background image

xStack

® 

DES-3200 Series Layer 2 Managed Fast Ethernet Switch CLI Reference Guide 

642 

 

priority of the port. 

 

If the user has configured the 802.1p priority attribute of the RADIUS server (for example, priority 7) 
and the 802.1X, or MAC-based authentication is successful, the device will assign the 802.1p 
default priority (according to the RADIUS server) to the port. However, if the user does not 
configure the priority attribute and authenticates successfully, the device will not assign a priority to 
this port. If the priority attribute is configured on the RADIUS server is a value out of range (>7), it 
will not be set to the device. 

 

To assign 

VLAN by RADIUS Server

, the proper parameters should be configured on the RADIUS 

Server. To use VLAN assignment, RFC3580 defines the following tunnel attributes in RADIUS 
packets. 

 

The table below shows the parameters for a VLAN: 

RADIUS Tunnel Attribute 

Description 

Value 

Usage 

Tunnel-Type 

This attribute indicates the tunneling 
protocol(s) to be used (in the case of a 
tunnel initiator) or the tunneling protocol in 
use (in the case of a tunnel terminatior). 

13 (VLAN) 

Required 

Tunnel-Medium-Type 

This attribute indicates the transport 
medium being used. 

6 (802) 

Required 

Tunnel-Private-Group-ID 

This attribute indicates group ID for a 
particular tunneled session. 

A string (VID)  Required 

 

If the user has configured the VLAN attribute of the RADIUS server (for example, VID 3) and the 
802.1X, or MAC-based Access Control authentication is successful, the port will be added to VLAN 
3. However, if the user does not configure the VLAN attribute and authenticates successfully, the 
port will be kept in its original VLAN. If the VLAN attribute configured on the RADIUS server does 
not exist, the port will not be assigned to the requested VLAN. 

 

To assign 

ACL by RADIUS Server

, the proper parameters should be configured on the RADIUS 

Server. The table below shows the parameters for an ACL. The RADIUS ACL assignment is only 
used in MAC-based Access Control. 

 

The parameters of the Vendor-Specific Attribute are: 

RADIUS Tunnel Attribute 

Description 

Value 

Usage 

Vendor-ID 

Defines the vendor. 

171 (DLINK) 

Required 

Vendor-Type 

Defines the attribute. 

12 (for ACL profile) 

13 (for ACL rule) 

Required 

Attribute-Specific Field 

Used to assign the ACL 
profile or rule. 

ACL Command 

For example: 

ACL profile: 

create 

access_profile profile_id 1 
profile_name profile1 
ethernet vlan 0xFFF

ACL rule: 

config 

Required 

Summary of Contents for xStack DES-3200 Series

Page 1: ......

Page 2: ...tion Command List 142 Chapter 16 Connectivity Fault Management CFM Command List 147 Chapter 17 CPU Interface Filtering Command List 174 Chapter 18 Debug Software Command List 183 Chapter 19 DHCP Local Relay Command List 190 Chapter 20 DHCP Relay Command List 196 Chapter 21 DHCP Server Screening Command List 213 Chapter 22 Digital Diagnostic Monitoring DDM Commands 216 Chapter 23 D Link Unidirectio...

Page 3: ... 50 Peripherals Command List 456 Chapter 51 Ping Command List 459 Chapter 52 Port Security Command List 461 Chapter 53 Power over Ethernet PoE Command List DES 3200 28P and DES 3200 52P Only 469 Chapter 54 PPPoE Circuit ID Insertions Command List 474 Chapter 55 Protocol VLAN Command List 478 Chapter 56 QinQ Command List 484 Chapter 57 Quality of Service QoS Command List 492 Chapter 58 Safeguard En...

Page 4: ...apter 73 Traffic Segmentation Command List 610 Chapter 74 Trusted Host Command List 612 Chapter 75 Unicast Routing Command List 616 Chapter 76 VLAN Trunking Command List 619 Chapter 77 Password Recovery Command List 624 Appendix A Password Recovery Procedure 626 Appendix B System Log Entries 628 Appendix C Trap Log Entries 638 Appendix D RADIUS Attributes Assignment 641 ...

Page 5: ...uter running a terminal emulation program capable of emulating a VT 100 terminal and a serial port configured as above are then connected to the Switch s Console port via an included RS 232 to RJ 45 convertor cable With the serial port properly connected to a management computer the following screen should be visible If this screen does not appear try pressing Ctrl r to refresh the console screen ...

Page 6: ...ipaddress xxx xxx xxx xxx yyy yyy yyy yyy Where the x s represent the IP address to be assigned to the IP interface named System and the y s represent the corresponding subnet mask Alternatively you can enter config ipif System ipaddress xxx xxx xxx xxx z Where the x s represent the IP address to be assigned to the IP interface named System and the z represents the corresponding number of subnets ...

Page 7: ...ority CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All When entering a command without its required parameters the CLI will prompt you with a Next possible completions message DES 3200 28P admin config account Command config account Next possible completions username DES 3200 28P admin In this case the command config account was entered with the parameter username The CLI will then promp...

Page 8: ...icate a numerical value or character string braces indicate optional parameters or a choice of parameters and brackets indicate required parameters If a command is entered that is unrecognized by the CLI the top level commands will be displayed under the Available commands prompt DES 3200 28P admin the Available commands cable_diag cd cfm clear config copy create debug del delete dir disable downl...

Page 9: ...e_timing log_software_module loopdetect mac_based_access_control mac_based_access_control_local mac_based_vlan mac_notification max_mcast_group mcast_filter_profile mirror mld_snooping multicast multicast_fdb nlb packet password_recovery per_queue poe port port_security port_security_entry port_vlan ports power_saving pppoe pvid qinq radius rmon router_ports safeguard_engine scheduling scheduling_...

Page 10: ...able disable local enable disable users must specify either the community or trap receiver in the command DO NOT TYPE THE VERTICAL BAR braces Encloses an optional value or a list of optional arguments One or more values or arguments can be specified For example in the syntax reset config system force_agree users may choose configure or system in the command DO NOT TYPE THE BRACES parentheses Indic...

Page 11: ...displayed pages ESC Escape from displayed pages Q Escape from displayed pages R refresh the displayed pages a Display the remaining pages The screen display will not pause again Enter Display the next line The screen display pauses when the show command output reaches the end of the page In the above example all of the possible next parameters for the show command are displayed At the next command...

Page 12: ...efault config terminal width default value 80 200 show terminal width config ports portlist all medium_type fiber copper speed auto 10_half 10_full 100_half 100_full 1000_full master slave flow_control enable disable learning enable disable state enable disable mdix auto normal cross description desc 1 32 clear_description show ports portlist description err_disabled details media_type 2 1 show se...

Page 13: ...mmand is used to display the current serial port settings Format show serial_port Parameters None Restrictions None Example To display the serial port setting DES 3200 28P admin show serial_port Command show serial_port Baud Rate 115200 Data Bits 8 Parity Bits None Stop Bits 1 Auto Logout 10 mins DES 3200 28P admin 2 3 config serial_port Description This command is used to configure the serial bit...

Page 14: ...out 2_minutes When idle over 2 minutes the device will auto logout 5_minutes When idle over 5 minutes the device will auto logout 10_minutes When idle over 10 minutes the device will auto logout 15_minutes When idle over 15 minutes the device will auto logout Restrictions Only Administrator and Operator level users can issue this command Example To configure baud rate DES 3200 28P admin config ser...

Page 15: ...disable the pausing of the screen display when the show command output reaches the end of the page The default setting is enabled Format disable clipaging Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To disable pausing of the screen display when show command output reaches the end of the page DES 3200 28P admin disable clipaging Command di...

Page 16: ...e Restrictions None Example To login the Switch with a user name dlink DES 3200 28P admin login Command login UserName dlink PassWord DES 3200 28P admin 2 7 logout Description This command is used to logout the facility Format logout Parameters None Restrictions None Example To logout current user ...

Page 17: ...hts reserved UserName 2 8 Description This command is used to display the usage description for all commands or the specific one Format Parameters None Restrictions None Example To get ping command usage descriptions DES 3200 28P admin ping Command ping Command ping Usage ipaddr times value 1 255 timeout sec 1 99 Description Used to test the connectivity between network devices DES 3200 28P admin ...

Page 18: ...Parameters None Restrictions None Example To clear screen DES 3200 28P admin clear Command clear DES 3200 28P admin 2 10 show command_history Description The command is used to display command history Format show command_history Parameters None Restrictions None Example To display command history ...

Page 19: ...hat the Switch can recall The Switch remembers upto the last 40 commands you entered Format config command_history value 1 40 Parameters value 1 40 Enter the number of commands that the Switch can recall This value must be between 1 and 40 Restrictions Only Administrator and Operator level users can issue this command Example To configure the number of command history DES 3200 28P admin config com...

Page 20: ...xample To edit the banner DES 3200 28P admin config greeting_message Command config greeting_message Greeting Messages Editor DES 3200 28P Fast Ethernet Switch Command Line Interface Firmware Build 4 03 004 Copyright C 2012 D Link Corporation All rights reserved Function Key Control Key Ctrl C Quit without save left right Ctrl W Save and quit up down Move cursor Ctrl D Delete line Ctrl X Erase all...

Page 21: ...g DES 3200 28P admin This command is used to modify the first part 1 product name with a string consisting of a maximum of 16 characters or to be replaced with the users login user name When users issue the reset command the current command prompt will remain in tact Yet issuing the reset system will return the command prompt to its original factory default value Format config command_prompt strin...

Page 22: ...e the configuration another user login the terminal width is default value 3 If at the same time two CLI sessions are running once section configure to 120 width and save it the other section will not be effected unless it log out and then log in Format config terminal width default value 80 200 Parameters default The default setting of terminal width The default value is 80 value 80 200 The termi...

Page 23: ...ate enable disable mdix auto normal cross description desc 1 32 clear_description Parameters portlist Enter a list of ports used here all Specify that all the ports will be used for this configuration medium_type Optional Specify the medium type while the configure ports are combo ports fiber Specify that the medium type will be set to fiber copper Specify that the medium type will be set to coppe...

Page 24: ...ode can be specified as auto normal and cross If set to normal state the port is in MDIX mode and can be connected to PC NIC using a straight cale If set to cross state the port is in mdi mode and can be connected to a port in mdix mode on another switch thru a straight cabe auto Specify that the MDIX mode for the port will be set to auto normal Specify that the MDIX mode for the port will be set ...

Page 25: ...nsceiver type Restrictions None Example To display the port details DES 3200 28P admin show ports details Command show ports details Port 1 Port Status Link Up Description HardWare Type Fast Ethernet MAC Address 00 01 02 03 04 01 Bandwidth 100000Kbit Auto Negotiation Enabled Duplex Mode Full Duplex Flow Control Disabled MDI Normal Address Learning Enabled Last Clear of Counter 2 hours 43 mins ago ...

Page 26: ...ort_vlan portlist enable pvid auto_assign disable pvid auto_assign show pvid auto_assign config gvrp timer join value 100 100000 leave value 100 100000 leaveall value 100 100000 nni_bpdu_addr dot1d dot1ad show gvrp enable gvrp disable gvrp 3 1 create vlan Description This command is used to create a VLAN on the Switch The VLAN ID must be always specified for creating a VLAN Format create vlan vlan...

Page 27: ... If this VLAN name is conflict with the name of an existing VLAN then it will be renamed based on the following rule VLAN ID ALT collision count For example if this conflict is the second collision then the name will be VLAN100ALT2 Format create vlan vlanid vidlist advertisement Parameters vlanid The VLAN ID list to be created vidlist Enter the VLAN ID list here advertisement Optional Specify the ...

Page 28: ...vlan v1 DES 3200 28P admin delete vlan v1 Command delete vlan v1 Success DES 3200 28P admin 3 4 delete vlan vlanid Description This command is used to delete one or a number of previously configured VLAN by VID list Format delete vlan vlanid vidlist Parameters vlanid The VLAN ID list to be deleted vidlist Enter the VLAN ID list here Restrictions Only Administrator Operator and Power User level use...

Page 29: ...lete ports from the VLAN portlist Optional Enter the list of ports used for the configuration here advertisement Optional Specify the GVRP state of this VLAN enable Specify to enable advertisement for this VLAN disable Specify to disable advertisement for this VLAN Restrictions Only Administrator Operator and Power User level users can issue this command Example To add 4 through 8 as tagged ports ...

Page 30: ...8 Command config vlan vlanid 10 20 add tagged 4 8 Success DES 3200 28P admin 3 7 config port_vlan Description This command is used to set the ingress checking status the sending and receiving GVRP information Format config port_vlan portlist all gvrp_state enable disable ingress_checking enable disable acceptable_frame tagged_only admit_all pvid vlanid 1 4094 1 Parameters portlist A range of ports...

Page 31: ...ommand Example To sets the ingress checking status the sending and receiving GVRP information DES 3200 28P admin config port_vlan 1 5 gvrp_state enable ingress_checking enabl e acceptable_frame tagged_only pvid 2 Command config port_vlan 1 5 gvrp_state enable ingress_checking enable acceptab le_frame tagged_only pvid 2 Success DES 3200 28P admin 3 8 show vlan Description This command is used to di...

Page 32: ... Untagged Ports 1 28 Forbidden Ports VID 2 VLAN Name v2 VLAN Type Static Advertisement Enabled Member Ports 4 8 Static Ports 4 8 Current Tagged Ports 4 8 Current Untagged Ports Static Tagged Ports 4 8 CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 3 9 show vlan ports Description This command is used to display the vlan information per ports Format show vlan ports portlist Parameters po...

Page 33: ...nformation using the VLAN ID Format show vlan vlanid vidlist Parameters vidlist Enter the VLAN ID to be displayed Restrictions None Example To display the VLAN configuration for VLAN ID 1 DES 3200 28P admin show vlan vlanid 1 Command show vlan vlanid 1 VID 1 VLAN Name default VLAN Type Static Advertisement Enabled Member Ports 1 28 Static Ports 1 28 Current Tagged Ports Current Untagged Ports 1 28...

Page 34: ... Only VLAN tagged Frames 2 2 Enabled Enabled Only VLAN tagged Frames 3 2 Enabled Enabled Only VLAN tagged Frames 4 2 Enabled Enabled Only VLAN tagged Frames 5 2 Enabled Enabled Only VLAN tagged Frames 6 1 Disabled Enabled All Frames 7 1 Disabled Enabled All Frames 8 1 Disabled Enabled All Frames 9 1 Disabled Enabled All Frames 10 1 Disabled Enabled All Frames 11 1 Disabled Enabled All Frames 12 1 ...

Page 35: ...is updated with last item of VLAN list When user removes a port from the untagged membership of the PVID s VLAN the port s PVID will be assigned with default VLAN The default setting is enabled Format enable pvid auto_assign Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the auto assign PVID DES 3200 28P admin enable pvi...

Page 36: ...vid auto_assign Description This command is used to display the PVID auto assignment state Format show pvid auto_assign Parameters None Restrictions None Example To display PVID auto assignment state DES 3200 28P admin show pvid auto_assign Command show pvid auto_assign PVID Auto assignment Enabled DES 3200 28P admin 3 15 config gvrp Description The config gvrp timer command set the GVRP timer s v...

Page 37: ...e used here This value must be between 100 and 100000 nni_bpdu_addr Used to determine the BPDU protocol address for GVRP in service provide site It can use 802 1d GVRP address 802 1ad service provider GVRP address or a user defined multicast address The range of the user defined address is 0180C2000000 0180C2FFFFFF dot1d Specify that the NNI BPDU protocol address value will be set to Dot1d dot1ad ...

Page 38: ...U Address dot1d DES 3200 28P admin 3 17 enable gvrp Description This commands is used to enable the Generic VLAN Registration Protocol GVRP Format enable gvrp Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the generic VLAN Registration Protocol GVRP DES 3200 28P admin enable gvrp Command enable gvrp Success DES 3200 28P ...

Page 39: ...uide 35 Format disable gvrp Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the Generic VLAN Registration Protocol GVRP DES 3200 28P admin disable gvrp Command disable gvrp Success DES 3200 28P admin ...

Page 40: ...d mac_based config 802 1x init port_based ports portlist all mac_based ports portlist all mac_address macaddr config 802 1x reauth port_based ports portlist all mac_based ports portlist all mac_address macaddr create 802 1x guest_vlan vlan_name 32 delete 802 1x guest_vlan vlan_name 32 config 802 1x guest_vlan ports portlist all state enable disable show 802 1x guest_vlan config radius add server_i...

Page 41: ...function DES 3200 28P admin enable 802 1x Command enable 802 1x Success DES 3200 28P admin 4 2 disable 802 1x Description This command is used to disable the 802 1X function Format disable 802 1x Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the 802 1X function DES 3200 28P admin disable 802 1x Command disable 802 1x S...

Page 42: ...sue this command Example To create a 802 1x user test DES 3200 28P admin create 802 1x user test Command create 802 1x user test Enter a case sensitive new password Enter the new password again for confirmation Success DES 3200 28P admin 4 4 delete 802 1x user Description This command is used to delete an 802 1X user Format delete 802 1x user username 15 Parameters username 15 Enter the username t...

Page 43: ...s used to display the 802 1X user Format show 802 1x user Parameters None Restrictions None Example To display the 802 1X user information DES 3200 28P admin show 802 1x user Command show 802 1x user Current Accounts Username Password test test Total Entries 1 DES 3200 28P admin 4 6 config 802 1x auth_protocol Description This command is used to configure the 802 1X auth protocol Format config 802...

Page 44: ...pdu system Description This command is used to globally control the forwarding of EAPOL PDU When 802 1X functionality is disabled globally or for a port and if 802 1X fwd_pdu is enabled both globally and for the port a received EAPOL packet on the port will be flooded in the same VLAN to those ports for which 802 1X fwd_pdu is enabled and 802 1X is disabled globally or just for the port The defaul...

Page 45: ...wd_pdu ports portlist all enable disable Parameters portlist Enter the list of ports used for the configuration all Specify that all the ports will be used enable Enable forwarding EAPOL PDU receive on the ports disable Disable forwarding EAPOL PDU receive on the ports Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure 802 1X fwd_pdu for...

Page 46: ... server DES 3200 28P admin config 802 1x authorization attributes radius disable Command config 802 1x authorization attributes radius disable Success DES 3200 28P admin 4 10 show 802 1x Description This command is used to display the 802 1X state or configurations Format show 802 1x auth_state auth_configuration ports portlist Parameters auth_state Optional Used to display 802 1X authentication s...

Page 47: ...t SPACE n Next Page p Previous Page r Refresh 4 11 config 802 1x capability Description This command is used to configure the port capability Format config 802 1x capability ports portlist all authenticator none Parameters ports Specify a range of ports to be configured portlist Enter the list of ports used for the configuration here all Specify all ports to be configured authenticator The port th...

Page 48: ...ed It is specified by config 802 1x auth_parameter command Format config 802 1x max_users value 1 448 no_limit Parameters value 1 448 Enter the maximum number of users This value must be between 1 and 448 no_limit Specify that the maximum user limit will be set to 448 Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure 802 1X number of us...

Page 49: ...period The default value is 30 seconds and can be any integer value among 1 to 65535 sec 1 65535 Enter the tx period value here This value must be between 1 and 65535 seconds supp_timeout Optional The initialization value of the aWhile timer when timing out the supplicant Its default value is 30 seconds and can be any integer value among 1 to 65535 sec 1 65535 Enter the supplicant timeout value he...

Page 50: ...ig 802 1x auth_mode Description This command is used to configure 802 1X authentication mode Format config 802 1x auth_mode port_based mac_based Parameters port_based Configure the authentication as port based mode mac_based Configure the authentication as MAC based mode Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the authenticati...

Page 51: ... the authentication state machine of some or all DES 3200 28P admin config 802 1x init port_based ports all Command config 802 1x init port_based ports all Success DES 3200 28P admin 4 16 config 802 1x reauth Description This command is used to re authenticate the device connected to the port During the re authentication period the port status remains authorized until failed re authentication Form...

Page 52: ...ust be existed The specific VLAN which assigned to guest VLAN can t be deleting Format create 802 1x guest_vlan vlan_name 32 Parameters vlan_name 32 Optional Specify the VLAN to be guest VLAN The VLAN name can be up to 32 characters long Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a VLAN named guestVLAN as 802 1X guest VLAN DES 3200 ...

Page 53: ...command is used to configure guest VLAN setting If the specific port state is changed from enabled state to disable state this port will move to its original VLAN Format config 802 1x guest_vlan ports portlist all state enable disable Parameters ports A range of ports enable or disable guest VLAN function portlist Enter the list of ports used for the configuration here all Specify that all the por...

Page 54: ...t_vlan Description This command is used to show the information of guest VLANs Format show 802 1x guest_vlan Parameters None Restrictions None Example To show 802 1X guest VLAN on the Switch DES 3200 28P admin show 802 1x guest_vlan Command show 802 1x guest_vlan Guest VLAN Setting Guest VLAN guestVLAN Enabled Guest VLAN Ports 2 8 DES 3200 28P admin 4 21 config radius add Description This command ...

Page 55: ...DIUS server The range is 1 to 65535 udp_port_number 1 65535 Enter the authentication port number here This value must be between 1 and 65535 acct_port Optional Specify the UDP port number which is used to transmit RADIUS accounting statistics between the Switch and the RADIUS server The range is 1 to 65535 udp_port_number 1 65535 Enter the accounting port number here This value must be between 1 a...

Page 56: ... RADIUS server It is used to encrypt user s authentication data before being transmitted over internet The maximum length of the key is 32 password 32 Enter the key here The key can be up to 32 characters long auth_port Optional Specify the UDP port number which is used to transmit RADIUS authentication data between the Switch and the RADIUS server The range is 1 to 65535 The default value is 1812...

Page 57: ...ult re transmit value will be used Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure a radius server DES 3200 28P admin config radius 1 auth_port 60 Command config radius 1 auth_port 60 Success DES 3200 28P admin 4 24 show radius Description This command is used to display RADIUS server configurations Format show radius Parameters None ...

Page 58: ... 1813 5 2 dlink Total Entries 1 DES 3200 28P admin 4 25 show auth_statistics Description This command is used to display information of authenticator statistics Format show auth_statistics ports portlist Parameters ports Optional Specify a range of ports to be displayed portlist Enter the list of ports that will be displayed here Restrictions None Example To display authenticator statistics inform...

Page 59: ...nvalidEapolFramesRx 0 EapLengthErrorFramesRx 0 LastEapolFrameVersion 0 LastEapolFrameSource 00 00 00 00 00 00 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 4 26 show auth_diagnostics Description This command is used to display information of authenticator diagnostics Format show auth_diagnostics ports portlist Parameters ports Optional Specify a range of ports to be displayed portl...

Page 60: ...hileAuthenticated 0 EapLogoffWhileAuthenticated 0 BackendResponses 0 BackendAccessChallenges 0 BackendOtherRequestsToSupplicant 0 BackendNonNakResponsesFromSupplicant 0 BackendAuthSuccesses 0 BackendAuthFails 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 4 27 show auth_session_statistics Description This command is used to display information of authenticator session statistics F...

Page 61: ...FramesRx 0 SessionFramesTx 0 SessionId SessionAuthenticMethod Remote Authentication Server SessionTime 0 SessionTerminateCause SupplicantLogoff SessionUserName CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 4 28 show auth_client Description This command is used to display information of RADIUS authentication client Format show auth_client Parameters None Restrictions None Example To...

Page 62: ...sRequests 0 radiusAuthClientAccessRetransmissions 0 radiusAuthClientAccessAccepts 0 radiusAuthClientAccessRejects 0 radiusAuthClientAccessChallenges 0 radiusAuthClientMalformedAccessResponses 0 radiusAuthClientBadAuthenticators 0 radiusAuthClientPendingRequests 0 radiusAuthClientTimeouts 0 radiusAuthClientUnknownTypes 0 radiusAuthClientPacketsDropped 0 DES 3200 28P admin 4 29 show acct_client Desc...

Page 63: ...ig accounting service Description This command is used to configure the state of the specified RADIUS accounting service Format config accounting service network shell system state enable disable Parameters network Accounting service for 802 1X port access control By default the service is disabled shell Accounting service for shell events When user logs on or out the Switch via the console Telnet...

Page 64: ...shell state enable Success DES 3200 28P admin 4 31 show accounting service Description This command is used to show the status of RADIUS accounting services Format show accounting service Parameters None Restrictions None Example To show information of RADIUS accounting services DES 3200 28P admin show accounting service Command show accounting service Accounting Service Network Enabled Shell Enab...

Page 65: ...te authen server_group string 15 config authen server_group tacacs xtacacs tacacs radius string 15 add delete server_host ipaddr protocol tacacs xtacacs tacacs radius delete authen server_group string 15 show authen server_group string 15 create authen server_host ipaddr protocol tacacs xtacacs tacacs radius port int 1 65535 key key_string 254 none timeout int 1 255 retransmit int 1 20 config auth...

Page 66: ...le and can be applied to the system later When password encryption is disabled if the user specifies the password in plain text form the password will be in plan text form However if the user specifies the password in encrypted form or if the password has been converted to encrypted form by the last enable password encryption command the password will still be in the encrypted form It can not be r...

Page 67: ...at enable authen_policy Parameters None Restrictions Only Administrator level users can issue this command Example To enable system access authentication policy DES 3200 28P admin enable authen_policy Command enable authen_policy Success DES 3200 28P admin 5 4 disable authen_policy Description This command is used to disable system access authentication policy Disable system access authentication ...

Page 68: ...s used to display that system access authentication policy is enabled or disabled Format show authen_policy Parameters None Restrictions Only Administrator level users can issue this command Example To display system access authentication policy DES 3200 28P admin show authen_policy Command show authen_policy Authentication Policy Enabled DES 3200 28P admin 5 6 create authen_login Description This...

Page 69: ...p and so on If all server hosts in tacacs group are missing the authentication request will be sent to the first server host in tacacs group If all server hosts in tacacs group are missing the local account database in the device is used to authenticate this user When user logins the device successfully while using methods like tacacs xtacacs tacacs radius built in or user defined server groups or...

Page 70: ...for user login DES 3200 28P admin config authen_login method_list_name login_list_1 method tacacs tacacs local Command config authen_login method_list_name login_list_1 method tacacs tacacs local Success DES 3200 28P admin 5 8 delete authen_login Description This command is used to delete a user defined method list of authentication methods for user login Format delete authen_login method_list_nam...

Page 71: ... login Restrictions Only Administrator level users can issue this command Example To display a user defined method list for user login DES 3200 28P admin show authen_login method_list_name login_list_1 Command show authen_login method_list_name login_list_1 Method List Name Priority Method Name Comment login_list_1 1 tacacs Built in Group 2 tacacs Built in Group 3 mix_1 User defined Group 4 local ...

Page 72: ... group are missing the authentication request will be sent to the first server host in tacacs group If all server hosts in tacacs group are missing the local enable password in the device is used to authenticate this user s password Format config authen_enable default method_list_name string 15 method tacacs xtacacs tacacs radius server_group string 15 local _enable none Parameters default The def...

Page 73: ...promoting user s privilege to Admin level Format delete authen_enable method_list_name string 15 Parameters string 15 The user defined method list name This value can be up to 15 characters long Restrictions Only Administrator level users can issue this command Example To delete a user defined method list for promoting user s privilege to Admin level DES 3200 28P admin delete authen_enable method_...

Page 74: ...me enable_list_1 Method List Name Priority Method Name Comment enable_list_1 1 tacacs Built in Group 2 tacacs Built in Group 3 mix_1 User defined Group 4 local Keyword DES 3200 28P admin 5 14 config authen application Description This command is used to configure login or enable method list for all or the specified application Format config authen application console telnet ssh http all login enab...

Page 75: ... Success DES 3200 28P admin 5 15 show authen application Description This command is used to display the login enable method list for all applications Format show authen application Parameters None Restrictions Only Administrator level users can issue this command Example To display the login enable method list for all applications DES 3200 28P admin show authen application Command show authen app...

Page 76: ...erver_group mix_1 Command create authen server_group mix_1 Success DES 3200 28P admin 5 17 config authen server_group Description This command is used to add or remove an authentication server host to or from the specified server group Built in server group tacacs xtacacs tacacs radius accepts the server host with the same protocol only but user defined server group can accept server hosts with di...

Page 77: ...ion protocol will be used Restrictions Only Administrator level users can issue this command Example To add an authentication server host to an server group DES 3200 28P admin config authen server_group mix_1 add server_host 10 1 1 222 protocol tacacs Command config authen server_group mix_1 add server_host 10 1 1 222 protocol ta cacs Success DES 3200 28P admin 5 18 delete authen server_group Desc...

Page 78: ...15 characters long Restrictions Only Administrator level users can issue this command Example To display all authentication server groups DES 3200 28P admin show authen server_group Command show authen server_group Group Name IP Address Protocol mix_1 10 1 1 222 TACACS 10 1 1 223 TACACS radius 10 1 1 224 RADIUS tacacs 10 1 1 225 TACACS tacacs 10 1 1 226 TACACS xtacacs 10 1 1 227 XTACACS Total Entr...

Page 79: ...ACS and RADIUS authentication If the value is null no encryption will apply This value is meaningless for TACACS and XTACACS key_string 254 Enter the TACACS or the RADIUS key here This key can be up to 254 characters long none No encryption for TACACS and RADIUS authentication This value is meaningless for TACACS and XTACACS timeout Optional The time in second for waiting server reply Default valu...

Page 80: ...nd RADIUS authentication If the value is null no encryption will apply This value is meaningless for TACACS and XTACACS key_string 254 Enter the TACACS key here This value can be up to 254 characters long none No encryption for TACACS and RADIUS authentication This value is meaningless for TACACS and XTACACS timeout Optional The time in second for waiting server reply Default value is 5 seconds in...

Page 81: ...n protocol radius Server host s authentication protocol Restrictions Only Administrator level users can issue this command Example To delete an authentication server host DES 3200 28P admin delete authen server_host 10 1 1 222 protocol tacacs Command delete authen server_host 10 1 1 222 protocol tacacs Success DES 3200 28P admin 5 23 show authen server_host Description This command is used to disp...

Page 82: ...255 Parameters int 0 255 The amount of time for user input on console or telnet or SSH 0 means there is no time out This value must be between 0 and 255 Default value is 30 seconds Restrictions Only Administrator level users can issue this command Example To configure the amount of time waiting or user input to be 60 seconds DES 3200 28P admin config authen parameter response_timeout 60 Command co...

Page 83: ...ser s trying to login or promote the privilege to be 9 DES 3200 28P admin config authen parameter attempt 9 Command config authen parameter attempt 9 Success DES 3200 28P admin 5 26 show authen parameter Description This command is used to display the parameters of authentication Format show authen parameter Parameters None Restrictions Only Administrator level users can issue this command Example...

Page 84: ...an not be used when authentication policy is disabled Format enable admin Parameters None Restrictions None Example To enable administrator lever privilege DES 3200 28P puser enable admin Command enable admin PassWord Success DES 3200 28P admin 5 28 config admin local_enable Description This command is used to config the local enable password of administrator level privilege When the user chooses ...

Page 85: ...rm and SHA 1 encrypted form are different plain text Passwords can be from a minimum of 0 to a maximum of 15 characters SHA 1 The length of Encrypted passwords is fixed to 35 bytes longand the password is case sensitive Restrictions Only Administrator level users can issue this command Example To configure the administrator password DES 3200 28P admin config admin local_enable Command config admin...

Page 86: ...5535 mask hex 0x0 0xffff dst_port value 0 65535 mask hex 0x0 0xffff protocol_id value 0 255 user_define hex 0x0 0xffffffff mask hex 0x0 0xffffffff packet_content offset_chunk_1 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_2 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_3 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_4 hex 0x0 0xffffffff mask hex 0x0 0xffffffff ipv6 c...

Page 87: ...Address Class Flow Label IPv6 Protocol Next Header 5 Class Flow Label IPv6 Protocol Next Header TCP UDP source port TCP UDP destination port ICMP type code Outer VLAN Tag 6 Packet Content Outer VLAN Tag 7 MAC SA Ethernet Type Source IPv4 ARP sender IP Outer VLAN Tag 8 LLC Header SNAP Header Outer VLAN Tag 9 Source IPv6 Address Class IPv6 Protocol Next Header Outer VLAN Tag 10 Destination IPv6 Addr...

Page 88: ...pe Specify the type of ICMP traffic code Specify the code of ICMP traffic igmp Optional Specify that the rule applies to IGMP traffic type Specify the type of IGMP traffic tcp Optional Specify that the rule applies to TCP traffic src_port_mask Optional Specify the TCP source port mask hex 0x0 0xffff Enter the TCP source port mask here dst_port_mask Optional Specify the TCP destination port mask he...

Page 89: ...e IPv6 flow label source_ipv6_mask Optional Specify an IPv6 source sub mask ipv6mask Enter the source IPv6 mask value here destination_ipv6_mask Optional Specify an IPv6 destination sub mask ipv6mask Enter the destination IPv6 mask value here tcp Optional Specify that the rule applies to TCP traffic src_port_mask Optional Specify an IPv6 TCP source port mask hex 0x0 0xffff Enter the TCP source por...

Page 90: ...1 3 0xFFFF offset_chunk_2 5 0xFF00 offset_chunk_3 14 0xFFFF0000 offset_chunk_4 16 0xFF000000 Command create access_profile profile_id 4 profile_name 4 packet_content_mask offset_chunk_1 3 0xFFFF offset_chunk_2 5 0xFF00 offset_chunk_3 14 0xFFFF0000 offset_chunk_4 16 0xFF000000 Success DES 3200 28P admin 6 2 delete access_profile Description This command is used to delete access list profiles This c...

Page 91: ...0 255 user_define hex 0x0 0xffffffff mask hex 0x0 0xffffffff packet_content offset_chunk_1 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_2 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_3 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_4 hex 0x0 0xffffffff mask hex 0x0 0xffffffff ipv6 class value 0 255 flowlabel hex 0x0 0xfffff source_ipv6 ipv6addr mask ipv6mask destinat...

Page 92: ...etween 1 and 4094 mask Optional Specify an additional mask parameter that can be configured hex 0x0 0x0fff Enter the mask value here source_ip Optional Specify an IP source address ipaddr Enter the source IP address used for this configuration here mask Optional Specify an additional mask parameter that can be configured netmask Enter the source netmask used here destination_ip Optional Specify an...

Page 93: ...0xffffffff Enter the mask value here packet_content A maximum of 4 offsets can be specified Each offset defines 4 bytes of data which is identified as a single UDF field offset_chunk_1 Optional Specify the value of the packet bytes to be matched Offset chunk 1 will be used hex 0x0 0xffffffff Enter the offset chunk 1 mask here offset_chunk_2 Optional Specify the value of the packet bytes to be matc...

Page 94: ...ecify the VLAN name used for this configuration vlan_name Enter the VLAN name used for this configuration here vlan_id Specify the VLAN ID used for this configuration vlanid 1 4094 Enter the VLAN ID used here This value must be between 1 and 4094 permit Specify that packets matching the access rule are permitted by the Switch priority Optional Specify that the priority of the packet will change if...

Page 95: ...offset_chunk_3 0xF0 port all deny Command config access_profile profile_id 3 add access_id auto_assign packet_content offset_chunk_3 0xF0 port all deny Success DES 3200 28P admin 6 4 show access_profile Description This command is used to display the current access list table Format show access_profile profile_id value 1 4 profile_name name 32 Parameters profile_id Optional Specify the index of th...

Page 96: ...Type Ethernet MASK on VLAN 0xFFF 802 1p Ethernet Type Available HW Entries 193 Rule ID 1 Ports 1 Match on VLAN ID 1 802 1p 0 Ethernet Type 0xFFFE Action Permit Profile ID 2 Profile name IPv4ACL Type IPv4 MASK on VLAN 0xFFF DSCP ICMP Available HW Entries 193 Rule ID 1 Ports 2 Match on VLAN ID 1 DSCP 0 Action Permit Profile ID 3 Profile name IPv6ACL Type IPv6 MASK on Class TCP ...

Page 97: ... 3 value 0x00000000 Available HW Entries 255 Rule ID 1 Ports 4 Match on offset_chunk_1 0 value 0x0000FFEE Mask 0x0000FFEE Action Permit Priority 1 Replace DSCP 1 DES 3200 28P admin The following example displays an access profile that supports an entry mask for each rule DES 3200 28P admin show access_profile profile_id 2 Command show access_profile profile_id 2 Access Profile Table Profile ID 2 P...

Page 98: ...0 offset_chunk_3 14 value 0xFFFF0000 offset_chunk_4 16 value 0xFF000000 Available HW Entries 255 Rule ID 1 Ports 1 2 Match on offset_chunk_1 3 value 0x000086DD offset_chunk_2 5 value 0x00003A00 offset_chunk_3 14 value 0x86000000 Action Deny DES 3200 28P admin 6 5 config flow_meter Description This command is used to configure the flow based metering function The metering function supports three mo...

Page 99: ...eplace_dscp value 0 63 counter enable disable exceed permit replace_dscp value 0 63 drop counter enable disable violate permit replace_dscp value 0 63 drop counter enable disable sr_tcm cir value 1 1048576 cbs value 1 262144 ebs value 1 262144 color_blind color_aware conform permit replace_dscp value 0 63 counter enable disable exceed permit replace_dscp value 0 63 drop counter enable disable viol...

Page 100: ...This value must be between 0 and 63 counter Optional Specify the ACL counter This is optional The default is disable The resource may be limited so that a counter cannot be turned on Counters will be cleared when the function is disabled enable Specify that the ACL counter option will be enabled disable Specify that the ACL counter option will be disabled exceed Specify the action when a packet is...

Page 101: ...counter enable violate drop Success DES 3200 28P admin 6 6 show flow_meter Description This command is used to display the flow based metering ACL Flow Metering configuration Format show flow_meter profile_id value 1 4 profile_name name 32 access_id value 1 256 Parameters profile_id Optional Specify the profile ID value 1 4 Enter the profile ID used here This value must be between 1 and 4 profile_...

Page 102: ...nge_name 32 Enter the time range name used here This name can be up to 32 characters long hours Specify the time of a day start_time Specify the starting time of a day time hh mm ss Enter the starting time here 24 hr time For example 19 00 means 7PM 19 is also acceptable The time specified in the start_time parameter must be smaller than the time specified in the end_time parameter end_time Specif...

Page 103: ..._time 1 1 1 end_time 2 2 2 weekdays mon Command config time_range 1 hours start_time 1 1 1 end_time 2 2 2 weekdays mon Success DES 3200 28P admin config time_range 1 delete Command config time_range 1 delete Success DES 3200 28P admin 6 8 show time_range Description This command is used to display the current time range settings Format show time_range Parameters None Restrictions None Example To d...

Page 104: ...0 28P admin 6 9 show current_config access_profile Description This command is used to display the ACL part of the current configuration when logged in with user level privileges The overall current configuration can be displayed by using the show config command which is accessible with administrator level privileges Format show current_config access_profile Parameters None Restrictions None Examp...

Page 105: ...how current_config access_profile ACL create access_profile ethernet vlan profile_id 1 config access_profile profile_id 1 add access_id 1 ethernet vlan default port 1 permit create access_profile ip source_ip_mask 255 255 255 255 profile_id 2 config access_profile profile_id 2 add access_id 1 ip source_ip 10 10 10 10 port 2 deny DES 3200 28P admin ...

Page 106: ...t create arpentry ipaddr macaddr Parameters ipaddr The IP address of the end node or station macaddr The MAC address corresponding to the IP address above Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a static ARP entry for the IP address 10 48 74 121 and MAC address 00 50 BA 00 07 36 DES 3200 28P admin create arpentry 10 48 74 121 00 ...

Page 107: ...10 48 74 121 Command delete arpentry 10 48 74 121 Success DES 3200 28P admin 7 3 config arpentry Description This command is used to configure a static entry s MAC address in the ARP table Specify the IP address and MAC address of the entry Format config arpentry ipaddr macaddr Parameters ipaddr The IP address of the end node or station macaddr The MAC address corresponding to the IP address above...

Page 108: ...eing accessed before it is dropped from the table Format config arp_aging time value 0 65535 Parameters value 0 65535 Enter the ARP age out time in minutes This value must be between 0 and 65535 minutes The default value is 20 Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure ARP aging time to 30 minutes DES 3200 28P admin config arp_ag...

Page 109: ...face name or static entries Format show arpentry ipif ipif_name 12 ipaddress ipaddr static mac_address macaddr Parameters ipif Optional The name of the IP interface the end node or station for which the ARP table entry was made resides on ipif_name 12 Enter the IP interface name here This value can be up to 12 characters long ipaddress Optional The IP address of the end node or station ipaddr Ente...

Page 110: ...ime 20 Interface IP Address MAC Address Type System 10 0 0 0 FF FF FF FF FF FF Local Broadcast System 10 1 1 1 00 02 03 04 05 06 Static System 10 1 1 2 00 02 03 04 05 06 Dynamic System 10 1 1 3 00 02 03 04 05 06 Static System 10 90 90 90 00 01 02 03 04 00 Local System 10 255 255 255 FF FF FF FF FF FF Local Broadcast Total Entries 6 DES 3200 28P admin ...

Page 111: ...g_prevention add gateway_ip ipaddr gateway_mac macaddr ports portlist all delete gateway_ip ipaddr Parameters add Specify to add an ARP spoofing prevention entry gateway_ip Specify a gateway IP address to be configured ipaddr Enter the IP address used for this configuration here gateway_mac Specify a gateway MAC address to be configured macaddr Enter the MAC address used for this configuration her...

Page 112: ...1 2 Success DES 3200 28P admin 8 2 show arp_spoofing_prevention Description This command is used to show the ARP spoofing prevention entry Format show arp_spoofing_prevention Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To display the ARP spoofing prevention entries DES 3200 28P admin show arp_spoofing_prevention Command show arp_spoofing_...

Page 113: ... file path name and TFTP server IP address from the DHCP server Then the Switch will download the configuration file from the TFTP server for configuration of the system Format enable autoconfig Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable autoconfig DES 3200 28P admin enable autoconfig Command enable autoconfig Success DES 3200 ...

Page 114: ...e autoconfig Command disable autoconfig Success DES 3200 28P admin 9 3 show autoconfig Description This command is used to display if the auto configuration is enabled or disabled Format show autoconfig Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To show autoconfig status DES 3200 28P admin show autoconfig Command show autoconf...

Page 115: ...e auto configuration operation will be stopped and the local configuration file will be used to configure the system Format config autoconfig timeout value 1 65535 Parameters value 1 65535 Specify the timeout length in seconds The default setting is 50 seconds Restrictions Only Administrator and Operator level users can issue this command Example To configure auto configuration timeout DES 3200 28...

Page 116: ...sable delete ipif ipif_name 12 ipv6address ipv6networkaddr all enable ipif ipif_name 12 all disable ipif ipif_name 12 all show ipif ipif_name 12 enable ipif_ipv6_link_local_auto ipif_name 12 all disable ipif_ipv6_link_local_auto ipif_name 12 all show ipif_ipv6_link_local_auto ipif_name 12 10 1 create account Description This command is used to create user accounts The username is between 1 and 15 ...

Page 117: ...ink Enter a case sensitive new password Enter the new password again for confirmation Success DES 3200 28P admin To create the user level user Remote Manager DES 3200 28P admin create account user Remote Manager Command create account user Remote Manager Enter a case sensitive new password Enter the new password again for confirmation Success DES 3200 28P admin 10 2 config account Description This...

Page 118: ... form password the length is fixed to 35 bytes long The assword is case sensitive Restrictions Only Administrator level users can issue this command Example To configure the user password of dlink account DES 3200 28P admin config account dlink Command config account dlink Enter a old password Enter a case sensitive new password Enter the new password again for confirmation Success DES 3200 28P ad...

Page 119: ...ame Access Level admin Admin oper Operator power Power_user user User Total Entries 4 DES 3200 28P admin 10 4 delete account Description This command is used to delete an existing account Format delete account username Parameters username Name of the user who will be deleted Restrictions Only Administrator level users can issue this command Example To delete the user account System DES 3200 28P ad...

Page 120: ...8P Fast Ethernet Switch MAC Address B8 A3 86 CF 1F 20 IP Address 10 90 90 90 Manual VLAN Name default Subnet Mask 255 0 0 0 Default Gateway 0 0 0 0 Boot PROM Version Build 4 00 001 Firmware Version Build 4 03 004 Hardware Version C1 Serial Number R3921BC000005 System Name System Location System Uptime 0 days 0 hours 2 minutes 51 seconds System Contact Spanning Tree Disabled GVRP Disabled IGMP Snoo...

Page 121: ...ed between 1 and 65535 The well known TCP port for the TELNET protocol is 23 Restrictions Only Administrator and Operator level users can issue this command Example To enable TELNET and configure port number DES 3200 28P admin enable telnet 23 Command enable telnet 23 Success DES 3200 28P admin 10 7 disable telnet Description This command is used to disable TELNET Format disable telnet Parameters ...

Page 122: ...ters tcp_port_number 1 65535 Optional The TCP port number TCP ports are numbered between 1 and 65535 The well known TCP port for the WEB protocol is 80 Restrictions Only Administrator and Operator level users can issue this command Example To enable HTTP and configure port number DES 3200 28P admin enable web 80 Command enable web 80 Note SSL will be disabled if web is enabled Success DES 3200 28P...

Page 123: ...be executed immediatedly without further confirmation Restrictions Only Administrator level users can issue this command Example To reboot the Switch DES 3200 28P admin reboot Command reboot Are you sure to proceed with the system reboot y n Please wait the switch is rebooting 10 11 reset Description This command is used to provide reset functions The configuration setting will be reset to the def...

Page 124: ...ers can issue this command Example To reset the Switch DES 3200 28P admin reset system Command reset system Are you sure you want to proceed with system reset y n y reset all include configuration save reboot n cancel command y Reboot Load Factory Default Configuration Saving configurations and logs to NV RAM Done Please wait the switch is rebooting 10 12 config firmware image Description This com...

Page 125: ...of the IP interface ipif_name 12 Enter the IP interface name here This name can be up to 12 characters long network_address Specify the IPv4 network address xx xx xx xx xx It specifies a host address and length of network mask vlan_name 32 Enter the VLAN name used here This name can be up to 32 characters long state Optional Specify the state of the IP interface enable Specify that the IP interfac...

Page 126: ...nd length of network prefix There can be multiple IPv6 addresses defined on an interface Thus as a new address is defined it is added on this ipif ipv6networkaddr Enter the IPv6 address used here state Specify that the IPv6 interface state will be set to enabled or disabled enable Specify that the IPv6 interface sate will be enabled disable Specify that the IPv6 interface sate will be disabled ipv...

Page 127: ...ipif ipif_name 12 ipv6address ipv6networkaddr all Parameters ipif Specify the name of the IP interface ipif_name 12 Enter the IP interface name used here This name can be up to 12 characters long ipv6address Optional Specify the IPv6 network address The address should specify a host address and length of network prefix There can be multiple IPv6 addresses defined on an interface ipv6networkaddr En...

Page 128: ... Only Administrator Operator and Power User level users can issue this command Example To enable an IP interface DES 3200 28P admin enable ipif newone Command enable ipif newone Success DES 3200 28P admin 10 17 disable ipif Description This command is used to disable an IP interface Format disable ipif ipif_name 12 all Parameters ipif_name Specify the name of the IP interface ipif_name 12 Enter th...

Page 129: ...ame 12 Parameters ipif_name Specify the name of the IP interface ipif_name 12 Optional Enter the IP interface name used here This name can be up to 12 characters long Restrictions None Example To display an IP interface DES 3200 28P admin show ipif Command show ipif IP Interface System VLAN Name default Interface Admin State Enabled Link Status LinkUp IPv4 Address 10 90 90 90 8 Manual IPv4 State E...

Page 130: ...Format enable ipif_ipv6_link_local_auto ipif_name 12 all Parameters ipif_name 12 Enter the IP interface name used here This name can be up to 12 characters long all Specify that all the IP interfaces will be used Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the IP interface for IPv6 link local automatic DES 3200 28P admin enable ipif_...

Page 131: ...link_local_auto Description This commands is used to display the link local address automatic configuration state Format show ipif_ipv6_link_local_auto ipif_name 12 Parameters ipif_name 12 Optional Enter the Ip interface name used here This name can be up to 12 characters long Restrictions Only Administrator Operator and Power User level users can issue this command Example T o display the link lo...

Page 132: ...tion Thus BPDU protection can only be enabled on STP disabled port BPDU protection has high priority than fbpdu setting configured by configure STP command in determination of BPDU handling That is when fbpbu is configured to forward STP BPDU but BPDU protection is enabled then the port will not forward STP BPDU Format config bpdu_protection ports portlist all state enable disable mode drop block ...

Page 133: ...ble and re enable the port Format config bpdu_protection recovery_timer sec 60 1000000 infinite Parameters recovery_timer Specify the bpdu_protection Auto Recovery recovery_timer The default value of recovery_timer is 60 sec 60 1000000 The timer in seconds used by the Auto Recovery mechanism to recover the port The valid range is 60 to 1000000 infinite The port will not be auto recovered Restricti...

Page 134: ...of attack_detected and attack_cleared shall be trapped or logged Restrictions Only Administrator Operator and Power User level users can issue this command Example To config the bpdu_protection trap state as both for the entire switch DES 3200 28P admin config bpdu_protection trap both Commands config bpdu_protection trap both Success DES 3200 28P admin 11 4 enable bpdu_protection Description This...

Page 135: ...Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable bpdu_protection function globally for the entire switch DES 3200 28P admin disable bpdu_protection Commands disable bpdu_protection Success DES 3200 28P admin 11 6 show bpdu_protection Description This command is used to display BPDU protection global configuration or per port configuratio...

Page 136: ...ate None BPDU Protection Log State None DES 3200 28P admin To show the bpdu_protection status ports 1 12 DES 3200 28P admin show bpdu_protection ports 1 12 Commands show bpdu_protection ports 1 12 Port State Mode Status 1 Enabled shutdown Normal 2 Enabled shutdown Normal 3 Enabled shutdown Normal 4 Enabled shutdown Normal 5 Enabled shutdown Under Attack 6 Enabled shutdown Normal 7 Enabled shutdown...

Page 137: ...up status the test will obtain the distance of the cable Since the status is link up the cable will not have the short or open problem But the test may still detect the crosstalk problem When a port is in link down status the link down may be caused by many factors 1 When the port has a normal cable connection but the remote partner is powered off the cable diagnosis can still diagnose the health ...

Page 138: ...powered down with no errors and the link is down this command cannot detect the cable length When the link partner is powered down with errors this command can detect whether the error is open short or crosstalk In this case this command can also detect the distance of the error When there is no link partner with no errors and the link is up this command can detect the cable length When there is n...

Page 139: ...Test the cable on port 1 11 and 12 DES 3200 28P admin cable_diag ports 1 11 12 Command cable_diag ports 1 11 12 Perform Cable Diagnostics Port Type Link Status Test Result Cable Length M 1 100BASE T Link Up OK 4 11 100BASE T Link Down No Cable 12 100BASE T Link Down No Cable DES 3200 28P admin ...

Page 140: ...all configuration command should not be logged When the user under AAA authentication the user name should not changed if user uses enable admin command to replace its privilege Format enable command logging Parameters None Restrictions Only Administrator level users can issue this command Example To enable the command logging function DES 3200 28P admin enable command logging Command enable comma...

Page 141: ...mmand logging Success DES 3200 28P admin 13 3 show command logging Description This command is used to display the Switch s general command logging configuration status Format show command logging Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To show the command logging configuration status DES 3200 28P admin show command logging Command sh...

Page 142: ...zation Description This command is used to enable authorization Format enable authorization attributes Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example This example sets authorization global state enabled DES 3200 28P admin enable authorization attributes Command enable authorization attributes Success DES 3200 28P admin 14 2 disabl...

Page 143: ...nd disable authorization attributes Success DES 3200 28P admin 14 3 show authorization Description This command is used to display authorization status Format show authorization Parameters None Restrictions None Example This example displays authorization status DES 3200 28P admin show authorization Command show authorization Authorization for Attributes Enabled DES 3200 28P admin 14 4 config auth...

Page 144: ...trictions Only Administrator Operator and Power User level users can issue this command Example Set authentication server auth fail over state DES 3200 28P admin config authentication server failover local Command config authentication server failover local Success DES 3200 28P admin 14 5 show authentication Description This command is used to display authentication global configuration Format sho...

Page 145: ...tack DES 3200 Series Layer 2 Managed Fast Ethernet Switch CLI Reference Guide 141 DES 3200 28P admin show authentication Command show authentication Authentication Server Failover Local DES 3200 28P admin ...

Page 146: ...wed by up to three filter strings ex stp A filter string is enclosed by symbol The following describes the meaning of the each filter type include includes lines that contain the specified filter string exclude excludes lines that contain the specified filter string begin The first line that contains the specified filter string will be the first line of the output The relationship of multiple filt...

Page 147: ... specified filter string exclude Optional Exclude lines that contain the specified filter string begin Optional The first line that contains the specified filter string will be the first line of the output filter_string 80 A filter string is enclosed by symbol Thus the filter string itself cannot contain the character The filter string is case sensitive This value can be up to 80 characters long f...

Page 148: ... a All 15 2 config configuration Description This command is used to select a configuration file as the next boot up configuration or to apply a specific configuration to the system This command is required when multiple configuration files are supported Note DES 3200 Series with C1 hardware version support file system Format config configuration pathname 64 boot_up active Parameters pathname 64 S...

Page 149: ...tion to a file pathname64 The pathname specifies the absolute pathname on the device file system If pathname is not specified it refers to the boot up configuration file log Optional Specify to save the log all Optional Specify to save the configuration and the log Restrictions Only Administrator and Operator level users can issue this command Example To save the configuration DES 3200 28P admin s...

Page 150: ...Ethernet Switch CLI Reference Guide 146 Parameters None Restrictions None Example To display the boot file DES 3200 28P admin show boot_file Command show boot_file Bootup Firmware c runtime had Bootup Configuration c config cfg DES 3200 28P admin ...

Page 151: ...294967295 delete cfm ma string 22 ma_index uint 1 4294967295 md string 22 md_index uint 1 4294967295 delete cfm md string 22 md_index uint 1 4294967295 enable cfm disable cfm config cfm ports portlist state enable disable show cfm ports portlist show cfm md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 mepid int 1 8191 mepname string 32 show cfm fault md string 22 md...

Page 152: ...ance domain level int 0 7 Enter the maintenance domain level here This value must be between 0 and 7 Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a maintenance domain called op_domain and assign a maintenance domain level of 2 DES 3200 28P admin create cfm md op_domain level 2 Command create cfm md op_domain level 2 Success DES 3200 2...

Page 153: ...his is the default value chassis Transmit the sender ID TLV with the chassis ID information manage Transmit the sender ID TLV with the managed address information chassis_manage Transmit sender ID TLV with chassis ID information and manage address information Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the maintenance domain calle...

Page 154: ...y An MEP will transmit a CCM packet periodically across the MA The receiving MEP will verify these received CCM packets from the other MEPs against this MEP list for the configuration integrity check Format config cfm ma string 22 ma_index uint 1 4294967295 md string 22 md_index uint 1 4294967295 vlanid vlanid 1 4094 mip none auto explicit defer sender_id none chassis manage chassis_manage defer c...

Page 155: ...val Optional This is the CCM interval 10ms Specify that the CCM interval will be set to 10 milliseconds Not recommended 100ms Specify that the CCM interval will be set to 100 milliseconds Not recommended 1sec Specify that the CCM interval will be set to 1 second 10sec Specify that the CCM interval will be set to 10 seconds This is the default value 1min Specify that the CCM interval will be set to...

Page 156: ...ng 22 Enter the maintenance association name used here This name can be up to 22 characters long ma_index Specify the maintenance association index uint 1 4294967295 Enter the maintenance association index value here This value must be between 1 and 4294967295 direction This is the MEP direction inward Specify the inward facing up MEP outward Specify the outward facing down MEP port Specify the po...

Page 157: ...294967295 Enter the maintenance association index value here This value must be between 1 and 4294967295 state Optional This is the MEP administrative state enable Specify that the MEP will be enabled disable Specify that the MEP will be disabled This is the default value ccm Optional This is the CCM transmission state enable Specify that the CCM transmission will be enabled disable Specify that t...

Page 158: ...id int 1 8191 md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 Parameters mepname Specify the MEP name string 32 Enter the MEP name used here This name can be up to 32 characters long mepid Specify the MEP ID int 1 8191 Enter the MEP ID used here This value must be between 1 and 8191 md Specify the maintenance domain name string 22 Enter the maintenance domain name u...

Page 159: ...ociation name This name can be up to 22 characters long ma_index Specify the maintenance association index uint 1 4294967295 Enter the maintenance association index value here This value must be between 1 and 4294967295 md Specify the maintenance domain name string 22 Enter the maintenance domain name used here This name can be up to 22 characters long md_index Specify the maintenance domain index...

Page 160: ...name can be up to 22 characters long md_index Specify the maintenance domain index uint 1 4294967295 Enter the maintenance domain index value here This value must be between 1 and 4294967295 Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a CFM MD DES 3200 28P admin delete cfm md op_domain Command delete cfm md op_domain Success DES 3200...

Page 161: ...e CFM globally DES 3200 28P admin disable cfm Command disable cfm Success DES 3200 28P admin 16 12 config cfm ports Description This command is used to enable or disable the CFM function on a per port basis By default the CFM function is disabled on all ports If the CFM is disabled on a port 1 MIPs are never created on that port 2 MEPs can still be created on that port and the configuration can be...

Page 162: ...d disable Specify that the CFM function will be disabled Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the CFM ports DES 3200 28P admin config cfm ports 2 5 state enable Command config cfm ports 2 5 state enable Success DES 3200 28P admin 16 13 show cfm ports Description This command is used to show the CFM state of specified ports ...

Page 163: ... Specify the maintenance domain index uint 1 4294967295 Enter the maintenance domain index value here This value must be between 1 and 4294967295 ma Optional Specify the maintenance association name string 22 Enter the maintenance association name used here This name can be up to 22 characters long ma_index Optional Specify the maintenance association index uint 1 4294967295 Enter the maintenance ...

Page 164: ...d show cfm md op_domain ma op1 MA Index 1 MA Name op1 MA VID 1 MIP Creation Defer CCM Interval 1 second SenderID TLV Defer MEPID List 1 MEPID Direction Port Name MAC Address 1 Inward 2 mep1 00 01 02 03 04 02 DES 3200 28P admin show cfm mepname mep1 Command show cfm mepname mep1 Name mep1 MEPID 1 Port 2 Direction Inward CFM Port Status Disabled MAC Address 00 01 02 03 04 02 MEP State Enabled CCM St...

Page 165: ... MD This display provides the overview of the fault status by MEPs Format show cfm fault md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 Parameters md Optional Specify the maintenance domain name string 22 Enter the maintenance domain name used here This name can be up to 22 characters long md_index Optional Specify the maintenance domain index uint 1 4294967295 Ent...

Page 166: ... specified all levels are shown int 0 7 Enter the MD level value here This value must be between 0 and 7 direction Optional Specify the MEP direction inward Specify that the MEP direction will be inward facing outward Specify that the MEP direction will be outward facing If not specified both directions and the MIP are shown vlanid Optional Specify the VLAN identifier If not specified all VLANs ar...

Page 167: ...nce domain index uint 1 4294967295 Enter the maintenance domain index value here This value must be between 1 and 4294967295 ma Specify the maintenance association name string 22 Enter the maintenance association name her This name can be up to 22 characters long ma_index Specify the maintenance association index uint 1 4294967295 Enter the maintenance association index value here This value must ...

Page 168: ...2 characters long mepid Specify the MEP ID used int 1 8191 Enter the MEP ID used here This value must be between 1 and 8191 md Specify the maintenance domain name string 22 Enter the maintenance domain name her This name can be up to 22 characters long md_index Specify the maintenance domain index uint 1 4294967295 Enter the maintenance domain index value here This value can be between 1 and 42949...

Page 169: ...ng mepid Specify the MEP ID used int 1 8191 Enter the MEP ID used here This value must be between 1 and 8191 md Specify the maintenance domain name string 22 Enter the maintenance domain name her This name can be up to 22 characters long md_index Specify the maintenance domain index uint 1 4294967295 Enter the maintenance domain index value here This value must between 1 and 4294967295 ma Specify ...

Page 170: ...trans_id 27 Transaction ID 27 From MEP mep1 to 32 00 70 89 31 06 Start Time 2011 11 22 16 28 56 Hop MEPID Ingress MAC Address Egress MAC Address Forwarded Relay Action 1 00 00 00 00 00 00 32 00 70 89 41 06 Yes FDB 2 00 32 28 40 09 07 00 32 28 40 09 05 Yes FDB 3 2 00 00 00 00 00 00 32 00 70 89 31 06 No Hit DES 3200 28P admin 16 20 delete cfm linktrace Description This command is used to delete the ...

Page 171: ...D used here This value must be between 1 and 8191 mepname Optional Specify the MEP name used string 32 Enter the MEP name used here This name can be up to 32 characters long Restrictions None Example To delete the CFM link trace reply DES 3200 28P admin delete cfm linktrace mepname mep1 Command delete cfm linktrace mepname mep1 Success DES 3200 28P admin 16 21 show cfm mipccm Description This comm...

Page 172: ...fm mp_ltr_all enable disable Parameters enable Specify that the MP s reply to the LTR function will be set to all disable Disable sending the all MPs replay LTRs function Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the all MPs reply LTRs function DES 3200 28P admin config cfm mp_ltr_all enable Command config cfm mp_ltr_all enable Suc...

Page 173: ...to 32 characters long md Specify the maintenance domain name string 22 Enter the maintenance domain name her This name can be up to 22 characters long md_index Specify the maintenance domain index uint 1 4294967295 Enter the maintenance domain index value here This value must between 1 and 4294967295 ma Specify the maintenance association name string 22 Enter the maintenance association name her T...

Page 174: ... Description This command is used to show the CFM packet s RX TX counters Format show cfm pkt_cnt ports portlist rx tx rx tx ccm Parameters ports Optional Specify the port counters to show If not specified all ports will be shown portlist Enter the list of ports used for this configuration here rx Optional Specify to display the RX counter tx Optional Specify to display the TX counter If not speci...

Page 175: ...0 13 0 0 0 0 0 0 0 0 14 0 0 0 0 0 0 0 0 15 0 0 0 0 0 0 0 0 16 0 0 0 0 0 0 0 0 17 0 0 0 0 0 0 0 0 18 0 0 0 0 0 0 0 0 19 0 0 0 0 0 0 0 0 20 0 0 0 0 0 0 0 0 21 0 0 0 0 0 0 0 0 22 0 0 0 0 0 0 0 0 23 0 0 0 0 0 0 0 0 24 0 0 0 0 0 0 0 0 25 0 0 0 0 0 0 0 0 26 0 0 0 0 0 0 0 0 27 0 0 0 0 0 0 0 0 28 0 0 0 0 0 0 0 0 CFM TX Statistics Port AllPkt CCM LBR LBM LTR LTM all 1974 1974 0 0 0 0 1 1974 1974 0 0 0 0 2 ...

Page 176: ... 28mep 45 3 7 Inward 0 0 2438 Total 0 0 2438 DES 3200 28P admin 16 26 clear cfm pkt_cnt Description This command is used to clear the CFM packet s RX TX counters Format clear cfm pkt_cnt ports portlist rx tx rx tx ccm Parameters ports Optional The ports which require need the counters clearing If not specified all ports will be cleared portlist Enter the list of ports used for this configuration h...

Page 177: ...s Only Administrator Operator and Power User level users can issue this command Example To clear the CFM packet s RX TX counters DES 3200 28P admin clear cfm pkt_cnt Command clear cfm pkt_cnt Success DES 3200 28P admin clear cfm pkt_cnt ccm Command clear cfm pkt_cnt ccm Success DES 3200 28P admin ...

Page 178: ...4 source_ip ipaddr destination_ip ipaddr dscp value 0 63 icmp type value 0 255 code value 0 255 igmp type value 0 255 tcp src_port value 0 65535 dst_port value 0 65535 flag all urg ack psh rst syn fin udp src_port value 0 65535 dst_port value 0 65535 protocol_id value 0 255 user_define hex 0x0 0xffffffff packet_content offset_0 15 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0x...

Page 179: ...ify that the rule applies to IGMP traffic type Optional Specify that the rule applies to IGMP type traffic tcp Specify that the rule applies to TCP traffic src_port_mask Optional Specify the TCP source port mask hex 0x0 0xffff Enter the source TCP port mask here dst_port_mask Optional Specify the TCP destination port mask hex 0x0 0xffff Enter the destination TCP port mask here flag_mask Optional S...

Page 180: ...the IPv6 class flowlabel Optional Specify the IPv6 flowlabel source_ipv6_mask Optional Specify an IPv6 source submask ipv6mask Enter the IPv6 source submask here destination_ipv6_mask Optional Specify an IPv6 destination submask ipv6mask Enter the IPv6 destination submask here Restrictions Only Administrator Operator and Power User level users can issue this command Example To create CPU access li...

Page 181: ...ue 0 63 icmp type value 0 255 code value 0 255 igmp type value 0 255 tcp src_port value 0 65535 dst_port value 0 65535 flag all urg ack psh rst syn fin udp src_port value 0 65535 dst_port value 0 65535 protocol_id value 0 255 user_define hex 0x0 0xffffffff packet_content offset_0 15 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_16 31 hex 0x0 0xffffffff hex 0x0 ...

Page 182: ...o ICMP traffic type Optional Specify that the rule applies to the value of ICMP type traffic value 0 255 Enter the ICMP type value here This value must be between 0 and 255 code Optional Specify that the rule applies to the value of ICMP code traffic value 0 255 Enter the ICMP code value here This value must be between 0 and 255 igmp Optional Specify that the rule applies to IGMP traffic type Opti...

Page 183: ...f the frame between 48 and 63 here offset_64 79 Optional Specify that the mask pattern offset of the frame will be between 64 and 79 hex 0x0 0xffffffff Enter the mask pattern offset of the frame between 64 and 79 here ipv6 Specify the rule applies to IPv6 fields class Optional Specify the value of IPv6 class value 0 255 Enter the IPv6 class value here This value must be between 0 and 255 flowlabel...

Page 184: ...1 code 32 port 1 deny Success DES 3200 28P admin 17 4 enable cpu interface filtering Description This command is used to enable CPU interface filtering control Format enable cpu_interface_filtering Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable cpu_interface_filtering DES 3200 28P admin enable cpu_interface_filtering Command enable...

Page 185: ...access_profile Description This command is used to display current access list table Format show cpu access_profile profile_id value 1 5 Parameters profile_id Optional Specify the index of access list profile value 1 5 Enter the profile ID used here This value must be between 1 and 5 Restrictions None Example To display current cpu access list table DES 3200 28P admin show cpu access_profile Comma...

Page 186: ...ile ID 1 Type Ethernet MASK on VLAN 0xFFF Source MAC 00 00 00 00 00 01 Destination MAC 00 00 00 00 00 02 802 1p Ethernet Type Unused Rule Entries 100 Profile ID 2 Type IPv4 MASK on VLAN 0xFFF Source IP 20 0 0 0 Dest IP 10 0 0 0 DSCP ICMP Type Code Unused Rule Entries 100 DES 3200 28P admin ...

Page 187: ..._log Description This command is used to dump clear or upload the software error log to a TFTP server Format debug error_log dump clear upload_toTFTP ipaddr path_filename 64 Parameters dump Display the debug message of the debug log clear Clear the debug log upload_toTFTP Upload the debug log to a TFTP server specified by IP address ipaddr Optional Specify the IPv4 address of the TFTP server path_...

Page 188: ...C 801D703C 8013B8A4 802AE754 802A5E0C To clear the error log DES 3200 28P admin debug error_log clear Command debug error_log clear Success DES 3200 28P admin To upload the error log to TFTP server DES 3200 28P admin debug error_log upload_toTFTP 10 0 0 90 debug log txt Command debug error_log upload_toTFTP 10 0 0 90 debug log txt Connecting to server Done Upload error log Done DES 3200 28P admin ...

Page 189: ...ve pathname or an absolute pathname This value can be up to 64 characters long Restrictions Only Administrator users can issue this command Example To show the debug buffer s state DES 3200 28P admin debug buffer utilization Command debug buffer utilization Allocate from System memory pool Total size 2 MB Utilization rate 30 DES 3200 28P admin To clear the debug buffer DES 3200 28P admin debug buf...

Page 190: ...Only Administrator level users can issue this command Example To set all module debug message outputs to local console DES 3200 28P admin debug output all console Command debug output all console Success DES 3200 28P admin 18 4 debug config error_reboot Description This command is used to set if the Switch needs to be rebooted when a fatal error occurs When the error occurs the watchdog timer will...

Page 191: ...00 28P admin 18 5 debug config state Description This command is used to set the state of the debug Format debug config state enable disable Parameters enable Enable the debug state disable Disable the debug state Restrictions Only Administrator level users can issue this command Example To set the debug state to disabled DES 3200 28P admin debug config state disable Command debug config state dis...

Page 192: ...ow error_reboot state Command debug show error_reboot state Error Reboot Enabled DES 3200 28P admin 18 7 debug show status Description This command is used to display the debug heanler state and the specified module s debug status Format debug show status module module_list Parameters module Optional Specify the module list module_list Enter the module list Restrictions Only Administrator level us...

Page 193: ... debug show status module MSTP Command debug show status module MSTP Debug Global State Enabled MSTP Disabled DES 3200 28P admin To show the debug state DES 3200 28P admin debug show status Command debug show status Debug Global State Enabled MSTP Disabled IMPB Disabled ERPS Disabled DES 3200 28P admin ...

Page 194: ...VLAN name When DHCP local relay is enabled for the VLAN the DHCP packet will be relayed in broadcast way without change of the source MAC address and gateway address DHCP option 82 will be automatically added Format config dhcp_local_relay vlan vlan_name 32 state enable disable Parameters vlan_name 32 Specify the VLAN name that the DHCP local relay function will be enabled This name can be up to 3...

Page 195: ...ay function will be disabled Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable DHCP local relay for default VLAN DES 3200 28P admin config dhcp_local_relay vlan vlanid 1 state enable Command config dhcp_local_relay vlan vlanid 1 state enable Success DES 3200 28P admin 19 3 config dhcp_local_relay option_82 circuit_id Description This comma...

Page 196: ...s to be configured policy Specify how to process the packets coming from the client side which have the option 82 field replace Replace the existing option 82 field in the packet drop Discard if the packet has the option 82 field keep Retain the existing option 82 field in the packet Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure por...

Page 197: ...DES 3200 28P admin config dhcp_local_relay option_82 remote_id user_define D Lin k L2Switch Command config dhcp_local_relay option_82 remote_id user_define D Link L2Switch Success DES 3200 28P admin 19 6 enable dhcp_local_relay Description This command is used to globally enable the DHCP local relay function on the Switch Format enable dhcp_local_relay Parameters None Restrictions Only Administrat...

Page 198: ...estrictions Only Administrator Operator and Power User level users can issue this command Example To disable the DHCP local relay function DES 3200 28P admin disable dhcp_local_relay Command disable dhcp_local_relay Success DES 3200 28P admin 19 8 show dhcp_local_relay Description This command is used to display the current DHCP local relay configuration Format show dhcp_local_relay Parameters Non...

Page 199: ...P admin 19 9 show dhcp_local_relay option_82 ports Description This command is used to display the current DHCP local relay option 82 configuration of each port Format show dhcp_local_relay option_82 ports portlist Parameters portlist Optional Specify a list of ports to be displayed Restrictions None Example To display DHCP local relay option 82 configuration of port 1 to 5 DES 3200 28P admin show...

Page 200: ...iword 255 ipaddress ipaddr default config dhcp_relay option_61 state enable disable config dhcp_relay option_61 add mac_address macaddr string multiword 255 relay ipaddr drop config dhcp_relay option_61 default relay ipaddr drop config dhcp_relay option_61 delete mac_address macaddr string multiword 255 all show dhcp_relay option_61 20 1 config dhcp_relay Description This command is used to config...

Page 201: ...e used here This name can be up to 12 characters long ipaddr The DHCP BOOTP server IP address Restrictions Only Administrator Operator and Power User level users can issue this command Example To add a DHCP BOOTP server to the relay table DES 3200 28P admin config dhcp_relay add ipif System 10 43 21 12 Command config dhcp_relay add ipif System 10 43 21 12 Success DES 3200 28P admin 20 3 config dhc...

Page 202: ...mmand config dhcp_relay add vlanid 1 10 10 43 21 12 Success DES 3200 28P admin To display the DHCP relay status DES 3200 28P admin show dhcp_relay Command show dhcp_relay DHCP BOOTP Relay Status Disabled DHCP BOOTP Hops Count Limit 4 DHCP BOOTP Relay Time Threshold 0 DHCP Vendor Class Identifier Option 60 State Disabled DHCP Client Identifier Option 61 State Disabled DHCP Relay Agent Information O...

Page 203: ...r User level users can issue this command Example To delete a DHCP BOOTP server to the relay table DES 3200 28P admin config dhcp_relay delete ipif System 10 43 21 12 Command config dhcp_relay delete ipif System 10 43 21 12 Success DES 3200 28P admin 20 5 config dhcp_relay delete vlanid Description This command is used to delete an IP address as a destination to forward relay DHCP BOOTP packets Fo...

Page 204: ...ld not have the option 82 s field If the packet has this option field it will be dropped The default setting is disabled enable Specify that checking will be enabled disable Specify that checking will be disabled policy Optional Specify the policy used This option takes effect only when the check status is disabled The default setting is set to replace replace Replace the existing option 82 field ...

Page 205: ...y replace Command config dhcp_relay option_82 policy replace Success DES 3200 28P admin config dhcp_relay option_82 remote_id user_define D Link L2 Switch Command config dhcp_relay option_82 remote_id user_define D Link L2 Switch Success DES 3200 28P admin 20 7 config dhcp_relay option_82 circuit_id Description This command is used to configure the circuit id of DHCP relay agent information option...

Page 206: ...relay Description This command is used to enable the DHCP relay function on the Switch Format enable dhcp_relay Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the DHCP relay function DES 3200 28P admin enable dhcp_relay Command enable dhcp_relay Success DES 3200 28P admin 20 9 disable dhcp_relay Description This command ...

Page 207: ...dhcp_relay Success DES 3200 28P admin 20 10 show dhcp_relay Description This command is used to display the current DHCP relay configuration Format show dhcp_relay ipif ipif_name 12 Parameters ipif Optional Specify the IP interface name ipif_name 12 Enter the IP interface name used here This name can be up to 12 characters long If no parameter is specified the system will display all DHCP relay co...

Page 208: ...on_60 Description This command is used to decide whether DHCP relay will process the DHCP option 60 or not When option_60 is enabled if the packet does not have option 60 then the relay servers cannot be determined based on option 60 The relay servers will be determined based on either option 61 or per IPIF configured servers If the relay servers are determined based on option 60 or option 61 then...

Page 209: ...d string multiword 255 relay ipaddr exact match partial match Parameters string Specify the string used multiword 255 Enter the string value here This value can be up to 255 characters long relay Specify a relay server IP address ipaddr Enter the IP address used for this configuration here exact match The option 60 string in the packet must full match with the specified string partial match The op...

Page 210: ...will be the union of option 60 default relay servers and the relay servers determined by option 61 Format config dhcp_relay option_60 default relay ipaddr mode relay drop Parameters relay Specify the IP address used for the DHCP relay forward function ipaddr Enter the IP address used for this configuration here mode Specify the DHCP relay option 60 mode relay The packet will be relayed based on th...

Page 211: ...cified by the user ipaddr Optional Enter the IP address used for this configuration here Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete the DHCP relay option 60 string called abc DES 3200 28P admin config dhcp_relay option_60 delete string abc relay 10 90 90 1 Command config dhcp_relay option_60 delete string abc relay 10 90 90 1 Succes...

Page 212: ...acket does not have option 61 then the relay servers cannot be determined based on option 61 If the relay servers are determined based on option 60 or option 61 then per IPIF configured servers will be ignored If the relay servers are not determined either by option 60 or option 61 then per IPIF configured servers will be used to determine the relay servers Format config dhcp_relay option_61 state...

Page 213: ... of these two sets of the servers Format config dhcp_relay option_61 add mac_address macaddr string multiword 255 relay ipaddr drop Parameters mac_address The client s client ID which is the hardware address of client macaddr Enter the client s MAC address here string The client s client ID which is specified by administrator multiword 255 Enter the client s description here This value can be up t...

Page 214: ...and Power User level users can issue this command Example To configure the DHCP relay option 61 function DES 3200 28P admin config dhcp_relay option_61 default drop Command config dhcp_relay option_61 default drop Success DES 3200 28P admin 20 19 config dhcp_relay option_61 delete Description This command is used to delete an option 61 rule Format config dhcp_relay option_61 delete mac_address mac...

Page 215: ...on 61 entry DES 3200 28P admin config dhcp_relay option_61 delete mac_address 00 11 22 33 44 55 Command config dhcp_relay option_61 delete mac_address 00 11 22 33 44 55 Success DES 3200 28P admin 20 20 show dhcp_relay option_61 Description This command is used to show all rulers for option 61 Format show dhcp_relay option_61 Parameters None Restrictions None Example To display DHCP relay rulers fo...

Page 216: ...rnet Switch CLI Reference Guide 212 DES 3200 28P admin show dhcp_relay option_61 Command show dhcp_relay option_61 Default Relay Rule Drop Matching Rules Client ID Type Relay Rule 00 11 22 33 44 55 MAC Address Drop Total Entries 1 DES 3200 28P admin ...

Page 217: ...DHCP clients This is useful when two DHCP servers are present on the network one of them provides the private IP address and one of them provides the IP address Enabling filtering of the DHCP server port state will create one access profile and create one access rule per port UDP port 67 Filter commands in this file will share the same access profile Addition of a permit DHCP entry will create one...

Page 218: ... to 30 minutes trap_log Specify the trap and log status enable Enable trap and log status disable Disable trap and log status Restrictions Only Administrator Operator and Power User level users can issue this command Example To add an entry from the DHCP server filter list in the Switch s database DES 3200 28P admin config filter dhcp_server add permit server_ip 10 90 90 20 ports 1 20 Command conf...

Page 219: ... list created on the Switch DES 3200 28P admin show filter dhcp_server Command show filter dhcp_server Enabled Ports 1 10 Trap Log State Disabled Illegal Server Log Suppress Duration 5 minutes Permit DHCP Server Client Table Server IP Address Client MAC Address Port 10 90 90 20 All Client MAC 1 20 Total Entries 1 DES 3200 28P admin ...

Page 220: ...en encountering an exceeding alarm or warning thresholds event Format config ddm trap log enable disable Parameters trap Specify whether to send traps when the operating parameter exceeds the corresponding threshold The DDM trap is disabled by default log Specify whether to send a log when the operating parameter exceeds the corresponding threshold The DDM log is enabled by default enable Specify ...

Page 221: ...is value the action associated with the alarm is taken float Enter the high threshold alarm value used here low_alarm Optional Specify the low threshold for the alarm When the operating parameter falls below this value the action associated with the alarm is taken float Enter the low threshold alarm value used here high_warning Optional Specify the high threshold for the warning When the operating...

Page 222: ...rning 3 Command config ddm ports 25 voltage_threshold high_alarm 4 25 low_alarm 2 5 high_warning 3 5 low_warning 3 Success DES 3200 28P admin To configure the port 25 s bias current threshold DES 3810 28 admin config ddm ports 25 bias_current_threshold high_alarm 7 25 low_alarm 0 004 high_warning 0 5 low_warning 0 008 Command config ddm ports 25 bias_current_threshold high_alarm 7 25 low_alarm 0 0...

Page 223: ... 0 03 Success DES 3200 28P admin To configure the port 25 s actions associate with the alarm DES 3200 28P admin config ddm ports 25 state enable shutdown alarm Command config ddm ports 25 state enable shutdown alarm Success DES 3200 28P admin 22 3 show ddm Description This command is used to display the DDM global settings Format show ddm Parameters None Restrictions None Example To display the DD...

Page 224: ...c port when a particular threshold was configured by user it will be shown in this command with a tag indicating that it is a threshold that user configured else it would be the threshold read from the optic module that is being inserted Format show ddm ports portlist status configuration Parameters portlist Optional Enter the range of ports to be displayed here status Specifies that the operating...

Page 225: ...itch CLI Reference Guide 221 DES 3200 28P admin show ddm ports 25 26 status Command show ddm ports 25 26 status Port Temperature Voltage Bias Current TX Power RX Power in Celsius V mA mW mW 25 26 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh ...

Page 226: ...enable disable mode shutdown normal discovery_time sec 5 65535 1 Parameters portlist Specify a range of ports all Specify to select all ports state Specify these ports unidirectional link detection status enable Enable unidirectional link detection status disable Disable unidirectional link detection status mode Specify the mode when detecting unidirectional link shutdown If any unidirectional lin...

Page 227: ...tection information Format show duld ports portlist Parameters portlist Optional Specify a range of ports Restrictions None Example To show ports 1 4 unidirectional link detection information DES 3200 28P admin show duld ports 1 4 Command show duld ports 1 4 Port Admin State Oper Status Mode Link Status Discovery Time Sec 1 Enabled Disabled Normal Unknown 5 2 Disabled Disabled Normal Unknown 5 3 D...

Page 228: ...ack tcp_tiny_frag_attack all action drop state enable disable Parameters land_attack Optional Check whether the source address is equal to destination address of a received IP packet blat_attack Optional Check whether the source port is equal to destination port of a received TCP packet tcp_null_scan Optional Check whether a received TCP packet contains a sequence number of 0 and no flags tcp_xmas...

Page 229: ...an tcp_synfin tcp_syn_srcport_less_1024 ping_death_attack tcp_tiny_frag_attack Parameters land_attack Optional Check whether the source address is equal to destination address of a received IP packet blat_attack Optional Check whether the source port is equal to destination port of a received TCP packet tcp_null_scan Optional Check whether a received TCP packet contains a sequence number of 0 and ...

Page 230: ...ack Disabled Drop TCP Tiny Fragment Attack Disabled Drop CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 24 3 config dos_prevention trap Description This command is used to enable or disable DoS prevention trap state Format config dos_prevention trap enable disable Parameters enable Enable DoS prevetion trap state disable Disable DoS prevention trap state Restrictions Only Administra...

Page 231: ...tate Format config dos_prevention log enable disable Parameters enable Enable DoS prevetion log state disable Disable DoS prevention log state Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable DoS prevention log DES 3200 28P admin config dos_prevention log enable Command config dos_prevention log enable Success DES 3200 28P admin ...

Page 232: ...able erps Description This command is used to enable the global ERPS function on a switch When both the global state and the specified ring ERPS state are enabled the specified ring will be activated The default state is disabled The global ERPS function cannot be enabled when any ERPS ring on the device is enabled and the integrity of any ring parameter is not available For each ring with the rin...

Page 233: ...ministrator Operator and Power User level users can issue this command Example To disable ERPS DES 3200 28P admin disable erps Command disable erps Success DES 3200 28P admin 25 3 create erps raps_vlan Description This command is used to create an R APS VLAN on a switch Only one R APS VLAN should be used to transfer R APS messages Note that the R APS VLAN must already have been created by the crea...

Page 234: ...ption This command is used to delete an R APS VLAN on a switch When an R APS VLAN is deleted all parameters related to this R APS VLAN will also be deleted This command can only be issued when the ring is not active Format delete erps raps_vlan vlanid Parameters raps_vlan Specify the VLAN which will be the R APS VLAN vlanid Enter the VLAN ID used here Restrictions Only Administrator Operator and P...

Page 235: ...t an error message will be display and the configuration will fail The R APS VLAN cannot be the protected VLAN The protected VLAN can be one that has already been created or it can be used for a VLAN that has not yet been created Holdoff timer The Holdoff timer is used to filter out intermittent link faults when link failures occur during the protection switching process When a ring node detects a...

Page 236: ... delete vlanid vidlist revertive enable disable timer holdoff_time millisecond 0 10000 guard_time millisecond 10 2000 wtr_time min 5 12 Parameters vlanid Enter the R APS VLAN ID used state Specify to enable or disable the specified ring enable Enable the state of the specified ring disable Disable the state of the specified ring The default value is disabled ring_mel Specify the ring MEL of the R ...

Page 237: ...S function min 5 12 Enter the WTR time range value here The range is from 5 to 12 minutes The default WTR time is 5 minutes Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the MEL of the ERPS ring for a specific R APS VLAN DES 3200 28P admin config erps raps_vlan 4094 ring_mel 2 Command config erps raps_vlan 4094 ring_mel 2 Success DE...

Page 238: ..._time 1000 wtr_time 10 Success DES 3200 28P admin To configure the ring state of the ERPS DES 3200 28P admin config erps raps_vlan 4094 state enable Command config erps raps_vlan 4094 state enable Success DES 3200 28P admin 25 6 config erps log Description This command is used to configure the log state of ERPS events Format config erps log enable disable Parameters log Specify to enable or disabl...

Page 239: ...DES 3200 28P admin 25 8 show erps Description This command is used to display ERPS configuration and operation information The port state of the ring port may be as Forwarding Blocking Signal Fail Forwarding indicates that traffic is able to be forwarded Blocking indicates that traffic is blocked by ERPS and a signal failure is not detected on the port Signal Fail indicates that a signal failure i...

Page 240: ...g Status Disabled Trap Status Disabled R APS VLAN 4094 ERPS Status Disabled Admin West Port 5 Operational West Port 5 Forwarding Admin East Port Operational East Port Admin RPL Port None Operational RPL Port None Admin Owner Enabled Operational Owner Enabled Protected VLANs 10 20 Ring MEL 2 Holdoff Time 100 milliseconds Guard Time 1000 milliseconds WTR Time 10 minutes Revertive mode Enabled Curren...

Page 241: ...e Parameters portlist Specify the list of ports used all Specify that all the ports will be used for the configuration state Specify the state of the filter to block the NETBIOS packet enable Specify that the state will be enabled disable Specify that the state will be disabled Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure filter ne...

Page 242: ...nsive_netbios portlist all state enable disable Parameters portlist Enter the list of ports used for this configuration here all Specify that all the ports will be used this configuration state Enable or disable the filter to block the NETBIOS packet over 802 3 frame enable Specify that the filter state will be enabled disable Specify that the filter state will be disabled Restrictions Only Admini...

Page 243: ...n This command is used to display the extensive netbios state on the Switch Format show filter extensive_netbios Parameters None Restrictions None Example To display the extensive_state created on the Switch DES 3200 28P admin show filter extensive_netbios Command show filter extensive_netbios Enabled ports 1 3 DES 3200 28P admin ...

Page 244: ...nid vidlist mac_address macaddr static aging_time security show multicast vlan_filtering_mode vlanid vidlist vlan vlan_name 32 27 1 create fdb Description This command is used to create a static entry in the unicast MAC address forwarding table database Format create fdb vlan_name 32 macaddr port port drop Parameters vlan_name 32 Specify a VLAN name associated with a MAC address The maximum length...

Page 245: ...lanid vidlist macaddr port port drop Parameters vidlist Specify a VLAN ID associated with a MAC address macaddr The MAC address to be added to the static forwarding table port The port number corresponding to the MAC destination address The switch will always forward traffic to the specified device through this port port Enter the port number corresponding to the MAC destination address here drop ...

Page 246: ...ximum name length is 32 macaddr The multicasts MAC address to be added to the static forwarding table Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a multicast MAC forwarding entry to the default VLAN DES 3200 28P admin create multicast_fdb default 01 00 5E 00 00 00 Command create multicast_fdb default 01 00 5E 00 00 00 Success DES 320...

Page 247: ... FDB age out time in seconds The aging time affects the learning process of the Switch Dynamic forwarding table entries which are made up of the source MAC addresses and their associated port numbers are deleted from the table if they are not accessed within the aging time The aging time can be from 10 to 1000000 seconds with a default value of 300 seconds A very long aging time can result in dyna...

Page 248: ...mum name length is 32 vlan_name 32 The VLAN name can be up to 32 characters long all Specify all configured VLANs forward_all_groups Both the registered group and the unregistered group will be forwarded to all member ports of the specified VLAN where the multicast traffic comes in forward_unregistered_groups The unregistered group will be forwarded to all member ports of the VLAN where the multic...

Page 249: ...try DES 3200 28P admin delete fdb default 00 00 00 00 01 02 Command delete fdb default 00 00 00 00 01 02 Success DES 3200 28P admin 27 8 clear fdb Description This command is used to clear the Switch s forwarding database for dynamically learned MAC addresses Format clear fdb vlan vlan_name 32 port port all Parameters vlan Clears the FDB entry by specifying the VLAN name vlan_name 32 The name of t...

Page 250: ...ch Format show multicast_fdb vlan vlan_name 32 vlanid vidlist mac_address macaddr Parameters vlan Optional The name of the VLAN on which the MAC address resides vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Optional Displays the entries for the VLANs indicated by VID list vidlist Enter the VLAN ID list here mac_address Optional Specify a MAC address for...

Page 251: ...specified port port Enter the port number here vlan Optional Displays the entries for a specific VLAN The maximum name length is 32 vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Optional Displays the entries for the VLANs indicated by VID list vidlist Enter the VLAN ID list here mac_address Optional Displays a specific MAC address macaddr Enter the MAC ...

Page 252: ...ynamic Drop 802 1X 1 00 00 00 10 00 02 2 Static Forward WAC 1 00 00 00 10 00 04 4 Static Forward Port Security 1 00 00 00 10 00 0A 5 Static Forward MAC based Access Control 1 00 00 00 10 00 06 6 Dynamic Drop Compound Authentication Total Entries 5 DES 3200 28P admin 27 11 show multicast vlan_filtering_mode Description This command is used to show the multicast packet filtering mode for VLANs Note ...

Page 253: ... will show all multicast filtering settings in the device Restrictions None Example To show the multicast vlan_filtering_mode for VLANs DES 3200 28P admin show multicast vlan_filtering_mode Command show multicast vlan_filtering_mode VLAN ID VLAN Name Multicast Filter Mode 1 default forward_unregistered_groups DES 3200 28P admin ...

Page 254: ...name drive_id pathname copy drive_id pathname drive_id pathname 28 1 show storage_media_info Description This command is used to display the information of the storage media available on the system The information for a media includes the drive number the media identification Format show storage_media_info Parameters None Restrictions None Example To display the storage media s information DES 320...

Page 255: ...g Restrictions Only Administrator and Operator level users can issue this command Example To make a directory DES 3200 28P admin md c abc Command md c abc Success DES 3200 28P admin 28 3 rd Description This command is used to remove a directory If there are files still existing in the directory this command will fail and return error message Format rd drive_id pathname Parameters drive_id Optional...

Page 256: ...ctory will be displayed if the pathname is not specified Format cd pathname Parameters pathname Optional Specify the directory to be removed The path name can be specified either as a full path name or partial name For partial path name it indicates the file is in the current directory Restrictions None Example To change to other directory or display current directory path DES 3200 28P admin cd Co...

Page 257: ... 1 RUN rw 5491536 2000 01 01 00 41 03 DES3200_RUNTIME_V4 00 014 had 2 CFG rw 31142 2000 01 01 02 19 40 config cfg 3 d 2000 01 01 00 00 16 system 29618 KB total 24127 KB free with boot up info b with backup info DES 3200 28P admin 28 6 rename Description This command is used to rename a file Note that for standalone device the unit argument is not needed This command is used to rename a file in the...

Page 258: ...and its contents If two files with the same name under the same directory are softly deleted sequentially only the last one will exist Deleting copying renaming or moving the already softly deleted file is not acceptable System will prompt if the target file is a FW or configuration whose type is bootup Format del drive_id pathname recursive Parameters drive_id Optional Enter the drive ID used for...

Page 259: ...s DES 3200 28P admin dir Command dir Directory of c Idx Info Attr Size Update Time Name 1 CFG rw 29661 2000 04 01 05 54 38 config cfg 2 RUN rw 4879040 2000 03 26 03 15 11 B019 had 3 d 0 2000 04 01 05 17 36 system 29618 KB total 24727 KB free with boot up info b with backup info DES 3200 28P admin 28 8 erase Description This command is used to delete a file stored in the file system System will pro...

Page 260: ...B019 had 4 d 0 2000 04 01 05 17 36 system 29618 KB total 24697 KB free with boot up info b with backup info DES 3200 28P admin erase config2 cfg Command erase config2 cfg Success DES 3200 28P admin dir Command dir Directory of c Idx Info Attr Size Update Time Name 1 CFG rw 29661 2000 04 01 05 54 38 config cfg 2 RUN rw 4879040 2000 03 26 03 15 11 B019 had 3 d 0 2000 04 01 05 17 36 system 29618 KB t...

Page 261: ...an issue this command Example To move a file from one location to another location DES 3200 28P admin move c log txt c log1 txt Command move c log txt c log1 txt Success DES 3200 28P admin 28 10 copy Description This command is used to copy a file to another file in the file system Format copy drive_id pathname drive_id pathname Parameters drive_id Optional Enter the drive ID for example C pathnam...

Page 262: ...k DES 3200 Series Layer 2 Managed Fast Ethernet Switch CLI Reference Guide 258 Example To copy a file DES 3200 28P admin copy c log txt c log1 txt Command copy c log txt c log1 txt Success DES 3200 28P admin ...

Page 263: ...announce the interface s IP address to other nodes By default the state is enabled and only one gratuitous ARP packet will be broadcast Format config gratuitous_arp send ipif_status_up enable disable Parameters enable Enable sending of gratuitous ARP when IPIF status become up disable Disable sending of gratuitous ARP when IPIF status become up Restrictions Only Administrator Operator and Power Us...

Page 264: ...ig gratuitous_arp send dup_ip_detected enable Command config gratuitous_arp send dup_ip_detected enable Success DES 3200 28P admin 29 3 config gratuitous_arp learning Description This command is used to configure gratuitous ARP learning Normally the system will only learn the ARP reply packet or a normal ARP request packet that asks for the MAC address that corresponds to the system s IP address T...

Page 265: ...tuitous_arp send periodically ipif ipif_name 12 interval value 0 65535 Parameters ipif Interface name of L3 interface ipif_name 12 Enter the IP interface name here This name can be up to 12 characters long interval Periodically send gratuitous ARP interval time in seconds 0 means not send gratuitous ARP periodically value 0 65535 Enter the gratuitous ARP interval time here This value must be betwe...

Page 266: ...tions Only Administrator Operator and Power User level users can issue this command Example To enable system interface s gratuitous ARP log and trap DES 3200 28P admin enable gratuitous_arp ipif System trap log Command enable gratuitous_arp ipif System trap log Success DES 3200 28P admin 29 6 disable gratuitous_arp Description The command is used to disable gratuitous ARP trap and log state The sw...

Page 267: ...00 28P admin disable gratuitous_arp ipif System trap log Command disable gratuitous_arp ipif System trap log Success DES 3200 28P admin 29 7 show gratuitous_arp Description This command is used to display gratuitous ARP configuration Format show gratuitous_arp ipif ipif_name 12 Parameters ipif Optional Interface name of L3 interface ipif_name Enter the IP interface name here Restrictions None Exam...

Page 268: ...show gratuitous_arp Command show gratuitous_arp Send on IPIF Status Up Enabled Send on Duplicate IP Detected Enabled Gratuitous ARP Learning Enabled IP Interface Name System Gratuitous ARP Trap Enabled Gratuitous ARP Log Enabled Gratuitous ARP Periodical Send Interval 5 Total Entries 1 DES 3200 28P admin ...

Page 269: ...e multicast traffic forwarding is only based on L2 MAC addresses associated to groups that the Switch has joined The source IP address of the multicast traffic will be ignored config igmp_snooping vlan_name vlan_name 32 vlanid vlanid_list all state enable disable fast_leave enable disable report_suppression enable disable config igmp_snooping rate_limit ports portlist vlanid vlanid_list value 1 10...

Page 270: ...n_name 32 vlanid vlanid_list show mld_snooping group vlan vlan_name 32 vlanid vlanid_list ports portlist ipv6addr data_driven show mld_snooping forwarding vlan vlan_name 32 vlanid vlanid_list show mld_snooping mrouter_ports vlan vlan_name 32 vlanid vlanid_list all static dynamic forbidden create mld_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipv6addr delete mld_snooping static_grou...

Page 271: ...e to disable the IGMP snooping fast leave function report_suppression Specify IGMP report suppression When enabled multiple IGMP reports or leave for a specific S G will be integrated into one report only before sending to the router port enable Enable the IGMP report suppression disable Disable the IGMP report suppression Restrictions Only Administrator Operator and Power User level users can iss...

Page 272: ...and the permitted packet loss that guarantees IGMP snooping Format config igmp_snooping querier vlan_name vlan_name 32 vlanid vlanid_list all query_interval sec 1 65535 max_response_time sec 1 25 robustness_variable value 1 7 last_member_query_interval sec 1 25 state enable disable version value 1 3 1 Parameters vlan_name Specify the name of the VLAN for which IGMP snooping querier is to be config...

Page 273: ...leave message the router will assume there are no local members on the interface if there are no reports received after the response time which is last member query interval robustness variable sec 1 25 Enter the last member query interval value here This value must be between 1 and 25 seconds state Optional If the state is enabled it allows the Switch to be selected as an IGMP Querier sends IGMP ...

Page 274: ...le Disable the RADIUS authentication function on the specified ports Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable IGMP Access Control for all ports DES 3200 28P admin config igmp access_authentication ports all state enable Command config igmp access_authentication ports all state enable Success DES 3200 28P admin 30 5 config router_p...

Page 275: ... that the forbidden router port will not propagate routing packets out Format config router_ports_forbidden vlan_name 32 vlanid vlanid_list add delete portlist Parameters vlan_name 32 Specify the name of the VLAN on which the router port resides vlanid Specify the ID of the VLAN on which the router port resides vlanid_list Enter the VLAN ID list here add Specify to add the router ports delete Spec...

Page 276: ... issue this command Example To enable IGMP snooping on the Switch DES 3200 28P admin enable igmp_snooping Command enable igmp_snooping Success DES 3200 28P admin 30 8 disable igmp_snooping Description This command is used to disable IGMP snooping on the Switch Disabling IGMP snooping allows all IGMP and IP multicast traffic to flood within a given IP interface Format disable igmp_snooping Paramete...

Page 277: ...ember ports For a layer 3 device the device is also responsible to route the packet destined for this specific group to static member ports The static member port will only affect V2 IGMP operation The Reserved IP multicast address 224 0 0 X must be excluded from the configured group The VLAN must be created first before a static group can be created Format create igmp_snooping static_group vlan v...

Page 278: ...ch the router port resides vlanid_list Enter the VLAN ID list here ipaddr Specify the multicast group IP address Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete an IGMP snooping static group for VLAN 1 group 239 1 1 1 DES 3200 28P admin delete igmp_snooping static_group vlan default 239 1 1 1 Command delete igmp_snooping static_group vla...

Page 279: ...perator and Power User level users can issue this command Example To unset port range 9 10 from IGMP snooping static member ports for group 239 1 1 1 on default VLAN DES 3200 28P admin config igmp_snooping static_group vlan default 239 1 1 1 delete 9 10 Command create igmp_snooping static_group vlan default 239 1 1 1 delete 9 10 Success DES 3200 28P admin 30 12 show igmp_snooping static_group Desc...

Page 280: ...e entry For a data driven entry the entry can be specified not to be aged out or to be aged out by the aged timer When data driven learning is enabled and the data driven table is not full the multicast filtering mode for all ports is ignored That is the multicast packets will be forwarded to router ports If the data driven learning table is full the multicast packets will be forwarded according t...

Page 281: ...ons Only Administrator Operator and Power User level users can issue this command Example To enable the data driven learning of an IGMP snooping group on the default VLAN DES 3200 28P admin config igmp_snooping data_driven_learning vlan_name default state enable Command config igmp_snooping data_driven_learning vlan_name default state enable Success DES 3200 28P admin 30 14 config igmp_snooping da...

Page 282: ... group s learned by data driven Format clear igmp_snooping data_driven_group all vlan_name vlan_name vlanid vlanid_list ipaddr all Parameters all Specify all VLANs to which IGMP snooping groups will be deleted vlan_name Specify the VLAN name vlan_name Enter the VLAN name here vlanid Specify the VLAN ID vlanid_list Enter the VLAN ID here ipaddr Specify the group s IP address learned by data driven ...

Page 283: ...meters vlan Optional Specify the name of the VLAN for which you want to view the IGMP snooping configuration vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Optional Specify the ID of the VLAN for which you want to view the IGMP snooping configuration vlanid_list Enter the VLAN ID list here If the VLAN is not specified the system will display all current ...

Page 284: ...y Time 0 secs State Disabled Fast Leave Disabled Rate Limit No Limitation Report Suppression Enabled Version 3 Data Driven Learning State Enabled Data Driven Learning Aged Out Disabled Data Driven Group Expiry Time 260 Total Entries 1 DES 3200 28P admin 30 17 show igmp_snooping rate_limit Description This command is used to display the IGMP snooping rate limit setting Format show igmp_snooping rat...

Page 285: ...of the VLAN for which you want to view IGMP snooping group information If VLAN ports and IP address are not specified the system will display all current IGMP snooping group information vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Optional Specify the ID of the VLAN for which you want to view IGMP snooping group information vlanid_list Enter the VLAN I...

Page 286: ... Total Entries 3 DES 3200 28P admin DES 3200 28P admin show igmp_snooping group data_driven Command show igmp_snooping group data_driven Source Group NULL 225 0 0 5 VLAN Name VID default 1 Reports 0 Member Ports Router Ports 24 UP Time 3 days 50 mins Expiry Time 120 secs Filter Mode EXCLUDE Total Entries 1 DES 3200 28P admin To show IGMP snooping groups when only IGMP v2 is supported The third ite...

Page 287: ... Description This command is used to display the Switch s current IGMP snooping forwarding table It provides an easy way for users to check the list of ports that the multicast group that comes from a specific sources will be forwarded to The packet comes from the source VLAN They will be forwarded to the forwarding VLAN The IGMP snooping further restricts the forwarding ports Format show igmp_sno...

Page 288: ...0 0 Port Member 2 7 VLAN Name default Source IP Multicast Group 225 0 0 1 Port Member 2 5 VLAN Name default Source IP Multicast Group 225 0 0 2 Port Member 2 8 Total Entries 3 DES 3200 28P admin 30 20 show router_ports Description This command is used to display the currently configured router ports on the Switch Format show router_ports vlan vlan_name 32 vlanid vlanid_list all static dynamic forb...

Page 289: ...er_ports all VLAN Name default Static Router Port 1 10 Dynamic Router Port Router IP 10 0 0 1 10 0 0 2 10 0 0 3 Forbidden router port VLAN Name vlan2 Static router port Dynamic router port 13 Router IP 10 0 0 4 10 0 0 5 10 0 0 6 Forbidden router port Total Entries 2 DES 3200 28P admin 30 21 show igmp_snooping statistics counter Description This command is used to display the statistics counter for...

Page 290: ...67 Group Number 0 Receive Statistics Query IGMP v1 Query 0 IGMP v2 Query 0 IGMP v3 Query 0 Total 0 Dropped By Rate Limitation 0 Dropped By Multicast VLAN 0 Report Leave IGMP v1 Report 0 IGMP v2 Report 0 IGMP v3 Report 0 IGMP v2 Leave 0 Total 0 Dropped By Rate Limitation 0 Dropped By Max Group Limitation 0 Dropped By Group Filter 0 Dropped By Multicast VLAN 0 Transmit Statistics Query IGMP v1 Query...

Page 291: ...ry IGMP v1 Query 0 IGMP v2 Query 0 IGMP v3 Query 0 Total 0 Dropped By Rate Limitation 0 Dropped By Multicast VLAN 0 Report Leave IGMP v1 Report 0 IGMP v2 Report 0 IGMP v3 Report 0 IGMP v2 Leave 0 Total 0 Dropped By Rate Limitation 0 Dropped By Max Group Limitation 0 Dropped By Group Filter 0 Dropped By Multicast VLAN 0 Transmit Statistics Query IGMP v1 Query 0 IGMP v2 Query 0 IGMP v3 Query 0 Total...

Page 292: ...layed Restrictions None Example To display the IGMP Access Control status for ports 1 4 DES 3200 28P admin show igmp access_authentication ports 1 4 Command show igmp access_authentication ports 1 4 Port State 1 Enabled 2 Disabled 3 Disabled 4 Disabled DES 3200 28P admin To display the IGMP Access Control status for all ports DES 3200 28P admin show igmp access_authentication ports all Command sho...

Page 293: ... clear igmp_snooping statistics counter Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To clear the IGMP snooping statistics counter DES 3200 28P admin clear igmp_snooping statistic counter Command clear igmp_snooping statistic counter Success DES 3200 28P admin 30 24 config mld_snooping Description This command is used to configu...

Page 294: ...le the MLD snooping report suppression function disable Disable the MLD snooping report suppression function Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure MLD snooping DES 3200 28P admin config mld_snooping vlan_name default state enable Command config mld_snooping vlan_name default state enable Success DES 3200 28P admin 30 25 conf...

Page 295: ...tness variable query interval 0 5 query response interval Last listener query count Number of group specific queries sent before the router assumes there are no local listeners of a group The default number is the value of the robustness variable By default the robustness variable is set to 2 You might want to increase this value if you expect a subnet to be loosely last_listener_query_interval Op...

Page 296: ...the VLAN on which the router port resides vlanid_list Enter the VLAN ID list here add Specify to add the router ports delete Specify to delete the router ports portlist Specify a range of ports to be configured Restrictions Only Administrator Operator and Power User level users can issue this command Example To set up static router ports DES 3200 28P admin config mld_snooping mrouter_ports vlan de...

Page 297: ...den router port of the default VLAN DES 3200 28P admin config mld_snooping mrouter_ports_forbidden vlan default add 11 Command config mld_snooping mrouter_ports_forbidden vlan default add 11 Success DES 3200 28P admin 30 28 enable mld_snooping Description This command is used to enable MLD snooping on the Switch MLD snooping is disabled by default Format enable mld_snooping Parameters When the Swi...

Page 298: ...r will be a default member of this multicast group The multicast packet destined for this multicast group will be forwarded to all the members of this multicast group Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable MLD snooping on the Switch DES 3200 28P admin disable mld_snooping Command disable mld_snooping Success DES 3200 28P admin ...

Page 299: ...d_snooping Command show mld_snooping MLD Snooping Global State Enabled Data Driven Learning Max Entries 128 VLAN Name default Query Interval 125 Max Response Time 10 Robustness Value 2 Last Listener Query Interval 1 Querier State Enabled Querier Role Querier Querier IP FE80 201 2FF FE03 400 Querier Expiry Time 0 secs State Enabled Fast Done Disabled Rate Limit No Limitation Report Suppression Enab...

Page 300: ...nformation vlanid_list Enter the VLAN ID list here ports Optional Specify a list of ports for which you want to view MLD snooping group information portlist Enter the list of port here ipv6addr Optional Specify the group IPv6 address for which you want to view MLD snooping group information data_driven Optional Display the data driven groups Restrictions None Example To show an MLD snooping group ...

Page 301: ...ime 247 Filter Mode EXCLUDE Source Group NULL FE1E 2 VLAN Name VID default 1 Member Ports 4 5 UP Time 40 Expiry Time 205 Filter Mode EXCLUDE Source Group NULL FF1E 5 VLAN Name VID default 1 Member Ports Router Ports 24 UP Time 100 Expiry Time 200 Filter Mode EXCLUDE Total Entries 4 DES 3200 28P admin DES 3200 28P admin show mld_snooping group data_driven Command show mld_snooping group data_driven...

Page 302: ... for which you want to view MLD snooping forwarding table information vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Optional Specify the ID of the VLAN for which you want to view MLD snooping forwarding table information vlanid_list Enter the VLAN ID list here If no parameter is specified the system will display all current MLD snooping forwarding table...

Page 303: ...router ports that have been statically configured dynamic Optional Displays router ports that have been dynamically configured forbidden Optional Displays forbidden router ports that have been statically configured If no parameter is specified the system will display all currently configured router ports on the Switch Restrictions None Example To display the mld_snooping mrouter ports DES 3200 28P...

Page 304: ...N name here The VLAN name can be up to 32 characters long vlanid Specify the ID of the VLAN on which the static group resides vlanid_list Enter the VLAN ID list here ipv6addr Specify the multicast group IPv6 address Restrictions Only Administrator Operator and Power User level users can issue this command Example To create an MLD snooping static group for VLAN 1 group FF1E 1 DES 3200 28P admin cre...

Page 305: ...amic member port learned by MLD If this port is configured as a static member later then the MLD protocol will stop operating on this port The MLD protocol will resume once this port is removed from static member ports Format config mld_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipv6addr add delete portlist Parameters vlan Specify the name of the VLAN on which the static group resi...

Page 306: ...cters long vlanid Optional Specify the ID of the VLAN on which the static group resides vlanid_list Enter the VLAN ID list here ipv6addr Optional Specify the multicast group IPv6 address Restrictions None Example To display all the MLD snooping static groups DES 3200 28P admin show mld_snooping static_group VLAN ID Name IP Address Static Member Ports 1 Default FF1E 1 9 10 Total Entries 1 DES 3200 ...

Page 307: ...configured vlan_name Specify the VLAN name to be configured vlan_name Enter the VLAN name here vlanid Specify the VLAN ID to be configured vlanid_list Enter the VLAN ID list here state Optional Specify to enable or disable the data driven learning of MLD snooping groups By default the state is enabled enable Enter enable to enable the data driven learning state disable Enter disable to disable the...

Page 308: ...is 128 value 1 1024 Enter the maximum learned entry value here This value must be between 1 and 1024 Restrictions Only Administrator Operator and Power User level users can issue this command Example To set the maximum number of groups that can be learned by data driven DES 3200 28P admin config mld_snooping data_driven_learning max_learned_entry 50 Command config mld_snooping data_driven_learning...

Page 309: ...ta_driven_group all Command clear mld_snooping data_driven_group all Success DES 3200 28P admin 30 41 show mld_snooping statistic counter Description This command is used to display the statistics counter for MLD protocol packets that are received by the Switch since MLD snooping was enabled Format show mld_snooping statistic counter vlan vlan_name vlanid vlanid_list ports portlist Parameters vlan...

Page 310: ...ast VLAN 1 Report Leave MLD v1 Report 0 MLD v2 Report 10 MLD v1 Done 1 Total 11 Dropped By Rate Limitation 0 Dropped By Max Group Limitation 90 Dropped By Group Filter 0 Dropped By Multicast VLAN 1 Transmit Statistics Query MLD v1 Query 1 MLD v2 Query 1 Total 2 Report Leave MLD v1 Report 0 MLD v2 Report 10 MLD v1 Done 1 Total 11 Total Entries 1 DES 3200 28P admin 30 42 clear mld_snooping statistic...

Page 311: ...rameters ports Specify a range of ports to be configured portlist Enter the range of ports to be configured here vlanid Specify a range of VLANs to be configured vlanid_list Enter the VLAN ID list here value 1 1000 Configure the rate limit of MLD control packets that the Switch can process on a specific port or VLAN The rate is specified in packet per second The packets that exceed the limited rat...

Page 312: ...llowed by each port or VLAN Format show mld_snooping rate_limit ports portlist vlanid vlanid_list Parameters ports Specify a list of ports portlist Enter the range of ports to be configured here vlanid Specify a list of VLANs vlanid_list Enter the VLAN ID list here Restrictions None Example To display the MLD snooping rate limit from port 1 to 5 DES 3200 28P admin show mld_snooping rate_limit port...

Page 313: ...tlist enable address_binding dhcp_snoop disable address_binding dhcp_snoop clear address_binding dhcp_snoop binding_entry ports portlist all show address_binding dhcp_snoop max_entry ports portlist show address_binding dhcp_snoop binding_entry port port config address_binding dhcp_snoop max_entry ports portlist all limit value 1 50 no_limit enable address_binding trap_log disable address_binding t...

Page 314: ... a legal ARP or IP packets are detected loose In this mode all packets are forwarded by default until an illegal ARP or broadcast IP packets are detected If not specified strict or loose default is strict disable Disable ARP inspection function The default value is disabled ip_inspection Optional Specify that the IP inspection option will be configured enable Enable IP inspection function The lega...

Page 315: ...t be between 0 and 500 Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable IMPB on port 1 DES 3200 28P admin config address_binding ip_mac ports 1 arp_inspection strict Command config address_binding ip_mac ports 1 arp_inspection strict Success DES 3200 28P admin 31 3 delete address_binding blocked Description This command is used to delete ...

Page 316: ...ss Specify the learned IP address of the entry in the database ipaddr Enter the IP address used mac_address Specify the MAC address used for this configuration macaddr Enter the MAC address used Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a blocked address DES 3200 28P admin delete address_binding ip_mac ipaddress 10 1 1 1 mac_addres...

Page 317: ...inistrator Operator and Power User level users can issue this command Example To configure an IMPB entry DES 3200 28P admin config address_binding ip_mac ipaddress 10 1 1 1 mac_address 00 00 00 00 00 11 Command config address_binding ip_mac ipaddress 10 1 1 1 mac_address 00 00 00 00 00 11 Success DES 3200 28P admin 31 6 show address_binding Description This command is used to display the IMPB glob...

Page 318: ...orward 500 Normal 7 Disabled Disabled IPv4 Not Allow Forward 500 Normal 8 Disabled Disabled IPv4 Not Allow Forward 500 Normal 9 Disabled Disabled IPv4 Not Allow Forward 500 Normal 10 Disabled Disabled IPv4 Not Allow Forward 500 Normal 11 Disabled Disabled IPv4 Not Allow Forward 500 Normal 12 Disabled Disabled IPv4 Not Allow Forward 500 Normal 13 Disabled Disabled IPv4 Not Allow Forward 500 Normal ...

Page 319: ...ding blocked all Command show address_binding blocked all VID VLAN Name MAC Address Port 1 default 00 0C 6E AA B9 C0 1 Total Entries 1 DES 3200 28P admin 31 8 show address_binding ip_mac Description This command is used to display the IMPB entries Format show address_binding ip_mac all ipaddress ipaddr mac_address macaddr Parameters all Specify that all the IP addresses to be displayed ipaddress S...

Page 320: ... has expires the expired entry will be removed from the port The auto learned binding entry can be moved from one port to another port if the DHCP snooping function has learned that the MAC address has moved to a different port If a situation occurs where a binding entry learned by DHCP snooping conflicts with a statically configured entry The binding relation has conflicted For example if IP A is...

Page 321: ...DES 3200 28P admin 31 10 disable address_binding dhcp_snoop Description This command is used to disable DHCP snooping mode When the DHCP snooping function is disabled all of the auto learned binding entries will be removed Format disable address_binding dhcp_snoop Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable DHCP IPv4...

Page 322: ...nd Example To clear DHCP IPv4 snooping entries on ports 1 3 DES 3200 28P admin clear address_binding dhcp_snoop binding_entry ports 1 3 Command clear address_binding dhcp_snoop binding_entry ports 1 3 Success DES 3200 28P admin 31 12 show address_binding dhcp_snoop Description This command is used to display the DHCP snooping configuration and learning database Format show address_binding dhcp_sno...

Page 323: ...ding dhcp_snoop max_entry Port Max Entry 1 No Limit 2 No Limit 3 No Limit 4 No Limit 5 No Limit 6 No Limit 7 No Limit 8 No Limit 9 No Limit 10 No Limit 11 No Limit 12 No Limit 13 No Limit 14 No Limit 15 No Limit 16 No Limit 17 No Limit 18 No Limit 19 No Limit 20 No Limit CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 31 13 show address_binding dhcp_snoop binding_entry Description This ...

Page 324: ...ng dhcp_snoop max_entry Description This command is used to specify the maximum number of entries that can be learned by a specified port Format config address_binding dhcp_snoop max_entry ports portlist all limit value 1 50 no_limit Parameters ports Specify the list of ports you would like to set the maximum number of entries that can be learned portlist Enter the list of ports used here all Spec...

Page 325: ...binding trap_log Description This command is used to send traps and logs when the IMPB module detects an illegal IP and MAC address Format enable address_binding trap_log Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the IMPB traps and logs DES 3200 28P admin enable address_binding trap_log Command enable address_bindin...

Page 326: ...arning Description This command is used to recover IMPB checking Format config address_binding recover_learning ports portlist all Parameters ports Specify the list of ports that need to recover the IMPB check portlist Enter the list of port used here all Specify that all the ports will be used Restrictions Only Administrator Operator and Power User level users can issue this command Example To re...

Page 327: ...ebug messages state This parameter configures the IMPB debug state to be enabled or disabled enable Specify that the state will be enabled disable Specify that the state will be disabled Restrictions Only Administrator users can issue this command Example To print out all debug IMPB messages DES 3200 28P admin debug address_binding all state enable Command debug address_binding all state enable Su...

Page 328: ... Fast Ethernet Switch CLI Reference Guide 324 Example To stop IMPB debug starting when the IMPB module receives an ARP IP or DHCP packet DES 3200 28P admin no debug address_binding Command no debug address_binding Success DES 3200 28P admin ...

Page 329: ...bor_cache Description This command is used to add a static neighbor on an IPv6 interface Format create ipv6 neighbor_cache ipif ipif_name 12 ipv6addr macaddr Parameters ipif Specify the interface s name ipif_name 12 Enter the IP interface name here This name can be up to 12 characters long ipv6addr The address of the neighbor macaddr The MAC address of the neighbor Restrictions Only Administrator ...

Page 330: ...configuration ipv6addr The neighbor s address static Delete the static entry dynamic Delete those dynamic entries all All entries include static and dynamic entries will be deleted Restrictions Only Administrator Operator and Power User level users can issue this command Example Delete a neighbor cache entry on IP interface System DES 3200 28P admin delete ipv6 neighbor_cache ipif System 3ffc 1 Co...

Page 331: ...05 Port NA Interface System VID 1 Total Entries 1 DES 3200 28P admin 32 4 config ipv6 nd ns retrans_time Description This command is used to configure the IPv6 ND neighbor solicitation retransmit time which is between retransmissions of neighbor solicitation messages to a neighbor when resolving the address or when probing the reachability of a neighbor Format config ipv6 nd ns ipif ipif_name 12 r...

Page 332: ...ing neighbor detection on the Switch Format show ipv6 nd ipif ipif_name 12 Parameters ipif Optional The name of the interface ipif_name 12 Enter the IP interface name here This name can be up to 12 characters long If no IP interface is specified it will show the IPv6 ND related configuration of all interfaces Restrictions Only Administrator Operator and Power User level users can issue this comman...

Page 333: ...efault route ipif_name 12 Specify the interface for the route This name can be up to 12 characters long ipv6addr Specify the next hop address for this route ipv6addr Specify the next hop address for this route metric 1 65535 Optional Enter the metric value here The default setting is 1 This value must between 1 and 65535 Restrictions Only Administrator Operator and Power User level users can issue...

Page 334: ...ute ipv6addr Specify the next hop address for the default route all Specify that all static created routes will be deleted Restrictions Only Administrator Operator and Power User level users can issue this command Example Delete an IPv6 static route DES 3200 28P admin delete ipv6route default System 3FFC 1 Command delete ipv6route default System 3FFC 1 Success DES 3200 28P admin 33 3 show ipv6rout...

Page 335: ...2 Managed Fast Ethernet Switch CLI Reference Guide 331 DES 3200 28P admin show ipv6route Command show ipv6route IPv6 Prefix 0 Protocol Static Metric 1 Next Hop 3001 254 IPIF System Status Inactive Total Entries 1 DES 3200 28P admin ...

Page 336: ...bo frame setting as enable Format enable jumbo_frame Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable the Jumbo frame DES 3200 28P admin enable jumbo_frame Command enable jumbo_frame The maximum size of jumbo frame is 12288 bytes Success DES 3200 28P admin 34 2 disable jumbo_frame Description This command is used to configure the jum...

Page 337: ...200 28P admin disable jumbo_frame Command disable jumbo_frame Success DES 3200 28P admin 34 3 show jumbo_frame Description This command is used to display the current configuration of jumbo frame Format show jumbo_frame Parameters None Restrictions None Example To show the Jumbo frame DES 3200 28P admin show jumbo_frame Command show jumbo_frame Jumbo Frame State Disabled Maximum Frame Size 1536 By...

Page 338: ...ocol_tunnel uni nni 35 1 enable l2protocol_tunnel Description This command is used to enable the Layer 2 protocol tunneling function Format enable l2protocol_tunnel Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable the Layer 2 protocol tunneling function DES 3200 28P admin enable l2protocol_tunnel Command enable l2protocol_tunnel Succ...

Page 339: ...5D 00 00 00 for GVRP is 01 05 5D 00 00 21 for Layer 2 protocols MAC 01 00 0C CC CC CC is 01 05 5D 00 00 10 and for protocol MAC 01 00 0C CC CC CD is 01 05 5D 00 00 11 When QinQ is enabled an S TAG will be added to the Layer 2 PDU too The S TAG is assigned according QinQ VLAN configuration Format config l2protocol_tunnel ports portlist all type uni tunneled_protocol stp gvrp protocol_mac 01 00 0C C...

Page 340: ...l on it Restrictions Only Administrator and Operator level users can issue this command Example To configure the STP tunneling on ports 1 4 DES 3200 28P admin config l2protocol_tunnel ports 1 4 type uni tunneled_protocol stp Command config l2protocol_tunnel ports 1 4 type uni tunneled_protocol stp Success DES 3200 28P admin 35 4 show l2protocol_tunnel Description This command is used to display La...

Page 341: ...ommand show l2protocol_tunnel Global State Enabled UNI Ports 1 4 NNI Ports DES 3200 28P admin To show Layer 2 protocol tunneling information summary DES 3200 28P admin show l2protocol_tunnel uni Command show l2protocol_tunnel uni UNI Tunneled Threshold Port Protocol packet sec 1 STP 0 2 STP 0 3 STP 0 4 STP 0 DES 3200 28P admin ...

Page 342: ...acp_port portlist 36 1 create link_aggregation group_id Description This command is used to create a link aggregation group on the Switch Format create link_aggregation group_id value type lacp static Parameters value Enter the group ID value here type Optional Specify the group type is belong to static or LACP If type is not specified the default is static type lacp Specify to use LACP as the gro...

Page 343: ...ription This command is used to configure a previously created link aggregation group Format config link_aggregation group_id value master_port port ports portlist state enable disable Parameters group_id Specify the group id The group number identifies each of the groups value Enter the group ID value here This value must be between 1 and 32 master_port Optional Master port ID Specify which port ...

Page 344: ...ing load sharing data This feature is available using the address based load sharing algorithm only Format config link_aggregation algorithm mac_source mac_destination mac_source_dest ip_source ip_destination ip_source_dest Parameters mac_source Indicates that the Switch should examine the MAC source address mac_destination Indicates that the Switch should examine the MAC destination address mac_s...

Page 345: ...nal Specify the group id The group number identifies each of the groups value Enter the group ID value here algorithm Optional Allows you to specify the display of link aggregation by the algorithm in use by that group If no parameter specified system will display all link aggregation information Restrictions None Example Link aggregation group enable DES 3200 28P admin show link_aggregation Comma...

Page 346: ...min show link_aggregation Command show link_aggregation Link Aggregation Algorithm MAC Source Dest Group ID 1 Type LACP Master Port 5 Member Port 5 7 Active Port Status Disabled Flooding Port 7 Total Entries 1 DES 3200 28P admin 36 6 config lacp_port Description This command is used to configure per port LACP mode Format config lacp_port portlist mode active passive Parameters lacp_port Specify a ...

Page 347: ...p_port 1 12 mode active command config lacp_port 1 12 mode active Success DES 3200 28P admin 36 7 show lacp_port Description This command is used to display the current mode of LACP of the ports Format show lacp_port portlist Parameters lacp_port Specify a range of ports to be configured portlist Enter the list of ports used for this configuration here If no parameter specified the system will dis...

Page 348: ...st Ethernet Switch CLI Reference Guide 344 DES 3200 28P admin show lacp_port Command show lacp_port Port Activity 1 Active 2 Active 3 Active 4 Active 5 Active 6 Active 7 Active 8 Active 9 Active 10 Active 11 Active 12 Active DES 3200 28P admin ...

Page 349: ...le disable dot3_tlvs all mac_phy_configuration_status link_aggregation power_via_mdi maximum_frame_size enable disable config lldp forward_message enable disable show lldp show lldp mgt_addr ipv4 ipaddr ipv6 ipv6addr show lldp ports portlist show lldp local_ports portlist mode brief normal detailed show lldp remote_ports portlist mode brief normal detailed show lldp statistics show lldp statistics...

Page 350: ...ss DES 3200 28P admin 37 2 disable lldp Description This command is used to stop sending and receiving of LLDP advertisement packet Format disable lldp Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable LLDP DES 3200 28P admin disable lldp Command disable lldp Success DES 3200 28P admin 37 3 config lldp Description This com...

Page 351: ... default setting 2 seconds sec 1 8192 Enter the transmit delay value here This value must be between 1 and 8192 seconds reinit_delay Specify the the minimum time of reinitialization delay interval The default setting 2 seconds sec 1 10 Enter the re initiate delay value here This value must be between 1 and 10 seconds Restrictions Only Administrator Operator and Power User level users can issue thi...

Page 352: ... vlan all vlan_name 32 vlanid vidlist enable disable dot1_tlv_protocol_identity all eapol lacp gvrp stp enable disable dot3_tlvs all mac_phy_configuration_status link_aggregation power_via_mdi maximum_frame_size enable disable Parameters portlist Enter a list of ports used for the configuration here all Specify that all the ports will be used for this configuration notification Enables or disables...

Page 353: ...LV PVID option will be disabled dot1_tlv_protocol_vid This TLV optional data type determines whether the IEEE 802 1 organizationally defined port and protocol VLAN ID TLV transmission is allowed on a given LLDP transmission capable port The default state is disable vlan Specify the VLAN used for this configuration all Specify that all the configured VLANs will be used for this configuration vlan_n...

Page 354: ...uld transmit Link Aggregation TLV This type indicates the current link aggregation status of IEEE 802 3 MACs More precisely the information should include whether the port is capable of doing link aggregation whether the port is aggregated in a aggregated link and the aggregated port ID The default state is disabled power_via_mdi Optional This TLV optional data type indicates that LLDP agent shoul...

Page 355: ...rtisements for all ports DES 3200 28P admin config lldp ports all dot1_tlv_pvid enable Command config lldp ports all dot1_tlv_pvid enable Success DES 3200 28P admin To configure exclude the port and protocol VLAN ID TLV from the outbound LLDP advertisements for all ports DES 3200 28P admin config lldp ports all dot1_tlv_protocol_vid vlanid 1 3 enable Command config lldp ports all dot1_tlv_protocol...

Page 356: ...d config lldp ports all dot3_tlvs mac_phy_configuration_status enable Success DES 3200 28P admin 37 6 config lldp forward_ message Description This command is used to configure forwarding of LLDP PDU packet when LLDP is disabled Format config lldp forward_message enable disable Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To con...

Page 357: ...scription Fast Ethernet Switch System Capabilities Repeater Bridge LLDP Configurations LLDP Status Enabled LLDP Forward Status Enabled Message TX Interval 30 Message TX Hold Multiplier 4 ReInit Delay 2 TX Delay 2 Notification Interval 10 DES 3200 28P admin 37 8 show lldp mgt_addr Description This command is used to display the LLDP management address information Format show lldp mgt_addr ipv4 ipad...

Page 358: ...ldp mgt_addr ipv4 10 90 90 90 Address 1 Subtype IPv4 Address 10 90 90 90 IF Type IfIndex OID 1 3 6 1 4 1 171 10 113 8 1 Advertising Ports 1 2 5 DES 3200 28P admin 37 9 show lldp ports Description This command is used to display the LLDP per port configuration for advertisement options Format show lldp ports portlist Parameters portlist Optional Specify a range of ports to be displayed If the port ...

Page 359: ...atus Disabled Power Via MDI Disabled Link Aggregation Disabled Maximum Frame Size Disabled DES 3200 28P admin 37 10 show lldp local_ports Description This command is used to display the per port information currently available for populating outbound LLDP advertisements Format show lldp local_ports portlist mode brief normal detailed Parameters portlist Optional Specify a range of ports to be conf...

Page 360: ...w lldp local_ports 1 mode detailed Port ID 1 Port ID Subtype Local Port ID 1 Port Description D Link DES 3200 28P R4 00 020 P ort 1 Port PVID 1 Management Address Count 1 Subtype IPv4 Address 10 90 90 90 IF Type IfIndex OID 1 3 6 1 4 1 171 10 113 8 1 PPVID Entries Count 0 None VLAN Name Entries Count 1 Entry 1 VLAN ID 1 VLAN Name default Protocol Identity Entries Count 0 CTRL C ESC q Quit SPACE n ...

Page 361: ...ize 1536 DES 3200 28P admin To display outbound LLDP advertisements for port 1 in brief mode DES 3200 28P admin show lldp local_ports 1 mode brief Command show lldp local_ports 1 mode brief Port ID 1 Port ID Subtype Local Port ID 1 Port Description D Link DES 3200 28P R4 00 020 P ort 1 DES 3200 28P admin 37 11 show lldp remote_ports Description This command is used to display the information learn...

Page 362: ...the information in detailed mode Restrictions None Example To display remote table in brief mode DES 3200 28P admin show lldp remote_ports 3 mode brief Command show lldp remote_ports 3 mode brief Port ID 3 Remote Entities Count 1 Entity 1 Chassis ID Subtype MAC Address Chassis ID 00 12 13 04 05 00 Port ID Subtype MAC Address Port ID 00 12 13 04 05 03 Port Description D Link DES 3200 28P R4 00 020 ...

Page 363: ... 13 04 05 00 Port ID Subtype MAC Address Port ID 00 12 13 04 05 03 Port Description D Link DES 3200 28P R4 00 020 Po rt 3 System Name System Description Fast Ethernet Switch System Capabilities Repeater Bridge Management Address Count 1 Port PVID 1 PPVID Entries Count 0 VLAN Name Entries Count 0 Protocol ID Entries Count 0 MAC PHY Configuration Status See Detail Power Via MDI None Link Aggregation...

Page 364: ... System Capabilities Repeater Bridge Management Address Count 1 Entry 1 Subtype IPv4 Address 10 90 90 90 IF Type IfIndex OID 1 3 6 1 4 1 171 10 113 9 1 Port PVID 1 PPVID Entries Count 0 None VLAN Name Entries Count 0 None Protocol ID Entries Count 0 None MAC PHY Configuration Status Auto Negotiation Support Supported Auto Negotiation Status Enabled Auto Negotiation Advertised Capability 6c00 hex A...

Page 365: ...ion DES 3200 28P admin show lldp statistics Command show lldp statistics Last Change Time 1792 Number of Table Insert 0 Number of Table Delete 0 Number of Table Drop 0 Number of Table Ageout 0 DES 3200 28P admin 37 13 show lldp statistics ports Description This command is used to display per port LLDP statistics Format show lldp statistics ports portlist Parameters portlist Optional Specify a rang...

Page 366: ...3200 28P admin show lldp statistics ports 1 Command show lldp statistics ports 1 Port ID 1 LLDPStatsTXPortFramesTotal 23 LLDPStatsRXPortFramesDiscardedTotal 0 LLDPStatsRXPortFramesErrors 0 LLDPStatsRXPortFramesTotal 0 LLDPStatsRXPortTLVsDiscardedTotal 0 LLDPStatsRXPortTLVsUnrecognizedTotal 0 LLDPStatsRXPortAgeoutsTotal 0 DES 3200 28P admin ...

Page 367: ...nism is disabled a user would need to manually recover a disabled port The default value for the recover timer is 60 seconds value 0 0 is a special value that specifies that the auto recovery mechanism should be disabled When the auto recovery mechanism is disabled a user would need to manually recover a disabled port sec 60 1000000 Enter the recovery timer value here This value must be between 60...

Page 368: ...Parameters ports Specify the range of ports that LBD will be configured on portlist Enter a list of ports all To set all ports in the system you may use the all parameter state Specify whether the LBD function should be enabled or disabled on the ports specified in the port list The default state is disabled enable Specify to enable the LBD function disable Specify to disable the LBD function Rest...

Page 369: ...xample To enable the LBD function globally DES 3200 28P admin enable loopdetect Command enable loopdetect Success DES 3200 28P admin 38 4 disable loopdetect Description This command is used to disable the LBD function globally on the Switch Format disable loopdetect Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the LBD...

Page 370: ...oopdetect Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To show the LBD global settings DES 3200 28P admin show loopdetect Command show loopdetect LBD Global Settings Status Disabled Mode Port based Interval 10 sec Recover Time 60 sec Trap State None Log State Enabled DES 3200 28P admin 38 6 show loopdetect ports Description This command is...

Page 371: ...Normal 2 Enabled Normal 3 Enabled Normal 4 Enabled Normal 5 Enabled Loop 6 Enabled Normal 7 Enabled Loop 8 Enabled Normal 9 Enabled Normal DES 3200 28P admin 38 7 config loopdetect trap Description This command is used to configure the trap modes for LBD Format config loopdetect trap none loop_detected loop_cleared both Parameters none There is no trap in the LBD function loop_detected Trap will o...

Page 372: ...sed to configure the log state for LBD The default value is enabled Format config loopdetect log state enable disable Parameters state Specify the state of the LBD log feature enable Enable the LBD log feature disable Disable the LBD log feature All LBD related logs will not be recorded Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the...

Page 373: ...39 1 enable mac_notification Description This command is used to enable global MAC address table notification on the Switch Format enable mac_notification Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable mac_notification function DES 3200 28P admin enable mac_notification Command enable mac_notification Success DES 3200 28...

Page 374: ... historysize int 1 500 Parameters interval Optional The time in seconds between notifications sec 1 2147483647 Enter the interval time here This value must be between 1 and 2147483647 seconds historysize Optional This is maximum number of entries listed in the history log used for notification Up to 500 entries can be specified int 1 500 Enter the history log size here This value must be between 1...

Page 375: ... this configuration enable Enable the port s MAC address table notification disable Disable the port s MAC address table notification Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable 7th port s mac address table notification DES 3200 28P admin config mac_notification ports 7 enable Command config mac_notification ports 7 enable Success DE...

Page 376: ...AC Notification Settings State Disabled Interval 1 History Size 1 DES 3200 28P admin 39 6 show mac_notification ports Description This command is used to display the port s Mac address table notification status settings Format show mac_notification ports portlist Parameters portlist Optional Enter a list of ports used for the configuration here Restrictions None Example To display all port s Mac a...

Page 377: ...tification ports Port MAC Address Table Notification State 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled 9 Disabled 10 Disabled 11 Disabled 12 Disabled 13 Disabled 14 Disabled 15 Disabled 16 Disabled 17 Disabled 18 Disabled 19 Disabled 20 Disabled CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh ...

Page 378: ...te mac_based_access_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 config mac_based_access_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 clear_vlan delete mac_based_access_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 config mac_based_access_control authorization attributes radius enable disable local enable disable 1 show mac_based_access_co...

Page 379: ...Access Control Format disable mac_based_access_control Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the MAC based Access Control global state DES 3200 28P admin disable mac_based_access_control Command disable mac_based_access_control Success DES 3200 28P admin 40 3 config mac_based_access_control password Description...

Page 380: ... Command config mac_based_access_control password switch Success DES 3200 28P admin 40 4 config mac_based_access_control method Description This command is used to configure the MAC based Access Control authentication method Format config mac_based_access_control method local radius Parameters local Specify to authenticate via the local database radius Specify to authenticate via a RADIUS server R...

Page 381: ...the MAC based Access Control guest VLAN membership DES 3200 28P admin config mac_based_access_control guest_vlan ports 1 8 Command config mac_based_access_control guest_vlan ports 1 8 Success DES 3200 28P admin 40 6 config mac_based_access_control ports Description This command is used to configure MAC based Access Control port s setting When the MAC based Access Control function is enabled for a ...

Page 382: ...based Access Control function is enabled or disabled enable Specify that the port s MAC based Access Control states will be enabled disable Specify that the port s MAC based Access Control states will be disabled mode Optional Specify the MAC based access control port mode used port_based Specify that the MAC based access control port mode will be set to port based host_based Specify that the MAC ...

Page 383: ...control ports 1 8 aging_time infinite block_time 120 Command config mac_based_access_control ports 1 8 aging_time infinite block_time 120 Success DES 3200 28P admin 40 7 create mac_based_access_control Description This command is used to assign a static 802 1Q VLAN as a MAC based Access Control guest VLAN Format create mac_based_access_control guest_vlan vlan_name 32 guest_vlanid vlanid 1 4094 Par...

Page 384: ...2 Enter the VLAN name here This name can be up to 32 characters long guest_vlanid Specify the VID of the MAC based Access Control s guest VLAN vlanid 1 4094 Enter the VLAN ID here This value must be between 1 and 4094 Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete the MAC based Access Control guest VLAN called default DES 3200 28P admin...

Page 385: ...nformation for all ports DES 3200 28P admin clear mac_based_access_control auth_state ports all Command clear mac_based_access_control auth_state ports all Success DES 3200 28P admin To delete the MAC based Access Control authentication information for the host that has a MAC address of 00 00 00 47 04 65 DES 3200 28P admin clear mac_based_access_control auth_state mac_addr 00 00 00 47 04 65 Comman...

Page 386: ...the host will be assigned to the default VLAN after the host has been authorized DES 3200 28P admin create mac_based_access_control_local mac 00 00 00 00 00 01 vlan default Command create mac_based_access_control_local mac 00 00 00 00 00 01 vlan default Success DES 3200 28P admin 40 11 config mac_based_access_control_local Description This command is used to configure a MAC based Access Control lo...

Page 387: ...e mac_based_access_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 Parameters mac Delete local database entry by specific MAC address macaddr Enter the MAC address used here vlan Delete local database entries by specific target VLAN name vlan_name 32 Enter the VLAN name here This name can be up to 32 characters long vlanid Delete local database entries by specific target VLAN ID v...

Page 388: ...s_control authorization attributes radius enable disable local enable disable 1 Parameters radius Optional If specified to enable the authorized attributes for example VLAN 802 1p default priority and ACL assigned by the RADUIS server will be accepted if the global authorization status is enabled The default state is enabled enable Specify that the radius attributes will be enabled disable Specify...

Page 389: ... None Example To show the MAC based Access Control port configuration for ports 1 to 4 DES 3200 28P admin show mac_based_access_control ports 1 4 Command show mac_based_access_control ports 1 4 Port State Aging Time Block Time Auth Mode Max User min sec 1 Disabled 1440 300 Host based 128 2 Disabled 1440 300 Host based 128 3 Disabled 1440 300 Host based 128 4 Disabled 1440 300 Host based 128 DES 32...

Page 390: ...C based Access Control local database for the VLAN called default DES 3200 28P admin show mac_based_access_control_local vlan default Command show mac_based_access_control_local vlan default MAC Address VID 00 00 00 00 00 01 1 00 00 00 00 00 04 1 Total Entries 2 DES 3200 28P admin 40 16 show mac_based_access_control auth_state Description This command is used to display the MAC based Access Contro...

Page 391: ...ts Format config mac_based_access_control max_users value 1 1000 no_limit Parameters max_users Specify to set the maximum number of authorized clients on the whole device value 1 1000 Enter the maximum users here This value must be between 1 and 1000 no_limit Specify to not limit the maximum number of users on the system By default there is no limit on the number of users Restrictions Only Adminis...

Page 392: ...ser level users can issue this command Example To enable trap state of MAC based Access Control DES 3200 28P admin config mac_based_access_control trap state enable Command config mac_based_access_control trap state enable Success DES 3200 28P admin 40 19 config mac_based_access_control log state Description This command is used to enable or disable generating of MAC based Access Control logs Form...

Page 393: ...hernet Switch CLI Reference Guide 389 Example To disable log state of MAC based Access Control DES 3200 28P admin config mac_based_access_control log state disable Command config mac_based_access_control log state disable Success DES 3200 28P admin ...

Page 394: ...e maximum entries supported for the static MAC based entry Format create mac_based_vlan mac_address macaddr vlan vlan_name 32 vlanid vlanid 1 4094 Parameters mac_address Specify the MAC address used macaddr Enter the MAC address here vlan The VLAN to be associated with the MAC address vlan_name 32 Enter the VLAN name here This name can be up to 32 characters long vlanid Specify the VLAN by VLAN ID...

Page 395: ...een 1 and 4094 If no parameter is specified ALL static configured entries will be removed Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a static MAC based VLAN entry DES 3200 28P admin delete mac_based_vlan mac_address 00 11 22 33 44 55 vlanid 100 Command delete mac_based_vlan mac_address 00 11 22 33 44 55 vlanid 100 Success DES 3200 2...

Page 396: ...nd 4094 Restrictions None Example In the following example MAC address 00 80 c2 33 c3 45 is assigned to VLAN 300 by manual config It is assigned to VLAN 400 by Voice VLAN Since Voice VLAN has higher priority than manual configuration the manual configured entry will become inactive To display the MAC based VLAN entry DES 3200 28P admin show mac_based_vlan MAC Address VLAN ID Status Type 00 80 e0 1...

Page 397: ... Format config mirror port port add delete source ports portlist rx tx both Parameters port The port that will receive the packets duplicated at the mirror port port Enter the port number to be configured here add Optional The mirror entry to be added delete Optional The mirror entry to be deleted source ports Optional The port that will be mirrored All packets entering and leaving the source port...

Page 398: ...e Restrictions Only Administrator and Operator level users can issue this command Example To enable mirroring function DES 3200 28P admin enable mirror Command enable mirror Success DES 3200 28P admin 42 3 disable mirror Description This command is used to disable mirror function without having to modify the mirror session configuration Format disable mirror Parameters None Restrictions Only Admin...

Page 399: ...8P admin 42 4 show mirror Description This command is used to display the current mirror function state and mirror session configuration on the Switch Format show mirror Parameters None Restrictions None Example To display mirroring configuration DES 3200 28P admin show mirror Command show mirror Current Settings Mirror Status Enabled Target Port 3 Mirrored Port RX 7 12 TX 7 12 DES 3200 28P admin ...

Page 400: ...e_machine all state disable brief detail Parameters portlist Specify the STP port range to debug all Specify to debug all ports on the Switch event Debug the external operation and event processing bpdu Debug the BPDU s that have been received and transmitted state_machine Debug the state change of the STP state machine all Debug all of the above state Specify the state of the debug mechanism disa...

Page 401: ...local device Spanning Tree Debug Information Port Status In Hardware Table Instance 0 Port 1 FOR Port 2 FOR Port 3 FOR Port 4 FOR Port 5 FOR Port 6 FOR Port 7 FOR Port 8 FOR Port 9 FOR Port 10 FOR Port 11 FOR Port 12 FOR Port 13 FOR Port 14 FOR Port 15 FOR Port 16 FOR Port 17 FOR Port 18 FOR Port 19 FOR Port 20 FOR Port 21 FOR Port 22 FOR Port 23 FOR Port 24 FOR Port 25 FOR Port 26 FOR Port 27 FOR...

Page 402: ...ebug stp show flag DES 3200 28P admin debug stp show flag Command debug stp show flag Global State Disabled Port Index Event Flag BPDU Flag State Machine Flag 1 Disabled Disabled Disabled 2 Disabled Disabled Disabled 3 Disabled Disabled Disabled 4 Disabled Disabled Disabled 5 Disabled Disabled Disabled 5 Disabled Disabled Disabled 7 Disabled Disabled Disabled 8 Disabled Disabled Disabled 9 Disable...

Page 403: ...sabled DES 3200 28P admin 43 4 debug stp show counter Description This command is used to display the STP counters Format debug stp show counter ports portlist all Parameters ports Optional Specify the STP ports for display portlist Enter the list of port used for this configuration here all Display all port s counters If no parameter is specified display the global counters Restrictions Only Admi...

Page 404: ...0 Port STP Disabled 0 Invalid packet Format 0 Invalid Protocol 0 Configuration BPDU Length 0 TCN BPDU Length 0 RST BPDU Length 0 Invalid Type 0 Invalid Timers 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 43 5 debug stp clear counter Description This command is used to clear the STP counters Format debug stp clear counter ports portlist all Parameters ports Optional Specify the p...

Page 405: ...state Format debug stp state enable disable Parameters state Specify the STP debug state enable Enable the STP debug state disable Disable the STP debug state Restrictions Only Administrator level users can issue this command Example To configure the STP debug state to enable and then disable the STP debug state DES 3200 28P admin debug stp state enable Command debug stp state enable Success DES 3...

Page 406: ...ist vlanid vlanid_list ipv4 ipv6 show limited_multicast_addr ports portlist vlanid vlanid_list ipv4 ipv6 config cpu_filter l3_control_pkt portlist dvmrp pim igmp_query ospf rip vrrp all state enable disable show cpu_filter l3_control_pkt ports portlist 44 1 create mcast_filter_profile Description This command is used to configure a multicast address profile Multiple ranges of multicast addresses c...

Page 407: ...can be up to 32 characters long profile_name Optional Provides a meaningful description for the profile name 1 32 Enter the profile name here The profile name can be up to 32 characters long add Optional Specify to add a multicast address delete Optional Specify to delete a multicast address mcast_address_list Optional List of the multicast addresses to be put in the profile You can either specify...

Page 408: ...ists the IPv6 multicast addresses to put in the profile You can either specify a single IPv6 multicast IP address or a range of IPv6 multicast addresses connected by Restrictions Only Administrator Operator and Power User level users can issue this command Example To add the IPv6 multicast address range FFF0E 100 0 0 20 FFF0E 100 0 0 22 to profile ID 3 DES 3200 28P admin config mcast_filter_profil...

Page 409: ...multicast address profile called MOD DES 3200 28P admin delete mcast_filter_profile profile_name MOD Command delete mcast_filter_profile profile_name MOD Total entries 2 DES 3200 28P admin 44 5 show mcast_filter_profile Description This command is used to display the defined multicast address profiles If the IPv4 or IPv6 option is not specified IPv4 is implied Format show mcast_filter_profile ipv4...

Page 410: ...d_list ipv4 ipv6 add delete profile_id value 1 24 profile_name name 1 32 access permit deny Parameters ports Specify the range of ports to configure the multicast address filtering function portslist Enter the list of port to be configured here vlanid Specify the VLAN ID of the VLAN that the multicast address filtering function will be configured on vlanid_list Enter the VLAN ID list here ipv4 Opt...

Page 411: ...x_group value 1 1024 infinite action drop replace 1 Parameters ports Specify the range of ports to configure the max_mcast_group portlist Enter the list of ports to be configured here vlanid Specify the VLAN ID to configure max_mcast_group vlanid_list Enter the VLAN ID list here ipv4 Optional Specify that the maximum number of IPv4 learned addresses should be limited ipv6 Optional Specify that the...

Page 412: ...4 ipv6 Parameters ports Specify the range of ports for displaying information about the maximum number of multicast groups that the specified ports can join portlist Enter the list of ports to be configured here vlanid Specify the VLAN ID for displaying the maximum number of multicast groups vlanid_list Enter the VLAN ID list here ipv4 Optional Specify to display the maximum number of IPv4 learned...

Page 413: ... is configured on a VLAN it limits the multicast groups operated by the IGMP or MLD layer 3 functions If the IPv4 or IPv6 option is not specified IPv4 is implied Format show limited_multicast_addr ports portlist vlanid vlanid_list ipv4 ipv6 Parameters ports Specify the range of ports that require information displaying about the multicast address filtering function portlist Enter the list of port ...

Page 414: ... 1 DES 3200 28P admin show limited_multicast_addr vlan 1 Command show limited_multicast_addr vlan 1 VLAN ID 1 Access Deny Profile ID Name Multicast Addresses 1 customer 224 19 62 34 224 19 162 200 Success DES 3200 28P admin 44 10 config cpu_filter l3_control_pkt Description This command is used to configure the port state for the Layer 3 control packet filter Format config cpu_filter l3_control_pk...

Page 415: ...the filtering function Restrictions Only Administrator Operator and Power User level users can issue this command Example To filter the DVMRP control packets on ports 1 to 2 DES 3200 28P admin config cpu_filter l3_control_pkt 1 2 dvmrp state enable Command config cpu_filter l3_control_pkt 1 2 dvmrp state enable Success DES 3200 28P admin 44 11 show cpu_filter l3_control_pkt ports Description This ...

Page 416: ...12 DES 3200 28P admin show cpu_filter l3_control_pkt ports 1 2 Command show cpu_filter l3_control_pkt ports 1 2 Port IGMP Query DVMRP PIM OSPF RIP VRRP 1 Disabled Enabled Disabled Disabled Disabled Disabl ed 2 Disabled Enabled Disabled Disabled Disabled Disabl ed DES 3200 28P admin ...

Page 417: ...lan_group vlan_name 32 delete igmp_snooping multicast_vlan vlan_name 32 enable igmp_snooping multicast_vlan disable igmp_snooping multicast_vlan config igmp_snooping multicast_vlan forward_unmatched enable disable show igmp_snooping multicast_vlan vlan_name 32 45 1 create igmp_snooping multicast_vlan Description This command is used to create a multicast VLAN and implements relevant parameters as ...

Page 418: ...his command is used to add member ports and source ports to a list of multicast VLAN member ports Member ports automatically become untagged members of the multicast VLAN and source ports automatically become tagged members of the multicast VLAN However member ports of one multicast VLAN are allowed to overlap with member ports on a different multicast VLAN A multicast VLAN must first be created u...

Page 419: ...l not be replaced ipaddr Enter the replace source IP address here remap_priority The remap priority value to be associated with the data traffic to be forwarded on the multicast VLAN If none is specified the packet s original priority is used The default setting is none value 0 7 Enter the remap priority value here This value must be between 0 and 7 none Specify that the remap priority value will ...

Page 420: ...lticast VLAN profile name The maximum length is 32 characters profile_name 1 32 Enter the multicast VLAN group name here This name can be up to 32 characters long add Adds a multicast address list to or from this multicast VLAN profile The mcast_address_list can be a continuous single multicast address such as 225 1 1 1 225 1 1 3 225 1 1 8 a multicast address range such as 225 1 1 1 225 2 2 2 or b...

Page 421: ...e_name profile_name 1 32 all Parameters profile_name Specify the multicast VLAN profile name profile_name 1 32 Enter the multicast VLAN profile name here This name can be up to 32 characters long all Specify to delete all the multicast VLAN profiles Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete an IGMP snooping multicast group profile ...

Page 422: ...gure the multicast group learned with the specific multicast VLAN The following two cases can be considered for examples Case 1 The multicast group is not configured multicast VLANs do not have any member ports overlapping and the join packet received by the member port is learned on only the multicast VLAN that this port is a member of Case 2 The join packet is learned with the multicast VLAN tha...

Page 423: ...er User level users can issue this command Example To add an IGMP snooping profile to a multicast VLAN group with the name v1 DES 3200 28P admin config igmp_snooping multicast_vlan_group v1 add profile_name channel_1 Command config igmp_snooping multicast_vlan_group v1 add profile_name channel_1 Success DES 3200 28P admin 45 8 show igmp_snooping multicast_vlan_group Description This command is use...

Page 424: ...n vlan_name 32 Parameters multicast_vlan The name of the multicast VLAN to be deleted vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete an IGMP snooping multicast VLAN called v1 DES 3200 28P admin delete igmp_snooping multicast_vlan v1 Command delete igmp_s...

Page 425: ...5 11 disable igmp_snooping multicast_vlan Description This command is used to disable the IGMP multicast VLAN function The command disable igmp_snooping is used to disable the ordinary IGMP snooping function By default the multicast VLAN is disabled Format disable igmp_snooping multicast_vlan Parameters None Restrictions Only Administrator level users can issue this command Example To disable the ...

Page 426: ...t_vlan forward_unmatched enable disable Parameters enable The packet will be flooded on the VLAN disable The packet will be dropped Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the forwarding mode for multicast VLAN unmatched packets DES 3200 28P admin config igmp_snooping multicast_vlan forward_unmatched enable Command config igmp...

Page 427: ... igmp_snooping multicast_vlan Command show igmp_snooping multicast_vlan IGMP Multicast VLAN Global State Disabled IGMP Multicast VLAN Forward Unmatched Disabled VLAN Name test VID 100 Member Untagged Ports 1 Tagged Member Ports Source Ports 3 Untagged Source Ports Status Disabled Replace Source IP 0 0 0 0 Remap Priority None Total Entries 1 DES 3200 28P admin ...

Page 428: ...ring show stp mst_config_id config stp mst_ports portlist instance_id value 0 7 internalCost auto value 1 200000000 priority value 0 240 config stp ports portlist externalCost auto value 1 200000000 hellotime value 1 2 migrate yes no edge true false auto p2p true false auto state enable disable restricted_role true false restricted_tcn true false fbpdu enable disable show stp ports portlist config...

Page 429: ...r and Power User level users can issue this command Example To disable STP DES 3200 28P admin disable stp Command disable stp Success DES 3200 28P admin 46 3 config stp Description This command is used to configure the bridge parameters global settings Format config stp maxage value 6 40 maxhops value 6 40 hellotime value 1 2 forwarddelay value 4 30 txholdcount value 1 10 fbpdu enable disable nni_...

Page 430: ...l value 1 10 Enter the transmitted BPDU restriction value here This value must be between 1 and 10 fbpdu Optional To decide if the bridge will flood STP BPDU when STP functionality is disabled enable Specify that the bridge will flood STP BPDU when STP functionality is disabled disable Specify that the bridge will not flood STP BPDU when STP functionality is disabled nni_bpdu_addr Optional Used to...

Page 431: ...Disabled NNI BPDU Address dot1d DES 3200 28P admin 46 5 create stp instance_id Description This command is used to create an MST Instance without mapping the corresponding VLANs Format create stp instance_id value 1 7 Parameters instance_id Specify the MSTP instance ID Instance 0 represents for default instance CIST value 1 7 Enter the MSTP instance ID here This value must be between 1 and 7 Restr...

Page 432: ...e 1 7 Enter the MSTP instance ID here This value must be between 1 and 7 add_vlan Specify to map the specified VLAN list to an existing MST instance remove_vlan Specify to delete the specified VLAN list from an existing MST instance vidlist Specify a list of VLANs by VLAN ID Restrictions Only Administrator Operator and Power User level users can issue this command Example To map a VLAN ID to an MS...

Page 433: ... DES 3200 28P admin delete stp instance_id 2 Command delete stp instance_id 2 Success DES 3200 28P admin 46 8 config stp mst_config_id Description This command is used to change the name or the revision level of the MST configuration identification Format config stp mst_config_id revision_level int 0 65535 name string Parameters name Optional Specify the name given for a specific MST region string...

Page 434: ... admin 46 9 show stp mst_config_id Description This command is used to show the MST configuration identification Format show stp mst_config_id Parameters None Restrictions None Example show STP MST configuration ID DES 3200 28P admin show stp mst_config_id Command show stp mst_config_id Current MST Configuration Identification Configuration Name 00 22 22 22 22 00 Revision Level 0 MSTI ID Vid list ...

Page 435: ...ons Only Administrator Operator and Power User level users can issue this command Example To configure STP MST ports DES 3200 28P admin config stp mst_ports 1 instance_id 0 internalCost auto Command config stp mst_ports 1 instance_id 0 internalCost auto Success DES 3200 28P admin 46 11 config stp ports Description This command is used to configure all the parameters of ports except for Internal Pa...

Page 436: ...on the port s is enabled disable Specify that STP functionality on the port s is disabled restricted_role Optional To decide if this port not to be selected as Root Port The default value is false true Specify that the port can be specified as the root port false Specify that the port can not be specified as the root port restricted_tcn Optional To decide if this port not to propagate topology cha...

Page 437: ... 28P admin show stp ports Command show stp ports MSTP Port Information Port Index 1 Hello Time 2 2 Port STP Enabled External PathCost Auto 200000 Edge Port Auto No P2P Auto Yes Port RestrictedRole False Port RestrictedTCN False Port Forward BPDU Disabled MSTI Designated Bridge Internal PathCost Prio Status Role 0 N A 200000 128 Forwarding NonStp CTRL C ESC q Quit SPACE n Next Page p Previous Page ...

Page 438: ...ommand Example To configure the STP instance ID DES 3200 28P admin config stp priority 61440 instance_id 0 Command config stp priority 61440 instance_id 0 Success DES 3200 28P admin 46 14 config stp version Description This command is used to enable STP globally Format config stp version mstp rstp stp Parameters version To decide to run under which version of STP mstp Multiple Spanning Tree Protoc...

Page 439: ... current value Success DES 3200 28P admin 46 15 show stp instance Description This command is used to display each instance parameters settings Value means the instance ID if there is no input of this value all instance will be shown Format show stp instance value 0 7 Parameters instance Specify the MSTP instance ID value 0 7 Optional Enter the MSTP instance ID value here This value must be betwee...

Page 440: ...e Status Enabled Instance Priority 32768 bridge priority 32768 sys ID ext 0 STP Instance Operational Status Designated Root Bridge 32768 00 22 22 22 22 00 External Root Cost 0 Regional Root Bridge 32768 00 22 22 22 22 00 Internal Root Cost 0 Designated Bridge 32768 00 22 22 22 22 00 Root Port None Max Age 20 Forward Delay 15 Last Topology Change 2430 Topology Changes Count 0 DES 3200 28P admin ...

Page 441: ...l servers but will only be processed by one of them The server can work in two different modes unicast mode and multicast mode In unicast mode the client use unicast MAC address as the destination MAC to reach the server In multicast mode the client use the multicast MAC address as the destination MAC to reach the server Regarding of the mode this destination Mac is the named the shared MAC The se...

Page 442: ...ded or removed Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure NLB unicast FDB entry for the product that support the VLAN information on the unicast forwarding DES 3200 28P admin config nlb unicast_fdb 02 bf 01 01 01 01 add 1 5 Command config nlb unicast_fdb 02 BF 01 01 01 01 add 1 5 Success DES 3200 28P admin 47 3 delete nlb unicast...

Page 443: ...ate nlb multicast_fdb vlan_name 32 vlanid vlanid macaddr Parameters vlan_name 32 Enter the VLAN name here The VLAN name can be up to 32 characters long vlanid Specify the VLAN by the VLAN ID vlanid Enter the VLAN ID here macaddr Specify the MAC address of the NLB multicast FDB entry to be created Restrictions Only Administrator Operator and Power User level users can issue this command Example To ...

Page 444: ...ly Administrator Operator and Power User level users can issue this command Example To configure NLB multicast MAC forwarding database DES 3200 28P admin config nlb multicast_fdb default 03 bf 01 01 01 01 add 1 5 Command config nlb multicast_fdb default 03 bf 01 01 01 01 add 1 5 Success DES 3200 28P admin 47 6 delete nlb multicast_fdb Description This command is used to delete the NLB multicast FD...

Page 445: ...d delete nlb multicast_fdb default 03 bf 01 01 01 01 Success DES 3200 28P admin 47 7 show nlb fdb Description This command is used to show the NLB Configured entry Format show nlb fdb Parameters None Restrictions None Example To display the NLB forwarding table DES 3200 28P admin show nlb fdb Command show nlb fdb MAC Address VLAN ID Egress Ports 02 BF 01 01 01 01 1 5 Total Entries 1 DES 3200 28P a...

Page 446: ...tilization cpu ports show utilization dram show utilization flash clear counters ports portlist 48 1 show packet ports Description This command is used to display statistics about the packets sent and received by the Switch Format show packet ports portlist Parameters portlist Specify a range of ports to be displayed Restrictions None Example To display the packets analysis for port 7 ...

Page 447: ...4 1518 0 0 Unicast RX 0 0 Multicast RX 0 0 Broadcast RX 0 0 Frame Type Total Total sec RX Bytes 0 0 RX Frames 0 0 TX Bytes 0 0 TX Frames 0 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 48 2 show error ports Description This command is used to display the error statistics for a range of ports Format show errors ports portlist Parameters portlist Specify a range of ports to be disp...

Page 448: ...Fragment 0 Excessive Collision 0 Jabber 0 Single Collision 0 Drop Pkts 0 Collision 0 Symbol Error 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 48 3 show utilization Description This command is used to display real time CPU or port utilization statistics Format show utilization cpu ports Parameters cpu Specify to display information regarding the CPU ports Specify all ports to be...

Page 449: ...RX sec Util Port TX sec RX sec Util 1 0 0 0 21 0 0 0 2 0 0 0 22 0 0 0 3 0 0 0 23 0 0 0 4 0 0 0 24 0 0 0 5 0 0 0 25 0 0 0 6 0 0 0 26 0 0 0 7 0 0 0 27 0 0 0 8 0 0 0 28 0 0 0 9 0 0 0 10 0 0 0 11 0 0 0 12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0 16 0 0 0 17 0 0 0 18 0 0 0 19 0 0 0 20 0 0 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh To display the CPU utilization ...

Page 450: ...how utilization cpu CPU Utilization Five seconds 10 One minute 10 Five minutes 10 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 48 4 show utilization dram Description This command is used to show DRAM memory utilization Format show utilization dram Parameters None Restrictions None Example To display DRAM utilization ...

Page 451: ...w utilization flash Description This command is used to show the flash memory utilization Format show utilization flash Parameters None Restrictions None Example To display FLASH utilization DES 3200 52P admin show utilization flash Command show utilization flash Flash Memory Utilization Total Flash 29618 KB Used Flash 5553 KB Utilization 18 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Re...

Page 452: ...witch number and the highest port number of the range also separeted by a colon are specified The beginning and end of the port list range are seperated by a dash portlist Enter a list of ports used for the configuration here If no parameter is specified system will display counters of all the ports Restrictions Only Administrator and Operator level users can issue this command Example To clear th...

Page 453: ...If a port s is active it initiates the discovery Otherwise it reacts to the discovery received from peer Disabling a port s OAM will cause the port to send out a dying gasp event to peers and then disconnect the established OAM link The link monitoring parameter is used to configure port Ethernet OAM link monitoring error symbols The link monitoring function provides a mechanism to detect and indi...

Page 454: ...f threshold is 1 symbol error range 0 4294967295 Specify the range from 0 to 4294967295 window The range is 1000 to 60000 ms The default value is 1000ms millisecond 1000 60000 The range is 1000 to 60000 ms notify_state Specify the event notification status The default state is enable enable Specify to enable event notification disable Specify to disable event notification error_frame Specify the e...

Page 455: ... command ignore Specify to ignore the received Ethernet OAM remote loopback command The default method is ignore Restrictions Only Administrator and Operator level users can issue this command Example To configure Ethernet OAM on ports 1 to 2 in active mode DES 3200 28P admin config ethernet_oam ports 1 2 mode active Command config ethernet_oam ports 1 2 mode active Success DES 3200 28P admin To e...

Page 456: ... configure the error frame threshold to10 and period to 1000000 ms for port 1 DES 3200 28P admin config ethernet_oam ports 1 link_monitor error_frame_period threshold 10 window 1000000 notify_state enable Command config ethernet_oam ports 1 link_monitor error_frame_period threshold 10 window 1000000 notify_state enable Success DES 3200 28P admin To configure a dying gasp event for port 1 DES 3200 ...

Page 457: ...ns that both it and the remote OAM entity have accepted the peering NonOperHalfDuplex Since Ethernet OAM functions are not designed to work completely over half duplex port This value indicates Ethernet OAM is enabled but the port is in half duplex operation 3 OAM mode passive or active 4 Maximum OAMPDU size The largest OAMPDU that the OAM entity supports OAM entities exchange maximum OAMPDU sizes...

Page 458: ...vent log information index Optional Specify an index range to display value_list Optional Specify an index range to display Restrictions Only Administrator and Operator level users can issue this command Example To display Ethernet OAM statistics information for port 1 DES 3200 28P admin show ethernet_oam ports 1 statistics Command show ethernet_oam ports 1 statistics Port 1 Information OAMPDU TX ...

Page 459: ... all Ethernet OAM ports event_log Specify to clear Ethernet OAM event log information statistics Specify to clear Ethernet OAM statistics Restrictions Only Administrator and Operator level users can issue this command Example To clear port 1 OAM statistics DES 3200 28P admin clear ethernet_oam ports 1 statistics Command clear ethernet_oam ports 1 statistics Success DES 3200 28P admin To clear port...

Page 460: ...if three fans is working normally there will display OK in the Left Fan field If some fans work failed such as fan 1 3 there will only display the failed fans in the Left Fan field such as 1 3 Fail In the same way the Right Fan Back Fan is same to Left Fan Because there is only one CPU Fan if it is working failed display Fail otherwise display OK Format show device_status Parameters None Restricti...

Page 461: ...shold Celsius 11 DES 3200 28P admin 50 3 config temperature threshold Description This command is used to configure the warning threshold for high and low temperature Format config temperature threshold high temperature 500 500 low temperature 500 500 Parameters threshold Specify the high and low threshold value high Optional To configure high threshold value The high threshold must bigger than th...

Page 462: ...ecify the trap state for the warning temperature event enable Enable trap state for warning temperature event The default state is enabled disable Disable trap state for warning temperature event log state Specify the log state for the warning temperature event enable Enable log state for warning temperature event The default state is enabled disable Disable log state for warning temperature event...

Page 463: ...e of 0 will send an infinite ICMP echo messages The maximum value is 255 The default is 0 indicating infinity Press the CTRL C to break the ping test value 1 255 Enter the number of individual ICMP echo messages to be sent here This value must be between 1 and 255 timeout Optional Defines the time out period while waiting for a response from the remote device A value of 1 to 99 seconds can be spec...

Page 464: ...nfinity Press the CTRL C to break the ping test value 1 255 Enter the number of individual ICMP echo messages to be sent here This value must be between 1 and 255 size Optional Size of the test packet value 1 6000 Enter the size of the test packet here This value must be between 1 and 6000 timeout Optional Defines the time out period while waiting for a response from the remote device sec 1 99 Ent...

Page 465: ...max_learning_addr Description This command is used to set the maximum number of port security entries that can be authorized system wide There are four levels of limitations on the learned entry number for the entire system for a port for a VLAN and for a specific VLAN on a port If any limitation is exceeded the new entry will be discarded The setting for system level maximum learned users must be...

Page 466: ...er of port security entries that can be learned on this port If the value is set to 0 it means that no user can be authorized by the port security function on this port If the setting is smaller than the number of current learned entries on the port the command will be rejected The default value is 32 max_lock_no 0 3328 Enter the maximum number of port security entries that can be learned here Thi...

Page 467: ...port If any limitation is exceeded the new entry will be discarded Format config port_security vlan vlan_name 32 vlanid vidlist max_learning_addr max_lock_no 0 3328 no_limit Parameters vlan_name 32 Enter the VLAN name here This name can be up to 32 characters long vlanid Specify a list of VLANs by VLAN ID vidlist Enter the VLAN ID list here max_learning_addr Specify the maximum number of port secu...

Page 468: ...pecify the VLAN by VLAN ID vlanid 1 4094 Enter the VLAN ID list here This value must be between 1 and 4094 mac_address Specify the MAC address of the entry macaddr Enter the MAC address used here Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete the port security entry with a MAC address of 00 00 00 00 00 01 on VLAN 1 DES 3200 28P admin de...

Page 469: ...ss DES 3200 28P admin 52 6 show port_security_entry Description This command is used to display the port security entries If more than one parameter is selected only the entries matching all the selected parameters will be displayed If the user specifies ports and VLAN either the VLAN name or VLAN ID list only the entries matching all the parameters will be displayed Format show port_security_entr...

Page 470: ...or vlan_name are specified configurations matching any of these parameters will be displayed Format show port_security ports portlist vlan vlan_name 32 vlanid vidlist Parameters ports Optional Specify the range of ports that will show their configuration While this parameter is null to show the entries on all of the ports portlist Enter the list of port used for this configuration here vlan Option...

Page 471: ...new MAC that violates the pre defined port security configuration a trap will be sent out with the MAC and port information and the relevant information will be logged Format enable port_security trap_log Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable a port security trap DES 3200 28P admin enable port_security trap_log ...

Page 472: ...urity trap_log Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To prevent a port security trap from being sent from the switch DES 3200 28P admin disable port_security trap_log Command disable port_security trap_log Success DES 3200 28P admin ...

Page 473: ... power_limit Optional Configure the power budget of PoE system The range of value which can be specified is determined by the system value 37 188 Enter the power limit value here This value must be between 37 and 188 DES 3200 28P Only value 37 370 Enter the power limit value here This value must be between 37 and 370 DES 3200 52P Only power_disconnect_method Optional Configure the disconnection me...

Page 474: ...onfigure the PoE port settings Based on 802 3af there are 5 kinds of PD classes class 0 class 1 class 2 and class 3 The power consumption ranges for them are 0 44 12 95W 0 44 3 84W 3 84 6 49W 6 49 12 95W and 12 95 29 5W respectively The five pre defined settings are for users convenience The following is the power limit applied to the port for these four classes For each class the power limit is a...

Page 475: ...ffect the ordering of supplying power Whether the disconnect_method is set to deny_low_priority_port priority of port will be used by the system to manage to supply power to ports critical Specify that the priority will be set to critical high Specify that the priority will be set to high low Specify that the priority will be set to low power_limit Optional Configure the per port power limit If a ...

Page 476: ... show poe system PoE System Information Power Limit 188 Watts Power Consumption 0 Watts Power Remained 169 Watts Power Disconnection Method Deny Next Port Detection Legacy PD Disabled If Power Disconnection Method is set to deny next port then the system can not utilize out of its maximum power capacity The maximum unused watt is 19W CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 53...

Page 477: ...ime Range Class Power mW Voltage decivolt Current mA Status 1 Enabled Low 16200 Class 0 0 0 0 0 OFF Interim state during line detection 2 Enabled Low 16200 Class 0 0 0 0 0 OFF Interim state during line detection 3 Enabled Low 16200 Class 0 0 0 0 0 OFF Interim state during line detection 4 Enabled Low 16200 Class 0 0 0 0 0 OFF Interim state during line detection 5 Enabled Low 16200 Class 0 0 0 0 0 ...

Page 478: ... request packet if the tag is absent and remove the circuit ID tag from the received PPPoE offer and session confirmation packet The insert circuit ID contains the following information Client MAC address Device ID and Port number By default Switch IP address is used as the device ID to encode the circuit ID option Format config pppoe circuit_id_insertion state enable disable Parameters enable Spe...

Page 479: ... is enable enable Enable port s PPPoE circuit ID insertion function disable Disable port s PPPoE circuit ID insertion function circuit_id Configure the device ID part for encoding of the circuit ID option mac The MAC address of the Switch will be used to encode the circuit ID option ip The Switch s IP address will be used to encode the circuit ID option This is the default udf A user specified str...

Page 480: ... show pppoe circuit_id_insertion Global PPPoE State Enabled DES 3200 28P admin 54 4 show pppoe circuit_id_insertion ports Description This command is used to display Switch s port PPPoE Circuit ID insertion configuration Format show pppoe circuit_id_insertion ports portlist Parameters portlist Optional Specify a list of ports to be displayed Restrictions None Example To display port 2 5 PPPoE circ...

Page 481: ...ch CLI Reference Guide 477 DES 3200 28P admin show pppoe circuit_id_insertion ports 2 5 Command show pppoe circuit_id_insertion ports 2 5 Port State Circuit ID 2 Enabled Switch IP 3 Enabled Switch IP 4 Enabled Switch IP 5 Enabled Switch IP DES 3200 28P admin ...

Page 482: ...e protocol_group group_id id all show port dot1v ports portlist 55 1 create dot1v_protocol_group Description This command is used to create a protocol group for protocol VLAN function Format create dot1v_protocol_group group_id id group_name name 32 Parameters group_id The ID of protocol group which is used to identify a set of protocols id Enter the group ID used here group_name Optional The name...

Page 483: ...at the protocol will be added to the specified group delete Specify that the protocol will be removed from the specified group protocol The protocol value is used to identify a protocol of the frame type specified ethernet_2 Specify that the Ethernet 2 protocol will be used ieee802 3_snap Specify that the IEEE 802 3 Snap protocol will be used ieee802 3_llc Specify that the IEEE 802 3 LLC protocol ...

Page 484: ...in delete dot1v_protocol_group group_id 100 Command delete dot1v_protocol_group group_id 100 Success DES 3200 28P admin 55 4 show dot1v_protocol_group Description This command is used to display the protocols defined in a protocol group Format show dot1v_protocol_group group_id id group_name name 32 Parameters group_id Optional Specify the ID of the group to be displayed id Enter the group ID used...

Page 485: ...ts used for the configuration here all Specify that all the ports will be used for this configuration add Specify that the group specified will be added protocol_group Specify that parameters for the group will follow group_id Specify the group ID of the protocol group id Enter the group ID used here group_name Specify the name of the protocol group name 32 Enter the name of the group used here Th...

Page 486: ...id 10 vlan marketing 1 Command config port dot1v ports 3 add protocol_group group_id 10 vlan marketing 1 Success DES 3200 28P admin 55 6 show port dot1v Description This command is used to display the VLAN to be associated with untagged packet ingressed from a port based on the protocol group Format show port dot1v ports portlist Parameters ports Optional Specify a range of ports to be displayed p...

Page 487: ...ged Fast Ethernet Switch CLI Reference Guide 483 DES 3200 28P admin show port dot1v ports 1 Command show port dot1v ports 1 Port 1 Protocol Group ID VLAN Name Protocol Priority 1 default 2 VLAN2 3 VLAN3 4 VLAN4 Success DES 3200 28P admin ...

Page 488: ...w vlan_translation ports portlist cvid vidlist 56 1 enable qinq Description This command is used to enable QinQ When QinQ is enabled all network port roles will be NNI ports and outer TPID will be set to 0x88A8 all existing static VLANs will run as S VLAN all dynamic learned L2 address will be cleared all dynamic registered VLAN entries will be cleared and GVRP will be disabled To run GVRP on the ...

Page 489: ...inistrator Operator and Power User level users can issue this command Example To disable QinQ DES 3200 28P admin disable qinq Command disable qinq Success DES 3200 28P admin 56 3 config qinq inner_tpid Description The command is used to configure the inner TPID of the system The inner TPID is used to decide if the ingress packet is c tagged Inner tag TPID is per system configurable Format config q...

Page 490: ...ustomer network nni Specify that the port is connecting to the service provider network missdrop Optional Specify the state of the miss drop of ports option enable Specify that the miss drop of ports option will be enabled disable Specify that the miss drop of ports option will be disabled outer_tpid Optional Specify the outer TPID of a port hex 0x1 0xffff Enter the outer TPID value used here add_...

Page 491: ...ES 3200 28P admin 56 5 show qinq Description This command is used to display the global QinQ status Format show qinq Parameters None Restrictions None Example To display the global QinQ status DES 3200 28P admin show qinq Command show qinq QinQ Status Enabled DES 3200 28P admin 56 6 show qinq inner_tpid Description This command is used to display the inner TPID of a system Format show qinq inner_t...

Page 492: ...tpid Command show qinq inner_tpid Inner TPID 0x9100 DES 3200 28P admin 56 7 show qinq ports Description This command is used to display the QinQ configuration of the ports Format show qinq ports portlist Parameters ports Specify a list of ports to be displayed portlist Optional Enter the list of ports to be displayed here Restrictions None Example To show the QinQ mode for ports 1 2 ...

Page 493: ...C VLAN Tag or stripped Format create vlan_translation ports portlist all add cvid vidlist replace cvid vlanid 1 4094 svid vlanid 1 4094 priority priority 0 7 Parameters ports Specify a list of ports to be configured portlist Enter the list of ports to be configured here all Specify that all the ports will be used for the configuration add Specify to add an S Tag to the packet cvid Specify the cust...

Page 494: ...0 svid 300 Command create vlan_translation ports 1 add cvid 30 svid 300 Success DES 3200 28P admin 56 9 delete vlan_translation ports Description This command is used to delete translation relationships between the C VLAN and the S VLAN Format delete vlan_translation ports portlist all cvid vidlist Parameters ports Specify a list of ports to be configured portlist Enter the list of ports to be con...

Page 495: ... Format show vlan_translation ports portlist cvid vidlist Parameters ports Optional Specify a list of ports to be displayed portlist Enter the list of ports to be displayed here cvid Optional Specify the rules for the specified CVIDs vidlist Enter the CVID value used here Restrictions None Example To show C VLANs based on VLAN translation rules in the system DES 3200 28P admin show vlan_translatio...

Page 496: ...rity dscp_dscp dscp_color dscp dscp_list 57 1 config bandwidth_control Description This command is used to configure the port bandwidth limit control Format config bandwidth_control portlist all rx_rate no_limit value 64 1024000 tx_rate no_limit value 64 1024000 Parameters portlist Specify a range of ports to be configured all Specify that all the ports will be used for this configuration rx_rate ...

Page 497: ... the RADIUS server through the authentication process If RADIUS server has assigned the bandwidth then the RADIUS assigned bandwidth will be the effective bandwidth The authentication with the RADIUS sever can be per port or per user For per user authentication there may be multiple bandwidth control values assigned when there are multiple users attached to this specific port In this case the larg...

Page 498: ...f port used for this configuration here all For set all ports in the system you may use all parameter If no parameter is specified system will set all ports cos_id_list 0 7 Specify a list of priority queues The priority queue number is ranged from 0 to 7 min_rate Optional Specify that one of the parameters below no_limit or value m n will be applied to the mini rate at which the above specified cl...

Page 499: ...control ports 1 10 1 min_rate 130 max_rate 1000 Command config per_queue bandwidth_control ports 1 10 1 min_rate 130 max_rate 1000 Granularity TX 64 Actual Rate MIN 128 MAX 960 Success 57 4 show per_queue bandwidth_control Description This command is used to display per port CoS bandwidth control settings Format show per_queue bandwidth_control portlist Parameters portlist Optional Specify a range...

Page 500: ...ge of ports to be configured portlist Enter the list of port used for this configuration here class_id 0 7 This specifies the 8 hardware priority queues which the config scheduling command will apply to The four hardware priority queues are identified by number from 0 to 7 with the 0 queue being the lowest priority strict The queue will operate in strict mode weight Specify the weights for weighte...

Page 501: ...orts strict All queues operate in strict mode wrr Each queue operates based on its setting Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the traffic scheduling mechanism for each CoS queue DES 3200 28P admin config scheduling_mechanism strict Command config scheduling_mechanism strict Success DES 3200 28P admin To configure the traf...

Page 502: ...ority queues for example DES 3200 28P admin show scheduling 1 Command show scheduling 1 QOS Output Scheduling On Port 1 Class ID Weight Class 0 1 Class 1 2 Class 2 3 Class 3 4 Class 4 5 Class 5 6 Class 6 7 Class 7 8 DES 3200 28P admin 57 8 show scheduling_mechanism Description This command is used to show the traffic scheduling mechanism Format show scheduling_mechanism portlist Parameters portlis...

Page 503: ...ict 8 Strict 9 Strict 10 Strict 11 Strict 12 Strict 13 Strict 14 Strict 15 Strict 16 Strict 17 Strict 18 Strict 19 Strict 20 Strict 21 Strict 22 Strict 23 Strict 24 Strict 25 Strict 26 Strict 27 Strict 28 Strict DES 3200 28P admin 57 9 config 802 1p user_priority Description This command is used to map the 802 1p user priority of an incoming packet to one of the eight hardware queues available on ...

Page 504: ...numbered between 0 the lowest priority and 7 the highest priority Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the 802 1p user priority DES 3200 28P admin config 802 1p user_priority 1 3 Command config 802 1p user_priority 1 3 Success DES 3200 28P admin 57 10 show 802 1p user_priority Description This command is used to display 802...

Page 505: ...s specifies a range of ports for which the default priority is to be configured That is a range of ports for which all untagged packets received will be assigned the priority specified below The port list is specified by listing the beginning port number on the Switch separated by a colon Then highest port number of the range also separated by a colon are specified The beginning and end of the por...

Page 506: ...ser authentication the priority assigned by RADIUS will not be the effective port default priority whereas it will become the priority associated with MAC address Note that only devices supporting MAC based VLAN can provide per user authentication Format show 802 1p default_priority portlist Parameters portlist Optional Specify a range of ports to be displayed If no parameter is specified all port...

Page 507: ...ers can issue this command Example Enable DSCP trust on ports 1 8 DES 3200 28P admin config dscp trust 1 8 state enable Command config dscp trust 1 8 state enable Success DES 3200 28P admin 57 14 config 802 1p map Description This command is used to configure the mapping of 802 1p to the packet s initial color The mapping of 802 1p to a color is used to determine the initial color of the packet wh...

Page 508: ...ed on ports 1 8 DES 3200 28P admin config 802 1p map 1 8 1p_color 1 to red Command config 802 1p map 1 8 1p_color 1 to red Success DES 3200 28P admin 57 15 show 802 1p map 1p_color Description This command is used to display the 802 1p to color mapping Format show 802 1p map 1p_color portlist Parameters portlist Optional Specify a list of ports Restrictions None Example To show the 802 1p color ma...

Page 509: ...sabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled DES 3200 28P admin 57 17 config dscp map Description This command is used to configure DSCP mapping The mapping of DSCP to priority will be used to determine the priority of the packet which will be then used to determine the scheduling queue when the port is in DSCP trust state The mapping of DSCP to color will be used to de...

Page 510: ...r the DSCP to DSCP list here to Specify that the above or following parameter will be mapped to the previously mentioned parameter dscp 0 63 Specify the result DSCP of mapping dscp_color Specify a list of DSCP value to be mapped to a specific color dscp_list Enter the DSCP to color list here to Specify that the above or following parameter will be mapped to the previously mentioned parameter green...

Page 511: ...scp_dscp Specify a list of DSCP value to be mapped to a specific DSCP dscp_color Specify a list of DSCP value to be mapped to a specific color dscp Optional This specifies DSCP value that will be mapped dscp_list Enter the DSCP list here Restrictions None Example In case of project support per port configure show DSCP map configuration on port 1 DES 3200 28P admin show dscp map 1 dscp_dscp Command...

Page 512: ...ower than the falling threshold the Switch enters normal mode 20 100 Enter the utilization falling value here This value must be between 20 and 100 trap_log Optional Configure the state of CPU protection related trap log mechanism to enable or disable If set to enable trap and log will be active while cpu protection current mode changed If set to disable current mode change will not trigger trap a...

Page 513: ... 2 show safeguard_engine Description This command is used to show safeguard engine information Format show safeguard_engine Parameters None Restrictions None Example To show safeguard_engine information DES 3200 28P admin show safeguard_engine Command show safeguard_engine Safeguard Engine State Disabled Safeguard Engine Current Status Normal Mode CPU Utilization Information Rising Threshold 30 Fa...

Page 514: ...blowfish cast128 twofish128 twofish192 twofish256 MD5 SHA1 RSA DSA enable disable Parameters 3DES The 3DES cipher is three key triple DES encrypt decrypt encrypt where the first 8 bytes of the key are used for the first encryption the next 8 bytes for the decryption and the following 8 bytes for the final encryption AES 128 192 256 Advanced Encryption Standard arcfour RC4 also known as ARC4 or ARC...

Page 515: ...ic key algorithm DES 3200 28P admin config ssh algorithm DSA enable Command config ssh algorithm DSA enable Success DES 3200 28P admin 59 2 show ssh algorithm Description This command is used to show the SSH service algorithm Format show ssh algorithm Parameters None Restrictions None Example To show server algorithm ...

Page 516: ...SHA1 Enabled Public Key Algorithm RSA Enabled DSA Enabled DES 3200 28P admin 59 3 config ssh authmode Description This command is used to configure user authentication method for SSH Format config ssh authmode password publickey hostbased enable disable Parameters password Specify user authentication method publickey Specify user authentication method hostbased Specify user authentication method e...

Page 517: ... 4 show ssh authmode Description This command is used to show the user authentication method Format show ssh authmode Parameters None Restrictions None Example To show user authentication method DES 3200 28P admin show ssh authmode Command show ssh authmode The SSH Authentication Method Password Enabled Public Key Enabled Host based Enabled DES 3200 28P admin 59 5 config ssh user Description This ...

Page 518: ... be up to 32 characters long hostname_IP Specify host domain name and IP address domain_name 32 Specify host name if configuring Host based method password Specify user authentication method publickey Specify user authentication method Restrictions Only Administrator level users can issue this command Example To update user test authentication method DES 3200 28P admin config ssh user test authmod...

Page 519: ...H server connection time out in the unit of second sec 120 600 Enter the connection time out value here This value must be between 120 and 600 seconds authfail Optional Specify user maximum fail attempts int 2 20 Enter the user maximum fail attempts value here This value must be between 2 and 20 rekey Optional Specify time to re generate session key There are 10 minutes 30 minutes 60 minutes and n...

Page 520: ...DES 3200 28P admin 59 8 enable ssh Description This command is used to enable SSH server services Format enable ssh Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable SSH server DES 3200 28P admin enable ssh Command enable ssh Success DES 3200 28P admin 59 9 disable ssh Description This command is used to disable SSH server ...

Page 521: ...h Command disable ssh Success DES 3200 28P admin 59 10 show ssh server Description This command is used to show the SSH server general information Format show ssh server Parameters None Restrictions None Example To show SSH server DES 3200 28P admin show ssh server Command show ssh server The SSH Server Configuration Maximum Session 8 Connection Timeout 120 Authentication Fail Attempts 2 Rekey Tim...

Page 522: ...e specified certificate to the device which must according to desired key exchange algorithm For RSA key exchange the user must download RSA type certificate and for DHS_DSS is using the DSA certificate for key exchange Format download ssl certificate ipaddr certfilename path_filename 64 keyfilename path_filename 64 Parameters ipaddr Optional Enter the TFTP server IP address used for this configur...

Page 523: ..._EDE_CBC_SHA RSA_EXPORT_with_RC4_40_MD5 Parameters ciphersuite Optional Specify the cipher suite combination used for this configuration RSA_with_RC4_128_MD5 Indicate RSA key exchange with RC4 128 bits encryption and MD5 hash RSA_with_3DES_EDE_CBC_SHA Indicate RSA key exchange with 3DES_EDE_CBC encryption and SHA hash DHE_DSS_with_3DES_EDE_CBC_SHA Indicate DH key exchange with 3DES_EDE_CBC encrypt...

Page 524: ...ciphersuite Optional Specify the cipher suite combination used for this configuration RSA_with_RC4_128_MD5 Indicate RSA key exchange with RC4 128 bits encryption and MD5 hash RSA_with_3DES_EDE_CBC_SHA Indicate RSA key exchange with 3DES_EDE_CBC encryption and SHA hash DHE_DSS_with_3DES_EDE_CBC_SHA Indicate DH key exchange with 3DES_EDE_CBC encryption and SHA hash RSA_EXPORT_with_RC4_40_MD5 Indicat...

Page 525: ...e RSA type or DSA type certificate Format show ssl certificate Parameters certificate Optional Specify that the SSL certificate will be displayed Restrictions None Example To show SSL DES 3200 28P admin show ssl Commands show ssl SSL Status Enabled RSA_WITH_RC4_128_MD5 0x0004 Enabled RSA_WITH_3DES_EDE_CBC_SHA 0x000A Enabled DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013 Enabled RSA_EXPORT_WITH_RC4_40_MD5 0x...

Page 526: ...imeout Commands show ssl cachetimeout Cache timeout is 600 second s DES 3200 28P admin 60 6 config ssl cachetimeout Description This command is used to configure cahce timeout value which is designed for dlktimer library to remove the session id after expired In order to support the resume session feature the SSL library keep the session id in web server and invoking the dlktimer library to remove...

Page 527: ...rence Guide 523 Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the SSL cache timeout value to 60 DES 3200 28P admin config ssl cachetimeout 60 Commands config ssl cachetimeout 60 Success DES 3200 28P admin ...

Page 528: ...hnical support personnel to dump the device overall operation information Basic System information System log Running configuration Layer 1 information Layer 2 information Layer 3 information Application OS status Controller s status This command can be interrupted by Ctrl C or ESC when it is executing Format show tech_support Parameters None Restrictions Only Administrator and Operator level user...

Page 529: ...uild 4 03 004 Hardware Version C1 MAC Address 00 01 02 03 04 00 ERROR_LOG 2000 1 1 02 35 27 debug log 1 firmware version 4 03 T003 level fatal clock 37930 ms time 2000 02 13 06 15 28 SOFTWARE FATAL ERROR SDK ERROR Assertion failed SOC_REG_IS_VALID unit reg at reg c 1209 Current TASK ST_hCFG 61 2 upload tech_support_toTFTP Description This command is used to upload the information of technique s su...

Page 530: ...o store the information of technique s support in TFTP server The max size of the file name is 64 Restrictions Only Administrator and Operator level users can issue this command Example To upload the information of technique s support DES 3200 28P admin upload tech_support_toTFTP 10 0 0 66 tech_report txt Command upload tech_support_toTFTP 10 0 0 66 tech_report txt Connecting to server Done Upload...

Page 531: ... 64 add mail_receiver mail_addr 64 delete mail_receiver index 1 8 1 show smtp smtp send_testmsg 62 1 enable smtp Description This command is used to enable the SMTP status Format enable smtp Parameters None Restrictions Only Administrator level users can issue this command Example To enable SMTP status DES 3200 28P admin enable smtp Command enable smtp Success DES 3200 28P admin 62 2 disable smtp ...

Page 532: ...r 64 add mail_receiver mail_addr 64 delete mail_receiver index 1 8 1 Parameters server Specify the SMTP server IP address ipaddr Enter the SMTP server IP address server_port Specify the SMTP server port tcp_port_number 1 65535 Enter the port number between 1 and 65535 self_mail_addr Specify the sender s mail address mail_addr 64 Enter the mail address with maximum of 64 characters add mail_receive...

Page 533: ...onfigure a mail source address DES 3200 28P admin config smtp self_mail_addr mail dlink com Command config smtp self_mail_addr mail dlink com Success DES 3200 28P admin To add a mail destination address DES 3200 28P admin config smtp add mail_receiver receiver dlink com Command config smtp add mail_receiver receiver dlink com Success DES 3200 28P admin To delete a mail destination address DES 3200...

Page 534: ...on DES 3200 28P admin show smtp Command show smtp SMTP Status Disabled SMTP Server Address 172 18 208 9 SMTP Server Port 25 Self Mail Address mail dlink com Index Mail Receiver Address 1 receiver dlink com 2 3 4 5 6 7 8 DES 3200 28P admin 62 5 smtp send_testmsg Description This command is used to test whether the SMTP server can be reached Format smtp send_testmsg Parameters None ...

Page 535: ...1 Restrictions Only Administrator level users can issue this command Example To test whether the SMTP server can be reached DES 3200 28P admin smtp send_testmsg Command smtp send_testmsg Subject e mail heading Content e mail content Sending mail please wait Success DES 3200 28P admin ...

Page 536: ...p host ipaddr v1 v2c v3 noauth_nopriv auth_nopriv auth_priv auth_string32 delete snmp host ipaddr show snmp host ipaddr config snmp engineID snmp_engineID 10 64 show snmp engineID enable snmp disable snmp config snmp system_name sw_name config snmp system_location sw_location config snmp system_contact sw_contact enable snmp traps disable snmp traps enable snmp authenticate_traps disable snmp auth...

Page 537: ...o view a MIB name view_name 32 Enter the MIB view name here This name can be up to 32 characters long readonly Allows the user using the above community string to have read only access to the Switch s SNMP agent readwrite Allows the user using the above community string to have read and write access to the Switch s SNMP agent The default read only community string is public The default read write ...

Page 538: ...xample To delete a SNMP community System DES 3200 28P admin delete snmp community System Command delete snmp community System Success DES 3200 28P admin 63 3 show snmp community Description This command is used to display the community string configurations Format show snmp community community_string 32 Parameters community_string 32 Optional Specify the Community string If not specify community s...

Page 539: ...iates an authentication level setting session The options are md5 and sha md5 The HMAC MD5 96 authentication level auth_password 8 16 Enter the MD5 authentication password here This value must be between 8 and 16 characters sha The HMAC SHA 96 authentication level auth_password 8 20 Enter the SHA authentication password here This value must be between 8 and 20 characters priv Optional A privacy ke...

Page 540: ...md5 12345678 priv des 12345678 Command create snmp user user123 group123 encrypted by_password auth md5 12345678 priv des 12345678 Success DES 3200 28P admin 63 5 delete snmp user Description This command is used to remove a user from an SNMP group and delete the associated group in SNMP group Format delete snmp user username 32 Parameters username 32 The name of the user on the host that connects...

Page 541: ...e VerAuthPriv initial initial V3 NoneNone user123 group123 V3 MD5 DES Total Entries 2 DES 3200 28P admin 63 7 create snmp group Description This command is used to create a new SNMP group or a table that maps SNMP users to SNMP views Format create snmp group groupname 32 v1 v2c v3 noauth_nopriv auth_nopriv auth_priv read_view view_name 32 write_view view_name 32 notify_view view_name 32 Parameters...

Page 542: ...s long notify_view Optional Specify that the view name would be notify view_name 32 Enter the notify view name here This name can be up to 32 characters long Restrictions Only Administrator level users can issue this command Example To create SNMP group group123 DES 3200 28P admin create snmp group group123 v3 auth_priv read_view CommunityView write_view CommunityView notify_view CommunityView Com...

Page 543: ...p group123 Command delete snmp group group123 Success DES 3200 28P admin 63 9 show snmp groups Description This command is used to display the names of groups on the Switch and the security model level the status of the different views Format show snmp groups Parameters None Restrictions None Example To show SNMP groups ...

Page 544: ... Name initial ReadView Name restricted WriteView Name Notify View Name restricted Securiy Model SNMPv3 Securiy Level NoAuthNoPriv Group Name WriteGroup ReadView Name CommunityView WriteView Name CommunityView Notify View Name CommunityView Securiy Model SNMPv2 Securiy Level NoAuthNoPriv Total Entries 10 DES 3200 28P admin 63 10 create snmp view Description This command is used to assign views to c...

Page 545: ...and create snmp view view123 1 3 6 view_type included Success DES 3200 28P admin 63 11 delete snmp view Description This command is used to remove a view record Format delete snmp view view_name 32 all oid Parameters view View name to be deleted view_name 32 Enter the view name here The name can be up to 32 characters long all Specify that all view records will be removed oid Object Identified tre...

Page 546: ...nmp view Command show snmp view Vacm View Table Settings View Name Subtree View Type view123 1 3 6 Included restricted 1 3 6 1 2 1 1 Included restricted 1 3 6 1 2 1 11 Included restricted 1 3 6 1 6 3 10 2 1 Included restricted 1 3 6 1 6 3 11 2 1 Included restricted 1 3 6 1 6 3 15 1 1 Included CommunityView 1 Included CommunityView 1 3 6 1 6 3 Excluded CommunityView 1 3 6 1 6 3 1 Included Total Ent...

Page 547: ...e community string and it must be one of the entries in community table If the v3 is specified the auth_string presents the user name and it must be one of the entries in the user table Restrictions Only Administrator level users can issue this command Example To create SNMP host 10 0 0 1 with community string public DES 3200 28P admin create snmp host 10 0 0 1 v1 public Command create snmp host 1...

Page 548: ... are targeted ipaddr Enter the IP address used for the configuration here If no parameter specified all SNMP hosts will be displayed Restrictions None Example To show SNMP host DES 3200 28P admin show snmp host Command show snmp host SNMP Host Table Host IP Address SNMP Version Community Name SNMPv3 User Name 10 90 90 3 V3 noauthnopriv initial 10 90 90 2 V2c private 10 90 90 1 V1 public 10 90 90 4...

Page 549: ... 3200 28P admin config snmp engineID 1023457890 Command config snmp engineID 1023457890 Success DES 3200 28P admin 63 17 show snmp engineID Description The show snmp engineID command displays the identification of the SNMP engine on the Switch The default value is suggested in RFC2271 The very first bit is 1 and the first four octets are set to the binary equivalent of the agent s SNMP management ...

Page 550: ...able snmp Description This command is used to enable the SNMP function Format enable snmp Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable SNMP DES 3200 28P admin enable snmp Command enable snmp Success DES 3200 28P admin 63 19 disable snmp Description This command is used to disable the SNMP function Format disable snmp Parameters N...

Page 551: ...at config snmp system_name sw_name Parameters system_name A maximum of 128 characters is allowed And NULL string is accepted sw_name Optional Enter the system name used here Restrictions Only Administrator and Operator level users can issue this command Example To configure the Switch name for DES 32xx L2 Switch DES 3200 28P admin config snmp system_name DES 32xx L2 Switch Command config snmp syst...

Page 552: ...config snmp system_location HQ 5F Success DES 3200 28P admin 63 22 config snmp system_contact Description This command is used to enter the name of a contact person who is responsible for the Switch Format config snmp system_contact sw_contact Parameters system_contact A maximum of 128 characters is allowed And NULL string is accepted sw_contact Optional Enter the system contact string here Restri...

Page 553: ...rator level users can issue this command Example To enable SNMP trap support DES 3200 28P admin enable snmp traps Command enable snmp traps Success DES 3200 28P admin 63 24 disable snmp traps Description This command is used to disable SNMP trap support on the Switch Format disable snmp traps Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To...

Page 554: ...p support Format enable snmp authenticate_traps Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable SNMP authentication trap support DES 3200 28P admin enable snmp authenticate_traps Command enable snmp authenticate_traps Success DES 3200 28P admin 63 26 disable snmp authenticate_traps Description This command is used to disable SNMP au...

Page 555: ...e snmp linkchange_traps Description This command is used to configure the sending of linkchange traps Format enable snmp linkchange_traps Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable the sending of linkchange traps DES 3200 28P admin enable snmp linkchange_traps Command enable snmp linkchange_traps Success DES 3200 28P admin 63 2...

Page 556: ... to configure the sending of linkchange traps and per port control for sending of change trap Format config snmp linkchange_traps ports all portlist enable disable Parameters all To specify all ports portlist To specify a port range enable Enable sending of the link change trap for this port disable Disable sending of the link change trap for this port Restrictions Only Administrator level users c...

Page 557: ...nly Administrator level users can issue this command Example To configure the trap for coldstart event DES 3200 28P admin config snmp coldstart_traps enable Command config snmp coldstart_traps enable Success DES 3200 28P admin 63 31 config snmp warmstart_traps Description This command is used to configure the trap state for warmstart event Format config snmp warmstart_traps enable disable Paramete...

Page 558: ...w snmp traps linkchange_traps ports portlist Parameters linkchange_traps Optional Specify that the SNMP trap sending status will be displayed ports Optional Specify the ports for the display portlist Enter the list of ports used for the display here Restrictions None Example DES 3200 28P admin show snmp traps Command show snmp traps SNMP Traps Enabled Authenticate Trap Enabled Linkchange Traps Ena...

Page 559: ...r falling alarm The default state is enabled enable Specify that the falling alarm function will be enabled disable Specify that the falling alarm function will be disabled Restrictions Only Administrator level can issue this command Example To configure the trap state for RMON events DES 3200 28P admin config rmon trap rising_alarm disable Command config rmon trap rising_alarm disable Success DES...

Page 560: ...k DES 3200 Series Layer 2 Managed Fast Ethernet Switch CLI Reference Guide 556 DES 3200 28P admin show rmon Command show rmon RMON Rising Alarm Trap Enabled RMON Falling Alarm Trap Enabled DES 3200 28P admin ...

Page 561: ...name 64 candidate dp_interval sec 30 90 hold_time sec 100 255 download sim_ms firmware_from_tftp configuration_from_tftp ipaddr path_filename members mslist 1 32 all upload sim_ms configuration_to_tftp log_to_tftp ipaddr path_filename members mslist all config sim trap enable disable 64 1 enable sim Description This command is used to configure the single IP management on the Switch as enabled For...

Page 562: ...t information of the specific sort of devices Format show sim candidates candidate_id 1 100 members member_id 1 32 group commander_mac macaddr neighbor Parameters candidates Optional Specify the candidate devices candidate_id 1 100 Optional Enter the candidate device ID here This value must be between 1 and 100 members Optional Specify the member devices member_id 1 32 Optional Enter the member de...

Page 563: ... Interval 30 sec Hold Time 100 sec DES 3200 28P admin To show the candidate information in summary if user specify candidate id it would show information in detail DES 3200 28P admin show sim candidate Command show sim candidate ID MAC Address Platform Hold Firmware Device Name Capability Time Version 1 00 01 02 03 04 00 DES XXXXS L2 Switch 40 1 00 B01 aaaaaaaaaaaaaaaa bbbbbbbbbbbbbbb 2 00 55 55 0...

Page 564: ... information in summary if user specify group name it will show information in detail DES 3200 28P admin show sim group Command show sim group SIM Group Name default ID MAC Address Platform Hold Firmware Device Name Capability Time Version 1 00 01 02 03 04 00 DES XXXXS L2 Switch 40 1 00 B01 aaaaaaaaaaaaaaaa bbbbbbbbbbbbbbb 2 00 55 55 00 55 00 SIM Group Name SIM2 ID MAC Address Platform Hold Firmwa...

Page 565: ...is command is used to re telnet to member Format reconfig member_id value 1 32 exit Parameters member_id Optional Specify the serial number of the member value 1 32 Enter the serial number of the member here exit Optional Specify to exit from the telnet session Restrictions Only Administrator level users can issue this command Example To re telnet to member DES 3200 28P admin reconfig member_id 1 ...

Page 566: ..._id 1 32 Enter the member ID of the member to be removed from the group here This value must be between 1 and 32 Restrictions Only Administrator level users can issue this command Example To add a member DES 3200 28P admin config sim_group add 2 Command config sim_group add 2 Please wait for ACK SIM Configure Success Success DES 3200 28P admin To delete a member DES 3200 28P admin config sim_group...

Page 567: ...c 30 90 Enter the discovery time here in seconds This value must be between 30 and 90 seconds hold_time Optional The time in seconds the device holds the discovery result sec 100 255 Enter the hold time here in seconds This value must be between 100 and 255 Restrictions Only Administrator level can issue this command Example To transfer to commander DES 3200 28P admin config sim commander Command ...

Page 568: ...tp ipaddr path_filename members mslist 1 32 all Parameters firmware_from_tftp Specify that the firmware will be downloaded from the TFTP server configuration_from_tftp Specify that the configuration will be downloaded from the TFTP server ipaddr Optional Specify the IP address of the TFTP server path_filename Optional Specify the file path of the firmware or configuration in the TFTP server member...

Page 569: ...e is updating firmware Please wait several minutes Download Status ID MAC Address Result 1 00 01 02 03 04 00 Success DES 3200 28P admin 64 8 upload sim_ms Description This command is used to upload configuration to TFTP server Format upload sim_ms configuration_to_tftp log_to_tftp ipaddr path_filename members mslist all Parameters configuration_to_tftp Specify that the configuration will be upload...

Page 570: ... is uploading configuration Please wait several minutes Upload Status ID MAC Address Result 1 00 1A 2D 00 12 12 Success DES 3200 28P admin 64 9 config sim trap Description This command is used to control sending of traps issued from the member switch Format config sim trap enable disable Parameters enable Enable the trap state disable Disable the trap state Restrictions Only Administrator Operator...

Page 571: ...P interface name If only specify this parameter the least IPv4 address and the smallest IPv6 address of ipif_name will be used as source IP addresses ipif_name 12 Enter the IP interface name here This name can be up to 12 characters long ipaddr Optional Enter the IP address used for the configuration here none Specify to clear the configured source IP interface Restrictions Only Administrator and ...

Page 572: ...lay the syslog source IP interface Format show syslog source_ipif Parameters None Restrictions None Example Show syslog source IP interface DES 3200 28P admin show syslog source_ipif Command show syslog source_ipif Syslog Source IP Interface Configuration IP Interface ipif3 IPv4 Address 14 0 0 5 DES 3200 28P admin 65 3 config trap source_ipif Description This command is used to configure trap sour...

Page 573: ... none Specify to clear the configured source IP interface Restrictions Only Administrator and Operator level users can issue this command Example Configure trap source IP interface DES 3200 28P admin config trap source_ipif System Command config trap source_ipif System Success DES 3200 28P admin To clear the configured trap source IP interface DES 3200 28P admin config trap source_ipif none Comman...

Page 574: ... Ethernet Switch CLI Reference Guide 570 Example Show trap source IP interface DES 3200 28P admin show trap source_ipif Command show trap source_ipif Trap Source IP Interface Configuration IP Interface System IPv4 Address None DES 3200 28P admin ...

Page 575: ...ate enable disable config syslog host index all severity emergency alert critical error warning notice informational debug level 0 7 facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr state enable disable delete syslog host index 1 4 all show syslog host index 1 4 config log_save_timing time_interval min 1 65535 on_demand log_trigger show log...

Page 576: ...software_module command Use a comma to separate multiple modules module_list Enter the module list value here emergency Optional Severity level 0 alert Optional Severity level 1 critical Optional Severity level 2 error Optional Severity level 3 warning Optional Severity level 4 notice Optional Severity level 5 informational Optional Severity level 6 debug Optional Severity level 7 level_list 0 7 S...

Page 577: ...cription This command is used to display the protocols or applications that support the enhanced log The enhanced log adds the module name and module ID Network administrators can display logs by module name or module ID Format show log_software_module Parameters None Restrictions None Example To display the protocols or applications that support the enhanced log DES 3200 28P admin show log_softwa...

Page 578: ... DES 3200 28P admin enable syslog Command enable syslog Success DES 3200 28P admin 66 5 disable syslog Description This command is used to disable the sending of syslog messages Format disable syslog Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To disable the sending of syslog messages DES 3200 28P admin disable syslog Command disable sysl...

Page 579: ...specific levels of messages to a specific host When the user chooses a specific level for a specific host messages which are at that severity level or higher will be reported to that host Format create syslog host index 1 4 ipaddress ipaddr severity emergency alert critical error warning notice informational debug level 0 7 facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port ...

Page 580: ...user defined facility will be set to local 6 local7 Specify that the user defined facility will be set to local 7 udp_port Optional Specify the UDP port number udp_port_number Enter the UDP port number used here state Optional The syslog protocol is used for the transmission of event notification messages across networks to a host The option enables or disables the host to receive such messages en...

Page 581: ...hat the user defined facility will be set to local 1 local2 Specify that the user defined facility will be set to local 2 local3 Specify that the user defined facility will be set to local 3 local4 Specify that the user defined facility will be set to local 4 local5 Specify that the user defined facility will be set to local 5 local6 Specify that the user defined facility will be set to local 6 lo...

Page 582: ... will be used Restrictions Only Administrator and Operator level users can issue this command Example To delete the specific syslog host DES 3200 28P admin delete syslog host 4 Command delete syslog host 4 Success DES 3200 28P admin 66 10 show syslog host Description This command is used to display the syslog host configurations Format show syslog host index 1 4 Parameters host The host index or a...

Page 583: ...l min 1 65535 on_demand log_trigger Parameters time_interval Save log to flash every xxx minutes If no new log events occur in this period don t save min 1 65535 Enter the time interval value here This value must be between 1 and 65535 minutes on_demand Save log to flash whenever the user enters the save log or save all command The default setting is on_demand log_trigger Save log to flash wheneve...

Page 584: ...en by modules such as DOS and the IP MAC port binding module This type of log message may generate a large amount of messages and quickly cause the system to run out of system log storage Therefore for this type of log messages only the first log that is generated each minute can be stored in the system log with the rest of them being stored in a separate table named attack log Format show attack_...

Page 585: ... Log Text 1 2008 10 17 15 00 14 CRIT 2 Possible spoofing attack from IP MAC 0A 00 00 5A 00 01 port 3 DES 3200 28P admin 66 14 clear attack_log Description This command is used to clear the attack log Format clear attack_log Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To clear the master s attack log DES 3200 28P admin clear attack_log Com...

Page 586: ... error warning notice information debug level 0 7 Parameters trap Specify the severity level control for traps log Specify the severity level control for the log all Specify the severity level control for traps and the log emergency Severity level 0 alert Severity level 1 critical Severity level 2 error Severity level 3 warning Severity level 4 notice Severity level 5 information Severity level 6 ...

Page 587: ...mand is used to display the severity level controls for the system Format show system_severity Parameters None Restrictions None Example To show severity level control for system DES 3200 28P admin show system_severity Command show system_severity System Severity Trap warning 4 System Severity Log information 6 DES 3200 28P admin ...

Page 588: ...net ipaddr tcp_port value 1 65535 Parameters ipaddr The IP address of the telnet server tcp_port Optional Specify the telnet server port number to be connected If not specified the default port is 23 value 1 65535 Enter the TCP port number used here This value must be between 1 and 65535 Restrictions Only Administrator Operator and Power User level users can issue this command Example Telnet to a ...

Page 589: ...r_string 80 filter_string 80 filter_string 80 include exclude begin filter_string 80 filter_string 80 filter_string 80 log_toFTP ipaddr tcp_port tcp_port_number 1 65535 dest_file path_filename 64 ftp string user password ipaddr tcpport path_filename attack_log_toFTP ipaddr tcp_port tcp_port_number 1 65535 dest_file path_filename 64 ftp string user password ipaddr tcpport path_filename firmware_toF...

Page 590: ...mber1 65535 Enter a value between 1 and 65535 src_file Specify the source file location path_filename 64 The pathname specifies the pathname on the FTP server It can be a relative pathname or an absolute pathname This name can be up to 64 characters long ftp Specify the FTP site string user password ipaddr tcpport path_filename Enter the FTP directory dest_file Used to identify the parameter path_...

Page 591: ...dr dest_file path_filename 64 firmware_toTFTP ipaddr dest_file path_filename 64 src_file path_filename 64 cfg_toFTP ipaddr tcp_port tcp_port_number 1 65535 dest_file path_filename 64 ftp string user password ipaddr tcpport path_filename src_file path_filename 64 include exclude begin filter_string 80 filter_string 80 filter_string 80 include exclude begin filter_string 80 filter_string 80 filter_s...

Page 592: ...ring is enclosed by symbol Thus the filter string itself cannot contain the character The filter string is case sensitive This string can be up to 80 characters long include Optional Specify to include lines that contain the specified filter string exclude Optional Specify to exclude lines that contain the specified filter string begin Optional The first line that contains the specified filter str...

Page 593: ...contain the character The filter string is case sensitive This string can be up to 80 characters long include Optional Specify to include lines that contain the specified filter string exclude Optional Specify to exclude lines that contain the specified filter string begin Optional The first line that contains the specified filter string will be the first line of the output filter_string 80 A filt...

Page 594: ... the TCP port tcp_port_number1 65535 Enter a value between 1 and 65535 dest_file Used to identify the parameter path_filename path_filename 64 The pathname specifies the pathname on the FTP server It can be a relative pathname or an absolute pathname This name can be up to 64 characters long ftp Specify the FTP site string user password ipaddr tcpport path_filename Enter the FTP directory src_file...

Page 595: ...admin To display a scenario where the uploading of the config file to the TFTP server failed because of an incorrect or missing filename from the source This error can also be found if the directory on the source does not exit DES 3200 28P admin upload cfg_toTFTP 10 90 90 10 dest_file d config cfg src_file missing cfg Command upload cfg_toTFTP 10 90 90 10 dest_file d config cfg src_file missing cf...

Page 596: ...pports upload attack_log_toTFTP function certificate_file Optional Specify the pathname supports download ssl certificate function path_filename 64 Specify the pathname supports download ssl certificate function key_file Optional Specify the pathname supports download ssl certificate function path_filename 64 Specify the pathname supports download ssl certificate function tech_support_file Optiona...

Page 597: ...file DES 3200 28P admin config tftp server 10 90 90 1 firmware_file DES3200 had cfg_file log_tmp Command config tftp server 10 90 90 1 firmware_file DES3200 had cfg_file log_tmp Success DES 3200 28P admin 69 4 show tftp Description This command is used to show the TFTP server and the file path pre configured by administer Format show tftp Parameters None Restrictions None Example To show TFTP sett...

Page 598: ...admin show tftp Command show tftp TFTP Server Settings IPv4 Address 10 90 90 1 File Type Path_filename firmware_file DES3200 had cfg_file log_tmp log_file attack_log_file certificate_file key_file tech_support_file debug_error_log_file sim_firmware_file sim_cfg_file sim_log_file DES 3200 28P admin ...

Page 599: ...mth start_mth 1 12 s_time start_time hh mm e_date end_date 1 31 e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 show time 70 1 config sntp Description This command is used to change SNTP configurations Format config sntp primary ipaddr secondary ipaddr poll interval int 30 99999 Parameters primary Optional SNTP primary server IP address ipaddr Enter the IP address used for this config...

Page 600: ...n 70 2 show sntp Description This command is used to display SNTP current time source and configuration Format show sntp Parameters None Restrictions None Example To show SNTP DES 3200 28P admin show sntp Command show sntp Current Time Scource System Clock SNTP Disabled SNTP Primary Server 10 1 1 1 SNTP Secondary Server 10 1 1 2 SNTP Poll Interval 30 sec DES 3200 28P admin 70 3 enable sntp Descrip...

Page 601: ...mand enable sntp Success DES 3200 28P admin 70 4 disable sntp Description This command is used to turn off SNTP support Format disable sntp Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To disable SNTP DES 3200 28P admin disable sntp Command disable sntp Success DES 3200 28P admin 70 5 config time Description This command is used to configu...

Page 602: ... 30jun2003 16 30 30 Success DES 3200 28P admin 70 6 config time_zone Description This command is used to configure time zone of the device Format config time_zone operator hour gmt_hour 0 13 min minute 0 59 Parameters operator Optional Specify the operator of time zone Specify that time should be added or subtracted to or from the GMT hour Optional Specify the hour of time zone gmt_hour 0 13 Enter...

Page 603: ...ing Time here This value must be between 1 and 4 s_day e_day Optional Configure the start end day number of Daylight Saving Time start_day sun sat Enter the starting day value of Daylight Saving Time here This value must either be sun mon tue wed thu fri or sat end_day sun sat Enter the ending day value of Daylight Saving Time here This value must either be sun mon tue wed thu fri or sat s_mth e_m...

Page 604: ...e starting time of Daylight Saving Time here This value must be in the hh mm format end_time hh mm Enter the starting time of Daylight Saving Time here This value must be in the hh mm format offset Optional Indicates number of minutes to add or to subtract during summertime The ranges of offset are 30 60 90 120 default value is 60 30 Specify that the offset range will 30 minutes 60 Specify that th...

Page 605: ...S 3200 28P admin show time Command show time Current Time Source System Clock Boot Time 9 May 2011 06 20 55 Current Time 9 May 2011 07 46 10 Time Zone GMT 00 00 Daylight Saving Time Disabled Offset In Minutes 60 Repeating From Apr 1st Sun 00 00 To Oct last Sun 00 00 Annual From 29 Apr 00 00 To 12 Oct 00 00 DES 3200 28P admin ...

Page 606: ...ute command will cross while seeking the network path between two devices The range for the TTL is 1 to 60 hops value 1 60 Enter the time to live value here This value must be between 1 and 60 port Optional The port number The value range is from 30000 to 64900 value 30000 64900 Enter the port number here This value must be between 30000 and 64900 timeout Optional Defines the timeout period while ...

Page 607: ...will cross while seeking the network path between two devices The range for the TTL is 1 to 60 hops value 1 60 Enter the time to live value here This value must be between 1 and 60 port Optional The port number The value range is from 30000 to 64900 value 30000 64900 Enter the port number here This value must be between 30000 and 64900 timeout Optional Defines the timeout period while waiting for ...

Page 608: ...probe 3 1 10 ms 1345 142 11 2 10 ms 2011 14 100 3 10 ms 3000 1 Trace complete DES 3200 28P admin Trace the IPv6 routed path between the Switch and 1210 100 11 with port 40000 DES 3200 28P admin traceroute6 1210 100 11 port 40000 Command traceroute6 1210 100 11 port 40000 1 10 ms 3100 25 2 10 ms 4130 100 3 10 ms 1210 100 11 Trace complete DES 3200 28P admin ...

Page 609: ...l Enable or disable broadcast storm control enable Specify that broadcast storm control will be enabled disable Specify that broadcast storm control will be disabled multicast Optional Enable or disable multicast storm control enable Specify that multicast storm control will be enabled disable Specify that multicast storm control will be disabled unicast Optional Enable or disable unknown packet s...

Page 610: ... User level users can issue this command Example To configure the parameters so that the traffic control status is enabled on ports 1 12 DES 3200 28P admin config traffic control 1 12 broadcast enable action shutdown threshold 1 countdown 5 time_interval 10 Command config traffic control 1 12 broadcast enable action shutdown threshold 1 countdown 5 time_interval 10 Success DES 3200 28P admin 72 2 ...

Page 611: ...h Success DES 3200 28P admin 72 3 show traffic control Description This command is used to display the current traffic control settings Format show traffic control portlist Parameters portlist Optional Used to specify the range of ports to be shown If no parameter is specified the system will display the packet storm control configuration for all ports Restrictions None Example To display the traf...

Page 612: ...Enabled Disabled Disabled shutdown 5 10 10 1 Enabled Disabled Disabled shutdown 5 10 DES 3200 28P admin 72 4 config traffic control log state Description This command is used to configure the traffic control log state When the log state is enabled traffic control states are logged when a storm occurs and when a storm is cleared If the log state is disabled traffic control events are not logged Not...

Page 613: ... for a port The default value is 0 so no auto recovery is possible the port remains in shutdown forever mode This requires manual entry of the CLI command config ports portlist all state enable to return the port to a forwarding state The default value is 0 which means disable auto recover mode shutdown forever min 0 Specify that the auto recovery time will be disabled min 1 65535 Enter the auto r...

Page 614: ...hat all the ports will be used for this configuration forward_list Specify a range of port forwarding domain null Specify a range of port forwarding domain is null all Specify all ports to be configured portlist Specify a range of ports to be configured Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure traffic segmentation DES 3200 28P ...

Page 615: ...specified the system will display all current traffic segmentation tables Restrictions None Example To display traffic segmentation table DES 3200 28P admin show traffic_segmentation 1 10 Command show traffic_segmentation 1 10 Traffic Segmentation Table Port Forward Portlist 1 11 15 2 11 15 3 11 15 4 11 15 5 11 15 6 11 15 7 11 15 8 11 15 9 11 15 10 11 15 DES 3200 28P admin ...

Page 616: ...fied then there is nothing to prevent any IP address from accessing the Switch provided the user knows the Username and Password When the access interface is not specified the trusted host will be created for all interfaces Format create trusted_host ipaddr network network_address snmp telnet ssh http https ping Parameters ipaddr The IP address of the trusted host network The network address of th...

Page 617: ...the IP address used for this configuration here network The network address of the trusted network network_address Enter the network address used for this configuration here all All trusted hosts will be deleted Restrictions Only Administrator and Operator level users can issue this command Example To delete the trusted host DES 3200 28P admin delete trusted_host ipaddr 10 48 74 121 Command delete...

Page 618: ... SSH http Optional Specify trusted host for HTTP https Optional Specify trusted host for HTTPs ping Optional Specify trusted host for PING all Optional Specify trusted host for all application Restrictions Only Administrator and Operator level users can issue this command Example To configure the trusted host DES 3200 28P admin config trusted_host 10 48 74 121 add ssh telnet Command config trusted...

Page 619: ...ed Fast Ethernet Switch CLI Reference Guide 615 DES 3200 28P admin show trusted_host Command show trusted_host Management Stations IP Address Access Interface 10 48 74 121 SNMP Telnet SSH HTTP HTTPs Ping Total Entries 1 DES 3200 28P admin ...

Page 620: ...e an IP default route 0 0 0 0 0 ipaddr The IP address for the next hop router metric 1 65535 Optional Enter the metric value here This value must be between 1 and 65535 The default setting is 1 Restrictions Only Administrator Operator and Power User level users can issue this command Example To add an IP default route DES 3200 28P admin create iproute default 10 1 1 254 Command create iproute defa...

Page 621: ...default 10 1 1 254 Command delete iproute default 10 1 1 254 Success DES 3200 28P admin 75 3 show iproute Description This command is used to display the Switch s current IP routing table Format show iproute network_address static Parameters network_address Optional Specify the destination network address of the route to be displayed static Optional Specify to display only static routes One static...

Page 622: ... Switch CLI Reference Guide 618 DES 3200 28P admin show iproute Command show iproute Routing Table IP Address Netmask Gateway Interface Cost Protocol 10 1 1 0 24 0 0 0 0 System 1 Local 192 168 1 0 24 0 0 0 0 ip1 1 Local Total Entries 2 DES 3200 28P admin ...

Page 623: ...nable the VLAN trunk function When the VLAN trunk function is enabled the VLAN trunk ports shall be able to forward all tagged frames with any VID Format enable vlan_trunk Parameters None Restrictions Only Administrator level users can issue this command Example To enable the VLAN Trunk DES 3200 28P admin enable vlan_trunk Command enable vlan_trunk Success DES 3200 28P admin 76 2 disable vlan_trun...

Page 624: ...unk globally all VLANs automatically created by VLAN Trunk enabled shall be destroyed and all the automatically added port membership will be removed A VLAN trunk port and a non VLAN trunk port cannot be grouped as an aggregated link To change the VLAN trunk setting for an aggregated link the user must apply the command to the master port However this setting will disappear as the aggregated link ...

Page 625: ... 1 5 state enable Success DES 3200 28P admin Port 6 is LA 1 member port port 7 is LA 2 master port DES 3200 28P admin config vlan_trunk ports 6 7 state enable Command config vlan_trunk ports 6 7 state enable Success DES 3200 28P admin config vlan_trunk ports 7 state disable Command config vlan_trunk ports 7 state disable Success DES 3200 28P admin config vlan_trunk ports 6 7 state disable Command ...

Page 626: ... 6 is LA 1 member port port 7 is LA 1 master port DES 3200 28P admin config vlan_trunk ports 7 state disable Command config vlan_trunk ports 7 state disable Success DES 3200 28P admin config vlan_trunk ports 6 7 state disable Command config vlan_trunk ports 6 7 state disable Success DES 3200 28P admin 76 4 show vlan_trunk Description This command is used to show the VLAN trunk configuration Format...

Page 627: ...mple displays the VLAN information which will also display VLAN trunk setting DES 3200 28P admin show vlan Command show vlan VLAN Trunk State Enabled VLAN Trunk Member Ports 1 5 VID 1 VLAN Name default VLAN Type Static Advertisement Enabled Member Ports 1 28 Static Ports 1 28 Current Tagged Ports Current Untagged Ports 1 28 Static Tagged Ports Static Untagged Ports 1 28 Forbidden Ports Total Stati...

Page 628: ...ommand is used to enable the password recovery mode Format enable password_recovery Parameters None Restrictions Only Administrator level users can issue this command Example To enable the password recovery mode DES 3200 28P admin enable password_recovery Command enable password_recovery Success DES 3200 28P admin 77 2 disable password_recovery Description This command is used to disable the passw...

Page 629: ...d disable password_recovery Success DES 3200 28P admin 77 3 show password_recovery Description This command is used to display the password recovery state Format show password_recovery Parameters None Restrictions Only Administrator level users can issue this command Example To display the password recovery state DES 3200 28P admin show password_recovery Command show password_recovery Running Conf...

Page 630: ...ect connection to the console port of the device It is necessary for the user needs to attach a terminal or PC with terminal emulation to the console port of the Switch 2 Power on the Switch After the Starting runtime image message the Switch will allow 2 seconds for the user to press the hotkey Shift 6 to enter the Password Recovery Mode Once the Switch enters the Password Recovery Mode all ports...

Page 631: ...nt The reset account command deletes all the previously created accounts reset password username The reset password command resets the password of the specified user If a username is not specified the passwords of all users will be reset show account The show account command displays all previously created accounts ...

Page 632: ...overed Critical Back Fan failed Back Fan failed Critical Back Fan recovered Back Fan recovered Critical Temperature sensor enters alarm state Temperature sensor sensorID enters alarm state current temperature temperature Warning Temperature recovers to normal Temperature sensor sensorID recovers to normal state current temperature temperature Informational up down load Firmware upgraded successful...

Page 633: ...sion timed out Web session timed out Username username IP ipaddr Informational Successful login through Web SSL Successful login through Web SSL Username username IP ipaddr Informational Login failed through Web SSL Login failed through Web SSL Username username IP ipaddr Warning Logout through Web SSL Logout through Web SSL Username username IP ipaddr Informational Web SSL session timed out Web S...

Page 634: ...me name revision level revision_level Informational Spanning Tree MST configuration ID VLAN mapping table added Spanning Tree MST configuration ID VLAN mapping table changed instance InstanceID add vlan startvlanid endvlanid Informational Spanning Tree MST configuration ID VLAN mapping table deleted Spanning Tree MST configuration ID VLAN mapping table changed instance InstanceID delete vlan start...

Page 635: ...A local method Login failed through Telnet from userIP authenticated by AAA local method Username username Warning Successful login through SSH authenticated by AAA local method Successful login through SSH from userIP authenticated by AAA local method Username username Informational Login failed through SSH authenticated by AAA local method Login failed through SSH from userIP authenticated by AA...

Page 636: ...IP Username username Informational Login failed through Telnet authenticated by AAA server Login failed through Telnet from userIP authenticated by AAA server serverIP Username username Warning Login failed through Telnet due to AAA server timeout or improper configuration Login failed through Telnet from userIP due to AAA server timeout or improper configuration Username username Warning Successf...

Page 637: ...Web authenticated by AAA none method Successful Enable Admin through Web from userIP authenticated by AAA none method Username username Informational Successful Enable Admin through Web SSL authenticated by AAA none method Successful Enable Admin through Web SSL from userIP authenticated by AAA none method Username username Informational Successful Enable Admin through Telnet authenticated by AAA ...

Page 638: ...sful Enable Admin through SSH authenticated by AAA server Successful Enable Admin through SSH from userIP authenticated by AAA server serverIP Username username Informational Enable Admin failed through SSH authenticated by AAA server Enable Admin failed through SSH from userIP authenticated by AAA server serverIP Username username Warning Enable Admin failed through SSH due to AAA server timeout ...

Page 639: ...after interval time Port portNum LBD port recovered Loop detection restarted Informational Port with VID loop occurred Port portNum VID vlanID LBD loop occurred Packet discard begun Critical Port with VID Loop detection restarted after interval time Port portNum VID vlanID LBD recovered Loop detection restarted Informational 802 1x VID assigned from radius server after radius client authenticated ...

Page 640: ...Conflict IP was detected with this device IP ipaddr MAC macaddr Port portNum Interface ipif_name Warning DHCP Detect untrusted DHCP server IP address Detected untrusted DHCP server IP ipaddr Port portNum Informational COMMAND LOGGING Command Logging username execute command string Informational MBAC A host passes the authentication MAC based Access Control host login successful MAC macaddr port po...

Page 641: ...protection state manually Informational System re start reason system fatal error System re start reason system fatal error Emergent System re start reason CPU exception System re start reason CPU exception Emergent Diagnostic Diagnostic Burn in start Diagnostic Burn in start at S Informational Diagnostic Burn in end Diagnostic Burn in end at S Informational Diagnostic Burn in result Diagnostic Bu...

Page 642: ...2 BRIDGE MIB risingAlarm alarmIndex alarmVariable alarmSampleType alarmValue alarmRisingThreshold V1 V2 RMON MIB fallingAlarm alarmIndex alarmVariable alarmSampleType alarmValue alarmFallingThreshold V1 V2 RMON MIB lldpRemTablesChange lldpStatsRemTablesInserts lldpStatsRemTablesDeletes lldpStatsRemTablesDrops lldpStatsRemTablesAgeouts V1 V2 LLDP MIB swPowerStatusChg swPowerUnitIndex swPowerID swPo...

Page 643: ...x V2 PktStormCtrl mi b swSafeGuardChgToExhausted swSafeGuardCurrentStatus V2 SafeGuard mib swSafeGuardChgToNormal swSafeGuardCurrentStatus V2 SafeGuard mib swIpMacBindingRecoverLearningTrap swIpMacBindingPortIndex V2 IPMacBind mib SwMacBasedAuthLoggedSuccess swMacBasedAuthInfoMacIndex swMacBasedAuthInfoPortIndex swMacBasedAuthVID V2 mba mib swMacBasedAuthLoggedFail swMacBasedAuthInfoMacIndex swMac...

Page 644: ...RPSSFDetectedTrap swERPSNodeId V2 ERPS mib swERPSSFClearedTrap swERPSNodeId V2 ERPS mib swERPSRPLOwnerConflictTrap swERPSNodeId V2 ERPS mib agentCfgOperCompleteTrap unitID agentCfgOperate agentLoginUserName V2 Genmgmt mib agentFirmwareUpgrade swMultiImageVersion V2 Genmgmt mib agentGratuitousARPTrap agentGratuitousARPIpAddr agentGratuitousARPMacAddr agentGratuitousARPPortNumber agentGratuitousARPI...

Page 645: ...dth of a port Unit Kbits Required If the user has configured the bandwidth attribute of the RADIUS server for example ingress bandwidth 1000Kbps and the 802 1X authentication is successful the device will assign the bandwidth according to the RADIUS server to the port However if the user does not configure the bandwidth attribute and authenticates successfully the device will not assign any bandwi...

Page 646: ...uired Tunnel Medium Type This attribute indicates the transport medium being used 6 802 Required Tunnel Private Group ID This attribute indicates group ID for a particular tunneled session A string VID Required If the user has configured the VLAN attribute of the RADIUS server for example VID 3 and the 802 1X or MAC based Access Control authentication is successful the port will be added to VLAN 3...

Page 647: ...mple ACL profile create access_profile profile_id 1 profile_name profile1 ethernet vlan 0xFFF ACL rule config access_profile profile_id 1 add access_id auto_assign ethernet vlan_id 1 port all deny and the MAC based Access Cotntrol authentication is successful the device will assign the ACL profiles and rules according to the RADIUS server For more information about the ACL module please refer to C...

Reviews: