background image

xStack® DGS-3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 

710 

 

  

Restrictions 

None. 

 

Example 

To display the packets analysis for port 7: 

DGS-3420-28SC:admin#show packet ports 7 

Command: show packet ports 7 

 

 Port number : 7 

 Frame Size/Type       Frame Counts                  Frames/sec 

 ---------------       ----------------------        ----------- 

 64                    0                             0 

 65-127                0                             0 

 128-255               0                             0 

 256-511               0                             0 

 512-1023              0                             0 

 1024-1518             0                             0 

 1519-1522             0                             0 

 1519-2047             0                             0 

 2048-4095             0                             0 

 4096-9216             0                             0 

 Unicast RX            0                             0 

 Multicast RX          0                             0 

 Broadcast RX          0                             0 

 

CTRL+C

 

ESC

 

q

 Quit 

SPACE

 

n

 Next Page 

p

 Previous Page 

r

 Refresh 

 

Port number : 7 

 Frame Type            Total                         Total/sec 

 ---------------       ----------------------        ----------- 

 RX Bytes              0                             0 

 RX Frames             0                             0 

 TX Bytes              0                             0 

 TX Frames             0                             0 

 

CTRL+C

 

ESC

 

q

 Quit 

SPACE

 

n

 Next Page 

p

 Previous Page 

r

 Refresh 

 

63-2

 

show error ports 

Description 

This command is used to display error statistics for a range of ports. 

 

Summary of Contents for xStack DGS-3420 Series

Page 1: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide I ...

Page 2: ...Commands 184 Chapter 14 CFM Commands 187 Chapter 15 Command List History Commands 217 Chapter 16 Command Logging Command List 221 Chapter 17 Common Unicast Routing Command List 224 Chapter 18 Compound Authentication Commands 230 Chapter 19 Debug Software Command List 241 Chapter 20 DHCP Local Relay Commands 278 Chapter 21 DHCP Relay Commands 282 Chapter 22 DHCP Server Commands 300 Chapter 23 DHCP ...

Page 3: ...JWAC Commands 529 Chapter 46 Jumbo Frame Commands 554 Chapter 47 LACP Configuration Commands 557 Chapter 48 Layer 2 Protocol Tunneling L2PT Command List 559 Chapter 49 Limited Multicast IP Address Commands 564 Chapter 50 Link Aggregation Commands 573 Chapter 51 LLDP Commands 578 Chapter 52 Loopback Detection Commands 602 Chapter 53 Loopback Interface Commands 610 Chapter 54 MAC Notification Comman...

Page 4: ... File Transfer Protocol SFTP Commands 847 Chapter 12 sFlow Commands 850 Chapter 13 Single IP Management Commands 862 Chapter 14 SMTP Commands 872 Chapter 15 SNMPv1 v2 v3 Commands 878 Chapter 16 Spanning Tree Protocol STP commands 898 Chapter 17 SSH Commands 912 Chapter 18 SSL Commands 923 Chapter 19 Stacking Commands 930 Chapter 20 Static MAC based VLAN Commands 937 Chapter 21 Static Replication C...

Page 5: ...1023 Chapter 33 VLAN Trunking Commands 1041 Chapter 34 Web based Access Control WAC Commands 1046 Chapter 35 Weighted Random Early Detection WRED Commands 1061 Appendix A Password Recovery Procedure 1069 Appendix B System Log Entries 1071 Appendix C Trap Entries 1103 Appendix D RADIUS Attributes Assignment 1109 ...

Page 6: ...a reference for all of the commands contained in the CLI Every command will be introduced in terms of purpose format description parameters and examples Configuration and management of the Switch via the Web based management agent are discussed in the Web UI Reference Guide For detailed information on installing hardware please also refer to the Harware Installation Guide 1 1 Accessing the Switch ...

Page 7: ...runtime image Device Discovery 100 Configuration init 100 Press any key to login The Switch s MAC address can also be found in the Web management program on the Device Information Basic Settings window on the Configuration menu The IP address for the Switch must be set before it can be managed with the Web based manager The Switch IP address can be automatically set using BOOTP or DHCP protocols i...

Page 8: ...nnect to the Switch There are a number of helpful features included in the CLI Entering the command will display a list of all of the top level commands DGS 3420 28SC admin Command cable_diag ports cd cfm linktrace cfm lock md cfm loopback change drive clear clear address_binding dhcp_snoop binding_entry ports clear address_binding nd_snoop binding_entry ports clear arptable clear attack_log clear...

Page 9: ...nd will appear at the command prompt DGS 3420 28SC admin config account Command config account Next possible completions username 15 DGS 3420 28SC admin In the above example the command config account was entered without the required parameter username the CLI returned the Next possible completions username prompt The up arrow cursor control key was pressed to re enter the previous command config ...

Page 10: ...w Command show Next possible completions 802 1p 802 1x aaa access_profile account accounting acct_client address_binding arp_spoofing_prevention arpentry asymmetric_vlan attack_log auth_client auth_diagnostics auth_session_statistics auth_statistics authen authen_enable authen_login authen_policy authentication authorization autoconfig bandwidth_control boot_file bpdu_protection broadcast_ping_rep...

Page 11: ...erminal tftp time time_range traffic traffic_segmentation trap trusted_host udp_helper utilization vlan vlan_precedence vlan_translation vlan_translation_profile vlan_trunk voice_vlan vrrp wac wred DGS 3420 28SC admin In the above example all of the possible next parameters for the show command are displayed At the next command prompt the up arrow was used to re enter the show command followed by ...

Page 12: ...nts can be specified For example in the syntax reset config system force_agree users may choose config or system in the command DO NOT TYPE THE BRACES parentheses Indicates at least one or more of the values or arguments in the preceding syntax enclosed by braces must be specified For example in the syntax config dhcp_relay hops int 1 16 time sec 0 65535 1 users have the option to specify hops or ...

Page 13: ...t Arrow Move cursor to right Tab Help user to select appropriate token The screen display pauses when the show command output reaches the end of the page 1 5 Multiple Page Display Control Keys Keys Description Space Displays the next page CTRL C Stops the display of remaining pages when multiple pages are to be displayed ESC Stops the display of remaining pages when multiple pages are to be displa...

Page 14: ...fig serial_port baud_rate 9600 19200 38400 115200 auto_logout never 2_minutes 5_minutes 10_minutes 15_minutes 1 enable clipaging disable clipaging enable telnet tcp_port_number 1 65535 disable telnet enable web tcp_port_number 1 65535 disable web save config pathname log all reboot force_agree reset config system force_agree login logout clear config terminal width default value 80 200 show termin...

Page 15: ...t For a plain text form password the password must be a minimum of 0 characters and a maximum of 15 characters For an encrypted form password the length is fixed to 35 bytes long The password is case sensitive Restrictions Only Administrator level users can issue this command Example To create the Administrator level user dlink DGS 3420 28SC admin create account admin dlink Command create account ...

Page 16: ...ncrypted password the password will still be in the encrypted form Format enable password encryption Parameters None Restrictions Only Administrator level users can issue this command Example To enable password encryption DGS 3420 28SC admin enable password encryption Command enable password encryption Success DGS 3420 28SC admin 2 3 disable password encryption Description The user account configu...

Page 17: ...assword is present in the command the user can select to input the password in the plain text form or in the encrypted form The encryption algorithm is based on SHA 1 Format config account username 15 encrypt plain_text sha_1 password Parameters username 15 Specify the name of the account The account must already be defined This name can be up to 15 characters long encrypt Optional Specify the enc...

Page 18: ...ain for confirmation Success DGS 3420 28SC admin To configure the user password of the administrator account DGS 3420 28SC admin config account administrator encrypt sha_1 NWoZK3kTsExUV00Ywo1G5jlUKKv toYg Command config account administrator encrypt sha_1 NWoZK3kTsExUV00Ywo1G5jlUKKv toYg Success DGS 3420 28SC admin 2 5 show account Description This command is used to display user accounts that hav...

Page 19: ...delete an existing account Format delete account username 15 Parameters username 15 Specify the name of the user who will be deleted Restrictions Only Administrator level users can issue this command One active admin user must exist Example To delete the user account System DGS 3420 28SC admin delete account System Command delete account System Success DGS 3420 28SC admin 2 7 show session Descript...

Page 20: ...ccounts a list of currently logged in users DGS 3420 28SC admin show session Command show session ID Live Time From Level User 8 23 37 42 270 Serial Port admin Anonymous Total Entries 1 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 2 8 show switch Description This command is used to display the switch information Format show switch Parameters None Restrictions None Example To displ...

Page 21: ...rs 38 minutes 12 seconds System Contact Spanning Tree Disabled GVRP Disabled IGMP Snooping Disabled MLD Snooping Disabled RIP Disabled RIPng Disabled VLAN Trunk Disabled Telnet Enabled TCP 23 Web Enabled TCP 80 SNMP Disabled SSL Status Disabled SSH Status Disabled 802 1X Disabled Jumbo Frame Off CLI Paging Enabled MAC Notification Disabled Port Mirror Disabled SNTP Disabled HOL Prevention State En...

Page 22: ...emperature Threshold Celsius 40 Fan Low Temperature Threshold Celsius 35 High Warning Temperature Threshold Celsius 79 Low Warning Temperature Threshold Celsius 11 DGS 3420 28SC admin 2 10 config temperature Description This command is used to configure the warning trap or log state of the system internal temperature Format config temperature trap log state enable disable Parameters trap Specify t...

Page 23: ... config temperature log state enable Command config temperature log state enable Success DGS 3420 28SC admin 2 11 config temperature threshold Description This command is used to configure the warning temperature high threshold or low threshold When temperature is above the high threshold or below the low threshold SW will send alarm traps or keep the logs Format config temperature threshold high ...

Page 24: ...mperature threshold high 80 Command config temperature threshold high 80 Success DGS 3420 28SC admin 2 12 show serial_port Description This command is used to display the current console port setting Format show serial_port Parameters None Restrictions None Example To display the console port setting DGS 3420 28SC admin show serial_port Command show serial_port Baud Rate 115200 Data Bits 8 Parity ...

Page 25: ...ify the timeout value The default timeout is 10_minutes never Specify to never timeout 2_minutes Specify when the idle value is over 2 minutes the device will auto logout 5_minutes Specify when the idle value over 5 minutes the device will auto logout 10_minutes Specify when the idle value is over 10 minutes the device will auto logout 15_minutes Specify when the idle value is over 15 minutes the ...

Page 26: ...lipaging Command enable clipaging Success DGS 3420 28SC admin 2 15 disable clipaging Description This command is used to disable pausing of the screen display when show command output reaches the end of the page The default setting is enabled Format disable clipaging Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To disable pausing of the sc...

Page 27: ...535 Parameters tcp_port_number 1 65535 Optional Specify the TCP port number TCP ports are numbered between 1 and 65535 The well known TCP port for the Telnet protocol is 23 Restrictions Only Administrator and Operator level users can issue this command Example To enable Telnet and configure a port number DGS 3420 28SC admin enable telnet 23 Command enable telnet 23 Success DGS 3420 28SC admin 2 17...

Page 28: ...d configure the port number The default setting is enabled and the port number is 80 Format enable web tcp_port_number 1 65535 Parameters tcp_port_number 1 65535 Optional Specify the TCP port number TCP ports are numbered between 1 and 65535 The well know TCP port for the Web protocol is 80 Restrictions Only Administrator and Operator level users can issue this command Example To enable HTTP and c...

Page 29: ...ble web Command disable web Success DGS 3420 28SC admin 2 20 save Description This command is used to save the current configuration or log in non volatile RAM Format save config pathname log all Parameters config Optional Specify to save configuration pathname Specify the path name of the indicated configuration log Optional Specify to save log all Optional Specify to save changes to currently ac...

Page 30: ...min To save the current configuration to destination file named 1 DGS 3420 28SC admin save config 1 Command save config 1 Saving all configurations to NV RAM Done DGS 3420 28SC admin To save a log to NV RAM DGS 3420 28SC admin save log Command save log Saving all system logs to NV RAM Done DGS 3420 28SC admin To save all the configurations and logs to NV RAM DGS 3420 28SC admin save all Command sa...

Page 31: ...l switch parameters to the factory defaults Format reset config system force_agree Parameters config Optional Specify this keyword and all parameters are reset to default settings However the device will neither save nor reboot system Optional Specify this keyword and all parameters are reset to default settings Then the switch will do factory reset save and reboot force_agree Optional Specify and...

Page 32: ...m configuration settings DGS 3420 28SC admin reset config Command reset config Are you sure to proceed with system reset y n Success DGS 3420 28SC admin To reset all system parameters save and restart the switch DGS 3420 28SC admin reset system Command reset system Are you sure to proceed with system reset save and reboot y n Loading factory default configuration Done Saving all configuration to N...

Page 33: ... Command login UserName 2 24 logout Description This command is used to log out of the switch Format logout Parameters None Restrictions None Example To logout of the switch DGS 3420 28SC admin logout Command logout Logout DGS 3420 28SC Gigabit Ethernet Switch Command Line Interface Firmware Build 1 50 010 Copyright C 2011 D Link Corporation All rights reserved ...

Page 34: ...ctions None Example To clear the terminal screan DGS 3420 28SC admin clear Command clear 2 26 config terminal width Description This command is used to configure the terminal width Format config terminal width default value 80 200 Parameters default Specify the default terminal width value value 80 200 Specify a terminal width value between 80 and 200 characters The default value is 80 Restriction...

Page 35: ...cription This command is used to display the configuration of the current terminal width Format show terminal width Parameters None Restrictions None Example To display the configuration of the current terminal width DGS 3420 28SC admin show terminal width Command show terminal width Global terminal width 80 Current terminal width 80 DGS 3420 28SC admin 2 28 show device_status Description This com...

Page 36: ...l only display the failed fans in the Left Fan field such as 1 3 Fail In the same way the Right Fan Back Fan is same to Left Fan Because there is only one CPU Fan if it is working failed display Fail otherwise display OK Format show device_status Parameters None Restrictions None Example To show device status the number 1 2 3 etc represent the fan number DGS 3420 28SC admin show device_status Comm...

Page 37: ...ortlist all mac_based ports portlist all mac_address macaddr config 802 1x max_users value 1 448 no_limit config 802 1x reauth port_based ports portlist all mac_based ports portlist all mac_address macaddr create 802 1x guest_vlan vlan_name 32 delete 802 1x guest_vlan vlan_name 32 config 802 1x guest_vlan ports portlist all state enable disable show 802 1x guest_vlan config radius add server_index...

Page 38: ... To enable the 802 1X function DGS 3420 28SC admin enable 802 1x Command enable 802 1x Success DGS 3420 28SC admin 3 2 disable 802 1x Description This command is used to disable the 802 1X function Format disable 802 1x Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the 802 1X function DGS 3420 28SC admin disable 802 1x...

Page 39: ...ify to add a user name Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a user named ctsnow DGS 3420 28SC admin create 802 1x user ctsnow Command create 802 1x user ctsnow Enter a case sensitive new password Enter the new password again for confirmation Success DGS 3420 28SC admin 3 4 delete 802 1x user Description This command is used to...

Page 40: ...he user named Tiberius DGS 3420 28SC admin delete 802 1x user Tiberius Command delete 802 1x user Tiberius Success DGS 3420 28SC admin 3 5 show 802 1x user Description This command is used to display 802 1X local user account information Format show 802 1x user Parameters None Restrictions None Example To display 802 1X user information DGS 3420 28SC admin show 802 1x user Command show 802 1x user...

Page 41: ...strictions Only Administrator Operator and Power User level users can issue this command Example To configure the 802 1X RADIUS EAP DGS 3420 28SC admin config 802 1x auth_protocol radius_eap Command config 802 1x auth_protocol radius_eap Success DGS 3420 28SC admin 3 7 show 802 1x Description This command is used to display the 802 1X state or configurations Format show 802 1x auth_state auth_conf...

Page 42: ...S 3420 28SC admin show 802 1x auth_state ports 1 4 Command show 802 1x auth_state ports 1 4 Status A Authorized U Unauthorized P Port Based 802 1X Pri Priority Port MAC Address Auth PAE State Backend Status VID Pri VID State 1 00 00 00 00 00 01 10 Authenticated Idle A 4004 3 1 00 00 00 00 00 02 10 Authenticated Idle A 1234 1 00 00 00 00 00 04 30 Authenticating Response U 2 P Authenticating Request...

Page 43: ...rt capability Format config 802 1x capability ports portlist all authenticator none Parameters portlist Specify a range of ports to be configured all Specify to configure all ports authenticator The port that wishes to enforce authentication before allowing access to services that are accessible via that port adopts the authenticator role none Disable authentication on specified port Restrictions ...

Page 44: ...forwarding state disable Disable the 802 1X PDU forwarding state Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the 802 1X PDU forwarding state on ports 1 to 2 DGS 3420 28SC admin config 802 1x fwd_pdu ports 1 2 enable Command config 802 1x fwd_pdu ports 1 2 enable Success DGS 3420 28SC admin 3 10 config 802 1x fwd_pdu system Descrip...

Page 45: ...y to configure all ports default Set all parameters to the default value direction Optional Set the direction of access control both For bidirectional access control in For ingress access control port_control Optional Force a specific port to be unconditionally authorized or unauthorized by setting the parameter of port_control to be force_authorized or force_unauthorized Besides the controlled po...

Page 46: ...efault value is 3600 sec 1 65535 The reauthentication period value must be between 1 an 65535 seconds max_users Optional Set the maximum number of users between 1 and 448 value 1 448 The maximum users value must be between 1 and 448 no_limit Set an unlimited number of users enable_reauth Optional Enable or disable the re authentication mechanism for a specific port enable Enable the re authenticat...

Page 47: ...ius enable Command config 802 1x authorization attributes radius enable Success DGS 3420 28SC admin 3 13 config 802 1x init Description This command is used to initialize the authentication state machine of some or all Format config 802 1x init port_based ports portlist all mac_based ports portlist all mac_address macaddr Parameters port_based ports Used to configure authentication in port based m...

Page 48: ...t config 802 1x max_users value 1 448 no_limit Parameters value 1 448 Specify the maximum number of users no_limit Specify an unlimited number of users Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the 820 1X maximum numbers of the system DGS 3420 28SC admin config 802 1x max_users 2 Command config 802 1x max_users 2 Success DGS 342...

Page 49: ...s Optional Specify the MAC address of the authenticated RADIUS client macaddr Enter the MAC address here Restrictions Only Administrator Operator and Power User level users can issue this command Example To reauthenticate the device connected with the port DGS 3420 28SC admin config 802 1x reauth port_based ports all Command config 802 1x reauth port_based ports all Success DGS 3420 28SC admin 3 1...

Page 50: ...uest_vlan Description This command is used to delete a guest VLAN setting but not to delete the static VLAN itself Format delete 802 1x guest_vlan vlan_name 32 Parameters vlan_name 32 Specify the guest VLAN name Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a guest VLAN configuration DGS 3420 28SC admin delete 802 1x guest_vlan guestVL...

Page 51: ...st VLAN disable Remove from guest VLAN Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure a guest VLAN setting for ports 1 to 8 DGS 3420 28SC admin config 802 1x guest_vlan ports 1 8 state enable Command config 802 1x guest_vlan ports 1 8 state enable Warning The ports are moved to Guest VLAN Success DGS 3420 28SC admin 3 19 show 802 1x ...

Page 52: ... The maximum length of the password is 32 characters long encryption_key Specifies the key pre negotiated between switch and the RADIUS server It is used to encrypt user s authentication data before being transmitted over internet The maximum length of the key is 32 password 56 Enter the encrypted form key string The maximum length of the plain text key is 56 bytes The encryption algorithm is base...

Page 53: ... add 1 10 48 74 121 key dlink default Success DGS 3420 28SC admin 3 21 config radius delete Description This command is used to delete a RADIUS server Format config radius delete server_index 1 3 Parameters server_index 1 3 Specify the RADIUS server index The range is from 1 to 3 Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a RADIUS s...

Page 54: ... user s authentication data before being transmitted over internet The maximum length of the key is 32 password 56 Enter the encrypted form key string The maximum length of the plain text key is 56 bytes The encryption algorithm is based on DES auth_port Specify the UDP port number which is used to transmit RADIUS authentication data between the switch and the RADIUS server The default is 1812 udp...

Page 55: ...s 10 48 74 121 key dlink Success DGS 3420 28SC admin 3 23 show radius Description This command is used to display RADIUS server configurations Format show radius Parameters None Restrictions None Example To display RADIUS server configurations DGS 3420 28SC admin show radius Command show radius Index 1 IP Address 192 168 69 1 Auth Port 1812 Acct Port 1813 Timeout 5 Retransmit 2 Key 123456 Total En...

Page 56: ...estrictions None Example To display authenticator statistics information for port 3 DGS 3420 28SC admin show auth_statistics ports 3 Command show auth_statistics ports 3 Auth VID 100 MAC Address 00 00 00 00 00 03 Port number 3 EapolFramesRx 0 EapolFramesTx 6 EapolStartFramesRx 0 EapolReqIdFramesTx 6 EapolLogoffFramesRx 0 EapolReqFramesTx 0 EapolRespIdFramesRx 0 EapolRespFramesRx 0 InvalidEapolFram...

Page 57: ...3 DGS 3420 28SC admin show auth_diagnostics ports 3 Command show auth_diagnostics ports 3 Auth VID 100 MAC Address 00 00 00 00 00 03 Port number 1 EntersConnecting 20 EapLogoffsWhileConnecting 0 EntersAuthenticating 0 SuccessWhileAuthenticating 0 TimeoutsWhileAuthenticating 0 FailWhileAuthenticating 0 ReauthsWhileAuthenticating 0 EapStartsWhileAuthenticating 0 EapLogoffWhileAuthenticating 0 Reauth...

Page 58: ...be displayed Restrictions None Example To display authenticator session statistics information for port 1 DGS 3420 28SC admin show auth_session_statistics ports 3 Command show auth_session_statistics ports 3 Auth VID 100 MAC Address 00 00 00 00 00 03 Port number 3 SessionOctetsRx 0 SessionOctetsTx 0 SessionFramesRx 0 SessionFramesTx 0 SessionId SessionAuthenticMethod Remote Authentication Server S...

Page 59: ...uthServerIndex 1 radiusAuthServerAddress 0 0 0 0 radiusAuthClientServerPortNumber 0 radiusAuthClientRoundTripTime 0 radiusAuthClientAccessRequests 0 radiusAuthClientAccessRetransmissions 0 radiusAuthClientAccessAccepts 0 radiusAuthClientAccessRejects 0 radiusAuthClientAccessChallenges 0 radiusAuthClientMalformedAccessResponses 0 radiusAuthClientBadAuthenticators 0 radiusAuthClientPendingRequests 0...

Page 60: ...nTypes 0 radiusAuthClientPacketsDropped 0 radiusAuthClient radiusAuthClientInvalidServerAddresses 0 radiusAuthClientIdentifier D Link radiusAuthServerEntry radiusAuthServerIndex 3 radiusAuthServerAddress 0 0 0 0 radiusAuthClientServerPortNumber 0 radiusAuthClientRoundTripTime 0 radiusAuthClientAccessRequests 0 radiusAuthClientAccessRetransmissions 0 radiusAuthClientAccessAccepts 0 radiusAuthClient...

Page 61: ...usAuthServerEntry radiusAccServerIndex 1 radiusAccServerAddress 0 0 0 0 radiusAccClientServerPortNumber 0 radiusAccClientRoundTripTime 0 radiusAccClientRequests 0 radiusAccClientRetransmissions 0 radiusAccClientResponses 0 radiusAccClientMalformedResponses 0 radiusAccClientBadAuthenticators 0 radiusAccClientPendingRequests 0 radiusAccClientTimeouts 0 radiusAccClientUnknownTypes 0 radiusAccClientPa...

Page 62: ...s 0 radiusAccClientUnknownTypes 0 radiusAccClientPacketsDropped 0 radiusAcctClient radiusAcctClientInvalidServerAddresses 0 radiusAcctClientIdentifier D Link radiusAuthServerEntry radiusAccServerIndex 3 radiusAccServerAddress 0 0 0 0 radiusAccClientServerPortNumber 0 radiusAccClientRoundTripTime 0 radiusAccClientRequests 0 radiusAccClientRetransmissions 0 radiusAccClientResponses 0 radiusAccClient...

Page 63: ...e authen server_group string 15 config authen server_group tacacs xtacacs tacacs radius string 15 add delete server_host ipaddr protocol tacacs xtacacs tacacs radius delete authen server_group string 15 show authen server_group string 15 create authen server_host ipaddr protocol tacacs xtacacs tacacs radius port int 1 65535 key key_string 254 none encryption_key key_string 344 timeout int 1 255 re...

Page 64: ... tacacs source_ipif ipif_name 12 ipaddr none show tacacs source_ipif config accounting default method_list_name string 15 method tacacs radius server_group string 15 none config accounting service network shell system state enable radius_only method_list_name string 15 default_method_list disable config accounting service command administrator operator power_user user method_list_name string none ...

Page 65: ...witch The server will not accept the username and password and the user is denied access to the Switch The server doesn t respond to the verification query At this point the Switch receives the timeout from the server and then moves to the next method of verification configured in the method list The Switch has four built in server groups one for each of the TACACS XTACACS TACACS and RADIUS protoc...

Page 66: ... to authenticate the user for login and adopt the enable authentication mothod list to authenticate the enable password for promoting the user s privilege to Administrator level Format enable authen_policy Parameters None Restrictions Only Administrator level users can issue this command Example To enable system access authentication policy DGS 3420 28SC admin enable authen_policy Command enable a...

Page 67: ...access authentication policy DGS 3420 28SC admin disable authen_policy Command disable authen_policy Success DGS 3420 28SC admin 4 3 show authen_policy Description This command is used to display whether system access authentication policy is enabled or disabled Format show authen_policy Parameters None Restrictions Only Administrator level users can issue this command Example To display system ac...

Page 68: ... TACACS and RADIUS key will be in the encrypted form Format enable authen_policy_encryption Parameters None Restrictions Only Administrator level users can issue this command Example To enable the authentication policy encryption DGS 3420 28SC admin enable authen_policy_encryption Command enable authen_policy_encryption Success DGS 3420 28SC admin 4 5 disable authen_policy_encryption Description T...

Page 69: ... method_list_name Description This command is used to create a user defined method list of authentication methods for user login The maximum supported number of the login method lists is eight Format create authen_login method_list_name string 15 Parameters string 15 Specify the user defined method list name Restrictions Only Administrator level users can issue this command Example To create a use...

Page 70: ...vel the user must use the enable admin command to promote his privilege level But when the local method is used the privilege level will depend on this account privilege level stored in the local device Format config authen_login default method_list_name string 15 method tacacs xtacacs tacacs radius server_group string 15 local none 1 Parameters default Specify the default method list of authentic...

Page 71: ...tication methods for user login Format delete authen_login method_list_name string 15 Parameters string 15 Specify the user defined method list name Restrictions Only Administrator level users can issue this command Example To delete a user defined method list for user login DGS 3420 28SC admin delete authen_login method_list_name login_list_1 Command delete authen_login method_list_name login_lis...

Page 72: ... DGS 3420 28SC admin show authen_login method_list_name login_list_1 Command show authen_login method_list_name login_list_1 Method List Name Priority Method Name Comment login_list_1 1 tacacs Built in Group 2 tacacs Built in Group 3 mix_1 User defined Group 4 local Keyword DGS 3420 28SC admin 4 10 create authen_enable method_list_name Description This command is used to create a user defined meth...

Page 73: ...osts in the TACACS group are missing the local enable password in the device is used to authenticate this user s password The local enable password in the device can be configured by the CLI command config admin local_enable Format config authen_enable default method_list_name string 15 method tacacs xtacacs tacacs radius server_group string 15 local_enable none 1 Parameters default Specify the de...

Page 74: ... defined method list of authentication methods for promoting a user s privilege to Administrator level Format delete authen_enable method_list_name string 15 Parameters string 15 Specify the user defined method list name Restrictions Only Administrator level users can issue this command Example To delete a user defined method list for promoting a user s privilege to Admin level DGS 3420 28SC admin...

Page 75: ...pecify to display all method lists for promoting a user s privilege to Administrator level Restrictions Only Administrator level users can issue this command Example To display all method lists for promoting a user s privilege to Administrator level DGS 3420 28SC admin show authen_enable all Command show authen_enable all Method List Name Priority Method Name Comment default 1 local_enable Keyword...

Page 76: ...moting user privilege to Administrator level default Specify the default method list method_list_name Specify the user defined method list name string 15 Specify the user defined method list name The method list name value can be up to 15 characters long Restrictions Only Administrator level users can issue this command Example To configure the login method list for Telnet DGS 3420 28SC admin conf...

Page 77: ...efault default DGS 3420 28SC admin 4 16 create authen server_group Description This command is used to create a user defined authentication server group The maximum supported number of server groups including built in server groups is eight Each group consists of eight server hosts as maximum Format create authen server_group string 15 Parameters string 15 Specify the user defined server group nam...

Page 78: ...fy the built in server group TACACS radius Specify the built in server group RADIUS string 15 Specify a user defined server group add Specify to add a server host to a server group delete Specify to remove a server host from a server group server_host Specify the server host s IP address ipaddr Specify the server host s IP address protocol Specify the server host s type of authentication protocol ...

Page 79: ...Administrator level users can issue this command Example To delete a user defined authentication server group DGS 3420 28SC admin delete authen server_group mix_1 Command delete authen server_group mix_1 Success DGS 3420 28SC admin 4 19 show authen server_group Description This command is used to display the authentication server groups Format show authen server_group string 15 Parameters string 1...

Page 80: ...smit int 1 20 Parameters ipaddr Specify the server host s IP address protocol Specify the server host s type of authentication protocol tacacs Specify the server host s authentication protocol TACACS xtacacs Specify the server host s authentication protocol XTACACS tacacs Specify the server host s authentication protocol TACACS radius Specify the server host s authentication protocol RADIUS port O...

Page 81: ...alue must be between 1 and 20 Restrictions Only Administrator level users can issue this command Example To create a TACACS authentication server host with a listening port number of 15555 and a timeout value of 10 seconds DGS 3420 28SC admin create authen server_host 10 1 1 222 protocol tacacs port 15555 key 123 timeout 10 Command create authen server_host 10 1 1 222 protocol tacacs port 15555 ke...

Page 82: ... meaningless for TACACS and XTACACS The encryption algorithm is based on DES key_string 344 Enter the encrypted form key string for TACACS and RADIUS authentication here timeout Specify the time in seconds for waiting for a server reply The default value is 5 seconds int 1 255 Specify the time in seconds for waiting for a server reply The default value is 5 seconds The timeout value must be betwee...

Page 83: ...adius Specify the server host s authentication protocol RADIUS Restrictions Only Administrator level users can issue this command Example To delete an authentication server host DGS 3420 28SC admin delete authen server_host 10 1 1 222 protocol tacacs Command delete authen server_host 10 1 1 222 protocol tacacs Success DGS 3420 28SC admin 4 23 show authen server_host Description This command is use...

Page 84: ...e_timeout int 0 255 Parameters int 0 255 Specify the amount of time for user input on console or Telnet or SSH 0 means there is no time out The default value is 30 seconds Restrictions Only Administrator level users can issue this command Example To configure 60 seconds for user to input DGS 3420 28SC admin config authen parameter response_timeout 60 Command config authen parameter response_timeou...

Page 85: ... this command Example To configure the maximum attempts for users trying to login or promote the privilege to be 9 DGS 3420 28SC admin config authen parameter attempt 9 Command config authen parameter attempt 9 Success DGS 3420 28SC admin 4 26 show authen parameter Description This command is used to display the authentication parameters Format show authen parameter Parameters None Restrictions On...

Page 86: ...ser wants to use either one of these three protocols to enable authentication the user must create a special account on the server host first which has a username enable and then configure its password as the enable password to support the enable function This command cannot be used when authentication policy is disabled Format enable admin Parameters None Restrictions None Example To enable admin...

Page 87: ...can issue this command Example To configure the administrator password DGS 3420 28SC admin config admin local_enable Command config admin local_enable Enter the old password Enter the case sensitive new password Enter the new password again for confirmation Success DGS 3420 28SC admin To configure the administrator password specifying an SHA 1 encrypted password of cRDtpNCeBiq15KOQsKVyrA0sAiCIZQwq...

Page 88: ... XTACACS TACACS and RADIUS server groups only accept server hosts with the same protocol but a user defined server group can accept server hosts with different protocols Format config aaa server_group tacacs xtacacs tacacs radius group_name string 15 add delete server_host ipaddr protocol tacacs xtacacs tacacs radius Parameters tacacs Specify the built in TACACS server group xtacacs Specify the bu...

Page 89: ...th an IP address of 10 1 1 222 to server group mix_1 specifying the TACACS protocol DGS 3420 28SC admin config aaa server_group group_name mix_1 add server_host 10 1 1 222 protocol tacacs Command config aaa server_group group_name mix_1 add server_host 10 1 1 222 protocol tacacs Success DGS 3420 28SC admin 4 31 delete aaa server_group Description This command is used to delete a group of user defi...

Page 90: ...the server host protocol Specify the protocol tacacs Specify TACACS server host xtacacs Specify XTACACS server host tacacs Specify TACACS server host radius Specify RADIUS server host Restrictions Only Administrator level can issue this command Example To tacacs xtacacs tacacs delete an AAA server host with an IP address of 10 1 1 222 that is running the TACACS protocol DGS 3420 28SC admin delete ...

Page 91: ...te RADIUS Only Accounting Shell Service Method Accounting System Service State Disabled Accounting System Service Method Accounting Admin Command Service Method Accounting Operator Command Service Method Accounting PowerUser Command Service Method Accounting User Command Service Method Authentication Policy Encryption Enabled DGS 3420 28SC admin 4 34 show aaa server_group Description This command ...

Page 92: ...28SC admin show aaa server_group Command show aaa server_group Group Name IP Address Protocol mix_1 radius tacacs tacacs xtacacs Total Entries 5 DGS 3420 28SC admin 4 35 show aaa server_host Description This command is used to display the AAA server hosts Format show aaa server_host Parameters None Restrictions Only Administrator level can issue this command Example To display all AAA server hosts...

Page 93: ...ord_encryption Description This command is used to enable AAA server password encryption Format enable aaa_server_password_encryption Parameters None Restrictions Only Administrator level can issue this command Example To enable AAA server password encryption DGS 3420 28SC admin enable aaa_server_password_encryption Command enable aaa_server_password_encryption Success DGS 3420 28SC admin 4 37 dis...

Page 94: ..._string 344 timeout int 1 255 retransmit int 1 20 Parameters ipaddr Enter the IP address of the server host auth_port Optional Specify the port of the RADIUS authentication int 1 65535 Enter the value between 1 and 65535 The default value is 1812 acct_port Optional Specify the port of the RAIDUS accounting int 1 65535 Enter the value between 1 and 65535 The default value is 1813 key Optional Speci...

Page 95: ..._key key_string 344 timeout int 1 255 retransmit int 1 20 Parameters ipaddr Enter the IP address of the server host auth_port Optional Specify the port of the RADIUS authentication int 1 65535 Enter the value between 1 and 65535 The default value is 1812 acct_port Optional Specify the port of the RAIDUS accounting int 1 65535 Enter the value between 1 and 65535 The default value is 1813 key Option...

Page 96: ...fy source interface for all outgoing RADIUS packets Format config radius source_ipif ipif_name 12 ipaddr ipv6addr none Parameters ipif_name 12 Enter the IP interface name used here ipaddr Enter the IPv4 address used here ipv6addr Enter the IPv6 address used here none Specifies to revert to the default route table for all outgoing RADIUS packet Restrictions Only Administrator level can issue this c...

Page 97: ...source_ipif Command show radius source_ipif IP Interface if_v200 IPv4 Address None IPv6 Address None DGS 3420 28SC admin 4 42 create tacacs server_host Description This command is used to create a TACACS server host Format create tacacs server_host ipaddr port int 1 65535 timeout int 1 255 retransmit int 1 20 Parameters ipaddr Enter the IP address of the server host port Optional The port number o...

Page 98: ...escription This command is used to configure a TACACS server host Format config tacacs server_host ipaddr port int 1 65535 timeout int 1 255 retransmit int 1 20 Parameters ipaddr Enter the IP address of the server host port Optional The port number of the TACACS server host int 1 65535 Enter the value between 1 and 65535 The default value is 49 timeout Optional Specify the time in second to wait f...

Page 99: ...rver host int 1 65535 Enter the value between 1 and 65535 The default value is 49 key Optional Specify the key for TACACS key_string 254 Enter the plain text key string for TACACS none No encryption for RADIUS encryption_key Optional The encrypted form key string for TACACS The encryption algorithm is based on DES key_string 344 Etner the string with maximum 344 characters timeout Optional Specify...

Page 100: ...y string for TACACS none No encryption for RADIUS encryption_key Optional The encrypted form key string for TACACS The encryption algorithm is based on DES key_string 344 Etner the string with maximum 344 characters timeout Optional Specify the time in second to wait for the server to reply int 1 255 Enter the value between 1 and 255 The default value is 5 Restrictions Only Administrator level can...

Page 101: ...reate xtacacs server_host 10 1 1 224 port 15555 timeout 10 Command create xtacacs server_host 10 1 1 224 port 15555 timeout 10 Success DGS 3420 28SC admin 4 47 config xtacacs server_host Description This command is used to configure a XTACACS server host Format config xtacacs server_host ipaddr port int 1 65535 timeout int 1 255 retransmit int 1 20 Parameters ipaddr Enter the IP address of the ser...

Page 102: ...face for all outgoing TACACS packets Format config tacacs source_ipif ipif_name 12 ipaddr none Parameters ipif_name 12 Enter the interface name as source interface for all outgoing TACACS packets ipaddr Optional Enter the IP address as source IPv4 address for all outgoing TACACS packets none Specifies to revert to the default route table for all outgoing TACACS packet Restrictions Only Administrat...

Page 103: ...ow tacacs source_ipif IP Interface if_v200 IPv4 Address None DGS 3420 28SC admin 4 50 config accounting Description This command is used to configure a user defined or default method list of accounting methods Format config accounting default method_list_name string 15 method tacacs radius server_group string 15 none Parameters default Specifies the default method list of accounting methods method...

Page 104: ...configure the state of the specified RADIUS accounting service Format config accounting service network shell system state enable radius_only method_list_name string 15 default_method_list disable Parameters network Specifies that when enabled the Switch will send informational packets to a remote RADIUS server when 802 1X WAC and JWAC port access control events occur on the Switch By default the ...

Page 105: ...unting service shell state enable Success DGS 3420 28SC admin 4 52 config accounting service command Description This command is used to configure the state of the specified accounting service Format config accounting service command administrator operator power_user user method_list_name string none Parameters administrator Optional Specifies the accounting service for all administrator level com...

Page 106: ...command is used to create a user defined method list of accounting methods Format create accounting method_list_name string 15 Parameters string 15 Enter the name of the user defined method list here This name can be up to 15 characters long Restrictions Only Administrator level users can issue this command Example To create a user defined accounting method list called shell_acct DGS 3420 28SC adm...

Page 107: ...accounting method_list_name shell_acct Success DGS 3420 28SC admin 4 55 show accounting Description This command is used to display the method list of accounting methods on switch Format show accounting default method_list_name string 15 all Parameters default Displays the user defined list of default accounting methods method_list_name Displays the user defined list of specific accounting methods...

Page 108: ...e Comment shell_acct 1 none Keyword DGS 3420 28SC admin 4 56 show accounting service Description This command is used to display RADIUS accounting service information Format show accounting service Parameters None Restrictions None Example To display accounting service information DGS 3420 28SC admin show accounting service Command show accounting service Accounting State Network Disabled Shell Di...

Page 109: ...ue 0 255 code value 0 255 igmp type value 0 255 tcp src_port value 0 65535 mask hex 0x0 0xffff dst_port value 0 65535 mask hex 0x0 0xffff flag all urg ack psh rst syn fin udp src_port value 0 65535 mask hex 0x0 0xffff dst_port value 0 65535 mask hex 0x0 0xffff protocol_id value 0 255 user_define hex 0x0 0xffffffff mask hex 0x0 0xffffffff 1 packet_content offset_chunk_1 hex 0x0 0xffffffff mask hex ...

Page 110: ...ffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_48 63 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_64 79 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff ipv6 class value 0 255 flowlabel hex 0x0 0xfffff source_ipv6 ipv6addr destination_ipv6 ipv6addr port portlist all permit deny time_range range_name 32 delete ...

Page 111: ...ask macmask 000000000000 ffffffffffff Specify the source MAC mask destination_mac Specify the destination MAC mask macmask 000000000000 ffffffffffff Specify the destination MAC mask 802 1p Speciy the 802 1p priority tag mask ethernet_type Specify the Ethernet type ip Specify an IP access control list rule vlan Specify a VLAN mask Only the last 12 bits of the mask will be considered hex 0x0 0x0fff ...

Page 112: ...sk value here offset_chunk_3 Specifies the offset chunk 3 that allows users to examine the specified offset_chunks within a packet at one time and specifies the frame content offset and mask value 0 31 Enter the offset chunk 3 value here This value must be between 0 and 31 hex 0x0 0xffffffff Enter the offset chunk 3 mask value here offset_chunk_4 Specifies the offset chunk 4 that allows users to e...

Page 113: ...Command create access_profile profile_id 2 profile_name 2 ip vlan source_ip_mask 255 255 255 255 destination_ip_mask 255 255 255 0 dscp icmp Success DGS 3420 28SC admin 5 2 delete access_profile Description This command is used to delete access list profiles Format delete access_profile profile_id value 1 6 profile_name name 1 32 all Parameters profile_id Specify the index of the access list profi...

Page 114: ...ex 0x0 0xffff protocol_id value 0 255 user_define hex 0x0 0xffffffff mask hex 0x0 0xffffffff 1 packet_content offset_chunk_1 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_2 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_3 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_4 hex 0x0 0xffffffff mask hex 0x0 0xffffffff 1 ipv6 class value 0 255 flowlabel hex 0x0 0xfffff source_...

Page 115: ...ecify the VLAN ID vlanid 1 4094 Specify the VLAN ID between 1 and 4094 mask Optional Specify the mask hex 0x0 0x0fff Specify the mask source_ip Specify an IP source address ipaddr Specify an IP source address mask Optional Specify the mask netmask Specify the mask destination_ip Specify an IP destination address ipaddr Specify an IP destination address mask Optional Specify the mask netmask Specif...

Page 116: ...offset trunk 1 to be monitored hex 0x0 0xffffffff Enter the contents of the offset trunk 1 to be monitored here mask Specifies an additional mask for each field hex 0x0 0xffffffff Enter the additional mask value used here offset_chunk_2 Specifies the contents of the offset trunk 2 to be monitored hex 0x0 0xffffffff Enter the contents of the offset trunk 2 to be monitored here mask Specifies an add...

Page 117: ...y to all ports vlan_based Specify the VLAN based ACL rule There are two conditions this rule will apply to all ports and packets must belong to the configured VLAN It can be specified by VLAN name or VLAN ID vlan Specify the VLAN name vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlan_id Specify the VLAN ID vlanid 1 4094 Specify the VLAN ID between 1 and 4094 permit Specif...

Page 118: ...is command Example To configure an access list entry DGS 3420 28SC admin config access_profile profile_id 1 add access_id 1 ip vlan default source_ip 20 2 2 3 destination_ip 10 1 1 252 dscp 3 icmp port 1 permit Command config access_profile profile_id 1 add access_id 1 ip vlan default source_ip 20 2 2 3 destination_ip 10 1 1 252 dscp 3 icmp port 1 permit Success DGS 3420 28SC admin 5 4 show access...

Page 119: ... Name 1 Type Ethernet Mask on VLAN ID 0xFF Source MAC FF FF FF FF FF 00 802 1p Available HW Entries 254 Rule ID 1 Ports 1 10 Match on VLAN ID 2 Mask 0xFFF Source MAC 00 01 02 03 04 00 Action Permit Replaced Priority to 2 Replace DSCP to 33 Matched Count 0 packets Rule ID 256 auto assign Ports Match on VLAN ID 8 Source MAC 00 01 02 03 04 00 802 1p Action Deny Profile ID 3 Profile Name 3 Type IPv4 M...

Page 120: ... Profile Name VLAN Counter Consumed HW Entries 9 Profile ID 4 Profile Name System Consumed HW Entries 4 DGS 3420 28SC admin Note Total User Set Entries indicates the total number of ACL rules created by the user Total Used HW Entries indicates the total number of hardware entries used in the device Available HW Entries indicates the total number of available hardware entries in the device To displ...

Page 121: ...le profile_id 5 Command show access_profile profile_id 5 Access Profile Table Profile ID 5 Profile name 5 Type User Defined MASK on offset_chunk_1 0 value 0x0000FFFF Available HW Entries 256 DGS 3420 28SC admin 5 5 config time_range Description This command is used to define a specific range of time to activate a function on the Switch by specifying which time range in a day and which days in a we...

Page 122: ... fri Monday to Friday sun mon fri Sunday Monday and Friday daylist Specify a list of days delete Delete a time range profile When a time range profile has been associated with ACL entries the deletion of this time range profile will fail Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the range of time to activate a function on the sw...

Page 123: ...to display the ACL part of the current configuration when logged in with user level privileges The overall current configuration can be displayed by using the show config command which is accessible with administrator level privileges Format show current_config access_profile Parameters None Restrictions None Example To display the ACL part of the current configuration DGS 3420 28SC admin show cur...

Page 124: ...te cpu access_profile profile_id value 1 5 all Parameters profile_id Specify the index of the access list profile value 1 5 Specify the value between 1 and 5 all Specify to delete all the access list profiles Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete access list rules DGS 3420 28SC admin delete cpu access_profile profile_id 3 Comma...

Page 125: ...ac Specify the source MAC mask macmask000000000000 ffffffffffff Specify the source MAC mask destination_mac Specify the destination MAC mask macmask 000000000000 ffffffffffff Specify the destination MAC mask 802 1p Specify the 802 1p priority tag mask ethernet_type Specify the Ethernet type mask ip Specify an IP CPU access control list rule vlan Specify a VLAN mask source_ip_mask Specify an IP sou...

Page 126: ... packet bytes 32 47 hex 0x0 0xffffffff Specify the mask for packet bytes 32 35 hex 0x0 0xffffffff Specify the mask for packet bytes 36 39 hex 0x0 0xffffffff Specify the mask for packet bytes 40 43 hex 0x0 0xffffffff Specify the mask for packet bytes 44 47 offset_48 63 Specify the mask for packet bytes 48 63 hex 0x0 0xffffffff Specify the mask for packet bytes 48 51 hex 0x0 0xffffffff Specify the m...

Page 127: ...ff offset_16 31 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_32 47 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_48 63 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_64 79 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff ipv6 class value 0 255 flowlabel hex 0x0 ...

Page 128: ... 0 65535 Specify the value between 0 and 65535 flag Specify the TCP flag field value all Specify to check all paramenters below urg Optional Specify Urgent Pointer field significant ack Optional Specify Acknowledgment field significant psh Optional Specify Push Function rst Optional Specify to reset the connection syn Optional Specify to synchronize sequence numbers fin Optional No more data from ...

Page 129: ...ss Specify the value of the IPv6 class value 0 255 Specify the value between 0 and 255 flowlabel Specify the value of the IPv6 flow label hex 0x0 0xfffff Specify the value of the IPv6 flow label source_ipv6 Specify the value of the IPv6 source address ipv6addr Specify the value of the IPv6 source address destination_ipv6 Specify the value of the IPv6 destination address ipv6addr Specify the value ...

Page 130: ...cify the index of an access list profile value 1 5 Specify value between 1 and 5 Restrictions None Example To display the current CPU access list table DGS 3420 28SC admin show cpu access_profile Command show cpu access_profile CPU Interface Filtering State Disabled CPU Interface Access Profile Table Total Unused Rule Entries 93 Total Used Rule Entries 7 Profile ID 1 Type IPv4 MASK on Dest IP 255 ...

Page 131: ...Rule Entries 93 Rule ID 1 Ports 1 28 Time Range ben Match on Dest IP 10 90 90 12 Mask 255 255 255 255 Action Deny Profile ID 4 Type IPv6 MASK on UDP Source Port 0xFFFF Unused Rule Entries 93 Rule ID 99 auto assign Ports 1 Match on UDP Source Port 1234 Action Permit Rule ID 100 auto assign Ports 1 Match on UDP Source Port 0 Mask 0x0 Action Permit ...

Page 132: ...F FFFF FFFF TCP Source Port 0xFFFF Dest Port 0xFFFF Unused Rule Entries 93 Rule ID 1 Ports 1 Match on Class 123 Flow Label 0x12345 Source IPv6 2001 Mask FFFF Dest IPv6 2002 Mask FFFF TCP Source Port 1024 Dest Port 0 Mask 0x0 Action Permit Rule ID 100 auto assign Ports 1 Match on Class 127 Flow Label 0x67890 Action Deny Profile ID 6 Type User Defined MASK on Offset 0 15 0xFFFFFFFF 0xFFFFFFFF 0xFFFF...

Page 133: ...command is used to enable CPU interface filtering Format enable cpu_interface_filtering Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable CPU interface filtering DGS 3420 28SC admin enable cpu_interface_filtering Command enable cpu_interface_filtering Success DGS 3420 28SC admin 5 13 disable cpu_interface_filtering Descript...

Page 134: ...For single rate three color mode users need to specify the committed rate in Kbps the committed burst size and the excess burst size For the two rate three color mode users need to specify the committed rate in Kbps the committed burst size the peak rate and the peak burst size The green color packet will be treated as the conforming action the yellow color packet will be treated as the exceeding ...

Page 135: ...ify the Committed Information Rate The unit is Kbps CIR should always be equal or less than PIR value 0 1048576 Specify the value between 0 and 1048576 cbs Optional Specify the Committed Burst Size The unit is Kbyte value 0 131072 Specify the value between 0 and 131072 pir Specify the Peak information Rate The unit is Kbps PIR should always be equal to or greater than CIR value 0 1048576 Specify t...

Page 136: ...ze The unit is Kbyte value 0 131072 Specify the value between 0 and 131072 color_blind Specifies the meter mode as color blind The default is color blind mode color_aware Specifies the meter mode as color aware The final color of the packet is determined by the initial color of the packet and the metering result conform Optional This field denotes the green packet flow Green packet flows may have ...

Page 137: ...ameter to delete the specified flow meter Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure a two rate three color flow meter DGS 3420 28SC admin config flow_meter profile_id 1 access_id 1 tr_tcm cir 1000 cbs 200 pir 2000 pbs 200 conform replace_dscp 21 exceed drop violate permit Command config flow_meter profile_id 1 access_id 1 tr_tcm...

Page 138: ...f the profile The maximum length is 32 characters access_id Optional Specify the access ID value 1 256 Specify the access ID Enter a value between 1 and 256 Restrictions None Example To display the flow meter configuration DGS 3420 28SC admin show flow_meter Command show flow_meter Flow Meter Information Profile ID 1 Aceess ID 1 Mode trTCM ColorBlind CIR Kbps 1000 CBS Kbyte 200 PIR Kbps 2000 PBS K...

Page 139: ...x0 0xffff flag all urg ack psh rst syn fin udp src_port value 0 65535 mask hex 0x0 0xffff dst_port value 0 65535 mask hex 0x0 0xffff protocol_id value 0 255 user_define hex 0x0 0xffffffff mask hex 0x0 0xffffffff ipv6 class value 0 255 source_ipv6 ipv6addr mask ipv6mask destination_ipv6 ipv6addr mask ipv6mask tcp src_port value 0 65535 mask hex 0x0 0xffff dst_port value 0 65535 mask hex 0x0 0xffff ...

Page 140: ... 0xffff dst_port_mask hex 0x0 0xffff udp src_port_mask hex 0x0 0xffff dst_port_mask hex 0x0 0xffff icmp type code Parameters profile_id Specifies the index of the egress access list profile The lower the profile ID the higher the priority value 1 4 Enter the profile ID used here This value must be between 1 and 4 profile_name The name of the profile must be specified The maximum length is 32 chara...

Page 141: ...ex 0x0 0xff Enter the protocol ID mask value here user_define_mask Optional Specifies that the rule applies to the IP protocol ID and that the mask option behind the IP header length is 20 bytes hex 0x0 0xffffffff Enter the user defined mask value here ipv6 Optional Specifies this is an IPv6 mask class Optional Specifies the IPv6 class source_ipv6_mask Optional Specifies an IPv6 source sub mask ip...

Page 142: ...Parameters profile_id Specifies the index of the egress access list profile value 1 4 Enter the profile ID used here This value must be between 1 and 4 profile_name Specifies the name of the profile The maximum length is 32 characters name 1 32 Enter the profile name used here This name can be up to 32 characters long all Specifies that the whole egress access list profile will be deleted Restrict...

Page 143: ... time_range range_name 32 delete access_id value 1 128 Parameters profile_id Specifies the index of the egress access list profile value 1 4 Enter the profile ID used here This value must be between 1 and 4 profile_name Specifies the name of the profile name 1 32 Enter the profile name here This name can be up to 32 characters long add Specifies to add a profile or rule access_id Specifies the ind...

Page 144: ... the ICMP traffic type value here This value must be between 0 and 255 code Specifies that the rule will apply to the ICMP code traffic value value 0 255 Enter the ICMP code traffic value here This value must be between 0 and 255 igmp Optional Specifies that the following parameters configured will apply to the IGMP configuration type Specifies that the rule will apply to the IGMP type traffic val...

Page 145: ...ination_ipv6 Optional Specifies the value of IPv6 destination address ipv6addr Enter the source IPv6 destination address here mask Specifies the IPv6 destination address mask here ipv6mask Enter the IPv6 destination address mask value here tcp Optional Specifies the TCP protocol src_port Specifies the value of the IPv6 layer 4 TCP source port value 0 65535 Enter the IPv6 TCP source port value here...

Page 146: ...ority with value here This value must be between 0 and 7 replace_dscp_with Optional Specifies the packets that match the egress access rule are changed the DSCP value by the switch value 0 63 Enter the replace DSCP with value here This value must be between 0 and 63 counter Optional Specifies whether the ACL counter feature is enabled or disabled This parameter is optional The default option is di...

Page 147: ...ased vlan_id 1 deny Command config egress_access_profile profile_id 2 add access_id 1 ethernet source_mac 11 22 33 44 55 66 vlan_based vlan_id 1 deny Success DGS 3420 28SC admin 6 4 show egress_access_profile Description This command is used to display current egress access list table Format show egress_access_profile profile_id value 1 4 profile_name name 1 32 Parameters profile_id Optional Speci...

Page 148: ...rofile name 1 Type Ethernet Mask on Source MAC FF FF FF FF FF FF Available Hardware Entries 127 Rule ID 1 Port group Match on VLAN ID 1 Source MAC 00 00 00 00 00 01 Action Permit Profile ID 2 Profile name 2 Type IPv4 Mask on Source IP 255 255 255 255 Destination IP 255 255 255 255 DSCP Available Hardware Entries 126 Rule ID 1 auto assign Port group 1 Match on Source IP 10 0 0 2 Destination IP 10 9...

Page 149: ...sk for each rule DGS 3420 28SC admin show egress_access_profile profile_id 1 Command show egress_access_profile profile_id 1 Egress Access Profile Table Profile ID 1 Profile name 1 Type Ethernet Mask on Source MAC FF FF FF FF FF FF Available Hardware Entries 127 Rule ID 1 Port group Match on VLAN ID 1 Source MAC 00 00 00 00 00 01 Action Permit DGS 3420 28SC admin 6 5 show current_config egress_acc...

Page 150: ...urce_mac FF FF FF FF FF FF config egress_access_profile profile_id 1 add access_id 1 ethernet source_mac 00 00 00 00 00 01 vlan_based vlan_id 1 permit create egress_access_profile profile_id 2 profile_name 2 ip source_ip_mask 255 2 55 255 255 destination_ip_mask 255 255 255 255 dscp config egress_access_profile profile_id 2 add access_id auto_assign ip source_ip 10 0 0 2 destination_ip 10 90 90 90...

Page 151: ...s specifies the burst size for the single rate two color mode The unit is Kbytes value 0 131072 Enter the burst size value here This value must be between 0 and 131072 rate_exceed This specifies the action for packets that exceed the committed rate in single rate two color mode The action can be specified as one of the following drop_packet Drop the packet immediately remark_dscp Mark the packet w...

Page 152: ...ounter cannot be turned on Counters will be cleared when the function is disabled enable Specifies that the ACL counter parameter will be enabled disable Specifies that the ACL counter parameter will be disabled sr_tcm Specify the single rate three color mode cir Specifies the single rate three color mode used value 0 1048576 Enter the single rate three color mode value here This value must be bet...

Page 153: ...counter cannot be turned on Counters will be cleared when the function is disabled enable Specifies that the ACL counter parameter will be enabled disable Specifies that the ACL counter parameter will be disabled delete Delete the specified flow_meter Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure a two rates three color flow meter D...

Page 154: ...mand show egress_flow_meter Flow Meter Information Profile ID 1 Access ID 1 Mode trTcm color blind CIR 1000 Kbps CBS 2000 Kbyte PIR 2000 Kbps PBS 2000 Kbyte Actions Conform Permit Replace DSCP 11 Counter enable Exceed Permit Replace DSCP 22 Counter enable Violate Drop Profile ID 1 Access ID 1 Mode srTcm color blind CIR 2500 Kbps CBS 2000 Kbyte EBS 3500 Kbyte Actions Conform Permit Counter enable E...

Page 155: ...ription This command is used to add or delete a port list to a port group Format config port_group id value 1 64 name name 16 add delete portlist all Parameters id Specifies the port group ID value 1 64 Enter the port group ID used here This value must be between 1 and 64 name Specifies the port group name name 16 Enter the port group name here This name can be up to 16 characters long add Add a p...

Page 156: ...up ID value 1 64 Enter the port group ID used here This value must be between 1 and 64 name Specifies the port group name name 16 Enter the port group name here This name can be up to 16 characters long Restrictions Only Administrator and Operator level users can issue this command Example To delete the port group which ID is 2 DGS 3420 28SC admin delete port_group id 2 Command delete port_group i...

Page 157: ...16 Enter the port group name here This name can be up to 16 characters long If not specified parameter will show all the port group Restrictions Only Administrator and Operator level users can issue this command Example To show all the port group information DGS 3420 28SC admin show port_group Command show port_group Port Group Table Port Group ID Port Group Name Ports 1 group1 1 2 5 2 group2 4 5 ...

Page 158: ...ption This command is used to enter an IP address and the corresponding MAC address into the switch s ARP table Format create arpentry ipaddr macaddr Parameters ipaddr The IP address of the end node or station macaddr The MAC address corresponding to the IP address above Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a static ARP entry ...

Page 159: ...ll Delete all ARP entries Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete an entry of IP address 10 48 74 121 from the ARP table DGS 3420 28SC admin delete arpentry 10 48 74 121 Command delete arpentry 10 48 74 121 Success DGS 3420 28SC admin 7 3 config arpentry Description This command is used to configure a static entry in the ARP tabl...

Page 160: ...20 28SC admin 7 4 config arp_aging time Description This command is used to set the maximum amount of time in minutes that an ARP entry can remain in the switch s ARP table without being accessed before it is dropped from the table Format config arp_aging time min 0 65535 Parameters min 0 65535 The ARP age out time in minutes The default is 20 minutes The range is 0 to 65535 minutes Restrictions O...

Page 161: ... IP interface name The maximum length is 12 characters ipaddress The IP address of the end node or station ipaddr Specify the IP address static Displays the static entries to the ARP table mac_address Displays the ARP entry by MAC address macaddr Specify the MAC address Note If no parameter is specified all ARP entries will be displayed Restrictions None Example To display the ARP table DGS 3420 2...

Page 162: ...C admin clear arptable Command clear arptable Success DGS 3420 28SC admin 7 7 show ipfdb Description This command is used to display the IP address forwarding table on the Switch Format show ipfdb ip_address ipaddr interface ipif_name 12 port port Parameters ip_address Optional Specifies the IP address of the forwarding table ipaddr Enter the IP address to be displayed interface Optional Specifies...

Page 163: ...able Gigabit Switch CLI Reference Guide 158 Restrictions None Example To display the IP address forwarding table on the Switch DGS 3420 28SC admin show ipfdb Command show ipfdb Interface IP Address Port Learned Total Entries 0 DGS 3420 28SC admin ...

Page 164: ...config arp_spoofing_prevention add gateway_ip ipaddr gateway_mac macaddr ports portlist all delete gateway_ip ipaddr Parameters add gateway_ip Specify a gateway IP to be added ipaddr Specify the IP address gateway_mac Specify a gateway MAC to be configured macaddr Specify the MAC address ports Specify the ports portlist Specify a range of ports to be configured all Specify all ports to be configur...

Page 165: ...mmand is used to display the ARP spoofing prevention status Format show arp_spoofing_prevention Parameters None Restrictions None Example To display the ARP spoofing prevention status DGS 3420 28SC admin show arp_spoofing_prevention Command show arp_spoofing_prevention Gateway IP Gateway MAC Ports 192 168 0 1 00 00 00 00 00 01 1 28 Total Entries 1 DGS 3420 28SC admin ...

Page 166: ...command is used to enable the asymmetric VLAN function Format enable asymmetric_vlan Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable asymmetric VLAN setting DGS 3420 28SC admin enable asymmetric_vlan Command enable asymmetric_vlan Success DGS 3420 28SC admin 9 2 disable asymmetric_vlan Description This command is used to ...

Page 167: ...er User level users can issue this command Example To disable asymmetric VLAN setting DGS 3420 28SC admin disable asymmetric_vlan Command disable asymmetric_vlan Success DGS 3420 28SC admin 9 3 show asymmetric_vlan Description This command is used to display the asymmetric VLAN function Format show asymmetric_vlan Parameters None Restrictions None Example To display asymmetric VLAN ...

Page 168: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 163 DGS 3420 28SC admin show asymmetric_vlan Command show asymmetric_vlan Asymmetric Vlan Disabled DGS 3420 28SC admin ...

Page 169: ...at show autoconfig Parameters None Restrictions None Example To display the DHCP auto configuration status DGS 3420 28SC admin show autoconfig Command show autoconfig Autoconfig State Disabled DGS 3420 28SC admin 10 2 enable autoconfig Description This command is used to enable automatically to get configuration from a TFTP server according to the options in the DHCP reply packet To employ this me...

Page 170: ...ble DHCP auto configuration status DGS 3420 28SC admin enable autoconfig Command enable autoconfig Success DGS 3420 28SC admin 10 3 disable autoconfig Description This command is used to disable automatically to get configuration from a TFTP server Format disable autoconfig Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To disable the DHCP a...

Page 171: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 166 DGS 3420 28SC admin disable autoconfig Command disable autoconfig Success DGS 3420 28SC admin ...

Page 172: ...Description Configure the parameters for an L3 interface For IPv4 only the system interface can be specified for the way to get the IP address If the mode is set to BOOTP or DHCP then the IPv4 address will be obtained through the operation of protocols The manual configuration of the IP address will be of no use If the mode is configured to BOOTP or DHCP first and then the user configures IP addre...

Page 173: ...IPv6 related parameters ipv6address The IPv6 address and subnet prefix of the IPV6 address to be created prefix_name Specifies the IPv6 prefix name used here string 1 12 Enter the IPv6 prefix name used here This name can be up to 12 characters long ipv6networkaddr The IPv6 address and subnet prefix of the IPv6 address to be created state Enable or disable the IPv6 state of the IP interface enable ...

Page 174: ...nfig ipif System vlan v1 Command config ipif System vlan v1 Success DGS 3420 28SC admin To configure the DHCPv6 client PD state of the System interface to enabled DGS 3420 28SC admin config ipif System dhcpv6_client_pd enable prefix prefix1 Command config ipif System dhcpv6_client_pd enable prefix_name prefix1 Success DGS 3420 28SC admin To configure the IPv6 address for IP2 interface DGS 3420 28S...

Page 175: ...lt is disabled enable Enable the proxy ARP function disable Disable the proxy ARP function local Optional This setting controls whether the system provides the proxy reply for the ARP packets destined for IP address located on the same interface as the received interface When proxy ARP is enabled for an interface the system will do the proxy reply for the ARP packets destined for an IP address loc...

Page 176: ...l be deleted Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete interface petrovic1 DGS 3420 28SC admin delete ipif petrovic1 Command delete ipif petrovic1 Success DGS 3420 28SC admin 11 4 enable ipif Description This command is used to enable the state for an IPIF When the state is enabled the IPv4 processing will be started when an IPv4 a...

Page 177: ...d is used to disable the state of an interface Format disable ipif ipif_name 12 all Parameters ipif_name 12 The name of the interface all All of the IP interfaces Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the state for an interface DGS 3420 28SC admin disable ipif petrovic1 Command disable ipif petrovic1 Success DGS 3420 28SC admi...

Page 178: ...dmin State Enabled Link Status LinkDown IPv4 Address 10 90 90 90 8 Manual Primary Proxy ARP Disabled Local Disabled IP Directed Broadcast Disabled IPv4 State Enabled DHCPv6 Client State Disabled DHCPv6 Client PD State Enabled DHCPv6 Client PD Prefix Name prefix1 IPv6 Link Local Address FE80 201 2FF FE03 400 128 IPv6 State Enabled IP MTU 1500 DHCP Option12 State Disabled DHCP Option12 Host Name IP ...

Page 179: ... the mask state Specify the interface status enable Specify to enable the interface disable Specify to disable the interface gateway Specify the gateway IP address of the out of band management network ipaddr Specify the gateway IP address Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the out of band management state DGS 3420 28SC adm...

Page 180: ...dress when there are no IPv6 addresses explicitly configured When an IPv6 address is explicitly configured the link local address will be automatically configured and the IPv6 processing will be started When there is no IPv6 address explicitly configured by default link local address is not configured and the IPv6 processing will be disabled By enabling this automatic configuration the link local ...

Page 181: ...ess when no IPv6 address is explicitly configured Format disable ipif_ipv6_link_local_auto ipif_name 12 all Parameters ipif_name 12 The name of the interface all All of the IP interfaces Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the automatic configuration of link local address for an interface DGS 3420 28SC admin disable ipif_ipv...

Page 182: ...to ipif_name 12 Parameters ipif_name 12 Optional The name of the interface Restrictions None Example To display the link local address automatic configuration state DGS 3420 28SC admin show ipif_ipv6_link_local_auto Command show ipif_ipv6_link_local_auto IPIF System Automatic Link Local Address Disabled DGS 3420 28SC admin ...

Page 183: ...port link is up check the show ports err disabled command for the reason Format config bpdu_protection ports portlist all state enable disable mode drop block shutdown 1 Parameters portlist Specify a range of ports to be configured all Specify to set all ports in the system state Specify the BPDU protection state The default state is disabled enable Enable the BPDU protection state disable Disable...

Page 184: ...ed to configure the auto recovery timer To manually recover the port the user needs to disable and re enable the port Format config bpdu_protection recovery_timer sec 60 1000000 infinite Parameters sec 60 1000000 Specify the timer in seconds used by the Auto recovery mechanism to recover the port The valid range is 60 to 1000000 Auto recovery time is 60 seconds by default infinite Specify the port...

Page 185: ...trapped when the BPDU attacks is detected attack_cleared Specify events will be logged or trapped when the BPDU attacks is cleared both Specify the events of attack_detected and attack_cleared shall be trapped or logged Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the BPDU protection trap state as both for the entire switch DGS 342...

Page 186: ..._protection Command enable bpdu_protection Success DGS 3420 28SC admin 12 5 disable bpdu_protection Description This command is used to disable BPDU protection globally for the entire switch Format disable bpdu_protection Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable BPDU protection DGS 3420 28SC admin disable bpdu_pro...

Page 187: ...strictions None Example To display BPDU protection information for the entire switch DGS 3420 28SC admin show bpdu_protection Command show bpdu_protection BPDU Protection Global Settings BPDU Protection Status Disabled BPDU Protection Recover Time 60 seconds BPDU Protection Trap State None BPDU Protection Log State Both DGS 3420 28SC admin To display BPDU protection status for ports 1 to 3 DGS 342...

Page 188: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 183 ...

Page 189: ... Ethernet ports 1 Where the link partner is powered on with no errors and the link is up this command cannot detect the cable length 2 Where the link partner is powered on with errors this command can detect whether the error is open short or crosstalk In this case this command can also detect the distance of the error 3 Where the link partner is powered down with no errors and the link is down th...

Page 190: ...er with no errors and the link is up this command can detect the cable length 12 When there is no link partner with errors this command can detect whether the error is open short or crosstalk In this case this command can also detect the distance of the error The Cable length range that can be detected is as follows Smaller than 50m 50m Between 50m and 80m 50m 80m Between 80m and 100m 80m 100m Gre...

Page 191: ...ink Down Shutdown 25 1 4 1000BASE T Link Down Shutdown 1 5 1000BASE T Link Down Unknown 1 6 1000BASE T Link Down Pair 1 Crosstalk at 30M Pair 2 Crosstalk at 30M Pair 3 OK at 110M Pair 4 OK at 110M 1 7 1000BASE T Link Down NO Cable 1 8 1000BASE T Link Down Pair 1 Open at 16M Pair 2 Open at 16M Pair 3 OK at 50M Pair 4 OK at 50M 1 9 1000BASE T Link Down Pair 1 Short at 5M Pair 2 Short at 5M Pair 3 OK...

Page 192: ...22 ma_index uint 1 4294967295 md string 22 md_index uint 1 4294967295 delete cfm md string 22 md_index uint 1 4294967295 enable cfm disable cfm config cfm ports portlist state enable disable show cfm ports portlist show cfm md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 mepid int 1 8191 mepname string 32 show cfm fault md string 22 md_index uint 1 4294967295 ma str...

Page 193: ...e cfm md Description This command is used to create a CFM maintenance domain Format create cfm md string 22 md_index uint 1 4294967295 level int 0 7 Parameters string 22 Enter the maintenance domain name used here This name can be up to 22 characters long md_index Specifies the maintenance domain index used uint 1 4294967295 Enter the maintenace domain index value used here This value must be betw...

Page 194: ...the default value auto MIPs can always be created on any port in this MD if the port is not configured with an MEP of this MD explicit MIPs can only be created on any port in this MD if the next existing lower level has an MEP configured on that port and that port is not configured with an MEP of this MD sender_id Optional This is the control transmission of the sender ID TLV none Do not transmit ...

Page 195: ...e The maximum length is 22 characters md_index Specifies the maintenance domain index used uint 1 4294967295 Enter the maintenance domain index value used here This value must be between 1 and 4294967295 Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a maintenance association called op1 and assign it to the maintenance domain op_domain ...

Page 196: ...t in this MA if that port is not configured with an MEP of that MA explicit MIPs can be created on any ports in this MA only if the next existing lower level has an MEP configured on that port and that port is not configured with an MEP of this MA defer Inherit the setting configured for the maintenance domain that this MA is associated with This is the default value sender_id Optional This is the...

Page 197: ...rs string 32 Enter the MEP name used here It is unique among all MEPs configured on the device The name can be up to 32 characters long mepid Specify the MEP MEPID It should be configured in the MA s MEPID list int 1 8191 Specify the MEP MEPID between 1 and 8191 md Specify the maintenance domain name string 22 Specify the maintenance domain name The maximum length is 22 characters md_index Specify...

Page 198: ...ors priority 2 5 Some Remote MEP Defect Indications priority 1 If multiple types of the fault occur on an MEP only the fault with the highest priority will be alarmed Format config cfm mep mepname string 32 mepid int 1 8191 md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 state enable disable ccm enable disable pdu_priority int 0 7 fault_alarm all mac_status remote_c...

Page 199: ...t remote_ccm Only the fault alarms whose priority is equal to or higher than Some Remote MEPs Down are sent error_ccm Only the fault alarms whose priority is equal to or higher than Error CCM Received are sent xcon_ccm Only the fault alarms whose priority is equal to or higher than Cross connect CCM Received are sent none No fault alarm is sent alarm_time Specify the time that a defect must exceed...

Page 200: ...s 22 characters md_index Specify the maintenance domain index uint 1 4294967295 Enter the maintenance domain index value here This value must be between 1 and 4294967295 ma Specify the maintenance association name string 22 Specify the maintenance association name The maximum length is 22 characters ma_index Specify the maintenance association index uint 1 4294967295 Enter the maintenance associat...

Page 201: ...index value here This value must be between 1 and 4294967295 Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a created maintenance association DGS 3420 28SC admin delete cfm ma op1 md op_domain Command delete cfm ma op1 md op_domain Success DGS 3420 28SC admin 14 9 delete cfm md Description This command is used to delete a previously cre...

Page 202: ...ce domain DGS 3420 28SC admin delete cfm md op_domain Command delete cfm md op_domain Success DGS 3420 28SC admin 14 10 enable cfm Description This command is used to enable the CFM globally Format enable cfm Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the CFM globally DGS 3420 28SC admin enable cfm Command enable cfm...

Page 203: ...20 28SC admin 14 12 config cfm ports Description This command is used to enable or disable the CFM function on a per port basis By default the CFM function is disabled on all ports If the CFM is disabled on a port 1 MIPs are never created on that port 2 MEPs can still be created on that port and the configuration can be saved 3 MEPs created on that port can never generate or process CFM PDUs If th...

Page 204: ...can issue this command Example To enable the CFM function on ports 2 to 5 DGS 3420 28SC admin config cfm ports 2 5 state enable Command config cfm ports 2 5 state enable Success DGS 3420 28SC admin 14 13 show cfm ports Description This command is used to display the CFM state of specified ports Format show cfm ports portlist Parameters portlist Specify the logical port list Restrictions None Examp...

Page 205: ...967295 Enter the maintenance domain index value here This value must be between 1 and 4294967295 ma Optional Specify the maintenance association name string 22 Specify the maintenance association name The maximum length is 22 characters ma_index Specify the maintenance association index uint 1 4294967295 Enter the maintenance association index value here This value must be between 1 and 4294967295...

Page 206: ... the maintenance domain index uint 1 4294967295 Enter the maintenance domain index value here This value must be between 1 and 4294967295 ma Optional Specify the maintenance association name string 22 Specify the maintenance association name The maximum length is 22 characters ma_index Specify the maintenance association index uint 1 4294967295 Enter the maintenance association index value here Th...

Page 207: ...ntifier If not specified all VLANs are displayed vlanid 1 4094 Specify the VLAN ID between 1 and 4094 Restrictions None Example To display a CFM port DGS 3420 28SC admin show cfm port 1 Command show cfm port 1 MAC Address 00 05 78 82 32 01 MD Name MA Name MEPID Level Direction VID op_domain op1 1 2 inward 2 cust_domain cust1 8 4 inward 2 serv_domain serv2 MIP 3 2 DGS 3420 28SC admin 14 17 cfm lock...

Page 208: ...ter the remote MEP ID used here This value must be between 1 and 8191 action Specifies to start or to stop the management lock function start Specifies to start the management lock function stop Specifies to stop the management lock function Restrictions Only Administrator Operator and Power User level users can issue this command Example To start management lock DGS 3420 28SC admin cfm lock md op...

Page 209: ...4294967295 num Optional Specify the number of LBMs to be sent The default value is 4 int 1 65535 Specify the value between 1 and 65535 length Optional Specify the payload length of the LBM to be sent The default is 0 int 0 1500 Specify the value between 0 and 1500 pattern Optional Specify an amount of data to be included in a Data TLV along with an indication whether the Data TLV is to be included...

Page 210: ... here This value must be between 1 and 4294967295 ma Optional Specify the maintenance association name string 22 Specify the maintenance association name The maximum length is 22 characters ma_index Specifies the MA index value used uint 1 4294967295 Enter the MA index value used here This value must be between 1 and 4294967295 ttl Optional Specify the link trace message TTL value The default valu...

Page 211: ...the maintenance domain name The maximum length is 22 characters md_index Specify the maintenance domain index uint 1 4294967295 Enter the maintenance domain index value here This value must be between 1 and 4294967295 ma Optional Specify the maintenance association name string 22 Specify the maintenance association name The maximum length is 22 characters ma_index Specify the maintenance associati...

Page 212: ...d string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 mepid int 1 8191 mepname string 32 Parameters md Optional Specify the maintenance domain name string 22 Specify the maintenance domain name The maximum length is 22 characters md_index Specifies the MD index value used uint 1 4294967295 Enter the MD index value used here This value must be between 1 and 4294967295 ma Op...

Page 213: ...n is for test purposes According to IEEE 802 1ag a Bridge replies with one LTR to an LTM This command can make all MPs on the LTM s forwarding path reply with LTRs no matter whether they are on a Bridge or not Format config cfm mp_ltr_all enable disable Parameters enable Enable this feature disable Disable this feature Restrictions Only Administrator Operator and Power User level users can issue t...

Page 214: ...g port information of a MAC entry Format show cfm mipccm Parameters None Restrictions None Example To display the MIP CCM database entries DGS 3420 28SC admin show cfm mipccm Command show cfm mipccm MA VID MAC Address Port opma 1 XX XX XX XX XX XX XX 2 opma 1 XX XX XX XX XX XX XX 3 Total 2 DGS 3420 28SC admin 14 24 show cfm mp_ltr_all Description This command is used to display the current configu...

Page 215: ...tx ccm Parameters ports Optional Specify the port counters to display If not specified all ports will be displayed portlist Specify a list of ports rx Optional Display the RX counter If not specified both the RX and TX counters will be displayed tx Optional Display the TX counter If not specified both the RX and TX counters will be displayed rx Optional Display the RX counter If not specified both...

Page 216: ...cnt ports portlist rx tx rx tx ccm Parameters ports Optional Specify the port counters to clear If not specified all ports will be cleared portlist Specify a list of ports rx Optional Clear the RX counter If not specified both the RX and TX counters will be cleared tx Optional Clear the TX counter If not specified both the RX and TX counters will be cleared rx Optional Clear the RX counter If not ...

Page 217: ...tring 32 Specify the MEP name The maximum length is 32 characters md Specify the maintenance domain name string 22 Specify the maintenance domain name The maximum length is 22 characters md_index Specify the maintenance domain index uint 1 4294967295 Enter the maintenance domain index value here This value must be between 1 and 4294967295 ma Specify the maintenance association name string 22 Speci...

Page 218: ...ing 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 mepid int 1 8191 period 1sec 1min level int 0 7 state enable disable Parameters md Specify the maintenance domain name string 22 Specify the maintenance domain name The maximum length is 22 characters md_index Specify the maintenance domain index uint 1 4294967295 Enter the maintenance domain index value here This value must...

Page 219: ...dmin config cfm ais md op domain ma op ma mepid 1 state enable level 5 Command config cfm ais md op domain ma op ma mepid 1 state enable level 5 Success DGS 3420 28SC admin 14 29 config cfm lock md Description This command is used to configure the parameters of the LCK function on an MEP Format config cfm lock md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 mepid in...

Page 220: ...or Operator and Power User level users can issue this command Example To configure the LCK function state as enabled and specify a client level of 5 DGS 3420 28SC admin config cfm lock md op domain ma op ma mepid 1 state enable level 5 Command config cfm lock md op domain ma op ma mepid 1 state enable level 5 Success DGS 3420 28SC admin 14 30 config cfm trap Description This command is used to con...

Page 221: ...GS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 216 Example DGS 3420 28SC admin config cfm trap ais state enable Command config cfm trap ais state enable Success DGS 3420 28SC admin ...

Page 222: ...and is used to display all of the commands available on the current login account level through the Command Line Interface CLI Format Command Parameters Command Optional Specify a command Note If no command is specified the system will display all commands of the corresponding user level Restrictions None Example To display all commands DGS 3420 28SC admin Command cable_diag ports cd cfm linktrace...

Page 223: ...lear igmp_snooping statistic counter clear jwac auth_state clear log clear mac_based_access_control auth_state CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All To display the syntax for config account DGS 3420 28SC admin config account Command config account Command config account Usage username encrypt plain_text sha_1 password Description Used to configure user accounts DGS 3420 28SC a...

Page 224: ...r ports 1 50 direction both config 802 1x capability ports 1 5 authenticator show 802 1x auth_configuration ports 1 show 802 1x auth_state ports 1 5 enable 802 1x show 802 1x auth_state ports 1 5 show igmp_snooping enable igmp_snooping DGS 3420 28SC admin 15 3 config command_history Description This command is used to configure the number of commands that the switch can record The switch can keep ...

Page 225: ...ckable Gigabit Switch CLI Reference Guide 220 Example To configure the number of commands the switch can record to the last 20 commands DGS 3420 28SC admin config command_history 20 Command config command_history 20 Success DGS 3420 28SC admin ...

Page 226: ...nder the booting procedure and the procedure of downloading the configuration to execute immediately all configuration commands should not be logged When the user is under AAA authentication the user name should not changed if user uses enable admin command to replace its privilege Format enable command logging Parameters None Restrictions Only Administrator level users can issue this command Exam...

Page 227: ...None Restrictions Only Administrator level users can issue this command Example To disable the command logging DGS 3420 28SC admin disable command logging Command disable command logging Success DGS 3420 28SC admin 16 3 show command logging Description This command displays the switch s general command logging configuration status Format show command logging Parameters None Restrictions Only Admin...

Page 228: ...anaged Stackable Gigabit Switch CLI Reference Guide 223 Example To show the command logging configuration status DGS 3420 28SC admin show command logging Command show command logging Command Logging State Disabled DGS 3420 28SC admin ...

Page 229: ... This command is used to configure the route type preference The route with smaller preference has higher priority The preference for local routes is fixed to 0 Format config route preference static default rip value 1 999 Parameters static Configure the preference of static route default Configure the preference of default route rip Configure the preference of RIP route value 1 999 Enter the rout...

Page 230: ...e preference of RIP route Restrictions None Example To display the route preference for all route types DGS 3420 28SC admin show route preference Command show route preference Route Preference Settings Protocol Preference RIP 100 Static 60 Default 1 Local 0 DGS 3420 28SC admin 17 3 create route redistribute dst rip src Description This command is used to redistribute routing information from other...

Page 231: ...mple To add route redistribution settings DGS 3420 28SC admin create route redistribute dst rip src static metric 2 Command create route redistribute dst rip src static metric 2 Success DGS 3420 28SC admin 17 4 config route redistribute dst rip src Description This command is used to update the metric to be associated with the redistributed routes from a specific protocol to RIP protocol Format co...

Page 232: ...c Description This command is used to delete the route redistribute configuration on the Switch It specifies to not redistribute other routing protocols to RIP Format delete route redistribute dst rip src local static Parameters src Specifies the source protocol static To not redistribute static routes local To not redistribute local routes Restrictions Only Administrator Operator and Power User l...

Page 233: ...he redistribution with the source static local Display the redistribution with the source local If no parameter is specified the system will display all route redistributions Restrictions None Example To display route redistributions DGS 3420 28SC admin show route redistribute dst rip Command show route redistribute dst rip Route Redistribution Settings Source Destination Type Metric Protocol Prot...

Page 234: ...distribute Parameters None Restrictions None Example To display route redistributions DGS 3420 28SC admin show route redistribute Command show route redistribute Route Redistribution Settings Source Destination Type Metric Protocol Protocol STATIC RIP All 2 LOCAL RIP All 1 Total Entries 2 DGS 3420 28SC admin ...

Page 235: ...authentication show authentication guest_vlan show authentication mac_format show authentication ports portlist enable authorization attributes disable authorization attributes show authorization config authentication server failover local permit block 18 1 create authentication guest_vlan Description This command is used to assign a static VLAN to be a guest VLAN The specific VLAN which is assign...

Page 236: ... enabled as guest VLANs will move to the original VLAN after deleting the guest VLAN Format delete authentication guest_vlan vlan vlan_name 32 vlanid vlanid 1 4094 Parameters vlan Specify the guest VLAN by VLAN name vlan_name 32 Specify the guest VLAN by VLAN name The VLAN name can be up to 32 characters long vlanid Specify the guest VLAN by VLAN ID vlanid 1 4094 Specify the guest VLAN by VLAN ID ...

Page 237: ...est VLAN delete Specify to delete a port list from the guest VLAN ports Specify a port or range of ports to configure portlist Specify a range of ports to configure all Specify to configure all ports Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure authentication for all ports for a guest VLAN called gv DGS 3420 28SC admin config authe...

Page 238: ...elimiter the format is AABBCC DDEEFF 2 Double delimiter the format is AABB CCDD EEFF 5 Multiple delimiter the format is AA BB CC DD EE FF Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the MAC address format to IETF style DGS 3420 28SC admin config authentication mac_format case uppercase delimiter hyphen number 5 Command config auth...

Page 239: ...ntication methods 802 1X MAC and JWAC WAC pass then pass dot1x_impb Dot1x will be verified first and then IMPB will be verified Both authentications need to be passed impb_jwac JWAC will be verified first and then IMPB will be verified Both authentications need to be passed impb_wac WAC will be verified first and then IMPB will be verified Both authentications need to be passed mac_impb MAC will b...

Page 240: ...w authentication Parameters None Restrictions None Example To display the global authentication configuration DGS 3420 28SC admin show authentication Command show authentication Authentication Server Failover Block DGS 3420 28SC admin 18 7 show authentication guest_vlan Description This command is used to display guest VLAN information Format show authentication guest_vlan Parameters None Restrict...

Page 241: ...ion mac_format Description This command is used to display the authentication MAC format setting Format show authentication mac_format Parameters None Restrictions None Example To display the authentication MAC format setting DGS 3420 28SC admin show authentication mac_format Command show authentication mac_format Case Uppercase Delimiter None Delimiter Number 5 DGS 3420 28SC admin 18 9 show authe...

Page 242: ...gs for ports 1 to 3 DGS 3420 28SC admin show authentication ports 1 3 Command show authentication ports 1 3 Port Methods Auth Mode Authentication VLAN s 1 None Host based 2 None Host based 3 None Host based DGS 3420 28SC admin 18 10 enable authorization attributes Description This command is used to enable the authorization global state Format enable authorization attributes Parameters None Restri...

Page 243: ...ion This command is used to disable the authorization global state Format disable authorization attributes Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the authorization global state DGS 3420 28SC admin disable authorization attributes Command disable authorization attributes Success DGS 3420 28SC admin 18 12 show aut...

Page 244: ...local database to authenticate the client If the client fails on local authentication the client is regarded as un authenticated otherwise it authenticated Pass authentication The client is always regarded as authenticated If guest VLAN is enabled clients will stay on the guest VLAN otherwise they will stay on the original VLAN Block the client default setting The client is always regarded as un a...

Page 245: ...kable Gigabit Switch CLI Reference Guide 240 Example To set the authentication server failover state DGS 3420 28SC admin config authentication server failover local Command config authentication server failover local Success DGS 3420 28SC admin ...

Page 246: ..._client packet all receiving sending state enable disable debug dhcpv6_relay state enable debug dhcpv6_relay state disable debug dhcpv6_relay hop_count state enable disable debug dhcpv6_relay output buffer console debug dhcpv6_relay packet all receiving sending state enable disable debug dhcpv6_server packet all receiving sending state enable disable debug dhcpv6_server state disable debug dhcpv6_...

Page 247: ... all debug messages state Specifies the state of the address binding debugging option enable Specifies that the address binding debugging option will be enabled disable Specifies that the address binding debugging option will be disabled Restrictions Only Administrator level users can issue this command Example To print out all debug IMPB messages DGS 3420 28SC admin debug address_binding all stat...

Page 248: ...r Format debug error_log dump clear upload_toTFTP ipaddr path_filename 64 Parameters dump Display the debug message of the debug log clear Clear the debug log upload_toTFTP Upload the debug log to a TFTP server specified by IP address ipaddr Specifies the IPv4 address of the TFTP server path_filename 64 The pathname specifies the DOS pathname on the TFTP server It can be a relative pathname or an ...

Page 249: ... a0 4 00000000 a1 5 4825B4A8 a2 6 00000001 a3 7 00000001 t0 8 814D7FCC t1 9 0000FC00 t2 10 828100C4 t3 11 00000017 t4 12 828100BC t5 13 4CFEA430 t6 14 82810048 t7 15 00000000 s0 16 4825D94A s1 17 4825D890 s2 18 4825D949 s3 19 4825D946 s4 20 00000000 s5 21 00000008 s6 22 81800000 s7 23 00090000 t8 24 00000000 t9 25 FFFFFFC0 k0 26 00000000 k1 27 00000000 gp 28 8180ADA0 sp 29 4CFEA7A0 fp 30 00000001 ...

Page 250: ... execute command such as download and upload firmware or save configuration If you want to execute these commands successfully please use the command debug buffer clear to release the system s memory pool resources manually first Format debug buffer utilization dump clear upload_toTFTP ipaddr path_filename 64 Parameters utilization Display the debug buffer s state dump Display the debug message in...

Page 251: ...one Upload configuration Done DGS 3420 28SC admin 19 5 debug output Description Use the command to set a specified module s debug message output to debug buffer or local console If the user uses the command in a Telnet session the error message also is output to the local console Note When selecting to output to the debug buffer and there are debug messages being outputted the system memory pool w...

Page 252: ...ug config error_reboot Description This command is used to set if the switch needs to be rebooted when a fatal error occurs When the error occurs the watchdog timer will be disabled by the system first and then all debug information will be saved in NVRAM If the error_reboot is enabled the watchdog shall be enabled after all information is stored into NVRAM Format debug config error_reboot enable ...

Page 253: ...e of the debug Format debug config state enable disable Parameters enable Enable the debug state disable Disable the debug state Restrictions Only Administrator level users can issue this command Example To set the debug state to disabled DGS 3420 28SC admin debug config state disable Command debug config state disable Success DGS 3420 28SC admin 19 8 debug show error_reboot state Description Use ...

Page 254: ...3420 28SC admin 19 9 debug stp clear counter Description This command used to clear the STP counters Format debug stp clear counter ports portlist all Parameters ports Specifies the port range portlist Enter the list of port used for this configuration here all Clears all port counters Restrictions Only Administrator level users can issue this command Example To clear all STP counters on the switc...

Page 255: ...ing bpdu Debug the BPDU s that have been received and transmitted state_machine Debug the state change of the STP state machine all Debug all of the above state Specifies the state of the debug mechanism disable Disables the debug mechanism brief Sets the debug level to brief detail Sets the debug level to detail Restrictions Only Administrator level users can issue this command Example To configu...

Page 256: ...3420 28SC admin debug stp show counter ports 9 Command debug stp show counter ports 9 STP Counters Port 9 Receive Transmit Total STP Packets 32 Total STP Packets 32 Configuration BPDU 0 Configuration BPDU 0 TCN BPDU 0 TCN BPDU 0 RSTP TC Flag 15 RSTP TC Flag 7 RST BPDU 32 RST BPDU 32 Discard Total Discarded BPDU 0 Global STP Disabled 0 Port STP Disabled 0 Invalid Packet Format 0 Invalid Protocol 0 ...

Page 257: ...he debug STP levels on all ports DGS 3420 28SC admin debug stp show flag Command debug stp show flag Global State Enabled Port Index Event flag BPDU Flag State Machine Flag 1 Detail Brief Disable 2 Detail Brief Disable 3 Detail Brief Disable 4 Detail Brief Disable 5 Detail Brief Disable 6 Detail Brief Disable 7 Detail Brief Disable 8 Detail Brief Disable 9 Detail Brief Disable 10 Detail Brief Disa...

Page 258: ...es Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 253 Format debug stp show information Parameters None Restrictions Only Administrator level users can issue this command Example To show STP debug information ...

Page 259: ...04 00 External Root Cost 0 Regional Root Bridge 32768 00 01 02 03 04 00 Internal Root Cost 0 Designated Bridge 32768 00 01 02 03 04 00 Designated Port 0 Message Age 0 Max Age 20 Forward Delay 15 Hello Time 2 Instance 1 Regional Root Bridge 32769 00 01 02 03 04 00 Internal Root Cost 0 Designated Bridge 32769 00 01 02 03 04 00 Designated Port 0 Remaining Hops 20 Designated Priority And Times Instanc...

Page 260: ...le the STP debug state Restrictions Only Administrator level users can issue this command Example To configure the STP debug state to enable and then disable the STP debug state DGS 3420 28SC admin debug stp state enable Command debug stp state enable Success DGS 3420 28SC admin debug stp state disable Command debug stp state disable Success DGS 3420 28SC admin 19 15 debug dhcpv6_client state enab...

Page 261: ...and debug dhcpv6_client state enable Success DGS 3420 28SC admin 19 16 debug dhcpv6_client state disable Description This command is used to disable the DHCPv6 client Debug function Format debug dhcpv6_client state enable Parameters None Restrictions Only Administrator level users can issue this command Example To disabled DHCPv6 client debug function DGS 3420 28SC admin debug dhcpv6_client state ...

Page 262: ...GS 3420 28SC admin debug dhcpv6_client output console Command debug dhcpv6_client output console Success DGS 3420 28SC admin 19 18 debug dhcpv6_client packet Description Used to enable or disable debug information flag for DHCPv6 client packet including packet receiving and sending Format debug dhcpv6_client packet all receiving sending state enable disable Parameters all Optional Set packet recei...

Page 263: ...and debug dhcpv6_client packet sending state enable Success DGS 3420 28SC admin 19 19 debug dhcpv6_relay state enable Description This command is used to enable the DHCPv6 relay Debug function Format debug dhcpv6_relay state enable Parameters None Restrictions Only Administrator level users can issue this command Example To enabled DHCPv6 relay debug function DGS 3420 28SC admin debug dhcpv6_relay...

Page 264: ...function DGS 3420 28SC admin debug dhcpv6_relay state disable Command debug dhcpv6_relay state disable Success DGS 3420 28SC admin 19 21 debug dhcpv6_relay hop_count state Description This command is used to enable or disable debug information flag about the hop count Format debug dhcpv6_relay hop_count state enable disable Parameters state Specifies the hop count debugging state enable Specifies ...

Page 265: ...ug dhcpv6_relay output buffer console Parameters output Specifies the location of the debug message output buffer Let the debug message output to buffer console Let the debug message output to console Restrictions Only Administrator level users can issue this command Example To set debug information to output to console DGS 3420 28SC admin debug dhcpv6_relay output console Command debug dhcpv6_rel...

Page 266: ...this command Example To enabled DHCPv6 relay packet sending debug DGS 3420 28SC admin debug dhcpv6_relay packet sending state enable Command debug dhcpv6_relay packet sending state enable Success DGS 3420 28SC admin 19 24 debug dhcpv6_server packet Description This command is used to enable or disable the debug information flag of the DHCPv6 server packet including packets receiving and sending Fo...

Page 267: ...3420 28SC admin 19 25 debug dhcpv6_server state disable Description This command is used to disable the DHCPv6 server debug functions Format debug dhcpv6_server state disable Parameters None Restrictions Only Administrator level users can issue this command Example To disabled the DHCPv6 server debug function DGS 3420 28SC admin debug dhcpv6_server state disable Command debug dhcpv6_server state d...

Page 268: ...flag interface packet all rx tx route all state enable disable Parameters interface Optional Specifies the state of the RIPng interface debug The default setting is disabled packet Optional Specifies which packets should be set with debug flags all Specifies to set all packets with debug flags rx Specifies to set inbound packets with debug flag tx Specifies to set outbound packets with debug flag ...

Page 269: ...interface state enable Success DGS 3420 28SC admin After enabling RIPng on an interface the following information may appear when the interface state changes The RIPng interface System has changed the link state to down 19 28 debug ripng show flag Description This command is used to display the RIPng debug flag setting Format debug ripng show flag Parameters None Restrictions Only Administrator le...

Page 270: ...in 19 29 debug ripng state disable Description This command is used to disable the RIPng debugging state Format debug ripng state disable Parameters None Restrictions Only Administrator level users can issue this command Example To disable RIPng debug globally DGS 3420 28SC admin debug ripng state disable Command debug ripng state disable Success DGS 3420 28SC admin 19 30 debug ripng state enable ...

Page 271: ...tate enable Success DGS 3420 28SC admin 19 31 debug show status Description Show the debug handler state and the specified module s debug status If the input module list is empty the states of all registered modules which support debug module will be shown Format debug show status module module_list Parameters module Optional Specifies the module list module_list Enter the module list here Restric...

Page 272: ...Disable CLI Enable SNMP Disable IGMP Enable Prompt 19 32 debug show address_binding binding_state_table Description This command is used to display the binding state of the entries in the binding state table Format debug show address_binding binding_state_table nd_snooping dhcpv6_snooping Parameters nd_snooping Specifies to debug ND Snooping bound addresses in the binding state table dhcpv6_snoopi...

Page 273: ...tries 2 DGS 3420 28SC admin To display the ND Snooping binding state of entries DGS 3420 28SC admin debug show address_binding binding_state_table nd_snooping Command debug show address_binding binding_state_table nd_snooping S State S Start Q Query B Bound Time Expiry Time sec IP Address MAC Address S Time Port 2001 2222 1111 7777 5555 6666 7777 8888 00 00 00 00 00 02 S 50 5 2001 1 00 00 00 00 03...

Page 274: ... error ports box_id all sio1 Box ID 1 SIO 1 RX Frames TX Frames CRC Error 0 Excessive Deferral 0 Undersize 0 CRC Error 0 Oversize 0 Late Collision 0 Fragment 0 Excessive Collision 0 Jabber 0 Single Collision 0 Buffer Full Drop 0 Collision 0 Symbol Error 0 STP Drop 0 Multicast Drop 0 HOL DROP 0 VLAN Ingress Drop 0 COS0 HOL DROP 0 STP Drop 0 COS1 HOL DROP 0 MTU Drop 0 COS2 HOL DROP 0 COS3 HOL DROP 0...

Page 275: ...FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF Connection DB No Host Current AUTH DB _jwac...

Page 276: ...et statistics information of the SIO port DGS 3420 28SC admin debug show packet ports box_id all sio1 Command debug show packet ports box_id all sio1 Box ID 1 SIO 1 Frame Size Type Frame Counts Frames sec 64 0 0 65 127 0 0 128 255 0 0 256 511 0 0 512 1023 0 0 1024 1518 0 0 1519 2047 0 0 2048 4095 0 0 4096 9216 0 0 Unicast RX 0 0 Multicast RX 0 0 Broadcast RX 0 0 CTRL C ESC q Quit SPACE n Next Page...

Page 277: ...fy that the configured VRRP debug flag will be enabled disable Specify that the configured VRRP debug flag will be disabled Restrictions Only Administrator level can issue this command Example To enable the VRRP virtual router state change debug flag DGS 3420 28SC admin debug vrrp vr_state_change state enable Command debug vrrp vr_state_change state enable Success DGS 3420 28SC admin To enable all...

Page 278: ... 28SC admin debug vrrp timers state enable Command debug vrrp timers state enable Success DGS 3420 28SC admin 19 37 debug vrrp clear counter Description This command is used to reset the VRRP debug statistic counters Format debug vrrp clear counter Parameters None Restrictions Only Administrator level can issue this command Example To clear VRRP statistic counters DGS 3420 28SC admin debug vrrp cl...

Page 279: ...enabled disable Specify that the VRRP debug log state will be disabled Restrictions Only Administrator level can issue this command Example To enable the VRRP debug log state DGS 3420 28SC admin debug vrrp log state enable Command debug vrrp log state enable Success DGS 3420 28SC admin 19 39 debug vrrp show counter Description This command is used to display the VRRP debug statistic counters Forma...

Page 280: ...r Command debug vrrp show counter VRRP debug statistic counters Received ADV 9 Drop 52 Auth fail 0 Sent ADV 0 DGS 3420 28SC admin 19 40 debug vrrp show flag Description This command is used to display VRRP debug flag settings Format debug vrrp show flag Parameters None Restrictions Only Administrator level can issue this command Example To display VRRP debug flag settings ...

Page 281: ...packet sending mac address update interface change timer DGS 3420 28SC admin 19 41 debug vrrp show log state Description The command is used to display the VRRP debug log state Format debug vrrp show log state Parameters None Restrictions Only Administrator level can issue this command Example To display the VRRP debug log state DGS 3420 28SC admin debug vrrp show log state Command debug vrrp show...

Page 282: ...ug state Format debug vrrp state enable disable Parameters enable Specify that the VRRP debug state will be enabled disable Specify that the VRRP debug state will be disabled Restrictions Only Administrator level can issue this command Example To enable the VRRP debug state DGS 3420 28SC admin debug vrrp state enable Command debug vrrp state enable Success DGS 3420 28SC admin ...

Page 283: ... command This is done to minimise the risk with rogue DHCP servers Enabling the dhcp_local_relay feature will restore the broadcast behaviour and cause DHCP packets to also be broadcasted on the specified VLAN Note When dhcp_local_relay is enabled the Switch will automatically add a DHCP Option 82 and the source MAC address and gateway address in the packet will remain unchanged Format config dhcp...

Page 284: ...N ID used to enabled DHCP local relay vlan_id 1 4094 Enter the VLAN ID used here state Enable or disable DHCP local relay for a specified VLAN enable Enable DHCP local relay for a specified VLAN disable Disable DHCP local relay for a specified VLAN Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable DHCP local relay for the default VLAN DGS ...

Page 285: ...lay Command enable dhcp_local_relay Success DGS 3420 28SC admin 20 4 disable dhcp_local_relay Description This command is used to globally disable the DHCP local relay function on the switch Format disable dhcp_local_relay Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the DHCP local relay function DGS 3420 28SC admin d...

Page 286: ...d to display the current DHCP local relay configuration on the switch Format show dhcp_local_relay Parameters None Restrictions None Example To display the local DHCP relay status DGS 3420 28SC admin show dhcp_local_relay Command show dhcp_local_relay DHCP BOOTP Local Relay Status Disabled DHCP BOOTP Local Relay VID List 1 3 4 DGS 3420 28SC admin ...

Page 287: ...able config dhcp_relay option_82 check enable disable config dhcp_relay option_82 policy replace drop keep config dhcp_relay option_82 remote_id default user_define desc 32 config dhcp_relay option_82 state enable disable enable dhcp_relay disable dhcp_relay show dhcp_relay ipif ipif_name 12 show dhcp_relay option_60 string multiword 255 ipaddress ipaddr default show dhcp_relay option_61 config dh...

Page 288: ...ich the switch must relay the DHCP BOOTP request The minimum time value must be between 0 and 65535 seconds Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the DHCP relay DGS 3420 28SC admin config dhcp_relay hops 4 time 2 Command config dhcp_relay hops 4 time 2 Success DGS 3420 28SC admin 21 2 config dhcp_relay add ipif Description T...

Page 289: ...nfig dhcp_relay delete ipif Description This command is used to delete an IP destination address from the switch s DHCP relay table Format config dhcp_relay delete ipif ipif_name 12 ipaddr Parameters ipif_name 12 Specify the name of the IP interface which contains the IP address below ipaddr Specify the DHCP BOOTP server IP address Restrictions Only Administrator Operator and Power User level user...

Page 290: ... the specified string Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure DHCP Option 60 to decide to relay which DHCP server DGS 3420 28SC admin config dhcp_relay option_60 add string abc relay 10 90 90 1 exact match Command config dhcp_relay option_60 add string abc relay 10 90 90 1 exact match Success DGS 3420 28SC admin 21 5 config dh...

Page 291: ...config dhcp_relay option_60 default mode drop Success DGS 3420 28SC admin 21 6 config dhcp_relay option_60 delete Description This command is used to delete a DHCP Option 60 entry When all is specified all rules excluding the default rules are deleted Format config dhcp_relay option_60 delete string multiword 255 relay ipaddr ipaddress ipaddr all default ipaddr Parameters string Delete all the ent...

Page 292: ... decide whether DHCP relay will process the DHCP Option 60 or not When Option 60 is enabled if the packet does not have Option 60 then the relay servers cannot be determined based on Option 60 The relay servers will be determined based on either Option 61 or per IPIF configured servers Format config dhcp_relay option_60 state enable disable Parameters enable Specify to enable the DHCP relay functi...

Page 293: ...s Specify the client s client ID which is the hardware address of the client macaddr Specify the client s client ID which is the MAC address of the client string Specify the client s client ID which is specified by administrator desc_long 255 Specify the client s client ID which is specified by administrator The client ID string can be up to 255 characters long relay Specify to relay the packet to...

Page 294: ...ns Only Administrator Operator and Power User level users can issue this command Example To configure the DHCP Option 61 default action to drop DGS 3420 28SC admin config dhcp_relay option_61 default drop Command config dhcp_relay option_61 default drop Success DGS 3420 28SC admin 21 10 config dhcp_relay option_61 delete Description This command is used to delete Option 61 rules Format config dhcp...

Page 295: ...ers cannot be determined based on Option 61 If the relay servers are determined based on Option 60 or Option 61 then per IPIF configured servers will be ignored If the relay servers are not determined either by Option 60 or Option 61 then per IPIF configured servers will be used to determine the relay servers Format config dhcp_relay option_61 state enable disable Parameters enable Specify to enab...

Page 296: ...isable The default setting is disabled Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the checking mechanism of the DHCP relay agent information Option 82 DGS 3420 28SC admin config dhcp_relay option_82 check disable Command config dhcp_relay option_82 check disable Success DGS 3420 28SC admin 21 13 config dhcp_relay option_82 policy...

Page 297: ...User level users can issue this command Example To configure the policy of DHCP relay agent information Option 82 DGS 3420 28SC admin config dhcp_relay option_82 policy replace Command config dhcp_relay option_82 policy replace Success DGS 3420 28SC admin 21 14 config dhcp_relay option_82 remote_id Description This command is used to configure the remote ID string of the DHCP relay agent informati...

Page 298: ...Option 82 field before being relayed to server The DHCP packet will be processed based on the behavior defined in the check and policy setting disable When the state is disabled the DHCP packet will be relayed directly to the server without further check and processing of the packet Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the ...

Page 299: ...dmin enable dhcp_relay Command enable dhcp_relay Success DGS 3420 28SC admin 21 17 disable dhcp_relay Description This command is used to disable the DHCP relay function on the switch Format disable dhcp _relay Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the DHCP relay function DGS 3420 28SC admin disable dhcp_relay ...

Page 300: ...lay configurations Restrictions None Example To display the DHCP relay status DGS 3420 28SC admin show dhcp_relay Command show dhcp_relay DHCP BOOTP Relay Status Disabled DHCP BOOTP Hops Count Limit 4 DHCP BOOTP Relay Time Threshold 0 DHCP Vendor Class Identifier Option 60 State Disabled DHCP Client Identifier Option 61 State Disabled DHCP Relay Agent Information Option 82 State Disabled DHCP Rela...

Page 301: ...ional Display the entry whose IP ipaddress equals the specified IP address ipaddr Enter the IP address here default Optional Display the default behaviour of DHCP relay option 60 Note If no parameter is specified all DHCP option 60 entries will be displayed Restrictions None Example To display the DHCP option 60 entries DGS 3420 28SC admin show dhcp_relay option_60 Command show dhcp_relay option_6...

Page 302: ...meters None Restrictions None Example To display the DHCP option 61 entries DGS 3420 28SC admin show dhcp_relay option_61 Command show dhcp_relay option_61 Default Relay Rule Drop Matching Rules Client ID Type Relay Rule abc String Drop abcde String 10 90 90 1 00 11 22 33 44 55 MAC Address Drop Total Entries 3 DGS 3420 28SC admin 21 21 config dhcp_relay ports Description This command is used to co...

Page 303: ...r the specified port s will be disabled Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the DHCP relay function on ports 1 to 3 DGS 3420 28SC admin config dhcp_relay ports 1 1 1 3 state enable Command config dhcp_relay ports 1 1 1 3 state enable Success DGS 3420 28SC admin 21 22 show dhcp_relay ports Description This command is used to s...

Page 304: ...Guide 299 DGS 3420 28SC admin show dhcp_relay ports 1 1 1 10 Command show dhcp_relay ports 1 1 1 10 Port DHCP Relay State 1 1 Enabled 1 2 Enabled 1 3 Enabled 1 4 Enabled 1 5 Enabled 1 6 Enabled 1 7 Enabled 1 8 Enabled 1 9 Enabled 1 10 Enabled Total Entries 10 DGS 3420 28SC admin ...

Page 305: ..._name 12 begin_address ipaddr end_address ipaddr config dhcp pool option_43 pool_name 12 add string multiword 255 delete enable dhcp class disable dhcp class create dhcp class class_name 12 config dhcp class class_name 12 add option int string multiword 255 hex string 255 delete option int delete dhcp class class_name 12 show dhcp class class_name 12 config dhcp ping_packets number 0 10 config dhc...

Page 306: ...ecify the starting address of the IP address range ipaddr Specify the starting address of the IP address range end_address Specify the ending address of the IP address range ipaddr Specify the ending address of the IP address range Restrictions Only Administrator Operator and Power User level users can issue this command Example To specify the IP address that DHCP server should not assign to clien...

Page 307: ...Administrator Operator and Power User level users can issue this command Example To delete a DHCP server exclude address DGS 3420 28SC admin delete dhcp excluded_address begin_address 10 10 10 1 end_address 10 10 10 10 Command delete dhcp excluded_address begin_address 10 10 10 1 end_address 10 10 10 10 Success DGS 3420 28SC admin 22 3 show dhcp excluded_address Description This command is used to...

Page 308: ...o create a DHCP pool by specifying a name After creating a DHCP pool use other DHCP pool configuration commands to configure parameters for the pool Format create dhcp pool pool_name 12 Parameters pool_name 12 Specify the name of the DHCP pool Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a DHCP pool DGS 3420 28SC admin create dhcp poo...

Page 309: ...its that comprise the address prefix The prefix is an alternative way of specifying the network mask of the client The prefix length must be preceded by a forward slash When the DHCP server receives a request from the client the server will automatically find a pool to allocate the address If the request is relayed to the server by the intermediate device the server will match the gateway IP addre...

Page 310: ...tes the address for the client from this pool The domain name configured here will be used as the default domain name by the client By default the domain name is empty If the domain name is empty the domain name information will not be provided to the client Format config dhcp pool domain_name pool_name 12 domain_name 64 Parameters pool_name 12 Specify the DHCP pool name domain_name 64 Optional Sp...

Page 311: ...strator Operator and Power User level users can issue this command Example To configure the DNS server s IP address DGS 3420 28SC admin config dhcp pool dns_server nyknicks 10 10 10 1 Command config dhcp pool dns_server nyknicks 10 10 10 1 Success DGS 3420 28SC admin 22 9 config dhcp pool netbios_name_server Description This command is used to specify the NetBIOS WINS server that is available to a...

Page 312: ...he NetBIOS node type for a Microsoft DHCP client The NetBIOS node type for Microsoft DHCP clients can be one of four settings broadcast peer to peer mixed or hybrid Use this command to configure a NetBIOS over TCP IP device that is described in RFC 1001 1002 By default the NetBIOS node type is broadcast Format config dhcp pool netbios_node_type pool_name 12 broadcast peer_to_peer mixed hybrid Para...

Page 313: ...as the client If the default router is not specified the default router information will not be provided to the client If this command is input twice for the same pool the second command will overwrite the first command The default router must be within the range the network defined for the DHCP pool Format config dhcp pool default_router pool_name 12 ipaddr ipaddr ipaddr Parameters pool_name 12 S...

Page 314: ...inite Specify a lease of unlimited duration Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the lease of a pool DGS 3420 28SC admin config dhcp pool lease nyknicks infinite Command config dhcp pool lease nyknicks infinite Success DGS 3420 28SC admin 22 13 config dhcp pool boot_file Description This command is used to specify the name ...

Page 315: ...t_server Description This command is used by the DHCP client boot process typically a TFTP server If next server information is not specified it will not be provided to the client If this command is input twice for the same pool the second command will overwrite the first command Format config dhcp pool next_server pool_name 12 ipaddr Parameters pool_name 12 Specify the DHCP pool name ipaddr Optio...

Page 316: ...P pool class table class_name 12 Enter the DHCP class s name used here This name can be up to 12 characters long begin_address Optional Specifies the beginning address of IP address range ipaddr Enter the beginning IP address used for the DHCP pool here end_address Optional Specifies the ending address of IP address range ipaddr Enter the ending IP address used for the DHCP pool here Restrictions ...

Page 317: ...ption 43 string Specifies the DHCP Option 43 string used multiword 255 Enter the DHCP Option 43 string used here This string can be up to 255 characters long delete Specifies to delete the DHCP Option 43 Restrictions Only Administrator and Operator level users can issue this command Example To add a DHCP Option 43 for a DHCP pool DGS 3420 28SC admin config dhcp pool option_43 pool1 add string abc ...

Page 318: ...admin enable dhcp class Command enable dhcp class Success DGS 3420 28SC admin 22 18 disable dhcp class Description This command is used to enable the DHCP class function on the Switch Format disable dhcp class Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the DHCP class function DGS 3420 28SC admin disable dhcp class Co...

Page 319: ...o create a DHCP class DGS 3420 28SC admin create dhcp class class2 Command create dhcp class class2 Success DGS 3420 28SC admin 22 20 config dhcp class Description This command is used to add or delete an option to or from DHCP server class The user can use the string or hex parameters to add a value for the option The value of DHCP client packet s option needs exactly match it The user can use a ...

Page 320: ... can issue this command Example To add option 60 using hex format and not using wildcard character DHCP client packet s option 60 should have 8 bytes matching the specified hex pattern DGS 3420 28SC admin config dhcp class class1 add option 60 hex 4d53465420352e30 Command config dhcp class class1 add option 60 hex 4d53465420352e30 Success DGS 3420 28SC admin To add option 60 using hex format and u...

Page 321: ...characters long Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a DHCP class DGS 3420 28SC admin delete dhcp class class2 Command delete dhcp class class2 Success DGS 3420 28SC admin 22 22 show dhcp class Description This command is used to display the current DHCP class configuration Format show dhcp class class_name 12 Parameters class...

Page 322: ... the DHCP server sends to an IP address before assigning this address to a requesting client By default the DHCP server pings a pool address twice before assigning the address to a DHCP client If the ping is unanswered the DHCP server assumes with a high probability that the address is not in use and assigns the address to the requesting client If the ping is answered the server will discard the c...

Page 323: ... out a ping packet Format config dhcp ping_timeout millisecond 10 2000 Parameters millisecond 10 2000 Specify the amount of time the DHCP server must wait before timing out a ping packet The default value is 100 Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the time out value for ping packets DGS 3420 28SC admin config dhcp ping_tim...

Page 324: ...Format create dhcp pool manual_binding pool_name 12 ipaddr hardware_address macaddr type ethernet ieee802 Parameters pool_name 12 Specify the DHCP pool name ipaddr Specify the IP address which will be assigned to a specified client hardware_address Specify the hardware MAC address macaddr Enter the MAC address here type Optional Specify the DHCP pool manual binding type ethernet Specify Ethernet t...

Page 325: ...nding engineering 10 10 10 1 Command delete dhcp pool manual_binding engineering 10 10 10 1 Success DGS 3420 28SC admin 22 27 clear dhcp binding Description This command is used to clear a binding entry or all binding entries in a pool or clears all binding entries in all pools Note that this command will not clear the dynamic binding entry which matches a manual binding entry Format clear dhcp bi...

Page 326: ...p binding pool_name 12 Parameters pool_name 12 Optional Specify a DHCP pool name Restrictions None Example To display dynamic binding entries for engineering DGS 3420 28SC admin show dhcp binding engineering Command show dhcp binding engineering Pool Name IP Addresss Hardware Address Type Status Lifetime engineering 192 168 0 1 00 80 C8 08 13 88 Ethernet Manual 86400 engineering 192 168 0 2 00 80 ...

Page 327: ...y the DHCP pool name Restrictions None Example To display the current DHCP pool information for engineering DGS 3420 28SC admin show dhcp pool engineering Command show dhcp pool engineering Pool Name engineering Network Address 10 10 10 0 24 Domain Name dlink com DNS Server 10 10 10 1 NetBIOS Name Server 10 10 10 1 NetBIOS Node Type Broadcast Default Router 10 10 10 1 Pool Lease 10 Days 0 Hours 0 ...

Page 328: ...p pool manual_binding Pool Name IP Address Hardware Address Type p1 192 168 0 1 00 80 C8 08 13 88 Ethernet p1 192 168 0 2 00 80 C8 08 13 99 Ethernet Total Entries 2 DGS 3420 28SC admin 22 31 enable dhcp_server Description This command is used to enable the DHCP server function If DHCP relay is enabled DHCP server cannot be enabled The opposite is also true For Layer 2 switches if DHCP client is en...

Page 329: ...e dhcp_server Command enable dhcp_server Success DGS 3420 28SC admin 22 32 disable dhcp_server Description This command is used to disable the DHCP server function on the switch Format disable dhcp_server Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the Switch s DHCP server DGS 3420 28SC admin disable dhcp_server Comm...

Page 330: ...To display the DHCP server status DGS 3420 28SC admin show dhcp_server Command show dhcp_server DHCP Server Global State Disabled Ping Packet Number 2 Ping Timeout 100 ms DGS 3420 28SC admin 22 34 clear dhcp conflict_ip Description This command is used to clear an entry or all entries from the conflict IP database Format clear dhcp conflict_ip ipaddr all Parameters ipaddr Specify the IP address to...

Page 331: ...her an IP address is conflicting with other hosts before binding this IP The IP address which has been identified in conflict will be moved to the conflict IP database The system will not attempt to bind the IP address in the conflict IP database unless the user clears it from the conflict IP database Format show dhcp conflict_ip ipaddr Parameters ipaddr Optional Specify the IP address to be displ...

Page 332: ...an issue this command Example To create a DHCP option profile DGS 3420 28SC admin create dhcp option_profile profile1 Command create dhcp option_profile profile1 Success DGS 3420 28SC admin 22 37 config dhcp option_profile Description This command is used to configure an option to and from a DHCP server option profile Format config dhcp option_profile profile_name 12 add option value 1 254 string ...

Page 333: ...alue used value 1 254 Enter the option value used here This must be between 1 and 254 Restrictions Only Administrator Operator and Power User level users can issue this command Example To add option 69 using HEX format DGS 3420 28SC admin config dhcp option_profile profile1 add option 69 hex c0a800fe Command config dhcp option_profile profile1 add option 69 hex c0a800fe Success DGS 3420 28SC admin...

Page 334: ...r level users can issue this command Example To delete a DHCP option profile DGS 3420 28SC admin delete dhcp option_profile profile1 Command delete dhcp option_profile profile1 Success DGS 3420 28SC admin 22 39 show dhcp option_profile Description This command is used to display the current DHCP option profile configuration Format show dhcp option_profile profile_name 12 Parameters profile_name 12...

Page 335: ...ion_profile pool_name 12 add delete profile_name 12 Parameters pool_name 12 Enter the DHCP pool name here This name can be up to 12 characters long add Specifies to add an option profile to a DHCP pool configured on this switch delete Specifies to delete an option profile from a DHCP pool configured on this switch profile_name 12 Enter the DHCP server option profile name here This name can be up t...

Page 336: ...Switch CLI Reference Guide 331 DGS 3420 28SC admin To delete an option profile from a DHCP pool DGS 3420 28SC admin config dhcp pool option_profile pool1 delete profile1 Command config dhcp pool option_profile pool1 delete profile1 Success DGS 3420 28SC admin ...

Page 337: ...r icmpv6_ra_all_node trap enable disable show filter icmpv6_ra_all_node delete filter icmpv6_ra_all_node permit sip ipv6addr 23 1 config filter dhcp_server Description This command has two purposes to specify to filter all DHCP server packets on the specific port and to specify to allow some DHCP server packets with pre defined server IP addresses and client MAC addresses With this function we can...

Page 338: ...figure all ports state Specify the port status enable Enable the state disable Disable the state illegal_server_log_suppress_duration Specify the illegal server log suppression duration 1min Specify an illegal server log suppression duration of 1 minute 5min Specify an illegal server log suppression duration of 5 minutes 30min Specify an illegal server log suppression duration of 30 minutes Restri...

Page 339: ...nd Power User level users can issue this command Example To enable the log for a DHCP server filter event DGS 3420 28SC admin config filter dhcp_server log enable Command config filter dhcp_server log enable Success DGS 3420 28SC admin 23 3 config filter dhcp_server trap Description This command is used to enable or disable the trap for a DHCP server filter event Format config filter dhcp_server t...

Page 340: ... This command is used to display the DHCP server client filter list created on the switch Format show filter dhcp_server Parameters None Restrictions None Example To display the DHCP server client filter list created on the switch DGS 3420 28SC admin show filter dhcp_server Command show filter dhcp_server Enabled Ports 1 28 Trap State Enabled Log State Enabled Illegal Server Log Suppress Duration ...

Page 341: ...st Enter the list of ports used for this configuration here all Specifies that all ports will be used for this configuration Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a Filter DHCPv6 server permit entry on port 5 DGS 3420 28SC admin create filter dhcpv6_server permit sip 2200 5 ports 1 5 Command create filter dhcpv6_server permit s...

Page 342: ... port s and receive the trust packets from the specific source This feature can be protected network usable when a malicious host sends the DHCPv6 server packets Format config filter dhcpv6_server ports portlist all state enable disable Parameters portlist Enter the list of ports used for this configuration here all Specifies that all ports will be used for this configuration state Specifies wheth...

Page 343: ... enabled The trap for filter DHCPv6 server will be sent out disable Specifies that the trap for the filter DHCPv6 server will be disabled Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the filter DHCPv6 server trap state DGS 3420 28SC admin config filter dhcpv6_server trap enable Command config filter dhcpv6_server trap enable Success D...

Page 344: ...al Entries 1 DGS 3420 28SC admin 23 10 delete filter dhcpv6_server permit sip Description This command is used to delete a filter DHCPv6 server permit entry Format delete filter dhcpv6_server permit sip ipv6addr Parameters ipv6addr Enter the source IPv6 address of the entry here Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete permit entr...

Page 345: ...s filter DHCPv6 server function is enabled or disabled enable Specifies that the filter option is enabled disable Specifies that the filter option is disabled Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a filter ICMPv6 RA All nodes permit entry on port 5 DGS 3420 28SC admin create filter icmpv6_ra_all_node permit sip 2200 5 ports 1 5...

Page 346: ...er ICMPv6 RA all nodes function is used to filter the ICMPv6 RA all nodes packets on the specific port s and receive the trust packets from the specific source This feature can be protected network usable when a malicious host sends ICMPv6 RA all nodes packets Note It only needs to filter the packet of which the destination address is the all nodes multicast address FF02 1 Format config filter icm...

Page 347: ...bled no trap will be sent out Format config filter icmpv6_ra_all_node trap enable disable Parameters enable Specifies that the trap for the filter ICMPv6 RA all nodes will be enabled The trap for filter ICMPv6 RA all nodes will be sent out disable Specifies that the trap for the filter ICMPv6 RA all nodes will be disabled Restrictions Only Administrator Operator and Power User level users can issu...

Page 348: ..._ra_all_node Enabled ports 1 1 1 8 Trap State Enabled Log State Enabled Permit Source Address Table Source IP Address Port 2200 5 1 5 Total Entries 1 DGS 3420 28SC admin 23 16 delete filter icmpv6_ra_all_node permit sip Description This command is used to delete a filter ICMPv6 RA all nodes permit entry Format delete filter icmpv6_ra_all_node permit sip ipv6addr Parameters ipv6addr Enter the sourc...

Page 349: ...dministrator Operator and Power User level users can issue this command Example To delete permit entry from the filter ICMPv6 RA all nodes forward list DGS 3420 28SC admin delete filter icmpv6_ra_all_node permit sip 2200 4 Command delete filter icmpv6_ra_all_node permit sip 2200 4 Success DGS 3420 28SC admin ...

Page 350: ...cpv6_relay ipif ipif_name 12 24 1 enable dhcpv6_relay Description This command is used to enable the DHCPv6 relay function on the Switch Format enable dhcpv6_relay Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the DHCPv6 relay global state to enable DGS 3420 28SC admin enable dhcpv6_relay Command enable dhcpv6_relay ...

Page 351: ...relay Success DGS 3420 28SC admin 24 3 config dhcpv6_relay hop_count Description Configure the DHCPv6 relay hop_count of the switch Format config dhcpv6_relay hop_count value 1 32 Parameters hop_count Specifies the number of relay agents that have relayed this message The default value is 4 value 1 32 Enter the hop count number here This value must be between 1 and 32 Restrictions Only Administrat...

Page 352: ...n from the DHCPv6 relay table ipif The name of the IP interface in which DHCPv6 relay is to be enabled ipif_name 12 Enter the IP interface name here This name can be up to 12 characters long ipv6addr The DHCPv6 server IP address Restrictions Only Administrator Operator and Power User level users can issue this command Example To add a DHCPv6 server to the relay table DGS 3420 28SC admin config dhc...

Page 353: ...or Operator and Power User level users can issue this command Example To configure the DHCPv6 relay state of the System interface to enable DGS 3420 28SC admin config dhcpv6_relay ipif System state enable Command config dhcpv6_relay ipif System state enable Success DGS 3420 28SC admin 24 6 show dhcpv6_relay Description This command will display the current DHCPv6 relay configuration of all interfa...

Page 354: ...s Enabled Server Address IP Interface n90 DHCPv6 Relay Status Enabled Server Address IP Interface n1000 DHCPv6 Relay Status Enabled Server Address Total Entries 3 DGS 3420 28SC admin To show the DHCPv6 relay configuration of System interface DGS 3420 28SC admin show dhcpv6_relay ipif System Command show dhcpv6_relay ipif System DHCPv6 Relay Global State Disabled DHCPv6 Hops Count Limit 4 IP Interf...

Page 355: ...nfig dhcpv6 pool prefix_delegation pool_name 12 ipv6networkaddr value 1 128 ipif_name 12 show dhcpv6 manual_binding pool_name 12 show dhcpv6 binding pool_name 12 clear dhcpv6 binding pool_name 12 enable dhcpv6_server disable dhcpv6_server show dhcpv6_server ipif ipif_name 12 config dhcpv6 pool excluded_address pool_name 12 add begin ipv6addr end ipv6addr delete begin ipv6addr end ipv6addr all show...

Page 356: ...ers pool Specifies the DHCPv6 pool to be removed pool_name 12 Enter the DHCPv6 pool name to be removed here This name can be up to 12 characters long all Specifies that all the DHCPv6 pools will be removed Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete the DHCPv6 pool by specifying the pool name pool1 DGS 3420 28SC admin delete dhcpv6 p...

Page 357: ...er Address 2000 ff 2000 fe Preferred Lifetime 604800 sec Valid Lifetime 2592000 sec Total Pool Entry 1 DGS 3420 28SC admin 25 4 config dhcpv6 pool ipv6network_addr Description This command is used to configure the range of IPv6 network addresses for the DHCPv6 pool The IPv6 addresses in the range are free to be assigned to any DHCPv6 client When the DHCPv6 server receives a request from the client...

Page 358: ...addr Parameters pool_name 12 Enter the DHCPv6 pool name used here This name can be up to 12 characters long begin Specifies the beginning IPv6 network address of the DHCPv6 pool ipv6networkaddr Enter the beginning IPv6 network address of the DHCPv6 pool here end Specifies the ending IPv6 network address of the DHCPv6 pool ipv6networkaddr Enter the ending IPv6 network address of the DHCPv6 pool her...

Page 359: ...config dhcpv6 pool domain_name pool1 dlink com Success DGS 3420 28SC admin 25 6 config dhcpv6 pool dns_server Description This command is used to configure the DNS server s IPv6 addresses for a specific DHCPv6 pool Users may add up to two DNS Server addresses If DNS server is not specified the DNS server information will not be provided to the client Users could delete a DNS server address in the ...

Page 360: ...Valid lifetime the length of time an address remains in the valid state i e the time until invalidation When the valid lifetime expires the address becomes invalid The valid lifetime must be greater than or equal to the preferred lifetime Format config dhcpv6 pool lifetime pool_name 12 preferred_lifetime sec 60 4294967295 valid_lifetime sec 60 4294967295 Parameters pool_name 12 Enter the DHCPv6 po...

Page 361: ... string 28 delete ipv6addr ipv6networkaddr all Parameters pool_name 12 Enter the DHCPv6 pool name used here This name can be up to 12 characters long add Specifies the IPv6 address that will statically be bound to a device ipv6addr Enter the IPv6 address used for the static bind here ipv6networkaddr Enter the IPv6 network address used for the static bind here client_duid Specifies the DUID of the ...

Page 362: ... 12 characters long ipv6networkaddr Enter the IPv6 prefix assigned to the pool here value 1 128 Enter the length of the prefix in bits assigned to the user from the pool here The value of the assigned length argument cannot be less than the value of the prefix length ipif_name 12 Enter the name of the IP interface used for this prefix delegation Restrictions Only Administrator Operator and Power U...

Page 363: ...6 manual_binding Command show dhcpv6 manual_binding Pool Name net100 Entry 1 IPv6 Address 3000 100 1 ABCD DUID 00030006001572200700 Pool Name net91 Entry 1 IPv6 Address 3000 91 1 100 DUID 00030006aabbcc000000 Entry 2 IPv6 Address 3000 91 1 101 DUID 00030006aabbcc000001 Total Entries 3 DGS 3420 28SC admin 25 11 show dhcpv6 binding Description This command is used to show the DHCPv6 dynamic binding ...

Page 364: ... admin show dhcpv6 binding Command show dhcpv6 binding Pool Name net90 IPv6 Address 3000 90 1 7 DUID 0003000600cd14517000 Preferred s 120 Valid s 240 Pool Name net100 2 IPv6 Address 3000 100 1 1 DUID 00030006001572200300 Preferred s 120 Valid s 240 Total Entries 2 DGS 3420 28SC admin 25 12 clear dhcpv6 binding Description This command is used to clear the DHCPv6 dynamic binding information Format ...

Page 365: ...420 28SC admin 25 13 enable dhcpv6_server Description This command is used to enable the DHCPv6 server function on the Switch Format enable dhcpv6_server Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the DHCPv6 server global state to enable DGS 3420 28SC admin enable dhcpv6_server Command enable dhcpv6_server Success...

Page 366: ...able DGS 3420 28SC admin disable dhcpv6_server Command disable dhcpv6_server Success DGS 3420 28SC admin 25 15 show dhcpv6_server Description This command is used to display the DHCPv6 server setting Format show dhcpv6_server ipif ipif_name 12 Parameters ipif Optional Specifies the IP interface name to be displayed ipif_name 12 Enter the IP interface name to be displayed here This name can be up t...

Page 367: ...luded address range for a specified pool begin Specifies the beginning IPv6 address of the range of IPv6 addresses to be excluded from the DHCPv6 pool ipv6addr Enter the beginning IPv6 address used here end Specifies the ending IPv6 address of the range of IPv6 addresses to be excluded from the DHCPv6 pool ipv6addr Enter the ending IPv6 address used here delete Specifies to delete one or all exclu...

Page 368: ...hcpv6 pool excluded_address pool1 add begin 2000 3 end 2000 8 Success DGS 3420 28SC admin 25 17 show dhcpv6 excluded_address Description This command is used to display the groups of IPv6 addresses which are excluded from the legal assigned IPv6 address Format show dhcpv6 excluded_address pool_name 12 Parameters pool_name 12 Optional Enter the DHCPv6 pool name used here This name can be up to 12 c...

Page 369: ...S 3420 28SC admin 25 18 config dhcpv6_server ipif Description This command is used to configure the DHCPv6 Server state per interface Format config dhcpv6_server ipif ipif_name 12 all state enable disable Parameters ipif Specifies the IP interface used ipif_name 12 Enter the IP interface name used This name can be up to 12 characters long all Specifies that all the IP interfaces will used state Sp...

Page 370: ...it Switch CLI Reference Guide 365 Example To configure the DHCPv6 Server state of System Interface to enable DGS 3420 28SC admin config dhcpv6_server ipif System state enable Command config dhcpv6_server ipif System state enable Success DGS 3420 28SC admin ...

Page 371: ...bm high_warning mw_or_dbm low_warning mw_or_dbm state enable disable shutdown alarm warning none show ddm show ddm ports portlist status configuration config ddm power_unit mw dbm 26 1 config ddm Description The command configures the DDM log and trap action when encountering an exceeding alarm or warning thresholds event Format config ddm trap log enable disable Parameters trap Specify whether to...

Page 372: ...ow_alarm mw_or_dbm high_warning mw_or_dbm low_warning mw_or_dbm state enable disable shutdown alarm warning none Parameters portlist Enter the range of ports to be configured here all Specify that all the optic ports operating parameters will be configured temperature_threshold Specify the threshold of the optic module s temperature in centigrade At least one parameter shall be specified for this ...

Page 373: ... warning When the operating parameter falls below this value the action associated with the warning is taken milliampere Enter the low threshold warning value here tx_power_threshold Specify the threshold of the optic module s output power high_alarm Optional Specify the high threshold for the alarm When the operating parameter rises above this value the action associated with the alarm is taken m...

Page 374: ...dmin config ddm ports 1 21 temperature_threshold high_alarm 84 9555 low_alarm 10 high_warning 70 low_warning 2 25251 Command config ddm ports 1 21 temperature_threshold high_alarm 84 9555 low_alarm 10 high_warning 70 low_warning 2 25251 Success DGS 3420 28SC admin To configure the port 21 s voltage threshold DGS 3420 28SC admin config ddm ports 1 21 voltage_threshold high_alarm 4 25 low_alarm 2 5 ...

Page 375: ...ld DGS 3420 28SC admin config ddm ports 1 21 rx_power_threshold high_alarm 4 55 low_alarm 0 01 high_warning 3 5 low_warning 0 03 Command config ddm ports 1 21 rx_power_threshold high_alarm 4 55 low_alarm 0 01 high_warning 3 5 low_warning 0 03 Success DGS 3420 28SC admin To configure port 21 s actions associate with the alarm DGS 3420 28SC admin config ddm ports 1 21 state enable shutdown alarm Com...

Page 376: ... the administrative configuration and the operation configuration threshold For the optic port when a particular threshold was configured by user it will be shown in this command with a tag indicating that it is a threshold that user configured else it would be the threshold read from the optic module that is being inserted Format show ddm ports portlist status configuration Parameters portlist Op...

Page 377: ... Port 1 21 DDM State Enabled Shutdown Alarm Threshold Temperature Voltage Bias Current TX Power RX Power in Celsius V mA mW mW High Alarm 84 9555 A 4 2500 A 7 2500 A 0 6250 A 4 5500 A Low Alarm 10 0000 A 2 5000 A 0 0040 A 0 0060 A 0 0100 A High Warning 70 0000 A 3 5000 A 0 5000 A 0 5500 A 3 5000 A Low Warning 2 2525 A 3 0000 A 0 0080 A 0 0080 A 0 0300 A A means that the threshold is administrative...

Page 378: ...LI Reference Guide 373 Restrictions Only Administrator and Operator level users can issue this command Example To configure the DDM TX and RX power unit as dBm DGS 3420 28SC admin config ddm power_unit dbm Command config ddm power_unit dbm Success DGS 3420 28SC admin ...

Page 379: ...tatic domain_name 32 ipaddr Parameters primary Specify to indicate that the IP address below is the address of the primary DNS server secondary Specify to indicate that the IP address below is the address of the secondary DNS server nameserver Specify the IP address of the DNS nameserver ipaddr Specify the IP address of the DNS nameserver add Specify to add the DNS relay function delete Specify to...

Page 380: ... 3420 28SC admin To delete the entry dns1 with IP address 10 24 22 5 from the DNS static table DGS 3420 28SC admin config dnsr delete static dns1 10 24 22 5 Command config dnsr delete static dns1 10 24 22 5 Success DGS 3420 28SC admin 27 2 enable dnsr Description This command is used to enable DNS relay Format enable dnsr cache static Parameters cache Specify to enable the cache lookup for the DNS...

Page 381: ...relay DGS 3420 28SC admin enable dnsr static Command enable dnsr static Success DGS 3420 28SC admin 27 3 disable dnsr Description This command is used to disable DNS relay on the switch Format disable dnsr cache static Parameters cache Optional Specify to disable the cache lookup for the DNS relay on the switch static Optional Specify to disable the static table lookup for the DNS relay on the swi...

Page 382: ...in To disable static table lookup for DNS relay DGS 3420 28SC admin disable dnsr static Command disable dnsr static Success DGS 3420 28SC admin 27 4 show dnsr Description This command is used to display the current DNS relay configuration and static entries Format show dnsr static Parameters static Optional Specify to display the static entries in the DNS relay table If this parameter is omitted t...

Page 383: ...3420 28SC admin show dnsr Command show dnsr DNSR Status Disabled Primary Name Server 0 0 0 0 Secondary Name Server 0 0 0 0 DNSR Cache Status Disabled DNSR Static Table Status Disabled DNS Relay Static Table Domain Name IP Address www 123 com tw 10 12 12 123 Total Entries 1 DGS 3420 28SC admin ...

Page 384: ...tic dynamic enable dns_resolver disable dns_resolver 28 1 config name_server add Description This command is used to add a DNS resolver name server to the Switch Format config name_server add ipaddr ipv6addr primary Parameters ipaddr Enter the DNS Resolver name server IPv4 address used here ipv6addr Enter the DNS Resolver name server IPv6 address used here primary Optional Specifies that the name ...

Page 385: ...DNS Resolver name server IPv4 address used here ipv6addr Enter the DNS Resolver name server IPv6 address used here primary Optional Specifies that the name server is a primary name server Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete DNS Resolver name server 10 10 10 10 DGS 3420 28SC admin config name_server delete 10 10 10 10 Command ...

Page 386: ...nd Power User level users can issue this command Example To configure DNS Resolver name server time out to 10 seconds DGS 3420 28SC admin config name_server timeout 10 Command config name_server timeout 10 Success DGS 3420 28SC admin 28 4 show name_server Description This command is used to display the current DNS Resolver name servers and name server time out on the Switch Format show name_server...

Page 387: ...tion This command is used to create the static host name entry of the Switch Format create host_name name 255 ipaddr ipv6addr Parameters name 255 Enter the hostname used here This name can be up to 255 characters long ipaddr Enter the host IPv4 address used here ipv6addr Enter the host IPv6 address used here Restrictions Only Administrator Operator and Power User level users can issue this command...

Page 388: ...will be deleted Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete the static host name entry www example com DGS 3420 28SC admin delete host_name www example com Command delete host_name www example com Success DGS 3420 28SC admin 28 7 show host_name Description This command is used to display the current host name Format show host_name st...

Page 389: ...m IP Address 10 90 90 10 Host Name hostname2 com IPv6 Address 3000 3 Total Static Entries 2 Dynamic Host Name Table Total Dynamic Entries 0 DGS 3420 28SC admin 28 8 enable dns_resolver Description This command is used to enable the DNS Resolver state of the Switch Format enable dns_resolver Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command E...

Page 390: ...disable dns_resolver Description This command is used to disable the DNS Resolver state of the Switch Format disable dns_resolver Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the DNS Resolver state to disabled DGS 3420 28SC admin disable dns_resolver Command disable dns_resolver Success DGS 3420 28SC admin ...

Page 391: ... action drop state enable disable 1 Parameters land_attack Optional Specifies that the DoS attack prevention type will be set to prevent LAND attacks blat_attack Optional Specifies that the DoS attack prevention type will be set to prevent BLAT attacks tcp_null_scan Optional Specifies that the DoS attack prevention type will be set to prevent TCP Null Scan attacks tcp_xmasscan Optional Specifies t...

Page 392: ...ion is drop DGS 3420 28SC admin config dos_prevention dos_type land_attack blat_attack action drop state enable Command config dos_prevention dos_type land_attack blat_attack action drop state enable Success DGS 3420 28SC admin 29 2 config dos_prevention log Description This command is used to enable or disable the DoS prevention log state Format config dos_prevention log enable disable Parameters...

Page 393: ...o enable the DoS prevention trap state disable Specifies to disable the DoS prevention trap state Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the DoS prevention trap DGS 3420 28SC admin config dos_prevention trap disable Command config dos_prevention trap disable Success DGS 3420 28SC admin 29 4 show dos_prevention Description This c...

Page 394: ...ort Less than 1024 attack information will be displayed ping_death_attack Optional Specifies that only DoS Ping of Death attack information will be displayed tcp_tiny_frag_attack Optional Specifies that only DoS TCP Tiny Frag attack information will be displayed Restrictions None Example To display DoS prevention information DGS 3420 28SC admin show dos_prevention Command show dos_prevention Trap ...

Page 395: ...ommand show dos_prevention land_attack DoS Type Land Attack State Enabled Action Drop Frame Counts DGS 3420 28SC admin To display DoS prevention information of Blat Attack DGS 3420 28SC admin show dos_prevention blat_attack Command show dos_prevention blat_attack DoS Type Blat Attack State Enabled Action Drop Frame Counts DGS 3420 28SC admin ...

Page 396: ... be used portlist Enter the list of ports used for this configuration here all Specifies that all the ports will be used for this configuration state Optional Specifies these ports unidirectional link detection status The default state is disabled enable Specifies that the unidirectional link detection status will be enabled disable Specifies that the unidirectional link detection status will be d...

Page 397: ... ports to be display portlist Enter the list of ports to be displayed here If no ports are specified all the ports will be displayed Restrictions None Example To show ports 1 4 unidirectional link detection information DGS 3420 28SC admin config duld ports 1 2 4 state enable Commands config duld ports 1 2 4 state enable Success DGS 3420 28SC admin show duld ports 1 4 Command show duld ports 1 4 Po...

Page 398: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 393 DGS 3420 28SC admin ...

Page 399: ... s on the Switch Format config eee ports portlist all state enable disable Parameters portlist Specify a range of ports to be configured all Specify to configure all ports state Specify the EEE state The default is disabled enable Enable the EEE function for the specified port s disable Disable the EEE function for the specified port s Restrictions Only Administrator and Operator level users can i...

Page 400: ... on the specified port s Format show eee ports portlist Parameters portlist Optional Specify a list of ports to be displayed Restrictions None Example To display the EEE state DGS 3420 28SC admin show eee ports 1 1 1 6 1 9 Command show eee ports 1 1 1 6 1 9 Port State 1 1 Disabled 1 2 Enabled 1 3 Enabled 1 4 Enabled 1 5 Enabled 1 6 Disabled 1 9 Disabled DGS 3420 28SC admin ...

Page 401: ... 10000 guard_time millisecond 10 2000 wtr_time min 5 12 1 config erps log enable disable config erps trap enable disable show erps raps_vlan vlanid 1 4094 sub_ring 32 1 enable erps Description This command is used to enable the ERPS function on a switch STP and LBD should be disabled on the ring ports before enabling ERPS ERPS cannot be enabled before the R APS VLAN is created and ring ports an RP...

Page 402: ...in enable erps Command enable erps Success DGS 3420 28SC admin 32 2 disable erps Description This command is used to disable the ERPS function on the switch Format disable erps Parameters None The ERPS is disabled by default Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable ERPS DGS 3420 28SC admin disable erps Command disable erps Succes...

Page 403: ...id 1 4094 Specify the VLAN which will be the R APS VLAN Restrictions Only Administrator Operator and Power User level users can issue this command Example To create an ERPS RAPS VLAN DGS 3420 28SC admin create erps raps_vlan 4094 Command create erps raps_vlan 4094 Success DGS 3420 28SC admin 32 4 delete erps raps_vlan Description This command is used to delete an R APS VLAN on the switch When an R...

Page 404: ...icipates in the ERPS ring Restrictions apply for ports that are included in a link aggregation group A link aggregation group can be configured as a ring port by specifying the master port of the link aggregation port Only the master port can be specified as a ring port If the specified link aggregation group is eliminated the master port retains its ring port status If the ring port is configured...

Page 405: ...ure recovery event R APS PDU with NR flag and start the guard timer before the guard timer expires all received R APS messages are ignored by this ring node Therefore the blocking state of the recovered link will not be recovered within this period of time This time should be greater than the maximum expected forwarding delay for which one R APS message circles around the ring WTR timer WTR timer ...

Page 406: ...pecifies the sub ring configuration information raps_vlan Specify the R APS VLAN vlanid Enter the R APS VLAN ID used here tc_propagation Specifies to configure the state of the topology change propagation for the sub ring state Specifies the propagation state of the topology change for the sub ring enable Enable the propagation state of the topology change for the sub ring disable Disable the prop...

Page 407: ...rameter DGS 3420 28SC admin config erps raps_vlan 4094 rpl_port west Command config erps raps_vlan 4094 rpl_port west Success DGS 3420 28SC admin config erps raps_vlan 4094 rpl_owner enable Command config erps raps_vlan 4094 rpl_owner enable Success DGS 3420 28SC admin To set the R APS protected VLAN parameter DGS 3420 28SC admin config erps raps_vlan 4094 protected_vlan add vlanid 10 20 Command c...

Page 408: ...sabled disable Disable the log state Restrictions Only Administrator Operator and Power User level users can issue this command Example To set the log state DGS 3420 28SC admin config erps log enable Command config erps log enable Success DGS 3420 28SC admin 32 7 config erps trap Description This command is used to configure trap state of ERPS events Format config erps trap enable disable Paramete...

Page 409: ...ration will not apply to state machine immediately The ERPS will run protocol by previous configuration which is valid If the admin value is different from the operational value it means that the new configuration is not applied Both RPL port and RPL owner have admin value and operational value the reason is same as ring port If ERPS function is disabled on a ring the admin value of this ring shal...

Page 410: ...s Command show erps Global Status Enabled Log Status Enabled Trap Status Disabled R APS VLAN 4094 ERPS Status Disabled Admin West Port 1 5 Operational West Port 1 5 Forwarding Admin East Port 1 7 Operational East Port 1 7 Forwarding Admin RPL Port West port Operational RPL Port West port Admin Owner Enabled Operational Owner Enabled Protected VLANs 10 20 Ring MEL 1 Holdoff Time 100 milliseconds Gu...

Page 411: ... user to define the alarm event associated with each channel Format config external_alarm unit unit_id channel value 1 2 message sentence 1 128 Parameters unit Optional Specifies the unit ID to be displayed unit_id Enter the unit ID used here channel Specifies which channel is selected to configure value 1 2 Enter the channel number used here This value must be either 1 or 2 message Specifies the ...

Page 412: ...al_alarm Description This command is used to display the status of the external alarm Format show external_alarm unit unitlist Parameters unit Optional Specifies the unit ID to be displayed unit_id Enter the unit ID used here Restrictions None Example To display the real time status of the external alarm DGS 3420 28SC admin show external_alarm Command show external_alarm Unit Channel Status Messag...

Page 413: ...ic aging_time security show multicast vlan_filtering_mode vlanid vidlist vlan vlan_name 32 34 1 create fdb Description This command is used to make an entry into the switch s unicast MAC address forwarding database Format create fdb vlan_name 32 macaddr port port drop Parameters vlan_name 32 Specify a VLAN name associated with a MAC address The maximum length is 32 characters macaddr Specify the M...

Page 414: ...will always forward traffic to the specified device through this port port Specify the port number corresponding to the MAC destination address drop Specify to have the switch drop traffic Restrictions Only Administrator Operator and Power User level users can issue this command Example To create an unicast MAC forwarding DGS 3420 28SC admin create fdb vlanid 1 00 11 22 33 44 55 port 1 5 Command c...

Page 415: ... 00 00 00 01 01 Command create multicast_fdb default 01 00 00 00 01 01 Success DGS 3420 28SC admin 34 4 config multicast_fdb Description This command is used to add or remove some ports from the outgoing portlist of the specified multicast MAC forwarding entry The VLAN name and MAC address is used to uniquely identify the entry Format config multicast_fdb vlan_name 32 macaddr add delete portlist P...

Page 416: ... set the age out timer for the switch s dynamic unicast MAC address forwarding tables Format config fdb aging_time sec 10 1000000 Parameters sec 10 1000000 Specify the time in seconds that a dynamically learned MAC address will remain in the switch s MAC address forwarding table without being accessed before being dropped from the database The range of the value is 10 to 1000000 The default value ...

Page 417: ...hat the multicast packet destination MAC address matched in the forwarding table will be forwarded according to the forwarding entry The multicast packet destination MAC address not found in the forwarding table will be forwarded on the whole VLAN This is the default configuration filter_unregistered_groups Specify the filtering mode as filter_unregistered_groups The multicast packet destination M...

Page 418: ...lt 00 00 00 00 01 02 Command delete fdb default 00 00 00 00 01 02 Success DGS 3420 28SC admin 34 8 clear fdb Description This command is used to clear the switch s forwarding database of all dynamically learned MAC addresses Format clear fdb vlan vlan_name 32 port port all Parameters vlan Specify the name of the VLAN on which the MAC address resides vlan_name 32 The maximum length is 32 characters...

Page 419: ...e name of the VLAN on which the MAC address resides vlan_name 32 The maximum length is 32 characters vlanid Optional Specifies the VLAN ID on which the MAC address resides vidlist Enter the VLAN ID list used here mac_address Optional Specify a MAC address for which FDB entries will be displayed macaddr Specify a MAC address for which FDB entries will be displayed Note If no parameter is specified ...

Page 420: ...32 The maximum length is 32 characters vlanid Optional Specify to display the entries by VLAN ID list vidlist Specify to display the entries by VLAN ID list mac_address Optional Specify the MAC address macaddr Specify the MAC address static Optional Specify to display all permanent entries aging_time Specify to display the unicast MAC address aging time security Specify to display the security set...

Page 421: ...vlanid Optional Specify to display the multicast filtering mode for specified VLANs indicated by the VLAN ID list vidlist Enter the VLAN ID list used here vlan Optional Specify to display the multicast filtering mode for a specified VLAN indicated by VLAN name vlan_name 32 Enter the VLAN name used here This name can be up to 32 characters long Restrictions None Example To show multicast filtering ...

Page 422: ..._id pathname recursive move unit unit_id drive_id pathname unit unit_id drive_id pathname copy unit unit_id drive_id pathname unit unit_id drive_id pathname change drive unit unit_id drive_id 35 1 show storage_media_info Description This command is used to display storage media information Format show storage_media_info unit unit_id all Parameters unit Specifies the unit ID in the stacking system ...

Page 423: ...t_id Enter the unit ID value here drive_id Specifies the drive ID If not specified it refers to the current drive pathname Specify the directory to be created The path name can be specified either as a full path name or partial name For a partial path name it indicates the directory is in the current directory Restrictions Only Administrator and Operator level users can issue this command Example ...

Page 424: ...ates the file is in the current directory Restrictions Only Administrator and Operator level users can issue this command Example To delete an empty directory DGS 3420 28SC admin rd c abc Command rd c abc Success DGS 3420 28SC admin 35 4 cd Description This command is used to change the current directory The user can change the current directory to another drive using this command The current driv...

Page 425: ...played If a user lists the system directory the used space will be shown Format dir unit unit_id drive_id pathname Parameters unit Specifies the unit ID in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID value here drive_id Specifies the drive ID If not specified it refers to the current drive pathname Optional Specify the directory to be listed The path...

Page 426: ...d is used to rename a file in the file system The pathname specifies the file in path form to be renamed and the file name specifies the new file name If the path name is not a full path then it refers to a path under the current directory for the drive The renamed file will stay in the same directory Format rename unit unit_id drive_id pathname filename Parameters unit Specifies the unit ID in th...

Page 427: ...unit_id drive_id pathname Parameters unit Specifies the unit ID in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID value here drive_id Specifies the drive ID If not specified it refers to the current drive pathname Specify the file to be deleted If it is specified in the associated form then it is related to the current directory Restrictions Only Admini...

Page 428: ...drive will be formatted to support a FAT32 file system label_name Optional Enter the label name used for this drive here Restrictions Only Administrator and Operator level users can issue this command Example To format media DGS 3420 28SC admin format d fat32 Command format d fat32 Formatting Done DGS 3420 28SC admin 35 9 del Description This command is used to delete a file It is also used to del...

Page 429: ...n del cfg Command del cfg Are you sure to remove the boot up Configuration from this device y n y Success DGS 3420 28SC admin To delete a directory with the parameter recursive DGS 3420 28SC admin del d1 recursive Command del d1 recursive Success DGS 3420 28SC admin 35 10 move Description This command is used to move a file around the file system Note that when a file is moved it can be specified ...

Page 430: ...n move c log txt c abc log1 txt Command move c log txt c abc log1 txt Success DGS 3420 28SC admin 35 11 copy Description This command is used to copy a file to another file in the file system Format copy unit unit_id drive_id pathname unit unit_id drive_id pathname Parameters unit Specifies the unit ID in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID v...

Page 431: ... is used to change the current drive Format change drive unit unit_id drive_id Parameters unit Optional Specifies a unit ID if in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID here drive_id Specifies the drive ID The format of drive_id is c or d Restrictions None Example To change the current drive DGS 3420 28SC admin change drive unit 3 c Command chan...

Page 432: ...nds in this file will share the same access profile Format config filter extensive_netbios portlist all state enable disable Parameters portlist Specify the port or range of ports to configure all Specify to configure all ports state Specify the status of the filter to block the NetBIOS packets over 802 3 frames enable Enable the filter to block the NetBIOS packets over 802 3 frames disable Disabl...

Page 433: ...admin 36 3 config filter netbios Description This command is used to configure the Switch to deny NetBIOS packets on the network Enabling of the filter NetBIOS state will create one access profile and three access rules per port automatically UDP ports 137 and138 and TCP port 139 Filter commands in this file will share the same access profile Format config filter netbios portlist all state enable ...

Page 434: ...admin config filter netbios 1 10 state enable Command config filter netbios 1 10 state enable Success DGS 3420 28SC admin 36 4 show filter netbios Description This command is used to display the NetBIOS filter state on the switch Format show filter netbios Parameters None Restrictions None Example To display the NetBIOS filter state DGS 3420 28SC admin show filter netbios Command show filter netbi...

Page 435: ...s_arp Description This command is used to enable the gratuitous ARP trap and log state The switch can trap and log the IP conflict event to inform the administrator Format enable gratuitous_arp ipif ipif_name 12 trap log 1 Parameters ipif Optional The interface name of the L3 interface ipif_name 12 Specify the interface name The maximum length is 12 characters trap Specify trap The trap is disable...

Page 436: ...strictions Only Administrator Operator and Power User level users can issue this command Example To disable gratuitous ARP the trap and the log state DGS 3420 28SC admin disable gratuitous_arp ipif System trap log Command disable gratuitous_arp ipif System trap log Success DGS 3420 28SC admin 37 3 config gratuitous_arp learning Description This command is used to enable or disable learning of ARP ...

Page 437: ...that is sent by an IP address that matches the system s own IP address In this case the system knows that somebody out there is using an IP address that conflicts with that of the system In order to reclaim the correct host of this IP address the system can send out the gratuitous ARP request packet for this duplicate IP address Format config gratuitous_arp send dup_ip_detected enable disable Para...

Page 438: ...hen the IPIF status becomes up disable Disable the sending of gratuitous ARP requests when the IPIF status becomes up Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the sending of gratuitous ARP requests when the IP interface status becomes up DGS 3420 28SC admin config gratuitous_arp send ipif_status_up enable Command config gratuitous...

Page 439: ...8SC admin config gratuitous_arp send periodically ipif System interval 5 Command config gratuitous_arp send periodically ipif System interval 5 Success DGS 3420 28SC admin 37 7 show gratuitous_arp Description This command is used to display gratuitous ARP configuration Format show gratuitous_arp ipif ipif_name 12 Parameters ipif Optional The interface name of the L3 interface ipif_name 12 Specify ...

Page 440: ... Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 435 IP Interface Name System Gratuitous ARP Trap Disabled Gratuitous ARP Log Enabled Gratuitous ARP Periodical Send Interval 0 Total Entries 1 DGS 3420 28SC admin ...

Page 441: ...list source_ip ipaddr unsolicited_report_interval sec 0 25 1 show igmp_proxy group 38 1 enable igmp_proxy Description This command is used to enable the IGMP proxy on the switch Format enable igmp_proxy Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the IGMP proxy DGS 3420 28SC admin enable igmp_proxy Command enable igmp...

Page 442: ...ys the server role on the downstream interfaces The downstream interface must be an IGMP snooping enabled VLAN Format config igmp_proxy downstream_if add delete vlan vlan_name 32 vlanid vidlist Parameters add Specify to add a downstream interface delete Specify to delete a downstream interface vlan Specify the VLAN by name or ID vlan_name 32 Specify a name of VLAN which will be added to or deleted...

Page 443: ...pstream_if vlan vlan_name 32 vlanid vlanid 1 4094 router_ports add delete portlist source_ip ipaddr unsolicited_report_interval sec 0 25 1 Parameters vlan Specify the VLAN for the upstream interface vlan_name 32 Specify a VLAN name between 1 and 32 characters vlanid Specify the VLAN ID for the upstream interface 1 4094 Specify the VLAN ID between 1 and 4094 router_ports Specify a list of ports tha...

Page 444: ...onfiguration information or group information on the switch The display status item means group entry is determined by whether or not the chip is inserted Format show igmp_proxy group Parameters group Optional Specify the group information Note If the group is not specified the IGMP proxy configuration will be displayed Restrictions None Example To display IGMP proxy information DGS 3420 28SC admi...

Page 445: ...3420 28SC admin To display the IGMP proxy s group information DGS 3420 28SC admin show igmp_proxy group Command show igmp_proxy group Dest V The destination VLAN A Active I Inactive Dest IP Source IP Dest V Member Ports Status 224 2 2 2 NULL 4 3 6 A 2 2 4 I 227 3 1 5 NULL 2 2 5 8 I 3 5 7 9 A Total Entries 2 DGS 3420 28SC admin ...

Page 446: ...mp_snooping rate_limit ports portlist vlanid vlanid_list create igmp_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipaddr config igmp_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipaddr add delete portlist delete igmp_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipaddr show igmp_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipaddr show igmp_sno...

Page 447: ...ction If enabled the membership is immediately removed when the system receive the IGMP leave message enable Enable the IGMP snooping fast leave function disable Disable the IGMP snooping fast leave function proxy_reporting Specifies the proxy reporting option state Specifies the proxy reporting state enable Specifies that the proxy reporting option will be enabled disable Specifies that the proxy...

Page 448: ... is the querier This interval is calculated as follows robustness variable x query interval 0 5 x query response interval 14 Last member query count Number of group specific queries sent before the router assumes there are no local members of a group The default number is the value of the robustness variable value 1 7 Specify the value between 1 and 7 Increase the value if you expect a subnet to b...

Page 449: ...cast enabled routers This will ensure that all packets with such a router as its destination will reach the multicast enabled router regardless of protocol Format config router_ports vlan_name 32 vlanid vlanid_list add delete portlist Parameters vlan_name 32 Specify the name of the VLAN on which the router port resides vlanid Specify the VLAN ID list vlanid_list Specify the VLAN ID list add Specif...

Page 450: ...vlanid Specify the VLAN ID list vlanid_list Specify the VLAN ID list add Specify to add the router ports delete Specify to delete the router ports portlist Specify a range of ports to be configured Restrictions Only Administrator Operator and Power User level users can issue this command Example To set up port range 1 to 7 to be forbidden router ports of the default VLAN DGS 3420 28SC admin config...

Page 451: ...al Display router ports that have been dynamically registered forbidden Optional Display forbidden router ports that have been statically configured Note If no parameter is specified the system will display all the current router ports on the Switch Restrictions None Example To display the router ports on the default VLAN DGS 3420 28SC admin show router_ports vlan default Command show router_ports...

Page 452: ...e igmp_snooping Description This command is used to disable IGMP snooping on the switch IGMP snooping can be disabled only if IP multicast routing is not being used Disabling IGMP snooping allows all IGMP and IP multicast traffic to flood within a given IP interface Format disable igmp_snooping Parameters None Restrictions Only Administrator Operator and Power User level users can issue this comma...

Page 453: ...lanid vlanid_list Parameters vlan Optional Specify the name of the VLAN to display the IGMP snooping configuration vlan_name 32 Specify the name of the VLAN The maximum length is 32 characters vlanid Optional Specify the VLAN ID to display the IGMP snooping configuration vlanid_list Specify a range of VLAN IDs Note If no parameter is specified the system will display all current IGMP snooping conf...

Page 454: ...ing State Enabled Data Driven Learning Aged Out Disabled Data Driven Group Expiry Time 260 Total Entries 1 DGS 3420 28SC admin 39 9 show igmp_snooping group Description This command is used to display the current IGMP snooping group configuration on the switch Format show igmp_snooping group vlan vlan_name 32 vlanid vlanid_list ports portlist ipaddr data_driven Parameters vlan Optional Specify the...

Page 455: ...the current IGMP snooping group configuration of the switch Restrictions None Example To display IGMP snooping groups DGS 3420 28SC admin show igmp_snooping group Command show igmp_snooping group Source Group NULL 224 106 0 211 VLAN Name VID default 1 Member Ports 1 UP Time 223 Expiry Time 37 Filter Mode EXCLUDE Source Group NULL 234 54 163 75 VLAN Name VID default 1 Member Ports 1 UP Time 223 Exp...

Page 456: ... the rate of IGMP control packets that the switch can process on a specific port VLAN The rate is specified in packet per second The packets that exceed the limited rate will be dropped no_limit The default setting is no limit Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the IGMP snooping rate limit for ports 1 2 to have no limit D...

Page 457: ...up The static member and the dynamic member port form the member ports of a group The static group will only take effect when IGMP snooping is enabled on the VLAN For those static member ports the device needs to emulate the IGMP protocol operation to the querier and forward the traffic destined to the multicast group to the member ports For a layer 3 device the device is also responsible to route...

Page 458: ...e on this port Therefore suppose that a port is a dynamic member port learned by IGMP If this port is configured as a static member later then the IGMP protocol will stop operating on this port The IGMP protocol will resume once this port is removed from static member ports The static member port will only affect V2 IGMP operation Format config igmp_snooping static_group vlan vlan_name 32 vlanid v...

Page 459: ...IGMP snooping dynamic member ports for a group Format delete igmp_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipaddr Parameters vlan Specify the name of the VLAN on which the router port resides vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Specify the VLAN ID list on which the router port resides vlanid_list Specify the VLAN ID list ipaddr Specify th...

Page 460: ...er port resides vlanid_list Specify the VLAN ID list ipaddr Specify the multicast group IP address Restrictions None Example To display all the IGMP snooping static groups DGS 3420 28SC admin show igmp_snooping static_group Command show igmp_snooping static_group VLAN ID Name IP Address Static Member Ports 1 Default 239 1 1 1 9 10 Total Entries 1 DGS 3420 28SC admin 39 16 show igmp_snooping statis...

Page 461: ...e IGMP snooping statistics counter for port 1 DGS 3420 28SC admin show igmp_snooping statistic counter ports 1 Command show igmp_snooping statistic counter ports 1 Port 1 Group Number 0 Receive Statistics Query IGMP v1 Query 0 IGMP v2 Query 0 IGMP v3 Query 0 Total 0 Dropped By Rate Limitation 0 Dropped By Multicast VLAN 0 Report Leave IGMP v1 Report 0 IGMP v2 Report 0 IGMP v3 Report 0 IGMP v2 Leav...

Page 462: ...trictions Only Administrator Operator and Power User level users can issue this command Example To clear the IGMP snooping statistic counter DGS 3420 28SC admin clear igmp_snooping statistics counter Command clear igmp_snooping statistics counter Success DGS 3420 28SC admin 39 18 show igmp_snooping forwarding Description This command is used to display the switch s current IGMP snooping forwarding...

Page 463: ...ping forwarding table entries of the switch Restrictions None Example To display all IGMP snooping forwarding entries located on the switch DGS 3420 28SC admin show igmp_snooping forwarding Command show igmp_snooping forwarding VLAN Name default Source IP 10 90 90 114 Multicast Group 225 0 0 0 Port Member 2 7 VLAN Name default Source IP 10 90 90 10 Multicast Group 225 0 0 1 Port Member 2 5 Total E...

Page 464: ... When data driven learning is enabled for a VLAN when the switch receives IP multicast traffic on this VLAN an IGMP snooping group will be created The learning of an entry is not activated by an IGMP membership registration but activated by traffic For an ordinary IGMP snooping entry the IGMP protocol will take care of the aging out of the entry For a data driven entry the entry can be specified n...

Page 465: ...ing out of the entry will be disabled expiry_time Optional Specifies the data driven group lifetime value used This value is only applicable if the aged out option is enabled sec 1 65535 Enter the expiry time value used here This value must be between 1 and 65535 seconds Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the data driven lea...

Page 466: ...ng max_learned_entry 50 Success DGS 3420 28SC admin 39 22 config igmp_snooping forward_lookup_mode Description The command is used to configure the IGMP snooping forward lookup mode on the Switch Format config igmp_snooping forward_lookup_mode ip mac Parameters ip Specifies that the multicast forwarding lookup will be based on the IP address mac Specifies that the multicast forwarding lookup will ...

Page 467: ...orward lookup mode MAC address DGS 3420 28SC admin 39 24 config igmp access_authentication ports Description This command is used to enable or disable the IGMP Access Control function for the specified ports If the IGMP Access Control function is enabled and the Switch receives an IGMP JOIN message the Switch will send the access request to the RADIUS server for authentication Format config igmp a...

Page 468: ...pecified ports Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable IGMP Access Control for all ports DGS 3420 28SC admin config igmp access_authentication ports all state enable Command config igmp access_authentication ports all state enable Success DGS 3420 28SC admin 39 25 show igmp access_authentication ports Description This command is ...

Page 469: ...420 28SC admin show igmp access_authentication ports all Command show igmp access_authentication ports all Port State 1 1 Auth_accounting 1 2 Disabled 1 3 Disabled 1 4 Disabled 1 5 Disabled 1 6 Disabled 1 7 Disabled 1 8 Disabled 1 9 Disabled 1 10 Disabled 1 11 Disabled 1 12 Disabled 1 13 Disabled 1 14 Disabled 1 15 Disabled 1 16 Disabled 1 17 Disabled 1 18 Disabled 1 19 Disabled CTRL C ESC q Quit ...

Page 470: ...nooping multicast_vlan_group vlan_name 32 delete igmp_snooping multicast_vlan vlan_name 32 enable igmp_snooping multicast_vlan disable igmp_snooping multicast_vlan show igmp_snooping multicast_vlan vlan_name 32 config igmp_snooping multicast_vlan forward_unmatched disable enable config igmp_snooping multicast_vlan auto_assign_vlan enable disable 40 1 create igmp_snooping multicast_vlan Description...

Page 471: ...2 Command create igmp_snooping multicast_vlan mv1 2 Success DGS 3420 28SC admin 40 2 config igmp_snooping multicast_vlan Description This command is used to configure IGMP snooping multicast VLAN parameters The member port list and source port list cannot overlap However the member port of one multicast VLAN can overlap with another multicast VLAN The multicast VLAN must be created first using the...

Page 472: ...n the join packet needs to be replaced by this IP address If none is specified the source IP address will use 0 IP address ipaddr Enter the IP address here none Specifies that the replace source IP address will not be replaced remap_priority Specify the remap priority here value 0 7 The remap priority value 0 to 7 to be associated with the data traffic to be forwarded on the multicast VLAN none If...

Page 473: ... configure an IGMP snooping multicast group profile on the switch and to add or delete multicast addresses for a profile Format config igmp_snooping multicast_vlan_group_profile profile_name 1 32 add delete mcast_address_list Parameters profile_name 1 32 Specify the multicast VLAN profile name The maximum length is 32 characters add Specify to add a multicast address list to this multicast VLAN pr...

Page 474: ...to delete an existing IGMP snooping multicast group profile on the switch Specify a profile name to delete it Format delete igmp_snooping multicast_vlan_group_profile profile_name profile_name 1 32 all Parameters profile_name Specify the multicast VLAN group profile name The maximum length is 32 characters profile_name 1 32 The profile file can be up to 32 characters long all Specify to delete all...

Page 475: ...2 DGS 3420 28SC admin 40 7 config igmp_snooping multicast_vlan_group Description This command is used to configure the multicast group which will be learned with the specific multicast VLAN There are two cases that need to be considered For the first case suppose that a multicast group is not configured and multicast VLANs do not have overlapped member ports That means the join packets received by...

Page 476: ...me 1 32 The profile name can be up to 32 characters long Restrictions Only Administrator Operator and Power User level users can issue this command Example To add an IGMP snooping profile to a multicast VLAN group with the name v1 DGS 3420 28SC admin config igmp_snooping multicast_vlan_group v1 add profile_name channel_1 Command config igmp_snooping multicast_vlan_group v1 add profile_name channel...

Page 477: ...0 28SC admin 40 9 delete igmp_snooping multicast_vlan Description This command is used to delete an IGMP snooping multicast VLAN Format delete igmp_snooping multicast_vlan vlan_name 32 Parameters vlan_name 32 Specify the name of the multicast VLAN to be deleted Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete an IGMP snooping multicast VL...

Page 478: ...rator and Power User level users can issue this command Example To enable IGMP snooping multicast VLAN DGS 3420 28SC admin enable igmp_snooping multicast_vlan Command enable igmp_snooping multicast_vlan Success DGS 3420 28SC admin 40 11 disable igmp_snooping multicast_vlan Description This command is used to disable the IGMP snooping multicast VLAN function By default the multicast VLAN is disable...

Page 479: ...sable igmp_snooping multicast_vlan Success DGS 3420 28SC admin 40 12 show igmp_snooping multicast_vlan Description This command allows information for a specific multicast VLAN to be displayed Format show igmp_snooping multicast_vlan vlan_name 32 Parameters vlan_name 32 Optional Specify the name of the multicast VLAN to be displayed Restrictions None Example To display all IGMP snooping multicast ...

Page 480: ...nmatched Description This command is used to configure the forwarding mode for IGMP snooping multicast VLAN unmatched packets When the switch receives an IGMP snooping packet it will match the packet against the multicast profile to determine which multicast VLAN to associate with If the packet does not match all profiles the packet will be forwarded or dropped based on this setting By default the...

Page 481: ... match the result is in profile and the matching multicast VLAN will be set as a packet VLAN If this function is disabled the Switch will do VID checking and afterwards if the group does not match the current profile binding the Switch will drop this packet Format config igmp_snooping multicast_vlan auto_assign_vlan enable disable Parameters enable Specifies to enable the auto assign VLAN function...

Page 482: ...ve Users can select only one when creating one new route If a user sets neither of these the system will try to set the new route first by primary and second by backup Format create iproute default network_address ipaddr metric 1 65535 primary backup null0 ip_tunnel tunnel_name 12 Parameters default Create a default IP route entry network_address The IP address and netmask of the IP interface that...

Page 483: ...rameters default Delete a default IP route entry network_address The IP address and netmask of the IP interface that is the destination of the route Specify the address and mask information using the traditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 ipaddr Specifies the IP address for the next hop router null0 Specifies the null interface as the next hop ip_tunnel Spec...

Page 484: ... to be displayed The longest prefix matched route will be displayed static Optional Specifies to display only static routes One static route may be active or inactive Note Active or inactive means the device detected a physical link failure link down rip Optional Specifies to display only RIP routes hardware Optional Specifies to display only the routes that have been written into the chip Restric...

Page 485: ... Optional Specifies the route as the primary route to the destination backup Optional Specifies the route as the backup route to the destination If the route is not specified as the primary route or the backup route then it will be auto assigned by the system The first created is the primary the second created is the backup ip_tunnel Specifies the IPv6 tunnel name used tunnel_name 12 Enter the IPv...

Page 486: ...ies that all static created routes will be deleted Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete an IPv6 static route DGS 3420 28SC admin delete ipv6route default System FEC0 5 Command delete ipv6route default System FEC0 5 Success DGS 3420 28SC admin 41 6 show ipv6route Description This command is used to display the Switch s current ...

Page 487: ...ing domain Format create ipv6route redistribute dst ripng src local static metric value 0 16 Parameters local Redistribute local routes into RIPng static Redistribute static routes into RIPng metric Optional Specifies the RIPng route metric for the redistributed routes When the metric value is 0 the metric in the original route will become the metric of the redistributed RIPng route transparently ...

Page 488: ...nal Specifies the RIPng route metric for the redistributed routes When the metric value is 0 the metric in the original route will become the metric of the redistributed RIPng route transparently If the metric of the original route is equal or greater than 16 the route will be not redistributed value 0 16 Enter the value between 0 and 16 Restrictions Only Administrator Operator and Power User leve...

Page 489: ...istribute local routes into RIPng static Specifies not to redistribute static routes into RIPng Restrictions Only Administrator Operator and Power User level users can issue this command Example To remove the RIPng route redistribution DGS 3420 28SC admin delete ipv6route redistribute dst ripng src local Command delete ipv6route redistribute dst ripng src local Success DGS 3420 28SC admin ...

Page 490: ...unnel tunnel_name 12 disable ip_tunnel tunnel_name 12 config ip_tunnel gre tunnel_name 12 ipaddress network_address ipv6address ipv6networkaddr source ipaddr ipv6addr destination ipaddr ipv6addr 1 42 1 create ip_tunnel Description This command is used to create an IP tunnel interface Format create ip_tunnel tunnel_name 12 Parameters tunnel_name 12 Enter the IP tunnel interface name used here This ...

Page 491: ...p_tunnel tn2 Command delete ip_tunnel tunnel tn2 Success DGS 3420 28SC admin 42 3 config ip_tunnel manual Description This command is used to configure an IPv6 manual tunnel If this tunnel has previously been configured in another mode the tunnel s information will still exist in the database However whether the tunnel s former information is invalid or not will depend on the current mode IPv6 Man...

Page 492: ...ss is 1 0 0 1 Tunnel destination IPv4 address is 1 0 0 2 Tunnel IPv6 address is 2001 1 64 DGS 3420 28SC admin config ip_tunnel manual tn2 source 1 0 0 1 destination 1 0 0 2 Command config ip_tunnel manual tn2 source 1 0 0 1 destination 1 0 0 2 Success DGS 3420 28SC admin config ip_tunnel manual tn2 ipv6address 2001 1 64 Command config ip_tunnel manual tn2 ipv6address 2001 1 64 Success DGS 3420 28S...

Page 493: ...tination address s 2002 16 prefix For example a 6to4 address 2002 c0a8 0001 48 will be extracted to 192 168 0 1 Any IPv6 address that begins with the 2002 16 prefix is known as a 6to4 address ipaddr Enter the IPv4 source address used here Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure an IPv6 6to4 tunnel Tunnel name is tn2 Tunnel sou...

Page 494: ...source ipv6networkaddr Enter the IPv6 address used here source Optional Specifies the source IPv4 address of this IPv6 tunnel interface It is used as the source address for packets in the IPv6 tunnel The tunnel destination IPv4 address is extracted from the last 32 bits of the remote tunnel endpoint s IPv6 ISATAP address ipaddr Enter the source IPv4 address used here Restrictions Only Administrato...

Page 495: ...mmand show ip_tunnel tn2 Tunnel Interface tn2 Interface Admin State Enabled Tunnel Mode Manual IPv6 Global Unicast Address 2000 1 64 Tunnel Source 1 0 0 1 Tunnel Destination 1 0 0 2 DGS 3420 28SC admin 42 7 enable ip_tunnel Description This command is used to enable a single specified IP tunnel or all IP tunnels on the Switch Format enable ip_tunnel tunnel_name 12 Parameters tunnel_name 12 Optiona...

Page 496: ...e name used here This name can be up to 12 characters long Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable an IP tunnel interface Tunnel name is tn2 DGS 3420 28SC admin disable ip_tunnel tn2 Command disable ip_tunnel tn2 Success DGS 3420 28SC admin 42 9 config ip_tunnel gre Description This command is used to configure an existing tunne...

Page 497: ...fies the IPv6 address assigned to the GRE tunnel interface IPv6 processing will be enabled on the IPv6 tunnel interface when an IPv6 address is configured This IPv6 address is not connected with the tunnel source or destination IPv6 address ipv6networkaddr Enter the IPv6 network address used here source Optional Specifies the source IPv4 or IPv6 address of the GRE tunnel interface It is used as th...

Page 498: ...Mode GRE Ipv4 Address 2 0 0 1 8 IPv6 Global Unicast Address 2001 1 64 Tunnel Source 1 0 0 1 Tunnel Destination 1 0 0 2 DGS 3420 28SC admin To configure a GRE tunnel tunnel with the name tn2 the delivery protocol IPv6 the tunnel source IPv6 address 2000 1 the tunnel destination IPv6 address 2000 2 the GRE tunnel interface s IPv6 address 3001 1 64 the GRE tunnel interface s IPv4 address 3 0 0 1 8 DG...

Page 499: ...figuration of a GRE tunnel interface named tn2 DGS 3420 28SC admin show ip_tunnel tn2 Command show ip_tunnel tn2 Tunnel Interface tn2 Interface Admin State Enabled Tunnel Mode GRE Ipv4 Address 3 0 0 1 8 IPv6 Global Unicast Address 3001 1 64 Tunnel Source 2000 1 Tunnel Destination 2000 2 DGS 3420 28SC admin ...

Page 500: ...nterval sec 4 1800 1 config ipv6 nd ra prefix_option ipif ipif_name 12 ipv6networkaddr preferred_life_time sec 0 4294967295 valid_life_time sec 0 4294967295 on_link_flag enable disable autonomous_flag enable disable 1 show ipv6 nd ipif ipif_name 12 43 1 create ipv6 neighbor_cache ipif Description This command is used to add a static neighbor on an IPv6 interface Format create ipv6 neighbor_cache i...

Page 501: ...Pv6 static entries dynamic Specify to delete the IPv6 dynamic entries all Specify all IPv6 entries including static and dynamic to be deleted Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete the neighbor cache entry for IPv6 address 3ffc 1 on the IP interface System DGS 3420 28SC admin delete ipv6 neighbor_cache ipif System 3ffc 1 Command...

Page 502: ...eighbor_cache ipif System all FE80 215 72FF FE36 104 State Reachable MAC Address 00 15 72 36 01 04 Port 1 21 Interface System VID 1 Total Entries 1 DGS 3420 28SC admin 43 4 config ipv6 nd ns ipif Description This command is used to configure the NS retransmit time of a specified interface Format config ipv6 nd ns ipif ipif_name 12 retrans_time millisecond 0 4294967295 Parameters ipif_name 12 Speci...

Page 503: ...vertisement state life_time Specify the lifetime of the router as the default router in seconds sec 0 9000 Specify the time between 0 and 9000 seconds reachable_time Specifies the amount of time that a node can consider a neighboring node reachable after receiving a reachability confirmation in millisecond millisecond 0 3600000 Specify the time between 0 and 3600000 milliseconds retrans_time Speci...

Page 504: ...Administrator Operator and Power User level users can issue this command Example To configure the RA state as enabled and the life_time of the tiberius interface to be 1000 seconds DGS 3420 28SC admin config ipv6 nd ra ipif tiberius state enable life_time 1000 Command config ipv6 nd ra ipif tiberius state enable life_time 1000 Success DGS 3420 28SC admin 43 6 config ipv6 nd ra prefix_option ipif D...

Page 505: ...ed to autoconfigure IPv6 addresses on the link local network disable When set to disable the specified prefix will not be used to create an autonomous address configuration Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the value of the preferred_life_time of prefix option to be 1000 seconds for the prefix 3ffe 501 ffff 100 64 which ...

Page 506: ...nd ipif System Interface Name System Hop Limit 64 NS Retransmit Time 400 ms Router Advertisement Disabled RA Max Router AdvInterval 600 sec RA Min Router AdvInterval 198 sec RA Router Life Time 1800 sec RA Reachable Time 1200000 ms RA Retransmit Time 400 ms RA Managed Flag Disabled RA Other Configuration Flag Disabled Prefix Preferred Valid OnLink Autonomous 1000 A111 B111 C111 64 604800 2592000 E...

Page 507: ..._mac all ipaddress ipaddr ipv6address ipv6addr mac_address macaddr mac_address macaddr enable address_binding trap_log disable address_binding trap_log enable address_binding dhcp_snoop ipv6 all disable address_binding dhcp_snoop ipv6 all clear address_binding dhcp_snoop binding_entry ports portlist all ipv6 all show address_binding dhcp_snoop max_entry ports portlist show address_binding dhcp_sno...

Page 508: ...tlist Specify a range of ports to be configured all Specify to apply to all the ports Restrictions Only Administrator Operator and Power User level users can issue this command Example To create address binding on the switch DGS 3420 28SC admin create address_binding ip_mac ipaddress 10 1 1 1 mac_address 00 00 00 00 00 11 Command create address_binding ip_mac ipaddress 10 1 1 1 mac_address 00 00 0...

Page 509: ...ch If a port has been configured as group member of an aggregated link then it can not enable its IP MAC Port binding function When the binding check state is enabled for IP packet and ARP packet received by this port the switch will check whether the IP address and MAC address match the binding entries The packets will be dropped if they do not match For this function the switch can operate in AR...

Page 510: ...ll be checked ipv4 Specifies that only IPv4 packets will be checked ipv6 Specifies that only IPv6 packets will be checked all Specifies that both IPv4 and IPv6 packets will be checked allow_zeroip Optional Specify whether to allow ARP packets with SIP address 0 0 0 0 enable If 0 0 0 0 is not configured in the binding list when it is set to enabled the ARP packet with this source IP address 0 0 0 0...

Page 511: ...en it will apply to all ports portlist Specify the list of ports to apply all Specify to apply to all the ports Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure an address binding entry DGS 3420 28SC admin config address_binding ip_mac ipaddress 10 1 1 1 mac_address 00 00 00 00 00 11 Command config address_binding ip_mac ipaddress 10 1...

Page 512: ...o the MAC address 00 00 00 00 00 11 DGS 3420 28SC admin config address_binding ip_mac ipv6address fe80 240 5ff fe00 28 mac_address 00 00 00 00 00 11 Command config address_binding ip_mac ipv6address fe80 240 5ff fe00 28 mac_address 00 00 00 00 00 11 Success DGS 3420 28SC admin 44 6 delete address_binding blocked Description This command is used to delete a blocked entry It specifies the address da...

Page 513: ...dr Parameters all Specifies that all the MAC addresses will be used vlan_name Specifies the name of the VLAN that the MAC address belongs to vlan_name Enter the VLAN name used here mac_address Specifies the MAC address of the IMPB entry macaddr Enter the MAC address of the IMPB entry here ipv6address Specifies the IPv6 address of the IMPB entry ipv6addr Enter the IPv6 address of the IMPB entry her...

Page 514: ...00 28 mac_address 00 00 00 00 00 11 Success DGS 3420 28SC admin 44 8 show address_binding Description This command is used to display address binding information Format show address_binding ports portlist Parameters ports Optional Specify to display the state of IP MAC port binding for all ports portlist Enter the list of ports for the display here Restrictions None Example To display address bind...

Page 515: ...al 5 Disabled Disabled Disabled All Not Allow Forward 500 Normal 6 Disabled Disabled Disabled All Not Allow Forward 500 Normal 7 Disabled Disabled Disabled All Not Allow Forward 500 Normal 8 Disabled Disabled Disabled All Not Allow Forward 500 Normal 9 Disabled Disabled Disabled All Not Allow Forward 500 Normal 10 Disabled Disabled Disabled All Not Allow Forward 500 Normal DGS 3420 28SC admin 44 9...

Page 516: ...F 6D F3 AC 7 1 default 00 50 8D 36 89 48 7 1 default 00 50 BA 00 05 9E 7 1 default 00 50 BA 10 D8 F6 7 1 default 00 50 BA 38 7D E0 7 1 default 00 50 BA 51 31 62 7 1 default 00 50 BA DA 01 58 7 1 default 00 A0 C9 01 01 23 7 1 default 00 E0 18 D4 63 1C 7 Total Entries 15 DGS 3420 28SC admin 44 10 show address_binding ip_mac Description This command is used to display the user created database of add...

Page 517: ...d show address_binding ip_mac all M Mode D DHCP N ND S Static ACL A Active I Inactive IP Address MAC Address M ACL Ports 10 1 1 1 00 11 22 33 44 55 S I 1 10 1 1 2 00 22 33 44 55 66 S A 2 2001 1 00 33 44 55 66 77 S I 3 2011 1 00 44 55 66 77 88 S I 4 Total Entries 4 DGS 3420 28SC admin To display the IMPB entry by IP address and MAC address DGS 3420 28SC admin show address_binding ip_mac ipaddress 1...

Page 518: ...strictions Only Administrator Operator and Power User level users can issue this command Example To enable the address binding trap and log DGS 3420 28SC admin enable address_binding trap_log Command enable address_binding trap_log Success DGS 3420 28SC admin 44 12 disable address_binding trap_log Description This command is used to disable address binding trap logs Format disable address_binding ...

Page 519: ...from one port to another port if the DHCP snooping function has learned that the MAC address has moved to a different port Consider the case in which a binding entry learned by DHCP snooping conflicts with the statically configured entry This means that the binding relation is in conflict For example if IP A is binded with MAC X by static configuration suppose that the binding entry learned by DHC...

Page 520: ...ription This command is used to disable address binding DHCP snooping When DHCP snooping is disabled all of the auto learned binding entries will be removed Format disable address_binding dhcp_snoop ipv6 all Parameters ipv6 Optional Specifies that the address used is an IPv6 address all Specifies that all IP addresses will be used Restrictions Only Administrator Operator and Power User level users...

Page 521: ...is an IPv6 address all Specifies that all IPv6 addresses will be used Restrictions Only Administrator Operator and Power User level users can issue this command Example To clear the address binding entries for ports 1 to 3 DGS 3420 28SC admin clear address_binding dhcp_snoop binding_entry ports 1 3 Command clear address_binding dhcp_snoop binding_entry ports 1 3 Success DGS 3420 28SC admin 44 16 s...

Page 522: ...inding dhcp_snoop max_entry ports 1 10 Command show address_binding dhcp_snoop max_entry ports 1 10 Port Max Entry Max IPv6 Entry 1 No Limit No Limit 2 10 No Limit 3 20 No Limit 4 No Limit No Limit 5 No Limit No Limit 6 No Limit No Limit 7 No Limit No Limit 8 No Limit No Limit 9 No Limit No Limit 10 No Limit No Limit DGS 3420 28SC admin 44 17 show address_binding dhcp_snoop binding_entry Descripti...

Page 523: ...00 00 03 02 A 100 6 Total entries 4 DGS 3420 28SC admin Note Inactive indicates that the entry is currently inactive due to port link down 44 18 config address_binding dhcp_snoop max_entry ports Description This command is used to specifiy the maximum number of entries which can be learned by the specified ports By default the per port maximum entry is no limit Format config address_binding dhcp_s...

Page 524: ...ig address_binding dhcp_snoop max_entry ports 1 3 limit 10 Success DGS 3420 28SC admin 44 19 config address_binding recover_learning ports Description This command is used to recover port learning Format config address_binding recover_learning ports portlist all Parameters portlist Specify the list of ports to recover learning all Specify to recover learning for all ports Restrictions Only Adminis...

Page 525: ...ator and Power User level users can issue this command Example To enable the ND snooping function on the Switch DGS 3420 28SC admin enable address_binding nd_snoop Command enable address_binding nd_snoop Success DGS 3420 28SC admin 44 21 disable address_binding nd_snoop Description This command is used to disable ND snooping on the Switch Format disable address_binding nd_snoop Parameters None Res...

Page 526: ...he list of ports used for this configuration portlist Enter the list of ports used for this configuration here all Specifies that all the ports will be usd for this configuration max_entry Specifies the maximum number of entries value 1 50 Enter the maximum number of entries used here This value must be between 1 and 50 no_limit Specifies that the maximum number of learned entries is unlimited Res...

Page 527: ... display portlist Enter the list of ports used for this display here Restrictions None Example To show the ND snooping state DGS 3420 28SC admin show address_binding nd_snoop Command show address_binding nd_snoop ND Snoop Enabled DGS 3420 28SC admin To show the ND snooping maximum entry information for ports 1 5 DGS 3420 28SC admin show address_binding nd_snoop ports 1 1 1 5 Command show address_b...

Page 528: ...rictions None Example To display the ND snooping binding entry DGS 3420 28SC admin show address_binding nd_snoop binding_entry Command show address_binding nd_snoop binding_entry S Status A Active I Inactive Time Left Time sec IP Address MAC Address S LT sec Port 2001 2222 1111 7777 5555 6666 7777 8888 00 00 00 00 00 02 I 50 5 2001 1 00 00 00 00 03 02 A 100 6 Total Entries 2 DGS 3420 28SC admin 44...

Page 529: ...min 44 26 config address_binding dhcp_snoop_entry filename Description This command is used to configure the autosave state of DHCPv4 Snooping binding entries Note This feature is only supported on devices that support external memory For example SD card Format config address_binding dhcp_snoop_entry filename path_filename 64 autosave enable disable Parameters path_filename 64 Enter the pathname o...

Page 530: ...o same IP and MAC address or 2 a new DAD process belong to same IP and MAC Format enable address_binding roaming Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable IMPB roaming DGS 3420 28SC admin enable address_binding roaming Command enable address_binding roaming Success DGS 3420 28SC admin 44 28 disable address_binding r...

Page 531: ...8SC admin disable address_binding roaming Command disable address_binding roaming Success DGS 3420 28SC admin 44 29 download address_binding snoop_entry_fromTFTP Description This command is used to download DHCPv4 Snooping binding entries by TFTP Format download address_binding snoop_entry_fromTFTP ipaddr ipv6addr domain_name 255 filename path_filename 64 Parameters ipaddr Enter the IPv4 address o...

Page 532: ...by TFTP Format upload address_binding snoop_entry_toTFTP ipaddr ipv6addr domain_name 255 filename path_filename 64 Parameters ipaddr Enter the IPv4 address of the TFTP server here ipv6addr Enter the IPv6 address of the TFTP server here domain_name 255 Enter the domain name of the TFTP server here This name can be up to 255 characters long filename Specifies the path of the file located on the TFTP...

Page 533: ...oop_entry Description This command is used to save the DHCPv4 Snooping binding entries Format save dhcp_snoop_entry Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To backup the binding entries DGS 3420 28SC admin save dhcp_snoop_entry Command save dhcp_snoop_entry Success DGS 3420 28SC admin ...

Page 534: ...h_http_port tcp_port_number 1 65535 http https config jwac ports portlist all state enable disable max_authenticating_host value 0 100 aging_time infinite min 1 1440 idle_time infinite min 1 1440 block_time sec 0 300 1 config jwac radius_protocol local eap_md5 pap chap ms_chap ms_chapv2 create jwac user username 15 vlan vlanid 1 4094 config jwac user username 15 vlan vlanid 1 4094 delete jwac user...

Page 535: ...erver and the second stage is the authentication with the switch For the second stage the authentication is similar to WAC except that there is no port VLAN membership change by JWAC after a host passes authentication The RADIUS server will share the server configuration defined by the 802 1X command set Format enable jwac Parameters None Restrictions Only Administrator Operator and Power User lev...

Page 536: ...irect When redirect quarantine_server is enabled the unauthenticated host will be redirected to a quarantine server when it tries to access a random URL When redirect jwac_login_page is enabled the unauthenticated host will be redirected to the jwac_login_page on the Switch to finish authentication Format enable jwac redirect Parameters None Restrictions Only Administrator Operator and Power User ...

Page 537: ...arameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable JWAC redirect DGS 3420 28SC admin disable jwac redirect Command disable jwac redirect Success DGS 3420 28SC admin 45 5 enable jwac forcible_logout Description This command is used to enable JWAC forcible logout When enabled a Ping packet from an authenticated host to the JWA...

Page 538: ...out Command enable jwac forcible_logout Success DGS 3420 28SC admin 45 6 disable jwac forcible_logout Description This command is used to disable JWAC forcible logout Format disable jwac forcible_logout Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable JWAC forcible logout DGS 3420 28SC admin disable jwac forcible_logout C...

Page 539: ...WAC authenticating time is between 0 and 30 Format enable jwac udp_filtering Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable JWAC UDP filtering DGS 3420 28SC admin enable jwac udp_filtering Command enable jwac udp_filtering Success DGS 3420 28SC admin 45 8 disable jwac udp_filtering Description This command is used to dis...

Page 540: ... detects no quarantine server it will redirect all unauthenticated HTTP accesses to the JWAC Login Page forcibly if the redirect is enabled and the redirect destination is configured to be quarantine server Format enable jwac quarantine_server_monitor Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable JWAC quarantine server ...

Page 541: ... jwac quarantine_server_error_timeout Description This command is used to set the quarantine server error timeout When the quarantine server monitor is enabled the JWAC switch will periodically check if the quarantine works okay If the switch does not receive any response from quarantine server during the configured error timeout the switch then regards it as not working properly Format config jwa...

Page 542: ...PC user to input the user name and password to authenticate Note If the quarantine server is linked to the JWAC enabled port on the switch it must be added to the static FDB correctly before it can work properly Format config jwac quarantine_server_url string 128 clear_quarantine_server_url Parameters quarantine_server_url Specify the entire URL of the authentication page on the quarantine server ...

Page 543: ...hich the unauthenticated host will be redirected sec 0 10 Specify the time interval after which the unauthenticated host will be redirected The delay time must be between 0 and 10 seconds Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure JWAC redirect destination to JWAC login web page and a delay time of 5 seconds DGS 3420 28SC admin c...

Page 544: ...WAC Switch Any servers running ActiveX need to be able to have access to accomplish authentication Before the client passes authentication it should be added to the Switch with its IP address For example the client may need to access update microsoft com or some sites of the Anti Virus software companies to check whether the OS or Anti Virus software of the client are the latest and so IP addresse...

Page 545: ...dmin 45 16 config jwac switch_http_port Description This command is used to configure the TCP port which the JWAC switch listens to This port number is used in the second stage of the authentication PC users will connect to the page on the switch to input the user name and password If not specified the default port number is 80 If no protocol is specified the protocol is HTTP Format config jwac sw...

Page 546: ... port at the same time The default value is 100 value 0 100 Specify the maximum number of authenticating hosts between 0 and 100 aging_time Specify a time period during which an authenticated host will keep in authenticated state infinite Specify to indicate the authenticated host on the port will never ageout min 1 1440 Specify an aging time between 1 and 1440 minutes The default value is 1440 mi...

Page 547: ...e RADIUS server pap Specify the JWAC switch uses PAP to communicate with the RADIUS server chap Specify the JWAC switch uses CHAP to communicate with the RADIUS server ms_chap Specify the JWAC switch uses MS CHAP to communicate with the RADIUS server ms_chapv2 Specify the JWAC switch uses MS CHAPv2 to communicate with the RADIUS server Restrictions Only Administrator Operator and Power User level ...

Page 548: ...To create a JWAC user in the local DB DGS 3420 28SC admin create jwac user 112233 Command create jwac user 112233 Enter a case sensitive new password Enter the new password again for confirmation Success DGS 3420 28SC admin 45 20 config jwac user Description This command configures a JWAC user Format config jwac user username 15 vlan vlanid 1 4094 Parameters username 15 Specify the user name to be...

Page 549: ...nd is used to delete JWAC users from the local database Format delete jwac user username 15 all_users Parameters user Specify the user name to be deleted username 15 Specify the user name to be deleted The user name can be up to 15 characters long all_users Specify all user accounts in the local database will be deleted Restrictions Only Administrator Operator and Power User level users can issue ...

Page 550: ...local database Format show jwac user Parameters None Restrictions None Example To display the current JWAC local users DGS 3420 28SC admin show jwac user Command show jwac user Current Accounts Username Password VID 123 w 1 rer Total Entries 2 DGS 3420 28SC admin 45 23 show jwac Description This command is used to display the JWAC configuration settings Format show jwac ...

Page 551: ...led Redirect State Enabled Redirect Delay Time 1 Seconds Redirect Destination Quarantine Server Quarantine Server Q Server Monitor Disabled Q Server Error Timeout 30 Seconds RADIUS Auth Protocol PAP RADIUS Authorization Enabled Local Authorization Enabled Function Version 2 11 DGS 3420 28SC admin 45 24 show jwac auth_state ports Description This command is used to display information for JWAC clie...

Page 552: ...uth_state ports 1 2 Pri Priority State A Authenticated B Bloacked Authenticating Time Aging Time Idle Time for authenticated entries Port MAC Address State VID Pri Time IP User Name 1 00 00 00 00 00 42 4 1 00 00 12 34 56 02 21 2 00 00 DF 12 E5 6A 24 2 00 03 38 10 28 01 13 Total Authenticating Hosts 4 Total Authenticated Hosts 0 Total Blocked Hosts 0 DGS 3420 28SC admin 45 25 show jwac update_serve...

Page 553: ...26 show jwac ports Description This command is used to display the port configuration of JWAC Format show jwac ports portlist Parameters portlist Optional Specify a port range to show the configuration of JWAC Restrictions None Example To display JWAC ports 1 to 4 DGS 3420 28SC admin show jwac ports 1 4 Command show jwac ports 1 4 Port State Aging Time Idle Time Block Time Max min min sec Hosts 1 ...

Page 554: ...t to delete authenticating Optional Specify the state of host to delete blocked Optional Specify the state of host to delete mac_addr Delete a specified host with this MAC address macaddr Enter the MAC address here Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete authentication entries DGS 3420 28SC admin clear jwac auth_state ports all b...

Page 555: ...GS 3420 28SC admin config jwac authenticate_page japanese Command config jwac authenticate_page japanese Success DGS 3420 28SC admin 45 29 show jwac authenticate_page Description This command is used to display the element mapping of the customized authenticate page Format show jwac authenticate_page Parameters None Restrictions None Example To display the element mapping of the customized authent...

Page 556: ...pecify the title of the authenticate page desc 128 Specify the title of the authenticate page The page title description can be up to 128 characters long login_window_title Specify the login window title of the authenticate page desc 32 Specify the login window title of the authenticate page The login window title description can be up to 32 characters long user_name_title Specify the user name ti...

Page 557: ...c authentication_page element japanese login_window_title JWAC 认证 Command config jwac authentication_page element japanese login_window_title JWAC 认证 Success DGS 3420 28SC admin config jwac authentication_page element japanese user_name_title ユーザ名 Command config jwac authentication_page element japanese user_name_title ユーザ名 Success DGS 3420 28SC admin config jwac authentication_page element japane...

Page 558: ...bal authorization network is enabled The default state is enabled enable Specify to enable authorized data assigned by the RADUIS server to be accepted disable Specify to disable authorized data assigned by the RADUIS server from being accepted local If specified to enable the authorized data assigned by the local database will be accepted if the global authorization network is enabled The default...

Page 559: ...able jumbo_frame Description This command is used to enable support of Jumbo Frames Format enable jumbo_frame Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable Jumbo Frames DGS 3420 28SC admin enable jumbo_frame Command enable jumbo_frame DGS 3420 28SC admin 46 2 disable jumbo_frame Description This command is used to disab...

Page 560: ...mbo_frame ports portlist all state enable disable Parameters portlist Enter the list of ports used for this configuration here all Specifies that all the ports will be used for this configuration state Specifies the jumbo frame state to be applied to a range of ports specified enable Specifies that the jumbo frame state will be enabled disable Specifies that the jumbo frame state will be disabled ...

Page 561: ...at show jumbo_frame portlist Parameters portlist Optional Enter the list of ports to be displayed here Restrictions None Example To display Jumbo Frames for port 1 to 5 DGS 3420 28SC admin show jumbo_frame 1 5 Command show jumbo_frame 1 5 Jumbo Frame Global State Disabled Maximum Jumbo Frame Size 1536 Bytes Port Jumbo Frame State 1 Enabled 2 Enabled 3 Enabled 4 Enabled 5 Enabled DGS 3420 28SC admi...

Page 562: ... active passive Parameters portlist Specify a range of ports to be configured mode Specify the port mode active Specify the mode as active passive Specify the mode as passive Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure port LACP mode for ports 1 to 3 DGS 3420 28SC admin config lacp_port 1 3 mode active Command config lacp_port 1 3...

Page 563: ... Specify a range of ports to be displayed Note If no parameter is specified the system will display current LACP mode for all ports Restrictions None Example To display the current LACP mode for ports 1 to 3 on the switch DGS 3420 28SC admin show lacp_port 1 3 Command show lacp_port 1 3 Port Activity 1 Active 2 Active 3 Active DGS 3420 28SC admin ...

Page 564: ...1 05 5D 00 00 00 for GVRP is 01 05 5D 00 00 21 for Layer 2 protocols MAC 01 00 0C CC CC CC is 01 05 5D 00 00 10 and for protocol MAC 01 00 0C CC CC CD is 01 05 5D 00 00 11 When QinQ is enabled an S TAG will be added to the Layer 2 PDU too The S TAG is assigned according QinQ VLAN configuration Format config l2protocol_tunnel ports portlist all type uni tunneled_protocol stp gvrp protocol_mac 01 00...

Page 565: ...y the port is NNI port none Disables tunnel on it By default a port is none port Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the STP tunneling on ports 1 4 DGS 3420 28SC admin config l2protocol_tunnel ports 1 4 type uni tunneled_protocol stp Command config l2protocol_tunnel ports 1 4 type uni tunneled_protocol stp Success DGS 3420...

Page 566: ...dmin show l2protocol_tunnel uni Command show l2protocol_tunnel uni UNI Tunneled Threshold Port Protocol packet sec 1 1 STP 10 GVRP 10 01 00 0C CC CC CC 10 1 2 STP 20 GVRP 20 01 00 0C CC CC CC 20 1 3 STP 0 1 4 STP 0 DGS 3420 28SC admin To show Layer 2 protocol tunneling detail information on NNI ports DGS 3420 28SC admin show l2protocol_tunnel nni Command show l2protocol_tunnel nni NNI Protocol Por...

Page 567: ...or Operator and Power User level users can issue this command Example To enable the Layer 2 protocol tunneling function DGS 3420 28SC admin enable l2protocol_tunnel Command enable l2protocol_tunnel Success DGS 3420 28SC admin 48 4 disable l2protocol_tunnel Description Used to disable the Layer 2 protocol tunneling function Format disable l2protocol_tunnel Parameters None Restrictions Only Administ...

Page 568: ...er 2 Managed Stackable Gigabit Switch CLI Reference Guide 563 Example To disable the Layer 2 protocol tunneling function DGS 3420 28SC admin disable l2protocol_tunnel Command disable l2protocol_tunnel Success DGS 3420 28SC admin ...

Page 569: ...l access permit deny 1 show limited_multicast_addr ports portlist vlanid vlanid_list ipv4 ipv6 config max_mcast_group ports portlist vlanid vlanid_list ipv4 max_group value 1 960 infinite action drop replace ipv6 max_group value 1 480 infinite action drop replace show max_mcast_group ports portlist vlanid vlanid_list ipv4 ipv6 49 1 create mcast_filter_profile Description This command is used to cr...

Page 570: ...le value 1 60 The profile ID must be between 1 and 60 profile_name Specify the name of the profile name 32 The profile name can be up to 32 characters long profile_name Specify a new name of the profile name 32 The profile name can be up to 32 characters long add Specify to add a range of multicast IP addresses delete Specify to delete a range of multicast IP addresses mcast_address_list List of t...

Page 571: ...32 characters long add Specify to add a range of multicast IP addresses delete Specify to delete a range of multicast IP addresses mcastv6_address_list List of the IPv6 multicast addresses to be added to or deleted from the profile Either specifiy a single IPv6 multicast IP address or a range of IPv6 multicast addresses using a hyphen Restrictions Only Administrator Operator and Power User level u...

Page 572: ...ile name name 32 The profile name can be up to 32 characters long Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a multicast profile with a profile ID of 3 DGS 3420 28SC admin delete mcast_filter_profile profile_id 3 Command delete mcast_filter_profile profile_id 3 Success DGS 3420 28SC admin To delete a multicast profile with a profile...

Page 573: ... Example To display all the defined multicast address profiles DGS 3420 28SC admin show mcast_filter_profile Command show mcast_filter_profile Profile ID Name Multicast Addresses 1 MOD 234 1 1 1 238 244 244 244 2 customer 224 19 62 34 224 19 162 200 Total Entries 2 DGS 3420 28SC admin 49 6 config limited_multicast_addr Description This command is used to configure the multicast address filtering f...

Page 574: ...d Optional Specify a profile ID to be deleted from the port or VLAN value 1 60 The profile ID must be between 1 and 60 profile_name Optional Specify a profile name to be deleted from the port or VLAN name 32 The profile name can be up to 32 characters long access Optional Specify whether the access is permit or deny permit Specify that the packets that match the addresses defined in the profiles w...

Page 575: ...ticast profile associated with the port or VLAN ipv6 Optional Specify to display the IPv6 multicast profile associated with the port or VLAN Restrictions None Example To display the limited multicast address range on VLAN 1 DGS 3420 28SC admin show limited_multicast_addr vlanid 1 Command show limited_multicast_addr vlanid 1 VLAN ID 1 Access Deny Profile ID Name Multicast Addresses 1 customer 224 1...

Page 576: ...mum multicast group vlanid_list Enter the VLAN ID of the VLAN here ipv4 Optional Specify that the maximum number of IPv4 learned addresses should be limited max_group Optional Specify the maximum number of the multicast groups for IPv4 value 1 960 The range is from 1 to 960 or infinite infinite Infinite is the default setting action Optional Specify the action for handling newly learned groups whe...

Page 577: ...arameters ports Specify a range of ports to display the maximum number of multicast groups portlist Specify a range of ports to be displayed vlanid Specify the VLAN ID for displaying the maximum number of multicast groups vlanid_list Enter the VLAN ID of the VLAN here ipv4 Optional Specify to display the maximum number of IPv4 learned addresses ipv6 Optional Specify to display the maximum number o...

Page 578: ...gation group_id Description This command is used to create a link aggregation group Format create link_aggregation group_id value 1 32 type lacp static Parameters value 1 32 Specify the group ID The group number identifies each of the groups The switch allows up to 32 link aggregation groups to be configured type Optional Specify the group type belongs to static or LACP If type is not specified th...

Page 579: ...C admin delete link_aggregation group_id 3 Command delete link_aggregation group_id 3 Success DGS 3420 28SC admin 50 3 config link_aggregation group_id Description This command allows you to configure a link aggregation group that was created with the create link_aggregation command above Format config link_aggregation group_id value 1 32 master_port port ports portlist state enable disable trap e...

Page 580: ... Example To configure a link aggregation group group id 1 master port 7 member ports 5 7 DGS 3420 28SC admin config link_aggregation group_id 1 master_port 7 ports 5 7 Command config link_aggregation group_id 1 master_port 7 ports 5 7 Success DGS 3420 28SC admin 50 4 config link_aggregation algorithm Description This command is used to configure the part of the packet examined by the switch when s...

Page 581: ...ort Indicate that the switch should examine the Layer 4 source and destination port Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the link aggregation algorithm to mac source dest DGS 3420 28SC admin config link_aggregation algorithm mac_source_dest Command config link_aggregation algorithm mac_source_dest Success DGS 3420 28SC admi...

Page 582: ...est Group ID 1 Type LACP Master Port 1 Member Port 1 8 Active Port 7 Status Enabled Flooding Port 7 Trap Disabled Total Entries 1 DGS 3420 28SC admin To display the current link aggregation configuration when link aggregation is disabled DGS 3420 28SC admin show link_aggregation Command show link_aggregation Link Aggregation Algorithm MAC Source Dest Group ID 1 Type LACP Master Port 1 Member Port ...

Page 583: ...count value 1 10 config lldp_med log state enable disable config lldp_med notification topo_change ports portlist all state enable disable config lldp_med ports portlist all med_transmit_capabilities all capabilities network_policy power_pse inventory 1 state enable disable show lldp_med ports portlist show lldp_med show lldp_med local_ports portlist show lldp_med remote_ports portlist show lldp l...

Page 584: ...n enable lldp Command enable lldp Success DGS 3420 28SC admin 51 2 disable lldp Description This command is used to disable LLDP The switch will stop the sending and receiving of LLDP advertisement packets Format disable lldp Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable LLDP DGS 3420 28SC admin disable lldp Command di...

Page 585: ...rt will wait for the reinit delay after the last disable command before reinitializing Format config lldp message_tx_interval sec 5 32768 message_tx_hold_multiplier int 2 10 tx_delay sec 1 8192 reinit_delay sec 1 10 Parameters message_tx_interval Specify the message TX interval between consecutive transmissions of LLDP advertisements on any given port sec 5 32768 The range is from 5 to 32768 secon...

Page 586: ...val interval DGS 3420 28SC admin config lldp tx_delay 8 Command config lldp tx_delay 8 Success DGS 3420 28SC admin To change the re initialization delay interval to five seconds DGS 3420 28SC admin config lldp reinit_delay 5 Command config lldp reinit_delay 5 Success DGS 3420 28SC admin 51 4 show lldp Description This command is used to display LLDP Format show lldp Parameters None Restrictions No...

Page 587: ...n Interval 5 DGS 3420 28SC admin 51 5 config lldp forward_message Description This command is used to configure LLDP forwarding messages When LLDP is disabled and LLDP forward message is enabled the received LLDPDU packet will be forwarded The default state is disabled Format config lldp forward_message enable disable Parameters enable Enable LLDP forwarding messages disable Disable LLDP forwardin...

Page 588: ...ion_interval 10 Command config lldp notification_interval 10 Success DGS 3420 28SC admin 51 7 config lldp ports Description Use this command to configure LLDP options by port Enable or disable each port for sending change notification to configured SNMP trap receiver s if an LLDP data change is detected in an advertisement received on the port from an LLDP neighbor The definition of change include...

Page 589: ...LDP advertisements This TLV optional data type indicates whether the corresponding Local System s Protocol Identity instance will be transmitted on the port The Protocol Identity TLV provides a way for stations to advertise protocols that are important to the operation of the network Spanning Tree Protocol the Link Aggregation Control Protocol and numerous vendor proprietary variations are respons...

Page 590: ...vice provides repeater bridge or router function and whether the provided functions are currently enabled The default state is disabled enable Enable configuration of an individual port or group of ports to exclude one or more of optional TLV data types from outbound LLDP advertisements disable Disable configuration of an individual port or group of ports to exclude one or more of optional TLV dat...

Page 591: ...ganizationally protocol identity TLV data types from outbound LLDP advertisements dot3_tlvs An individual port or group of ports to exclude one or more of IEEE 802 3 Organizationally Specific TLV data types from outbound LLDP advertisements all Optional Configure all of the TLV optional data types below mac_phy_configuration_status Optional This TLV optional data type indicates that LLDP agent sho...

Page 592: ...ess entries DGS 3420 28SC admin config lldp ports 1 5 mgt_addr ipv4 192 168 254 10 enable Command config lldp ports 1 5 mgt_addr ipv4 192 168 254 10 enable Success DGS 3420 28SC admin To exclude the system name TLV from the outbound LLDP advertisements for all ports DGS 3420 28SC admin config lldp ports all basic_tlvs system_name enable Command config lldp ports all basic_tlvs system_name enable S...

Page 593: ...SC admin To exclude the protocol identity TLV from the outbound LLDP advertisements for all ports DGS 3420 28SC admin config lldp ports all dot1_tlv_protocol_identity all enable Command config lldp ports all dot1_tlv_protocol_identity all enable Success DGS 3420 28SC admin To exclude the MAC PHY configuration status TLV from the outbound LLDP advertisements for all ports DGS 3420 28SC admin config...

Page 594: ...tised TLVs Option Port Description Disabled System Name Disabled System Description Disabled System Capabilities Disabled Enabled Management Address None Port VLAN ID Disabled Enabled Port_and_Protocol_VLAN_ID None Enabled VLAN Name None Enabled Protocol Identity None MAC PHY Configuration Status Disabled Link Aggregation Disabled Maximum Frame Size Disabled DGS 3420 28SC admin 51 9 config lldp_me...

Page 595: ...s can issue this command Example To configure a LLDP MED fast start repeat count of 5 DGS 3420 28SC admin config lldp_med fast_start repeat_count 5 Command config lldp_med fast_start repeat_count 5 Success DGS 3420 28SC admin 51 10 config lldp_med log state Description This command is used to configure the log state of LLDP MED events Format config lldp_med log state enable disable Parameters enab...

Page 596: ...sable the SNMP trap notification of topology change detected state enable Enable the SNMP trap notification of topology change detected disable Disable the SNMP trap notification of topology change detected The default notification state is disabled Restrictions Only Administrator and Operator level users can issue this command Example To enable topology change notification on ports 1 to 2 DGS 342...

Page 597: ...LLDP agent should transmit LLDP MED network policy TLV power_pse This TLV type indicates that LLDP agent should transmit LLDP MED extended Power via MDI TLV if local device is PSE device inventory Optional Specify that the LLDP agent should transmit LLDP MED inventory TLV state Enable or disable the transmitting of LLDP MED TLVs enable Enable the transmitting of LLDP MED TLVs disable Disable the t...

Page 598: ...lay LLDP MED configuration information for port 1 DGS 3420 28SC admin show lldp_med ports 1 Command show lldp_med ports 1 Port ID 1 Topology Change Notification Status Enabled LLDP MED Capabilities TLV Enabled LLDP MED Network Policy TLV Enabled LLDP MED Inventory TLV Enabled DGS 3420 28SC admin 51 14 show lldp_med Description This command is used to display the switch s general LLDP MED configura...

Page 599: ...Name D Link Model Name DGS 3420 28SC Gigabit Ethernet S Asset ID PoE Device Type PSE Device PoE PSE Power Source Primary LLDP MED Configuration Fast Start Repeat Count 4 LLDP MED Log State Disabled DGS 3420 28SC admin 51 15 show lldp_med local_ports Description This command is used to display the per port LLDP MED information currently available for populating outbound LLDP MED advertisements Form...

Page 600: ...twork Policy Support Location Identification Not Support Extended Power Via MDI PSE Not Support Extended Power Via MDI PD Not Support Inventory Support Network Policy None Extended Power Via MDI None DGS 3420 28SC admin 51 16 show lldp_med remote_ports Description This command is used to display LLDP MED information learned from neighbors Format show lldp_med remote_ ports portlist Parameters port...

Page 601: ...Device Class III LLDP MED Capabilities Support Capabilities Support Network Policy Support Location Identification Support Extended Power Via MDI Support Inventory Support LLDP MED Capabilities Enabled Capabilities Enabled Network Policy Enabled Location Identification Enabled Extended Power Via MDI Enabled Inventory Enabled Network Policy Application Type Voice VLAN ID Priority DSCP Unknown True ...

Page 602: ...le for populating outbound LLDP advertisements Format show lldp local ports portlist mode brief normal detailed Parameters portlist Optional Specify the ports to be displayed When a port list is not specified information for all ports will be displayed mode Optional Select the mode brief normal or detailed brief Specify to display the information in brief mode normal Specify to display the informa...

Page 603: ...0 28SC admin 51 18 show lldp mgt_addr Description This command is used to display the LLDP management address Format show lldp mgt_addr ipv4 ipaddr ipv6 ipv6addr Parameters ipv4 Optional Specify the IPv4 address of the LLDP managament address entry ipaddr Specify the IPv4 address of the LLDP managament address entry ipv6 Optional Specify the IPv6 address of the LLDP managament address entry ipv6ad...

Page 604: ...list is not specified information for all ports will be displayed mode Optional Select the mode brief normal or detailed brief Specify to display the information in brief mode normal Specify to display the information in normal mode This is the default display mode detailed Specify to display the information in detailed mode Restrictions None Example To display LLDP information for remote ports 1 ...

Page 605: ...ange Time 3648 Number of Table Insert 0 Number of Table Delete 0 Number of Table Drop 0 Number of Table Ageout 0 DGS 3420 28SC admin 51 21 show lldp statistics ports Description This command is used to display LLDP statistic information for individual ports Format show lldp statistics ports portlist Parameters portlist Optional Specify the ports to be displayed Note When a port list is not specifi...

Page 606: ... DGS 3420 28SC admin show lldp statistics ports 1 Command show lldp statistics ports 1 Port ID 1 LLDPStatsTXPortFramesTotal 0 LLDPStatsRXPortFramesDiscardTotal 0 LLDPStatsRXPortFramesErrors 0 LLDPStatsRXPortFramesTotal 0 LLDPStatsRXPortTLVsDiscardedTotal 0 LLDPStatsRXPortTLVsUnrecognizedTotal 0 LLDPStatsRXPortAgeoutsTotal 0 DGS 3420 28SC admin ...

Page 607: ...e port based vlan based 1 Parameters recover_timer The time interval in seconds used by the Auto Recovery mechanism to decide how long to check if the loop status is gone The default value is 60 0 Zero is a special value which means to disable the auto recovery mechanism hence the user needs to recover the disabled port back manually sec 60 1000000 Enter a value between 60 and 1000000 interval The...

Page 608: ...e enable disable Parameters portlist Specify a range of ports to be configured all To set all ports in the system use the all parameter state Specify the status enable Enable loop detect for the ports specified in the port list disable Disable loop detect for the ports specified in the port list The default is disabled Restrictions Only Administrator Operator and Power User level users can issue t...

Page 609: ...e LBD function will be enabled disable Specifies that the LBD function will be disabled Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the LBD function on VLANs 2 to 5 DGS 3420 28SC admin config loopdetect vlan 2 5 state enable Command config loopdetect vlan 2 5 state enable Success DGS 3420 28SC admin 52 4 enable loopdetect Description...

Page 610: ...the loop detection function to be globally disabled on the switch The default value is disabled Format disable loopdetect Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable loop detection DGS 3420 28SC admin disable loopdetect Command disable loopdetect Success DGS 3420 28SC admin 52 6 show loopdetect Description This comma...

Page 611: ...mand show loopdetect LBD Global Settings Status Disabled Mode Port based Interval 10 sec Recover Time 60 sec Trap State None Enabled VLANs 1 4094 Log State Enabled Function Version v4 05 DGS 3420 28SC admin 52 7 show loopdetect ports Description This command is used to display the switch s current per port loop detection configuration and status Format show loopdetect ports portlist Parameters por...

Page 612: ... Loop 8 Enabled Normal 9 Enabled Normal DGS 3420 28SC admin To display loop detection state of ports 1 to 9 under VLAN based mode DGS 3420 28SC admin show loopdetect ports 1 9 Command show loopdetect ports 1 9 Port Loopdetect State Loop VLAN 1 Enabled None 2 Enabled None 3 Enabled None 4 Enabled None 5 Enabled 2 6 Enabled None 7 Enabled 2 8 Enabled None 9 Enabled None DGS 3420 28SC admin 52 8 conf...

Page 613: ... User level users can issue this command Example To configure a trap DGS 3420 28SC admin config loopdetect trap both Command config loopdetect trap both Success DGS 3420 28SC admin a config loopdetect log state Description This command is used to configure the log state for LBD The default value is enabled Format config loopdetect log state enable disable Parameters state Specifies the LBD log fea...

Page 614: ...er 2 Managed Stackable Gigabit Switch CLI Reference Guide 609 Example To enable the log state for LBD DGS 3420 28SC admin config loopdetect log state enable Command config loopdetect log state enable Success DGS 3420 28SC admin ...

Page 615: ... used for this configuration here This name can be up to 12 characters long network_address Optional Enter the IPv4 network address of the loopback interface here It specifies a host address and length of network mask state Optional Specifies the state of the loopback interface enable Specifies that the loopback interface state will be enabled disable Specifies that the loopback interface state wi...

Page 616: ...nterface here It specifies a host address and length of network mask state Optional Specifies the state of the loopback interface enable Specifies that the loopback interface state will be enabled disable Specifies that the loopback interface state will be disabled Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the loopback interface...

Page 617: ... Loopback Interface loopback1 Interface Admin State Enabled IPv4 Address 10 0 0 1 8 MANUAL Total Entries 1 DGS 3420 28SC admin 53 4 delete loopback ipif Description This command is used to delete a loopback interface Format delete loopback ipif ipif_name 12 all Parameters ipif_name 12 Enter the IP interface name used for this configuration here This name can be up to 12 characters long all Specifi...

Page 618: ...tack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 613 DGS 3420 28SC admin delete loopback ipif loopback1 Command delete loopback ipif loopback1 Success DGS 3420 28SC admin ...

Page 619: ...54 1 enable mac_notification Description This command is used to enable the trap notification for new learned MAC addresses on the Switch Format enable mac_notification Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the MAC notification function DGS 3420 28SC admin enable mac_notification Command enable mac_notification ...

Page 620: ...iption This command is used to configure the switch s MAC address table notification global settings Format config mac_notification interval sec 1 2147483647 historysize int 1 500 1 Parameters interval Specify the time interval in seconds to trigger the notification sec 1 2147483647 Specify between 1 second and 2147483647 seconds historysize Specify the entries of new learned MAC to trigger the no...

Page 621: ...st Specifiy a range of ports to be configured all Specify to set all ports in the system enable Specify to enable the port s MAC address table notification disable Specify to disable the port s MAC address table notification Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable MAC address table notification for Port 7 DGS 3420 28SC admin conf...

Page 622: ...notification Global MAC Notification Settings State Enabled Interval 1 History Size 500 DGS 3420 28SC admin 54 6 show mac_notification ports Description This command is used to display the port s MAC address table notification status settings Format show mac_notification ports portlist Parameters portlist Optional Specify a range of ports to be configured Restrictions None Example To display the M...

Page 623: ...Port MAC Address Table Notification State 1 1 Disabled 1 2 Disabled 1 3 Disabled 1 4 Disabled 1 5 Disabled 1 6 Disabled 1 7 Disabled 1 8 Disabled 1 9 Disabled 1 10 Disabled 1 11 Disabled 1 12 Disabled 1 13 Disabled 1 14 Disabled 1 15 Disabled 1 16 Disabled 1 17 Disabled 1 18 Disabled 1 19 Disabled 1 20 Disabled CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh ...

Page 624: ...ccess_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 config mac_based_access_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 clear_vlan config mac_based_access_control max_users value 1 4000 no_limit config mac_based_access_control authorization attributes radius enable disable local enable disable 1 delete mac_based_access_control_local mac macaddr vlan vlan_nam...

Page 625: ...d_access_control Description This command is used to disable the MAC based access control function Format disable mac_based_access_control Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable MAC based access control DGS 3420 28SC admin disable mac_based_access_control Command disable mac_based_access_control Success DGS 3420...

Page 626: ...rver DGS 3420 28SC admin config mac_based_access_control password rosebud Command config mac_based_access_control password rosebud Success DGS 3420 28SC admin 55 4 config mac_based_access_control method Description This command is used to authenticate via a local database or a RADIUS server Format config mac_based_access_control method local radius Parameters local Specify to authenticate via loca...

Page 627: ...access control state is enable Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the MAC based access control guest VLAN membership for port 1 to 8 DGS 3420 28SC admin config mac_based_access_control guest_vlan ports 1 8 Command config mac_based_access_control guest_vlan ports 1 8 Success DGS 3420 28SC admin 55 6 config mac_based_access...

Page 628: ...ports to configure the MAC based access control settings all Specify to select all the ports state Specify whether the MAC based access control function is enabled or disabled enable Specify to enable the MAC based access control function disable Specify to disable the MAC based access control function aging_time Specify a time period during which an authenticated host will be kept in the authenti...

Page 629: ... ID of the guest VLAN The guest VLAN ID must be between 1 and 4094 Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a MAC based access control guest VLAN DGS 3420 28SC admin create mac_based_access_control guest_vlan default Command create mac_based_access_control guest_vlan default Success DGS 3420 28SC admin 55 8 delete mac_based_access...

Page 630: ...ption This command is used to clear the authentication state of a user or port The port or the user will return to un authenticated state All the timers associated with the port or the user will be reset Format clear mac_based_access_control auth_state ports all portlist mac_addr macaddr Parameters ports Specify the port range to clear the authentication state all Specify all ports portlist Specif...

Page 631: ... up to 32 characters long vlanid Optional If the MAC address is authorized the port will be assigned to this VLAN ID vlanid 1 4094 Specify a VLAN ID between 1 and 4094 Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a local database entry DGS 3420 28SC admin create mac_based_access_control_local mac 00 00 00 00 00 01 vlan default Command...

Page 632: ...xample To configure a local database entry DGS 3420 28SC admin config mac_based_access_control_local mac 00 00 00 00 00 01 vlan default Command config mac_based_access_control_local mac 00 00 00 00 00 01 vlan default Success DGS 3420 28SC admin 55 12 config mac_based_access_control max_users Description This command is used to configure the MAC based access control maximum number of authorized use...

Page 633: ... that will be accepted enable If specified to enable the authorized attributes for example VLAN 802 1p default priority and ACL assigned by the RADIUS server will be accepted if the global authorization status is enabled The default state is enabled disable If specified to disable the authorized attributes for example VLAN 802 1p default priority and ACL assigned by the RADIUS server will not be a...

Page 634: ...up to 32 characters long vlanid Delete database by this VLAN ID vlanid 1 4094 Specify a VLAN ID value must be between 1 and 4094 Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a MAC based access control local by MAC address DGS 3420 28SC admin delete mac_based_access_control_local mac 00 00 00 00 00 01 Command delete mac_based_access_co...

Page 635: ...ication MAC information DGS 3420 28SC admin show mac_based_access_control auth_state ports Command show mac_based_access_control auth_state ports P Port based Prio Priority Port MAC Address Original State VID Prio Aging Time RX VID Block Time 1 00 00 00 00 00 01 1 Authenticated 6 1439 1 00 00 12 00 03 00 1 Blocked 286 3 00 00 00 00 00 02 P 1 Authenticated 6 1440 Total Authenticating Hosts 0 Total ...

Page 636: ...MAC based Access Control State Disabled Method Local Password Type Manual String Password default Max User No Limit Guest VLAN Guest VLAN Member Ports RADIUS Authorization Enabled Local Authorization Enabled Trap State Enabled Log State Enabled DGS 3420 28SC admin To display MAC based access control information for ports 1 to 4 DGS 3420 28SC admin show mac_based_access_control ports 1 4 Command sh...

Page 637: ...onal Specify the VLAN vlan_name 32 Specify the VLAN name up to 32 characters long vlanid Optional Specify the VLAN ID vlanid 1 4094 Specify the VLAN ID value between 1 and 4094 Restrictions None Example To display MAC based access control local data DGS 3420 28SC admin show mac_based_access_control_local Command show mac_based_access_control_local MAC Address VID 00 00 00 00 00 01 1 Total Entries ...

Page 638: ... enable or disable the generating of MAC based Access Control logs Format config mac_based_access_control log state enable disable Parameters state Specifies the log state for MAC based Access Control enable Specifies that the log for MAC based Access Control will be enabled disable Specifies that the log for MAC based Access Control will be disabled Restrictions Only Administrator Operator and Po...

Page 639: ...To enable the trap state for MAC based Access Control DGS 3420 28SC admin config mac_based_access_control trap state enable Command config mac_based_access_control trap state enable Success DGS 3420 28SC admin 55 20 config mac_based_access_control password_type Description This command is used to configure the type of RADIUS authentication password for MAC based Access Control Format config mac_ba...

Page 640: ...ss as authentication password DGS 3420 28SC admin config mac_based_access_control password_type client_mac_address Command config mac_based_access_control password_type client_mac_address Success DGS 3420 28SC admin To configure the MAC based Access Control using manual_string as authentication password DGS 3420 28SC admin config mac_based_access_control password_type manual_string Command config ...

Page 641: ...lue 1 4 enable mirror disable mirror show mirror group_id value 1 4 56 1 create mirror group_id Description This command used to create a mirror group If the mirror group has existed do nothing and return success Format create mirror group_id value 1 4 Parameters value 1 4 Enter the mirror group ID used here This value must be between 1 and 4 Restrictions Only Administrator and Operator level user...

Page 642: ...or port portlist Specify a range of ports to be configured rx Optional Allow the mirroring of only packets received flowing into the port or ports in the port list tx Optional Allow the mirroring of only packets sent flowing out of the port or ports in the port list both Optional Mirror all the packets received or sent by the port or ports in the port list Restrictions Only Administrator and Opera...

Page 643: ...orts will be mirrored to the mirror group target port tx Optional Specifies that only the sent packets on the mirror group source ports will be mirrored to the mirror group target port both Optional Specifies that both the received and sent packets on the mirror group source ports will be mirrored to the mirror group target port state Optional Specifies the mirror group state to enable or disable ...

Page 644: ...and delete mirror group_id 3 Success DGS 3420 28SC admin 56 5 enable mirror Description This command combined with the disable mirror command below allows you to enable or disable mirror function without having to modify the mirror session configuration Note If the target port hasn t been set enable mirror will not take effect Format enable mirror Parameters None Restrictions Only Administrator an...

Page 645: ...ssion configuration Format disable mirror Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To disable mirroring configurations DGS 3420 28SC admin disable mirror Command disable mirror Success DGS 3420 28SC admin 56 7 show mirror Description This command is used to display the current port mirroring configuration on the switch Format show mirr...

Page 646: ...er the group ID used for this display here This value must be between 1 and 4 Restrictions None Example To display mirroring configuration DGS 3420 28SC admin show mirror Command show mirror Mirror Global State Disabled Group State Target Port Source Ports 1 Enabled 1 RX 2 3 TX 2 3 DGS 3420 28SC admin ...

Page 647: ...tlist source_ip ipv6addr unsolicited_report_interval sec 0 25 1 show mld_proxy group 57 1 enable mld_proxy Description This command is used to enable the MLD proxy on the switch Format enable mld_proxy Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the MLD proxy DGS 3420 28SC admin enable mld_proxy Command enable mld_pro...

Page 648: ... the downstream interfaces The downstream interface must be an MLD Snooping enabled VLAN Format config mld_proxy downstream_if add delete vlan vlan_name 32 vlanid vidlist Parameters add Specify to add a downstream interface delete Specify to delete a downstream interface vlan Specify the VLAN by name or ID vlan_name 32 Specify a name of VLAN which belong to the MLD proxy downstream interface The m...

Page 649: ...orts add delete portlist source_ip ipv6addr unsolicited_report_interval sec 0 25 1 Parameters vlan Specify the VLAN for the upstream interface vlan_name 32 Specify a VLAN name between 1 and 32 characters vlanid Specify the VLAN ID for the upstream interface vlanid 1 4094 Specify the VLAN ID between 1 and 4094 router_ports Specify a list of ports that are connected to multicast enabled routers add ...

Page 650: ...router_ports add 3 Success DGS 3420 28SC admin 57 5 show mld_proxy Description This command is used to display the MLD proxy s configuration or group information The display status item means group entry is determined by whether or not the chip has been inserted Format show mld_proxy group Parameters group Optional Specify the group information Note If the group is not specified the MLD proxy conf...

Page 651: ...ic Router Ports 5 6 Unsolicited Report Interval 10 Source IP Address Downstream Interface VLAN List 2 4 DGS 3420 28SC admin To display the MLD proxy s group information DGS 3420 28SC admin show mld_proxy group Command show mld_proxy group Source NULL Group FF1E 0202 Downstream VLAN 4 Member Ports 3 6 Status active Source 2011 600 Group FF1E 0202 Downstream VLAN 2 Member Ports 2 5 8 Status Inactive...

Page 652: ...lanid vlanid_list all query_interval sec 1 65535 max_response_time sec 1 25 robustness_variable value 1 7 last_listener_query_interval sec 1 25 state enable disable version value 1 2 1 config mld_snooping mrouter_ports vlan vlan_name 32 vlanid vlanid_list add delete portlist config mld_snooping mrouter_ports_forbidden vlan vlan_name 32 vlanid vlanid_list add delete portlist enable mld_snooping dis...

Page 653: ...ership is immediately removed when the system receive the MLD leave message enable Enable the MLD snooping fast leave function disable Disable the MLD snooping fast leave function proxy_reporting Specifies that the proxy reporting function will be configured state Specifies the state of the proxy reporting function enable Specifies that the proxy reporting function will be enabled disable Specifie...

Page 654: ...the limited rate will be dropped no_limit The default setting is no limit Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the MLD snooping packet rate limit on port 1 for 100 DGS 3420 28SC admin config mld_snooping rate_limit ports 1 100 Command config mld_snooping rate_limit ports 1 100 Success DGS 3420 28SC admin 58 3 show mld_snoop...

Page 655: ...ose static member ports the device needs to emulate the MLD protocol operation to the querier and forward the traffic destined to the multicast group to the member ports For a layer 3 device the device is also responsible to route the packet destined for this specific group to static member ports The Reserved IP multicast addresses FF0x 16 must be excluded from the configured group The VLAN must b...

Page 656: ...me once this port is removed from static member ports Format config mld_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipv6addr add delete portlist Parameters vlan Specify the name of the VLAN on which the static group resides vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Specify the ID of the VLAN on which the static group resides vlanid_list Specify th...

Page 657: ...y the VLAN name The maximum length is 32 characters vlanid Specify the ID of the VLAN on which the static group resides vlanid_list Specify the VLAN ID list ipv6addr Specify the multicast group IPv6 address Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete an MLD snooping static group from the default VLAN group FF1E 1 DGS 3420 28SC admin ...

Page 658: ...p Command show mld_snooping static_group VLAN ID Name IP Address Static Member Ports 1 Default FF1E 1 9 10 Total Entries 1 DGS 3420 28SC admin 58 8 show mld_snooping statistic counter Description This command is used to display the MLD snooping statistics counters for MLD protocol packets that are transmitted or received by the switch since MLD snooping was enabled Format show mld_snooping statist...

Page 659: ...Port 1 Group Number 0 Receive Statistics Query MLD v1 Query 0 MLD v2 Query 0 Total 0 Dropped By Rate Limitation 0 Dropped By Multicast VLAN 0 Report Done MLD v1 Report 0 MLD v2 Report 0 MLD v1 Done 0 Total 0 Dropped By Rate Limitation 0 Dropped By Max Group Limitation 0 Dropped By Group Filter 0 Dropped By Multicast VLAN 0 Transmit Statistics Query MLD v1 Query 0 MLD v2 Query 0 Total 0 Report Done...

Page 660: ... 58 10 config mld_snooping querier Description This command is used to configure the time in seconds between general query transmissions the maximum time to wait for reports from listeners and the permitted packet loss that guarantees MLD snooping Format config mld_snooping querier vlan_name vlan_name 32 vlanid vlanid_list all query_interval sec 1 65535 max_response_time sec 1 25 robustness_variab...

Page 661: ...ecific queries sent before the router assumes there are no local members of a group The default number is the value of the robustness variable value 1 7 Specify the value between 1 and 7 Increase the value if you expect a subnet to be lossy The robustness variable is set to 2 by default last_member_query_interval Specify the maximum amount of time between group specific query messages including th...

Page 662: ...Specify the ID of the VLAN on which the router port resides vlanid_list Specify a list of VLAN IDs add Specify to add router ports delete Specify to delete router ports portlist Specify a range of ports to be configured Restrictions Only Administrator Operator and Power User level users can issue this command Example To set up static router ports DGS 3420 28SC admin config mld_snooping mrouter_por...

Page 663: ... portlist Specify a range of ports to be configured Restrictions Only Administrator Operator and Power User level users can issue this command Example To set up ports as forbidden router port DGS 3420 28SC admin config mld_snooping mrouter_ports_forbidden vlan default add 1 10 Command config mld_snooping mrouter_ports_forbidden vlan default add 1 10 Success DGS 3420 28SC admin 58 13 enable mld_sno...

Page 664: ...sabling MLD snooping allows all MLD and IPv6 multicast traffic to flood within a given IPv6 interface Format disable mld_snooping Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable MLD snooping on the switch DGS 3420 28SC admin disable mld_snooping Command disable mld_snooping Success DGS 3420 28SC admin 58 15 show mld_snoo...

Page 665: ...snooping configurations Restrictions None Example To display MLD snooping DGS 3420 28SC admin show mld_snooping Command show mld_snooping MLD Snooping Global State Disabled Data Driven Learning Max Entries 120 VLAN Name default Query Interval 125 Max Response Time 10 Robustness Value 2 Last Listener Query Interval 1 Querier State Disabled Querier Role Non Querier Querier IP Querier Expiry Time 0 s...

Page 666: ...not specified the system will display all current MLD snooping group information vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Optional Specify the ID of the VLAN for which to view MLD snooping group information vlanid_list Specify the VLAN ID list ports Optional Specify the list of port for which to view MLD snooping group information portlist Specify a range of po...

Page 667: ...er_ports Description This command is used to display the router ports on the switch Format show mld_snooping mrouter_ports vlan vlan_name 32 vlanid vlanid_list all static dynamic forbidden Parameters vlan Specify the name of the VLAN on which the router port resides vlan_name 32 Specify the name of the VLAN on which the router port resides The maximum length is 32 characters vlanid Specify the ID ...

Page 668: ...This command is used to display the switch s current MLD snooping forwarding table It provides an easy way for users to check the list of ports that the multicast group comes from specific sources will be forwarded to The packet comes from the source VLAN They will be forwarded to the forwarding ports Format show mld_snooping forwarding vlan vlan_name 32 vlanid vlanid_list Parameters vlan Optional...

Page 669: ... Multicast Group FF1E 2 Port Member 5 Total Entries 2 DGS 3420 28SC admin 58 19 clear mld_snooping data_driven_group Description This command is used to clear the MLD snooping group learned by data driven Format clear mld_snooping data_driven_group all vlan_name vlan_name 32 vlanid vlanid_list ipv6addr all Parameters all Specifies to clear all the entries learned by the data driven feature vlan_na...

Page 670: ...ot to be age out or to be aged out by the aged timer When the data driven learning is enabled and data driven table is not full the multicast filtering mode for all ports are ignored That is the multicast packets will be forwarded to router ports If data driven learning table is full the multicast packets will be forwarded according to multicast filtering mode Note that if a data driven group is c...

Page 671: ...admin config mld_snooping data_driven_learning vlan_name default state enable Command config mld_snooping data_driven_learning vlan_name default state enable Success DGS 3420 28SC admin 58 21 config mld_snooping data_driven_learning max_learned_entry Description This command is used to configure the maximum number of groups that can be learned by data driven When the table is full the system will ...

Page 672: ...naged Stackable Gigabit Switch CLI Reference Guide 667 DGS 3420 28SC admin config mld_snooping data_driven_learning max_learned_entry 50 Command config mld_snooping data_driven_learning max_learned_entry 50 Success DGS 3420 28SC admin ...

Page 673: ...d_snooping multicast_vlan_group vlan_name 32 delete mld_snooping multicast_vlan vlan_name 32 enable mld_snooping multicast_vlan disable mld_snooping multicast_vlan show mld_snooping multicast_vlan vlan_name 32 config mld_snooping multicast_vlan forward_unmatched disable enable config mld_snooping multicast_vlan auto_assign_vlan enable disable 59 1 create mld_snooping multicast_vlan Description Thi...

Page 674: ...nd create mld_snooping multicast_vlan mv1 2 Success DGS 3420 28SC admin 59 2 config mld_snooping multicast_vlan Description This command is used to configure MLD snooping multicast VLAN parameters The member port list and source port list cannot overlap However the member port of one multicast VLAN can overlap with another multicast VLAN The multicast VLAN must be created first using the create ml...

Page 675: ... of the packet the source IP address in the join packet needs to be replaced by this IP address If none is specified the source IP address will use ip address ipv6addr Enter the IP address here none Specifies that the replace source IPv6 address will not be replaced remap_priority Specify the remap priority here value 0 7 The remap priority value 0 to 7 to be associated with the data traffic to be...

Page 676: ...ld_snooping multicast_vlan_group_profile Description This command is used to configure an MLD snooping multicast group profile on the switch Format config mld_snooping multicast_vlan_group_profile profile_name 1 32 add delete mcastv6_address_list Parameters profile_name 1 32 Specify the multicast VLAN profile name The maximum length is 32 characters add Specify to add a multicast address list to t...

Page 677: ... multicast group profile on the switch Specify a profile name to delete it Format delete mld_snooping multicast_vlan_group_profile profile_name profile_name 1 32 all Parameters profile_name Specify the multicast VLAN group profile name The maximum length is 32 characters profile_name 1 32 Specify the multicast VLAN group profile name The profile name can be up to 32 characters long all Specify to ...

Page 678: ...mld_snooping multicast_vlan_group Description This command is used to configure the multicast group which will be learned with the specific multicast VLAN There are two cases that need to be considered For the first case suppose that a multicast group is not configured and multicast VLANs do not have overlapped member ports That means the join packets received by the member port will only be learn...

Page 679: ... multicast VLAN profile name The profile name can be up to 32 characters long Restrictions Only Administrator Operator and Power User level users can issue this command Example To add an MLD snooping profile to a multicast VLAN group with the name v1 DGS 3420 28SC admin config mld_snooping multicast_vlan_group v1 add profile_name channel_1 Command config mld_snooping multicast_vlan_group v1 add pr...

Page 680: ...20 28SC admin 59 9 delete mld_snooping multicast_vlan Description This command is used to delete an MLD snooping multicast VLAN Format delete mld_snooping multicast_vlan vlan_name 32 Parameters vlan_name 32 Specify the name of the multicast VLAN to be deleted Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete an MLD snooping multicast VLAN ...

Page 681: ...perator and Power User level users can issue this command Example To enable MLD snooping multicast VLAN DGS 3420 28SC admin enable mld_snooping multicast_vlan Command enable mld_snooping multicast_vlan Success DGS 3420 28SC admin 59 11 disable mld_snooping multicast_vlan Description This command is used to disable the MLD snooping multicast VLAN function By default the multicast VLAN is disabled F...

Page 682: ...isable mld_snooping multicast_vlan Success DGS 3420 28SC admin 59 12 show mld_snooping multicast_vlan Description This command allows information for a specific multicast VLAN to be displayed Format show mld_snooping multicast_vlan vlan_name 32 Parameters vlan_name 32 Optional Specify the name of the multicast VLAN to be displayed Restrictions None Example To display all MLD snooping multicast VLA...

Page 683: ...tion This command is used to configure the forwarding mode for MLD snooping multicast VLAN unmatched packets When the switch receives an MLD snooping packet it will match the packet against the multicast profile to determine which multicast VLAN to associate with If the packet does not match all profiles the packet will be forwarded in the natural VLAN of the packet or dropped based on this settin...

Page 684: ...is a match the result is in profile and the matching multicast VLAN will be set as the packet VLAN If this function is disabled the Switch will do VID checking first If the group does not match the current profile binding to the multicast VLAN the Switch will drop this packet Format config mld_snooping multicast_vlan auto_assign_vlan enable disable Parameters enable Specifies to enable the auto as...

Page 685: ...age banner to its original factory default entry Restrictions When users issue the reset command the modified banner will remain in tact Yet issuing the reset system will return the banner to its original default value The maximum character capacity for the banner is 24 lines with 80 characters per line In the following example Ctrl W will save the modified banner only to the DRAM Users must enter...

Page 686: ...e left right Ctrl W Save and quit up down Move cursor Ctrl D Delete line Ctrl X Erase all setting Ctrl L Reload original setting 60 2 show greeting_message Description This command is used to display the currently configured greeting message on the switch Format show greeting_message Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To display ...

Page 687: ...t Description This command is used to modify the command prompt The current command prompt consists of four parts product name user level e g DGS 3420 28SC admin This command is used to modify the first part 1 product name with a string consisting of a maximum of 16 characters or to be replaced with the users login user name Format config command_prompt string 16 username default Parameters string...

Page 688: ...ctions When users issue the reset command the current command prompt will remain in tact Issuing the reset system will return the command prompt to its original factory default value Only Administrator and Operator level users can issue this command Example To edit the command prompt DGS 3420 28SC admin config command_prompt HQ0001 Command config command_prompt HQ0001 Success HQ0001 admin ...

Page 689: ...on where multiple servers can share the same IP address and MAC address The requests from clients will be forwarded to all servers but will only be processed by one of them In multicast mode the client use the multicast MAC address as the destination MAC to reach the server Regarding of the mode this destination MAC is the named the shared MAC The server uses its own MAC address rather than the sh...

Page 690: ...rameters vlan_name 32 Enter the VLAN name of the NLB multicast FDB entry here This name can be up to 32 characters long vlanid Specifies the VLAN ID used vlanid 1 4094 Enter the VLAN ID used here macaddr Specifies the MAC address of the NLB multicast FDB entry to be deleted Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete NLB multicast FD...

Page 691: ...igured add Specifies a list of forwarding ports to be added delete Specifies a list of forwarding ports to be deleted portlist Specifies a list of forwarding ports to be added or deleted Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure NLB multicast MAC forwarding database DGS 3420 28SC admin config nlb multicast_fdb default 03 bf 01 0...

Page 692: ...20 28SC admin 61 5 create nlb unicast_fdb Description This command is used to create the NLB unicast FDB entry Format create nlb unicast_fdb macaddr Parameters macaddr Specify the MAC address of the NLB unicast FDB entry to be created Restrictions Only Administrator Operator and Power User level users can issue this command Example To create an NLB unicast MAC forwarding entry for the product that...

Page 693: ...pecify a list of forwarding ports to be added or removed Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure NLB unicast FDB entry for the product that support the VLAN information on the unicast forwarding DGS 3420 28SC admin config nlb unicast_fdb 02 BF 01 01 01 01 add 1 1 1 5 Command config nlb unicast_fdb 02 BF 01 01 01 01 add 1 1 1 5...

Page 694: ...or Operator and Power User level users can issue this command Example To delete the NLB unicast FDB entry for the product that support the VLAN information on the unicast forwarding DGS 3420 28SC admin delete nlb unicast_fdb 02 bf 01 01 01 01 Command delete nlb unicast_fdb 02 BF 01 01 01 01 Success DGS 3420 28SC admin ...

Page 695: ...mp system_contact sw_contact enable snmp traps disable snmp traps enable snmp authenticate_traps disable snmp authenticate_traps enable snmp linkchange_traps disable snmp linkchange_traps show snmp traps linkchange_traps ports portlist config snmp linkchange_traps ports all portlist enable disable config snmp coldstart_traps enable disable config snmp warmstart_traps enable disable config trap sou...

Page 696: ... snmp Description This command is used to disable the SNMP function When SNMP function is disabled the network manager will not be able to access SNMP MIB objects The device will not send traps or notification to network manager either Format disable snmp Parameters None By default SNMP is disabled Restrictions Only Administrator and Operator level users can issue this command Example To disable S...

Page 697: ...DGS 3420 28SC admin 62 4 create trusted_host Description This command is used to create the trusted host The switch allows you to specify up to 30 IP addresses or IP ranges that are allowed to manage the switch via in band SNMP or Telnet based management software These IP addresses must be members of the Management VLAN If no IP addresses are specified then there is nothing to prevent any IP addre...

Page 698: ...Optional Specify the trusted host for Telnet ssh Optional Specify the trusted host for SSH http Optional Specify the trusted host for HTTP https Optional Specify the trusted host for HTTPs ping Optional Specify the trusted host for Ping Note If no management method is specified the IP range can access the Switch through any method Restrictions Only Administrator and Operator level users can issue ...

Page 699: ...et Optional Specify the trusted host for Telnet ssh Optional Specify the trusted host for SSH http Optional Specify the trusted host for HTTP https Optional Specify the trusted host for HTTPs ping Optional Specify the trusted host for Ping all Specify the trusted host for all applications Restrictions Only Administrator and Operator level users can issue this command Example To configure the trust...

Page 700: ...ted network ipv6networkaddr Specify the IPv6 network address of the trusted network all Specify that all trusted hosts will be deleted Restrictions Only Administrator and Operator level users can issue this command Example To delete a trusted host DGS 3420 28SC admin delete trusted_host ipaddr 10 48 74 121 Command delete trusted_host ipaddr 10 48 74 121 Success DGS 3420 28SC admin 62 7 show truste...

Page 701: ...n SNMP system name for the switch A maximum of 255 characters is allowed Restrictions Only Administrator and Operator level users can issue this command Example To configure the switch SNMP name for DGS 3420 28SC Gigabit Ethernet Switch DGS 3420 28SC admin config snmp system_name DGS 3420 28SC Gigabit Ethernet Switch Command config snmp system_name DGS 3420 28SC Gigabit Ethernet Switch Success DGS...

Page 702: ...nmp system_location HQ 5F Command config snmp system_location HQ 5F Success DGS 3420 28SC admin 62 10 config snmp system_contact Description This command is used to enter the name and or other information to identify an SNMP system contact person who is responsible for the switch A maximum of 255 characters can be used Format config snmp system_contact sw_contact Parameters sw_contact Specify an S...

Page 703: ...raps Description This command is used to enable SNMP trap support on the switch Format enable snmp traps Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable SNMP trap support DGS 3420 28SC admin enable snmp traps Command enable snmp traps Success DGS 3420 28SC admin 62 12 disable snmp traps Description This command is used to disable SN...

Page 704: ...aps Command disable snmp traps Success DGS 3420 28SC admin 62 13 enable snmp authenticate_traps Description This command is used to enable SNMP authentication failure trap support Format enable snmp authenticate_traps Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable SNMP authentication trap support DGS 3420 28SC admin enable snmp aut...

Page 705: ...s Only Administrator and Operator level users can issue this command Example To disable SNMP authentication trap support DGS 3420 28SC admin disable snmp authenticate_traps Command disable snmp authenticate_traps Success DGS 3420 28SC admin 62 15 enable snmp linkchange_traps Description This command is used to enable SNMP linkchange trap support Format enable snmp linkchange_traps Parameters None ...

Page 706: ...is used to disable SNMP linkchange trap support Format disable snmp linkchange_traps Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To disable SNMP linkchange trap support DGS 3420 28SC admin disable snmp linkchange_traps Command disable snmp linkchange_traps Success DGS 3420 28SC admin 62 17 config snmp linkchange_traps ports Description Th...

Page 707: ...tor and Operator level users can issue this command Example To enable SNMP linkchange traps for ports 1 to 4 DGS 3420 28SC admin config snmp linkchange_traps ports 1 4 enable Command config snmp linkchange_traps ports 1 4 enable Success DGS 3420 28SC admin 62 18 show snmp traps Description This command is used to display the SNMP trap state Format show snmp traps linkchange_traps ports portlist Pa...

Page 708: ...mp traps linkchange_traps Command show snmp traps linkchange_traps Linkchange Traps Enabled Port 1 Enabled Port 2 Enabled Port 3 Enabled Port 4 Enabled Port 5 Enabled Port 6 Enabled Port 7 Enabled Port 8 Enabled Port 9 Enabled Port 10 Enabled Port 11 Enabled Port 12 Enabled Port 13 Enabled Port 14 Enabled Port 15 Enabled Port 16 Enabled Port 17 Enabled Port 18 Enabled Port 19 Enabled Port 20 Enabl...

Page 709: ...g snmp coldstart_traps enable Command config snmp coldstart_traps enable Success DGS 3420 28SC admin 62 20 config snmp warmstart_traps Description This command is used to configure the trap state for warmstart events Format config snmp warmstart_traps enable disable Parameters enable Enable traps for warmstart events The default state is enabled disable Disable traps for warmstart events Restricti...

Page 710: ... specified the IPv4 address and the smallest IPv6 address of ipif_name will be used as source IP addresses ipaddr Optional Specify the IPv4 address ipv6addr Optional Specify the IPv6 address none Specify to clear the configured source IP interface Restrictions Only Administrator and Operator level users can issue this command Example To configure the trap source IP interface DGS 3420 28SC admin co...

Page 711: ...urce_ipif Command show trap source_ipif Trap Source IP Interface Configuration IP Interface ipif4 IPv4 Address None IPv6 Address 3000 52 DGS 3420 28SC admin 62 23 config rmon trap Description This command is used to configure the trap state for RMON events Format config rmon trap rising_alarm enable disable falling_alarm enable disable Parameters rising_alarm Optional Specify the trap state for ri...

Page 712: ...ator level users can issue this command Example To disable the trap state for RMON DGS 3420 28SC admin config rmon trap rising_alarm disable Command config rmon trap rising_alarm disable Success DGS 3420 28SC admin 62 24 show rmon Description This command is used to display RMON related settings Format show rmon Parameters None Restrictions None Example To display current RMON settings DGS 3420 28...

Page 713: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 708 ...

Page 714: ...alert critical error warning notice informational debug level 0 7 facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr ipv6addr state enable disable 1 create syslog host index 1 4 ipaddress ipaddr ipv6addr severity emergency alert critical error warning notice informational debug level 0 7 facility local0 local1 local2 local3 local4 local5 loca...

Page 715: ...5 127 0 0 128 255 0 0 256 511 0 0 512 1023 0 0 1024 1518 0 0 1519 1522 0 0 1519 2047 0 0 2048 4095 0 0 4096 9216 0 0 Unicast RX 0 0 Multicast RX 0 0 Broadcast RX 0 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh Port number 7 Frame Type Total Total sec RX Bytes 0 0 RX Frames 0 0 TX Bytes 0 0 TX Frames 0 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 63 2 show error...

Page 716: ...3 RX Frames TX Frames CRC Error 0 Excessive Deferral 0 Undersize 0 CRC Error 0 Oversize 0 Late Collision 0 Fragment 0 Excessive Collision 0 Jabber 0 Single Collision 0 Symbol Error 0 Collision 0 Buffer Full Drop 0 ACL Drop 0 Multicast Drop 0 VLAN Ingress Drop 0 Invalid IPv6 0 STP Drop 0 Storm and FDB Discard 0 MTU Drop 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 63 3 show utili...

Page 717: ...n ports Port TX sec RX sec Util Port TX sec RX sec Util 1 0 0 0 21 0 0 0 2 0 0 0 22 0 0 0 3 0 0 0 23 0 0 0 4 0 0 0 24 0 0 0 5 0 0 0 25 0 0 0 6 0 0 0 26 0 0 0 7 0 0 0 27 0 0 0 8 0 0 0 28 0 0 0 9 0 0 0 10 0 0 0 11 0 0 0 12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0 16 0 0 0 17 0 0 0 18 0 0 0 19 0 0 0 20 0 0 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh To display CPU utilization DGS 3420 28S...

Page 718: ...h unit on the stacking system If it is not specified it refers to the master unit unit_id Enter the unit ID used here Restrictions None Example To display DRAM utilization DGS 3420 28SC admin show utilization dram Command show utilization dram DRAM utilization Total DRAM 262144 KB Used DRAM 119586 KB Utilization 45 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 63 5 show utilization...

Page 719: ...ation Total FLASH 30608 KB Used FLASH 4786 KB Utilization 15 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 63 6 clear counters Description This command is used to clear the switch s statistics counters Format clear counters ports portlist Parameters ports Specify a range of ports to be configured The beginning and end of the port list range are separated by a dash portlist Specify ...

Page 720: ...ts 7 9 Success DGS 3420 28SC admin 63 7 clear log Description This command is used to clear the switch s history log Format clear log Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To clear the switch s history log DGS 3420 28SC admin clear log Command clear log Success DGS 3420 28SC admin 63 8 show log Description This command is used to di...

Page 721: ... Specify severity level 1 critical Optional Specify severity level 2 error Optional Specify severity level 3 warning Optional Specify severity level 4 notice Optional Specify severity level 5 informational Optional Specify severity level 6 debug Optional Specify severity level 7 level_list 0 7 Optional Specify a list of severity levels to be displayed If more than one severty level separate them b...

Page 722: ...mat show log_save_log_timing Parameters None Restrictions None Example To display the method to save log DGS 3420 28SC admin show log_save_timing Command show log_save_timing Saving Log Method On_demand DGS 3420 28SC admin 63 10 show log_software_module Description This command is used to display the protocols or applications that support the enhanced log Format show log_software_module Parameters...

Page 723: ...og_save_timing time_interval min 1 65535 on_demand log_trigger Parameters time_interval Specify to save log to Flash every xxx minutes If no log occurs in this period nothing will be saved min 1 65535 Specify the time between 1 and 65535 minutes on_demand Specify to save log to Flash whenever the user types save log or save all This is the default log_trigger Specify to save log to Flash whenever ...

Page 724: ...ameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable syslog to send a message DGS 3420 28SC admin enable syslog Command enable syslog Success DGS 3420 28SC admin 63 13 disable syslog Description This command is used to disable syslog from sending a message Format disable syslog Parameters None Restrictions Only Administrator and Operator le...

Page 725: ...8SC admin 63 14 show syslog Description This command is used to display the syslog protocol global state Format show syslog Parameters None Restrictions None Example To display the syslog protocol global state DGS 3420 28SC admin show syslog Command show syslog Syslog Global State Enabled DGS 3420 28SC admin 63 15 config syslog host Description This command is used to configure the syslog host con...

Page 726: ...aemons that have not been explicitly assigned a facility may use any of the local use facilities or they may use the user level facility Those facilities that have been designated are shown in the following local0 User defined facility local1 User defined facility local2 User defined facility local3 User defined facility local4 User defined facility local5 User defined facility local6 User defined...

Page 727: ...es alert Specify alert messages critical Specify critical messages error Specify error messages warning Specify warning messages notice Specify notice messages informational Specify informational messages debug Specify debug messages level 0 7 Specify a level between 0 and 7 facility Some of the operating system daemons and processes have been assigned facility values Processes and daemons that ha...

Page 728: ... create syslog host 1 ipaddress 10 1 1 1 Command create syslog host 1 ipaddress 10 1 1 1 Success DGS 3420 28SC admin 63 17 delete syslog host Description This command is used to delete syslog host s Format delete syslog host index 1 4 all Parameters inex 1 4 Specify the host index all Specify all hosts Restrictions Only Administrator and Operator level users can issue this command Example To delet...

Page 729: ... index Note If no parameter is specified all hosts will be displayed Restrictions None Example To display syslog host configurations DGS 3420 28SC admin show syslog host Command show syslog host Syslog Global State Disabled Host 1 IP Address 10 1 1 2 Severity Warning Facility Local10 UDP port 514 Status Disabled Host 2 IP Address 3000 501 100 ffff 101 202 303 1 Severity Emergency Facility Local10 ...

Page 730: ...d as source IP addresses ipaddr Optional Specify the IP4 address ipv6addr Optional Specify the IPv6 global address none Specify to clear the configured source IP interface Restrictions Only Administrator and Operator level users can issue this command Example To configure the syslog source IP interface DGS 3420 28SC admin config syslog source_ipif Sysetm Command config syslog source_ipif System Su...

Page 731: ...System IPv4 Address None IPv6 Address None DGS 3420 28SC admin 63 21 show attack_log Description This command is used to display the switch s attack log Format show attack_log index value_list Parameters index Optional Specify the list of index of the entries that need to be displayed value_list Specify the list of index of the entries that need to be displayed For example show attack_log index 1 ...

Page 732: ... 28 2 2009 12 26 14 15 45 WARN 4 Port security violation mac addrss 00 18 F3 10 94 89 on locking address full port 28 1 2009 12 26 14 15 45 WARN 4 Port security violation mac addrss 00 18 F3 10 94 89 on locking address full port 28 DGS 3420 28SC admin 63 22 clear attack_log Description This command is used to clear the switch s attack log Format clear attack_log Parameters None Restrictions Only A...

Page 733: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 728 DGS 3420 28SC admin ...

Page 734: ...If a port is active it initiates the discovery Otherwise it reacts to the discovery received from peer Disabling a port s OAM will cause the port to send out a dying gasp event to peers and then disconnect the established OAM link The link monitoring parameter is used to configure port Ethernet OAM link monitoring error symbols The link monitoring function provides a mechanism to detect and indica...

Page 735: ...of symbol errors in the period that is required to be equal to or greater than in order for the event to be generated The default value of threshold is 1 symbol error range 0 4294967295 Specify the range from 0 to 4294967295 window The range is 1000 to 60000 ms The default value is 1000ms millisecond 1000 60000 The range is 1000 to 60000 ms notify_state Specify the event notification status The de...

Page 736: ...the peer to change to the normal operation mode received_remote_loopback Specify receive remote loop back process Specify to process the received Ethernet OAM remote loopback command ignore Specify to ignore the received Ethernet OAM remote loopback command The default method is set to ignore Restrictions Only Administrator Operator and Power User level users can issue this command Example To conf...

Page 737: ... config ethernet_oam ports 1 link_monitor error_frame_seconds threshold 2 window 10000 notify_state enable Success DGS 3420 28SC admin To configure the error frame period threshold to10 and period to 1000000 ms for port 1 DGS 3420 28SC admin config ethernet_oam ports 1 link_monitor error_frame_period threshold 10 window 1000000 notify_state enable Command config ethernet_oam ports 1 link_monitor e...

Page 738: ...eer device is OAM capable ActiveSendLocal The port is active and is sending local information SendLocalAndRemote The local port has discovered the peer but has not yet accepted or rejected the configuration of the peer SendLocalAndRemoteOk The local device agrees the OAM peer entity PeeringLocallyRejected The local OAM entity rejects the remote peer OAM entity PeeringRemotelyRejected The remote OA...

Page 739: ...E 802 3 Clause 30 MIB The event log displays Ethernet OAM event log information The switch can buffer 1000 event logs The event log is different from sys log as it provides more detailed information than sys log Each OAM event will be recorded in both OAM event log and syslog Format show ethernet_oam ports portlist status configuration statistics event_log index value_list Parameters portlist Opti...

Page 740: ...upported OAMPDU RX 0 Frames Lost Due To OAM 0 DGS 3420 28SC admin 64 3 clear ethernet_oam ports Description This command is used to clear Ethernet OAM information Format clear ethernet_oam ports portlist all event_log statistics Parameters portlist Specify a range of Ethernet OAM ports to be cleared all Specify to clear all Ethernet OAM ports event_log Specify to clear Ethernet OAM event log infor...

Page 741: ...s Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 736 To clear port 1 OAM events DGS 3420 28SC admin clear ethernet_oam ports 1 event_log Command clear ethernet_oam ports 1 event_log Success DGS 3420 28SC admin ...

Page 742: ...and software mechanisms to provide shutdown recovery and trap notification functions Format config traffic control portlist all broadcast enable disable multicast enable disable unicast enable disable action drop shutdown threshold value 0 255000 broadcast_threshold value 0 255000 multicast_threshold value 0 255000 unicast_threshold value 0 255000 countdown min 0 min 3 30 disable time_interval sec...

Page 743: ...d value used here This value must be between 0 and 255000 unicast_threshold Specifies the upper threshold at which point the specified storm control is triggered The value is the number of unicast packets per second received by the switch that will trigger the storm traffic control measure The threshold is expressed as PPS packets per second and must be an unsigned integer value 0 255000 Enter the...

Page 744: ...ill specifies the time to be 0 otherwise known as no recovery mode min 1 65535 Enter the automatic recovery time used here This value must be between 1 and 65535 minutes Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the auto recover time to 5 minutes DGS 3420 28SC admin config traffic control auto_recover_time 5 Command config traff...

Page 745: ... Description This command is used to configure whether storm control notification will be generated or not while traffic storm events are detected by a SW traffic storm control mechanism Note A traffic control trap is active only when the control action is configured as shutdown If the control action is drop there will no traps issue while storm event is detected Format config traffic trap none st...

Page 746: ...l Specify a range of ports to be shown Note If no parameter is specified the system will display all port packet storm control configurations Restrictions None Example To display the packet storm control setting for ports 1 to 3 DGS 3420 28SC admin show traffic control 1 3 Command show traffic control 1 3 Traffic Control Trap None Traffic Control Log Enabled Traffic Control Auto Recover Time 0 Min...

Page 747: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 742 3 640 Enabled Disabled Disabled shutdown 0 10 DGS 3420 28SC admin ...

Page 748: ...d to enable the password recovery mode Note The configuration does not take effect until saved Format enable password_recovery Parameters None Restrictions Only Administrator level users can issue this command Example To enable the password recovery mode DGS 3420 28SC admin enable password_recovery Command enable password_recovery Success DGS 3420 28SC admin 66 2 disable password_recovery Descript...

Page 749: ...nning configuration and the NV RAM configuration When the password recovery state is enabled a user can reboot the switch and enter into the Password Recovery mode Otherwise if the Password Recovery state is disabled a user will not be able to enter into the special recovery mode Note Only the NV RAM configuration will take effect when the switch restarts next time the running configuration does n...

Page 750: ...45 Parameters None Restrictions Only Administrator level users can issue this command Example To display the password recovery state DGS 3420 28SC admin show password_recovery Command show password_recovery Running Configuration Disabled NV RAM Configuration Enabled DGS 3420 28SC admin ...

Page 751: ...eate policy_route name Description This command is used to create a policy route and define the route s name Format create policy_route name policyroute_name 32 Parameters policyroute_name 32 The policy route name The maximum length is 32 characters Restrictions Only Administrator Operator and Power User level users can issue this command Example To create a policy route named danilo DGS 3420 28SC...

Page 752: ...oute_name 32 acl profile_id value 1 6 access_id value 1 256 nexthop ipaddr state enable disable route_preference default pbr Parameters policyroute_name 32 The policy route name The maximum length is 32 characters acl profile_id The ACL profile ID value 1 6 Specifies the value between 1 and 6 access_id The ACL access ID value 1 256 Specifies the value between 1 and 256 nexthop The next hop IP addr...

Page 753: ...onfig policy_route name 1 acl profile_id 1 access_id 1 nexthop 20 1 1 100 state enable route_preference pbr Command config policy_route name 1 acl profile_id 1 access_id 1 nexthop 20 1 1 100 state enable route_preference pbr Success DGS 3420 28SC admin 67 4 show policy_route Description This command is used to display the Switch s current policy route rules Format show policy_route Parameters None...

Page 754: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 749 ID ference policy1 1 1 10 90 90 254 Enabled PBR Total Entries 1 DGS 3420 28SC admin ...

Page 755: ...entries the default entry type and set the maximum port security entries that can be learned with a specific VLAN on a specific port There are four levels of limitations on the learned entry number for the entire system for a port for a VLAN and for specific VLAN on a port If any limitation is exceeded the new entry will be discarded Format config port_security ports portlist all admin_state enabl...

Page 756: ...ss entries that can be learned on this port If the value is set to 0 it means that no user can get authorized by the port security function on this port If the setting is smaller than the number of current learned entries on the port the command will be rejected The default value is 32 max_lock_no 0 3328 Specify the value between 0 and 3328 no_limit Specify no limitation on the number of entries R...

Page 757: ...estrictions Only Administrator Operator and Power User level users can issue this command Example To configure the maximum number of port security entries to 256 DGS 3420 28SC admin config port_security system max_learning_addr 256 Command config port_security system max_learning_addr 256 Success DGS 3420 28SC admin 68 3 config port_security vlan Description This command sets the maximum number of...

Page 758: ...0 28SC admin config port_security vlan vlanid 1 max_learning_addr 64 Command config port_security vlan vlanid 1 max_learning_addr 64 Success DGS 3420 28SC admin 68 4 delete port_security_entry Description This command is used to delete a port security entry by VLAN VLAN ID and MAC address Format delete port_security_entry vlan vlan_name 32 vlanid vlanid 1 4094 mac_address macaddr Parameters vlan S...

Page 759: ...ntries learned on the specified port will be cleared portlist Specify a range of ports to be configured all All the port security entries learned by the system will be cleared vlan Optional The port security entries learned on the specified VLANs will be cleared vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Optional Specify a list of VLANs by VLAN ID vidlist Specify...

Page 760: ...ist of the VLAN IDs Restrictions None Example To display a port security entry DGS 3420 28SC admin show port_security_entry Command show port_security_entry MAC Address VID Port Lock Mode 00 00 00 00 00 01 1 25 DeleteOnTimeout Total Entry Number 1 DGS 3420 28SC admin 68 7 show port_security Description This command is used to display the port security related information of the switch ports includ...

Page 761: ...ommand show port_security Port Security Trap State Disabled Port Security Log State Disabled System Maximum Address 512 VLAN Configuration Only VLANs with limitation are displayed VID VLAN Name Max Learning Addr 1 default 64 2 TstVLAN 8 DGS 3420 28SC admin To display the port security information of switch ports 1 to 6 DGS 3420 28SC admin show port_security ports 1 6 Command show port_security por...

Page 762: ...Operator and Power User level users can issue this command Example To enable the port security log DGS 3420 28SC admin config port_security log state enable Command config port_security log state enable Success DGS 3420 28SC admin 68 9 config port_security trap state Description This command is used to enable or disable the sending of port security traps When the port security trap is enabled and ...

Page 763: ...e 758 Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the sending of port security traps DGS 3420 28SC admin config port_security trap state enable Command config port_security trap state enable Success DGS 3420 28SC admin ...

Page 764: ...e used for this configuration portlist Enter the list of ports used for this configuration here state Optional Specifies whether power will be supplied to the powered device connected to this port or not enable Specifies that PoE will be enabled of the specifies port s disable Specifies that PoE will be disabled of the specifies port s time_range Optional Specifies the time range that applies to t...

Page 765: ...class_2 Specifies that the power limit will be set to 7000mW class_3 Specifies that the power limit will be set to 15400mW user_define Specifies the user defined power limit value here value 1000 35000 Enter the user defined port limit value used here This value must be between 1000 and 35000mW Other than the four pre defined settings the users can directly specify any value that the chip supports...

Page 766: ...r provision will not utilize the system s maximum power There is a 19W safety margin That is when the system has only 19W remaining this power cannot be utilized deny_low_priority_port If there are ports that supplied power that have a priority lower than the new port the port with the lowest priority will be disconnected This process will stop until enough power is released for the new port Note ...

Page 767: ... 1 1 1 6 Command show poe ports 1 1 1 6 Port State Priority Power Limit mW Time Range Class Power mW Voltage decivolt Current mA Status 1 1 Enabled Critical 4200 Class 1 0 0 0 0 OFF Interim state during line detection 1 2 Enabled Critical 4200 Class 1 0 0 0 0 OFF Interim state during line detection 1 3 Enabled Critical 4200 Class 1 0 0 0 0 OFF Interim state during line detection 1 4 Enabled Critic...

Page 768: ...If no parameter is specified the system will display the status of all the supported PoE units in the system Restrictions None Example To display the PoE system DGS 3420 28PC admin show poe system units 1 Command show poe system units 1 Unit 1 PoE System Information Power Limit 760 Watts Power Consumption 0 Watts Power Remained 371 Watts Power Disconnection Method Deny Next Port Detection Legacy P...

Page 769: ...sm 5 When a link is detected on the port for a shorter cable the power consumption will be reduced by lowering the signal amplitude since the signal attenuation is proportional to the cable length The port will adjust the power based on the cable length and still maintain error free applications from both sides of the link This mechanism is only available using the hardware support cable diagnosti...

Page 770: ...onfig power_saving hibernation Description This command is used to add or delete the power saving schedule on system hibernation When the system enters hibernation mode the Switch changes to a low power state and is idle It shuts down all the ports and all network function does not work Only the console connection will work via the RS232 port Format config power_saving hibernation add delete time_...

Page 771: ...gets high priority If the port LED admin state is disabled all ports LED will always be turned off Currently only three time ranges are supported Format config power_saving led add delete time_range range_name 32 clear_time_range Parameters add Specify to add a time range delete Specify to delete a time range time_range Specify the name of the time range range_name32 Enter a name for maximum 32 ch...

Page 772: ...pecify a range of ports all Specify all ports add Specify to add a time range delete Specify to delete a time range time_range Specify the name of the time range range_name32 Enter a name for maximum 32 characters clear_time_range Specify to clear all the time range of port Restrictions Only Administrator and Operator level users can issue this command Example To add a time range named range_1 on ...

Page 773: ... port LED configuration of power saving port Optional Display the port configuration of power saving hibernation Optional Display the system hibernation configuration of power saving If no parameter is specified all configurations of power saving will be displayed Restrictions None Example To display the power saving function setting DGS 3420 28SC admin show power_saving Command show power_saving ...

Page 774: ...nk status Format config led state enable disable Parameters enable Specify to enable the LED admin state of all ports disable Specify to disable the LED admin state of all ports Restrictions Only Administrator and Operator level users can issue this command Example To disable the LED admin state DGS 3420 28SC admin config led state disable Command config led state disable Success DGS 3420 28SC adm...

Page 775: ...ries Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 770 Example To display the setting of all port s LED admin state DGS 3420 28SC admin show led Command show led Port LED State Enabled DGS 3420 28SC admin ...

Page 776: ...sec 1 2 delay_req_interval value 0 5 pdelay_req_interval sec 1 32 delay_mechanism e2e p2p 1 config ptp p2p_transparent ports portlist all pdelay_req_interval sec 1 32 show ptp show ptp clock show ptp clock parent show ptp ports portlist all show ptp boundary ports portlist all show ptp p2p_transparent ports portlist all show ptp foreign_master_records ports portlist all 71 1 enable ptp Description...

Page 777: ... switch ports will forward the PTP packets according to the multicast filtering configuration Format disable ptp Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the PTP function globally DGS 3420 28SC admin disable ptp Command disable ptp Success DGS 3420 28SC admin 71 3 config ptp mode Description This command is used t...

Page 778: ...An End to End Transparent Clock supports the use of an end to end delay measurement mechanism between the slave clock and the master clock Ports on end to end transparent clocks are independent of propagation delay mechanisms Format config ptp mode boundary p2p_transparent e2e_transparent Parameters boundary Specifies the Switch as a Boundary Clock p2p_transparent Specifies the Switch as a Peer to...

Page 779: ...ceived PTP message is not identical to the domain number of the local device the PTP message shall be forwarded according to the multicast filtering configuration Format config ptp clock domain_number value 0 127 unit unit_id 1 12 domain_name string 1 32 Parameters domain_number Specifies the domain attribute of the local clock All PTP messages data sets state machines and all other PTP entities a...

Page 780: ...n_name internal_domain Success DGS 3420 28SC admin 71 6 config ptp boundary Description This command is used to configure the PTP boundary clock attributes and requires at least one parameter to execute Format config ptp boundary priority1 value 0 255 priority2 value 0 255 1 Parameters priority1 Optional Specifies that the priority 1 attribute is used in the execution of the best master clock algo...

Page 781: ...er 1 The global PTP state is enabled Chapter 2 The port PTP state is enabled Chapter 3 The port is not blocked if the stp state is enabled Format config ptp ports portlist all state enable disable Parameters ports Specifies the list of port used for this configuration portlist Enter the list of port used for this configuration here all Specifies that all the ports will be used for this configurati...

Page 782: ...nounce interval should be uniform throughout a domain If the announce interval of one port changes the announce interval of all the ports must be changed automatically to be consistent sec 1 16 Enter the interval value used here This value must be between 1 and 16 seconds timeout Specifies the announce interval number that has to pass without receiving an Announce message before the occurrence of ...

Page 783: ...To configure the announce interval attribute of ports 1 4 to 3 seconds DGS 3420 28SC admin config ptp boundary ports 1 1 1 4 announce interval 3 Command config ptp boundary ports 1 1 1 4 announce interval 3 The announce interval is automatically adjusted to 4 Success DGS 3420 28SC admin To configure the announce timeout attribute of ports 1 4 to 4 seconds which is about 4 Announce interval DGS 342...

Page 784: ... P2P DGS 3420 28SC admin config ptp boundary ports all delay_mechanism p2p Command config ptp boundary ports all delay_mechanism p2p Success DGS 3420 28SC admin 3 3 config ptp p2p_transparent ports Description This command is used to configure the pdelay_request message attribute for the message interval of the P2P transparent clock Format config ptp p2p_transparent ports portlist all pdelay_req_i...

Page 785: ...erval 4 Command config ptp p2p_transparent ports all pdelay_req_interval 4 Success DGS 3420 28SC admin 3 4 show ptp Description This command is used to display the configured attributes of PTP on the switch Format show ptp Parameters None Restrictions None Example To show the global PTP configuration DGS 3420 28SC admin show ptp Command show ptp PTP State Setting Enabled PTP Mode Setting Boundary ...

Page 786: ... boundary clock DGS 3420 28SC admin show ptp clock Command show ptp clock PTP State Enabled PTP Clock Mode Boundary Clock PTP Transport Protocol UDP PTP Clock Domain Number 1 PTP Clock Domain Name internal_domain PTP Clock Identity ACDE48FFFE6789AB PTP Priority 1 128 PTP Priority 2 128 PTP Clock Class 187 PTP Steps Removed 2 PTP Last Offset 130ns PTP Mean Path Delay 1 second PTP Enabled Ports 1 1 ...

Page 787: ...en the stacking mode is enabled DGS 3420 28SC admin show ptp clock Command show ptp clock Box ID 1 PTP State Enabled PTP Clock Mode Boundary Clock PTP Transport Protocol UDP PTP Clock Domain Number 1 PTP Clock Domain Name internal_domain PTP Clock Identity ACDE4823456789AB PTP Priority 1 128 PTP Priority 2 128 PTP Clock Class 187 PTP Steps Removed 2 PTP Last Offset 110 ns PTP Mean Path Delay 120 s...

Page 788: ...ameters None Restrictions None Example To show the active attributes of the boundary clock parent DGS 3420 28SC admin show ptp clock parent Command show ptp clock parent PTP Parent Port Identity ACDE48FFFE6789AB PTP Parent Port Number 3 PTP Grandmaster Identity ACDE48FFFE9789AD PTP Grandmaster Clock Class 13 PTP Grandmaster Clock Accuracy 100ns PTP Grandmaster Priority 1 120 PTP Grandmaster Priori...

Page 789: ...undary clock is the grandmaster clock DGS 3420 28SC admin show ptp clock parent Command show ptp clock parent The grandmaster clock does not have this attribute DGS 3420 28SC admin To show the parent and grandmaster properties of the transparent clock DGS 3420 28SC admin show ptp clock parent Command show ptp clock parent The transparent clock does not have this attribute DGS 3420 28SC admin To sh...

Page 790: ... Parent Port Number 5 PTP Grandmaster Identity ACDE4823659789AD PTP Grandmaster Clock Class 13 PTP Grandmaster Clock Accuracy 100ns PTP Grandmaster Priority 1 120 PTP Grandmaster Priority 2 127 DGS 3420 28SC admin 3 7 show ptp ports Description This command is used to display the active attributes of the special PTP ports on the switch Format show ptp ports portlist all Parameters ports Specifies ...

Page 791: ... 1 2 4 1 Enabled 1 2 Slave E2E 1 8 0 5 2 8 8 0 Enabled 1 3 Master P2P 2 8 1 8 4 8 1 Enabled 1 4 Master P2P 2 8 1 32 16 16 0 Enabled DGS 3420 28SC admin To show the active attributes for special ports 1 1 1 4 of the p2p transparent clock DGS 3420 28SC admin show ptp ports 1 1 1 4 Command show ptp ports 1 1 1 4 The active attributes PDRI Pdelay_Request Interval PMPD Peer Mean Path Delay Port PDRI PM...

Page 792: ...ptp boundary PTP Priority1 Setting 128 PTP Priority2 Setting 127 DGS 3420 28SC admin To show the configured attributes of special ports 1 1 1 4 of the boundary clock DGS 3420 28SC admin show ptp boundary ports 1 1 1 4 Command show ptp boundary ports 1 1 1 4 The attribute configurations of the ports of boundary DM Delay Mechanism AI Announce Interval CART The Coefficient of Announce Receipt Timeout...

Page 793: ... be used for this display Restrictions None Example To show the configured attributes of special ports 1 1 1 4 of the p2p_transparent clock DGS 3420 28SC admin show ptp p2p_transparent ports 1 1 1 4 Command show ptp p2p_transparent ports 1 1 1 4 The attribute configuration of the p2p_transparent ports PDRI Pdelay_Request Interval Port PDRI State 1 1 8 Enabled 1 2 16 Enabled 1 3 8 Enabled 1 4 4 Dis...

Page 794: ...t records of the foreign master data set for special ports 1 1 1 3 of the boundary clock DGS 3420 28SC admin show ptp foreign_master_records ports all Command show ptp foreign_master_records ports all FM Port Identity The clock identity of the Foreign Master Port FM Port Number The port number of the Foreign Master Port FM Announce Messages The numbers of Foreign Master announce messages Port FM P...

Page 795: ...0 7 delete protocol_group group_id int 1 16 all show port dot1v ports portlist 4 1 create dot1v_protocol_group Description This command is used to create a protocol group for the protocol VLAN function Format create dot1v_protocol_group group_id int 1 16 group_name name 32 Parameters group_id Specify the ID of the protocol group which is used to identify a set of protocols int 1 16 The ID range is...

Page 796: ... 0xffff Depending on the frame type the octet string will have one of the following values For Ethernet II this is a 16 bit 2 octet hex value For example IPv4 is 800 IPv6 is 86dd ARP is 806 etc For IEEE802 3 SNAP this is this is a 16 bit 2 octet hex value For IEEE802 3 LLC this is the 2 octet IEEE 802 2 Link Service Access Point LSAP pair The first octet is for Destination Service Access Point DSA...

Page 797: ...2 86dd Success DGS 3420 28SC admin 4 3 delete dot1v_protocol_group Description This command is used to delete a protocol group Format delete dot1v_protocol_group group_id int 1 16 group_name name 32 all Parameters group_id Specify the group ID to be deleted int 1 16 Specify the group ID to be deleted group_name Specify the name of the protocol group to be deleted name 32 Specify the name of the pr...

Page 798: ... the name of the protocol group The maximum length is 32 characters Note If no parameter is specified all configured protocol groups will be displayed Restrictions None Example To display protocol group ID 4 DGS 3420 28SC admin show dot1v_protocol_group group_id 4 Command show dot1v_protocol_group group_id 4 Protocol Protocol Frame Type Protocol Group ID Group Name Value 4 General Group EthernetII...

Page 799: ... maximum length is 32 characters vlan Specify the VLAN that is to be associated with this protocol group on this port vlan_name 32 Specify the VLAN that is to be associated with this protocol group on this port The maximum length is 32 characters vlanid Specify the VLAN ID id Specify the VLAN ID priority Specify the priority to be associated with the packet which has been classified to the specifi...

Page 800: ... Optional Specify a range of ports to be displayed portlist Specify a range of ports to be displayed Note If no parameter is specified information for all ports will be displayed Restrictions None Example To display the protocol VLAN information for ports 1 to 2 DGS 3420 28SC admin show port dot1v ports 1 2 Command show port dot1v ports 1 2 Port 1 Protocol Group ID VLAN Name Protocol Priority 1 de...

Page 801: ..._prevention config dscp map portlist all dscp_priority dscp_list to priority 0 7 dscp_dscp dscp_list to dscp 0 63 show dscp map portlist dscp_priority dscp_dscp dscp dscp_list config dscp trust portlist all state enable disable show dscp trust portlist 5 1 config bandwidth_control Description This command is used to set the maximum limit for port bandwidth Format config bandwidth_control portlist ...

Page 802: ...x_rate 1024 Command config bandwidth_control 1 10 tx_rate 1024 Success DGS 3420 28SC admin 5 2 show bandwidth_control Description This command is used to display the port bandwidth configurations The bandwidth can also be assigned by the RADIUS server through the authentication process If the RADIUS server has assigned the bandwidth then the RADIUS assigned bandwidth will be the effective bandwidt...

Page 803: ...ortlist Specify a range of ports to be configured all Specify to set all ports in the system If no parameter is specified the system will set all the ports cos_id_list 0 7 Specify a list of priority queues The priority queue number ranges from 0 to 7 min_rate Specify that one of the parameters below will be applied to the minimum rate that the class specified above will be allowed to transmit pack...

Page 804: ...l Rate MAX 96 Success DGS 3420 28SC admin 5 4 show per_queue bandwidth_control Description This command is used to display the bandwidth control setting of per egress queue for each port Format show per_queue bandwidth_control portlist Parameters portlist Optional Specify a range of ports to be displayed Restrictions None Example To display the port bandwidth control table for port 1 DGS 3420 28SC...

Page 805: ...re identified by a number from 0 to 7 with the 0 queue being the lowest priority strict Specifies that the queue will operate in strict mode weight Specifies the weight value for weighted round robin The queue will operate in WRR mode if the port mode is WRR It will operate in strict mode if the port mode is strict value 1 127 Enter the weight value here This value must be between 1 and 127 Restri...

Page 806: ...ill be used strict Specifies that all the queues will operate in strict mode wrr Specifies that each queue will operate based on their weight settings Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the traffic scheduling mechanism for each CoS queue DGS 3420 28SC admin config scheduling_mechanism strict Command config scheduling_mech...

Page 807: ...ions None Example To display the traffic scheduling parameters for each CoS queue DGS 3420 28SC admin show scheduling Command show scheduling QOS Output Scheduling On Port 1 Class ID Weight Class 0 1 Class 1 2 Class 2 3 Class 3 4 Class 4 5 Class 5 6 Class 6 7 Class 7 8 QOS Output Scheduling On Port 2 Class ID Weight Class 0 1 Class 1 2 Class 2 3 Class 3 4 Class 4 5 Class 5 6 CTRL C ESC q Quit SPAC...

Page 808: ...Class 6 7 Class 7 8 DGS 3420 28SC admin 5 8 show scheduling_mechanism Description This command is used to display the traffic scheduling mechanism Format show scheduling_mechanism portlist Parameters portlist Optional Specifies a range of ports to be displayed Restrictions None Example To display the scheduling mechanism for all ports DGS 3420 28SC admin show scheduling_mechanism Command show sche...

Page 809: ...S 3420 28SC admin 5 9 config 802 1p user_priority Description This command is used to configure the way by which the switch will map an incoming packet based on its 802 1p user priority to one of the eight available hardware priority queues on the switch The switch s default is to map the following incoming 802 1p user priority values to the eight hardware priority queues The suggested mapping is ...

Page 810: ...e class_id 0 7 Specify the number of the switch s hardware priority queue The switch has eight hardware priority queues available They are numbered between 0 the lowest priority and 7 the highest priority Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure an 802 1p user priority of 1 map to class ID of 3 DGS 3420 28SC admin config 802 1p...

Page 811: ...s 7 Port 2 Priority 0 Class 2 Priority 1 Class 0 Priority 2 Class 1 Priority 3 Class 3 Priority 4 Class 4 Priority 5 Class 5 Priority 6 Class 6 Priority 7 Class 7 DGS 3420 28SC admin 5 11 config 802 1p default_priority Description This command is used to specify default priority for untagged packets received on a port of the switch Format config 802 1p default_priority portlist all priority 0 7 Pa...

Page 812: ...rity Description This command is used to display the current default priority settings on the switch The default priority can also be assigned by the RADIUS server through the authentication process Authentication with the RADIUS server can be either per port or per user For per port authentication the priority assigned by the RADIUS server will be the default priority of the effective port For pe...

Page 813: ...8SC admin 5 13 enable hol_prevention Description This command is used to enable head of line prevention on the switch Format enable hol_prevention Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable HOL prevention on the switch DGS 3420 28SC admin enable hol_prevention Command enable hol_prevention Success DGS 3420 28SC admin...

Page 814: ...can issue this command Example To disable HOL prevention on the switch DGS 3420 28SC admin disable hol_prevention Command disable hol_prevention Success DGS 3420 28SC admin 5 15 show hol_prevention Description This command is used to display the head of line prevention state on the switch Format show hol_prevention Parameters None Restrictions None Example To display HOL prevention state on the sw...

Page 815: ...fault the DSCP is mapped to the same DSCP These DSCP mapping will take effect at the same time when IP packet ingress from a DSCP trusted port Format config dscp map portlist all dscp_priority dscp_list to priority 0 7 dscp_dscp dscp_list to dscp 0 63 Parameters portlist Enter the list of port used for this configuration here all Specify that all the ports will be included in this configuration ds...

Page 816: ... 3420 28SC admin 5 17 show dscp map Description This command is used to show DSCP trusted port list and mapped color priority and DSCP Format show dscp map portlist dscp_priority dscp_dscp dscp dscp_list Parameters portlist Optional A range of ports to show If no parameter is specified all ports dscp mapping will be displayed dscp_priotity Specify a list of DSCP value to be mapped to a specific pr...

Page 817: ...dscp trust Description This command is used to configure the state of DSCP trust per port When DSCP is not trusted 802 1p is trusted Format config dscp trust portlist all state enable disable Parameters portlist Enter the list of port used for this configuration here all Specify that the command apply to all ports on the Switch state Enable or disable to trust DSCP By default DSCP trust is disable...

Page 818: ... state for the specified ports on the Switch Format show dscp trust portlist Parameters portlist Optional A range of ports to display If not specify the port all ports for DSCP trust status on the Switch will be displayed Restrictions None Example Display DSCP trust status on ports 1 1 1 8 DGS 3420 28SC admin show dscp trust 1 1 1 8 Command show dscp trust 1 1 1 8 Port DSCP Trust 1 1 Enabled 1 2 E...

Page 819: ... dip_mask netmask outer_vid vidlist 802 1p priority 0 7 ip_protocol value 0 255 l4_src_port value 1 65535 l4_dest_port value 1 65535 replace svid vlanid 1 4094 priority priority 0 7 classify outer_vid vlanid 1 4094 source_mac macaddr sa_mask macmask destination_mac macaddr da_mask macmask source_ipv4 ipaddr sip_mask netmask destination_ipv4 ipaddr dip_mask netmask 802 1p priority 0 7 ip_protocol v...

Page 820: ...cription This command is used to disable Q in Q When Q in Q is disabled all dynamic learned L2 addresses will be cleared all dynamic registered VLAN entries will be cleared and GVRP will be disabled To run GVRP on the switch the administrator should enable GVRP manually Format disable qinq Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Ex...

Page 821: ...gure Q in Q port parameters on this Switch Format config qinq ports portlist all role uni nni missdrop enable disable outer_tpid hex 0x1 0xffff use_inner_priority enable disable add_inner_tag hex 0x1 0xffff disable add delete vlan_translation_profile profile_id 1 Parameters portlist Specify a range of ports to configure all Specify to configure all ports role Specify the port role in Q in Q mode u...

Page 822: ...cifies that only the s tag will be added for ingress untagged packets add Specifies to add a flow based VLAN translation port s QinQ rule delete Specifies to delete a flow based VLAN translation port s QinQ rule vlan_translation_profile Specifies the VLAN translation profile ID used profile_id Enter the VLAN translation profile ID used here Restrictions Only Administrator Operator and Power User l...

Page 823: ...x9100 Command config qinq inner_tpid 0x9100 Success DGS 3420 28SC admin 6 6 show qinq inner_tpid Description This command is used to display the inner TPID of the system Format show qinq inner_tpid Parameters None Restrictions None Example To display the inner TPID of the system DGS 3420 28SC admin show qinq inner_tpid Command show qinq inner_tpid Inner TPID 0x8100 DGS 3420 28SC admin 6 7 show qin...

Page 824: ...show qinq ports 1 2 Port ID 1 Role NNI Miss Drop Disabled Outer Tpid 0x8100 Use Inner Priority Disabled Add Inner Tag Disabled Port ID 2 Role NNI Miss Drop Disabled Outer Tpid 0x8100 Use Inner Priority Disabled Add Inner Tag Disabled DGS 3420 28SC admin 6 8 create vlan_translation ports Description This command is used to create translation relationships between C VLAN and S VLAN This setting will...

Page 825: ...ng packets svid Specify the SVID of the S tag to be added or replaced to the packets vlanid 1 4094 Specify the SVID between 1 and 4094 priority Optional Specify a 802 1p priority of the S Tag between 0 and 7 If the priority is NOT specified 802 1p priority of S Tag will be assigned by the priority in C tag priority 0 7 Specify a 802 1p priority of the S Tag between 0 and 7 Restrictions Only Admini...

Page 826: ...dlist Specify a range of VLAN IDs Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a VLAN translation rule on ports 1 to 4 DGS 3420 28SC admin delete vlan_translation ports 1 4 Command delete vlan_translation ports 1 4 Success DGS 3420 28SC admin 6 10 show vlan_translation Description This command is used to display existing C VLAN based ...

Page 827: ...2 20 100 Add 1 Total Entries 5 DGS 3420 28SC admin 6 11 create vlan_translation_profile Description This command is used to create a flow based VLAN translation profile Multiple flow based VLAN translation rules can be specified for a profile Format create vlan_translation_profile profile_id Parameters profile_id Specifies the profile ID for the profile Restrictions Only Administrator Operator and...

Page 828: ...n the packet this rule will not take effect rule_id Specifies the rule ID to be added to the profile If the rule ID is not specified it will be assigned automatically rule_id Enter the rule ID used here add Specifies to add a tag for the assigned S VLAN before the Outer VLAN tag If there is an S TAG in the packet this rule will not take effect svid Specifies the S VLAN ID to be assigned to the mat...

Page 829: ...of the S Tag If the priority is not specified the 802 1p priority of S Tag will be assigned by the default procedure priority 0 7 Enter the 802 1p priority value used here This value must be between 0 and 7 classify Specifies the classification outer_vid Specifies the packet s outer VID for the match vlanid 1 4094 Enter the packet s outer VID used here This value must be between 1 and 4094 source_...

Page 830: ...1000 Command config vlan_translation_profile 2 add rule_id 3 add svid 100 classify outer_vid 1 1000 Success DGS 3420 28SC admin To add an S Tag which the S VID is 100 to the ingress packets of Port 3 if packet s C VID is 10 MAC_SA is 00 00 00 11 22 33 Ether type is 0x8000 SIP is 10 10 10 10 Priority is 2 and port number of IPv4 is 1813 DGS 3420 28SC admin create vlan_translation_profile 3 Command ...

Page 831: ...meters profile_id_list Optional Specifies the profile ID number to be shown If no profile ID is used all profiles will be displayed Restrictions Only Administrator Operator and Power User level users can issue this command Example To show all profile rules DGS 3420 28SC admin show vlan_translation_profile Command show vlan_translation_profile Profile ID 2 ports Rule ID 1 Status ACTIVE Active Port ...

Page 832: ...be deleted If the rule ID is not specified all rules of the profile will be deleted at first and then the profile will be deleted rule_id_list Enter the rule ID range used here all Specifies that all rules will be deleted Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete VLAN translation profile ID 2 DGS 3420 28SC admin delete vlan_transla...

Page 833: ...v1_or_v2 disable state enable disable 1 config rip timers update sec 5 65535 timeout sec 5 65535 garbage_collection sec 5 65535 1 disable rip show rip ipif ipif_name 12 7 1 enable rip Description This command is used to enable RIP for the Switch The default setting is disabled Format enable rip Parameters None Restrictions Only Administrator Operator and Power User level users can issue this comma...

Page 834: ...led tx_mode Optional Specifies the RIP transmission mode disable Specifies to prevent the transmission of RIP packets v1_only Specifies that only RIP version 1 format packets will be transmitted v1_compatible Specifies to transmit RIP version 2 format packets to the broadcast address v2_only Specifies that only RIP version 2 format packets will be transmitted rx_mode Optional Specifies the RIP rec...

Page 835: ... 5 and 65535 seconds timeout Optional Specifies the value of the time after which a RIP route is declared to be invalid sec 5 65535 Enter the timeout value used here This value must be between 5 and 65535 seconds garbage_collection Optional Specifies the value of the time for which a RIP route will be kept before it is removed from routing table sec 5 65535 Enter the garbage collection value used ...

Page 836: ...IP DGS 3420 28SC admin disable rip Command disable rip Success DGS 3420 28SC admin 7 5 show rip Description This command is used to display the RIP configuration for one or all the IP interfaces Format show rip ipif ipif_name 12 Parameters ipif Optional Specifies the IP interface name used for this configuration ipif_name 12 Enter the IP interface name used here This name can be up to 12 character...

Page 837: ...RIP Global State Enabled Update Time 120 seconds Timeout Time 300 seconds Garbage Collection Time 150 seconds RIP Interface Settings Interface IP Address TX Mode RX Mode Authen State tication System 2 2 2 2 8 V1 Comp V1 or V2 Enabled Disabled n40 40 0 0 2 16 V1 Comp V1 or V2 Enabled Enabled n90 90 0 0 2 16 V1 Comp V1 or V2 Enabled Enabled n100 100 0 0 2 16 V1 Comp V1 or V2 Enabled Enabled Total En...

Page 838: ... config ripng ipif ipif_name 12 all state enable disable metric value 1 15 1 8 1 enable ripng Description This command is used to enable RIPng globally for the Switch Format enable ripng Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable RIPng globally DGS 3420 28SC admin enable ripng Command enable ripng Success DGS 3420 28...

Page 839: ...8SC admin disable ripng Command disable ripng Success DGS 3420 28SC admin 8 3 show ripng Description This command is used to display the RIPng state on all or specified interfaces Format show ripng ipif ipif_name 12 Parameters ipif Optional Specifies the RIPng IP interface name to be displayed ipif_name 12 Enter the RIPng IP interface name to be displayed here This name can be up to 12 characters ...

Page 840: ...ethod used no_horizon Specifies to configure not use any horizon split_horizon Specifies to configure use a basic split horizon poison_reverse Specifies to configure to use a split horizon with poison reverse update Optional Specifies the value of the update timer sec 5 65535 Enter the update timer value used here This value must be between 5 and 65535 seconds expire Optional Specifies the interva...

Page 841: ...be up to 12 characters long all Specifies that all the RIPng IP interfaces will be used state Optional Specifies the RIPng state of the specified IP interface enable Specifies that the RIPng state on the specified interface will be enabled disable Specifies that the RIPng state on the specified interface will be disabled metric Optional Specifies the cost value of an interface The RIPng route that...

Page 842: ...add delete ports portlist source mirror_group_id value 1 4 add delete ports portlist rx tx both show rspan vlan_name vlan_name vlan_id vlanid 1 4094 9 1 enable rspan Description This command is used to enable RSPAN globally Format enable rspan Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable RSPAN globally DGS 3420 28SC admin enable ...

Page 843: ...3420 28SC admin 9 3 create rspan vlan Description This command is used to create an RSPAN VLAN Up to 16 RSPAN VLANs can be created Format create rspan vlan vlan_name vlan_name vlan_id vlanid 1 4094 Parameters vlan_name Create the RSPAN VLAN by VLAN name vlan_name Specify the VLAN name vlan_id Create the RSPAN VLAN by VLAN ID vlanid 1 4094 Specify the VLAN ID between 1 and 4094 Restrictions Only Ad...

Page 844: ...e rspan vlan Description This command is used to delete an RSPAN VLAN Format delete rspan vlan vlan_name vlan_name vlan_id vlanid 1 4094 Parameters vlan_name Specify the RSPAN VLAN by VLAN name vlan_name Specify the VLAN name vlan_id Specify the RSPAN VLAN by VLAN ID vlanid 1 4094 Specify the VLAN ID between 1 and 4094 Restrictions Only Administrator and Operator level users can issue this command...

Page 845: ...redirect setting at the same time Format config rspan vlan vlan_name vlan_name vlan_id vlanid 1 4094 redirect add delete ports portlist source mirror_group_id value 1 4 add delete ports portlist rx tx both Parameters vlan_name Specify the RSPAN VLAN by VLAN name vlan_name Specify the VLAN name vlan_id Specify the RSPAN VLAN by VLAN ID vlanid 1 4094 Specify the VLAN ID between 1 and 4094 redirect S...

Page 846: ... source target port DGS 3420 28SC admin config rspan vlan vlan_name vlan2 source add ports 2 5 rx Command config rspan vlan vlan_name vlan2 source add ports 2 5 rx Success DGS 3420 28SC admin To configure an RSPAN source entry for per flow RSPAN without any source ports DGS 3420 28SC admin config rspan vlan vlan_id 2 source Command config rspan vlan vlan_id 2 source Success DGS 3420 28SC admin To ...

Page 847: ... 1 and 4094 Restrictions None Example To display specific RSPAN settings DGS 3420 28SC admin show rspan vlan_id 63 Command show rspan vlan_id 63 RSPAN Enabled RSPAN VLAN ID 63 Mirror Group ID 1 Target Port 1 Source Port RX 2 5 TX 2 5 Redirect Port 9 12 DGS 3420 28SC admin To display all RSPAN settings DGS 3420 28SC admin show rspan Command show rspan RSPAN Enabled RSPAN VLAN ID 1 Mirror Group ID 1...

Page 848: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 843 RSPAN VLAN ID 3 Redirect Port 6 10 Total RSPAN VLAN 3 DGS 3420 28SC admin ...

Page 849: ...hreshold The range is between 20 100 falling Optional Configure the utilization falling threshold The range is between 20 100 If the CPU utilization is lower than the falling threshold the switch enters normal mode value 20 100 Configure the utilization falling threshold The range is between 20 100 If the CPU utilization is lower than the falling threshold the switch enters normal mode trap_log Op...

Page 850: ...rd_engine state enable utilization rising 50 falling 30 trap_log enable Success DGS 3420 28SC admin 10 2 show safeguard_engine Description This command is used to display safeguard engine information Format show safeguard_engine Parameters None Restrictions None Example To display safeguard engine information DGS 3420 28SC admin show safeguard_engine Command show safeguard_engine Safeguard Engine ...

Page 851: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 846 Mode Fuzzy DGS 3420 28SC admin Note The safeguard engine current status has two modes exhausted and normal mode ...

Page 852: ...e the SFTP function globally SFTP over SSH2 is a remotely secure file transfer protocol providing security on all file operations SFTP server runs as a subsystem of SSH server SSH server is required to be enabled before enabling SFTP server Format enable sftp server Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable SFTP ser...

Page 853: ... Operator and Power User level users can issue this command Example To disable the SFTP server DGS 3420 28SC admin disable sftp server Command disable sftp server Success DGS 3420 28SC admin 11 3 config sftp server Description This command is used to configure parameters for SFTP server Format config sftp server timeout sec 30 600 1 Parameters timeout Specifies the idle timer for SFTP server If th...

Page 854: ...rver timeout 600 Command config sftp server timeout 600 Success DGS 3420 28SC admin 11 4 show sftp server Description This command is used to show the parameters of the SFTP server Format show sftp server Parameters None Restrictions None Example To show the parameters of the SFTP server DGS 3420 28SC admin show sftp server Command show sftp server The SFTP Server Configuration Protocol Version 3 ...

Page 855: ..._number 1 65535 maxdatagramsize value 300 1400 delete sflow analyzer_server value 1 4 config sflow analyzer_server value 1 4 timeout sec 1 2000000 infinite collectoraddress ipaddr ipv6addr collectorport udp_port_number 1 65535 maxdatagramsize value 300 1400 1 show sflow analyzer_server create sflow counter_poller ports portlist all analyzer_server_id value 1 4 interval disable sec 20 120 config sf...

Page 856: ...cription This command is used to disable the sFlow function Format disable sflow Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To disable the sFlow function DGS 3420 28SC admin disable sflow Command disable sflow Success DGS 3420 28SC admin 12 3 show sflow Description This command is used to display sFlow information Format show sflow ...

Page 857: ...to configure all ports analyzer_server_id Specify the ID of an analyzer server where the packet will be forwarded value 1 4 Specify the ID of an analyzer server where the packet will be forwarded rate Optional Specify the sampling rate for packet sampling value 0 65535 Specify the sampling rate for packet sampling The configured rate value multiplied by 256 is the actual rate For example if the ra...

Page 858: ...list Specify the list of ports to be configured all Specify to configure all ports rate Specify the sampling rate for packet sampling value 0 65535 Specify the sampling rate for packet sampling The configured rate value multiplied by 256 is the actual rate For example if the rate is 20 the actual rate 5120 One packet will be sampled from every 5120 packets If set to 0 the sampler is disabled If th...

Page 859: ...sed to delete the sFlow flow sampler Format delete sflow flow_sampler ports portlist all Parameters portlist Specify the list of ports to be deleted all Specify to delete all ports Restrictions Only Administrator and Operator level users can issue this command Example To delete the sFlow flow sampler for ports 1 to 3 DGS 3420 28SC admin delete sflow flow_sampler ports 1 3 Command delete sflow flow...

Page 860: ...etween 1 and 2000000 infinite Specify to never time out collectoraddress Optional Specify the IP address of the analyzer server ipaddr Specify the IP address of the analyzer server If not specified the address will be 0 0 0 0 which means that the entry will be inactive ipv6addr Specify the IPv6 address of the analyzer server collectorport Optional Specify the destination UDP port for sending the s...

Page 861: ...inite collectoraddress ipaddr ipv6addr collectorport udp_port_number 1 65535 maxdatagramsize value 300 1400 1 Parameters value 1 4 Enter the analyser server ID used here This value must be between 1 and 4 The switch supports 4 different analyser servers at the same time Each sampler or poller can select a server ID 1 2 3 or 4 to send the samples timeout Optional Specify the time in seconds remaini...

Page 862: ...an be packed in a single sample datagram The values is between 300 and 1400 Restrictions Only Administrator and Operator level users can issue this command Example To configure the sFlow analyzer server information DGS 3420 28SC admin config sflow analyzer_server 1 collectoraddress 10 90 90 9 Command config sflow analyzer_server 1 collectoraddress 10 90 90 9 Success DGS 3420 28SC admin 12 10 show ...

Page 863: ... RFC 2233 counters Format create sflow counter_poller ports portlist all analyzer_server_id value 1 4 interval disable sec 20 120 Parameters portlist Specify the ports to be configured all Specify to configure all ports analyzer_server_id Specify the ID of an analyzer server where the packet will be forwarded value 1 4 Specify the ID of an analyzer server where the packet will be forwarded interva...

Page 864: ...c 20 120 Parameters portlist Specify the ports to be configured all Specify to configure all ports interval Specify the maximum number of seconds between successive samples of the counters If set to disabled the counter sample is disabled disable Specify to disable the interval sec 20 120 Specify the interval in seconds between 20 and 120 Restrictions Only Administrator and Operator level users ca...

Page 865: ...8SC admin delete sflow counter_poller ports 1 Command delete sflow counter_poller ports 1 Success DGS 3420 28SC admin 12 14 show sflow counter_poller Description This command is used to display sFlow counter poller information for the ports that have been created Format show sflow counter_poller Parameters None Restrictions Only Administrator Operator and Power User level users can issue this comm...

Page 866: ...rts that have been created Format show sflow flow_sampler Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To display sFlow sampler information for the ports that have been created DGS 3420 28SC admin show sflow flow_sampler Command show sflow flow_sampler Port Analyzer Configured Configured Active Active Max Header Server ID Rx Rat...

Page 867: ...4 candidate dp_interval sec 30 90 hold_time sec 100 255 download sim_ms firmware_from_tftp configuration_from_tftp ipaddr path_filename members mslist 1 32 all upload sim_ms configuration_to_tftp log_to_tftp ipaddr path_filename members mslist all 13 1 enable sim Description This command is used to configure the single IP management on the switch as enabled Format enable sim Parameters None Restri...

Page 868: ... disable sim Command disable sim Success DGS 3420 28SC admin 13 3 show sim Description This command is used to display the information of the specific sorts of devices including of self candidate member group and neighbor Format show sim candidates candidate_id 1 100 members member_id 1 32 group commander_mac macaddr neighbor Parameters candidates Optional Specify the candidate devices candidate_i...

Page 869: ...ress 00 01 02 03 04 00 Capabilities L3 Platform DGS 3420 28SC DC L3 Switch SIM State Disabled Role State Candidate Discovery Interval 30 sec Hold Time 100 sec DGS 3420 28SC admin To show the candidate information in summary DGS 3420 28SC admin show sim candidate Command show sim candidates ID MAC Address Platform Hold Firmware Device Name Capability Time Version 1 00 01 02 03 04 00 DGS 3420 28SC D...

Page 870: ...nd show sim group SIM Group Name default ID MAC Address Platform Hold Firmware Device Name Capability Time Version 1 00 01 02 03 04 00 DGS 3420 28SC DC L3 Switch 40 2 00 009 aaaaaaaaabbb 2 00 55 55 00 55 00 SIM Group Name SIM2 ID MAC Address Platform Hold Firmware Device Name Capability Time Version 1 00 01 02 03 04 11 DGS 3420 28SC DC L3 Switch 40 2 00 009 aaaaaaaaabbb 2 00 55 55 00 55 12 means c...

Page 871: ...er value 1 32 Specify the serial number of a member The value is between 1 and 32 exit Specify to terminate command switch access Restrictions Only Administrator Operator and Power User level users can issue this command Example To re Telnet to a member DGS 3420 28SC admin reconfig member_id 1 Command reconfig member_id 1 DGS 3420 28SC admin Login 13 5 config sim_group Description This command is ...

Page 872: ...ns Only Administrator Operator and Power User level users can issue this command Example To add a member DGS 3420 28SC admin config sim_group add 2 Command config sim_group add 2 Please wait for ACK SIM Config Success Success DGS 3420 28SC admin To delete a member DGS 3420 28SC admin config sim_group delete 1 Command config sim_group delete 1 Please wait for ACK SIM Config Success Success DGS 3420...

Page 873: ... time in seconds the device holds the discovery result sec 100 255 Specify the time in seconds the device holds the discovery result Restrictions Only Administrator Operator and Power User level users can issue this command Example To transfer to commander DGS 3420 28SC admin config sim commander Command config sim commander Success DGS 3420 28SC admin To transfer to candidate DGS 3420 28SC admin ...

Page 874: ...are_from_tftp Specify to download firmware from a TFTP server configuration_from_tftp Specify to download configuration from a TFTP server ipaddr Specify the IP address of the TFTP server path_filename Specify the file path of firmware or configuration in the TFTP server members Optional Specify a range of members which download this firmware or configuration mslist 1 32 Specify a range of members...

Page 875: ... Please wait several minutes Download Status ID MAC Address Result 1 00 01 02 03 04 02 Success 2 00 07 06 05 04 03 Transfer Fail 3 00 07 06 05 04 04 Connection Fail DGS 3420 28SC admin 13 8 upload sim_ms Description This command is used to upload configuration or a log from indicated devices to a TFTP server Format upload sim_ms configuration_to_tftp log_to_tftp ipaddr path_filename members mslist...

Page 876: ...nly Administrator Operator and Power User level users can issue this command Example To upload a configuration DGS 3420 28SC admin upload sim_ms configuration_to_tftp 10 55 47 1 D configuration txt members 1 Command upload sim_ms configuration_to_tftp 10 55 47 1 D configuration txt members 1 This device is uploading configuration Please wait several minutes Upload Status ID MAC Address Result 1 00...

Page 877: ... SMTP status If SMTP is enabled the Switch sends e mail with the urgent events including system start port link change SNMP authentication failure config or log save by user config reset by user and TFTP update FW status to the designated e mail address when any problem occurs on the Switch Format enable smtp Parameters None Restrictions Only Administrator level users can issue this command Exampl...

Page 878: ... add mail_receiver mail_addr 254 delete mail_receiver index 1 8 Parameters server Specify the SMTP server IP address ipaddr Specify the SMTP server IP address server_port Specify the SMTP server port port_number 1 65535 Specify the SMTP server port number between 1 and 65535 self_mail_addr Specify the sender s mail address mail_addr 254 Specify the sender s mail address The maximum length is 254 c...

Page 879: ...configure an SMTP server port DGS 3420 28SC admin config smtp server_port 25 Command config smtp server_port 25 Success DGS 3420 28SC admin To configure a mail source address DGS 3420 28SC admin config smtp self_mail_addr clyde_frazier dlink com Command config smtp self_mail_addr clyde_frazier dlink com Success DGS 3420 28SC admin To add a mail destination address DGS 3420 28SC admin config smtp a...

Page 880: ...on address DGS 3420 28SC admin config smtp delete mail_receiver 2 Command config smtp delete mail_receiver 2 Success DGS 3420 28SC admin 14 4 show smtp Description This command is display the current SMTP information Format show smtp Parameters None Restrictions None Example To display the current SMTP information ...

Page 881: ...s 0 0 0 0 SMTP Server Port 25 Self Mail Address Index Mail Receiver Address 1 2 3 4 5 6 7 8 DGS 3420 28SC admin 14 5 smtp send_testmsg Description This command is used to test whether the SMTP server can be reached Format smtp send_testmsg Parameters None Restrictions Only Administrator level users can issue this command Example To test whether the SMTP server can be reached ...

Page 882: ...ch CLI Reference Guide 877 DGS 3420 28SC admin smtp send_testmsg Command smtp send_testmsg Subject This is a test of SMTP Content Hello everybody Sending mail please wait Success DGS 3420 28SC admin Note The sentences following Subject and Content are user inputs ...

Page 883: ...mp_engineID 10 64 show snmp engineID create snmp group groupname 32 v1 v2c v3 noauth_nopriv auth_nopriv auth_priv read_view view_name 32 write_view view_name 32 notify_view view_name 32 1 delete snmp group groupname 32 create snmp host ipaddr v6host ipv6addr v1 v2c v3 noauth_nopriv auth_nopriv auth_priv auth_string 32 delete snmp host ipaddr v6host ipv6addr show snmp v6host ipv6addr show snmp host...

Page 884: ...y_key auth Indicate the input key for authentication The options are MD5 and SHA1 md5 Specify an authentication key used by MD5 This is a hex string type of 32 characters auth_key 32 32 Specify an authentication key used by MD5 This is a hex string type of 32 characters sha Specify an authentication key used by SHA1 This is a hex string type of 40 characters auth_key 40 40 Specify an authenticatio...

Page 885: ...racters Restrictions Only Administrator level users can issue this command Example To delete an SNMP user DGS 3420 28SC admin delete snmp user dlink Command delete snmp user dlink Success DGS 3420 28SC admin 15 3 show snmp user Description This command is used to display information on each SNMP username in the group username table Format show snmp user Parameters None Restrictions None Example To...

Page 886: ...s command is used to display the names of groups on the switch and the security model level and the status of the different views Format show snmp groups Parameters None Restrictions None Example To display the names of the SNMP groups on the switch DGS 3420 28SC admin show snmp groups Command show snmp groups Vacm Access Table Settings Group Name public ReadView Name CommunityView WriteView Name ...

Page 887: ...ommunity strings to limit which MIB objects an SNMP manager can access Format create snmp view view_name 32 oid view_type included excluded Parameters view_name 32 Specify the view name to be created oid Specify the object identified tree the MIB tree view_type Specify the access type of of the MIB tree in this view included Specify to include this view excluded Specify to exclude this view Restri...

Page 888: ...leted all Specify to view all records oid Specify the object identified tree the MIB tree Restrictions Only Administrator level users can issue this command Example To remove a view record DGS 3420 28SC admin delete snmp view dlinkview all Command delete snmp view dlinkview all Success DGS 3420 28SC admin 15 7 show snmp view Description This command is used to display SNMP view records Format show...

Page 889: ...MP community string Use an SNMP community string to define the relationship between the SNMP manager and the agent The community string acts like a password to permit access to the agent on the switch You can specify one or more of the following characteristics associated with the string A MIB view which defines the subset of all MIB objects accessible to the given community Read and write or read...

Page 890: ... create snmp community dlink view CommunityView read_write Success DGS 3420 28SC admin 15 9 delete snmp community Description This command is used to remove a specific community string Format delete snmp community community_string 32 Parameters community_string 32 Specify the community string that will be deleted Restrictions Only Administrator level users can issue this command Example To delete ...

Page 891: ...rations DGS 3420 28SC admin show snmp community Command show snmp community SNMP Community Table Community Name View Name Access Right private CommunityView read_write public CommunityView read_only Total Entries 2 DGS 3420 28SC admin 15 11 create snmp community_masking view Description This command is used to choose a security method for creating an SNMP community string but the community string ...

Page 892: ... issue this command Example To create an SNMP community string called community123 with the read_only security method DGS 3420 28SC admin create snmp community_masking view CommunityView read_only Command create snmp community_masking view CommunityView read_only Enter a case sensitive community Enter the community again for confirmation Success DGS 3420 28SC admin 15 12 config snmp engineID Descr...

Page 893: ...ss DGS 3420 28SC admin 15 13 show snmp engineID Description This command is used to display the identification of the SNMP engine on the switch Format show snmp engineID Parameters None Restrictions None Example To display the identification of an SNMP engine DGS 3420 28SC admin show snmp engineID Command show snmp engineID SNMP Engine ID 1023457890 DGS 3420 28SC admin 15 14 create snmp group Desc...

Page 894: ...on and encrypting read_view Specify the view name between 1 and 32 characters view_name 32 Specify the view name between 1 and 32 characters write_view Specify the view name between 1 and 32 characters view_name 32 Specify the view name between 1 and 32 characters notify_view Specify the view name between 1 and 32 characters view_name 32 Specify the view name between 1 and 32 characters Restrictio...

Page 895: ...or which the traps are targeted v6host Specify the v6host IP address to which the trap packet will be sent ipv6addr Specify the v6host IP address to which the trap packet will be sent v1 Specify the least secure of the possible security models v2c Specify the second least secure of the possible security models v3 Specify the most secure of the possible security models noauth_nopriv Specify to neit...

Page 896: ...r Parameters host Specify the IP address of the SNMP host recipient to be deleted ipaddr Specify the IP address of the SNMP host recipient to be deleted v6host Specify the IPv6 address of the SNMP host recipient to be deleted ipv6addr Specify the IPv6 address of the SNMP host recipient to be deleted Restrictions Only Administrator level users can issue this command Example To delete a recipient of...

Page 897: ...or which the traps are targeted DGS 3420 28SC admin show snmp host Command show snmp host SNMP Host Table Host IP Address SNMP Version Community Name SNMPv3 User Name 10 48 76 100 V3 noauthnopriv initial 10 51 17 1 V2c public Total Entries 2 DGS 3420 28SC admin 15 19 show snmp v6host Description This command is used to display the recipient for which the traps are targeted Format show snmp v6host ...

Page 898: ... V3 na np Community Name SNMPv3 User Name 123456789101234567890 Host IPv6 Address FECO 1A49 2AA FF FE34 CA8F SNMP Version V3 a np Community Name SNMPv3 User Name abcdefghijk Total Entries 2 DGS 3420 28SC admin 15 20 enable community_encryption Description This command is used to enable the encryption state on the SNMP community string Format enable community_encryption Parameters None Restrictions...

Page 899: ...e DGS 3420 28SC admin show snmp community Command show snmp community SNMP Community Table Community Name View Name Access Right CommunityView read_write CommunityView read_only private CommunityView read_write public CommunityView read_only Total Entries 4 DGS 3420 28SC admin 15 21 disable community_encryption Description This command is used to disable the encryption state on the SNMP community ...

Page 900: ...e encryption state on the SNMP community string Format show community_encryption Parameters None Restrictions None Example To show the encryption state on the SNMP community string DGS 3420 28SC admin show community_encryption Command show community_encryption SNMP Community Encryption State Enabled DGS 3420 28SC admin 15 23 enable snmp response_broadcast_request Description This command is used t...

Page 901: ... snmp response_broadcast_request Success DGS 3420 28SC admin 15 24 disable snmp response_broadcast_request Description This command is used to disable response broadcast requests Format disable snmp response_broadcast_request Parameters None Restrictions Only Administrator level users can issue this command Example To disable SNMP response broadcast requests DGS 3420 28SC admin disable snmp respon...

Page 902: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 897 ...

Page 903: ... 64 config stp maxage value 6 40 maxhops value 6 40 hellotime value 1 2 forwarddelay value 4 30 txholdcount value 1 10 fbpdu enable disable nni_bpdu_addr dot1d dot1ad 1 config stp ports portlist externalCost auto value 1 200000000 hellotime value 1 2 migrate yes no edge true false auto p2p true false auto state enable disable restricted_role true false restricted_tcn true false fbpdu enable disabl...

Page 904: ...New Root Trap Enabled Topology Change Trap Enabled NNI BPDU Address dot1d DGS 3420 28SC admin 16 2 show stp instance Description This command is used to display each instance parameters settings Value means the instance ID if there is no input of this value all instances will be shown Format show stp instance value 0 64 Parameters value 0 64 Optional Specify the MSTP instance ID Instance 0 represe...

Page 905: ...oot Bridge 32768 00 22 22 22 22 00 Internal Root Cost 0 Designated Bridge 32768 00 22 22 22 22 00 Root Port None Max Age 20 Forward Delay 15 Last Topology Change 2430 Topology Changes Count 0 DGS 3420 28SC admin 16 3 show stp ports Description This command is used to display the switch s current per port STP configuration STP port configuration STP port role Disabled Alternate Backup Root Designat...

Page 906: ...A 200000 128 Disabled Disabled DGS 3420 28SC admin 16 4 show stp mst_config_id Description This command is used to display the three elements of the MST configuration Identification including Configuration Name Revision Level and the MST configuration Table The default Configuration name is the MAC address of the bridge If two bridges have the same three elements in mst_config_id that means they a...

Page 907: ...still be in a disabled state Format create stp instance_id value 1 64 Parameters value 1 64 Specify the MSTP instance ID Instance 0 represents a default instance CIST This value must be between 1 and 64 Restrictions Only Administrator Operator and Power User level users can issue this command Example To create an MSTP instance DGS 3420 28SC admin create stp instance_id 2 Command create stp instanc...

Page 908: ...different action types to deal with an MST instance They are listed as follows 1 add_vlan To map specified VLAN lists to an existing MST instance 2 remove_vlan To delete specified VLAN lists from an existing MST instance Format config stp instance_id value 1 64 add_vlan remove_vlan vidlist Parameters value 1 64 Specify the MSTP instance ID Instance 0 represents a default instance CIST The DUT supp...

Page 909: ...on name or revision level in the MST configuration identification The default configuration name is the MAC address of the bridge Format config stp mst_config_id revision_level int 0 65535 name string 1 Parameters revision_level Specify the revision level int 0 65535 Specify the revision level name Specify the name given for a specified MST region string Specify the name given for a specified MST ...

Page 910: ... enables the CIST all MSTIs will be enabled automatically if FORCE_VERSION is set to MSTP and there is at least one VLAN mapped to this instance Format enable stp Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable STP DGS 3420 28SC admin enable stp Command enable stp Success DGS 3420 28SC admin 16 10 disable stp Description ...

Page 911: ... STP or RSTP all currently running MSTIs should be disabled If the version is configured as MSTP the current chip design is enabled for all available MSTIs assuming that CIST is enabled Format config stp version mstp rstp stp Parameters mstp Specify to use Multiple Spanning Tree Protocol rstp Specify to use Rapid Spanning Tree Protocol This is the default stp Specify to use Spanning Tree Protocol ...

Page 912: ...t config stp priority value 0 61440 instance_id value 0 64 Parameters value 0 61440 Specify the bridge priority value which must be divisible by 4096 The default value is 32768 instance_id Specify the identifier value which is used to distinguish different STP instances value 0 64 Specify the identifier value which is used to distinguish different STP instances Restrictions Only Administrator Oper...

Page 913: ...rsion uses per port hellotime parameter The default value is 2 seconds forwarddelay Specify the maximum delay time for one BPDU to be transmitted by a bridge and received from another bridge value 4 30 Specify the maximum delay time for one BPDU to be transmitted by a bridge and received from another bridge The default value is 15 txholdcount Specify to restrict the numbers of BPDU transmitted in ...

Page 914: ...or port not to send MSTP BPDU for a delay time edge Decide if this port is connected to a LAN or a Bridged LAN In auto mode the bridge will delay for a period to become edge port if no bridge BPDU is received true Specify a true edge connection false Specify a false edge connection auto The bridge will delay for a period to become edge port if no bridge BPDU is received p2p Decide if this port is ...

Page 915: ...list instance_id value 0 64 internalCost auto value 1 200000000 priority value 0 240 1 Parameters portlist Specify a range of ports instance_id Specify an instance ID value 0 64 Instance 0 represents CIST Instance from 1 to 64 represents MSTI 1 to MSTI 64 internalCost The Port Path Cost used in MSTP auto Specify to automatically determine the internal cost value 1 200000000 Specify a value between...

Page 916: ...nge traps The default state is enable enable Enable sending topology change traps disable Enable sending topology change traps new_root Specify the state of sending new root traps The default state is enable disable Disable sending new root traps enable Enable sending new root traps Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the ...

Page 917: ...dr domain_name 255 src_file path_filename 64 upload ssh client_pub_key ipaddr ipv6addr domain_name 255 dest_file path_filename 64 17 1 config ssh algorithm Description This command is used to configure the SSH service algorithm Format config ssh algorithm 3DES AES128 AES192 AES256 arcfour blowfish cast128 twofish128 twofish192 twofish256 MD5 SHA1 RSA DSA enable disable Parameters 3DES Specify an S...

Page 918: ...DSA enable Command config ssh algorithm DSA enable Success DGS 3420 28SC admin 17 2 show ssh algorithm Description This command is used to display the SSH authentication algorithm Format show ssh algorithm Parameters None Restrictions None Example To show the SSH server algorithms DGS 3420 28SC admin show ssh algorithm Command show ssh algorithm Encryption Algorithm 3DES Enabled AES128 Enabled AES...

Page 919: ...hmode password publickey hostbased enable disable Parameters password Specify the user authentication method publickey Specify the user authentication method hostbased Specify the user authentication method enable Specify to enable the user authentication method disable Specify to disable the user authentication method Restrictions Only Administrator Operator and Power User level users can issue t...

Page 920: ... admin show ssh authmode Command show ssh authmode The SSH Authentication Method Password Enabled Public Key Enabled Host based Enabled DGS 3420 28SC admin 17 5 config ssh user Description This command is used to update SSH user information Format config ssh user username 15 authmode hostbased hostname domain_name 32 hostname_IP domain_name 32 ipaddr ipv6addr password publickey Parameters username...

Page 921: ...rd Specify the user authentication method publickey Specify the user authentication method Restrictions Only Administrator level users can issue this command Note The user account must be created first Example To update user danilo in authentication mode DGS 3420 28SC admin config ssh user danilo authmode publickey Command config ssh user danilo authmode publickey Success DGS 3420 28SC admin 17 6 ...

Page 922: ...imum session value must be between 1 and 8 The default value is 8 contimeout Specify the SSH server connection timeout sec 30 600 Specify the SSH server connection timeout The connection timeout value must be between 30 and 600 seconds The default value is 120 seconds authfail Specify the user maximum fail attempts int 2 20 Specify the user maximum fail attempts The maximum authentication fail att...

Page 923: ...3 Success DGS 3420 28SC admin 17 8 enable ssh Description This command is used to enable SSH server services Format enable ssh Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable SSH DGS 3420 28SC admin enable ssh Command enable ssh Success DGS 3420 28SC admin 17 9 disable ssh Description This command is used to disable SSH s...

Page 924: ...To disable SSH DGS 3420 28SC admin disable ssh Command disable ssh Success DGS 3420 28SC admin 17 10 show ssh server Description This command is used to display SSH server general information Format show ssh server Parameters None Restrictions None Example To show SSH server DGS 3420 28SC admin show ssh server Command show ssh server The SSH Server Configuration Maximum Session 8 Connection Timeou...

Page 925: ... this method is specified the login user using SSH public key authentication can execute command directly with the initial privilege level of the login user disable Specify to need a secondary username password authentication after using SSH public key authentication If this method is specified the login user using SSH public key authentication must pass username password authentication before exe...

Page 926: ... relative path name or an absolute path name If path name is not specified it refers to the TFTP server path path_filename 64 Enter the source file path This can be up to 64 characters long Restrictions Only Administrator level can issue this command Example To download a SSH public key file named id_rsa_keys from TFTP server 169 168 10 100 to the switch DGS 3420 28SC admin download ssh client_pub...

Page 927: ...relative path name or an absolute path name If path name is not specified it refers to the TFTP server path path_filename 64 Enter the source file path This can be up to 64 characters long Restrictions Only Administrator level can issue this command Example To upload a SSH public key file named id_rsa_keys from TFTP server 169 168 10 100 to the switch DGS 3420 28SC admin upload ssh client_pub_key ...

Page 928: ...icate for key exchange Format download ssl certificate ipaddr certfilename path_filename 64 keyfilename path_filename 64 Parameters ipaddr Specify the TFTP server IP address certfilename Specify the desired certificate file name and the certificate file path in respect to the TFTP server root path Input characters with a maximum of 64 octets path_filename 64 Specify the desired certificate file na...

Page 929: ...MD5 RSA_with_3DES_EDE_CBC_SHA DHE_DSS_with_3DES_EDE_CBC_SHA RSA_EXPORT_with_RC4_40_MD5 1 Parameters ciphersuite Optional This is used for configuring a cipher suite combination RSA_with_RC4_128_MD5 Indicate an RSA key exchange with RC4 128 bits encryption and MD5 hash RSA_with_3DES_EDE_CBC_SHA Indicate an RSA key exchange with 3DES_EDE_CBC encryption and SHA hash DHE_DSS_with_3DES_EDE_CBC_SHA Indi...

Page 930: ...or configuring cipher suite combination RSA_with_RC4_128_MD5 Indicate an RSA key exchange with RC4 128 bits encryption and MD5 hash RSA_with_3DES_EDE_CBC_SHA Indicate an RSA key exchange with 3DES_EDE_CBC encryption and SHA hash DHE_DSS_with_3DES_EDE_CBC_SHA Indicate a DH key exchange with 3DES_EDE_CBC encryption and SHA hash RSA_EXPORT_with_RC4_40_MD5 Indicate an RSA_EXPORT key exchange with RC4 ...

Page 931: ...ain path_filename 64 Parameters certificate Optional Specify the certificate type chain Specifies to view the chain of certifications on the Switch path_filename 64 Enter the path filename used here This name can be up to 64 characters long Restrictions None Example To display SSL DGS 3420 28SC admin show ssl Commands show ssl SSL Status Disabled RSA_WITH_RC4_128_MD5 Enabled RSA_WITH_3DES_EDE_CBC_...

Page 932: ...ion ID on the web server and invokes the dlktimer library to remove this session ID by the cache timeout value Format show ssl cachetimeout Parameters None Restrictions None Example To show the SSL cache timeout DGS 3420 28SC admin show ssl cachetimeout Commands show ssl cachetimeout Cache timeout is 600 second s DGS 3420 28SC admin 18 6 config ssl cachetimeout Description This command is used to ...

Page 933: ...SL cache timeout value must be between 60 and 86400 seconds The default value is 600 seconds Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure an SSL cache timeout value of 60 DGS 3420 28SC admin config ssl cachetimeout 60 Commands config ssl cachetimeout 60 Success DGS 3420 28SC admin 18 7 config ssl certificate chain Description This ...

Page 934: ...ess DGS 3420 28SC admin 18 8 delete ssl certificate Description This command is used to delete a certification on the Switch Format delete ssl certificate path_filename 64 Parameters path_filename 64 Specify the certification file name on the Switch Restrictions Only Administrator level users can issue this command Example To delete a certificate DGS 3420 28SC admin delete ssl certificate web_ca2 ...

Page 935: ...command configures the state of stacking function By default stacking mode is disabled Administrators need to specifically configure the stacking mode to make the switch stackable Stacking mode can be changed under standalone mode only Format config stacking_mode disable enable Parameters enable Specifies that the Switch s stacking capability will be enabled disable Specifies that the Switch s sta...

Page 936: ...e who new primary master is Format config stacking force_master_role state enable disable Parameters enable Specifies that the Switch s Stacking Force Master Role state will be enabled disable Specifies that the Switch s Stacking Force Master Role state will be disabled Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable stacking force maste...

Page 937: ...mode Enabled DGS 3420 28SC admin 19 4 show stack_information Description This command displays stacking information Format show stack_information Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To display the stack information DGS 3420 28SC admin show stack_information Command show stack_information Topology Duplex_Chain My Box ID ...

Page 938: ...01 02 03 04 00 1 00 003 1 50 010 B1 2 NOT_EXIST No 3 NOT_EXIST No 4 NOT_EXIST No 5 NOT_EXIST No 6 NOT_EXIST No 7 NOT_EXIST No 8 NOT_EXIST No 9 NOT_EXIST No 10 NOT_EXIST No 11 NOT_EXIST No 12 NOT_EXIST No DGS 3420 28SC admin 19 5 show stack_device Description This command displays stack device information Format show stack_device Parameters None Restrictions None Example To display the stack inform...

Page 939: ...ue box IDs If the IDs duplicate the stack system cannot stack normally Format config box_id current_box_id value 1 12 new_box_id auto value 1 12 Parameters value 1 12 Enter the current box ID value used here This value must be between 1 and 12 new_box_id Specifies the new ID assigned to the box auto Specifies that the box ID to be assigned automatically by the stack system The new box ID will take...

Page 940: ...rity assigned to the box with lower number meaning higher priority value 1 63 Enter the priority value used here This value must be between 1 and 63 Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure box priority DGS 3420 28SC admin config box_priority current_box_id 1 priority 1 Command config box_priority current_box_id 1 priority 1 Su...

Page 941: ...config stacking trap state Description This command is used to configure the trap state for stacking Format config stacking trap state enable disable Parameters enable Specifies that the Switch s stacking trap will be enabled disable Specifies that the Switch s stacking trap will be disabled Restrictions Only Administrator Operator and Power User level users can issue this command Example To enabl...

Page 942: ... vlan Specify the VLAN to be associated with the MAC address The name must be an existing static VLAN name vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Specify the VLAN ID to be associated with the MAC address The ID must be an existing static VLAN ID vlanid 1 4094 Specify the VLAN ID between 1 and 4094 priority Optional Specifies the priority that is assigned to u...

Page 943: ...VLAN name The maximum length is 32 characters vlanid Optional Specify the VLAN ID associated with the MAC address vlanid 1 4094 Specify the VLAN ID between 1 and 4094 Note If the MAC address and VLAN are not specified all static entries associated with the port will be removed Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a static MAC ...

Page 944: ...ssociated with the MAC address vlanid 1 4094 Specify the VLAN ID between 1 and 4094 Restrictions None Example In the following example MAC address 00 80 c2 33 c3 45 is assigned to VLAN 300 by manual configuration It is assigned to VLAN 400 by MAC AC Since MAC AC has higher priority than manual configuration the manually configured entry will become inactive To display the MAC based VLAN entries DG...

Page 945: ...entry name 16 enable ipmc_vlan_replication disable ipmc_vlan_replication show ipmc_vlan_replication show ipmc_vlan_replication_entry name 16 hardware 21 1 create ipmc_vlan_replication_entry Description This command is used to create an IPMC VLAN replication entry The entry will be identified by name An IP multicast VLAN replication entry defines what traffic will be replicated and how the packet w...

Page 946: ...an_replication ttl decrease no_decrease src_mac replace no_replace 1 Parameters ttl Optional Specifies whether to decrease the time to live value of the packet or not decrease Specifies to decrease the time to live value of the packet no_decrease Specifies not to decrease the time to live value of the packet src_mac Optional Specifies whether to replace the source MAC address of a packet or not re...

Page 947: ...entry delete Specify to delete an IP multicast replication entry vlan Specify the outgoing VLAN name vlan_name 32 The VLAN name can be up to 32 characters long vlanid Specify the outgoing VLAN ID vidlist Specify the outgoing VLAN ID here ports Specify the outgoing port list portlist Specify a range of ports to be configured Restrictions Only Administrator Operator and Power User level users can is...

Page 948: ...AN name can be up to 32 characters long vlanid Specify the source VLAN ID vlanid 1 4094 The VLAN ID must be between 1 and 4094 group Specify the multicast IP address list add Specify to add a group delete Specify to delete a group mcast_ip Specify the multicast IP address list mcast_address_list Enter the multicast IP address list here source_ip Optional Specify the source IP address ipaddr Enter ...

Page 949: ... ipmc_vlan_replication_entry mr1 Command delete ipmc_vlan_replication_entry mr1 Success DGS 3420 28SC admin 21 6 enable ipmc_vlan_replication Description This command is used to enable static configuration of IP multicast VLAN replication Format enable ipmc_vlan_replication Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable ...

Page 950: ...strictions Only Administrator Operator and Power User level users can issue this command Example To disable static configuration of IP multicast VLAN replication DGS 3420 28SC admin disable ipmc_vlan_replication Command disable ipmc_vlan_replication Success DGS 3420 28SC admin 21 8 show ipmc_vlan_replication Description This command is used to display the static IP multicast VLAN replication globa...

Page 951: ... admin 21 9 show ipmc_vlan_replication_entry Description This command is used to display the IP multicast VLAN replication entry Format show ipmc_vlan_replication_entry name 16 hardware Parameters name 16 Optional Specify the name of the IP multicast VLAN replication entry to be displayed hardware Optional Specify to display the S G groups which are in the chipset Restrictions Only Administrator O...

Page 952: ...mc_vlan_replication_entry hardware Name ipmc_vlan_replication_entry name Src v The source VLAN Dest v The destination VLAN Name Src_v Group SIP Dest_v Portlist mr1 1 255 1 1 1 2 1 11 13 mr1 1 255 1 1 1 3 12 15 mr1 1 255 1 1 1 10 0 0 1 2 1 11 13 mr1 1 255 1 1 1 10 0 0 1 3 12 15 mr2 3 255 1 1 2 2 5 6 mr2 3 255 1 1 2 10 0 0 1 2 5 6 Total Entries 6 DGS 3420 28SC admin ...

Page 953: ...cket will be classified to the VLAN defined for this subnet Format create subnet_vlan network network_address ipv6network ipv6networkaddr vlan vlan_name 32 vlanid vlanid 1 4094 priority value 0 7 Parameters network Specify an IPv4 network address network_address Specify an IPv4 network address The format is ipaddress prefix length ipv6network Specify an IPv6 network address ipv6networkaddr Specify...

Page 954: ...itch Users can delete a subnet VLAN entry by IP subnet or VLAN or delete all subnet VLAN entries Format delete subnet_vlan network network_address ipv6network ipv6networkaddr vlan vlan_name 32 vlanid vidlist all Parameters network Specify an IPv4 network address network_address Specify an IPv4 network address The format is ipaddress prefix length ipv6network Specify an IPv6 network address ipv6net...

Page 955: ...vlan network network_address ipv6network ipv6networkaddr vlan vlan_name 32 vlanid vidlist Parameters network Optional Specify an IPv4 network address network_address Specify an IPv4 network address The format is ipaddress prefix length ipv6network Optional Specify an IPv6 network address ipv6networkaddr Specify an IPv6 network address The format is ipaddress prefix length vlan Optional Specify to ...

Page 956: ...fe80 250 baff 0 64 10 2 DGS 3420 28SC admin To display all subnet VLAN entries DGS 3420 28SC admin show subnet_vlan Command show subnet_vlan IP Address Subnet Mask VLAN Priority 172 168 1 1 255 255 255 0 10 2 172 18 211 1 255 255 255 0 20 3 172 18 211 6 255 255 255 0 5 1 fe80 250 baff 0 64 10 2 Total Entries 4 DGS 3420 28SC admin 22 4 config vlan_precedence ports Description This command is used t...

Page 957: ...precedence than subnet VLAN classification subnet_vlan Specifies that the subnet VLAN classification is precedence than MAC based VLAN classification Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure subnet VLAN classification precedence on port 1 DGS 3420 28SC admin config vlan_precedence ports 1 subnet_vlan Command config vlan_precede...

Page 958: ... 953 Example To display VLAN classification precedence on ports 1 5 DGS 3420 28SC admin show vlan_precedence ports 1 1 1 5 Command show vlan_precedence ports 1 1 1 5 Port VLAN Precedence 1 MAC Based VLAN 2 Subnet VLAN 3 MAC Based VLAN 4 MAC Based VLAN 5 Subnet VLAN DGS 3420 28SC admin ...

Page 959: ...rt_an remote_fault_advertised disable offline link_fault auto_negotiation_error flow_control enable disable learning enable disable state enable disable mdix auto normal cross description desc 1 32 clear_description 1 Parameters portlist Specify a range of ports to be configured all Specify to set all ports in the system medium_type Optional Specify the medium type when configuring ports that are ...

Page 960: ... more ports The default value is enable enable Turn on MAC address learning disable Turn off MAC address learning state Enable or disable the state of the specified port If the ports are in error disabled status configuring their state to enable will recover these ports from a disabled to an enabled state The default value is enable enable Enable the specified port s disable Disable the specified ...

Page 961: ...be included in the display media_type Optional Specify to display the current port media type and STP information For FE ports the media type should be 100BASE TX For GE ports the combo port if the current active port is the fiber port the media type is 1000BASE FX or 100BASE FX if the current active port is the copper port the media type is 1000BASE T and SFP information is displayed when SFP is ...

Page 962: ...wn Enabled Auto Description 1 2 Enabled Auto Disabled Link Down Enabled Auto Description 1 3 Enabled Auto Disabled Link Down Enabled Auto Description 1 4 Enabled Auto Disabled Link Down Enabled Auto Description CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh Note Connection status has the following situations Link Down Speed Duplex FlowCtrl link up and Err Disabled To display port er...

Page 963: ...configure the severity level for emergency messages alert Specify to configure the severity level for alert messages critical Specify to configure the severity level for critical messages error Specify to configure the severity level for error messages warning Specify to configure the severity level for warning messages notice Specify to configure the severity level for notice messages information...

Page 964: ... This command is used to show the severity level control for a system Format show system_severity Parameters None Restrictions None Example To show the severity level control for a system DGS 3420 28SC admin show system_severity Command show system_severity System Severity Trap information 6 System Severity Log information 6 DGS 3420 28SC admin ...

Page 965: ..._support Parameters None Restrictions Only Administrator and Operator level users can issue this command Note The switch may become inaccessible when dumping the technical support data Note The management session may time out if dumping technical support data takes longer than the configured session timeout period It is strongly recommended to set the serial port timeout to never to disable the au...

Page 966: ...ogy My Box ID 1 Role Master Box Cnt 1 Topology Type Duplex Chain Unit Prio Device Runtime Stacking ID rity Role MAC Type option version version 1 32 32 Master 00 01 02 03 04 00 DGS 3420 28SC 0x0002 1 50 010 2 0 1 25 2 upload tech_support_toTFTP Description This command is used to upload technical support information to a TFTP server This command can be interrupted by Ctrl C or ESC when it is execu...

Page 967: ...or and Operator level users can issue this command Example To upload technical support information DGS 3420 28SC admin upload tech_support_toTFTP 10 0 0 66 tech_suppport txt Command upload tech_support_toTFTP 10 0 0 66 tech_suppport txt Connecting to server Done Upload techsupport file Done Success DGS 3420 28SC admin ...

Page 968: ...120 9 annual s_date start_date 1 31 s_mth start_mth 1 12 s_time start_time hh mm e_date end_date 1 31 e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 7 show time 26 1 config sntp Description This command is used to change SNTP configurations Format config sntp primary ipaddr secondary ipaddr poll interval int 30 99999 1 Parameters primary Optional Specify the SNTP primary server IP ad...

Page 969: ...4 server s time first Format config sntp ipv6server primary ipv6addr secondary ipv6addr 1 Parameters primary Optional SNTP primary server IPv6 address ipaddr Enter the IP address used for this configuration here secondary Optional SNTP secondary server IPv6 address ipaddr Enter the IP address used for this configuration here Restrictions Only Administrator Operator and Power User level users can i...

Page 970: ... Time Source System Clock SNTP Status Disabled IPv4 Primary SNTP Server None IPv4 Secondary SNTP Server None IPv6 Primary SNTP Server None IPv6 Secondary SNTP Server None SNTP Poll Interval 720 sec DGS 3420 28SC admin 26 4 enable sntp Description This command is used to turn on SNTP support Format enable sntp Parameters None Restrictions Only Administrator Operator and Power User level users can i...

Page 971: ...cription This command is used to turn off SNTP support Format disable sntp Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable SNTP DGS 3420 28SC admin disable sntp Command disable sntp Success DGS 3420 28SC admin 26 6 config time Description This command is used to change the time settings Format config time date ddmthyyyy ...

Page 972: ...26 7 config time_zone Description This command is used to change time zone settings Format config time_zone operator hour gmt_hour 0 13 min minute 0 59 3 Parameters operator Specify the operator of the time zone Positive Negative hour Specify the hour of the time zone gmt_hour 0 13 Specify the hour of the time zone between 0 and 13 min Specify the minute of the time zone minute 0 59 Specify the mi...

Page 973: ...ue wed thu fri and sat s_mth Configure the start month number of DST start_mth 1 12 Configure the start month number of DST The values are 1 to 12 s_time Configure the start time of DST start_time hh mm Configure the start time in hh mm of DST e_week Configure the end week number of DST end_week 1 4 last Configure the end week number of DST The values are 1 to 4 e_day Configure the end day number ...

Page 974: ...of DST offset Specify the number of minutes to add or to subtract during summertime The range of offsets are 30 60 90 and 120 The default value is 60 30 Specify 30 minutes to add or to subtract during summertime 60 Specify 60 minutes to add or to subtract during summertime 90 Specify 90 minutes to add or to subtract during summertime 120 Specify 120 minutes to add or to subtract during summertime ...

Page 975: ...GS 3420 28SC admin show time Command show time Current Time Source System Clock Boot Time 8 Jan 2000 21 44 33 Current Time 9 Jan 2000 03 25 17 Time Zone GMT 00 00 Daylight Saving Time Disabled Offset In Minutes 60 Repeating From Apr 1st Sun 00 00 To Oct last Sun 00 00 Annual From 29 Apr 00 00 To 12 Oct 00 00 DGS 3420 28SC admin ...

Page 976: ...fy a range of ports to be configured all Specify all ports forward_list Specify a range of port forwarding domains null Specify the range of the port forwarding domain is null all Specify all ports portlist Specify a range of ports to be configured Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure traffic segmentation DGS 3420 28SC admi...

Page 977: ...orts to be displayed Note If no parameter is specified the system will display all current traffic segmentation tables Restrictions None Example To display the traffic segmentation table for ports 1 to 3 DGS 3420 28SC admin show traffic_segmentation 1 3 Command show traffic_segmentation 1 3 Traffic Segmentation Table Port Forward Portlist 1 1 28 2 1 28 3 1 28 DGS 3420 28SC admin ...

Page 978: ...port_number 0 65535 config udp_helper udp_port delete time tacacs dns tftp netbios ns netbios ds port_number 0 65535 show udp_helper udp_port ipif ipif_name 12 28 1 enable udp_helper Description This command is used to enable the UDP Helper function on the Switch Format enable udp_helper Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Exam...

Page 979: ...dmin disable udp_helper Command disable udp_helper Success DGS 3420 28SC admin 28 3 config udp_helper add ipif Description This command is used to add a UDP Helper server address for specific interface of Switch Format config udp_helper add ipif ipif_name 12 ipaddr Parameters ipif Specifies the name of the IP interface that receives the UDP broadcast ipif_name 12 Enter the IP interface name used h...

Page 980: ...me 12 ipaddr Parameters ipif Specifies the name of the IP interface that receives the UDP broadcast ipif_name 12 Enter the IP interface name used here This name can be up to 12 characters long ipaddr Enter the UDP Helper server IP address here Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a server address for System interface DGS 3420 ...

Page 981: ...he NetBIOS Datagram Server service The UDP port number is 138 port_number 0 65535 Enter any UDP ports used for services not listed This value must be between 0 and 65535 Restrictions Only Administrator Operator and Power User level users can issue this command Example To add a UDP port DGS 3420 28SC admin config udp_helper udp_port add 55 Command config udp_helper udp_port add 55 Success DGS 3420 ...

Page 982: ...ns Only Administrator Operator and Power User level users can issue this command Example To delete a UDP port DGS 3420 28SC admin config udp_helper udp_port delete 55 Command config udp_helper udp_port delete 55 Success DGS 3420 28SC admin 28 7 show udp_helper Description This command is used to display the current UDP Helper configuration on the Switch Format show udp_helper udp_port ipif ipif_na...

Page 983: ...3420 28SC admin To display the current UDP Helper all configured ports DGS 3420 28SC admin show udp_helper udp_port Command show udp_helper udp_port UDP Helper Status Enabled Application UDP Port User App1 55 DGS 3420 28SC admin To display the current UDP Helper for System interface DGS 3420 28SC admin show udp_helper ipif System Command show udp_helper ipif System UDP Helper Status Enabled Interf...

Page 984: ...est_file path_filename 64 rcp string 128 unit unit_id 1 12 src_file pathname include exclude begin filter_string 80 filter_string 80 filter_string 80 include exclude begin filter_string 80 filter_string 80 filter_string 80 include exclude begin filter_string 80 filter_string 80 filter_string 80 upload firmware_toRCP username username ipaddr dest_file path_filename 64 rcp string 128 unit unit_id 1 ...

Page 985: ...path name If path name is not specified it refers to the TFTP server path The maximum length is 64 characters unit Specifies which unit on the stacking system If it is not specified it refers to the master unit unit_id Enter the unit ID used here all Specifies that all the units in the stacking system will be used dest_file Optional Specify an absolute path name on the device file system If path n...

Page 986: ...ile dgs 3420 had dest_file runtime had Connecting to server Done Download firmware Done Do not power off Please wait programming flash Done DGS 3420 28SC admin 29 2 download cfg_fromRCP Description This command is used to download a configuration file from a Remote Copy Protocol RCP server Format download cfg_fromRCP username username ipaddr src_file path_filename 64 rcp string 128 unit unit_id 1 ...

Page 987: ...S 3420 cfg Command download cfg_fromRCP username rcp_user 172 18 212 106 src_file home DGS 3420 cfg Connecting to server Done Download configuration Done DGS 3420 28SC admin 29 3 download firmware_fromRCP Description This command is used to download a firmware file from a Remote Copy Protocol RCP server Format download firmware_fromRCP username username ipaddr src_file path_filename 64 rcp string ...

Page 988: ...this command Example To download firmware from an RCP server DGS 3420 28SC admin download firmware_fromRCP username rcp_user 10 90 90 90 src_file home DGS 3420 had Command download firmware_fromRCP username rcp_user 10 90 90 90 src_file home DGS 3420 had Connecting to server Done Download firmware Done Do not power off Please wait programming flash Done Saving current settings to NV RAM Done DGS 3...

Page 989: ...ng 80 Specify a filter string enclosed by the quotation mark symbol filter_string 80 Specify a filter string enclosed by the quotation mark symbol log_toTFTP Used to upload a log file from the device to a TFTP server ipaddr Specify the IP address of the TFTP server ipv6addr Specify the IPv6 address of the TFTP server domain_name 255 Enter the domain name of the TFTP server here This name can be up...

Page 990: ...e D firmware had src_file 2 00 009 had Connecting to server Done Upload firmware Done DGS 3420 28SC admin To upload the current configuration file to a TFTP server DGS 3420 28SC admin upload cfg_toTFTP 10 48 74 121 dest_file c cfg DGS 3420 cfg Command upload cfg_toTFTP 10 48 74 121 dest_file c cfg DGS 3420 cfg Connecting to server Done Upload configuration Done DGS 3420 28SC admin To upload all lo...

Page 991: ...cifies the destination file used path_filename 64 The pathname specifies the pathname on the RCP server or local device rcp Syntax rcp username ipaddr directory filename Example for FULL path user_name 10 1 1 1 home user_name desxxxx had Example for relative path user_name 10 1 1 1 desxxxx had Note Do not use any blank spaces in the string string 128 Enter the RCP string here unit Optinal Specifie...

Page 992: ... or local RCP client Note If a user specifies the relative file path the path search strategy will depend on the server system For some systems the current user working directory will be searched first followed by the environment paths string 128 Specify the path on the RCP server or local RCP client unit Optinal Specifies which unit on the stacking system If it is not specified it refers to the m...

Page 993: ...lative file path the path search strategy will depend on the server system For some systems the current user working directory will be searched first followed by the environment paths path_filename 64 Specify the path name on the RCP server rcp Specify the path name on the RCP server or local RCP client Syntax rcp username ipaddr directory filename Example for full path user_name 10 1 1 1 home use...

Page 994: ...Specify the remote user name on the RCP server username Specify the remote user name on the RCP server ipaddr Optional Specify the IP address of the RCP server dest_file Specify the path name of the RCP server Note If a user specifies the relative file path the path search strategy will depend on the server system For some systems the current user working directory will be searched first followed ...

Page 995: ...d log_toRCP rcp tld2 172 18 212 104 home DGS 3420 log Connecting to server Done Upload log Done Success DGS 3420 28SC admin 29 9 config firmware image Description This command is used to configure firmware as a boot up image Format config firmware image unit unit_id pathname boot_up Parameters unit Optional Specifies the unit ID used for this configuration unit_id Enter the unit ID used for this c...

Page 996: ...ive Specifies to apply the configuration Restrictions Only Administrator level users can issue this command Example To configure the specific configuration file as boot up DGS 3420 28SC admin config configuration 1 boot_up Command config configuration 1 boot_up Success DGS 3420 28SC admin 29 11 show config Description This command is used to display configuration information The output stream of t...

Page 997: ...ay only the commands which are not from the reset default setting current_config Specifies the current configuration boot_up Specifies the boot up configuration file Specify an absolute path name on the device file system pathname Specify an absolute path name on the device file system include Optional Includes lines that contain the specified filter string exclude Optional Excludes lines that con...

Page 998: ...te enable CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 29 12 show boot_file Description This command is used to display the configuration file and firmware image assigned as boot up files Format show boot_file Parameters None Restrictions None Example To display the configuration file and firmware image assigned as a boot up file DGS 3420 28SC admin show boot_file Command show boot_f...

Page 999: ...rmat config rcp server ipaddress ipaddr username username Parameters ipaddress Optional Specify the IP address of the global RCP server By default the server is unspecified ipaddr Specify the IP address of the RCP server username Optional Specify the remote user name on the RCP server username Specify the remote user name on the RCP server Restrictions Only Administrator level users can issue this...

Page 1000: ...he current username of the RCP global server DGS 3420 28SC admin config rcp server clear username Command config rcp server clear username Success DGS 3420 28SC admin 29 15 show rcp server Description This command is used to display Remote Copy Protocol RCP global server information Format show rcp server Parameters None Restrictions Only Administrator level users can issue this command Example To...

Page 1001: ...lue of 0 will send an infinite ICMP echo messages The maximum value is 255 The default is 0 timeout Optional Specify the time out period while waiting for a response from the remote device A value of 1 to 99 seconds can be specified The default is 1 second sec 1 99 Specify the time out period while waiting for a response from the remote device A value of 1 to 99 seconds can be specified The defaul...

Page 1002: ...Specify the size A value of 1 to 6000 can be specified The default is 100 timeout Optional Specify the time out period while waiting for a response from the remote device value 1 99 Specify the time out period while waiting for a response from the remote device A value of 1 to 99 can be specified The default is 1 second source_ip Specifies the source IPv6 address of the ping packets If specified t...

Page 1003: ...t value 1 60 Specify the time to live value of the trace route request This is the maximum number of routers that a trace route packet can pass while seeking the network path between two devices The range for the TTL is 1 to 60 hops The default value is 30 port Optional Specify the port number value 30000 649000 Specify the port number The value range is from 30000 to 64900 The default is 33435 ti...

Page 1004: ...alue of the trace route request This is the maximum number of routers that a trace route packet can pass while seeking the network path between two devices The range for the TTL is 1 to 60 hops The default value is 30 port Optional Specify the port number value 30000 649000 Specify the port number The value range is from 30000 to 64900 The default is 33435 timeout Optional Specify the timeout peri...

Page 1005: ... admin 29 20 telnet Description This command is used to login a Telnet server Format telnet ipaddr domain_name 255 ipv6addr tcp_port value 1 65535 Parameters ipaddr Specify the IP address of the Telnet server domain_name 255 Specify the domain name of the telnet server ipv6addr Specify the IPv6 address of the Telnet server tcp_port Optional Specify the Telnet server port number to be connected to ...

Page 1006: ...ipv6addr none Parameters ipif_name 12 Enter the IP interface name used here This name can be up to 12 characters long ipaddr Enter the IPv4 address used here ipv6addr Enter the IPv6 address used here none Specifies to remove the specified source address Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the IP 10 90 90 90 on the System i...

Page 1007: ...mand show telnet source_ipif Telnet Source IP Interface Configuration IP Interface System IPv4 Address 10 90 90 90 IPv6 Address None DGS 3420 28SC admin 29 23 enable broadcast_ping_reply Description The enable broadcast_ping_reply command used to enable broadcast ping reply state device will reply broadcast ping request Format enable broadcast_ping_reply Parameters None Restrictions Only Administr...

Page 1008: ...y command used to disable broadcast ping reply state device won t reply broadcast ping request Format disable broadcast_ping_reply Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable broadcast ping reply state DGS 3420 28SC admin disable broadcast_ping_reply Command disable broadcast_ping_reply Success DGS 3420 28SC admin 29...

Page 1009: ...lect an address of an interface as the source address for TFTP Format config tftp source_ipif ipif_name 12 ipaddr ipv6addr none Parameters ipif_name 12 Enter the IP interface name used here This name can be up to 12 characters long ipaddr Enter the IPv4 address used here ipv6addr Enter the IPv6 address used here none Specifies to remove the specified source address Restrictions Only Administrator ...

Page 1010: ..._ipif Description This command is used to show the configured source address for TFTP Format show tftp source_ipif Parameters None Restrictions None Example To display the source address for TFTP DGS 3420 28SC admin show tftp source_ipif Command show tftp source_ipif Telnet Source IP Interface Configuration IP Interface System IPv4 Address 10 90 90 90 IPv6 Address None DGS 3420 28SC admin ...

Page 1011: ...name 12 state enable disable priority int 1 254 ipaddress ipaddr advertisement_interval int 1 255 preempt true false critical_ip ipaddr critical_ip_state enable disable config vrrp ipif ipif_name 12 authtype none simple authdata string 8 ip authdata string 16 delete vrrp vrid vrid 1 255 ipif ipif_name 12 show vrrp ipif ipif_name 12 vrid vrid 1 255 30 1 enable vrrp Description This command is used ...

Page 1012: ... will be disabled Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable VRRP DGS 3420 28SC admin disable vrrp Command disable vrrp Success DGS 3420 28SC admin 30 3 create vrrp vrid Description This command is used to create a virtual router entry by VRID Format create vrrp vrid vrid 1 255 ipif ipif_name 12 ipaddress ipaddr state enable disabl...

Page 1013: ...t if the backup router s priority is set higher than the masters priority it will become the master instead of the current one false Specify that if the backup router s priority is higher than the masters priority it will not become the master until the master failed critical_ip Optional Specify an IP address that will provide the most direct route to the Internet or other critical network connect...

Page 1014: ...e between 1 and 255 seconds preempt Optional Controls whether a higher priority virtual router will preempt a lower priority master The preempt setting must be consistent with all the routers participating within the same VRRP group Default is setting is true true Specify that if the backup router s priority is set higher than the masters priority it will become the master instead of the current o...

Page 1015: ...s authentication type none Specify that no authentication algorithm will be used on this interface simple Specify that the authentication algorithm will be set to simple text on this interface authdata Specify the authentication data used in the simple text authentication algorithm string 8 Enter the authentication data used in the simple text authentication algorithm here This value can be up to ...

Page 1016: ...e Virtual Router ID used vrid 1 255 Enter the Virtual Router ID used here This value must be between 1 and 255 ipif Optional Specify the IP interface name used ipif_name 12 Enter the IP interface name used here This name can be up to 12 characters long If no parameter is specified all the VRRP entries will be deleted Restrictions Only Administrator Operator and Power User level users can issue thi...

Page 1017: ... If no parameter is specified then all the VRRP entries will be displayed Restrictions None Example To display the VRRP configuration DGS 3420 28SC admin show vrrp Command show vrrp Global VRRP Enabled Non owner Response Ping Disabled Interface Name System Authentication type Simple Text Password Authentication Data 12345678 VRID 1 Virtual IP Address 10 90 90 91 Virtual MAC Address 00 00 5E 00 01 ...

Page 1018: ...escription This command is used to enable the global voice VLAN function on a switch To enable the voice VLAN the voice VLAN must be also assigned At the same time the VLAN must be an existing static 802 1Q VLAN To change the voice VLAN the user must disable the voice VLAN function and re issue this command By default the global voice VLAN state is disabled Format enable voice_vlan vlan_name 32 vl...

Page 1019: ...ome unassigned Format disable voice_vlan Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable voice VLAN DGS 3420 28SC admin disable voice_vlan Command disable voice_vlan Success DGS 3420 28SC admin 31 3 config voice_vlan priority Description This command is used to configure voice VLAN priority The voice VLAN priority will b...

Page 1020: ...ommand is used to configure the user defined voice traffic s OUI The OUI is used to identify the voice traffic There are a number of pre defined OUIs The user can further define the user defined OUIs if needed The user defined OUI cannot be the same as the pre defined OUI The following are the pre defined voice traffic s OUI OUI Vendor Mnemonic Name 00 E0 BB 3COM 3com 00 03 6B Cisco cisco 00 E0 75...

Page 1021: ...nable or disable the voice VLAN function on ports or mode per port Format config voice_vlan ports portlist all state enable disable mode auto manual Parameters portlist Specify a range of ports to set all Specify to set all ports state Specify the voice VLAN function state on ports The default state is disabled enable Specify to enable the voice VLAN function state on ports disable Specify to disa...

Page 1022: ...to Command config voice_vlan ports 4 6 mode auto Success DGS 3420 28SC admin 31 6 config voice_vlan log state Description This command is used to configure the voice VLAN log state Format config voice_vlan log state enable disable Parameters enable Specify to enable the voice VLAN log state disable Specify to disable the voice VLAN log state Restrictions Only Administrator Operator and Power User ...

Page 1023: ...e voice VLAN after expiration of voice VLAN aging timer If the voice traffic resumes during the aging time the aging timer will be reset and stop Format config voice_vlan aging_time min 1 65535 Parameters min 1 65535 Specify the aging time The range is 1 to 65535 minutes The default value is 720 minutes Restrictions Only Administrator Operator and Power User level users can issue this command Exam...

Page 1024: ...signed Priority 5 Aging Time 720 minutes Log State Enabled DGS 3420 28SC admin 31 9 show voice_vlan lldp_med voice_device Description This command is used to display the voice devices that are discovered by LLDP MED Format show voice_vlan lldp_med voice_device Parameters None Restrictions None Example To display the voice devices that were discovered by LLDP MED DGS 3420 28SC admin show voice_vlan...

Page 1025: ...3 Chassis ID Subtype MAC Address Chassis ID 00 E0 BB 00 00 12 Port ID Subtype Network Address Port ID 00 01 E3 00 00 00 Create Time 10 6 2008 09 00 Remain Time 120 Seconds Total Entries 2 DGS 3420 28SC admin 31 10 show voice_vlan oui Description This command is used to display the OUI information for voice VLAN Format show voice_vlan oui Parameters None Restrictions None Example To display voice V...

Page 1026: ...00 00 00 Veritel 00 E0 BB 00 00 00 FF FF FF 00 00 00 3COM Total Entries 8 DGS 3420 28SC admin 31 11 show voice_vlan ports Description This command is used to display port voice VLAN information Format show voice_vlan ports portlist Parameters portlist Optional Specify a range of ports to display Note If no parameter is specified all voice VLAN port information will be displayed Restrictions None E...

Page 1027: ...is the latest time when the device sends the traffic Format show voice_vlan voice_device ports portlist Parameters portlist Optional Specify a range of ports to display Note If no parameter is specified the system will display the connected Voice device of all ports Restrictions None Example To display voice VLAN device ports 1 to 2 DGS 3420 28SC admin show voice_vlan voice_device ports 1 2 Comman...

Page 1028: ...t1ad enable gvrp disable gvrp show vlan vlan_name 32 show vlan vlanid vidlist show vlan ports portlist show gvrp config private_vlan vlan_name 32 vid vlanid 2 4094 add isolated community remove vlan_name 32 vlanid vidlist show private_vlan vlan_name 32 vlanid vidlist enable pvid auto_assign disable pvid auto_assign show pvid auto_assign 32 1 create vlan Description This command is used to create a...

Page 1029: ...private_vlan Command create vlan v3 tag 3 type private_vlan Success DGS 3420 28SC admin 32 2 create vlan vlanid Description This command is used to create a VLAN on the switch The VLAN ID must be always specified for creating a VLAN Format create vlan vlanid vidlist type 1q_vlan private_vlan advertisement Parameters vidlist Specify the VLAN ID of the VLAN to be created type Optional Specify the ty...

Page 1030: ...n create vlan vlanid 3 type private_vlan Command create vlan vlanid 3 type private_vlan Success DGS 3420 28SC admin 32 3 delete vlan Description This command is used to delete a previously configured VLAN on the switch Format delete vlan vlan_name 32 Parameters vlan_name 32 Specify the VLAN name of the VLAN to be deleted The maximum length is 32 characters Restrictions Only Administrator Operator ...

Page 1031: ... command Example To remove a VLAN ID 2 DGS 3420 28SC admin delete vlan vlanid 2 Command delete vlan vlanid 2 Success DGS 3420 28SC admin 32 5 config vlan Description This command is used to add or delete ports to or from the port list of a previously configured VLAN Users can specify the additional ports as tagged untagged or forbidden Format config vlan vlan_name 32 add tagged untagged forbidden ...

Page 1032: ...Restrictions Only Administrator Operator and Power User level users can issue this command Example To add 4 through 8 as tagged ports to the VLAN v1 DGS 3420 28SC admin config vlan v1 add tagged 4 8 Command config vlan v1 add tagged 4 8 Success DGS 3420 28SC admin To delete ports 4 through 8 from VLAN v1 DGS 3420 28SC admin config vlan v1 delete 4 8 Command config vlan v1 delete 4 8 Success DGS 34...

Page 1033: ...nge of ports to add or delete to the VLAN advertisement Specify to send GVRP out for this VLAN or not If not the VLAN cannot be joint dynamically enable Specify to enable GVRP disable Specify to disable GVRP name Specify the VLAN name vlan_name 32 The maximum length is 32 characters Restrictions Only Administrator Operator and Power User level users can issue this command Example To add 4 through ...

Page 1034: ...ingress checking is enabled the Switch checks if the incoming packet was assigned a VLAN on which the ingress port is a VLAN member If the incoming packet and the ingress port are not in the same VLAN the packet will be dropped enable Enable ingress checking for the specified port list disable Disable ingress checking for the specified port list acceptable_frame Specify the type of frame that will...

Page 1035: ...be displayed Note If no parameter is specified the system will display GVRP information for all ports Restrictions None Example To display 802 1q port settings for ports 1 to 3 DGS 3420 28SC admin show port_vlan 1 3 Command show port_vlan 1 3 Port PVID GVRP Ingress Checking Acceptable Frame Type 1 1 Disabled Enabled All Frames 2 1 Disabled Enabled All Frames 3 1 Disabled Enabled All Frames Total E...

Page 1036: ...e time should greater than 2 Join times and the LeaveAll time should greater than Leave time nni_bpdu_addr Determine the BPDU protocol address for GVRP in service provide site It can use 802 1d GVRP address or 802 1ad service provider GVRP address dot1d Specify a 802 1d GVRP address dot1ad Specify a 802 1ad service provider GVRP address Restrictions Only Administrator Operator and Power User level...

Page 1037: ... 3420 28SC admin enable gvrp Command enable gvrp Success DGS 3420 28SC admin 32 11 disable gvrp Description This command is used to disable Generic VLAN Registration Protocol GVRP Format disable gvrp Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable Generic VLAN Registration Protocol GVRP DGS 3420 28SC admin disable gvrp C...

Page 1038: ...me 32 Parameters vlan_name 32 Optional Specify the name of the VLAN to be displayed The maximum length is 32 characters Restrictions None Example To display VLAN settings DGS 3420 28SC admin show vlan Command show vlan VLAN Trunk State Disabled VLAN Trunk Member Ports VID 1 VLAN Name default VLAN Type Static Advertisement Enabled Member Ports 1 28 Static Ports 1 28 Current Tagged Ports Current Unt...

Page 1039: ... Non member status for each port Format show vlan vlanid vidlist Parameters vidlist Specify the VLAN ID number to be displayed Restrictions None Example To display VLAN settings for VLAN ID 1 DGS 3420 28SC admin show vlan vlanid 1 Command show vlan vlanid 1 VID 1 VLAN Name default VLAN Type Static Advertisement Enabled Member Ports 1 28 Static Ports 1 28 Current Tagged Ports Current Untagged Ports...

Page 1040: ...ers portlist Optional Specify a range of ports for which you want to display VLAN The beginning and end of the port list range are separated by a dash Restrictions None Example To display VLAN port settings DGS 3420 28SC admin show vlan ports 1 2 Command show vlan ports 1 2 Port VID Untagged Tagged Dynamic Forbidden 1 1 X 2 1 X DGS 3420 28SC admin 32 15 show gvrp Description This command is used t...

Page 1041: ... The tagged member port of the primary VLAN is named as the trunk port A promiscuous port of a private VLAN cannot be promiscuous port of other private VLANs The primary VLAN member port cannot be a secondary VLAN member at the same time or vice versa A secondary VLAN can only have the untagged member port The member port of a secondary VLAN cannot be member port of other secondary VLAN at the sam...

Page 1042: ...N ID Restrictions Only Administrator Operator and Power User level users can issue this command Example To associate secondary VLAN to private VLAN p1 DGS 3420 28SC admin config private_vlan p1 add community vlanid 2 5 Command config private_vlan p1 add community vlanid 2 5 Success DGS 3420 28SC admin 32 17 show private_vlan Description This command is used to display private VLAN information on t...

Page 1043: ...to enable the auto assignment of PVID If auto assign PVID is disabled PVID can only be changed by PVID configuration user changes explicitly The VLAN configuration will not automatically change PVID If Auto assign PVID is enabled PVID can be changed by PVID or VLAN configuration When a user configures a port to VLAN X s untagged membership this port s PVID will be updated with VLAN X PVID is updat...

Page 1044: ...omatically change PVID If auto assign PVID is enabled PVID can be changed by PVID or VLAN configuration When a user configures a port to VLAN X s untagged membership this port s PVID will be updated with VLAN X PVID is updated with the last item of the VLAN list When a user removes a port from the untagged membership of the PVID s VLAN the port s PVID will be assigned with default VLAN Format disa...

Page 1045: ...show pvid auto_assign Description This command is used to display the PVID auto assign state Format show pvid auto_assign Parameters None Restrictions None Example To display the PVID auto assignment state DGS 3420 28SC admin show pvid auto_assign PVID Auto assignment Enabled DGS 3420 28SC admin ...

Page 1046: ...s used to enable VLAN trunking When VLAN trunking function is enabled the VLAN trunk ports shall be able to forward all tagged frames with any VID Format enable vlan_trunk Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable VLAN trunking DGS 3420 28SC admin enable vlan_trunk Command enable vlan_trunk Success DGS 3420 28SC adm...

Page 1047: ...ted link To change the VLAN trunking setting for an aggregated link the user must apply the command to the master port If the command is applied to link aggregation member port excluding the master the command will be rejected Ports with different VLAN configurations are not allowed to form an aggregated link However if they are specified as a VLAN trunking port they are allowed to form an aggrega...

Page 1048: ...28SC admin To configure port 6 as an LA 1 member port and port 7 as an LA 2 master port DGS 3420 28SC admin config vlan_trunk ports 6 7 state enable Command config vlan_trunk ports 6 7 state enable Warning Port 6 is a Link Aggregation member port VLAN trunk is not enabled on port 6 Success DGS 3420 28SC admin config vlan_trunk ports 7 state disable Command config vlan_trunk ports 7 state disable S...

Page 1049: ...e disable Command config vlan_trunk ports 7 state disable Success DGS 3420 28SC admin config vlan_trunk ports 6 7 state disable Command config vlan_trunk ports 6 7 state disable Success DGS 3420 28SC admin 33 4 show vlan_trunk Description This command is used to display VLAN trunking information Format show vlan_trunk Parameters None Restrictions None Example To display the current VLAN trunking i...

Page 1050: ...xStack DGS 3420 Series Layer 2 Managed Stackable Gigabit Switch CLI Reference Guide 1045 VLAN Trunk Member Ports DGS 3420 28SC admin ...

Page 1051: ...tp_port tcp_port_number 1 65535 http https create wac user username 15 vlan vlan_name 32 vlanid vlanid 1 4094 delete wac user username 15 all_users config wac user username 15 vlan vlan_name 32 vlanid vlanid 1 4094 clear_vlan show wac show wac ports portlist show wac user show wac auth_state ports portlist clear wac auth_state ports portlist all authenticated authenticating blocked macaddr macaddr...

Page 1052: ... function DGS 3420 28SC admin enable wac Command enable wac Success DGS 3420 28SC admin 34 2 disable wac Description This command is used to disable the WAC function Format disable wac Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the WAC function DGS 3420 28SC admin disable wac Command disable wac Success DGS 3420 28S...

Page 1053: ...y the RADIUS server to be accepted disable Specify to disable authorized data assigned by the RADIUS server from being accepted local If specified to enable the authorized data assigned by the local database will be accepted if the global authorization network is enabled The default state is enabled enable Specify to enable authorized data assigned by the local database to be accepted disable Spec...

Page 1054: ...te the host will not be removed from the authenticated state due to idle of traffic min 1 1440 Specify an idle time between 1 and 1440 minutes block_time If a host fails to pass the authentication it will be blocked for this period of time before it can be re authenticated The default value is 60 seconds sec 0 300 Specify a block time between 0 and 300 seconds Restrictions Only Administrator Opera...

Page 1055: ...ethod DGS 3420 28SC admin config wac method radius Command config wac method radius Success DGS 3420 28SC admin 34 6 config wac default_redirpath Description This command is used to configure the WAC default redirect path If default redirect path is configured the user will be redirected to the default redirect path after successful authentication When the string is cleared the client will not be ...

Page 1056: ...rator Operator and Power User level users can issue this command Example To clear the WAC default redirect path DGS 3420 28SC admin config wac clear_default_redirpath Success DGS 3420 28SC admin 34 8 config wac virtual_ip Description This command is used to configure the WAC virtual IP address When virtual IP is specified the TCP packets sent to the virtual IP will get a reply If virtual IP is ena...

Page 1057: ...34 9 config wac switch_http_port Description This command is used to configure the TCP port which the WAC switch listens to The TCP port for HTTP or HTTPs is used to identify the HTTP or HTTPs packets that will be trapped to CPU for authentication processing or to access the login page If not specified the default port number for HTTP is 80 and the default port number for HTTPS is 443 If no protoc...

Page 1058: ...AN assigned after the authentication Format create wac user username 15 vlan vlan_name 32 vlanid vlanid 1 4094 Parameters username 15 Specify the user account for Web based Access Control vlan Optional Specify the authentication VLAN name vlan_name 32 Specify the authentication VLAN name The VLAN name can be up to 32 characters long vlanid Optional Specify the authentication VLAN ID number vlanid ...

Page 1059: ...n be up to 15 characters long all_users Specify this option to delete all current WAC users Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a WAC account DGS 3420 28SC admin delete wac user duhon Command delete wac user duhon Success DGS 3420 28SC admin 34 12 config wac user Description This command is used to change the VLAN associated ...

Page 1060: ...n Specify to clear the specified VLAN Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the user s VLAN DGS 3420 28SC admin config wac user abc vlanid 100 Command config wac user abc vlanid 100 Enter a old password Enter a case sensitive new password Enter the new password again for confirmation Success DGS 3420 28SC admin 34 13 show wa...

Page 1061: ... Enabled DGS 3420 28SC admin 34 14 show wac ports Description This command is used to display WAC port information Format show wac ports portlist Parameters portlist Optional Specify a range of member ports to display the status Restrictions None Example To display WAC ports 1 to 3 DGS 3420 28SC admin show wac ports 1 3 Command show wac ports 1 3 Port State Aging Time Idle Time Block Time min min ...

Page 1062: ...xample To show Web authentication user accounts DGS 3420 28SC admin show wac user Command show wac user User Name Password VID 123 1000 Total Entries 1 DGS 3420 28SC admin 34 16 show wac auth_state ports Description This command is used to display the authentication state for ports Format show wac auth_state ports portlist Parameters portlist Optional Specify the list of ports whose WAC authentica...

Page 1063: ...r the authentication state of a port The port will return to un authenticated state All the timers associated with the port will be reset Format clear wac auth_state ports portlist all authenticated authenticating blocked macaddr macaddr Parameters ports Specify the list of ports whose WAC state will be cleared portlist Specify a range of ports all Specify to clear all ports authenticated Optional...

Page 1064: ...onfigure the login window title of the authentication page desc 64 Enter the login window title used here This value can be up to 64 characters long user_name_title Specifies to configure the user name title of the authentication page desc 32 Enter the user name title used here This value can be up to 32 characters long password_title Specifies to configure the password title of the authentication...

Page 1065: ...SC admin 34 19 show wac authenticate_page Description This command is used to show the elements of the customized authenticate pages Format show wac authenticate_page Parameters None Restrictions None Example The following example displays the authentication page elements DGS 3420 28SC admin show wac authenticate_page Command show wac authenticate_page Page Title D Link Login Window Title Authenti...

Page 1066: ... cos class_id 0 7 profile default profile_id int 2 128 profile_name 32 weight int 0 15 profile default profile_id int 2 128 profile_name 32 weight int 0 15 delete wred profile profile_id int 2 128 profile_name 32 all show wred ports portlist show wred profile default profile_id int 2 128 profile_name 32 35 1 enable wred Description This command is used to enable the WRED global state Format enable...

Page 1067: ...r User level users can issue this command Example To disable wred global state DGS 3420 28SC admin disable wred Command disable wred Success DGS 3420 28SC admin 35 3 create wred profile Description This command is used to create a WRED profile Format create wred profile int 2 128 profile_name profile_name 32 Parameters int 2 128 Specify the WRED profile ID to be added profile_name Specify the prof...

Page 1068: ...ped non_tcp Optional Specify the non TCP type of packets to be dropped green Optional Specify the green packets to be dropped yellow Optional Specify the yellow packets to be dropped red Optional Specify the red packets to be dropped min_threshold Specify the minimum threshold value used If the queue size is higher than this value then the color yellow will be assigned to it If the queue size is l...

Page 1069: ...fault profile_id int 2 128 profile_name 32 weight int 0 15 Parameters portlist Specify a range of ports to be configured all Specify all ports to be configured cos Specify the hardware priority queues class_id 0 7 Enter the priority between 0 and 7 profile Specify the profile to be used default Specify the default profile to be used profile_id Specify the profile ID to be used int 2 128 Enter the ...

Page 1070: ...20 28SC admin 35 6 delete wred profile Description This command is used to delete a WRED profile Format delete wred profile profile_id int 2 128 profile_name 32 all Parameters profile_id Specify the profile ID to be deleted int 2 128 Enter the profile ID between 2 and 128 profile_name 32 Specify the profile name to be delete all Specify all profiles to be delete Restrictions Only Administrator Ope...

Page 1071: ... 1066 35 7 show wred Description This command is used to display the WRED port information Format show wred ports portlist Parameters ports Optional Specify a range of ports portlist Optional Enter a range of ports Restrictions None Example To display wred of port 1 1 and 1 2 settings ...

Page 1072: ...ight Profile_id Profile_Name 0 9 1 default 1 9 1 default 2 9 1 default 3 9 1 default 4 9 1 default 5 9 1 default 6 9 1 default 7 9 1 default DGS 3420 28SC admin 35 8 show wred profile Description This command is used to display the WRED profile information Format show wred profile default profile_id int 2 128 profile_name 32 Parameters default Optional Specify the default profile to be displayed p...

Page 1073: ...ID 1 Profile Name default Packet Type Min Threshold Max Threshold Max Drop Rate TCP GREEN 50 100 50 TCP YELLOW 50 100 50 TCP RED 50 100 50 NON TCP GREEN 50 100 50 NON TCP YELLOW 50 100 50 NON TCP RED 50 100 50 WRED Profile ID 2 Profile Name profilename Packet Type Min Threshold Max Threshold Max Drop Rate TCP GREEN 50 100 50 TCP YELLOW 50 100 50 TCP RED 50 100 50 NON TCP GREEN 50 100 50 NON TCP YE...

Page 1074: ...ature requires the user to physically access the device Therefore this feature is only applicable when there is a direct connection to the console port of the device It is necessary for the user needs to attach a terminal or PC with terminal emulation to the console port of the switch Power on the switch After the runtime image and UART init are loaded to 100 the switch will allow 2 seconds for th...

Page 1075: ... displayed to allow the user to save the current settings force_agree Specify to forcibly agree with the command reset account The reset account command deletes all the previously created accounts reset password username The reset password command resets the password of the specified user If a username is not specified the passwords of all users will be reset show account The show account command ...

Page 1076: ...ning state Parameters description unitID The unit ID portNum The port number Warning Event description The authorized user number on a port is below the maximum user limit in a time interval interval is project dependent Log Message Port unitID portNum recovers from MAC based Access Control stop learning state Parameters description unitID The unit ID portNum The port number Warning Event descript...

Page 1077: ... Log Message The boundary clock synchronized to its master the offset value is Offset second s Parameters description Offset The value of the offset between the slave and master Informational Only when the synchronized more than one second this log message will be send DHCPv6 Client Event description DHCPv6 client interface administrator state changed Log Message DHCPv6 client on interface ipif na...

Page 1078: ...cess Log Message The IPv6 address ipv6address on interface ipif name rebinds success Parameters description ipv6address ipv6 address obtained from a DHCPv6 server ipif name Name of the DHCPv6 client interface Informational Event description The ipv6 address from a DHCPv6 server was deleted Log Message The IPv6 address ipv6address on interface ipif name was deleted Parameters description ipv6addres...

Page 1079: ... in the stacking system session The user s session username Represent current login user ipaddr Represent client IP address macaddr Represent client MAC address Warning Event description Firmware uploaded successfully Log Message Firmware uploaded by session successfully Username username IP ipaddr MAC macaddr Parameters description session The user s session username Represent current login user ...

Page 1080: ...on Configuration upload unsuccessfully Log Message Configuration upload by session unsuccessfully Username username IP ipaddr MAC macaddr Parameters description session The user s session username Represent current login user ipaddr Represent client IP address macaddr Represent client MAC address Warning Event description Log message uploaded successfully Log Message Log message uploaded by sessio...

Page 1081: ...lly Log Message Attack log message uploaded by session successfully Username username IP ipaddr MAC macaddr Parameters description session The user s session username Represent current login user ipaddr Represent client IP address macaddr Represent client MAC address Informational Event description Attack log message upload unsuccessfully Log Message Attack log message upload by session unsuccessf...

Page 1082: ... Informational Event description Firmware upload was unsuccessful Log Message Firmware upload by session was unsuccessful Username username IP ipaddr MAC macaddr Parameters description session The user s session Username Represent current login user Ipaddr Represent client IP address Warning Event description Configuration successfully downloaded Log Message Configuration successfully downloaded b...

Page 1083: ... macaddr Parameters description session The user s session Username Represent current login user Ipaddr Represent client IP address macaddr Represent client MAC address Informational Event description Log message upload was unsuccessful Log Message Log message upload by session was unsuccessful Username username IP ipaddr MAC macaddr Parameters description session The user s session Username Repre...

Page 1084: ... Interger value 2 Represent the id of the device in the stacking system portNum 1 Interger value 2 Represent the logic port number of the device ipif_name The name of the interface of the switch which has the conflic IP address Warning Telnet Event description Successful login through Telnet Log Message Successful login through Telnet Username username IP ipaddr Parameters description ipaddr The I...

Page 1085: ...ntication failure Log Message 802 1X Authentication failure for reason from Username username Port unitID portNum MAC macaddr Parameters description reason The reason for the failed authentication username The user that is being authenticated unitID The unit ID portNum The switch port number macaddr The MAC address of thr authenticated device Warning Event description 802 1X Authentication success...

Page 1086: ...will be assigned to the port Log Message RADIUS server ipaddr assigned egress bandwidth egressBandwidth to port unitID portNum account username Parameters description ipaddr The IP address of the RADIUS server egressBandwidth The egress bandwidth of RADIUS assign unitID The unit ID portNum The port number Username The user that is being authenticated Informational Event description 802 1p default ...

Page 1087: ...dress 4 5 networkAddress 5 6 interfaceName 6 7 local 7 chassisID chassis ID portType port ID subtype Value list 1 interfaceAlias 1 2 portComponent 2 3 macAddress 3 4 networkAddress 4 5 interfaceName 5 6 agentCircuitId 6 7 local 7 portID port ID deviceClass LLDP MED device type Notice Event description Conflict LLDP MED device type detected Log Message Conflict LLDP MED device type detected on port...

Page 1088: ... chassisComponent 1 2 interfaceAlias 2 3 portComponent 3 4 macAddress 4 5 networkAddress 5 6 interfaceName 6 7 local 7 chassisID chassis ID portType port ID subtype Value list 1 interfaceAlias 1 2 portComponent 2 3 macAddress 3 4 networkAddress 4 5 interfaceName 5 6 agentCircuitId 6 7 local 7 portID port ID deviceClass LLDP MED device type Notice Voice VLAN Event description When a new voice devic...

Page 1089: ...description Hot insertion Log Message Unit unitID MAC macaddr Hot insertion Parameters description unitID Box ID Macaddr MAC address Informational Event description Hot removal Log Message Unit unitID MAC macaddr Hot removal Parameters description unitID Box ID Macaddr MAC address Informational Event description Stacking topology change Log Message Stacking topology is Stack_TP_TYPE Master Unit un...

Page 1090: ...gin HTTP server ipaddr The IP address of HTTP client Informational Event description Login failed through Web Log Message Login failed through Web Username username IP ipaddr Parameters description username The use name that used to login HTTP server ipaddr The IP address of HTTP client Warning Event description Web session timed out Log Message Web session timed out Username usrname IP ipaddr Par...

Page 1091: ...ess of SSL client Information Port Security Event description Address full on a port Log Message Port security violation MAC macaddr on port unitID portNum Parameters description macaddr The violation MAC address unitID The unit ID portNum The port number Warning Safe Guard Event description The host enters the mode of normal Log Message Unit unitID Safeguard Engine enters NORMAL mode Parameters d...

Page 1092: ...g Message Logout through Console Telnet Web SSL SSH Username username IP ipaddr ipv6address Parameters description ipaddr IP address username user name ipv6address IPv6 address Informational Event description session timed out Log Message Console Telnet Web SSL SSH session timed out Username username IP ipaddr ipv6address Parameters description ipaddr IP address username user name ipv6address IPv6...

Page 1093: ...t description Enable Admin failed due to AAA server timeout or improper configuration Log Message Enable Admin failed through Console Telnet Web SSL SSH from ipaddr ipv6address due to AAA server ipaddr ipv6address timeout or improper configuration Username username Parameters description ipaddr IP address ipv6address IPv6 address username user name Warning Event description Enable Admin failed aut...

Page 1094: ...ser Name string IP ipaddr ipv6address MAC macaddr Port unitID portNum Parameters description string User name ipaddr IP address ipv6address IPv6 address macaddr MAC address unitID The unit ID portNum The port number Warning Event description This log will be triggered when the number of authorized users reaches the maximum user limit on the whole device Log Message WAC enters stop learning state W...

Page 1095: ... device Log Message JWAC enters stop learning state Warning Event description This log will be triggered when the number of authorized users is below the maximum user limit on the whole device in a time interval 5 min Log Message JWAC recovered from stop learning state Warning LBD Event Description Loop back is detected under port based mode Log Message Port unitID portNum LBD loop occurred Port b...

Page 1096: ...ng Event description Dynamic IMPB entry conflicts with static FDB Log Message Dynamic IMPB entry conflicts with static FDB IP ipaddr ipv6addr MAC macaddr Port unitID portNum Parameters description ipaddr IP address ipv6addr IPv6 address macaddr MAC address unitID The unit ID portNum The port number Warning Event description Dynamic IMPB entry conflicts with static IMPB Log Message Dynamic IMPB ent...

Page 1097: ...r IP address ipv6addr IPv6 address macaddr MAC address unitID The unit ID portNum The port number Warning Traffic Control Event description Broadcast storm occurrence Log Message Port unitID portNum Broadcast storm is occurring Parameters description unitID The unit ID portNum The port number Warning Event description Broadcast storm cleared Log Message Port unitID portNum broadcast storm has clea...

Page 1098: ... detected with our device unitID The unit ID portNum The port number Informational Event Description Detected untrusted source IP in ICMPv6 Router Advertisement Message Log Message Detected untrusted source IP of ICMPv6 Router Advertisement message IP ipv6addr Port unitID portNum Parameters Description Ipv6addr The untrusted ICMPv6 Router Advertisement address which has been detected with our devi...

Page 1099: ... Informational Event description New root port Log Message New root port selected Instance InstanceID port unitID portNum Parameters description InstanceID Instance ID portNum Port ID Notice Event description Spanning Tree port status changed Log Message Spanning Tree port status changed Instance InstanceID port unitID portNum old_status new_status Parameters description InstanceID Instance ID por...

Page 1100: ...vel New revision level Informational Event description Spanning Tree MST configuration ID VLAN mapping table deleted Log Message Spanning Tree MST configuration ID VLAN mapping table changed instance InstanceID delete vlan startvlanid endvlanid Parameters description InstanceID Instance ID startvlanid endvlanid VLANlist Informational Event description Spanning Tree MST configuration ID VLAN mappin...

Page 1101: ...dlevel VLAN vlanid Local Port unitID portNum Direction mepdirection Parameters description vlanid Represents the VLAN identifier of the MEP mdlevel Represents the MD level of the MEP unitID Represents the ID of the device in the stacking system portNum Represents the logical port number of the MEP mepdirection Represents the MEP direction which can be inward or outward Warning Event description Re...

Page 1102: ...ID mepid Parameters description vlanid Represents the VLAN identifier of the MEP mdlevel Represents the MD level of the MEP unitID Represents the ID of the device in the stacking system portNum Represents the logical port number of the MEP mepdirection Represents the direction of the MEP This can be inward or outward mepid Represents the MEPID of the MEP Notice Event description LCK condition dete...

Page 1103: ...unitID portNum optic module thresholdType exceedType the thresholdSubType warning threshold Parameters description unitID The unit ID portNum The port number thresholdType the DDM threshold type The value should be one of the following values temperature supply voltage bias current TX power RX power exceedType indicate exceed threshold or recover to normal event the value should be recovered from ...

Page 1104: ...ddr IP address username user name ipv6address IPv6 address Informational Event description Login failed through SSH Log Message Login failed through Console Telnet Web SSH Username username IP ipaddr ipv6address Parameters description ipaddr IP address username user name ipv6address IPv6 address Warning Event description Logout through SSH Log Message Logout through Console Telnet Web SSH Username...

Page 1105: ...ough SSH authenticated by AAA local or server Log Message Enable Admin failed through Console Telnet Web SSH from ipaddr ipv6address authenticated by AAA local server ipaddr ipv6address Username username Parameters description local enable admin by AAA local method server enable admin by AAA server method ipaddr IP address ipv6address IPv6 address username user name Warning Event description Succe...

Page 1106: ...ame username IP ipaddr ipv6address Parameters description username The username upgraded client public keys file ipaddr The IP address of the public keys file server ipv6address The IP address of the public keys file server Informational RIPng Event description The RIPng state of interface changed Log Message RIPng 1 RIPng protocol on interface intf name changed state to enabled disabled Parameter...

Page 1107: ...atically recover Log Message Port unitID portNum recover from BPDU under protection state automatically Parameters description unitID The unit ID portNum The port number Informational Event description BPDU attack manually recover Log Message Port unitID portNum recover from BPDU under protection state automatically Parameters description unitID The unit ID portNum The port number severity informa...

Page 1108: ...ge notification is sent when the value of lldpStatsRemTableLastChangeTime changes Binding objects 1 lldpStatsRemTablesInserts 2 lldpStatsRemTablesDeletes 3 lldpStatsRemTablesDrops 4 lldpStatsRemTablesAgeouts 1 0 8802 1 1 2 0 0 1 LLDP MED lldpXMedTopologyChangeDetected A notification generated by the local device sensing a change in the topology that indicates that a new remote device attached to a...

Page 1109: ...MgmtId 2 swUnitMgmtMacAddr 1 3 6 1 4 1 171 12 11 2 2 1 0 1 swUnitRemove Unit Hot Remove notification Binding objects 1 swUnitMgmtId 2 swUnitMgmtMacAddr 1 3 6 1 4 1 171 12 11 2 2 1 0 2 swUnitFailure Unit Failure notification Binding objects 1 swUnitMgmtId 1 3 6 1 4 1 171 12 11 2 2 1 0 3 swUnitTPChange The stacking topology change notification Binding objects 1 swStackTopologyType 2 swUnitMgmtId 3 s...

Page 1110: ...block shutdown mode Binding objects 1 swBpduProtectionPortIndex 2 swBpduProtectionPortMode 1 3 6 1 4 1 171 12 76 4 0 1 swBpduProtectionRecoveryTrap BPDU attack automatically recover Binding objects 1 swBpduProtectionPortIndex 2 swBpduProtectionRecoveryMethod 1 3 6 1 4 1 171 12 76 4 0 2 IMPB swIpMacBindingViolationTrap When the IP MAC Binding trap is enabled if there s a new MAC that violates the p...

Page 1111: ...tectedTrap Signal fail detected on node Binding objects 1 swERPSNodeId 1 3 6 1 4 1 171 12 78 4 0 1 swERPSSFClearedTrap Signal fail cleared on node Binding objects 1 swERPSNodeId 1 3 6 1 4 1 171 12 78 4 0 2 swERPSRPLOwnerConflictTrap RPL owner conflicted on the ring Binding objects 1 swERPSNodeId 1 3 6 1 4 1 171 12 78 4 0 3 MSTP newRoot The newRoot trap indicates that the sending agent has become t...

Page 1112: ... 12 86 10 0 0 4 Port linkup A notification is generated when port linkup Binding objects 1 ifIndex 2 if AdminStatus 3 ifOperStatus 1 3 6 1 6 3 1 1 5 4 linkDown A notification is generated when port linkdown Binding objects 1 ifIndex 2 if AdminStatus 3 ifOperStatus 1 3 6 1 6 3 1 1 5 3 DDM swDdmAlarmTrap The trap is sent when any parameter value exceeds the alarm threshold value or recovers to norma...

Page 1113: ...ed Binding objects 1 swDoSCtrlType 2 swDoSNotifyVarIpAddr 3 swDoSNotifyVarPortNumber 1 3 6 1 4 1 171 12 59 4 0 1 SNMP authenticationFailure An authenticationFailure trap signifies that the SNMP entity has received a protocol message that is not properly authenticated While all implementations of SNMP entities MAY be capable of generating this trap the snmpEnableAuthenTraps object indicates whether...

Page 1114: ...ific Attribute Description Value Usage Vendor ID Defines the vendor 171 DLINK Required Vendor Type Defines the attribute 2 for ingress bandwidth 3 for egress bandwidth Required Attribute Specific Field Used to assign the bandwidth of a port Unit Kbits Required If the user has configured the bandwidth attribute of the RADIUS server for example ingress bandwidth 1000Kbps and the 802 1X authenticatio...

Page 1115: ...ty attribute and authenticates successfully the device will not assign a priority to this port If the priority attribute is configured on the RADIUS server is a value out of range 7 it will not be set to the device To assign VLAN by RADIUS Server the proper parameters should be configured on the RADIUS Server To use VLAN assignment RFC3580 defines the following tunnel attributes in RADIUS packets ...

Page 1116: ...g string as a VLAN Name 4 Then it will check to find a matched VLAN Name If the user has configured the VLAN attribute of the RADIUS server for example VID 3 and the 802 1X MAC based Access Control or WAC authentication is successful the port will be assigned to VLAN 3 However if the user does not configure the VLAN attributes when the port is not a guest VLAN member it will be kept in its current...

Page 1117: ...an_id default port all deny Required If the user has configured the ACL attribute of the RADIUS server for example ACL profile create access_profile ethernet vlan 0xFFF profile_id 100 ACL rule config access_profile profile_id 100 add access_id auto_assign ethernet and the 802 1X MAC based Access Control WAC or JWAC authentications are successful the device will assign the ACL profiles and rules ac...

Reviews: