manualshive.com logo in svg

D-Link xStack DES-3500 Series, Manual

The Cli Manual for the high-performance D-Link xStack DES-3500 Series is available for free download on manualshive.com. This comprehensive manual provides detailed instructions, configuration options, and troubleshooting tips to maximize the potential of your DES-3500 switches. Unlock the full potential of your network with this essential manual.

Share
Download
background image

DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual

 

 

303

40 

CPU

 

F

ILTERING 

C

OMMANDS

 

The  CPU  Filtering  commands  in  the  Command  Line  Interface  (CLI)  are  listed  (along  with  the  appropriate  parameters)  in  the 
following table. 

Command 

Parameters 

config cpu_filter l3_control_pkt 

<portlist> [dvmrp|pim|igmp_query|ospf|rip|vrrp|all] state 
[enable | disable] 

show cpu_filter l3_control_pkt 

{<portlist>} 

Each command is listed, in detail, in the following sections. 

config cpu_filter 13_control_pkt  

Purpose 

This command is used to discard the l3 control packets sent to the CPU 
from specific ports. 

Syntax 

config cpu_filter l3_control_pkt <portlist> 
[dvmrp|pim|igmp_query|ospf|rip|vrrp|all] state [enable | disable] 

Description 

This command is used to discard the l3 control packets sent to CPU from 
specific ports. 

Parameters 

portlist - Specify the port list to filter control packets. 

dvmrp , pimigmp_query, ospf, rip, vrrp - The protocols you want to filter. 
Specify ‘all’ to filter all the l3 control packets. 

state - Enable or disable the filtering function. The default is disabled. 

Restrictions 

Only Administrator or Operator – level users can issue this command. 

Example usage: 

 

To filter DVMRP and OSPF in port 1-26: 

DES-3526:admin# config filter control_packet 1-26 dvmrp 
ospf state enable  

Command: config filter control_packet 1-26 dvmrp ospf state 
enable 

 

Success. 

 

DES-3526:admin# 

 

Summary of Contents for xStack DES-3500 Series

Page 1: ...CLI Manual ProductModel TM DES 3500Series Layer2ManagedStackableFastEthernetSwitch Release5 1 ...

Page 2: ...S 28 NETWORK MANAGEMENT SNMP COMMANDS 32 SWITCH UTILITY COMMANDS 54 NETWORK MONITORING COMMANDS 62 MULTIPLE SPANNING TREE PROTOCOL MSTP COMMANDS 76 FORWARDING DATABASE COMMANDS 89 TRAFFIC CONTROL COMMANDS 97 QOS COMMANDS 102 PORT MIRRORING COMMANDS 109 VLAN COMMANDS 112 ASYMMETRIC VLAN COMMANDS 119 LINK AGGREGATION COMMANDS 121 IP MAC BINDING 126 LIMITED IP MULTICAST ADDRESS 142 ...

Page 3: ...BACK DETECTION COMMANDS 210 TRAFFIC SEGMENTATION COMMANDS 213 TIME AND SNTP COMMANDS 215 ARP COMMANDS 221 ROUTING TABLE COMMANDS 225 MAC NOTIFICATION COMMANDS 227 ACCESS AUTHENTICATION CONTROL COMMANDS 231 SSH COMMANDS 254 SSL COMMANDS 261 D LINK SINGLE IP MANAGEMENT COMMANDS 268 COMMAND HISTORY LIST 278 LLDP COMMANDS 281 CPU FILTERING COMMANDS 303 CABLE DIAGNOSTICS COMMANDS 305 DHCP LOCAL RELAY C...

Page 4: ...GRATUITOUS ARP COMMANDS 309 ARP SPOOFING PREVENTION COMMANDS 313 TECHNICAL SUPPORT COMMANDS 315 TECHNICAL SPECIFICATIONS 317 ...

Page 5: ...ng the DES 3526 DES 3526DC and the DES 3550 Examples present in this manual may refer to any member of the xStack DES 3500 series and may show different port counts but are universal to this series of switches unless otherwise stated Configuration and management of the Switch via the Web based management agent is discussed in the User s Guide Accessing the Switch via the Serial Port The Switch s s...

Page 6: ...he IP address may be set using the Command Line Interface CLI over the console serial port as follows 1 Starting at the command line prompt enter the commands config ipif System ipaddress xxx xxx xxx xxx yyy yyy yyy yyy Where the x s represent the IP address to be assigned to the IP interface named System and the y s represent the corresponding subnet mask 2 Alternatively users can enter config ip...

Page 7: ...ch The console interface is used by connecting the Switch to a VT100 compatible terminal or a computer running an ordinary terminal emulator program e g the HyperTerminal program included with the Windows operating system using an RS 232C serial cable Your terminal parameters will need to be set to VT 100 compatible 9600 baud 8 data bits No parity One stop bit No flow control Users can also access...

Page 8: ...h a Next possible completions message DES 3526 admin config account Command config account Next possible completions username DES 3526 admin Figure 2 3 Example Command Parameter Help In this case the command config account was entered with the parameter username The CLI will then prompt users to enter the username with the message Next possible completions Every command in the CLI has this feature...

Page 9: ...value or character string braces indicate optional parameters or a choice of parameters and brackets indicate required parameters If a command is entered that is unrecognized by the CLI the top level commands will be displayed under the Available commands prompt DES 3526 admin the Available commands cable_diag clear config create delete dir disable download drv enable login logout ping reboot reco...

Page 10: ...rt limited_multicast_addr link_aggregation lldp log loopdetect mac_notification mirror multicast multicast_fdb multicast_range packet port_security ports radius router_ports safeguard_engine scheduling serial_port session sim snmp sntp ssh ssl stp switch syslog system_severity tech_support terminal_line time time_range traffic traffic_segmentation trusted_host utilization vlan DES 3526 admin Figur...

Page 11: ...brackets Example Command config ipif Engineering ipaddress 10 24 22 5 255 0 0 0 vlan Design state enable square brackets Purpose Encloses a required value or set of required arguments One value or argument can be specified Syntax create account admin operator user username 15 Description In the above syntax example users must specify either an admin or a user level account to be created Do not typ...

Page 12: ...command previous to that displayed appears This way it is possible to review the command history for the current session Use the down arrow to progress sequentially forward through the command history list Down Arrow The down arrow will display the next command in the command history entered in the current session This displays each command sequentially as it was entered Use the up arrow to review...

Page 13: ...te 9600 19200 38400 115200 auto_logout never 2_minutes 5_minutes 10_minutes 15_minutes enable clipaging disable clipaging enable telnet tcp_port_number 1 65535 disable telnet telnet ipaddr tcp_port value 0 65535 enable web tcp_port_number 1 65535 disable web save reboot reboot force_agree reset config system reset config force_agree system force_agree reset system exclude vlan system login logout ...

Page 14: ...pt plain_text sha_1 password Description The create account command is used to create user accounts that consist of a username of 1 to 15 characters and a password of 0 to 15 characters Up to 8 user accounts can be created Parameters admin operator user username 15 plain_text Select to specify the password in plain text form sha_1 Select to specify the password in the SHA I enacrpted form Password...

Page 15: ...length for of password in plain text form and in encrypted form are different For the plain text form passwords must have a minimum of 0 character and can have a maximum of 15 characters For the encrypted form password the length is fixed to 35 bytes long Restrictions Only Administrator level users can issue this command Usernames can be between 1 and 15 characters Passwords can be between 0 and 1...

Page 16: ...arameters None Restrictions Only Administrator level users can issue this command Example usage To delete the user account System DES 3526 admin delete account System Command delete account System Success DES 3526 admin To enforce the user account System is deleted DES 3526 admin delete account System force_agree Command delete account System force_agree The last administrator account will be dele...

Page 17: ...nformation DES 3526 admin show switch Command show switch Device Type DES 3526 Fast Ethernet Switch Combo Port 1000Base T 1000Base T MAC Address 00 01 02 03 04 00 IP Address 10 41 44 22 Manual VLAN Name default Subnet Mask 255 0 0 0 Default Gateway 0 0 0 0 Boot PROM Version Build 3 00 005 Firmware Version Build 5 01 B47 Hardware Version 0A1 Device S N Power Status Main Normal Redundant Not Present...

Page 18: ...arameters baud_rate 9600 19200 38400 115200 The serial bit rate that will be used to communicate with the management host There are four options 9600 19200 38400 115200 never No time limit on the length of time the console can be open with no user input 2_minutes The console will log out the current user if there is no user input for 2 minutes 5_minutes The console will log out the current user if...

Page 19: ...d to disable the pausing of the console screen scrolling at the end of each page when a command displays more than one screen of information Syntax disable clipaging Description This command is used to disable the pausing of the console screen at the end of each page when a command would display more than one screen of information Parameters None Restrictions Only Administrator and Operator level ...

Page 20: ...on the Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To disable the Telnet protocol on the Switch DES 3526 admin disable telnet Command disable telnet Success DES 3526 admin telnet Purpose Used to Telnet another device on the network Syntax telnet ipaddr tcp_port value 0 65535 Description This command is used to connect to anot...

Page 21: ...number TCP ports are numbered between 1 and 65535 The well known port for the Web based management software is 80 Restrictions Only Administrator and Operator level users can issue this command Example usage To enable HTTP and configure port number DES 3526 admin enable web 80 Command enable web 80 Success DES 3526 admin disable web Purpose Used to disable the HTTP based management software on the...

Page 22: ...tch s current configuration to non volatile RAM DES 3526 admin save Command save Saving all configurations to NV RAM Done DES 3526 admin reboot Purpose Used to restart the Switch Syntax reboot Description This command is used to restart the Switch Parameters None Restrictions None Example usage To restart the Switch DES 3526 admin reboot Command reboot Are users sure want to proceed with the syste...

Page 23: ...ettings are changed to default Rebooting will clear all entries in the Forwarding Data Base exclude You can specify to exclude reset of VLAN or system IP setting force_agree When force_agree is specified the reset command will be executed immediatedly without further confirmation If no parameter is specified the Switch s current IP address user accounts and the switch history log are not changed A...

Page 24: ...gin UserName logout Purpose Used to log out a user from the Switch s console Syntax logout Description This command terminates the current user s session on the Switch s console Parameters None Restrictions None Example usage To terminate the current user s console session DES 3526 admin logout ...

Page 25: ...prompt string 16 username default Description Administrator level users can use this command to change the command prompt Parameters string 16 The command prompt can be changed by entering a new name of no more that 16 characters username The command prompt will be changed to the login username default The command prompt will reset to factory default command prompt Restrictions Only administrator ...

Page 26: ... Only Administrator and Operator level users can issue this command Other restrictions include If the reset reset config command is executed the modified banner will remain modified However the reset system command will reset the modified banner to the original factory banner The capacity of the banner is 6 80 6 Lines and 80 characters per line Ctrl W will only save the modified banner in the DRAM...

Page 27: ...All rights reserved DES 3526 admin enable greeting_message Purpose Used to enable viewing of the currently configured greeting message configured on the Switch Syntax enable greeting_message Description This command is used to enable viewing the currently configured greeting message on the Switch Parameters None Restrictions None Example usage To enable viewing of the currently configured greeting...

Page 28: ...CLI Reference Manual 24 disable greeting_message Restrictions None Example usage To disable viewing of the currently configured greeting message DES 3526 admin disable greeting_message Command disable greeting_message Success DES 3526 admin ...

Page 29: ... type of ports speed Allows the user to adjust the speed for a port or range of ports The user has a choice of the following auto Enables auto negotiation for the specified range of ports 10 100 1000 Configures the speed in Mbps for the specified range of ports Gigabit ports are statically set to 1000 and cannot be set to slower speeds half full Configures the specified range of ports as either fu...

Page 30: ...being disabled Restrictions None Example usage To display the configuration of all ports on a standalone switch DES 3526 admin show ports Command show ports Port State Settings Connection Address Trap MDIX Speed Duplex FlowCtrl Speed Duplex FlowCtrl Learning State 1 Enabled Auto Disabled Link Down Enabled Enabled Auto 2 Enabled Auto Disabled Link Down Enabled Enabled Auto 3 Enabled Auto Disabled L...

Page 31: ...o Disabled Link Down Enabled Enabled Auto Description 3 Enabled Auto Disabled Link Down Enabled Enabled Auto Description 4 Enabled Auto Disabled Link Down Enabled Enabled Auto Description 5 Enabled Auto Disabled Link Down Enabled Enabled Auto Description 6 Enabled Auto Disabled Link Down Enabled Enabled Auto Description CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh Example usage To...

Page 32: ...able disable max_learning_addr max_lock_no 0 64 lock_address_mode Permanent DeleteOnTimeout DeleteOnReset Description This command allows for the configuration of the port security feature Only the ports listed in the portlist are affected Parameters portlist Specifies a port or range of ports to be configured all Configure port security for all ports on the Switch admin_state enable disable Enabl...

Page 33: ...r port port Description This command is used to delete a single previously learned port security entry by port VLAN name and MAC address Parameters vlan name vlan_name 32 Enter the corresponding VLAN name of the port to delete mac_address macaddr Enter the corresponding MAC address previously learned by the port to delete port port Enter the port number which has learned the previously entered MAC...

Page 34: ...ecurity_entry port 6 Success DES 3526 admin show port_security Purpose Used to display the current port security configuration Syntax show port_security ports portlist Description This command is used to display port security information of the Switch s ports The information displayed includes port security admin state maximum number of learning address and lock mode Parameters portlist Specifies ...

Page 35: ...ecurity trap log setting DES 3526 admin enable port_security trap_log Command enable port_security trap_log Success DES 3526 admin disable port_security trap_log Purpose Used to disable the trap log for port security Syntax disable port_security trap_log Description This command along with the enable port_security trap_log will enable and disable the sending of log messages to the Switch s log and...

Page 36: ...algorithms AuthPriv DES 56 bit encryption is added based on the CBC DES DES 56 standard The network management commands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table Command Parameters create snmp user snmp_username 32 groupname 32 encrypted by_password auth md5 auth_password 8 16 sha auth_password 8 20 priv none des priv_password 8 16 by...

Page 37: ...th_password 8 20 priv none des priv_password 8 16 by_key auth md5 auth_key 32 32 sha auth_key 40 40 priv none des priv_key 32 32 Description The create snmp user command creates a new SNMP user and adds the user to an SNMP group that is also created by this command SNMP ensures Message integrity Ensures that packets have not been tampered with during transit Authentication Determines if an SNMP me...

Page 38: ...cy parameter will allow for encryption in addition to the authentication algorithm for higher security The user may choose des Adding this parameter will allow for a 56 bit encryption to be added using the DES 56 standard using priv_password 8 16 An alphanumeric string of between 8 and 16 characters that will be used to encrypt the contents of messages the host sends to the agent priv_key 32 32 En...

Page 39: ...show snmp user Purpose Used to display information about each SNMP username in the SNMP group username table Syntax show snmp user Description The show snmp user command displays information about each SNMP username in the SNMP group username table Parameters None Restrictions None Example usage To display the SNMP users currently configured on the Switch DES 3526 admin show snmp user Command show...

Page 40: ...ss Restrictions Only Administrator and Operator level users can issue this command Example usage To create an SNMP view DES 3526 admin create snmp view dlinkview 1 3 6 view_type included Command create snmp view dlinkview 1 3 6 view_type included Success DES 3526 admin delete snmp view Purpose Used to remove an SNMP view entry previously created on the Switch Syntax delete snmp view view_name 32 a...

Page 41: ...usly created on the Switch Syntax show snmp view view_name 32 Description The show snmp view command displays an SNMP view previously created on the Switch Parameters view_name 32 An alphanumeric string of up to 32 characters that identifies the SNMP view that will be displayed Restrictions None Example usage To display SNMP view configuration ...

Page 42: ...to use the community string to gain access to the Switch s SNMP agent An MIB view that defines the subset of all MIB objects that will be accessible to the SNMP community read_write or read_only level permission for the MIB objects accessible to the SNMP community Syntax create snmp community community_string 32 view view_name 32 read_only read_write Description The create snmp community command i...

Page 43: ...from the Switch Parameters community_string 32 An alphanumeric string of up to 32 characters that is used to identify members of an SNMP community This string is used like a password to give remote SNMP managers access to MIB objects in the Switch s SNMP agent Restrictions Only Administrator and Operator level users can issue this command Example usage To delete the SNMP community string dlink DES...

Page 44: ...snmp engineID command configures a name for the SNMP engine on the Switch Parameters snmp_engineID An alphanumeric string that will be used to identify the SNMP engine on the Switch Restrictions Only Administrator and Operator level users can issue this command Example usage To give the SNMP agent on the Switch the name 0035636666 DES 3526 admin config snmp 0035636666 Command config snmp engineID ...

Page 45: ... some security features v3 Specifies that the SNMP version 3 will be used SNMP v3 provides secure access to devices through a combination of authentication and encrypting packets over the network SNMP v3 adds Message integrity Ensures that packets have not been tampered with during transit Authentication Determines if an SNMP message is from a valid source Encryption Scrambles the contents of mess...

Page 46: ...tch Parameters groupname 32 An alphanumeric name of up to 32 characters that will identify the SNMP group the new SNMP user will be associated with Restrictions Only Administrator and Operator level users can issue this command Example usage To delete the SNMP group named sg1 DES 3526 admin delete snmp group sg1 Command delete snmp group sg1 Success DES 3526 admin show snmp groups Purpose Used to ...

Page 47: ...w Name Notify View Name CommunityView Security Model SNMPv1 Security Level NoAuthNoPriv Total Entries 5 DES 3526 admin create snmp host Purpose Used to create a recipient of SNMP traps generated by the Switch s SNMP agent Syntax create snmp host ipaddr v1 v2c v3 noauth_nopriv auth_nopriv auth_priv auth_string 32 Description The create snmp host command creates a recipient of SNMP traps generated b...

Page 48: ...cifies that authorization will be required and that packets sent between the Switch and a remote SNMP manger will be encrypted auth_sting 32 An alphanumeric string used to authorize a remote SNMP manager to access the Switch s SNMP agent Restrictions Only Administrator and Operator level users can issue this command Example usage To create an SNMP host to receive SNMP messages DES 3526 admin creat...

Page 49: ...st IP Address SNMP Version Community Name SNMPv3 User Name 10 48 76 23 V2c private 10 48 74 100 V3 authpriv public Total Entries 2 DES 3526 admin create trusted_host Purpose Used to create the trusted host Syntax create trusted_host ipaddr snmp telnet ssh http https Description The create trusted host command creates the trusted host The switch allows you to specify IP addresses that are allowed t...

Page 50: ...xxx y add Add interfaces for that trusted host delete Delete interfaces for that trusted host snmp Specifies trusted host for SNMP telnet Specifies trusted host for TELENT ssh Specifies trusted host for SSH http Specifies trusted host for HTTP https Specifies trusted host for HTTPs Restrictions Only Administrator and Operator level users can issue this command Example usage To create the trusted h...

Page 51: ...d host for HTTPs Restrictions Only Administrator and Operator level users can issue this command Example usage To create the trusted host network DES 3526 admin create trusted_host network 10 62 32 1 16 Command create trusted_host network 10 62 32 1 16 Success show trusted_host Purpose Used to display a list of trusted hosts entered on the Switch using the create trusted_host command above Syntax ...

Page 52: ...yntax delete trusted _host network network_address Description This command is used to delete a trusted host entry made using the create trusted_host network command above Parameters network_address IP address and netmask of the trusted host network Restrictions Only Administrator and Operator level users can issue this command Example usage To delete a trusted host network IP address 10 62 31 1 1...

Page 53: ... trap support on the Switch DES 3526 admin enable snmp traps Command enable snmp traps Success DES 3526 admin enable snmp authenticate traps Purpose Used to enable SNMP authentication trap support Syntax enable snmp authenticate traps Description This command is used to enable SNMP authentication trap support on the Switch Parameters None Restrictions Only Administrator and Operator level users ca...

Page 54: ...ription This command is used to disable SNMP trap support on the Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To prevent SNMP traps from being sent from the Switch DES 3526 admin disable snmp traps Command disable snmp traps Success DES 3526 admin disable snmp authenticate traps Purpose Used to disable SNMP authentication trap...

Page 55: ...re the Switch contact to MIS Department II DES 3526 admin config snmp system_contact MIS Department II Command config snmp system_contact MIS Department II Success DES 3526 admin config snmp system_location Purpose Used to enter a description of the location of the Switch Syntax config snmp system_location sw_location Description The config snmp system_location command is used to enter a descripti...

Page 56: ...Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the Switch name for DES 3526 Switch DES 3526 admin config snmp system_name DES 3526 Switch Command config snmp system_name DES 3526 Switch Success DES 3526 admin enable rmon Purpose Used to enable RMON on the Switch Syntax enable rmon Description This command is used in conjunction with the d...

Page 57: ...Description This command is used in conjunction with the enable rmon command above to enable and disable remote monitoring RMON on the Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To disable RMON DES 3526 admin disable rmon Command disable rmon Success DES 3526 admin ...

Page 58: ...t 1 2 configuration ipaddr path_filename 64 increment Description This command is used to download a new firmware or a Switch configuration file from a TFTP server Parameters firmware_fromTFTP Download and install new firmware on the Switch from a TFTP server cfg_fromTFTP Download a switch configuration file from a TFTP server ipaddr The IP address of the TFTP server path_filename The DOS path and...

Page 59: ...uration file When the file has been successfully loaded the message End of configuration file for DES 3526 appears followed by the command prompt DES 3526 admin disable authen_policy Command disable authen_policy Success DES 3526 admin DES 3526 admin DES 3526 admin End of configuration file for DES 3526 DES 3526 admin DES 3526 admin config firmware image_id Purpose Used to configure the firmware s...

Page 60: ...ware information ID Version Size B Update Time From User 1 4 01 B09 2711821 00000 days 00 00 00 Serial Port PROM Unknown 2 5 01 B47 3281614 00000 days 00 12 34 10 73 21 1 RG means boot up section T means firmware update through TELNET S means firmware update through SNMP W means firmware update through WEB SIM means firmware update through Single IP Management Free space 2097152 bytes DES 3526 adm...

Page 61: ...tering this parameter will display configurations entered without being saved to NVRAM config_in_NVRAM Entering this parameter will display configurations entered and saved to NVRAM Restrictions None Example usage To view the current configuration settings DES 3526 admin show config current_config Command show config current_config DES 3526 Configuration Firmware Build 5 01 B47 Copyright C 2000 20...

Page 62: ... 10 48 74 121 c cfg log txt Connecting to server Done Upload configuration Done DES 3526 admin enable autoconfig Purpose Used to activate the autoconfiguration function for the Switch This will load a previously saved configuration file for current use Syntax enable autoconfig Description When autoconfig is enabled on the Switch the DHCP reply will contain a configuration file and path name It wil...

Page 63: ...imilar to the example below The configuration settings will be loaded in normal order DES 3526 Fast Ethernet Switch Command Line Interface Firmware Build 5 01 B47 Copyright C 2000 2004 D Link Corporation All rights reserved DES 3526 admin DES 3526 admin DES 3526 admin download configuration 10 41 44 44 c cfg setting txt Command download configuration 10 41 44 44 c cfg setting txt Connecting to ser...

Page 64: ...xample usage To stop the autoconfiguration function DES 3526 admin disable autoconfig Command disable autoconfig Success DES 3526 admin show autoconfig Purpose Used to display the current autoconfig status of the Switch Syntax show autoconfig Description This command will list the current status of the autoconfiguration function Parameters None Restrictions None Example usage To upload a DES 3526 ...

Page 65: ...s value 1 255 The number of individual ICMP echo messages to be sent A value of 0 will send an infinite ICMP echo messages The maximum value is 255 The default is 0 timeout sec 1 99 Defines the time out period while waiting for a response from the remote device A value of 1 to 99 seconds can be specified The default is 1 second Restrictions None Example usage To ping the IP address 10 48 74 121 fo...

Page 66: ... disable config syslog host all index 1 4 severity informational warning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr state enable disable delete syslog host index 1 4 all show syslog host index 1 4 config system_severity trap log all critical warning information show system_severity Each command is listed in detail in the following...

Page 67: ...ose Used to display the error statistics for a range of ports Syntax show error ports portlist Description This command will display all of the packet error statistics collected and logged by the Switch for a given port list Parameters portlist Specifies a port or range of ports to be displayed Restrictions None Example usage To display the errors of the port 3 of module 1 DES 3526 admin show erro...

Page 68: ...ecifies a port or range of ports to be displayed Restrictions None Example usage To display the port utilization statistics DES 3526 admin show utilization ports Command show utilization ports Port TX sec RX sec Util Port TX sec RX sec Util 1 0 0 0 22 0 0 0 2 0 0 0 23 0 0 0 3 0 0 0 24 0 0 0 4 0 0 0 25 0 26 1 5 0 0 0 26 0 0 0 6 0 0 0 7 0 0 0 8 0 0 0 9 0 0 0 10 0 0 0 11 0 0 0 12 0 0 0 13 0 0 0 14 0 ...

Page 69: ...ar log Purpose Used to clear the Switch s history log Syntax clear log Description This command will clear the Switch s history log Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To clear the log information DES 3526 admin clear log Command clear log Success DES 3526 admin show log Purpose Used to display the switch history log Syntax ...

Page 70: ...art 1 00000 days 01 08 12 Configuration and log saved to flash by console Username Anonymous DES 3526 admin NOTE For detailed information regarding Log entries that will appear in this window please refer to Appendix C at the back of the xStack DES 3500 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual enable syslog Purpose Used to enable the system log to be sent to a remote host ...

Page 71: ...ons None Example usage To display the current status of the syslog function DES 3526 admin show syslog Command show syslog Syslog Global State Enabled DES 3526 admin create syslog host Purpose Used to create a new syslog host Syntax create syslog host index 1 4 ipaddress ipaddr severity informational warning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_num...

Page 72: ...ty Code 0 Emergency system is unusable 1 Alert action must be taken immediately 2 Critical critical conditions 3 Error error conditions 4 Warning warning conditions 5 Notice normal but significant condition 6 Informational informational messages 7 Debug debug level messages Numerical Facility Code ...

Page 73: ...rom the list above local3 Specifies that local use 3 messages will be sent to the remote host This corresponds to number 19 from the list above local4 Specifies that local use 4 messages will be sent to the remote host This corresponds to number 20 from the list above local5 Specifies that local use 5 messages will be sent to the remote host This corresponds to number 21 from the list above local6...

Page 74: ...pported on the Switch Numerical Severity Code 0 Emergency system is unusable 1 Alert action must be taken immediately 2 Critical critical conditions 3 Error error conditions 4 Warning warning conditions 5 Notice normal but significant condition 6 Informational informational messages 7 Debug debug level messages informational Specifies that informational messages will be sent to the remote host Thi...

Page 75: ...local use 2 messages will be sent to the remote host This corresponds to number 18 from the list above local3 Specifies that local use 3 messages will be sent to the remote host This corresponds to number 19 from the list above local4 Specifies that local use 4 messages will be sent to the remote host This corresponds to number 20 from the list above local5 Specifies that local use 5 messages will...

Page 76: ...a syslog host that has been previously configured from the Switch Syntax delete syslog host index 1 4 all Description The delete syslog host command is used to remove a syslog host that has been previously configured from the Switch Parameters index 1 4 Specifies that the command will be applied to an index of hosts There are four available indexes numbered 1 through 4 all Specifies that the comma...

Page 77: ...n the Switch Parameters index 1 4 Specifies that the command will be applied to an index of hosts There are four available indexes numbered 1 through 4 Restrictions None Example usage To show Syslog host information DES 3526 admin show syslog host Command show syslog host Syslog Global State Disabled Host Id Host IP Address Severity Facility UDP port Status 1 10 1 1 2 All Local0 514 Disabled 2 10 ...

Page 78: ... identify where severity messages are to be sent trap Entering this parameter will define which events occurring on the Switch will be sent to a SNMP agent for analysis log Entering this parameter will define which events occurring on the Switch will be sent to the Switch s log for analysis all Entering this parameter will define which events occurring on the Switch will be sent to a SNMP agent an...

Page 79: ...ax show system_severity Description This command is used to display system_severity level of an alert required for log entry or trap message Parameters None Restrictions None Example usage To display the system severity settings for critical traps only DES 3526 admin show system_severity Command show system_severity System Severity Log information Trap information DES 3526 admin ...

Page 80: ...g the MSTP on a network will have a single MSTP configuration that will have the following three attributes a A configuration name defined by an alphanumeric string of up to 32 characters defined in the config stp mst_config_id command as name string b A configuration revision number named here as a revision_level and c A 4096 element table defined here as a vid_range which will associate each of ...

Page 81: ...ommand enable stp Success DES 3526 admin disable stp Purpose Used to globally disable STP on the Switch Syntax disable stp Description This command allows the Spanning Tree Protocol to be globally disabled on the Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To disable STP on the Switch DES 3526 admin disable stp Command disabl...

Page 82: ...t the Switch has spanning tree configuration values consistent with other devices on the bridged LAN If the value ages out and a BPDU has still not been received from the Root Bridge the Switch will start sending its own BPDU to all other switches for permission to become the Root Bridge If it turns out that your switch has the lowest Bridge Identifier it will become the Root Bridge The user may c...

Page 83: ...disable Allows the forwarding of STP BPDU packets from other network devices when STP is disabled on the Switch The default is enable Restrictions Only Administrator and Operator level users can issue this command Example usage To configure STP with maxage 18 and maxhops of 15 DES 3526 admin config stp maxage 18 maxhops 15 Command config stp maxage 18 maxhops 15 Success DES 3526 admin ...

Page 84: ...twork stations or segments that are capable of being upgraded to 802 1w RSTP or 802 1s MSTP on all or some portion of the segment edge true false auto true designates the port as an edge port Edge ports cannot create loops however an edge port can lose edge port status if a topology change creates a potential for a loop An edge port normally should not receive BPDU packets If a BPDU packet is rece...

Page 85: ... in BPDU hardware filtering mode it can be recovered by this option NOTE The following MAC addresses are layer 2 control packets 01 80 C2 00 00 00 to 01 80 C2 00 00 10 and 01 80 C2 00 00 20 to 01 80 C2 00 00 2F Restrictions Only Administrator and Operator level users can issue this command Example usage To configure STP with path cost 19 hellotime set to 5 seconds migration enable and state enable...

Page 86: ... between 1 and 4 to define the instance_id The Switch supports 5 STP regions with one unchangeable default instance ID set as 0 add_vlan Along with the vid_range vidlist parameter this command will add VIDs to the previously configured STP instance_id remove_vlan Along with the vid_range vidlist parameter this command will remove VIDs to the previously configured STP instance_id vidlist Specify th...

Page 87: ...higher priorities to STP regions will instruct the Switch to give precedence to the selected instance_id for forwarding packets The lower the priority value set the higher the priority Parameters priority value 0 61440 Select a value between 0 and 61440 to specify the priority for a specified instance ID for forwarding packets The lower the value the higher the priority This entry must be divisibl...

Page 88: ...tion for a MSTP instance Syntax config stp mst_ports portlist instance_id value 0 4 internalCost auto value 1 20000000 priority value 0 240 Description This command will update the port configuration for a STP instance_id If a loop occurs the MSTP function will use the port priority to select an interface to put into the forwarding state Set a higher priority value for interfaces to be selected fo...

Page 89: ... mst_config_id ports 1 5 instance_id 2 internalCost auto priority 16 Success DES 3526 admin show stp Purpose Used to display the Switch s current STP configuration Syntax show stp Description This command displays the Switch s current STP configuration Parameters None Restrictions None Example usage To display the status of STP on the Switch Status 1 STP enabled with STP compatible version DES 352...

Page 90: ...information for the remaining ports Restrictions None Example usage To show STP ports information for port 5 STP enabled on Switch DES 3526 admin show stp ports Command show stp ports MSTP Port Information Port Index 5 Hello Time 2 2 Port STP enabled Restricted role False Restricted TCN False External PathCost Auto 200000 Edge Port No No P2P Auto Yes Port Forward BPDU disabled BPDU Type RSTP Msti ...

Page 91: ...768 00 53 13 1A 33 24 Internal Root Cost 0 Designated Bridge 32768 00 50 BA 71 20 D6 Root Port 1 Max Age 20 Forward Delay 15 Last Topology Change 856 Topology Changes Count 2987 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh show stp mst_config_id Purpose Used to display the MSTP configuration identification Syntax show stp mst_config_id Description This command displays the Switch ...

Page 92: ...DES 3500 Layer 2 Fast Ethernet Switch CLI Reference Manual 88 ...

Page 93: ...ast port_filtering_mode portlist all forward_all_groups forward_unregistered_groups filter_unregistered_groups show multicast port_filtering_mode portlist Each command is listed in detail in the following sections create fdb Purpose Used to create a static entry to the unicast MAC address forwarding table database Syntax create fdb vlan_name 32 macaddr port port Description This command will make ...

Page 94: ... vlan_name 32 macaddr Description This command will make an entry into the Switch s multicast MAC address forwarding database Parameters vlan_name 32 The name of the VLAN on which the MAC address resides macaddr The MAC address that will be added to the forwarding table Restrictions Only Administrator and Operator level users can issue this command Example usage To create multicast MAC forwarding ...

Page 95: ...hich the MAC address resides macaddr The MAC address that will be added to the multicast forwarding table add delete add will add ports to the forwarding table delete will remove ports from the multicast forwarding table portlist Specifies a port or range of ports to be configured Restrictions Only Administrator and Operator level users can issue this command Example usage To add multicast MAC for...

Page 96: ...g table in which case the Switch will broadcast the packet to all ports negating many of the benefits of having a switch Parameters sec 10 1000000 The aging time for the MAC address forwarding database value The value in seconds may be between 10 and 1000000 seconds Restrictions Only Administrator and Operator level users can issue this command Example usage To set the fdb aging time DES 3526 admi...

Page 97: ...lways forward traffic to the specified device through this port all Clears all dynamic entries to the Switch s forwarding database Restrictions Only Administrator and Operator level users can issue this command Example usage To clear all FDB dynamic entries DES 3526 admin clear fdb all Command clear fdb all Success DES 3526 admin show multicast_fdb Purpose Used to display the contents of the Switc...

Page 98: ...ddr The MAC address that is present in the forwarding database table static Displays the static MAC address entries aging_time Displays the aging time for the MAC address forwarding database Restrictions None Example usage To display unicast MAC address table DES 3526 admin show fdb Command show fdb Unicast MAC Address Ageing Time 300 VID VLAN Name MAC Address Port Type 1 default 00 00 39 34 66 9A...

Page 99: ...d_groups The user may set the filtering mode to any of these three options Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the multicast filtering mode to forward all groups on ports 1 through 4 DES 3526 admin config multicast port_filtering_mode 1 4 forward_all_groups Command config multicast port_filtering_mode 1 4 forward_all_groups Suc...

Page 100: ...roups 6 forward_unregistered_groups 7 forward_unregistered_groups 8 forward_unregistered_groups 9 forward_unregistered_groups 10 forward_unregistered_groups 11 forward_unregistered_groups 12 forward_unregistered_groups 13 forward_unregistered_groups 14 forward_unregistered_groups 15 forward_unregistered_groups 16 forward_unregistered_groups 17 forward_unregistered_groups 18 forward_unregistered_gr...

Page 101: ...folder and selecting the disabled port and returning it to an Enabled status Otherwise the Shutdown Forever mode will be Auto Recovery after 5 mins To utilize this method of Storm Control choose the Shutdown option of the Action field in the window below The broadcast storm control commands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table Co...

Page 102: ...as well which will provide packet count samplings from the Switch s chip to determine if a Packet Storm is occurring threshold value 0 255000 The upper threshold at which the specified traffic control is switched on The value is the number of broadcast multicast unicast packets in kilopackets per second Kpps received by the Switch that will trigger the storm traffic control measures The default se...

Page 103: ...ontrol 1 broadcast enable action shutdown the traffic control shutdown mode will only be configured for port 1 NOT for group 1 ports 1 8 Any other configuration entered will apply to the group_list not per individual port The previous example is defining a port list to be configured The following example defines a group list to be configured To configure traffic control and enable broadcast storm ...

Page 104: ...sabled 128000 2 2 9 16 Disabled 128000 Disabled 128000 Disabled 128000 3 3 17 24 Disabled 128000 Disabled 128000 Disabled 128000 DES 3526 admin show traffic control Purpose Used to display current traffic control settings Syntax show traffic control group_list storm_grouplist port portlist Description This command displays the current storm traffic control configuration on the Switch Parameters gr...

Page 105: ...down Parameters none No notification will be generated or sent when a packet storm control is detected by the Switch storm _occurred A notification will be generated and sent when a packet storm has been detected by the Switch storm_cleared A notification will be generated and sent when a packet storm has been cleared by the Switch both A notification will be generated and sent when a packet storm...

Page 106: ...ackets the highest hardware priority queue will begin transmitting any packets it may have received The commands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table Command Parameters config bandwidth_control portlist rx_rate no_limit value 1 1000 tx_rate no_limit value 1 1000 show bandwidth_control portlist config scheduling class_id 0 3 max_p...

Page 107: ...dth_control 1 10 tx_rate 10 Command config bandwidth_control 1 10 tx_rate 10 Success DES 3526 admin show bandwidth_control Purpose Used to display the bandwidth control table Syntax show bandwidth_control portlist Description The show bandwidth_control command displays the current bandwidth control configuration on the Switch on a port by port basis Parameters portlist Specifies a port or range of...

Page 108: ...ill be allowed to transmit 3 packets then the next lowest hardware priority queue number 2 will be allowed to transmit 3 packets and so on until all of the queues have transmitted 3 packets The process will then repeat The max_latency parameter allows users to specify the maximum amount of time that packets are delayed before being transmitted to a given hardware priority queue A value between 0 a...

Page 109: ...rent traffic scheduling mechanisms in use on the Switch Parameters None Restrictions None Example usage To display the current scheduling configuration DES 3526 admin show scheduling Command show scheduling QOS Output Scheduling Class ID MAX Packets MAX Latency Class 0 100 150 Class 1 99 100 Class 2 91 101 Class 3 21 201 DES 3526 admin config 802 1p user_priority Purpose Used to map the 802 1p use...

Page 110: ...3 the highest priority Restrictions Only Administrator and Operator level users can issue this command Example usage To configure 802 1 user priority on the Switch DES 3526 admin config 802 1p user_priority 1 3 Command config 802 1p user_priority 1 3 Success DES 3526 admin show 802 1p user_priority Purpose Used to display the current mapping between an incoming packet s 802 1p priority value and o...

Page 111: ...For example 1 3 specifies switch number 1 port 3 2 4 specifies switch number 2 port 4 1 3 2 4 specifies all of the ports between switch 1 port 3 and switch 2 port 4 in numerical order Non contiguous portlist entries are separated by a comma ex 1 1 1 3 1 7 1 9 all Specifies that the command applies to all ports on the Switch priority 0 7 The priority value to assign to untagged packets received by ...

Page 112: ...cifies all of the ports between switch 1 port 3 and switch 2 port 4 in numerical order Non contiguous portlist entries are separated by a comma ex 1 1 1 3 1 7 1 9 Restrictions None Example usage To display the current 802 1p default priority configuration on the Switch DES 3526 admin show 802 1p default_priority Command show 802 1p default_priority Port Priority Effective Priority 1 0 0 2 0 0 3 0 ...

Page 113: ...ed by or sent by one or both is mirrored to the Target port Parameters port This specifies the Target port the port where mirrored packets will be received The target port must be configured in the same VLAN and must be operating at the same speed a s the source port If the target port is operating at a lower speed the source port will be forced to drop its operating speed to match that of the tar...

Page 114: ...on into the Switch and then turn the port mirroring on and off without having to modify the port mirroring configuration Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To enable mirroring configurations DES 3526 admin enable mirror Command enable mirror Success DES 3526 admin disable mirror Purpose Used to disable a previously entered ...

Page 115: ...Used to show the current port mirroring configuration on the Switch Syntax show mirror Description This command displays the current port mirroring configuration on the Switch Parameters None Restrictions None Example usage To display mirroring configuration DES 3526 admin show mirror Command show mirror Current Settings Mirror Status Enabled Target Port 1 Mirrored Port RX TX 5 7 DES 3526 admin ...

Page 116: ...id 1 4094 enable gvrp disable gvrp show vlan vlan_name 32 show gvrp portlist Each command is listed in detail in the following sections create vlan Purpose Used to create a VLAN on the Switch Syntax create vlan vlan_name 32 tag vlanid 1 4094 advertisement Description This command allows the user to create a VLAN on the Switch Parameters vlan_name 32 The name of the VLAN to be created vlanid 1 4094...

Page 117: ...e user to add ports to the port list of a previously configured VLAN The user can specify the additional ports as tagging untagging or forbidden The default is to assign the ports as untagging Parameters vlan_name 32 The name of the VLAN to which to add ports add Entering the add parameter will add ports to the VLAN There are three types of ports to add tagged Specifies the additional ports as tag...

Page 118: ...ly Restrictions You must have Operator or Administrator level privileges Example usage To create VLAN with VLAN ID 2 and VLAN ID 3 DES 3526 admin create vlan vlanid 2 3 Command create vlan vlanid 2 3 Success DES 3526 admin delete vlan vlanid Purpose Used to delete a previously configured VLAN by VLAN ID list on the switch Syntax delete vlan vlanid vlanid_list Description The delete vlan by vlan id...

Page 119: ... specifies if the port should join GVRP or not There are two parameters enable Specifies that the port should join GVRP disable Specifies that the port should not join GVRP name Entering the name parameter specifies the name of the VLAN to be modified name Enter a name for the VLAN Restrictions You must have Operator or Administrator level privileges Example usage To add ports 4 through 8 as tagge...

Page 120: ...me tagged_only pvid 2 Command config gvrp 1 4 state enable ingress_checking enable acceptable_frame tagged_only pvid 2 Success DES 3526 admin enable gvrp Purpose Used to enable GVRP on the Switch Syntax enable gvrp Description This command along with disable gvrp below is used to enable and disable GVRP on the Switch without changing the GVRP configuration on the Switch Parameters None Restriction...

Page 121: ...for which to display a summary of settings Restrictions None Example usage To display the Switch s current VLAN settings DES 3526 admin show vlan Command show vlan VID 1 VLAN Name default VLAN TYPE static Advertisement Enabled Member ports 1 26 Static ports 1 26 Current Tagged ports Current Untagged ports 1 26 Static Tagged ports Static Untagged ports 1 26 Forbidden ports Total Entries 1 DES 3526 ...

Page 122: ...1 Disabled Enabled All Frames 2 1 Disabled Enabled All Frames 3 1 Disabled Enabled All Frames 4 1 Disabled Enabled All Frames 5 1 Disabled Enabled All Frames 6 1 Disabled Enabled All Frames 7 1 Disabled Enabled All Frames 8 1 Disabled Enabled All Frames 9 1 Disabled Enabled All Frames 10 1 Disabled Enabled All Frames Total Entries 10 DES 3526 admin DES 3526 admin ...

Page 123: ...and enables the asymmetric VLAN function on the Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To enable asymmetric VLANs DES 3526 admin enable asymmetric_vlan Command enable asymmetric_vlan Success DES 3526 admin disable asymmetric_vlan Purpose Used to disable the asymmetric VLAN function on the Switch Syntax disable asymmetric...

Page 124: ...on the Switch Syntax show asymmetric_vlan Description This command displays the asymmetric VLAN state on the Switch Parameters None Restrictions None Example usage To display the asymmetric VLAN state currently set on the Switch DES 3526 admin show asymmetric_vlan Command show asymmetric_vlan Asymmetric VLAN Enabled DES 3526 admin ...

Page 125: ...ue identifier Parameters value Specifies the group ID The Switch allows up to 6 link aggregation groups to be configured The group number identifies each of the groups type Specify the type of link aggregation used for the group If the type is not specified the default type is static lacp This designates the port group as LACP compliant LACP allows dynamic adjustment to the aggregated port group L...

Page 126: ... was created with the create link_aggregation command above The DES 3500 supports link aggregation cross box which specifies that link aggregation groups may be spread over multiple switches in the switching stack Parameters group _id value 1 6 Specifies the group ID The Switch allows up to 6 link aggregation groups to be configured The group number identifies each of the groups master_port port M...

Page 127: ...ation Indicates that the Switch should examine the IP destination address ip_source_dest Indicates that the Switch should examine the IP source address and the destination address Restrictions Only Administrator and Operator level users can issue this command Example usage To configure link aggregation algorithm for mac source dest DES 3526 admin config link_aggregation algorithm mac_source_dest C...

Page 128: ...tive LACP ports are capable of processing and sending LACP control frames This allows LACP compliant devices to negotiate the aggregated link so the group may be changed dynamically as needs require In order to utilize the ability to change an aggregated port group that is to add or subtract ports from the group at least one of the participating devices must designate LACP ports as active Both dev...

Page 129: ...re currently configured Parameters portlist Specifies a port or range of ports to be configured If no parameter is specified the system will display the current LACP status for all ports Restrictions None Example usage To display LACP port mode settings DES 3526 admin show lacp_ports 1 10 Command show lacp_ports 1 10 Port Activity 1 Active 2 Active 3 Active 4 Active 5 Active 6 Active 7 Active 8 Ac...

Page 130: ...MAC Binding Setting window All others will be discarded To configure the ACL mode the user must first create an IP MAC binding using the create address_binding ip_mac ipaddress command and select the mode as acl Then the user must enable the mode by entering the enable address_binding acl_mode command If an IP MAC binding entry is created and the user wishes to change it to an ACL mode entry the u...

Page 131: ...ip mac ipaddress ipaddr mac_address macaddr all blocked all vlan_name vlan_name mac_address macaddr enable address_binding acl_mode disable address_binding acl_mode enable address_binding trap_log disable address_binding trap_log show address_binding dhcp_snoop max_entry ports portlist binding_entry port port enable address_binding dhcp_snoop disable address_binding dhcp_snoop clear address_bindin...

Page 132: ...entered acl Choosing this entry will allow only packets from the source IP MAC binding entry created here All other packets with a different IP address will be discarded by the Switch This mode can only be used if the ACL Mode has been enabled in the IP MAC Binding Ports window as seen previously Restrictions User Account Command Level Administrator and Operator Example usage To create address bin...

Page 133: ...address_binding ip_mac ipaddress Purpose Used to configure an IP MAC Binding entry Syntax config address_binding ip_mac ipaddress ipaddr mac_address macaddr ports portlist all mode arp acl Description This command will configure an IP MAC Binding entry Parameters ipaddr The IP address of the device where the IP MAC binding is made macaddr The MAC address of the device where the IP MAC binding is m...

Page 134: ...by the hardware until the S W learn entries for the port The port will check ARP packets and IP packets by IP MAC PORT Binding entries The packet is found by the entry the MAC address will be set to dynamic The packet is not found by the entry the MAC address will be set to block Other packets will be dropped The default mode is strict if not specified The ports with strict mode will capture unica...

Page 135: ...onfig address_binding ip_mac ports 2 allow_zeroip enable Success DES 3526 admin config address_binding ip_mac ports Purpose Used to configure an IP MAC state to enable or disable for specified ports Syntax config address_binding ip_mac ports portlist all forward_dhcppkt enable disable Description This command will configure IP MAC state to enable or disable forward DHCP packet for specified ports ...

Page 136: ... physical address of the device ports The number of enabled ports on a device Parameters all For IP_MAC binding all specifies all the IP MAC binding entries for Blocked Address Binding entries all specifies all the blocked VLANs and their bound physical addresses ipaddr The IP address of the device where the IP MAC binding is made macaddr The MAC address of the device where the IP MAC binding is m...

Page 137: ... and the physical address of the device To delete all the Blocked Address Binding entries toggle all Parameters ipaddr The IP address of the device where the IP MAC binding is made macaddr The MAC address of the device where the IP MAC binding is made vlan_name The VLAN name of the VLAN that is bound to a MAC address in order to block a specific device on a known VLAN all For IP_MAC binding all sp...

Page 138: ...splay the commands for creating the IP MAC ACL mode access profile entries Example usage To enable IP MAC Binding ACL mode on the Switch DES 3526 admin enable address_binding acl_mode Command enable address_binding acl_mode Success DES 3526 admin disable address_binding acl_mode Purpose Used to disable the ACL mode for an IP MAC binding entry Syntax disable address_binding acl_mode Description Thi...

Page 139: ...ictions Only Administrator and Operator level users can issue this command Example usage To enable sending of IP MAC Binding trap log messages on the Switch DES 3526 admin enable address_binding trap_log Command enable address_binding trap_log Success DES 3526 admin disable address_binding trap_log Purpose Used to disable the trap log for the IP MAC binding function Syntax disable address_binding ...

Page 140: ...g_entry port port Description This command is used to show address_binding dhcp_snoop information Parameters None Restrictions None Example usage To show address_binding dhcp_snoop DES 3526 admin show address_binding dhcp_snoop Command show address_binding dhcp_snoop DHCP_Snoop Enabled Success DES 3526 admin DES 3526 admin show address_binding dhcp_snoop binding_entry Command show address_binding ...

Page 141: ... 5 16 5 17 5 18 5 19 5 20 5 21 5 22 5 23 5 24 5 25 5 26 5 DES 3526 admin enable address_binding dhcp_snoop Purpose Used to enable address_binding dhcp_snoop Syntax enable address_binding dhcp_snoop Description This command is used to enable the function to allow entries to be created by the DHCP packet Parameters None Restrictions Only Administrator and Operator level users can issue this command ...

Page 142: ...sable address_binding dhcp_snoop Command disable address_binding dhcp_snoop Success DES 3526 admin clear address_binding dhcp_snoop binding_entry Purpose To clear the address binding entries learned for the specified ports Syntax clear address_binding dhcp_snoop binding_entry ports portlist all Description To clear the address binding entries learned for the specified ports Parameters ports Specif...

Page 143: ...try ports 1 3 limit 10 Success DES 3526 admin create address_binding permit_ip_pool Purpose To create the entry of permit IP pool Syntax create address_binding permit_ip_pool start_ip ipaddr end_ip ipaddr ports portlist all Description This command is used to create an entry for the permit IP pool When the switch receives the ARP or IP packet it will check the permit IP pool and IP MAC Port Bindin...

Page 144: ...gure the portlist to apply Restrictions Only Administrator and Operator level users can issue this command Example usage To config address_binding permit_ip_pool DES 3526 admin config address_binding permit_ip_pool start_ip 10 10 10 10 end_ip 10 10 10 11 ports 2 Command config address_binding permit_ip_pool start_ip 10 10 10 10 end_ip 10 10 10 11 ports 2 Success DES 3526 admin delete address_bindi...

Page 145: ...n show address_binding permit_ip_pool Purpose To display the entry of permit IP pool Syntax show address_binding permit_ip_pool Description User uses this command to update an entry of permit IP pool Parameters None Restrictions None Example usage To view the address binding permit IP pool DES 3526 admin show address_binding permit_ip_pool Command show address_binding permit_ip_pool Start IP End I...

Page 146: ... ports portlist Each command is listed in detail in the following sections create multicast_range Purpose Used to create create a multicast address profile Syntax create multicast_range range_name from multicast_ipaddr to multicast_ipaddr Description The create multicast_range command allows the user to create a multicast address profile with a specific multicast ranges of multicast addresses in t...

Page 147: ...cast range profile with its profile name DES 3526 admin delete multicast_range M Range 2 Command delete multicast_range M Range 2 Success DES 3526 admin show multicast_range Purpose Used to create display all existing multicast address profiles Syntax show multicast_range range_name Description The show multicast_range command allows the user to delete all multicast range profiles which have been ...

Page 148: ...tate This parameter allows the user to enable or disable the limited multicast address range on a specific port or range of ports Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the limited multicast address on ports 1 3 DES 3526 admin config limited_multicast_addr ports 1 3 add multicst_range MOD Command config limited_multicast_addr port...

Page 149: ...DES 3500 Layer 2 Fast Ethernet Switch CLI Reference Manual 145 3 224 1 1 1 224 1 1 2 permit enable DES 3526 admin ...

Page 150: ... identify this IP interface ipaddress network_address IP address and netmask of the IP interface to be created Users can specify the address and mask information using the traditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 vlan_name 32 The name of the VLAN corresponding to the System IP interface state enable disable Allows users to enable or disable the IP interface bo...

Page 151: ...ously saved configuration file for current use Syntax enable autoconfig Description When autoconfig is enabled on the Switch the DHCP reply will contain a configuration file and path name It will then request the file from the TFTP server specified in the reply When autoconfig is enabled the ipif settings will automatically become DHCP client Parameters None Restrictions When autoconfig is enabled...

Page 152: ...ch CLI Reference Manual 148 DES 3526 admin enable autoconfig Command enable autoconfig Success DES 3526 admin NOTE More detailed information for this command and related commands can be found in the section titled Switch Utility Commands ...

Page 153: ... vlan vlan_name 32 show igmp_snooping group vlan vlan_name 32 create igmp_snooping multicast_vlan vlan_name 32 vlanid 2 4094 config igmp_snooping multicast_vlan vlan_name 32 member_port portlist source_port portlist state enable disable replace_source_ip ipaddr delete igmp_snooping multicast_vlan vlan_name 32 show igmp_snooping multicast_vlan vlan_name 32 Each command is listed in detail in the fo...

Page 154: ...uccess DES 3526 admin config router_ports Purpose Used to configure ports as router ports Syntax config router_ports vlan_name 32 add delete portlist Description This command allows users to designate a range of ports as being connected to multicast enabled routers This will ensure that all packets with such a router as its destination will reach the multicast enabled router regardless of protocol...

Page 155: ... snooping on the Switch Syntax enable igmp_snooping forward_mcrouter_only Description This command allows users to enable IGMP snooping on the Switch If forward_mcrouter_only is specified the Switch will only forward all multicast traffic to the multicast router only Otherwise the Switch forwards all multicast traffic to any IP router Parameters forward_mcrouter_only Specifies that the Switch shou...

Page 156: ...le usage To disable forwarding all multicast traffic to a multicast enabled router DES 3526 admin disable igmp_snooping forward_mcrouter_only Command disable igmp_snooping forward_mcrouter_only Success DES 3526 admin show igmp_snooping Purpose Used to show the current status of IGMP snooping on the Switch Syntax show igmp_snooping vlan vlan_name 32 Description This command will display the current...

Page 157: ...up vlan vlan_name 32 Description This command will display the current IGMP snooping group configuration on the Switch Parameters vlan_name 32 The name of the VLAN for which to view IGMP snooping group configuration information Restrictions None Example usage To show IGMP snooping group DES 3526 admin show igmp_snooping group Command show igmp_snooping group VLAN Name default Multicast group 224 0...

Page 158: ...on which the router port resides static Displays router ports that have been statically configured dynamic Displays router ports that have been dynamically configured Restrictions None Example usage To display the router ports DES 3526 admin show router_ports Command show router_ports VLAN Name default Static router port 1 2 10 Dynamic router port Forbidden router port Total Entries 1 DES 3526 adm...

Page 159: ...MAC address 01 00 5E 00 00 02 Port Member 17 Total Entries 1 DES 3526 admin show igmp_snooping group Purpose Used to display the current IGMP snooping configuration on the Switch Syntax show igmp_snooping group vlan vlan_name 32 Description This command will display the current IGMP setup currently configured on the Switch Parameters vlan_name 32 The name of the VLAN for which to view IGMP snoopin...

Page 160: ...age To create a multicast VLAN DES 3526 admin show igmp_snooping group Command show igmp_snooping group VLAN Name default Multicast group 224 0 0 2 MAC address 01 00 5E 00 00 02 Reports 1 Port Member 2 4 VLAN Name default Multicast group 224 0 0 9 MAC address 01 00 5E 00 00 09 Reports 1 Port Member 6 8 VLAN Name default Multicast group 234 5 6 7 MAC address 01 00 5E 05 06 07 Reports 1 Port Member ...

Page 161: ... VLAN These ports will receive multicast traffic from the source port Remember the source port cannot be the same as any member port source port portlist Enter a port on the Switch to be designated as the source port for multicast traffic Multicast traffic entering the switch will be forwarded from this port to member ports on the same VLAN Note that the source port must be different from the memb...

Page 162: ...inity Success DES 3526 admin show igmp_snooping multicast_vlan Purpose Used to show the settings for a multicast VLAN previously created on the switch Syntax show igmp_snooping multicast_vlan vlan_name 32 Description This command display the settings for a multicast VLAN previously created on the switch Parameters vlan_name 32 The name of a specific multicast VLAN for which to view settings Restri...

Page 163: ...delete string desc 64 relay ipaddr ipaddress ipaddr all default ipaddr show dhcp_relay option_60 string desc 64 ipaddress ipaddr default config dhcp_relay option_61 state enable disable config dhcp_relay option_61 add mac_address macaddr string desc 64 relay ipaddr drop config dhcp_relay option_61 default relay ipaddr drop config dhcp_relay option_61 delete mac_address macaddr string desc 64 all s...

Page 164: ...admin config dhcp_relay add ipif System 10 58 44 6 Command config dhcp_relay add ipif System 10 58 44 6 Success DES 3526 admin config dhcp_relay delete ipif Purpose Used to delete one or all IP destination addresses from the Switch s DHCP BOOTP relay table Syntax config dhcp_relay delete ipif ipif_name 12 ipaddr Description This command is used to delete an IP destination addresses in the Switch s...

Page 165: ...and forwards the packet to the switch port that connects to the DHCP client that sent the DHCP request disable If the field is toggled to disable the relay agent will not insert and remove DHCP relay information option 82 field in messages between DHCP servers and clients and the check and policy settings will have no effect Restrictions Only Administrator and Operator level users can issue this c...

Page 166: ...t received from the DHCP client keep The option 82 field will be retained if the option 82 field already exists in the packet received from the DHCP client Restrictions Only Administrator and Operator level users can issue this command Example usage To configure DHCP relay option 82 policy DES 3526 admin config dhcp_relay option_82 policy replace Command config dhcp_relay option_82 policy replace ...

Page 167: ...sage To show the DHCP relay configuration DES 3526 admin show dhcp_relay Command show dhcp_relay DHCP BOOTP Relay Status Enabled DHCP BOOTP Hops Count Limit 2 DHCP BOOTP Relay Time Threshold 23 DHCP Relay Agent Information Option 82 State Enabled DHCP Relay Agent Information Option 82 Check Enabled DHCP Relay Agent Information Option 82 Policy Replace Interface Server 1 Server 2 Server 3 Server 4 ...

Page 168: ... dhcp_relay opton_60 state Syntax config dhcp_relay option_60 state enable disable Description This decides whether dhcp_relay will process the DHCP option 60 or not When option_60 is enabled if the packet does not have option 60 then the relay servers cannot be determined based on option 60 The relay servers will be determined based on either option 61 or per IPIF configured servers If the relay ...

Page 169: ...r and the same string can be specified with multiple relay servers The system will relay the packet to all the matching servers Parameters exact_match The option 60 string in the packet must full match with the specified string partial_match The option 60 string in the packet only need partial match with the specified string string The specified string ipaddress Specify a relay server IP address R...

Page 170: ...d on the relay rules Restrictions Only Administrator and Operator level users can issue this command Example usage To config DHCP relay option 60 default DES 3526 admin config dhcp_relay option_60 default drop Command config dhcp_relay option_60 default drop Success DES 3526 admin config dhcp_relay option_60 delete Purpose Used to delete dhcp_relay option_60 entry Syntax config dhcp_relay option_6...

Page 171: ... Parameters no parameter Shows all the dhcp_option60 entry string Shows the entry whose string equals the specified string ipadddress Show the entry whose ipaddress equals the specified ipaddress default Show the defaut behaviour of dhcp_relay option60 Restrictions None Example usage To display DHCP relay option 60 DES 3526 admin show dhcp_relay option_60 Command show dhcp_relay option_60 State En...

Page 172: ...ple usage To configure the state of dhcp_relay option 61 DES 3526 admin config dhcp_relay option_61 state enable Command config dhcp_relay option_61 state enable Success DES 3526 admin config dhcp_relay option_61 add Purpose Used to add a rule for dhcp_relay option_61 Syntax config dhcp_relay option_61 add mac_address macaddr string desc 64 relay ipaddr drop Description This command adds a rule to...

Page 173: ...n IP address drop Specify to drop the packet that have no option 61 matching rules Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the DHCP realy option 61 default DES 3526 admin config dhcp_relay option_61 default drop Command config dhcp_relay option_61 default drop Success DES 3526 admin config dhcp_relay option_61 delete Purpose Used t...

Page 174: ..._relay option_61 Purpose Used to show all ruler for option 61 Syntax show dhcp_relay option_61 Description Show all dhcp_relay option 61 Parameters None Restrictions None Example usage To show DHCP relay option 61 DES 3526 admin show dhcp_relay option_60 Command show dhcp_relay option_61 State Enabled Default Relay Rule 10 90 90 200 Matching Rules Client ID Relay Rule 00 11 22 33 44 55 Drop abc Dr...

Page 175: ...uth enable disable config 802 1x auth_protocol radius eap radius pap config 802 1x init port_based ports portlist all mac_based ports portlist all mac_address macaddr config 802 1x auth_mode port_based mac_based config 802 1x reauth port_based ports portlist all mac_based ports portlist all mac_address macaddr config radius add server_index 1 3 server_ip key passwd 32 default auth_port udp_port_nu...

Page 176: ...1x on the Switch DES 3526 admin disable 802 1x Command disable 802 1x Success DES 3526 admin show 802 1x auth_configuration Purpose Used to display the current configuration of the 802 1x server on the Switch Syntax show 802 1x auth_configuration ports portlist Description The show 802 1x user command is used to display the 802 1x Port based or MAC based Network Access control local users currentl...

Page 177: ...ation failure and the start of a new authentication attempt TxPeriod Shows the time to wait for a response from a supplicant user to send EAP Request Identity packets SuppTimeout Shows the time to wait for a response from a supplicant user for all EAP packets except for the Request Identity packets ServerTimeout Shows the length of time to wait for a response from a RADIUS server MaxReq Shows the ...

Page 178: ...tion process Authorized means that the user was authenticated and can access the network Unauthorized means that the user was not authenticated and cannot access the network Restrictions None Example usage To display the 802 1x auth state for Port based 802 1x DES 3526 admin show 802 1x auth_state Command show 802 1x auth_state Port Auth PAE State Backend State Port Status 1 ForceAuth Success Auth...

Page 179: ... authentication feature on the Switch Parameters port_based mac_based ports The Switch allows users to authenticate 802 1x by either port or MAC address Restrictions Only Administrator and Operator level users can issue this command Example usage To configure 802 1x authentication by MAC address DES 3526 admin config 802 1x auth_mode mac_based Command config 802 1x auth_mode mac_based Success DES ...

Page 180: ...ption The config 802 1x auth_parameter command is used to configure the 802 1x Authentication parameters on a range of ports The default parameter will return all ports in the specified range to their default 802 1x settings Parameters portlist Specifies a port or range of ports to be configured all Specifies all of the ports on the Switch default Returns all of the ports in the specified range to...

Page 181: ...To configure 802 1x authentication parameters for ports 1 20 DES 3526 admin config 802 1x auth_parameter ports 1 20 direction both Command config 802 1x auth_parameter ports 1 20 direction both Success DES 3526 admin config 802 1x auth_protocol Purpose Used to configure the 802 1x authentication protocol on the Switch Syntax config 802 1x auth_protocol radius_eap radius_pap Description The config ...

Page 182: ...d ports all Command config 802 1x init port_based ports all Success DES 3526 admin config 802 1x reauth Purpose Used to configure the 802 1x re authentication feature of the Switch Syntax config 802 1x reauth port_based ports portlist all mac_based ports portlist all mac_address macaddr Description The config 802 1x reauth command is used to re authenticate a previously authenticated device based ...

Page 183: ... be used default Uses the default UDP port number in both the auth_port and acct_port settings auth_port udp_port_number 1 65535 The UDP port number for authentication requests The default is 1812 acct_port udp_port_number 1 65535 The UDP port number for accounting requests The default is 1813 Restrictions Only Administrator and Operator level users can issue this command Example usage To configur...

Page 184: ...ddress of the RADIUS server key Specifies that a password and encryption key will be used between the Switch and the RADIUS server passwd 32 The shared secret key used by the RADIUS server and the Switch Up to 32 characters can be used auth_port udp_port_number 1 65535 The UDP port number for authentication requests The default is 1812 acct_port udp_port_number 1 65535 The UDP port number for acco...

Page 185: ...ame 32 Enter an alphanumeric string of no more than 32 characters to define a pre existing VLAN as a 802 1x Guest VLAN This VLAN must have first been created with the create vlan command mentioned earlier in this manual Restrictions User Account Command Level Administrator and Operator This VLAN is only supported for port based 802 1x and must have already been previously created using the create ...

Page 186: ...s DES 3526 admin show 802 1x guest_vlan Purpose Used to view the configurations for a 802 1x Guest VLAN Syntax show 802 1x guest_vlan Description The show 802 1x guest_vlan command is used to display the settings for the VLAN that has been enabled as an 802 1x Guest VLAN Guest 802 1X VLAN clients are those who have not been authorized for 802 1x or they haven t yet installed the necessary 802 1x s...

Page 187: ... yet would still like limited access rights on the Switch Parameters vlan_name 32 Enter the VLAN name of the Guest 802 1x VLAN to be deleted Restrictions User Account Command Level Administrator and Operator This VLAN is only supported for port based 802 1x and must have already been previously created using the create vlan command Only one VLAN can be set as the 802 1x Guest VLAN Example usage To...

Page 188: ... config access_profile profile_id value 1 255 add access_id value 1 65535 ethernet vlan vlan_name 32 source_mac macaddr destination_mac macaddr 802 1p value 0 7 ethernet_type hex 0x0 0xffff ip vlan vlan_name 32 source_ip ipaddr destination_ip ipaddr dscp value 0 63 icmp type value 0 255 code value 0 255 igmp type value 0 255 tcp src_port value 0 65535 dst_port value 0 65535 flag_mask all urg ack p...

Page 189: ...ours start_time hh mm ss end_time hh mm ss weekdays daylist delete Access profiles allow users to establish criteria to determine whether or not the Switch will forward packets based on the information contained in each packet s header Creating an access profile is divided into two basic parts First an access profile must be created using the create access_profile command For example if users want...

Page 190: ...kewise 200 rules may be configured for ports 9 to 16 and another 200 rules for ports 17 to 24 Up to 100 rules may be configured for each Gigabit Ethernet port The table below provides a summary of the maximum ACL profile rule limits DES 3526 DES 3526DC DES 3550 Port Numbers Maximum ACL Profile Rules per Port Group 1 8 200 9 16 200 17 24 200 25 32 200 33 40 200 41 48 200 49 Gigabit 100 50 Gigabit 1...

Page 191: ... examine the 802 1p priority value in the frame s header ethernet_type Specifies that the Switch will examine the Ethernet type value in each frame s header ip Specifies that the Switch will examine the IP address in each frame s header vlan Specifies a VLAN mask source_ip_mask netmask Specifies an IP address mask for the source IP address destination_ip_mask netmask Specifies an IP address mask f...

Page 192: ...lue in hex form to mask the packet from byte 16 to byte 31 offset_32 47 Enter a value in hex form to mask the packet from byte 32 to byte 47 offset_48 63 Enter a value in hex form to mask the packet from byte 48 to byte 63 offset_64 79 Enter a value in hex form to mask the packet from byte 64 to byte 79 profile_id value 1 255 Sets the relative priority for the profile Priority is set relative to o...

Page 193: ...id value 1 65535 ethernet vlan vlan_name 32 source_mac macaddr destination_mac macaddr 802 1p value 0 7 ethernet_type hex 0x0 0xffff ip vlan vlan_name 32 source_ip ipaddr destination_ip ipaddr dscp value 0 63 icmp type value 0 255 code value 0 255 igmp type value 0 255 tcp src_port value 0 65535 dst_port value 0 65535 flag_mask all urg ack psh rst syn fin udp src_port value 0 65535 dst_port value ...

Page 194: ...t lease see the introduction to this chapter ethernet Specifies that the Switch will look only into the layer 2 part of each packet vlan vlan_name 32 Specifies that the access profile will apply to only to this VLAN source_mac macaddr Specifies that the access profile will apply to only packets with this source MAC address destination_mac macaddr Specifies that the access profile will apply to onl...

Page 195: ...e access profile will apply only to packets that have this TCP destination port in their TCP header flag_mask Enter the type of TCP flag to be masked all all flags are selected urg TCP control flag urgent ack TCP control flag acknowledgement psh TCP control flag push rst TCP control flag reset syn TCP control flag synchronize fin TCP control flag finish udp Specifies that the Switch will examine t...

Page 196: ...ion to this chapter time_range Specifies the time range settings Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the access profile with the profile ID of 1 to filter frames on port 7 that have IP addresses in the range between 10 42 73 0 to 10 42 73 255 DES 3526 admin config access_profile profile_id 1 add access_id 1 ip source_ip 10 42 7...

Page 197: ... 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset 16 31 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset 32 47 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset 48 63 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset 64 79 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0...

Page 198: ... the switch will examine each frame s Universal Datagram Protocol UDP field src_port_mask hex 0x0 0xffff Specifies a UDP port mask for the source port dst_port_mask hex 0x0 0xffff Specifies a UDP port mask for the destination port protocol_id_mask hex 0x0 0xffffffff Specifies that the Switch will examine each frame s Protocol ID field using the hex form entered here user_define_mask hex 0x0 0xffff...

Page 199: ...p vlan vlan_name 32 source_ip ipaddr destination_ip ipaddr dscp value 0 63 icmp type value 0 255 code value 0 255 igmp type value 0 255 tcp src_port value 0 65535 dst_port value 0 65535 flag all urg ack psh rst syn fin udp src_port value 0 65535 dst_port value 0 65535 protocol_id value 0 255 user_define hex 0x0 0xffffffff port portlist all permit deny packet_content offset_0 15 hex 0x0 0xffffffff ...

Page 200: ...mine the Internet Group Management Protocol IGMP field within each packet type value 0 255 Specifies that the access profile will apply to packets that have this IGMP type value tcp Specifies that the Switch will examine the Transmission Control Protocol TCP field within each packet src_port value 0 65535 Specifies that the access profile will apply only to packets that have this TCP source port i...

Page 201: ...p 10 1 1 252 dscp 3 icmp type 11 code 32 port 1 deny Command config cpu access_profile profile_id 10 add access_id 1 ip vlan default source_ip 20 2 2 3 destination_ip 10 1 1 252 dscp 3 icmp type 11 code 32 port 1 deny Success DES 3526 admin delete cpu access_profile Purpose Used to delete a previously created CPU access profile Syntax delete cpu access_profile profile_id value 1 5 Description The ...

Page 202: ...s Only administrator level users can issue this command Example usage To show the CPU filtering state on the Switch DES 3526 admin show cpu access_profile Command show cpu access_profile CPU Interface Filtering State Disabled CPU Interface Access Profile Table Access Profile ID 1 TYPE Ethernet MASK Option VLAN 802 1p Access ID 2 Mode Permit Ports 1 default Total Entries 1 DES 3526 admin enable cpu...

Page 203: ...view the current running state of the CPU interface filtering mechanism on the Switch Parameters None Restrictions Only administrator level users can issue this command Example usage To show the CPU filtering state on the Switch DES 3526 admin show cpu_interface_filtering Command show cpu_interface_filtering Software ACL Check Disabled DES 3526 admin config flow_meter Purpose Used to limit the ban...

Page 204: ...the rule created For information on number of rules that can be created for a given port lease see the introduction to this chapter rate value 0 999936 Enter a desired bandwidth of the ingress traffic that you want to limit Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the ACL flow meter on the Switch DES 3526 admin config flow_meter pro...

Page 205: ...t_config access_profile ACL create access_profile ethernet vlan profile_id 1 config access_profile profile_id 1 add access_id 1 ethernet vlan default port 1 permit disable cpu_interface_filtering DES 3526 admin config time_range Purpose Used to configure the range of time to activate a function on the switch Syntax range_name 32 hours start_time hh mm ss end_time hh mm ss weekdays daylist delete D...

Page 206: ...range Use a dash to define a period of days Use a comma to separate specific days For example mon fri Monday to Friday sun mon fri Sunday Monday and Friday Delete Deletes a time range profile When a time_range profile has been associated with ACL entries the delete of this time_range profile will fail Restrictions You must have Operator or Administrator level privileges Example usage To config the...

Page 207: ...packet flow NOTICE When the Safeguard Engine is enabled the Switch will allot bandwidth to various traffic flows ARP IP using the FFP Fast Filter Processor metering table to control the CPU utilization and limit traffic This may limit the speed of routing traffic over the network The Safeguard Engine commands in the Command Line Interface CLI are listed along with the appropriate parameters in the...

Page 208: ...Success DES 3526 admin show safeguard_engine Purpose Used to display current Safeguard Engine settings Syntax show safeguard_engine Description This will list the current status and type of the Safeguard Engine settings currently configured Parameters None Restrictions None Example usage To display the safeguard engine status DES 3526 admin show safeguard_engine Command show safeguard_engine Safeg...

Page 209: ... that the DHCP Server filter function must be enabled first Once all setting is done all DHCP Server packets will be filtered from a specific port except those that meet the Server IP Address and Client MAC Address binding NetBIOS Filtering Setting When the NetBIOS filter is enabled all NetBIOS packets will be filtered from the specified port Enabling the NetBIOS filter will create one access prof...

Page 210: ... on a network Parameters ippaddr The IP address of the DHCP server to be filtered macaddr The MAC address of the DHCP client state Enable Disable the DHCP filter state ports portlist The port number to which the DHCP filter will be applied Restrictions Only Administrator and Operator level users can issue this command Enabling the DHCP filter will create one access profile and create one access ru...

Page 211: ...ter NetBIOS packets from specified ports Syntax config filter netbios portlist state enable disable Description This command will configure the switch to filter NetBIOS packets from the specified ports Parameters portlist The list of port numbers to which the NetBIOS filter will be applied state enable disable Used to enable disable the NetBIOS filter on the switch Restrictions Only Administrator ...

Page 212: ...m the specified ports Parameters portlist The list of port numbers to which the NetBIOS filter will be applied state enable disable Used to enable disable the NetBIOS filter on the switch Restrictions Only Administrator and Operator level users can issue this command Enabling the NetBIOS filter will create one access profile and one access rules per port DSAP F0 SASP F0 Example usage To configure ...

Page 213: ...ast Ethernet Switch CLI Reference Manual 209 Example usage To display the extensive NetBIOS filter status DES 3526 admin show filter extensive_netbios Command show filter extensive_netbios Enabled ports 1 3 DES 3526admin ...

Page 214: ...n based Description Used to configure loop back detection on the switch Parameters recover_timer The time interval in seconds used by the Auto Recovery mechanism to decide how long to check if the loop status is gone The valid range is 60 to 1000000 Zero is a special value which means to disable the auto recovery mechanism The default value is 60 interval The time interval inseconds at which the r...

Page 215: ...mmand config loopdetect ports 1 5 enable Success DES 3526 admin enable loopdetect Purpose Used to globally enable loop back detection on the switch Syntax enable loopdetect Description Used to globally enable loop back detection on the switch Parameters none Restrictions Only Administrator and Operator level users can issue this command Example usage To enable loop back detection on the switch DES...

Page 216: ...ect Command show loop detect LBD Global Settings LBD Status Enabled LBD Interval 20 LBD Recover Time 60 DES 3526 admin show loopdetect ports Purpose Used to display the current per port loop back detection settings on the switch Syntax show loopdetect Description Used to display the current per port loop back detection settings on the switch Parameters portlist Specifies a range of ports for the l...

Page 217: ...ation forward_list Specifies a range of ports that will receive forwarded frames from the ports specified in the portlist above null No ports are specified portlist Specifies a range of ports for the forwarding list This list must be on the same Switch previously specified for traffic segmentation i e following the portlist specified above for config traffic_segmentation Restrictions Only Administ...

Page 218: ...t be on the same Switch Example usage To display the current traffic segmentation configuration on the Switch DES 3526 admin show traffic_segmentation Command show traffic_segmentation Traffic Segmentation Table Port Forward Portlist 1 1 26 2 1 26 3 1 26 4 1 26 5 1 26 6 1 26 7 1 26 8 1 26 9 1 26 10 1 26 11 1 26 12 1 26 13 1 26 14 1 26 15 1 26 16 1 26 17 1 26 18 1 26 CTRL C ESC q Quit SPACE n Next ...

Page 219: ...1 e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 show time Each command is listed in detail in the following sections config sntp Purpose Used to setup SNTP service Syntax config sntp primary ipaddr secondary ipaddr poll interval int 30 99999 Description Use this command to configure SNTP service from an SNTP server SNTP must be enabled for this command to function See enable sntp Pa...

Page 220: ...526 admin show sntp Command show sntp Current Time Source System Clock SNTP Disabled SNTP Primary Server 10 1 1 1 SNTP Secondary Server 10 1 1 2 SNTP Poll Interval 30 sec DES 3526 admin enable sntp Purpose To enable SNTP server support Syntax enable sntp Description This will enable SNTP support SNTP service must be separately configured see config sntp Enabling and configuring SNTP support will o...

Page 221: ...stem time and date settings These will be overridden if SNTP is configured and enabled Parameters date Express the date using two numerical characters for the day of the month three alphabetical characters for the name of the month and four numerical characters for the year For example 03aug2003 time Express the system time using the format hh mm ss that is two numerical characters each for the ho...

Page 222: ... time zone settings DES 3526 admin config time_zone operator hour 2 min 30 Command config time_zone operator hour 2 min 30 Success DES 3526 admin config dst Purpose Used to enable and configure time adjustments to allow for the use of Daylight Savings Time DST Syntax config dst disable repeating s_week start_week 1 4 last s_day start_day sun sat s_mth start_mth 1 12 s_time start_time hh mm e_week ...

Page 223: ...day of the week in which DST begins start_day sun sat The day of the week in which DST begins expressed using a three character abbreviation sun mon tue wed thu fri sat e_day Configure the day of the week in which DST ends end_day sun sat The day of the week in which DST ends expressed using a three character abbreviation sun mon tue wed thu fri sat s_mth Configure the month in which DST begins st...

Page 224: ...urrent time settings and status Syntax show time Description This will display system time and date configuration as well as display current system time Parameters None Restrictions None Example usage To show the time currently set on the Switch s System clock DES 3526 admin show time Command show time Current Time Source System Clock Boot Time 0 Days 00 00 00 Current Time 1 Days 01 39 17 Time Zon...

Page 225: ...meters ipaddr The IP address of the end node or station macaddr The MAC address corresponding to the IP address above Restrictions Only Administrator and Operator level users can issue this command The Switch supports up to 255 static ARP entries Example usage To create a static arp entry for the IP address 10 48 74 121 and MAC address 00 50 BA 00 07 36 DES 3526 admin create arpentry 10 48 74 121 ...

Page 226: ... Parameters ipaddr The IP address of the end node or station all Deletes all ARP entries Restrictions Only Administrator and Operator level users can issue this command Example usage To delete an entry of IP address 10 48 74 121 from the ARP table DES 3526 admin delete arpentry 10 48 74 121 Command delete arpentry 10 48 74 121 Success DES 3526 admin config arp_aging time Purpose Used to configure ...

Page 227: ...show arpentry ARP Aging Time 30 Interface IP Address MAC Address Type System 10 0 0 0 FF FF FF FF FF FF Local Broadcast System 10 1 1 169 00 50 BA 70 E4 4E Dynamic System 10 1 1 254 00 01 30 FA 5F 00 Dynamic System 10 9 68 1 00 A0 C9 A4 22 5B Dynamic System 10 9 68 4 00 80 C8 2E C7 45 Dynamic System 10 10 27 51 00 80 C8 48 DF AB Dynamic System 10 11 22 145 00 80 C8 93 05 6B Dynamic System 10 11 94...

Page 228: ...ption This command is used to remove dynamic ARP table entries from the Switch s ARP table Static ARP table entries are not affected Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To remove dynamic entries in the ARP table DES 3526 admin clear arptable Command clear arptable Success DES 3526 admin ...

Page 229: ... next hop router metric 1 65535 Allows the entry of a routing protocol metric entry representing the number of routers between the Switch and the IP address above The default setting is 1 Restrictions Only Administrator and Operator level users can issue this command Example usage To add the default static address 10 48 74 121 with a metric setting of 1 to the routing table DES 3526 admin create i...

Page 230: ...rrent IP routing table Syntax show iproute Description This command will display the Switch s current IP routing table Parameters None Restrictions None Example usage To display the contents of the IP routing table DES 3526 admin show iproute Command show iproute Routing Table IP Address Netmask Gateway Interface Hops Protocol 0 0 0 0 10 1 1 254 System 1 Default 10 0 0 0 8 10 48 74 122 System 1 Lo...

Page 231: ...mac_notification Description This command is used to enable MAC address notification without changing configuration Parameters None Restrictions Only administrator level users can issue this command Example usage To enable MAC notification without changing basic configuration DES 3526 admin enable mac_notification Command enable mac_notification Success DES 3526 admin disable mac_notification Purp...

Page 232: ...ysize 500 Command config mac_notification interval 1 historysize 500 Success DES 3526 admin config mac_notification ports Purpose Used to configure MAC address notification status settings Syntax config mac_notification ports portlist all enable disable Description MAC address notification is used to monitor MAC addresses learned and entered into the FDB Parameters portlist Specify a port or range...

Page 233: ...s settings Syntax show mac_notification ports portlist Description This command is used to display the Switch s MAC address table notification status settings Parameters portlist Specify a port or group of ports to be viewed Entering this command without the parameter will display the MAC notification table for all ports Restrictions None Example usage To display all port s MAC address table notif...

Page 234: ...DES 3500 Layer 2 Fast Ethernet Switch CLI Reference Manual 230 20 Disabled CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh ...

Page 235: ...rnames and passwords for authentication the Switch contacts the TACACS XTACACS TACACS RADIUS server to verify and the server will respond with one of three messages A The server verifies the username and password and the user is granted normal user privileges on the Switch B The server will not accept the username and password and the user is denied access to the Switch C The server doesn t respon...

Page 236: ...ing 15 all config authen application console telnet ssh http all login enable default method_list_name string 15 show authen application create authen server_group string 15 config authen server_group tacacs xtacacs tacacs radius string 15 add delete server_host ipaddr protocol tacacs xtacacs tacacs radius delete authen server_group string 15 show authen server_group string 15 create authen server...

Page 237: ...e system access authentication policy Syntax disable authen_policy Description This command will disable the administrator defined authentication policy for users trying to access the Switch When disabled the Switch will access the local user account database for username and password verification In addition the Switch will now accept the local enable password as the authentication for normal use...

Page 238: ...strator Example usage To create the method list Trinity DES 3526 admin create authen_login method_list_name Trinity Command create authen_login method_list_name Trinity Success DES 3526 admin config authen_login Purpose Used to configure a user defined or default method list of authentication methods for user login Syntax config authen_login default method_list_name string 15 method tacacs xtacacs...

Page 239: ...t radius Adding this parameter will require the user to be authenticated using the RADIUS protocol from the remote RADIUS server hosts of the RADIUS server group list server_group string 15 Adding this parameter will require the user to be authenticated using a user defined server group previously configured on the Switch local Adding this parameter will require the user to be authenticated using ...

Page 240: ...ethods XTACACS TACACS and local in that order DES 3526 admin config authen_login default method xtacacs tacacs local Command config authen_login default method xtacacs tacacs local Success DES 3526 admin delete authen_login method_list_name Purpose Used to delete a previously configured user defined method list of authentication methods for users logging on to the Switch Syntax delete authen_login...

Page 241: ...fines the type of Method User defined Group refers to server group defined by the user Built in Group refers to the TACACS XTACACS TACACS and RADIUS security protocols which are permanently set in the Switch Keyword refers to authentication using a technique INSTEAD of TACACS XTACACS TACACS RADIUS which are local authentication through the user account on the Switch and none no authentication nece...

Page 242: ...ires normal user level privileges on the Switch he or she must be authenticated by a method on the Switch to gain administrator privileges on the Switch which is defined by the Administrator A maximum of eight 8 enable method lists can be implemented simultaneously on the Switch The sequence of methods implemented in this command will affect the authentication result For example if a user enters a...

Page 243: ...ire the user to be authenticated using the TACACS protocol from a remote TACACS server xtacacs Adding this parameter will require the user to be authenticated using the XTACACS protocol from a remote XTACACS server tacacs Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server radius Adding this parameter will require the user to be aut...

Page 244: ...DES 3500 Layer 2 Fast Ethernet Switch CLI Reference Manual 240 ...

Page 245: ...e user defined method list Permit DES 3526 admin delete authen_enable method_list_name Permit Command delete authen_enable method_list_name Permit Success DES 3526 admin show authen_enable Purpose Used to display the method list of authentication methods for promoting normal user level privileges to Administrator level privileges on the Switch Syntax show authen_enable default method_list_name str...

Page 246: ...l Method List Name Priority Method Name Comment Permit 1 tacacs Built in Group 2 tacacs Built in Group 3 Darren User defined Group 4 local Keyword default 1 tacacs Built in Group 2 local Keyword Total Entries 2 DES 3526 admin config authen application Purpose Used to configure various applications on the Switch for authentication using a previously configured method list Syntax config authen appli...

Page 247: ...unt Command Level Administrator Example usage To configure the default method list for the web interface DES 3526 admin config authen application http login default Command config authen application http login default Success DES 3526 admin show authen application Purpose Used to display authentication methods for the various applications on the Switch Syntax show authen application Description Th...

Page 248: ...CACS protocol xtacacs Enter this parameter if the server host utilizes the XTACACS protocol tacacs Enter this parameter if the server host utilizes the TACACS protocol radius Enter this parameter if the server host utilizes the RADIUS protocol port int 1 65535 Enter a number between 1 and 65535 to define the virtual port number of the authentication protocol on a server host The default port numbe...

Page 249: ...CACS protocol xtacacs Enter this parameter if the server host utilizes the XTACACS protocol tacacs Enter this parameter if the server host utilizes the TACACS protocol radius Enter this parameter if the server host utilizes the RADIUS protocol port int 1 65535 Enter a number between 1 and 65535 to define the virtual port number of the authentication protocol on a server host The default port numbe...

Page 250: ...r Account Command Level Administrator Example usage To delete a user defined TACACS authentication server host DES 3526 admin delete authen server_host 10 1 1 121 protocol tacacs Command delete authen server_host 10 1 1 121 protocol tacacs Success DES 3526 admin show authen server_host Purpose Used to view a user defined authentication server host Syntax show authen server_host Description This co...

Page 251: ...TACACS RADIUS server hosts into user defined categories for authentication using method lists The user may add up to eight 8 authentication server hosts to this group using the config authen server_group command Parameters string 15 Enter an alphanumeric string of up to 15 characters to define the newly created server group Restrictions User Account Command Level Administrator Example usage To cre...

Page 252: ...eric string of up to 15 characters to define the previously created server group This group may add any combination of server hosts to it regardless of protocol add delete Enter the correct parameter to add or delete a server host from a server group server_host ipaddr Enter the IP address of the previously configured server host to add or delete protocol Enter the protocol utilized by the server ...

Page 253: ...ng built in groups and user defined groups IP Address The IP address of the server host Protocol The authentication protocol used by the server host Parameters string 15 Enter an alphanumeric string of up to 15 characters to define the previously created server group to be viewed Entering this command without the string parameter will display all authentication server groups on the Switch Restrict...

Page 254: ...scription This command will configure the maximum number of times the Switch will accept authentication attempts Users failing to be authenticated after the set amount of attempts will be denied access to the Switch and will be locked out of further authentication attempts Command line interface users will have to wait 60 seconds before another authentication attempt Telnet users will be disconnec...

Page 255: ...n to the Switch on the normal user level to become promoted to the administrator level After logging on to the Switch users will have only user level privileges To gain access to administrator level privileges the user will enter this command and will have to enter an authentication password Possible authentication methods for this function include TACACS XTACACS TACACS RADIUS user defined server ...

Page 256: ...ble_admin Purpose Used to config whether to allow the user to do enable_admin command based on the method that this user has been authenticated Syntax config authen enable_admin tacacs xtacacs tacacs radius local none all state enable disable Description Used to config whether to allow the user to do enable_admin command based on the method that this user has been authenticated By default the user...

Page 257: ...enable_admin Description Display the enable_admin configuration status Parameters None Restrictions Only Administrator level users can issue this command Example usage To display the parameters of authentication DES 3526 admin show authen enable_admin Command show authen enable_admin Method Enable Admin tacacs Enabled xtacacs Enabled tacacs Enabled radius Disabled local Enabled none Enabled DES 35...

Page 258: ...able SSH on the Switch using the enable ssh command After following the above steps users can configure an SSH Client on the remote PC and manage the Switch using secure in band communication The Secure Shell SSH commands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table Command Parameters enable ssh disable ssh config ssh authmode password p...

Page 259: ...he SSH authentication mode for users attempting to access the Switch Parameters password This parameter may be chosen if the administrator wishes to use a locally configured password for authentication on the Switch publickey This parameter may be chosen if the administrator wishes to use a publickey configuration set on a SSH server for authentication hostbased This parameter may be chosen if the...

Page 260: ...il int 2 20 rekey 10min 30min 60min never port tcp_port_number 1 65535 Description This command allows users to configure the SSH server Parameters maxsession int 1 8 Allows the user to set the number of users that may simultaneously access the Switch The default setting is 8 contimeout sec 120 600 Allows the user to set the connection timeout The user may set a time between 120 and 600 seconds Th...

Page 261: ...ser Purpose Used to configure the SSH user Syntax config ssh user username 15 authmode hostbased hostname domain_name hostname_IP domain_name ipaddr password publickey Description This command allows users to configure the SSH user authentication method Parameters username 15 Enter a username of no more than 15 characters to identify the SSH user authmode Specifies the authentication mode of the S...

Page 262: ...word Success DES 3526 admin show ssh user authmode Purpose Used to display the SSH user setting Syntax show ssh user authmode Description This command allows users to display the current SSH user setting Parameters None Restrictions Only administrator level users can issue this command Example usage To display the SSH user DES 3526 admin show ssh user Command show ssh user Current Accounts UserNam...

Page 263: ...lowfish encryption algorithm cast128 This parameter will enable or disable the Cast128 encryption algorithm twofish128 This parameter will enable or disable the twofish128 encryption algorithm twofish192 This parameter will enable or disable the twofish192 encryption algorithm MD5 This parameter will enable or disable the MD5 Message Digest encryption algorithm SHA1 This parameter will enable or d...

Page 264: ...e recognized by the SSH server Syntax config ssh regenerate hostkey Description This command is used to regenerate the hostkey to be recognized by the SSH server Periodically the SSH server will make a new encryption key for the host to be authorized by Entering this command will regenerate a hostkey that will be saved into the flash memory of the Switch so a new authorization can be made with the...

Page 265: ...tandard DES to create the encrypted text 3 Hash Algorithm This part of the ciphersuite allows the user to choose a message digest function which will determine a Message Authentication Code This Message Authentication Code will be encrypted with a sent message to provide integrity and prevent against replay attacks The Switch supports two hash algorithms MD5 Message Digest 5 and SHA Secure Hash Al...

Page 266: ...BC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm DHE_DSS_with_3DES_EDE_CBC_SHA This ciphersuite combines the DSA Diffie Hellman key exchange CBC Block Cipher 3DES_EDE encryption and SHA Hash Algorithm RSA_EXPORT_with_RC4_40_MD5 This ciphersuite combines the RSA Export key exchange stream cipher RC4 encryption with 40 bit keys The ciphersuites are enabled by default on the Switch yet ...

Page 267: ...DE_CBC_SHA This ciphersuite combines the DSA Diffie Hellman key exchange CBC Block Cipher 3DES_EDE encryption and SHA Hash Algorithm RSA_EXPORT_with_RC4_40_MD5 This ciphersuite combines the RSA Export key exchange stream cipher RC4 encryption with 40 bit keys Restrictions Only Administrator and Operator level users can issue this command Example usage To disable the SSL status on the Switch DES 35...

Page 268: ... specify the total time an SSL key exchange ID stays valid before the SSL module will require a new full SSL negotiation for connection The default cache timeout is 600 seconds Restrictions Only Administrator and Operator level users can issue this command Example usage To set the SSL cachetimeout for 7200 seconds DES 3526 admin config ssl cachetimeout timeout 7200 Command config ssl cachetimeout ...

Page 269: ...ired key exchange algorithm For RSA key exchange user must download RSA type certificate and for DHS_DSS is using the DSA certificate for key exchange Parameters ipaddr Input the tftp server ip address certfilename The desired certificate file name path_filename Certificate file path respect to tftp server root path and input characters max to 64 octets keyfilename The private key file name which ...

Page 270: ...TH_3DES_EDE_CBC_SHA 0x000A Enabled DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013 Enabled RSA_EXPORT_WITH_RC4_40_MD5 0x0003 Enabled DES 3526 admin show ssl certificate Purpose Used to view the SSL certificate file status on the Switch Syntax show ssl certificate Description This command is used to view the SSL certificate file information currently implemented on the Switch Parameters None Restrictions None...

Page 271: ...t certificate files for optimal use of the SSL function The Switch only supports certificate files with der file extensions Parameters ipaddr Enter the IP address of the TFTP server certfilename path_filename 64 Enter the path and the filename of the certificate file users wish to download keyfilename path_filename 64 Enter the path and the filename of the key exchange file users wish to download ...

Page 272: ...gle IP group It is connected to the Member Switches through its management VLAN Member Switch MS This is a switch that has joined a single IP group and is accessible from the CS and it takes on the following characteristics It is not a CS or MS of another IP group It is connected to the CS through the CS management VLAN Candidate Switch CaS This is a switch that is ready to join a SIM group but is...

Page 273: ...s still powered down if it has become the member of another group or if it has been configured to be a Commander Switch the rediscovery process cannot occur This version will support multiple switch upload and downloads for firmware configuration files and log files as follows Firmware The switch now supports multiple MS firmware downloads from a TFTP server Configuration Files This switch now sup...

Page 274: ... Description This command will disable SIM globally on the Switch Parameters None Restrictions Only administrator level users can issue this command Example usage To disable SIM on the Switch DES 3526 admin disable sim Command disable sim Success DES 3526 admin show sim Purpose Used to view the current information regarding the SIM group on the Switch Syntax show sim candidates candidate_id 1 32 m...

Page 275: ...f the SIM group To view a specific member include that member s id number listed from 1 to 32 group commander_mac macaddr Entering this parameter will display information concerning the SIM group To view a specific group include the commander s MAC address of the group neighbor Entering this parameter will display neighboring devices of the Switch A SIM neighbor is defined as a switch that is phys...

Page 276: ...0 5 01 B47 default master Total Entries 2 DES 3526 admin To show other groups information in summary if group is specified DES 3526 admin show sim group Command show sim group SIM Group Name default ID MAC Address Platform Hold Firmware Device Name Capability Time Version 1 00 01 02 03 04 00 DES 3526 L2 Switch 40 5 01 B47 Trinity 2 00 55 55 00 55 00 DES 3526 L2 Switch 140 5 01 B47 default master S...

Page 277: ...id 1 32 password delete member_id 1 32 Description This command is used to add candidates and delete members from the SIM group by ID number Parameters add candidate_id password Use this parameter to change a candidate switch CaS to a member switch MS of a SIM group The CaS may be defined by its ID number and a password if necessary delete member_id 1 32 Use this parameter to delete a member switc...

Page 278: ... set the dp_interval from 30 to 90 seconds hold time sec 100 300 Using this parameter the user may set the time in seconds the CS will hold information sent to it from other switches utilizing the discovery interval protocol The user may set the hold time from 100 to 300 seconds candidate Used to change the role of a CS commander to a CaS candidate dp_interval 30 90 The user may set the discovery ...

Page 279: ... indicated device Syntax download sim firmware configuration ipaddr path_filename members mslist all Description This command will download a firmware file or configuration file to a specified device from a TFTP server Parameters firmware Specify this parameter to download firmware to members of a SIM group configuration Specify this parameter to download a switch configuration to members of a SIM...

Page 280: ... 94 c des3526 txt members all This device is updating configuration Please wait Download Status ID MAC Address Result 1 00 01 02 03 04 00 Success 2 00 07 06 05 04 03 Success 3 00 07 06 05 04 03 Success DES 3526 admin upload sim_ms Purpose User to upload a configuration file to a TFTP server from a specified member of a SIM group Syntax upload sim_ms ipaddr path_filename member_id 1 32 Description ...

Page 281: ...ions Only administrator level users can issue this command Example usage To upload configuration files to a TFTP server DES 3526 admin upload sim_ms configuration 10 55 47 1 D configuration txt 1 Command upload sim_ms configuration 10 55 47 1 D configuration txt 1 Success DES 3526 admin ...

Page 282: ...nd will list all the corresponding parameters for the specified command along with a brief description of the commands function and similar commands having the same words in the command Restrictions None Example usage To display all of the commands in the CLI DES 3526 admin clear clear arptable clear counters clear fdb clear log clear port_security_entry port config 802 1p default_priority config ...

Page 283: ...ands in the Command Line Interface CLI Syntax dir Description This command will display all of the commands available through the Command Line Interface CLI Parameters None Restrictions None Example usage To display all commands DES 3526 admin dir clear clear arptable clear counters clear fdb clear log clear port_security_entry port config 802 1p default_priority config 802 1p user_priority config...

Page 284: ...latest executed commands may be viewed Restrictions None Example usage To configure the command history DES 3526 admin config command_history 20 Command config command_history 20 Success DES 3526 admin show command_history Purpose Used to display the command history Syntax show command_history Description This command will display the command history Parameters None Restrictions None Example usage...

Page 285: ... config lldp ports portlist all basic_tlvs all port_description system_name system_description system_capabilities enable disable config lldp ports portlist all dot1_tlv_pvid enable disable config lldp ports portlist all dot1_tlv_vlan_name vlan all vlan_name 32 vlanid vidlist enable disable config lldp ports portlist all dot1_tlv_ protocol_identity all eapol lacp gvrp stp enable disable config lld...

Page 286: ... LLDP packets the switch will learn the information from the LLDP packets advertised from the neighbor in the neighbor table The default state for LLDP is disabled Parameters None Restrictions Only Administrator or Operator level users can issue this command Example usage To enable LLDP DES 3526 admin enable lldp Command enable lldp Success DES 3526 admin disable lldp Purpose Used to disable LLDP ...

Page 287: ...l 30 Success DES 3526 admin config lldp message_tx_hold_multiplier Purpose This command is used to configure the message hold multiplier Syntax config lldp message_tx_hold_multiplier int 2 10 Description This parameter is a multiplier on the msgTxInterval that is used to compute the TTL value of txTTL in an LLDPDU TheTTL will be carried in the LLDPDU packet The lifetime will be the minimum of 6553...

Page 288: ... than or equal to 0 25 msgTxInterval Restrictions Only Administrator or Operator level users can issue this command Example usage To configure the delay interval interval DES 3526 admin config lldp tx_delay 8 Command config lldp tx_delay 8 Success DES 3526 admin config lldp reinit_delay Purpose Change the minimum time of reinitialization delay interval Syntax config lldp reinit_delay sec 1 10 Desc...

Page 289: ... SNMP trap receiver s Syntax config lldp ports portlist all notification enable disable Description Enable or disable each port for sending change notifications to configured SNMP trap receiver s if an LLDP data change is detected in an advertisement received on the port from an LLDP neighbor The definition of change includes new available information information timeout and information update And...

Page 290: ...u may use the all parameter admin_status tx_only Configure the specified port s to transmit LLDP packets but block inbound LLDP packets from neighbor devices rx_only Configure the specified port s to receive LLDP packets from neighbors but block outbound packets to neighbors tx_and_rx Configure the specified port s to both transmit and receive LLDP packets disable Disable LLDP packet transmit and ...

Page 291: ...that are added in the list will be advertised in the LLDP from the specified interface associated with each management address The interface for that management address will be also advertised in the if index form Parameters portlist Specified a range of ports to be configured UnitID port number all To set all ports in the system you may use the all parameter ipv4 IP address of IPV4 Restrictions O...

Page 292: ...d a range of ports to be configured UnitID port number all To set all ports in the system you may use the all parameter port_description This TLV optional data type indicates that LLDP agent should transmit Port Description TLV on the port The default state is disabled system_name This TLV optional data type indicates that the LLDP agent should transmit System Name TLV The default state is disable...

Page 293: ...transmission capable port Parameters portlist Specified a range of ports to be configured UnitID port number all To set all ports in the system you may use the all parameter dot1_tlv_pvid This TLV optional data type determines whether the IEEE 802 1 organizationally defined port VLAN ID TLV transmission is allowed on a given LLDP transmission capable port The default state is disable Restrictions ...

Page 294: ...d VLAN IDs will be advertised Parameters portlist Specified a range of ports to be configured UnitID port number all To set all ports in the system you may use the all parameter dot1_tlv_vlan_name This TLV optional data type indicates whether the corresponding Local System s VLAN name instance will be transmitted on the port If a port is associated with multiple VLANs those enabled VLAN IDs will b...

Page 295: ...entity will be advertised Parameters portlist Specified a range of ports to be configured UnitID port number all To set all ports in the system you may use the all parameter dot1_tlv_ protocol_identity This TLV optional data type indicates whether the corresponding Local System s Protocol Identity instance will be transmitted on the port The Protocol Identity TLV provides a way for stations to adv...

Page 296: ...re precisely the information includes whether the port support the auto negotiation function whether the function is enabled the auto negotiated advertised capability and the operational MAU type The default state is disable link_aggregation This TLV optional data type indicates that LLDP agent should transmit Link Aggregation TLV This type indicates the current link aggregation status of IEEE 802...

Page 297: ... Command config lldp forward_ message enable Success DES 3526 admin show lldp Purpose This command displays the switch s general LLDP configuration status Syntax show lldp Description This command displays the switch s general LLDP configuration status Parameters None Restrictions None Example usage To display the LLDP system level configuration status DES 3526 admin show lldp Command show lldp LL...

Page 298: ...show lldp mgt_addr ipv4 192 168 254 10 Command show lldp mgt_addr ipv4 192 168 254 10 Total Address 1 DES 3526 admin show lldp ports Purpose Display the LLDP per port configuration for advertisement options Syntax show lldp ports portlist Description This command displays the LLDP per port configuration for advertisement options Parameters portlist Specifies a range of ports to be displayed UnitID...

Page 299: ...isable DES 3526 admin show lldp local_ports Purpose Used to display the per port information currently available for populating outbound LLDP advertisements Syntax show lldp local_ports portlist mode brief normal detailed Description This command displays the per port information currently available for populating outbound LLDP advertisements Parameters portlist Specified a range of ports to be co...

Page 300: ...Entry 1 Protocol index 4 Protocol id 00 27 42 42 03 00 00 02 CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All To display outbound LLDP advertisements for specific ports in normal mode DES 3526 admin show lldp local_ports 1 mode normal Command show lldp local_ports 1 mode normal Port ID 1 Port Id Subtype LOCAL Port Id 1 1 Port Description RMON Port 1 on Unit 1 Port PVID 1 Management Addre...

Page 301: ... This command display the information learned from the neighbor parameters Due to the memory limited we can only received 32 VLAN Name entry and 10 Management Address entry Parameters portlist Specified a range of ports to be configured UnitID port number When a port list is not specified information for all ports will be displayed brief Display the information in brief mode normal Display the inf...

Page 302: ...sis ID Subtype MAC Address Chassis ID 00 01 02 03 04 02 Port ID Subtype Local Port ID 1 4 Port Description RMON Port 1 on Unit 4 Port ID 2 Remote Entities Count 3 Entity 1 Chassis ID Subtype MAC Address Chassis ID 00 01 02 03 04 03 Port ID Subtype Local Port ID 2 1 Port Description RMON Port 2 on Unit 1 Entity 2 Chassis ID Subtype MAC Address Chassis ID 00 01 02 03 04 04 Port ID Subtype Local Port...

Page 303: ...t VLAN ID 1 PPVID Entries Count 5 VLAN Name Entries Count 3 Protocol Id Entries Count 2 MAC PHY Configuration Status See Detail Power Via MDI See Detail Link Aggregation See Detail Maximum Frame Size 1536 Unknown TLVs Count 2 Entity 2 Chassis ID Subtype MAC Address Chassis ID 00 01 02 03 04 02 Port ID Subtype Local Port ID 2 1 Port Description RMON Port 1 on Unit 2 System Name Switch2 System Descr...

Page 304: ...epeater Bridge Management Address count 1 Entry 1 Subtype IPv4 Address 10 48 46 128 IF Type unknown OID 1 3 6 1 4 1 171 11 63 9 Port PVID 1 PPVID Entries count 0 None VLAN Name Entries count 1 Entry 1 Vlan id 1 Vlan name default Protocol ID Entries count 0 None MAC PHY Configuration Status Auto negotiation support supported Auto negotiation status enabled Auto negotiation advertised capability 000...

Page 305: ...em LLDP statistics information Syntax show lldp statistics Description The global LLDP statistics displays an overview of neighbor detection activity on the switch Parameters None Restrictions None Example usage To display global statistics information DES 3526 admin show lldp statistics Command show lldp statistics Last Change Time 6094 Number of Table Insert 1 Number of Table Delete 0 Number of ...

Page 306: ...o be configured UnitID port number When a port list is not specified information for all ports will be displayed Restrictions None Example usage To display statistics information of port 1 DES 3526 admin show lldp statistics ports 1 Command show lldp statistics ports 1 Port ID 1 lldpStatsTxPortFramesTotal 27 lldpStatsRxPortFramesDiscardedTotal 0 lldpStatsRxPortFramesErrors 0 lldpStatsRxPortFramesT...

Page 307: ...fic ports Syntax config cpu_filter l3_control_pkt portlist dvmrp pim igmp_query ospf rip vrrp all state enable disable Description This command is used to discard the l3 control packets sent to CPU from specific ports Parameters portlist Specify the port list to filter control packets dvmrp pim igmp_query ospf rip vrrp The protocols you want to filter Specify all to filter all the l3 control packe...

Page 308: ...ring status Parameters portlist Specify the port list to filter control packets Restrictions Only Administrator or Operator level users can issue this command Example usage To display the filtering status for port 1 and 2 DES 3526 admin show filter control_packet 1 2 Command show filter control_packet 1 2 Port RIP OSPF VRRP PIM DVMRP IGMP Query 1 Disabled Enabled Disabled Disabled Enabled Disabled...

Page 309: ...rt or open problem When a port is in link down status the link down may be caused by many factors When the port has a normal cable connection but the remote partner is powered off the cable diagnosis can still diagnose the health of the cable as if the remote partner is powered on When the port does not have any cable connection the result of the test will indicate no cable The test will detect th...

Page 310: ...list state enable disable Description The config dhcp_local_relay vlan command is used to enable disable DHCP local relay function for specified vlan When DHCP local relay is enabled for the VLAN the DHCP packet will be relayed in broadcast way without change of the source MAC address and gateway address DHCP option 82 will be automatically added Parameters vlan_name The name of the VLAN to be ena...

Page 311: ...o enable DHCP local relay function DES 3526 admin enable dhcp_local_relay Command enable dhcp_local_relay Success DES 3526 admin disable dhcp_local_relay Purpose Used to disable the DHCP local relay function on the switch Syntax disable dhcp_local_relay Description The disable dhcp_local _relay command globally disables the DHCP local relay function on the switch Parameters None Restrictions Only ...

Page 312: ...show dhcp_local_relay Description The show dhcp_local_relay command displays the current DHCP local relay configuration Parameters None Restrictions None Example usage To show DHCP local relay function DES 3526 admin show dhcp_local_relay Command show dhcp_local_relay DHCP BOOTP Local Relay Status Disabled DHCP BOOTP Local Relay VLAN List 1 3 4 DES 3526 admin ...

Page 313: ...ed to enable disable sending of gratuitous ARP request packet while IPIF interface is up This is used to automatically announce the interface s IP address to other nodes By default the state is enabled and only one gratuitous ARP packet will be broadcast Parameters enable Enable sending of gratuitous ARP when IPIF status is up disable Disable sending of gratuitous ARP when IPIF status is up Restri...

Page 314: ...arning of ARP entries in ARP cache based on the received gratuitous ARP packets Syntax config gratuitous_arp learning enable disable Description Normally the system will only learn the ARP reply packet or a normal ARP request packet that asks for the MAC address that corresponds to the system s IP address The command is used to enable disable learning of ARP entry in ARP cache based on the receive...

Page 315: ...itous_arp send periodically ipif System interval 5 Success DES 3526 admin enable gratuitous_arp trap and log Purpose Used to configure the interval time to send gratuitous ARP request packets periodically Syntax enable gratuitous_arp ipif ipif_name 12 trap log disable gratuitous_arp ipif ipif_name 12 trap log Description The command is used to enable gratuitous ARP trap and log states The switch c...

Page 316: ...rs can issue this command Example usage To display gratuitous ARP log and trap states DES 3526 admin show gratuitous_arp Command show gratuitous_arp Send on IPIF status up Enabled Send on Duplicate_IP_Detected Disabled Gratuitous ARP Learning Enabled IP Interface Name System Gratuitous ARP Trap Log Disabled Gratuitous ARP Log Enabled Gratuitous ARP Periodical Send Interval 5 DES 3526 admin ...

Page 317: ...der IP matches the gateway IP of an entry but either its sender MAC field or source MAC field does not match the gateway MAC of the entry it will be dropped by the system There are a maximum of 64 entries Parameters gateway_ip Specifies a gateway ip to be configured gateway_mac Specifies a gateway mac to be configured portlist Specifies a range of ports to be configured all Specifies all of ports ...

Page 318: ...Reference Manual 314 To display the ARP Spoofing Prevention state DES 3526 admin show arp_spoofing_prevention Command show arp_spoofing_prevention Gateway IP Gateway MAC Ports 10 254 254 251 00 00 00 11 11 11 1 2 Total entries 1 DES 3526 admin ...

Page 319: ...on information The information is project dependent and includes the following information Basic System information system log Running configuration Layer 1 information Layer 2 information Layer 3 information Application OS status Controller s status Parameters None Restrictions Only Administrator or Operator level users can issue this command Example usage To config ARP Spoofing Prevention DES 35...

Page 320: ...n 0A3G Serial number System Name D Link System Location System Contact Spanning Tree Disabled GVRP Disabled IGMP Snooping Disabled 802 1x Disabled TELNET Disabled WEB Enabled TCP 80 RMON Disabled SSH Enabled TCP 22 SSL Disabled Syslog Global State Disabled System Log Running Configuration Layer One Information Layer Two Information Application OS status Controller s status DES 3526 admin ...

Page 321: ... Link Aggregation Control IEEE 802 3x Full duplex Flow Control IEEE 802 3 Nway auto negotiation Protocols CSMA CD Data Transfer Rates Ethernet Fast Ethernet Gigabit Ethernet Fiber Optic Half duplex Full duplex 10 Mbps 20Mbps 100Mbps 200Mbps n a 2000Mbps SFP Mini GBIC Support IEEE 802 3z 1000BASE LX DEM 310GT transceiver IEEE 802 3z 1000BASE SX DEM 311GT transceiver IEEE 802 3z 1000BASE LH DEM 314G...

Page 322: ...ensing Dimensions For DES 3526 DES 3526DC 441 W x 207 D x 44 H mm 19 inch 1U Rack mount size For DES 3550 441 W 309 D 44 H mm Weight For DES 3526 2 56 kg For DES 3526DC 2 5 kg For DES 3550 5Kg EMI CE class A FCC Class A C Tick VCCI class A Safety CSA International Performance Transmission Method Store and forward Packet Buffer 16 MB per device Packet Filtering Forwarding Rate Full wire speed for a...

Reviews:

No comments

Related manuals for xStack DES-3500 Series

F5 WANJet 500 Quick Start Card preview
WANJet 500
Brand: F5 Pages: 2
F5 ARX-500 Hardware Reference Manual preview
ARX-500
Brand: F5 Pages: 90
F5 ARX-4000 Parts Replacement Manual preview
ARX-4000
Brand: F5 Pages: 47
Lanpro LP-N24 Installation Instructions preview
LP-N24
Brand: Lanpro Pages: 5
National Instruments FieldPoint cFP-RTD-122 Operating Instructions Manual preview
FieldPoint cFP-RTD-122
Brand: National Instruments Pages: 15
IBM System Storage DS3200 Overview preview
System Storage DS3200
Brand: IBM Pages: 2
IBASE Technology FWA8207 Series User Manual preview
FWA8207 Series
Brand: IBASE Technology Pages: 39
UfiSpace S9600-28DX Hardware Installation Manual preview
S9600-28DX
Brand: UfiSpace Pages: 34
Morrell SW-UNM-24FE2GC-24POE User Manual preview
SW-UNM-24FE2GC-24POE
Brand: Morrell Pages: 8
Patton electronics ipRocketLink 3086FR Quick Start Manual preview
ipRocketLink 3086FR
Brand: Patton electronics Pages: 12
PairGain T1L2N20A Manual preview
T1L2N20A
Brand: PairGain Pages: 80
RTS AIO-8 Drawings Manual preview
AIO-8
Brand: RTS Pages: 3
UNICORECOMM UM620N User Manual preview
UM620N
Brand: UNICORECOMM Pages: 19
M-system M5XSBS Instruction Manual preview
M5XSBS
Brand: M-system Pages: 4
Kramer VS-162AVM User Manual preview
VS-162AVM
Brand: Kramer Pages: 56
Kasda KE318EU User Manual preview
KE318EU
Brand: Kasda Pages: 39
Extron electronics VERSATOOLS MTP User Manual preview
VERSATOOLS MTP
Brand: Extron electronics Pages: 19
ADTRAN DUAL Nx56/64 1200142L1# User Manual preview
DUAL Nx56/64 1200142L1#
Brand: ADTRAN Pages: 48

Brands by name

Popular brands

Load more brands