify only the portion of the engine ID up to the point where just zeros re...

Page 280: ...gine ID configuration To see the SNMP engine ID configuration enter the snmp server engineID local GlobalConfiguration mode command Examples The following example enables SNMPv3 on the device and sets the local engine ID of the device to the default value Console config snmp server engineID local default ...

Page 281: ...P traps To disable SNMP traps use the no form of the command Syntax snmp server enable traps no snmp server enable traps Default Configuration SNMP traps are enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example enables SNMP traps Console config snmp server enable traps ...

Page 282: ...ers such as 1 3 6 2 4 or a word such as system Replace a single subidentifier with the asterisk wildcard to specify a subtree family for example 1 3 4 included Indicates that the filter type is included excluded Indicates that the filter type is excluded Default Configuration No filter entry exists Command Mode Global Configuration mode User Guidelines This command can be entered multiple times fo...

Page 283: ...ps will be used If port Specifies the UDP port of the host to use If unspecified the default UDP port number is 162 Range 1 65535 filtername Specifies a string that defines the filter for this host If unspecified nothing is filtered Range 1 30 characters seconds Specifies the number of seconds to wait for an acknowledgment before resending informs If unspecified the default timeout period is 15 se...

Page 284: ...f a packet without encrypting it priv Indicates authentication of a packet with encryption port Specifies the UDP port of the host to use If unspecified the default UDP port number is 162 Range 1 65535 filtername Specifies a string that defines the filter for this host If unspecified nothing is filtered Range 1 30 characters seconds Specifies the number of seconds to wait for an acknowledgment bef...

Page 285: ...failed authentication traps use the no form of this command Syntax snmp server trap authentication no snmp server trap authentication Default Configuration SNMP failed authentication traps are enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example enables SNMP failed authentication traps Console config snmp server...

Page 286: ...rameters text Specifies the string that describes system contact information Range 0 160 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Do not include spaces in the text string or place text that includes spaces inside quotation marks Example The following example configures the system contact point called D Link_Te...

Page 287: ...snmp server location Parameters text Specifies a string that describes system location information Range 0 160 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Do not include spaces in the text string or place text that includes spaces inside quotation marks Example The following example defines the device location as...

Page 288: ... value followed by one or more fields Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Although the CLI can set any required configuration there might be a situation where a SNMP user sets a MIB variable that does not have an equivalent command In order to generate configuration files that support those situations the snmp serve...

Page 289: ... example displays the SNMP communications status Console show snmp Community String Community Access View name IP address public read only user view All private read write Default 172 16 1 1 private su DefaultSuper 172 17 1 1 Community string Group name IP address public user group all Traps are enabled Authentication trap is enabled Version 1 2 notifications Target Address Type Community Version ...

Page 290: ... Priv 162 15 3 System Contact Robert System Location Marketing Field Description Community string Community access string to permit access to the SNMP protocol Community access Type of access read only read write super access IP Address Management station IP Address Trap Rec Address Targeted Recipient Trap Rec Community Statistics sent with the notification operation Version SNMP version for the s...

Page 291: ...rk Management Protocol SNMP engine Syntax show snmp engineID Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the SNMP engine ID Console show snmp engineID Local SNMP engineID 08009009020C0B099C075878 ...

Page 292: ...f the view Range 1 30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the configuration of views Console show snmp views Name OID Tree Type user view 1 3 6 1 2 1 1 Included user view 1 3 6 1 2 1 1 7 Excluded user view 1 3 6 1 2 1 2 2 1 1 Included ...

Page 293: ...ays the configuration of views The following table describes significant fields shown above Console show snmp groups Name Security Views Model Level Read Write Notify user group V3 priv Default managers group V3 priv Default Default managers group V3 priv Default Field Description Name Name of the group Security Model SNMP model in use v1 v2 or v3 Security Level Authentication of a packet with enc...

Page 294: ...SNMP Commands Page 293 Write Name of the view that enables entering data and managing the contents of the agent Notify Name of the view that enables specifying an inform or a trap ...

Page 295: ... name of the filter Range 1 30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the configuration of filters Console show snmp filters Name OID Tree Type user filter 1 3 6 1 2 1 1 Included user filter 1 3 6 1 2 1 1 7 Excluded user filter 1 3 6 1 2 1 ...

Page 296: ...es the name of the user Range 1 30 Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the configuration of users Console show snmp users Name Group name Auth Method Remote John user group md5 John user group md5 08009009020C0B099C075879 ...

Page 297: ...ctionality To disable spanning tree functionality use the no form of this command Syntax spanning tree no spanning tree Default Configuration Spanning tree is enabled Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enables spanning tree functionality Console config spanning tree ...

Page 298: ...is enabled rstp Indicates that the Rapid Spanning Tree Protocol RSTP is enabled mstp Indicates that the Multiple Spanning Tree Protocol RSTP is enabled Default Configuration STP is enabled Command Modes Global Configuration mode User Guidelines In RSTP mode the device uses STP when the neighbor device uses STP In MSTP mode the device uses RSTP when the neighbor device uses RSTP and uses STP when t...

Page 299: ... form of this command Syntax spanning tree forward time seconds no spanning tree forward time Parameters seconds Time in seconds Range 4 30 Default Configuration The default forwarding time for the IEEE Spanning Tree Protocol STP is 15 seconds Command Modes Global Configuration mode User Guidelines When configuring the forwarding time the following relationship should be kept 2 Forward Time 1 Max ...

Page 300: ...his command Syntax spanning tree hello time seconds no spanning tree hello time Parameters seconds Time in seconds Range 1 10 Default Configuration The default hello time for IEEE Spanning Tree Protocol STP is 2 seconds Command Modes Global Configuration mode User Guidelines When configuring the hello time the following relationship should be kept Max Age 2 Hello Time 1 Example The following examp...

Page 301: ...o spanning tree max age Parameters seconds Time in seconds Range 6 40 Default Configuration The default maximum age for IEEE Spanning Tree Protocol STP is 20 seconds Command Modes Global Configuration mode User Guidelines When configuring the maximum age the following relationships should be kept 2 Forward Time 1 Max Age Max Age 2 Hello Time 1 Example The following example configures the spanning ...

Page 302: ...e no form of this command Syntax spanning tree priority priority no spanning tree priority Parameters priority Priority of the bridge Range 0 61440 in steps of 4096 Default Configuration The default bridge priority for IEEE Spanning Tree Protocol STP is 32768 Command Modes Global Configuration mode User Guidelines The bridge with the lowest priority is elected as the root bridge Example The follow...

Page 303: ...rm of this command Syntax spanning tree disable no spanning tree disable Default Configuration Spanning tree is enabled on all ports Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example disables spanning tree on Ethernet port 1 5 Console config interface ethernet 1 5 Console config if spanning t...

Page 304: ... determined by port speed and path cost method long or short as shown below Command Modes Interface Configuration Ethernet port channel mode User Guidelines The path cost method is configured using the spanning tree pathcost method Global Configuration mode command Example The following example configures the spanning tree cost on Ethernet port 1 15 to 35000 Interface Long Short Port channel 20 00...

Page 305: ...ee port priority Parameters priority The priority of the port Range 0 240 in multiples of 16 Default Configuration The default port priority for IEEE Spanning TreeProtocol STP is 128 Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures the spanning priority on Ethernet port 1 15 to 96...

Page 306: ...s command Syntax spanning tree portfast no spanning tree portfast Default Configuration PortFast mode is disabled Command Modes Interface Configuration Ethernet port channel mode User Guidelines This feature should be used only with interfaces connected to end stations Otherwise an accidental topology loop could cause a data packet loop and disrupt device and network operations Example The followi...

Page 307: ...panning tree link type Parameters point to point Indicates that the port link type is point to point shared Indicates that the port link type is shared Default Configuration The device derives the port link type from the duplex mode A full duplex port is considered a point to point link and a half duplex port is considered a shared link Command Modes Interface Configuration Ethernet port channel m...

Page 308: ...ng tree pathcost method Parameters long Specifies port path costs with a range of 1 200 000 000 short Specifies port path costs with a range of 0 65 535 Default Configuration Short path cost method Command Mode Global Configuration mode User Guidelines This command applies to all spanning tree instances on the device The cost is set using the spanning tree cost command Example The following exampl...

Page 309: ...u filtering flooding Parameters filtering Filter BPDU packets when the spanning tree is disabled on an interface flooding Flood BPDU packets when the spanning tree is disabled on an interface Default Configuration The default setting is flooding Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example defines BPDU packet fl...

Page 310: ...ree detected protocols ethernet interface port channel port channel number Parameters interface A valid Ethernet port port channel number A valid port channel number Default Configuration This command has no default configuration Command Modes Privileged EXEC mode User Guidelines This feature should be used only when working in RSTP or MSTP mode Example The following example restarts the protocol ...

Page 311: ...nce id priority Parameters instance id ID of the spanning tree instance Range 1 16 priority Device priority for the specified spanning tree instance Range 0 61440 in multiples of 4096 Default Configuration The default bridge priority for IEEE Spanning Tree Protocol STP is 32768 Command Mode Global Configuration mode User Guidelines The device with the lowest priority is selected as the root of the...

Page 312: ...nd Syntax spanning tree mst max hops hop count no spanning tree mst max hops Parameters hop count Number of hops in an MST region before the BDPU is discarded Range 1 40 Default Configuration The default number of hops is 20 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures the maximum number of hops that a...

Page 313: ...t instance id port priority Parameters instance ID ID of the spanning tree instance Range 1 16 priority The port priority Range 0 240 in multiples of 16 Default Configuration The default port priority for IEEE Multiple Spanning Tree Protocol MSTP is 128 Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The followi...

Page 314: ... instance ID ID of the spanning tree instance Range 1 16 cost The port path cost Range 1 200 000 000 Default Configuration Default path cost is determined by port speed and path cost method long or short as shown below Command Modes Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures the MSTP inst...

Page 315: ...st configuration Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines All devices in an MST region must have the same VLAN mapping configuration revision number and name Example The following example configures an MST region Console config spanning tree mst configuration Console config mst instance 1 add vlan 10 20 Console config ms...

Page 316: ...ation VLANs are mapped to the common and internal spanning tree CIST instance instance 0 Command Modes MST Configuration mode User Guidelines All VLANs that are not explicitly mapped to an MST instance are mapped to the common and internal spanning tree CIST instance instance 0 and cannot be unmapped from the CIST For two or more devices to be in the same MST region they must have the same VLAN ma...

Page 317: ...me string Parameters string MST configuration name Case sensitive Range 1 32 characters Default Configuration The default name is a bridge ID Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example defines the configuration name as region1 Console config spanning tree mst configuration Console config mst name region 1 ...

Page 318: ...tax revision value no revision Parameters value Configuration revision number Range 0 65535 Default Configuration The default configuration revision number is 0 Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example sets the configuration revision to 1 Console config spanning tree mst configuration Console config mst revision...

Page 319: ...ding region configuration Default Configuration This command has no default configuration Command Mode MST Configuration mode User Guidelines The pending MST region configuration takes effect only after exiting the MST configuration mode Example The following example displays a pending MST region configuration Console config mst show pending Pending MST configuration Name Region1 Revision 1 Instan...

Page 320: ...ation changes Syntax exit Default Configuration This command has no default configuration Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example exits the MST configuration mode and saves changes Console config spanning tree mst configuration Console config mst exit ...

Page 321: ...uration changes Syntax abort Default Configuration This command has no default configuration Command Mode MST Configuration mode User Guidelines There are no user guidelines for this command Example The following example exits the MST configuration mode without saving changes Console config spanning tree mst configuration Console config mst abort ...

Page 322: ...tax spanning tree guard root no spanning tree guard root Default Configuration Root guard is disabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines Root guard can be enabled when the device operates in STP RSTP and MSTP When root guard is enabled the port changes to the alternate state if spanning tree calculations selects the port as the root port Examples The fo...

Page 323: ...tes detailed information active Indicates active ports only blockedports Indicates blocked ports only mst configuration Indicates the MST configuration identifier instance id Specifies ID of the spanning tree instance Default Configuration This command has no default configuration Command Modes Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The followin...

Page 324: ...28 4 20000 BLK ALTN No Shared STP 1 5 Enabled 128 5 20000 DIS Console show spanning tree Spanning tree enabled mode RSTP Default port cost method long Root ID Priority 36864 Address 00 02 4b 29 7a 00 This switch is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio Nbr Cost Sts Role PortFast Type 1 1 Enabled 128 1 20000 FWD Desg No P2p RSTP 1 2 Enabled 128 2 2...

Page 325: ...orward Delay 15 sec Interfaces Name State Prio Nbr Cost Sts Role PortFast Type 1 1 Enabled 128 1 20000 1 2 Enabled 128 2 20000 1 3 Disabled 128 3 20000 1 4 Enabled 128 4 20000 1 5 Enabled 128 5 20000 Console show spanning tree active Spanning tree enabled mode RSTP Default port cost method long Root ID Priority 32768 Address 00 01 42 97 e0 00 Path Cost 20000 Root Port 1 1 1 Hello Time 2 sec Max Ag...

Page 326: ...68 Address 00 01 42 97 e0 00 Path Cost 20000 Root Port 1 1 1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 36864 Address 00 02 4b 29 7a 00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Interfaces Name State Prio Nbr Cost Sts Role PortFast Type 1 1 Enabled 128 4 20000 BLK ALTN No Shared STP Console show spanning tree detail Spanning tree enabled mode RSTP Default po...

Page 327: ...mber of transitions to forwarding state 1 BPDU sent 2 received 120638 Port 2 1 2 enabled State Forwarding Role Designated Port id 128 2 Port cost 20000 Type Shared configured auto STP Port Fast No configured no Designated bridge Priority 32768 Address 00 02 4b 29 7a 00 Designated port id 128 2 Designated path cost 20000 Number of transitions to forwarding state 1 BPDU sent 2 received 170638 Port 3...

Page 328: ...d bridge Priority N A Address N A Designated port id N A Designated path cost N A Number of transitions to forwarding state N A BPDU sent N A received N A Console show spanning tree ethernet 1 1 Port 1 1 1 enabled State Forwarding Role Root Port id 128 1 Port cost 20000 Type P2p configured auto RSTP Port Fast No configured no Designated bridge Priority 32768 Address 00 01 42 97 e0 00 Designated po...

Page 329: ...s 00 02 4b 29 7a 00 This switch is the IST master Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Max hops 20 Interfaces Name State Prio Nbr Cost Sts Role PortFast Type 1 1 Enabled 128 1 20000 FWD Root No P2p Bound RSTP 1 2 Enabled 128 2 20000 FWD Desg No Shared Bound STP 1 3 Enabled 128 3 20000 FWD Desg No P2p 1 4 Enabled 128 4 20000 FWD Desg No P2p MST 1 Vlans Mapped 10 20 CST Root ID Prior...

Page 330: ...Port 1 1 1 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec IST Master ID Priority 32768 Address 00 02 4b 29 7a 00 This switch is the IST master Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Max hops 20 Number of topology changes 2 last change occurred 2d18h ago Times hold 1 topology change 35 notification 2 hello 2 max age 20 forward delay 15 Port 1 1 1 enabled State Forwarding Role Ro...

Page 331: ...bridge Priority 32768 Address 00 02 4b 29 7a 00 Designated port id 128 3 Designated path cost 20000 Number of transitions to forwarding state 1 BPDU sent 2 received 170638 Port 4 1 4 enabled State Forwarding Role Designated Port id 128 4 Port cost 20000 Type Shared configured auto Internal Port Fast No configured no Designated bridge Priority 32768 Address 00 02 4b 29 7a 00 Designated port id 128 ...

Page 332: ...rity 32768 Address 00 02 4b 29 7a 00 Designated port id 128 2 Designated path cost 20000 Number of transitions to forwarding state 1 BPDU sent 2 received 170638 Port 3 1 3 disabled State Blocking Role Alternate Port id 128 3 Port cost 20000 Type Shared configured auto Internal Port Fast No configured no Designated bridge Priority 32768 Address 00 02 4b 29 1a 19 Designated port id 128 78 Designated...

Page 333: ...IST Master ID Priority 32768 Address 00 02 4b 19 7a 00 Path Cost 10000 Rem hops 19 Bridge ID Priority 32768 Address 00 02 4b 29 7a 00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Max hops 20 Console show spanning tree Spanning tree enabled mode MSTP Default port cost method long MST 0 Vlans Mapped 1 9 21 4094 CST Root ID Priority 32768 Address 00 01 42 97 e0 00 This switch is root for CST ...

Page 334: ...Spanning Tree Commands Page 333 ...

Page 335: ...e no form of this command Syntax ip ssh port port number no ip ssh port Parameters port number Port number for use by the SSH server Range 1 65535 Default Configuration The default port number is 22 Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example specifies the port to be used by the SSH server as 8080 Console config...

Page 336: ... Configuration Device configuration from a SSH server is enabled Command Mode Global Configuration mode User Guidelines If encryption keys are not generated the SSH server is in standby until the keys are generated To generate SSH server keys use the crypto key generate dsa and crypto key generate rsa Global Configuration mode commands Example The following example enables configuring the device f...

Page 337: ...nd one private DSA key If the device already has DSA keys a warning and prompt to replace the existing keys with new keys are displayed This command is not saved in the device configuration however the keys generated by this command are saved in the private configuration which is never displayed to the user or backed up on another device DSA keys are saved to the backup master This command may tak...

Page 338: ...private RSA key If the device already has RSA keys a warning and prompt to replace the existing keys with new keys are displayed This command is not saved in the device configuration however the keys generated by this command are saved in the private configuration which is never displayed to the user or backed up on another device RSA keys are saved to the backup master This command may take a con...

Page 339: ...s function use the no form of this command Syntax ip ssh pubkey auth no ip ssh pubkey auth Default Configuration Public Key authentication fo incoming SSH sessions is disabled Command Mode Global Configuration mode User Guidelines AAA authentication is independent Example The following example enables public key authentication for incoming SSH sessions Console config ip ssh pubkey auth ...

Page 340: ... the SSH Public Key chain Configuration mode and manually configures the RSA key pair for SSH public key chain bob Console config crypto key pubkey chain ssh Console config pubkey chain user key bob Console config pubkey key key string rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvTnRwPWl Al4kpqIw9GBRonZQZxjHKcqKL6rMlQ ZNXfZSkvHG QusIZ 76ILmFT34v7u7ChFAE Vu4GRfpSwoQUvV35LqJJk67IOU zfwOl1g kTwml75QR9gHujS6Kw...

Page 341: ...rs rsa Indicates the RSA key pair dsa Indicates the DSA key pair Default Configuration No SSH public keys exist Command Mode SSH Public Key string Configuration mode User Guidelines Follow this command with the key string SSH Public Key String Configuration mode command to specify the key Example The following example enables manually configuring an SSH public key for SSH public key chain bob Cons...

Page 342: ...d_keys file used by OpenSSH Default Configuration No keys exist Command Mode SSH Public Key string Configuration mode User Guidelines Use the key string SSH Public Key string Configuration mode command to specify which SSH public key is to be interactively configured next To complete the command you must enter a row with no characters Use the key string row SSH Public Key string Configuration mode...

Page 343: ... 76ILmFT34v7u7ChFAE Vu4GRfpSwoQUvV35LqJJk67IOU zfwOl1g kTwml75QR9gHujS6KwGN2QWXgh3ub8gDjTSq muSn Wd05iDX2IExQWu08licglk02LYciz Z4TrEU 9FJxwPiVQOjc KBXuR0juN5nFYsY 0ZCk0N W9a tnkm1shRE7Di71 w3fNiOA 6w9o44t6 AINEICBCCA4YcF6zMzaT1wefWwX6f Rmt5nhhqdAtN 4oJfce166DqVX1gWmN zNR4DYDvSzg0lDnwCAC8Qh Fingerprint a4 16 46 23 5a 8d 1d b5 37 59 eb 44 13 b9 33 e9 Console config crypto key pubkey chain ssh Consol...

Page 344: ...plays the SSH server configuration The following table describes significant fields shown above Console show ip ssh SSH server enabled Port 22 RSA key was generated DSA DSS key was generated SSH Public Key Authentication is enabled Active incoming sessions IP address SSH username Version Cipher Auth Code 172 16 0 1 John Brown 2 0 3 DES HMAC SHA1 Field Description IP address Client address SSH user...

Page 345: ...d EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the SSH public RSA keys on the device Console show crypto key mypubkey rsa RSA key data 005C300D 06092A86 4886F70D 01010105 00034B00 30480241 00C5E23B 55D6AB22 04AEF1BA A54028A6 9ACC01C5 129D99E4 64CAB820 847EDAD9 DF0B4E4C 73A05DD2 BD62A8A9 FA603DD2 E2A8A6F8 98F76E28 D58AD221 B583D7A4 7...

Page 346: ...This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays SSH public keys stored on the device Console show crypto key pubkey chain ssh Username Fingerprint bob 9A CC 01 C5 78 39 27 86 79 CC 23 C5 98 59 F1 86 john 98 F7 6E 28 F2 79 87 C8 18 F8 88 CC F8 89 87 C8 Console show crypt...

Page 347: ...n Default Configuration Logging is enabled Command Mode Global Configuration mode User Guidelines The logging process controls the distribution of logging messages at various destinations such as the logging buffer logging file or syslog server Logging on and off at these destinations can be individually configured using the logging buffered logging file and logging Global Configuration mode comma...

Page 348: ...essages sent to the syslog servers Possible values emergencies alerts critical errors warnings notifications informational and debugging facility Specifies the facility that is indicated in the message Possible values local0 local1 local2 local3 local4 local5 local 6 local7 text Syslog server description Range 1 64 characters Default Configuration The default port number is 514 The default logging...

Page 349: ...s level Specifies the severity level of logged messages displayed on the console Possible values emergencies alerts critical errors warnings notifications informational debugging Default Configuration The default severity level is informational Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example limits logging messages ...

Page 350: ... of messages logged in the buffer Possible values emergencies alerts critical errors warnings notifications informational debugging Default Configuration The default severity level is informational Command Mode Global Configuration mode User Guidelines All the syslog messages are logged to the internal buffer This command limits the messages displayed to the user Example The following example limi...

Page 351: ...tax logging buffered size number no logging buffered size Parameters number Specifies the maximum number of messages stored in the history table Range 20 400 Default Configuration The default number of messages is 200 Command Mode Global Configuration mode User Guidelines This command takes effect only after Reset Example The following example changes the number of syslog messages stored in the in...

Page 352: ...gging buffer Syntax clear logging Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example clears messages from the internal logging buffer Console clear logging Clear logging buffer confirm ...

Page 353: ...vel Specifies the severity level of syslog messages sent to the logging filePossible values emergencies alerts critical errors warnings notifications informational and debugging Default Configuration The default severity level is errors Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example limits syslog messages sent to t...

Page 354: ... logging file Syntax clear logging file Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example clears messages from the logging file Console clear logging file Clear Logging File confirm ...

Page 355: ... logging login Parameters login Indicates logging messages related to successful login events unsuccessful login events and other login related events Default Configuration Logging AAA login events is enabled Command Mode Global Configuration mode User Guidelines Other types of AAA events are not subject to this command Example The following example enables logging messages related to AAA login ev...

Page 356: ...rename no file system logging delete rename Parameters copy Indicates logging messages related to file copy operations delete rename Indicates logging messages related to file deletion and renaming operations Default Configuration Logging file system events is enabled Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example ...

Page 357: ...ent logging deny no management logging deny Parameters deny Indicates logging messages related to deny actions of management ACLs Default Configuration Logging management ACL events is enabled Command Mode Global Configuration mode User Guidelines Other types of management ACL events are not subject to this command Example The following example enables logging messages related to deny actions of m...

Page 358: ... Messages 0 Dropped severity Buffer logging level debugging Buffer Messages 11 Logged 200 Max File logging level notifications File Messages 0 Dropped severity Syslog server 192 180 2 27 logging errors Messages 6 Dropped severity Syslog server 192 180 2 28 logging errors Messages 6 Dropped severity 2 messages were not logged resources Application filtering control Application Event Status AAA Logi...

Page 359: ...INEPROTO 5 UPDOWN Line protocol on Interface FastEthernet0 0 changed state to up 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 0 changed state to down 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 1 changed state to down 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 2 changed state to down 11 Aug 2004 15 4...

Page 360: ...onsole Messages 0 Dropped severity Buffer logging level debugging Buffer Messages 11 Logged 200 Max File logging level notifications File Messages 0 Dropped severity Syslog server 192 180 2 27 logging errors Messages 6 Dropped severity Syslog server 192 180 2 28 logging errors Messages 6 Dropped severity 2 messages were not logged resources Application filtering control Application Event Status AA...

Page 361: ...INEPROTO 5 UPDOWN Line protocol on Interface FastEthernet0 0 changed state to up 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 0 changed state to down 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 1 changed state to down 11 Aug 2004 15 41 39 LINEPROTO 5 UPDOWN Line protocol on Interface Ethernet1 2 changed state to down 11 Aug 2004 15 4...

Page 362: ...uration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the settings of the syslog servers Console show syslog servers Device Configuration IP address Port Severity Facility Description 192 180 2 27 514 Informational local7 192 180 2 28 514 Warning local7 ...

Page 363: ...s packet_count Number of packets to send If 0 is entered it pings until stopped Range 0 65535 packets time_out Timeout in milliseconds to wait for each reply Range 50 65535 milliseconds Default Configuration Default packet size is 56 bytes Default number of packets to send is 4 Default timeout value is 2000 milliseconds Command Mode User EXEC mode User Guidelines Press Esc to stop pinging Followin...

Page 364: ... 1 1 icmp_seq 3 time 7 ms 10 1 1 1 PING Statistics 4 packets transmitted 4 packets received 0 packet loss round trip ms min avg max 7 8 11 Console ping yahoo com Pinging yahoo com 66 218 71 198 with 64 bytes of data 64 bytes from 10 1 1 1 icmp_seq 0 time 11 ms 64 bytes from 10 1 1 1 icmp_seq 1 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 2 time 8 ms 64 bytes from 10 1 1 1 icmp_seq 3 time 7 ms 10 1 1 ...

Page 365: ...efault number of bytes in a packet is 40 The default maximum TTL value is 30 The default number of probes to be sent at each TTL level is 3 The default timeout interval in seconds is 3 Command Mode User EXEC mode User Guidelines The traceroute command takesadvantage of the error messages generated by the devices when a datagram exceeds its time to live TTL value The traceroute command starts by se...

Page 366: ...35 msec 6 iplsng kscyng abilene ucaid edu 198 32 8 80 47 msec 45 msec 45 msec 7 so 0 2 0x1 aa1 mich net 192 122 183 9 56 msec 53 msec 54 msec 8 atm1 0x24 michnet8 mich net 198 108 23 82 56 msec 56 msec 57 msec 9 10 A ARB3 LSA NG c SEB umnet umich edu 141 211 5 22 58 msec 58 msec 58 msec 11 umaxp1 physics lsa umich edu 141 211 101 64 62 msec 63 msec 63 msec Field Description 1 Indicates the sequenc...

Page 367: ... is the Telnet port decimal23 on the host Command Mode User EXEC mode User Guidelines Telnet software supports special Telnet commands in the form of Telnet sequences that map generic terminal control functions to operating system specific functions To enter a Telnet sequence press the escape sequence keys Ctrl shift 6 followed by a Telnet command character Special Telnet Sequences At any time dur...

Page 368: ...ends the session return to system command prompt Options Description echo Enables local echo quiet Prevents onscreen display of all messages from the software source interface Specifies the source interface stream Turns on stream processing which enables a raw TCP stream with no Telnet control sequences A stream connection does not process Telnet options and can be appropriate for connections to p...

Page 369: ...ent Ident Protocol 113 irc Internet Relay Chat 194 klogin Kerberos login 543 kshell Kerberos shell 544 login Login 513 lpd Printer service 515 nntp Network News Transport Protocol 119 pim auto rp PIM Auto RP 496 pop2 Post Office Protocol v2 109 pop3 Post Office Protocol v3 110 smtp Simple Mail Transport Protocol 25 sunrpc Sun Remote Procedure Call 111 syslog Syslog 514 tacacs TAC Access Control Sy...

Page 370: ...nnection Parameters connection The connection number Range 1 4 connections Default Configuration The default connection number is that of the most recent connection Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Examples The following command switches to open Telnet session number 1 Console resume 1 ...

Page 371: ...EC mode User Guidelines Caution should be exercised when resetting the device to ensure that no other activity is being performed In particular the user should verify that no configuration files are being downloaded at the time of reset Example The following example reloads the operating system Console reload This command will reset the whole system and disconnect your current session Do you want ...

Page 372: ...of the command Syntax hostname name no hostname Parameters name The host name of the device Range 1 158 characters Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example specifies the device host name Console config hostname D Link D Link config ...

Page 373: ...it as the master If only one master enabled unit is in the stack 1 or 2 it becomes the master If a unit configured as a forced master it becomes the master If a forced master unit is removed from a stack and placed in a different stack with another forced master unit both are considered to be forced and the election criteria continue as follows The unit with the longer up time is elected master Un...

Page 374: ...Parameters unit Number of the unit to be reloaded Range 1 6 Default Configuration All units are reloaded Command Modes Privileged EXEC mode User Guidelines This command is not relevant to the standalone device If no unit is specified all units are reloaded Example The following example reloads Unit 2 of the stack Console config stack reload unit 2 ...

Page 375: ... displayed at the top Range 1 6 bottom unit Specifies the number of the unit displayed at the bottom Range 1 6 Default Configuration The master unit is displayed at the top Command Modes Global Configuration mode User Guidelines This command is not relevant to the standalone device If the units are not adjacent in ring or chain topology the units are not at the edge and the default display order i...

Page 376: ...efault configuration Command Mode EXEC User Guidelines Use this command to identify the unit number of each unit If you run the command with all as the unit number the software would turn off all the ports LEDs in all the units and then turn on at each unit the LED of the port with the identical number as the unit number If you run the command with a specific unit number the software would turn of...

Page 377: ...nsole show stack Unit Address Software Master Uplink Downlink Status 1 00 00 b0 87 12 11 1 0 0 0 Enabled 2 3 Slave 2 00 00 b0 87 12 13 1 0 0 0 Enabled 1 4 Master 4 00 00 b0 87 12 14 1 0 0 0 3 5 Slave 5 00 00 b0 87 12 15 1 0 0 0 4 6 Slave 6 00 00 b0 87 12 16 1 0 0 0 5 7 Slave Configured order Unit 1 at Top Unit 2 at bottom Console show stack Unit Address Software Master Uplink Downlink Status 3 00 ...

Page 378: ...ured order Unit 1 at Top Unit 6 at bottom Can t display order as requested Console show stack 1 Unit 1 MAC address 00 00 b0 87 12 11 Master Forced Product xxxxxx Software 1 0 0 0 Status Master Active image image 1 Selected for next boot image 2 ...

Page 379: ...res the QoS activity status in the device policy based vlans Configures the policy based VLAN activity status in the device active Activates the feature inactive Deactivates the feature Defaults The default is product specific Command Mode Priviledged EXEC Usage Guidelines It is required that the running config file would be empty default configuration before executing the command After executing ...

Page 380: ...ol Syntax Description show system mode Default Configuration This command has no default setting Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example shows the mode and QoS features Console show system mode Feature State mode Switch Router QoS Inactive After reboot active ...

Page 381: ...efault Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays information about the active users Console show users Username Protocol Location Bob Serial John SSH 172 16 0 1 Robert HTTP 172 16 0 8 Betty Telnet 172 16 1 7 ...

Page 382: ...ommand Examples The following example lists open Telnet sessions The following table describes significant fields shown above Console show sessions Connection Host Address Port Byte 1 Remote device 172 16 1 1 23 89 2 172 16 1 2 172 16 1 2 23 8 Field Description Connection Connection number Host Remote host to which the device is connected through a Telnet session Address IP address of the remote h...

Page 383: ...nit Range 1 6 Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the system information Console show system Unit Type 1 D Link Unit Main Power Supply Redundant Power Supply 1 OPERATIONAL NOT OPERATIONAL Unit Fan1 Fan2 Fan3 Fan4 Fan5 1 OK OK OK OK OK ...

Page 384: ...mand has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays system version information only for demonstration purposes Console show version SW version 1 0 0 0 date 23 Jul 2004 time 17 34 19 Boot version 1 0 0 0 date 11 Jan 2004 time 11 48 21 HW version 1 0 0 Unit SW version Boot version HW versio...

Page 385: ...ult configuration use the no form of this command Syntax service cpu utilization no service cpu utilization Default Configuration Disabled Command Mode Global Configuration mode User Guidelines Use the show cpu utilization Privileged EXEC command to view information on CPU utilization Example This example enables measuring CPU utilization Console config service cpu utilization ...

Page 386: ...show cpu utilization Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines Use the service cpu utilization Global Configuration mode command to enable measuring CPU utilization Example Console show cpu utilization CPU utilization service is on CPU utilization five seconds 5 one minute 3 five minutes 3 ...

Page 387: ...ies a server port number Range 0 65535 timeout Specifies the timeout value in seconds Range 1 30 key string Specifies the authentication and encryption key for all TACACS communications between the device and the TACACS server This key must match the encryption used on the TACACS daemon To specify an empty string enter Range 0 128 characters source Specifies the source IP address to use for the co...

Page 388: ...TACACS Commands Page 387 Example The following example specifies a TACACS host Console config tacacs server host 172 16 1 1 ...

Page 389: ...ey string no tacacs server key Parameters key string Specifies the authentication and encryption key for all TACACS communications between the device and the TACACS server This key must match the encryption used on the TACACS daemon Range 0 128 characters Default Configuration Empty string Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples...

Page 390: ... configuration use the no form of this command Syntax tacacs server timeout timeout no tacacs server timeout Parameters timeout Specifies the timeout value in seconds Range 1 30 Default Configuration 5 seconds Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example sets the timeout value to 30 Console config tacacs server ...

Page 391: ...ult configuration use the no form of this command Syntax tacacs server source ip source no tacacs server source ip source Parameters source Specifies the source IP address Default Configuration The source IP address is the address of the outgoing IP interface Command Mode Global Configuration mode User Guidelines Examples The following example specifies the source IP address Console config tacacs ...

Page 392: ...ation This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays configuration and statistical information about a TACACS server Console show tacacs Device Configuration IP address Status Port Single Connection TimeOut Source IP Priority 172 16 1 1 Connected 49 No Global Global 1 ...

Page 393: ...o user guidelines for this command Example The following example executes an EXEC level command show vlan from the Global Configuration mode enable The enable User EXEC mode command enters the Privileged EXEC mode Console Config do show vlan VLAN Name Port Type Authorization 1 default 2 1 4 1 1 2 other Required 10 VLAN0010 1 3 4 dynamic Required 11 VLAN0011 1 1 2 static Required 20 VLAN0020 1 3 4 ...

Page 394: ...l Privilege level to enter the system Range 1 15 Default Configuration The default privilege level is 15 Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example enters Privileged EXEC mode Console enable enter password Console ...

Page 395: ...sable privilege level Parameters privilege level Privilege level to enter the system Range 1 15 Default Configuration The default privilege level is 1 Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example return to Users EXEC mode Console disable Console ...

Page 396: ...ntax login Default Configuration This command has no default configuration Command Mode User EXEC mode User Guidelines There are no user guidelines for this command Example The following example enters Privileged EXEC mode and logs in with username admin Console login User Name admin Password Console ...

Page 397: ...e Global Configuration mode Syntax configure Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example enters Global Configuration mode Console configure Console config ...

Page 398: ...hy Syntax exit Default Configuration This command has no default configuration Command Mode All configuration modes User Guidelines There are no user guidelines for this command Example The following example changes the configuration mode from Interface Configuration mode to Privileged EXEC mode Console config if exit Console config exit Console ...

Page 399: ... terminal session by logging off the device Syntax exit Default Configuration This command has no default configuration Command Mode Privileged and User EXEC modes User Guidelines There are no user guidelines for this command Example The following example closes an active terminal session Console exit ...

Page 400: ...rivileged EXEC mode Syntax end Default Configuration This command has no default configuration Command Mode All configuration modes User Guidelines There are no user guidelines for this command Example The following example changes from Global Configuration mode to Privileged EXEC mode Console config end Console ...

Page 401: ...rk If nothing matches the currently entered incomplete command the help list is empty This indicates that for a query at this point there is no command matching the current input If the request is within a command enter backspace and erase the entered characters to a point where the request results in a display Help is provided when 1 There is a valid command and a help request is made for enterin...

Page 402: ...ommand Mode User EXEC mode User Guidelines By default a More prompt is displayed when the output contains more lines than can be displayed on the screen Pressing the Enter key displays the next line pressing the Spacebar displays the next screen of output The data dump command enables dumping all output immediately after entering the show command This command is relevant only for the current sessi...

Page 403: ... unexecuted commands Commands are listed from the first to the most recent command The buffer remains unchanged when entering into and returning from configuration modes Example The following example displays all the commands entered while in the current Privileged EXEC mode Console show version SW version 3 131 date 23 Jul 2004 time 17 34 19 HW version 1 0 0 Console show clock 15 29 03 Jun 17 200...

Page 404: ...Syntax show privilege Default Configuration This command has no default configuration Command Mode Privileged and User EXEC modes User Guidelines There are no user guidelines for this command Example The following example displays the current privilege level for the Privileged EXEC mode Console show privilege Current privilege level is 15 ...

Page 405: ...enters the VLAN Configuration mode Syntax vlan database Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example enters the VLAN database mode Console config vlan database Console config vlan ...

Page 406: ...s a list of VLAN IDs to be added Separate nonconsecutive VLAN IDs with a comma and no spaces a hyphen designates a range of IDs Default Configuration This command has no default configuration Command Mode VLAN Configuration mode User Guidelines There are no user guidelines for this command Example The following example VLAN number 1972 is created Console config vlan database Console config vlan vl...

Page 407: ...n id Specifies an existing VLAN ID Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines There are no user guidelines for this command Example The following example configures VLAN 1 with IP address 131 108 1 27 and subnet mask 255 255 255 0 Console config interface vlan 1 Console config if ip address 131 108 1 27 255 255 255 0 ...

Page 408: ...s all All existing static VLANs Default Configuration This command has no default configuration Command Mode Global Configuration mode User Guidelines Commands under the interface range context are executed independently on each interface in the range If the command returns an error on one of the interfaces an error message is displayed and execution of the command continues on the other interface...

Page 409: ...Unique name to be associated with this VLAN Range 1 32 characters Default Configuration No name is defined Command Mode Interface Configuration VLAN mode Cannot be configured for a range of interfaces range context User Guidelines There are no user guidelines for this command Example The following example gives VLAN number 19 the name Marketing Console config interface vlan 19 Console config if na...

Page 410: ...thernet port channel mode User Guidelines Private VLAN Edge PVE supports private communication by isolating PVE defined ports and ensuring that all Unicast Broadcast and Multicast traffic from these ports is only forwarded to uplink port s PVE requires only one VLAN on each devcie but not on every port this reduces the number of VLANs required by the device Private VLANs and the default VLAN funct...

Page 411: ...dicates an untagged layer 2 VLAN port trunk Indicates a trunking layer 2 VLAN port general Indicates a full 802 1q supported VLAN port Default Configuration All ports are in access mode and belong to the default VLAN whose VID 1 Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines Example The following example configures Ethernet port 1 16 as...

Page 412: ...to which the port is configured dynamic Indicates that the port is assigned to a VLAN based on the source MAC address of the host connected to the port Default Configuration All ports belong to VLAN 1 Command Mode Interface configuration Ethernet port channel mode User Guidelines The command automatically removes the port from the previous VLAN and adds it to the new VLAN Example The following exa...

Page 413: ...delines Range 0x0000 0x0600 group Specifies the group number of an associated group of protocols Range 1 2147483647 encapsulation Specifies one of the following values ethernet rfc1042 snap8021H llcOther snapOther If no option is indicated the default is ethernet Default Configuration This command has no default configuration Command Mode VLAN Configuration mode User Guidelines The following proto...

Page 414: ...yphen designates a range of IDs remove vlan list List of VLAN IDs to be removed Separate nonconsecutive VLAN IDs with a comma and no spaces A hyphen designates a range of IDs Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example adds ...

Page 415: ...native vlan Parameters vlan id Specifies the ID of the native VLAN Default Configuration VID 1 Command Mode Interface Configuration Ethernet port channel mode User Guidelines The command adds the port as a member in the VLAN If the port is already a member in the VLAN not as a native it should be first removed from the VLAN Example The following example configures VLAN number 123 as the native VLA...

Page 416: ...e VLAN IDs with a comma and no spaces A hyphen designates a range of IDs tagged Indicates that the port transmits tagged packets for the VLANs untagged Indicates that the port transmits untagged packets for the VLANs Default Configuration If the port is added to a VLAN without specifying tagged or untagged the default setting is tagged Command Mode Interface Configuration Ethernet port channel mod...

Page 417: ...chport general map protocols group group Parameters group Specifies the group number as defined in the map protocol to protocols group Range 1 65535 vlan id Defines the VLAN ID in the classifying rule Range Valid VLAN Default Configuration This command has no default configuration Command Mode Interface Configuration Ethernet port channel User Guidelines There are no user guidelines for this comma...

Page 418: ... no switchport general pvid Parameters vlan id Specifies the PVID Port VLAN ID Default Configuration If the default VLAN is enabled PVID 1 Otherwise PVID 4095 Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures the PVID for Ethernet port 1 16 when the interface is in general mode Cons...

Page 419: ...mand Syntax switchport general ingress filtering disable no switchport general ingress filtering disable Default Configuration Ingress filtering is enabled Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example disables port ingress filtering on Ethernet port 1 16 Console config interface ethernet ...

Page 420: ...t general acceptable frame type tagged only no switchport general acceptable frame type tagged only Default Configuration All frame types are accepted at ingress Command Mode Interface Configuration Ethernet port channel mode User Guidelines There are no user guidelines for this command Example The following example configures Ethernet port 1 16 to discard untagged frames at ingress Console config...

Page 421: ... and no spaces A hyphen designates a range of IDs remove vlan list Specifies the list of VLAN IDs to be removed Separate nonconsecutive VLAN IDs with a comma and no spaces A hyphen designates a range of IDs Default Configuration All VLANs are allowed Command Mode Interface Configuration Ethernet port channel mode User Guidelines This command can be used to prevent GVRP from automatically making th...

Page 422: ... an IP interface is configured on an Ethernet port or port channel This command enables the user to configure the internal usage VLAN of a port If an internal usage VLAN is not configured and the user wants to configure an IP interface an unused VLAN is selected by the software If the software selected a VLAN for internal use and the user wants to use that VLAN as a static or dynamic VLAN the user...

Page 423: ...onfiguration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays all VLAN information Console show vlan VLAN Name Ports Type Authorization 1 default 1 1 4 2 1 1 other Required 10 VLAN0010 1 1 3 dynamic Required 11 VLAN0011 1 1 2 static Required 20 VLAN0020 1 1 3 static Required 21 VLAN0021 static Required 30 VLAN003...

Page 424: ...nal usage Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays VLANs used internally by the device Console show vlan internal usage VLAN Usage IP address Reserved 1007 Eth 1 11 Active No 1008 Eth 1 12 Inactive Yes 1009 Eth 1 13 Active Yes ...

Page 425: ...guration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the switchport configuration for Ethernet port 1 1 Console show interface switchport ethernet 1 1 Port 1 1 VLAN Membership mode General Operating parameters PVID 1 default Ingress Filtering Enabled Acceptable Frame Type All GVRP status Enabled Protected En...

Page 426: ...Pv6 VLAN untagged 72 VLAN0072 untagged Forbidden VLANS VLAN Name 73 out Console show interface switchport ethernet 1 1 Port 1 1 VLAN Membership mode General Operating parameters PVID 4095 discard vlan Ingress Filtering Enabled Acceptable Frame Type All Port 1 1 is member in Vlan Name Egress rule Type 91 IP Telephony tagged Static Static configuration PVID 8 Ingress Filtering Disabled Acceptable Fr...

Page 427: ... is statically confgiured to Vlan Name Egress rule 8 VLAN0072 untagged 91 IP Telephony tagged Forbidden VLANS VLAN Name 73 out Port 2 19 Static configuration PVID 2922 Ingress Filtering Enabled Acceptable Frame Type Untagged GVRP status Disabled ...

Page 428: ...VLAN Commands Page 427 ...

Page 429: ...m a browser To disable this function use the no form of this command Syntax ip http server no ip http server Default Configuration HTTP server is enabled Command Mode Global Configuration mode User Guidelines Only a user with access level 15 can use the Web server Example The following example enables configuring the device from a browser Console config ip http server ...

Page 430: ... port Parameters port number Port number for use by the HTTP server Range 0 65535 Default Configuration The default port number is 80 Command Mode Global Configuration mode User Guidelines Use the crypto certificate generate Global Configuration mode command to generate an HTTPS certificate Specifying 0 as the port number effectively disables HTTP access to the device Example The following example...

Page 431: ...nfiguration use the no form of this command Syntax ip https server no ip https server Default Configuration Disabled Command Mode Global Configuration mode User Guidelines Use the crypto certificate generate Global Configuration mode command to generate an HTTPS certificate Example The following example enables configuring the device from a secured browser Console config ip https server ...

Page 432: ...orm of this command Syntax ip https port port number no ip https port Parameters port number Port number to be used by the HTTP server Range 0 65535 Default Configuration The default port number is 443 Command Mode Global Configuration mode User Guidelines Specifying 0 as the port number effectively disables HTTP access to the device Example The following example configures the https port number t...

Page 433: ...2 days Specifies number of days certification is valid Range 30 3650 Default Configuration The Certificate and SSL s RSA key pairs do not exist If no certificate number is specified the default certificate number is 1 If no RSA key length is specified the default length is 1024 If no URL or IP address is specified the default common name is the lowest IP address of the device at the time that the ...

Page 434: ...ange 1 64 state Specifies the state or province name Range 1 64 country Specifies the country name Range 1 2 Default Configuration There is no default configuration for this command Command Mode Privileged EXEC mode User Guidelines Use this command to export a certificate request to a Certification Authority The certificate request is generated in Base64 encoded X 509 format Before generating a ce...

Page 435: ...QxCzAJBgNVBAMTAmxkMRAw DgKoZIhvcNAQkBFgFsMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8ecwQ HdML0831i0fh F0MV Kib6Sz5p 3nUUenbfHp igVPmFM 1nbqTDekb2ymCu6K aKvEbVLF9F2LmM7VPjDBb9bb4jnxkvwW wzDLvW2rsy5NPmH1QVl 8Ubx3GyCm oW93BSOFwxwEsP58kf sPYPy 8wwmoNtDwIDAQABoB8wHQYJKoZIhvcNAQkH MRDjEyMwgICCAgICAICAgIMA0GCSqGSIb3DQEBBAUAA4GBAGb8UgIx7rB05m 2 m5ZZPhIwl8ARSPXwhVdJexFjbnmvcacqjP8pIiRV6LkxryGF2bVU3jKEipcZa g ...

Page 436: ...nd fails This command is not saved in the device configuration however the certificate imported by this command is saved in the private configuration which is never displayed to the user or backed up to another device Examples The following example imports a certificate signed by Certification Authority for HTTPS Console config crypto certificate 1 import BEGIN CERTIFICATE dHmUgUm9vdCBDZXJ0aWZpZXI...

Page 437: ... command Syntax ip https certificate number no ip https certificate Parameters number Specifies the certificate number Range 1 2 Default Configuration Certificate number 1 Command Mode Global Configuration mode User Guidelines The crypto certificate generate command should be used to generate HTTPS certificates Example The following example configures the active certificate for HTTPS Console confi...

Page 438: ...mple The following example displays the certificate Console show crypto certificate mycertificate 1 BEGIN CERTIFICATE dHmUgUm9vdCBDZXJ0aWZpZXIwXDANBgkqhki9w0BAQEFAANLADBIAkEAp4HS nnH xQSGA2ffkRBwU2XIxb7n8VPsTm1xyJ1t11a1GaqchfMqqe0kmfhcoHSWr yf1FpD0MWOTgDAwIDAQABo4IBojCCAZ4wEwYJKwYBBAGCNxQCBAYeBABDAEEw CwR0PBAQDAgFGMA8GA1UdEwEB wQFMAMBAf8wHQYDVR0OBBYEFAf4MT9BRD47 ZvKBAEL9Ggp 6MIIBNgYDVR0fBIIBLTCCAS...

Page 439: ...rver configuration Syntax show ip http Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the HTTP server configuration Console show ip http HTTP server enabled Port 80 ...

Page 440: ...s for this command Example The following example displays the HTTP server configuration Console show ip https HTTPS server enabled Port 443 Certificate 1 is active Issued by www verisign com Valid from 8 9 2004 to 8 9 2005 Subject CN router gm com 0 General Motors C US Finger print DC789788 DC88A988 127897BC BB789788 Certificate 2 is inactive Issued by self signed Valid from 8 9 2004 to 8 9 2005 S...

Page 441: ...ult Configuration No authentication method is defined Command Mode Global Configuration mode User Guidelines Additional methods of authentication are used only if the previous method returns an error and not if the request for authentication is denied To ensure that authentication succeeds even if all methods return an error specify none as the final method in the command line The RADIUS server mu...

Page 442: ...ault configuration use the no form of this command Syntax dot1x system auth control no dot1x system auth control Default Configuration 802 1x is disabled globally Command Modes Global Configuration mode User Guidelines There are no user guidelines for this command Examples The following example enables 802 1x globally Console config dot1x system auth control ...

Page 443: ...exchange required The port resends and receives normal traffic without 802 1X based authentication of the client force unauthorized Denies all access through this interface by forcing the port to transition to the unauthorized state and ignoring all attempts by the client to authenticate The device cannot provide authentication services to the client through the interface Default Configuration Por...

Page 444: ...no form of this command Syntax dot1x re authentication no dot1x re authentication Default Configuration Periodic re authentication is disabled Command Mode Interface Configuration Ethernet User Guidelines There are no user guidelines for this command Examples The following example enables periodic re authentication of the client Console config interface ethernet 1 16 Console config if dot1x re aut...

Page 445: ...od seconds no dot1x timeout re authperiod Parameters seconds Number of seconds between re authentication attempts Range 300 4294967295 Default Configuration Re authentication period is 3600 seconds Command Mode Interface Configuration Ethernet mode User Guidelines There are no user guidelines for this command Examples The following example sets the number of seconds between re authentication attem...

Page 446: ...dot1x re authenticate ethernet interface Parameters interface Valid Ethernet port Full syntax unit port Default Configuration This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following command manually initiates a re authentication of 802 1X enabled Ethernet port 1 16 Console dot1x re authenticate...

Page 447: ... the client Range 0 65535 seconds Default Configuration Quiet period is 60 seconds Command Mode Interface Configuration Ethernet mode User Guidelines During the quiet period the device does not accept or initiate authentication requests The default value of this command should only be changed to adjust for unusual circumstances such as unreliable links or specific behavioral problems with certain ...

Page 448: ...at the device waits for a response to an EAP request identity frame from the client before resending the request Range 1 65535 seconds Default Configuration Timeout period is 30 seconds Command Mode Interface Configuration Ethernet mode User Guidelines The default value of this command should be changed only to adjust for unusual circumstances such as unreliable links or specific behavioral proble...

Page 449: ...meters count Number of times that the device sends an EAP request identity frame before restarting the authentication process Range 1 10 Default Configuration The default number of times is 2 Command Mode Interface Configuration Ethernet mode User Guidelines The default value of this command should be changed only to adjust for unusual circumstances such as unreliable links or specific behavioral ...

Page 450: ...evice waits for a response to an EAP request frame from the client before resending the request Range 1 65535 seconds Default Configuration Default timeout period is 30 seconds Command Mode Interface configuration Ethernet mode User Guidelines The default value of this command should be changed only to adjust for unusual circumstances such as unreliable links or specific behavioral problems with c...

Page 451: ...evice waits for a response from the authentication server Range 1 65535 seconds Default Configuration The timeout period is 30 seconds Command Mode Interface configuration Ethernet mode User Guidelines The actual timeout can be determined by comparing the dot1x timeout server timeout value and the result of multiplying the radius server retransmit value with the radius server timeout value and sel...

Page 452: ...vileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays the status of 802 1X enabled Ethernet ports Console show dot1x 802 1x is enabled Port Admin Mode Oper Mode Reauth Control Reauth Period Username 1 1 Auto Authorized Ena 3600 Bob 1 2 Auto Authorized Ena 3600 John 1 3 Auto Unauthorized Ena 3600 Clark 1 4 Force auth Authorized Dis 36...

Page 453: ...le values Force auth Force unauth Auto Oper mode The port oper mode Possible values Authorized Unauthorized or Down Reauth Control Reauthentication control Reauth Period Reauthentication period Username The username representing the identity of the Supplicant This field shows the username in case the port control is auto If the port is Authorized it shows the username of the current user If the po...

Page 454: ...response from the authentication server before resending the request Session Time The amount of time the user is logged in MAC address The supplicant MAC address Authentication Method The authentication method used to establish the session Termination Cause The reason for the session termination State The current value of the Authenticator PAE state machine and of the Backend state machine Authent...

Page 455: ...This command has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Example The following example displays 802 1X users Console show dot1x users Port Username Session Time Auth Method MAC Address 1 1 Bob 1d 03 08 58 Remote 0008 3b79 8787 1 2 John 08 19 17 None 0008 3b89 3127 Console show dot1x users username Bob Username Bob Por...

Page 456: ...ription Port The port number Username The username representing the identity of the Supplicant Session Time The period of time the Supplicant is connected to the system Authentication Method Authentication method used by the Supplicant to open the session MAC Address MAC address of the Supplicant ...

Page 457: ...no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays 802 1X statistics for the specified interface Console show dot1x statistics ethernet 1 1 EapolFramesRx 11 EapolFramesTx 12 EapolStartFramesRx 12 EapolLogoffFramesRx 1 EapolRespIdFramesRx 3 EapolRespFramesRx 6 EapolReqIdFramesTx 3 EapolReqF...

Page 458: ...olRespFramesRx The number of valid EAP Response frames other than Resp Id frames that have been received by this Authenticator EapolReqIdFramesTx The number of EAP Req Id frames that have been transmitted by this Authenticator EapolReqFramesTx The number of EAP Request frames other than Rq Id frames that have been transmitted by this Authenticator InvalidEapolFramesRx The number of EAPOL frames th...

Page 459: ...t req Default Configuration Access is enabled Command Mode Interface Configuration VLAN mode User Guidelines An access port cannot be a member in an unauthenticated VLAN The native VLAN of a trunk port cannot be an unauthenticated VLAN For a general port the PVID can be an unauthenticated VLAN although only tagged packets would be accepted in the unauthorized state Examples The following example e...

Page 460: ...ode Interface Configuration Ethernet mode User Guidelines This command enables the attachment of multiple clients to a single 802 1X enabled port In this mode only one of the attached hosts must be successfully authorized for all hosts to be granted network access If the port becomes unauthorized all attached clients are denied access to the network For unauthenticated VLANs multiple hosts are alw...

Page 461: ...esses that are not the supplicant address discard shutdown Discards frames with source addresses that are not the supplicant address The port is also shut down trap Indicates that SNMP traps are sent seconds Specifies the minimum amount of time in seconds between consecutive traps Range 1 1000000 Default Configuration Frames with source addresses that are not the supplicant address are discarded N...

Page 462: ...ce Configuration mode command to enable unauthorized users on an interface to access the guest VLAN If the guest VLAN is defined and enabled the port automatically joins the guest VLAN when the port is unauthorized and leaves it when the port becomes authorized To be able to join or leave the guest VLAN the port should not be a static member of the guest VLAN Example The following example defines ...

Page 463: ...lan enable no dot1x guest vlan enable Default Configuration Disabled Command Mode Interface Configuration Ethernet mode User Guidelines A device can have only one global guest VLAN The guest VLAN is defined using the dot1x guest vlan Interface Configuration mode command Example The following example enables unauthorized users on Ethernet port 1 1 to access the guest VLAN Console configure Console ...

Page 464: ...nd has no default configuration Command Mode Privileged EXEC mode User Guidelines There are no user guidelines for this command Examples The following example displays 802 1X advanced features for the device Console show dot1x advanced Guest VLAN 2 Unauthenticated VLANs 91 92 Interface Multiple Hosts Guest VLAN 1 1 Disabled Enabled 1 2 Enabled Disabled Console show dot1x advanced ethernet 1 1 Inte...

Page 465: ...D Link CLI Reference Guide Page 464 Trap frequency 100 Status Single host locked Violations since last trap 9 ...

Page 466: ...802 1x Commands Page 465 ...

Reviews:

No comments

Related manuals for DXS-3227 - xStack Switch - Stackable

Kramer XL 1208V2 Specifications preview
XL 1208V2
Brand: Kramer Pages: 2
Belkin F5U307 User Manual preview
F5U307
Brand: Belkin Pages: 12
NTI SE-15V-16-L Installation And Operation Manual preview
SE-15V-16-L
Brand: NTI Pages: 15
TRENDnet TEG-S50TXE SHEETS User Manual preview
TEG-S50TXE SHEETS
Brand: TRENDnet Pages: 20
Key Digital KD-MS4x4G-2 Manual preview
KD-MS4x4G-2
Brand: Key Digital Pages: 20
IOGear GHDMIMS52 Quick Start Manual preview
GHDMIMS52
Brand: IOGear Pages: 1
KanexPro HDMX44A-18G Operation Manual preview
HDMX44A-18G
Brand: KanexPro Pages: 35
C&C TECHNIC VAX-8204F User Manual preview
VAX-8204F
Brand: C&C TECHNIC Pages: 2
KinAn DV2302 User Manual preview
DV2302
Brand: KinAn Pages: 5
Cypress CLUX-C61C Operation Manual preview
CLUX-C61C
Brand: Cypress Pages: 16
TRENDnet TEG-S41SX Specifications preview
TEG-S41SX
Brand: TRENDnet Pages: 2
Black Box IDM-AP-100 User Manual preview
IDM-AP-100
Brand: Black Box Pages: 76
Guntermann & Drunck UserCenter 2 Operating Instructions Manual preview
UserCenter 2
Brand: Guntermann & Drunck Pages: 20
Orbis DICROMAT+ User Instructions preview
DICROMAT+
Brand: Orbis Pages: 2
Santon D1-G/H-T Installation Manual preview
D1-G/H-T
Brand: Santon Pages: 16
ATEN VM7104 Quick Start Manual preview
VM7104
Brand: ATEN Pages: 2
UNICOM FEP-32008T-3 User Manual preview
FEP-32008T-3
Brand: UNICOM Pages: 8
Avatar Technologies VS-441S Operation Manual preview
VS-441S
Brand: Avatar Technologies Pages: 9

Brands by name

Popular brands

Load more brands