manualshive.com logo in svg

D-Link xStack DGS-3426, Cli Manual

The D-Link xStack DGS-3426 offers advanced networking capabilities for businesses and individuals. With its user-friendly interface, this product ensures seamless operation. Enhance your experience by downloading the free User Manual from manualshive.com to make the most of this high-performance networking solution.

Share
Download
background image

xStack DGS-3400 Series Layer 2 Gigabit Managed Switch CLI Manual

 

DGS-3400:4#show authen parameter  
Command: show authen parameter 
 
Response timeout : 60 seconds 
User attempts        : 5 
 
DGS-3400:4# 

 

enable admin 

Purpose 

Used to promote user level privileges to administrator level privileges

Syntax 

enable admin 

This command is for users who have logged on to the Switch on the 
normal user level, to become promoted to the administrator level. 
After logging on to the Switch users will have only user level 
privileges. To gain acess to administrator level privileges, the user 
will enter this command and will have to enter an authentication 
password. Possible authentication methods for this function include 
TACACS, XTACACS, , RADIUS, user defined server 
groups, local enable (local account on the Switch), or no 
authentication (

none

). Because XTACACS and TACACS do not 

support the enable function, the user must create a special account 
on the server host which has the username “enable”, and a 
password configured by the administrator that will support the 
“enable” function. This function becomes inoperable when the 
authentication policy is disabled. 

Parameters None. 

Only 

administrator-level users can issue this command. 

Description 

Restrictions 

Example usage: 

 

To enable administrator privileges on the Switch: 

DGS-3400:4#enable admin 
Password: ****** 
 
DGS-3400:4# 

 

config admin local_enable 

Purpose 

Used to configure the local enable password for administrator level 
privileges. 

Syntax 

config admin local_enable 

Description 

This command will configure the locally enabled password for the

 

enable admin

 command. When a user chooses the “

local_enable

” 

method to promote user level privileges to administrator privileges, 
he or she will be prompted to enter the password configured here, 
that is set locally on the Switch.  

Parameters 

<password 15> 

- After entering this command, the user will be 

prompted to enter the old password, then a new password in an 
alphanumeric string of no more than 15 characters, and finally 
prompted to enter the new password again for confirmation. See the 
example below. 

Restrictions Only 

administrator-level users can issue this command. 

Example usage: 

 

210

Summary of Contents for xStack DGS-3426

Page 1: ...ProductModel DGS 3400 Series Layer2GigabitEthernetManagedSwitch Release1 2 CLI Manual ...

Page 2: ...May 2006 651GS3400025G RECYCLABLE ...

Page 3: ...COMMANDS 103 LINK AGGREGATION COMMANDS 109 IP MAC BINDING COMMANDS 114 BASIC IP COMMANDS 118 IGMP SNOOPING COMMANDS 121 MLD SNOOPING COMMANDS 128 802 1X COMMANDS 136 ACCESS CONTROL LIST ACL COMMANDS 151 SAFEGUARD ENGINE COMMANDS 167 TRAFFIC SEGMENTATION COMMANDS 170 TIME AND SNTP COMMANDS 172 ARP COMMANDS 177 ROUTING TABLE COMMANDS 182 MAC NOTIFICATION COMMANDS 188 ACCESS AUTHENTICATION CONTROL CO...

Page 4: ... the Switch via the Serial Port The Switch s serial port s default settings are as follows 115200 baud no parity 8 data bits 1 stop bit A computer running a terminal emulation program capable of emulating a VT 100 terminal and a serial port configured as above is then connected to the Switch s serial port via an RS 232 DB 9 cable With the serial port properly connected to a management computer the...

Page 5: ...s to be assigned to the IP interface named System and the y s represent the corresponding subnet mask 2 Alternatively you can enter config ipif System ipaddress xxx xxx xxx xxx z Where the x s represent the IP address to be assigned to the IP interface named System and the z represents the corresponding number of subnets in CIDR notation The IP interface named System on the Switch can be assigned ...

Page 6: ...0 0 0 0 or in essence have no IP address This function maybe used to disable Layer 3 functions of the Switch When the IP address is set to 0 0 0 0 invalid IP address the Switch can only be managed through the console port or SIM Other management applications such as Telnet Web based and SNMP cannot be used to manage the Switch when its IP address is 0 0 0 0 3 ...

Page 7: ...last configuration saved to NV RAM will be loaded Connecting to the Switch The console interface is used by connecting the Switch to a VT100 compatible terminal or a computer running an ordinary terminal emulator program e g the HyperTerminal program included with the Windows operating system using an RS 232C serial cable Your terminal parameters will need to be set to VT 100 compatible 115200 bau...

Page 8: ...meter username The CLI will then prompt you to enter the username with the message Next possible completions Every command in the CLI has this feature and complex commands have several layers of parameter prompting In addition after typing any given command plus one space you can see all of the next possible sub commands in sequential order by repeatedly pressing the Tab key To re enter the previo...

Page 9: ...e help prompts are the same as presented in this manual angle brackets indicate a numerical value or character string braces indicate optional parameters or a choice of parameters and brackets indicate required parameters If a command is entered that is unrecognized by the CLI the top level commands will be displayed under the Available commands prompt Figure 2 5 Available Commands The top level c...

Page 10: ...mpletions Show Command In the above example all of the possible next parameters for the show command are displayed At the next command prompt the up arrow was used to re enter the show command followed by the account parameter The CLI then displays the user accounts configured on the Switch 7 ...

Page 11: ...x example you must supply a username in the username space Do not type the angle brackets Example Command create account admin newadmin1 square brackets Purpose Encloses a required value or set of required arguments One value or argument can be specified Syntax create account admin user username 15 Description In the above syntax example you must specify either an admin or a user level account to ...

Page 12: ...t Left Arrow Moves the cursor to the left Right Arrow Moves the cursor to the right Up Arrow Repeats the previously entered command Each time the up arrow is pressed the command previous to that displayed appears This way it is possible to review the command history for the current session Use the down arrow to progress sequentially forward through the command history list Down Arrow The down arro...

Page 13: ...ging disable clipaging enable telnet tcp_port_number 1 65535 disable telnet enable web tcp_port_number 1 65535 disable web save config config_id 1 2 log all reboot reset config system login logout Each command is listed in detail in the following sections create account Purpose Used to create user accounts Syntax create admin user username 15 Description The create account command is used to creat...

Page 14: ...ers username Restrictions Only Administrator level users can issue this command Usernames can be between 1 and 15 characters Passwords can be between 0 and 15 characters Example usage To configure the user password of dlink account DGS 3400 4 config account dlink Command config account dlink Enter a old password Enter a case sensitive new password Enter the new password again for confirmation Succ...

Page 15: ...ue this command Example usage To delete the user account System DGS 3400 4 delete account System Command delete account System Success DGS 3400 4 show module_info Purpose Used to display information about installed modules Syntax show module_info Description Displays information about optional modules that may be installed on the Switch Parameters None Restrictions Only Administrator level users c...

Page 16: ...sed to display a list of currently logged in users Syntax show session Description This command displays a list of all the users that are logged in at the time the command is issued Parameters None Restrictions Only Administrator level users can issue this command Example usage To display the way that the users logged in DGS 3427 4 show session Command show session ID Live Time From Level Name 8 0...

Page 17: ... Snooping Disabled TELNET Enabled TCP 23 WEB Enabled TCP 80 RMON Disabled SSL status Disabled SSH status Disabled 802 1x Disabled Jumbo Frame Off Clipaging Enabled MAC Notification Disabled Port Mirror Disabled SNTP Disabled HOL Prevention State Enabled Syslog Global State Disabled Single IP Management Disabled Dual Image Supported DGS 3400 4 show serial_port Purpose Used to display the current se...

Page 18: ...t the current user if there is no user input for 10 minutes 15_minutes The console will log out the current user if there is no user input for 15 minutes Restrictions Only administrator level users can issue this command Example usage To configure baud rate DGS 3400 4 config serial_port baud_rate 115200 Command config serial_port baud_rate 115200 Success DGS 3400 4 enable clipaging Purpose Used to...

Page 19: ...urpose Used to enable communication with and management of the Switch using the Telnet protocol Syntax enable telnet tcp_port_number 1 65535 Description This command is used to enable the Telnet protocol on the Switch The user can specify the TCP or UDP port number the Switch will use to listen for Telnet requests Parameters tcp_port_number 1 65535 The TCP port number TCP ports are numbered betwee...

Page 20: ...red between 1 and 65535 The well known port for the Web based management software is 80 Restrictions Only administrator level users can issue this command Example usage To enable HTTP and configure port number DGS 3400 4 enable web 80 Command enable web 80 Note SSL will be disabled if web is enabled Success DGS 3400 4 disable web Purpose Used to disable the HTTP based management software on the Sw...

Page 21: ...nt Switch log to NV RAM all Specifiy to save all configuration settings If nothing is specified after save the Switch will save all Restrictions Only administrator level users can issue this command Example usage To save the Switch s current configuration to non volatile RAM DGS 3400 4 save Command save Saving all configurations to NV RAM Done DGS 3400 4 reboot Purpose Used to restart the Switch S...

Page 22: ...ged to default Rebooting will clear all entries in the Forwarding Data Base If no parameter is specified the Switch s current IP address user accounts the switch history log and banner are not changed All other parameters are restored to the factory default settings The Switch will not save or reboot Restrictions Only administrator level users can issue this command Example usage To restore all of...

Page 23: ...Purpose Used to log out a user from the Switch s console Syntax logout Description This command terminates the current user s session on the Switch s console Parameters None Restrictions None Example usage To terminate the current user s console session DGS 3400 4 logout 20 ...

Page 24: ...specified range of ports 10 100 1000 Configures the speed in Mbps for the specified range of ports Gigabit ports are statically set to 1000 and cannot be set to slower speeds half full Configures the specified range of ports as either full duplex or half duplex master slave The master setting 1000M Full_M will allow the port to advertise capabilities related to duplex speed and physical layer type...

Page 25: ...tch DGS 3400 4 show ports Command show ports Port Port Settings Connection Address State Speed Duplex FlowCtrl Speed Duplex FlowCtrl Learning 1 Enabled Auto Enabled Link Down Enabled 2 Enabled Auto Enabled Link Down Enabled 3 Enabled Auto Enabled Link Down Enabled 4 Enabled Auto Enabled Link Down Enabled 5 Enabled Auto Enabled Link Down Enabled 6 Enabled Auto Enabled Link Down Enabled 7 Enabled Au...

Page 26: ...escription dads1 2 Enabled Auto Disabled Link Down Enabled Description 3 Enabled Auto Disabled Link Down Enabled Description 4 Enabled Auto Disabled Link Down Enabled Description 5 Enabled Auto Disabled Link Down Enabled Description 6 Enabled Auto Disabled Link Down Enabled Description 7 Enabled Auto Disabled Link Down Enabled Description 8 Enabled Auto Disabled Link Down Enabled Description 9 Ena...

Page 27: ...port security feature Only the ports listed in the portlist are affected Parameters portlist Specifies a port or range of ports to be configured all Configure port security for all ports on the Switch admin_state enable disable Enable or disable port security for the listed ports max_learning_addr max_lock_no 0 16 Use this to limit the number of MAC addresses dynamically listed in the FDB for the ...

Page 28: ...evel users can issue this command Example usage To delete a port security entry DGS 3400 4 delete port_security_entry vlan_name default port 6 mac_address 00 01 30 10 2C C7 Command delete port_security_entry vlan_name default port 6 mac_address 00 01 30 10 2C C7 Success DGS 3400 4 clear port_security_entry Purpose Used to clear MAC address entries learned from a specified port for the port securit...

Page 29: ...dmin state maximum number of learning address and lock mode Parameters portlist Specifies a port or range of ports to be viewed Restrictions None Example usage To display the port security configuration DGS 3400 4 show port_security ports 1 5 Command show port_security ports 1 5 Port Admin State Max Learning Addr Lock Address Mode 1 Disabled 1 DeleteOnReset 2 Disabled 1 DeleteOnReset 3 Disabled 1 ...

Page 30: ...v v3 MD5 or SHA Authentication is based on the HMAC MD5 or HMAC SHA algorithms AuthNoPriv v3 MD5 DES or SHA DES Authentication is based on the HMAC MD5 or HMAC SHA algorithms AuthPriv DES 56 bit encryption is added based on the CBC DES DES 56 standard Command Parameters create snmp user username 32 groupname 32 encrypted by_password auth md5 auth_password 8 16 sha auth_password 8 20 priv none des ...

Page 31: ...user command creates a new SNMP user and adds the user to an SNMP group that is also created by this command SNMP ensures Message integrity Ensures that packets have not been tampered with during transit Authentication Determines if an SNMP message is from a valid source Encryption Scrambles the contents of messages to prevent it from being viewed by an unauthorized source Parameters username 32 A...

Page 32: ... 56 bit encryption to be added using the DES 56 standard using priv_password 8 16 An alphanumeric string of between 8 and 16 characters that will be used to encrypt the contents of messages the host sends to the agent priv_key 32 32 Enter an alphanumeric key string of exactly 32 characters in hex form that will be used to encrypt the contents of messages the host sends to the agent none Adding thi...

Page 33: ...l Entries 1 DGS 3400 4 create snmp view Purpose Used to assign views to community strings to limit which MIB objects and SNMP manager can access Syntax create snmp view view_name 32 oid view_type included excluded Description The create snmp view command assigns views to community strings to limit which MIB objects an SNMP manager can access Parameters view_name 32 An alphanumeric string of up to ...

Page 34: ...witch will be deleted oid The object ID that identifies an object tree MIB tree that will be deleted from the Switch Restrictions Only administrator level users can issue this command Example usage To delete a previously configured SNMP view from the Switch DGS 3400 4 delete snmp view dlinkview all Command delete snmp view dlinkview all Success DGS 3400 4 show snmp view Purpose Used to display an ...

Page 35: ...hat will be accessible to the SNMP community read_write or read_only level permission for the MIB objects accessible to the SNMP community Syntax create snmp community community_string 32 view view_name 32 read_only read_write Description The create snmp community command is used to create an SNMP community string and to assign access limiting characteristics to this community string Parameters co...

Page 36: ...agers access to MIB objects in the Switch s SNMP agent Restrictions Only administrator level users can issue this command Example usage To delete the SNMP community string dlink DGS 3400 4 delete snmp community dlink Command delete snmp community dlink Success DGS 3400 4 show snmp community Purpose Used to display SNMP community strings configured on the Switch Syntax show snmp community community...

Page 37: ...ring that will be used to identify the SNMP engine on the Switch Restrictions Only administrator level users can issue this command Example usage To give the SNMP agent on the Switch the name 0035636666 DGS 3400 4 config snmp engineID 0035636666 Command config snmp engineID 0035636666 Success DGS 3400 4 show snmp engineID Purpose Used to display the identification of the SNMP engine on the Switch ...

Page 38: ...s that packets have not been tampered with during transit Authentication Determines if an SNMP message is from a valid source Encryption Scrambles the contents of messages to prevent it being viewed by an unauthorized source noauth_nopriv Specifies that there will be no authorization and no encryption of packets sent between the Switch and a remote SNMP manager auth_nopriv Specifies that authoriza...

Page 39: ...f SNMP groups currently configured on the Switch The security model level and status of each group are also displayed Syntax show snmp groups Description The show snmp groups command displays the group names of SNMP groups currently configured on the Switch The security model level and status of each group are also displayed Parameters None Restrictions Only administrator level users can issue thi...

Page 40: ...MPv2 Security Level NoAuthNoPriv Group Name ReadGroup ReadView Name CommunityView WriteView Name Notify View Name CommunityView Security Model SNMPv1 Security Level NoAuthNoPriv Group Name ReadGroup ReadView Name CommunityView WriteView Name Notify View Name CommunityView Security Model SNMPv2 Security Level NoAuthNoPriv Group Name WriteGroup ReadView Name CommunityView WriteView Name CommunityVie...

Page 41: ...des secure access to devices through a combination of authentication and encrypting packets over the network SNMP v3 adds Message integrity ensures that packets have not been tampered with during transit Authentication determines if an SNMP message is from a valid source Encryption scrambles the contents of messages to prevent it being viewed by an unauthorized source noauth_nopriv Specifies that ...

Page 42: ...400 4 show snmp host Purpose Used to display the recipient of SNMP traps generated by the Switch s SNMP agent Syntax show snmp host ipaddr Description The show snmp host command is used to display the IP addresses and configuration information of remote SNMP managers that are designated as recipients of SNMP traps that are generated by the Switch s SNMP agent Parameters ipaddr The IP address of a ...

Page 43: ...trusted host to be created Restrictions Only administrator level users can issue this command Example usage To create the trusted host DGS 3400 4 create trusted_host 10 48 74 121 Command create trusted_host 10 48 74 121 Success DGS 3400 4 show trusted_host Purpose Used to display a list of trusted hosts entered on the Switch using the create trusted_host command above Syntax show trusted_host ipad...

Page 44: ..._host 10 48 74 121 Success DGS 3400 4 enable snmp traps Purpose Used to enable SNMP trap support Syntax enable snmp traps Description The enable snmp traps command is used to enable SNMP trap support on the Switch Parameters None Restrictions Only administrator level users can issue this command Example usage To enable SNMP trap support on the Switch DGS 3400 4 enable snmp traps Command enable snm...

Page 45: ...ator level users can issue this command Example usage To view the current SNMP trap support DGS 3400 4 show snmp traps Command show snmp traps SNMP Traps Enabled Authenticate Traps Enabled DGS 3400 4 disable snmp traps Purpose Used to disable SNMP trap support on the Switch Syntax disable snmp traps Description This command is used to disable SNMP trap support on the Switch Parameters None Restric...

Page 46: ...rmation to identify a contact person who is responsible for the Switch A maximum of 255 character can be used Parameters sw_contact A maximum of 255 characters is allowed A NULL string is accepted if there is no contact Restrictions Only administrator level users can issue this command Example usage To configure the Switch contact to MIS Department II DGS 3400 4 config snmp system_contact MIS Depa...

Page 47: ...ing is accepted if no name is desired Restrictions Only administrator level users can issue this command Example usage To configure the Switch name for DGS 3400 Switch DGS 3400 4 config snmp system_name DGS 3400 Switch Command config snmp system_name DGS 3400 Switch Success DGS 3400 4 enable rmon Purpose Used to enable RMON on the Switch Syntax enable rmon Description This command is used in conju...

Page 48: ...sable rmon Description This command is used in conjunction with the enable rmon command above to enable and disable remote monitoring RMON on the Switch Parameters None Restrictions Only administrator level users can issue this command Example usage To disable RMON DGS 3400 4 disable rmon Command disable rmon Success DGS 3400 4 45 ...

Page 49: ...FTP server Parameters firmware_fromTFTP Download and install new firmware on the Switch from a TFTP server image_id Specifies the image index ID number of the firmware in the Switch s memory The Switch can store 2 firmware images for use Image ID 1 will be the default boot up firmware for the Switch unless otherwise configured by the user config Download a switch configuration file from a TFTP ser...

Page 50: ...nd of configuration file for DGS 3400 appears followed by the command prompt DGS 3400 4 ROUTE DGS 3400 4 DGS 3400 4 create iproute default 172 18 212 253 1 Command create iproute default 172 18 212 253 1 Success DGS 3400 4 DGS 3400 4 DGS 3400 4 End of configuration file for DGS 3450 DGS 3400 4 DGS 3400 4 config configuration Purpose Used to designate a stored configuration file section ID as a boo...

Page 51: ... for the user to select from which are specified by image ID int 1 2 Select the ID number of the firmware in the Switch s memory to be configured delete Entering this parameter will delete the specified firmware section boot_up Entering this parameter will specify the firmware image ID as a boot up section Restrictions Only administrator level users can issue this command Example usage To configur...

Page 52: ... or display the configuration settings as they are currently configured Use the keyboard to list settings one line at a time Enter one page at a time Space or view all a The configuration settings are listed by category in the following order Description 1 Basic serial port Telnet and web management status 2 storm control 3 IP group management 4 syslog 5 QoS 6 port mirroring 7 traffic segmentation...

Page 53: ...ad config ipaddr path_filename 64 config_id 1 2 log_toTFTP ipaddr path_filename 64 Description This command is used to upload either the Switch s current settings or the Switch s history log to a TFTP server Parameters config Specifies that the Switch s current settings will be uploaded to the TFTP server config_id 1 2 Entering this parameter will upload configurations to be specified which were s...

Page 54: ... server software instructions for information on loading a configuration file If the Switch is unable to complete the autoconfiguration process the previously saved local configuration file present in Switch memory will be loaded NOTE Dual purpose DHCP TFTP server utility software may require entry of the configuration file name and path within the user interface Alternatively the DHCP software ma...

Page 55: ...400 4 DGS 3400 4 End of configuration file for DGS 3400 DGS 3400 4 Logout NOTE With autoconfig enabled the Switch ipif settings now define the Switch as a DHCP client Use the show switch command to display the new IP settings status disable autoconfig Purpose Use this to deactivate autoconfiguration from DHCP Syntax disable autoconfig Description This instructs the Switch not to accept autoconfigu...

Page 56: ...tocol ICMP echo messages to a remote IP address The remote IP address will then echo or return the message This is used to confirm connectivity between the Switch and the remote device Parameters ipaddr Specifies the IP address of the host times value 1 255 The number of individual ICMP echo messages to be sent The maximum value is 255 timeout sec 1 99 Defines the time out period while waiting for...

Page 57: ...local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr state enable disable config syslog host all severity informational warning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number state enable disable delete syslog host index 1 4 all show syslog host index 1 4 show syslog config system_severity trap log all critical warning i...

Page 58: ...display the error statistics for a range of ports Syntax show error ports portlist Description This command will display all of the packet error statistics collected and logged by the Switch for a given port list Parameters portlist Specifies a port or range of ports to be displayed Restrictions None Example usage To display the errors of the port 3 of module 1 DGS 3400 4 show error ports 3 Comman...

Page 59: ...sage To display the port utilization statistics DGS 3400 4 show utilization ports Command show utilization ports Port TX sec RX sec Util Port TX sec RX sec Util 1 0 0 0 22 0 0 0 2 0 0 0 23 0 0 0 3 0 0 0 24 0 0 0 4 0 0 0 25 0 26 1 5 0 0 0 26 0 0 0 6 0 0 0 27 0 0 0 7 0 0 0 8 0 0 0 9 0 0 0 10 0 0 0 11 0 0 0 12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0 16 0 0 0 17 0 0 0 18 0 0 0 19 0 0 0 20 0 0 0 21 0 0 0 CTRL...

Page 60: ...e Used to clear the Switch s history log Syntax clear log Description This command will clear the Switch s history log Parameters None Restrictions Only administrator level users can issue this command Example usage To clear the log information DGS 3400 4 clear log Command clear log Success DGS 3400 4 show log Purpose Used to display the switch history log Syntax show log index value Description T...

Page 61: ... Syntax enable syslog Description The enable syslog command enables the system log to be sent to a remote host Parameters None Restrictions Only administrator level users can issue this command Example usage To the syslog function on the Switch DGS 3400 4 enable syslog Command enable syslog Success DGS 3400 4 disable syslog Purpose Used to enable the system log to be sent to a remote host Syntax d...

Page 62: ...Debug debug level messages informational Specifies that informational messages will be sent to the remote host This corresponds to number 6 from the list above warning Specifies that warning messages will be sent to the remote host This corresponds to number 4 from the list above all Specifies that all of the currently supported syslog messages that are generated by the Switch will be sent to the ...

Page 63: ...o the remote host This corresponds to number 20 from the list above local5 Specifies that local use 5 messages will be sent to the remote host This corresponds to number 21 from the list above local6 Specifies that local use 6 messages will be sent to the remote host This corresponds to number 22 from the list above local7 Specifies that local use 7 messages will be sent to the remote host This co...

Page 64: ...ages informational Specifies that informational messages will be sent to the remote host This corresponds to number 6 from the list above warning Specifies that warning messages will be sent to the remote host This corresponds to number 4 from the list above all Specifies that all of the currently supported syslog messages that are generated by the Switch will be sent to the remote host facility S...

Page 65: ...s corresponds to number 22 from the list above local7 Specifies that local use 7 messages will be sent to the remote host This corresponds to number 23 from the list above udp_port udp_port_number Specifies the UDP port number that the syslog protocol will use to send messages to the remote host ipaddress ipaddr Specifies the IP address of the remote host where syslog messages will be sent state e...

Page 66: ...ional messages will be sent to the remote host This corresponds to number 6 from the list above warning Specifies that warning messages will be sent to the remote host This corresponds to number 4 from the list above all Specifies that all of the currently supported syslog messages that are generated by the Switch will be sent to the remote host facility Some of the operating system daemons and pr...

Page 67: ...se 6 messages will be sent to the remote host This corresponds to number 22 from the list above local7 Specifies that local use 7 messages will be sent to the remote host This corresponds to number 23 from the list above udp_port udp_port_number Specifies the UDP port number that the syslog protocol will use to send messages to the remote host state enable disable Allows the sending of syslog mess...

Page 68: ...iously configured syslog host DGS 3400 4 delete syslog host 4 Command delete syslog host 4 Success DGS 3400 4 show syslog host Purpose Used to display the syslog hosts currently configured on the Switch Syntax show syslog host index 1 4 Description The show syslog host command is used to display the syslog hosts that are currently configured on the Switch Parameters index 1 4 Specifies that the co...

Page 69: ... not critical to the overall function of the Switch but do require attention such as unsuccessful downloads or uploads and failed logins Critical Events classified as critical are fatal exceptions occurring on the Switch such as hardware failures or spoofing attacks Parameters Choose one of the following to identify where severity messages are to be sent trap Entering this parameter will define wh...

Page 70: ...2 Gigabit Managed Switch CLI Manual Example usage To configure the system severity settings for critical traps only DGS 3400 4 config system_severity trap critical Command config system_severity trap critical Success DGS 3400 4 67 ...

Page 71: ...itch utilizing the MSTP on a network will have a single MSTP configuration that will have the following three attributes a A configuration name defined by an alphanumeric string of up to 32 characters defined in the config stp mst_config_id command as name string b A configuration revision number named here as a revision_level and c A 4096 element table defined here as a vid_range which will assoc...

Page 72: ...tch Parameters None Restrictions Only administrator level users can issue this command Example usage To enable STP globally on the Switch DGS 3400 4 enable stp Command enable stp Success DGS 3400 4 disable stp Purpose Used to globally disable STP on the Switch Syntax disable stp Description This command allows the Spanning Tree Protocol to be globally disabled on the Switch Parameters None Restric...

Page 73: ...lue may be set to ensure that old information does not endlessly circulate through redundant paths in the network preventing the effective propagation of the new information Set by the Root Bridge this value will aid in determining that the Switch has spanning tree configuration values consistent with other devices on the bridged LAN If the value ages out and a BPDU has still not been received fro...

Page 74: ...mand config stp maxage 18 maxhops 15 Success DGS 3400 4 config stp ports Purpose Used to setup STP on the port level Syntax config stp ports portlist externalCost auto value 1 200000000 hellotime value 1 10 migrate yes no edge true false p2p true false auto state enable disable lbd enable disable Description This command is used to create and configure STP for a group of ports Parameters portlist ...

Page 75: ...port to have p2p status whenever possible and operate as if the p2p status were true If the port cannot maintain this status for example if the port is forced to half duplex operation the p2p status changes to operate as if the p2p value were false The default setting for this parameter is auto state enable disable Allows STP to be enabled or disabled for the ports specified in the port list The d...

Page 76: ..._id must be mapped identically and have the same configuration revision_level number and the same name Parameters value 1 15 Enter a number between 1 and 15 to define the instance_id The Switch supports 16 STP regions with one unchangeable default instance ID set as 0 add_vlan Along with the vid_range vidlist parameter this command will add VIDs to the previously configured STP instance_id remove_...

Page 77: ...on settings on the Switch The MSTP will utilize the priority in selecting the root bridge root port and designated port Assigning higher priorities to STP regions will instruct the Switch to give precedence to the selected instance_id for forwarding packets The lower the priority value set the higher the priority Parameters priority value 0 61440 Select a value between 0 and 61440 to specify the p...

Page 78: ...e the port configuration for a MSTP instance Syntax config stp mst_ports portlist instance_id value 0 15 internalCost auto value 1 20000000 priority value 0 240 Description This command will update the port configuration for a STP instance_id If a loop occurs the MSTP function will use the port priority to select an interface to put into the forwarding state Set a higher priority value for interfa...

Page 79: ...S 3400 4 config stp mst_ports 1 2 instance_id 0 internalCost auto priority 0 Command config stp mst_ports 1 2 instance_id 0 internalCost auto priority 0 Success DGS 3400 4 show stp Purpose Used to display the Switch s current STP configuration Syntax show stp Description This command displays the Switch s current STP configuration Parameters None Restrictions None Example usage To display the stat...

Page 80: ...Time 2 Forward Delay 15 Max Hops 20 TX Hold Count 3 Forwarding BPDU Enabled LoopBack Detection Enabled LBD Recover Time 60 DGS 3400 4 show stp ports Purpose Used to display the Switch s current instance_id configuration Syntax show stp ports portlist Description This command displays the STP Instance Settings and STP Instance Operational Status currently implemented on the Switch Parameters portli...

Page 81: ...rmation Port Index 1 Hello Time 2 2 Port STP enabled LBD No External PathCost Auto 200000 Edge Port No No P2P Auto Yes Msti Designated Bridge Internal PathCost Prio Status Role 0 8000 0050BA7120D6 200000 128 Forwarding Root 1 8001 0053131A3324 200000 128 Forwarding Master CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 78 ...

Page 82: ...Command show stp instance 0 STP Instance Settings Instance Type CIST Instance Status Enabled Instance Priority 32768 bridge priority 32768 sys ID ext 0 STP Instance Operational Status Designated Root Bridge 32766 00 90 27 39 78 E2 External Root Cost 200012 Regional Root Bridge 32768 00 53 13 1A 33 24 Internal Root Cost 0 Designated Bridge 32768 00 50 BA 71 20 D6 Root Port 1 Max Age 20 Forward Dela...

Page 83: ...gabit Managed Switch CLI Manual DGS 3400 4 show stp mst_config_id Command show stp mst_config_id Current MST Configuration Identification Configuration Name 00 10 20 33 45 00 Revision Level 0 MSTI ID Vid list CIST 1 4094 DGS 3400 4 80 ...

Page 84: ...red_groups filter_unregistered_groups show multicast filtering_mode vlan vlan_name 32 Each command is listed in detail in the following sections create fdb Purpose Used to create a static entry to the unicast MAC address forwarding table database Syntax create fdb vlan_name 32 macaddr port port Description This command will make an entry into the Switch s unicast MAC address forwarding database Pa...

Page 85: ...ult 01 00 00 00 00 01 Success DGS 3400 4 config multicast_fdb Purpose Used to configure the Switch s multicast MAC address forwarding database Syntax config multicast_fdb vlan_name 32 macaddr add delete portlist Description This command configures the multicast MAC address forwarding table Parameters vlan_name 32 The name of the VLAN on which the MAC address resides macaddr The MAC address that wi...

Page 86: ...table in which case the Switch will broadcast the packet to all ports negating many of the benefits of having a switch Parameters sec 10 1000000 The aging time for the MAC address forwarding database value The value in seconds may be between 10 and 1000000 seconds Restrictions Only administrator level users can issue this command Example usage To set the FDB aging time DGS 3400 4 config fdb aging_...

Page 87: ...ward traffic to the specified device through this port all Clears all dynamic entries to the Switch s forwarding database Restrictions Only administrator level users can issue this command Example usage To clear all FDB dynamic entries DGS 3400 4 clear fdb all Command clear fdb all Success DGS 3400 4 show multicast_fdb Purpose Used to display the contents of the Switch s multicast forwarding datab...

Page 88: ...tatic MAC address entries aging_time Displays the aging time for the MAC address forwarding database Restrictions None Example usage To display unicast MAC address table DGS 3400 4 show fdb Command show fdb Unicast MAC Address Aging Time 300 VID VLAN Name MAC Address Port Type 1 default 00 00 39 34 66 9A 10 Dynamic 1 default 00 00 51 43 70 00 10 Dynamic 1 default 00 00 5E 00 01 01 10 Dynamic 1 def...

Page 89: ... To configure the multicast filtering mode to forward all groups on all VLANs DGS 3400 4 config multicast filtering_mode all filter_unregistered_groups Command config multicast filtering_mode all filter_unregistered_groups Success DGS 3400 4 show multicast filtering_mode Purpose Used to show the multicast packet filtering mode as configured for the VLANs Syntax show multicast filtering_mode vlan v...

Page 90: ...t to an Enabled status To utilize this method of Storm Control choose the Shutdown option of the Action field in the window below The broadcast storm control commands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table Command Parameters config traffic control portlist all broadcast enable disable multicast enable disable dlf enable disable act...

Page 91: ... traffic control measures The default setting is 131072 time_interval The Interval will set the time between Multicast and Broadcast packet counts sent from the Switch s chip to the Traffic Control function These packet counts are the determining factor in deciding when incoming packets exceed the Threshold value sec 5 30 The Interval may be set between 5 and 30 seconds with the default setting of...

Page 92: ... traffic control_recover 1 6 Command config traffic control_recover 1 6 Success DGS 3400 4 config traffic trap Purpose Used to configure traps for traffic control Syntax config traffic trap none storm_occurred storm_cleared both Description Use this to enable traffic storm trap messages Parameters none Will send no Storm trap warning messages regardless of action taken by the Traffic Control mecha...

Page 93: ...hold Storm Storm Storm down Interval Forever 1 1000 Enabled Disabled Disabled drop 0 5 2 1000 Enabled Disabled Disabled drop 0 5 3 1000 Enabled Disabled Disabled drop 0 5 4 1024 Disabled Disabled Disabled drop 0 5 5 1024 Disabled Disabled Disabled drop 0 5 6 1024 Disabled Disabled Disabled drop 0 5 7 1024 Disabled Disabled Disabled drop 0 5 8 1024 Disabled Disabled Disabled drop 0 5 9 1024 Disable...

Page 94: ...ware priority queues in order beginning with the highest priority queue 6 to the lowest priority queue 0 Each hardware queue will transmit all of the packets in its buffer before permitting the next lower priority to transmit its packets When the lowest hardware priority queue has finished transmitting all of its packets the highest hardware priority queue will begin transmitting any packets it ma...

Page 95: ...es that one of the parameters below no_limit or value 1 156249 will be applied to the rate at which the above specified ports will be allowed to transmit packets no_limit Specifies that there will be no limit on the rate of packets received by the above specified ports value 1 156249 Specifies the packet limit in Kbps that the above ports will be allowed to receive Restrictions Only administrator ...

Page 96: ...nsmit its packets When the lowest hardware priority queue has finished transmitting all of its packets the highest hardware priority queue can again transmit any packets it may have received The max_packets parameter allows you to specify the maximum number of packets a given hardware priority queue can transmit before allowing the next lowest hardware priority queue to begin transmitting its pack...

Page 97: ... Scheduling MAX Packets Class 0 1 Class 1 2 Class 2 3 Class 3 4 Class 4 5 Class 5 6 Class 6 7 DGS 3400 4 config 802 1p user_priority Purpose Used to map the 802 1p user priority of an incoming packet to one of the seven hardware queues available on the Switch Syntax config 802 1p user_priority priority 0 7 class_id 0 6 Description This command allows you to configure the way the Switch will map an...

Page 98: ... Example usage To configure 802 1 user priority on the Switch DGS 3400 4 config 802 1p user_priority 1 6 Command config 802 1p user_priority 1 6 Success DGS 3400 4 show 802 1p user_priority Purpose Used to display the current mapping between an incoming packet s 802 1p priority value and one of the Switch s seven hardware priority queues Syntax show 802 1p user_priority Description The show 802 1p...

Page 99: ... The priority value you want to assign to untagged packets received by the Switch or a range of ports on the Switch Restrictions Only administrator level users can issue this command Example usage To configure 802 1p default priority on the Switch DGS 3400 4 config 802 1p default_priority all 5 Command config 802 1p default_priority all 5 Success DGS 3400 4 show 802 1 default_priority Purpose Used...

Page 100: ...e are emptied The Switch s default is to empty the seven priority classes of service in order from the highest priority class of service queue 7 to the lowest priority class of service queue 0 Each queue will transmit all of the packets in its buffer before allowing the next lower priority class of service to transmit its packets Lower classes of service will be pre empted from emptying its queue ...

Page 101: ...rent traffic scheduling mechanisms in use on the Switch Parameters None Restrictions None Example Usage To show the scheduling mechanism DGS 3400 4 show scheduling_mechanism Command show scheduling_mechanism QOS scheduling_mechanism CLASS ID Mechanism Class 0 strict Class 1 strict Class 2 strict Class 3 strict Class 4 strict Class 5 strict Class 6 strict DGS 3400 4 enable hol_prevention Purpose Us...

Page 102: ...Restrictions You must have administrator privileges Example usage To disable HOL prevention DGS 3400 4 DGS 3400 4 disable hol_prevention Command disable hol_prevention Success show hol_prevention Purpose Used to show HOL prevention show hol_prevention Description The show hol_prevention command displays the Head of Line prevention state Parameters None Restrictions Syntax None Example usage To vie...

Page 103: ...ceived by or sent by one or both is mirrored to the Target port Parameters port This specifies the Target port the port where mirrored packets will be received The target port must be configured in the same VLAN and must be operationg at the same speed a s the source port If the target port is operating at a lower speed the source port will be forced to drop its operating speed to match that of th...

Page 104: ... and then turn the port mirroring on and off without having to modify the port mirroring configuration Parameters None Restrictions Only administrator level users can issue this command Purpose Example usage To enable mirroring configurations DGS 3400 4 enable mirror Command enable mirror Success DGS 3400 4 disable mirror Used to disable a previously entered port mirroring configuration Syntax dis...

Page 105: ...rrent port mirroring configuration on the Switch Syntax show mirror Description This command displays the current port mirroring configuration on the Switch Parameters None Restrictions None Example usage To display mirroring configuration DGS 3400 4 show mirror Command show mirror Current Settings Mirror Status Enabled Target Port 1 Mirrored Port RX TX 5 7 DGS 3400 4 102 ...

Page 106: ... read the discussion of the access profile rule limitations in Access Control List ACL Commands below create vlan Purpose Used to create a VLAN on the Switch Syntax create vlan vlan_name 32 tag vlanid 2 4094 advertisement Description This command allows you to create a VLAN on the Switch Parameters vlan_name 32 The name of the VLAN to be created vlanid 2 4094 The VLAN ID of the VLAN to be created ...

Page 107: ...iously configured VLAN You can specify the additional ports as tagging untagging or forbidden The default is to assign the ports as untagging Parameters vlan_name 32 The name of the VLAN you want to add ports to add Entering the add parameter will add ports to the VLAN There are three types of ports to add delete Deletes ports from the specified VLAN portlist A port or range of ports to add to or ...

Page 108: ... disable Enables or disables GVRP for the ports specified in the port list ingress_checking enable disable Enables or disables ingress checking for the specified port list acceptable_frame tagged_only admit_all This parameter states the frame type that will be accepted by the Switch for this function tagged_only implies that only VLAN tagged frames will be accepted while admit_all implies tagged a...

Page 109: ...and along with enable gvrp is used to enable and disable GVRP on the Switch without changing the GVRP configuration on the Switch Parameters None Restrictions Only administrator level users can issue this command Example usage To disable the Generic VLAN Registration Protocol GVRP DGS 3400 4 disable gvrp Command disable gvrp Success DGS 3400 4 show vlan Purpose Used to display the current VLAN con...

Page 110: ...2 49 50 Forbidden ports VID 2 VLAN Name 1 VLAN TYPE static Advertisement Enabled Static ports 33 40 Untagged ports 33 35 37 39 Total Entries 2 DGS 3400 4 show gvrp Purpose Used to display the GVRP status for a port list on the Switch Syntax show gvrp portlist Description This command displays the GVRP status for a port list on the Switch Parameters portlist Specifies a port or range of ports for w...

Page 111: ...rames 9 1 Disabled Enabled All Frames 10 1 Disabled Enabled All Frames 11 1 Disabled Enabled All Frames 12 1 Disabled Enabled All Frames 13 1 Disabled Enabled All Frames 14 1 Disabled Enabled All Frames 19 1 Disabled Enabled All Frames 24 1 Disabled Enabled All Frames DGS 3400 4 15 1 Disabled Enabled All Frames 16 1 Disabled Enabled All Frames 17 1 Disabled Enabled All Frames 18 1 Disabled Enabled...

Page 112: ...ion This command will create a link aggregation group with a unique identifier Parameters value Specifies the group ID The Switch allows up to 32 link aggregation groups to be configured The group number identifies each of the groups type Specify the type of link aggregation used for the group If the type is not specified the default type is static Restrictions Only administrator level users can i...

Page 113: ...ter_port port ports portlist state enable disable Description This command allows you to configure a link aggregation group that was created with the create link_aggregation command above The DGS 3400 supports link aggregation cross box which specifies that link aggregation groups may be spread over multiple switches in the switching stack Parameters group _id value 32 Specifies the group ID The S...

Page 114: ...e and destination addresses ip_source Indicates that the Switch should examine the IP source address ip_destination Indicates that the Switch should examine the IP destination address ip_source_dest Indicates that the Switch should examine the IP source address and the destination address Restrictions Only administrator level users can issue this command Example usage To configure link aggregation...

Page 115: ...ss LACP control frames Restrictions Only administrator level users can issue this command active Active LACP ports are capable of processing and sending LACP control frames This allows LACP compliant devices to negotiate the aggregated link so the group may be changed dynamically as needs require In order to utilize the ability to change an aggregated port group that is to add or subtract ports fr...

Page 116: ...y are currently configured Parameters portlist Specifies a port or range of ports to be configured If no parameter is specified the system will display the current LACP status for all ports Restrictions None Example usage To display LACP port mode settings DGS 3400 4 show lacp_port 1 10 Command show lacp_port 1 10 Port Activity 1 Active 2 Active 3 Active 4 Active 5 Active 6 Active 7 Active 8 Activ...

Page 117: ...ess macaddr Each command is listed in detail in the following sections create address_binding ip_mac ipaddress Purpose Used to create an IP MAC Binding entry Syntax create address_binding ip_mac ipaddress ipaddr mac_address macaddr ports portlist all Description This command will create an IP MAC Binding entry Parameters ipaddr The IP address of the device where the IP MAC binding is made macaddr ...

Page 118: ...GS 3400 4 DGS 3400 4 config address_binding ip_mac ipaddress 10 1 1 3 mac_address 00 00 00 00 00 05 Command config address_binding ip_mac ipaddress 10 1 1 3 mac_address 00 00 00 00 00 05 Success config address_binding ip_mac ports Purpose Used to configure an IP MAC state to enable or disable for specified ports Syntax config address_binding ip_mac ports portlist all state enable disable Descripti...

Page 119: ... bound to a MAC address in order to block a specific device on a known VLAN Restrictions None This command will display IP MAC Binding entries Three different kinds of information can be viewed Ports The number of enabled ports on a device IP_MAC Address Binding enties can be viewed by entering the physical and IP addresses of the device Blocked Blocked address binding entries bindings between VLA...

Page 120: ...l specifies all the IP MAC binding entries for Blocked Address Binding entries all specifies all the blocked VLANs and their bound phsical addresses Restrictions Only administrator level users can issue this command IP_MAC Individual Address Binding enties can be deleted by entering the physical and IP addresses of the device Toggleing to all will delete all the Address Binding entries Blocked Blo...

Page 121: ... identify this IP interface ipaddress network_address IP address and netmask of the IP interface to be created You can specify the address and mask information using the traditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 vlan_name 32 The name of the VLAN corresponding to the System IP interface state enable disable Allows you to enable or disable the IP interface bootp ...

Page 122: ...ad a configuration file for current use enable autoconfig Description When autoconfig is enabled on the Switch the DHCP reply will contain a configuration file and path name It will then request the file from the TFTP server specified in the reply When autoconfig is enabled the ipif settings will automatically become DHCP client Parameters None Restrictions When autoconfig is enabled the Switch be...

Page 123: ...abit Managed Switch CLI Manual DGS 3400 4 enable autoconfig Command enable autoconfig Success DGS 3400 4 NOTE More detailed information for this command and related commands can be found in the section titled Switch Utility Commands 120 ...

Page 124: ...imeout sec 1 16711450 router_timeout sec 1 16711450 leave_timer sec 1 16711450 state enable disable fast_leave enable disable Description This command allows you to configure IGMP snooping on the Switch Parameters vlan vlan_name 32 The name of the VLAN for which IGMP snooping is to be configured host_timeout sec 1 16711450 Specifies the maximum amount of time a host can be a member of a multicast ...

Page 125: ... The default setting is 10 seconds robustness_variable value 1 255 Provides fine tuning to allow for expected packet loss on a subnet The value of the robustness variable is used in calculating the following IGMP message intervals last_member_query_interval sec 1 25 The maximum amount of time between group specific query messages including those sent in response to leave group messages You might l...

Page 126: ... as router ports Restrictions Only administrator level users can issue this command Description Example usage To set up static router ports DGS 3400 4 config router_ports default add 1 10 Command config router_ports default add 1 10 Success DGS 3400 4 config router_ports_forbidden Purpose Used to configure ports as forbidden multicast router ports Syntax config router_ports_forbidden vlan_name 32 ...

Page 127: ...Only administrator level users can issue this command Description Example usage To enable IGMP snooping on the Switch DGS 3400 4 enable igmp_snooping Command enable igmp_snooping Success DGS 3400 4 disable igmp_snooping Purpose Used to enable IGMP snooping on the Switch Syntax disable igmp_snooping forward_mcrouter_only Description This command disables IGMP snooping on the Switch IGMP snooping ca...

Page 128: ...ping vlan vlan_name 32 Description This command will display the current IGMP snooping configuration on the Switch Parameters vlan_name 32 The name of the VLAN to view the IGMP snooping configuration for Restrictions None Purpose Example usage To show IGMP snooping DGS 3400 4 show igmp_snooping Command show igmp_snooping IGMP Snooping Global State Enabled Multicast router Only Enabled Query Interv...

Page 129: ...igured forbidden Displays ports that are forbidden from becoming router ports Restrictions None Example usage Static router port To display the router ports DGS 3400 4 show router_ports Command show router_ports VLAN Name default Dynamic router port 32 Forbidden router port DGS 3400 4 show igmp_snooping group Purpose Used to display the current IGMP snooping configuration on the Switch Syntax show...

Page 130: ... Multicast group 224 0 0 9 MAC address 01 00 5E 00 00 09 Reports 1 VLAN Name default MAC address 01 00 5E 05 06 07 Reports 1 Port Member 10 12 VLAN Name default Multicast group 236 54 63 75 MAC address 01 00 5E 36 3F 4B Reports 1 Port Member 14 16 VLAN Name default Multicast group 239 255 255 250 MAC address 01 00 5E 7F FF FA Reports 2 Port Member 18 20 VLAN Name default Multicast group 239 255 25...

Page 131: ...ecific query which advertises a specific multicast address that is also ready These two types of messages are distinguished by a multicast destination address located in the IPv6 header and a multicast address in the Multicast Listener Query Message 2 Multicast Listener Report Comparable to the Host Membership Report in IGMPv2 and labeled as 131 in the ICMP packet header this message is sent by th...

Page 132: ...snooping globally on the switch Syntax disable mld_snooping forward_mcrouter_only Description This command in conjunction with the enable mld_snooping will enable and disable MLD snooping globally on the switch without affecting configurations Parameters forward_mcrouter_only Specify to disable the Switch from forwarding all multicast traffic to a multicast enabled router Otherwise the Switch will...

Page 133: ...e specified VLAN fast_done enable disable This parameter allows the user to enable the fast done function Enabled this function will allow members of a multicast group to leave the group immediately when a done message is received by the Switch Restrictions Only administrator level users can issue this command Example usage To configure MLD snooping DGS 3400 4 config mld_snooping vlan default node...

Page 134: ... 3400 4 config mld_snooping querier Purpose Used to configure the timers and settings for the MLD snooping querier for the Switch config mld_snooping querier vlan vlan_name 32 all query_interval sec 1 65535 max_response_time sec 1 25 robustness_variable value 1 255 last_listener_query_interval sec 1 25 state enable disable Description This command allows you to configure the time between general q...

Page 135: ... must pass before a multicast router decides that there are no more listeners present of a group on a network Calculated as robustness variable query interval 1 query interval Querier Present Interval This is the amount of time that must pass before a multicast router decides that there are no other querier devices present Calculated as robustness variable query interval 0 5 query response interva...

Page 136: ...sabled Fast Done Disabled Total Entries 1 DGS 3400 4 show mld_snooping group Purpose Used to display MLD snooping group configurations on the Switch Syntax show mld_snooping group vlan vlan_name 32 Description This command display MLD snooping group configurations on the Switch Parameters vlan vlan_name 32 The name of the VLAN for which to view the MLD snooping group configurations If no parameter...

Page 137: ...ts 1 Listening Port 2 7 Total Entries 5 show mld_snooping mrouter_ports Purpose Used to display the current router ports set on the Switch Syntax show mld_snooping group vlan vlan_name 32 static dynamic forbidden Description This command display the current router ports set on the Switch Parameters vlan vlan_name 32 The name of the VLAN on which the router port resides static Displays router ports...

Page 138: ...igabit Managed Switch CLI Manual DGS 3400 4 show mld_snooping mrouter_ports Commands show mld_snooping mrouter_ports VLAN Name default Static mrouter port 1 10 Dynamic mrouter port Forbidden mrouter port Total Entries 1 DGS 3400 4 135 ...

Page 139: ...agnostics ports portlist all show auth_session_statistics ports portlist all show auth_client show acct_client config 802 1x capability ports portlist all authenticator none config 802 1x auth_parameter ports portlist all default direction both in port_control force_unauth auto force_auth quiet_period sec 0 65535 tx_period sec 1 65535 supp_timeout sec 1 65535 server_timeout sec 1 65535 max_req val...

Page 140: ...rol server application on the Switch To select between port based or MAC based use the config 802 1x auth_mode command Parameters None Restrictions Only administrator level users can issue this command Purpose Example usage To disable 802 1x on the Switch DGS 3400 4 disable 802 1x Command disable 802 1x Success DGS 3400 4 show 802 1x auth_configuration Purpose Used to display the current configura...

Page 141: ... ForceUnauth forces the port to become Unauthorized QuietPeriod Shows the time interval between authentication failure and the start of a new authentication attempt TxPeriod Shows the time to wait for a response from a supplicant user to send EAP Request Identiy packets SuppTimeout Shows the time to wait for a response from a supplicant user for all EAP packets except for the Request Identity pack...

Page 142: ...the authentication process Authorized means that the user was authenticated and can access the network Unauthorized means that the user was not authenticated and cannot access the network None Example usage To display the 802 1x auth state for Port based 802 1x 1 ForceAuth Success Authorized 10 ForceAuth Success Authorized DGS 3400 4 show 802 1x auth_state Command show 802 1x auth_state Port Auth ...

Page 143: ...hentication feature on the Switch Parameters port_based mac_based The Switch allows you to authenticate 802 1x by either port or MAC address Restrictions Only administrator level users can issue this command Purpose Syntax Example usage To configure 802 1x authentication by MAC address DGS 3400 4 config 802 1x auth_mode mac_based Command config 802 1x auth_mode mac_based Success DGS 3400 4 config ...

Page 144: ...ts The default parameter will return all ports in the specified range to their default 802 1x settings Parameters portlist Specifies a port or range of ports to be configured all Specifies all of the ports on the Switch server_timeout sec 1 65535 Configure the length of time to wait for a default Returns all of the ports in the specified range to their 802 1x default settings direction both in Det...

Page 145: ...ange of ports Syntax config 802 1x init port_based ports portlist all mac_based ports portlist all mac_address macaddr Description The config 802 1x init command is used to immediately initialize the 802 1x functions on a specified range of ports or for specified MAC addresses operating from a specified range of ports Parameters port_based This instructs the Switch to initialize 802 1x functions b...

Page 146: ...02 1x reauth port_based ports 1 18 Command config 802 1x reauth port_based ports 1 18 Success DGS 3400 4 config radius add Purpose Used to configure the settings the Switch will use to communicate with a RADIUS server Syntax config radius add server_index 1 3 server_ip key passwd 32 default auth_port udp_port_number 1 65535 acct_port udp_port_number 1 65535 Description The config radius add comman...

Page 147: ...dius delete 1 Command config radius delete 1 Success DGS 3400 4 config radius Purpose Used to configure the Switch s RADIUS settings Syntax config radius server_index 1 3 ipaddress server_ip key passwd 32 auth_port udp_port_number 1 65535 acct_port udp_port_number 1 65535 Description The config radius command is used to configure the Switch s RADIUS settings Parameters server_index 1 3 Assigns a n...

Page 148: ...rictions None Example usage To display RADIUS settings on the Switch DGS 3400 4 show radius Command show radius Index IP Address Auth Port Acct Port Status Key Number Number 1 10 1 1 1 1812 1813 Active switch 2 20 1 1 1 1800 1813 Active des3226 3 30 1 1 1 1812 1813 Active dlink Total Entries 3 DGS 3400 4 create 802 1x user Purpose Used to create a new 802 1x user Syntax create 802 1x user username...

Page 149: ...sage To view 802 1X users currently configured on the Switch DGS 3400 4 show 802 1x user Command show 802 1x user Current Accounts Username Password Darren Trinity Total entries 1 DGS 3400 4 delete 802 1x user Purpose Used to delete an 802 1x user account on the Switch Syntax delete 802 1x user username 15 Description The delete 802 1x user command is used to delete the 802 1x Port based or MAC ba...

Page 150: ...IUS accounting client Syntax show acct_client Description The show acct_client command is used to display the current RADIUS accounting client currently configured on the Switch Restrictions None Parameters None Example usage To view the current RADIUS accounting client DGS 3400 4 show acct_client Command show acct_client radiusAcctClientInvalidServerAddresses 0 radiusAuthServerEntry 0 radiusAccCl...

Page 151: ...adiusAuthClientRoundTripTime 0 radiusAuthClientAccessRequests 0 radiusAuthClientAccessRetransmissions 0 radiusAuthClientAccessRejects 0 radiusAuthClientAccessChallenges 0 radiusAuthClientMalformedAccessResponses 0 radiusAuthClientBadAuthenticators 0 radiusAuthClientPendingRequests 0 radiusAuthClientTimeouts 0 radiusAuthClientUnknownTypes 0 radiusAuthClientPacketsDropped 0 CTRL C ESC q Quit SPACE n...

Page 152: ...xt Entry a All show auth_session_statistics Purpose Used to display the current authentication session statistics Syntax show auth_session_statistics ports portlist all Description The show auth_session statistics command is used to display the current authentication session statistics of the Switch on a per port basis Parameters ports portlist Specifies a range of ports all Specifies that all por...

Page 153: ...orts all Specifies that all ports will be viewed Restrictions None Syntax Example usage To display the current authentication statistics for port 16 DGS 3400 4 show auth_statistics ports 16 Command show auth_statistics ports 16 Port number 16 EapolFramesRx 0 EapolFramesTx 0 EapolStartFramesRx 0 EapolReqIdFramesTx 0 EapolLogoffFramesRx 0 EapolReqFramesTx 0 EapolRespIdFramesRx 0 EapolRespFramesRx 0 ...

Page 154: ...address between 10 42 73 0 and 10 42 73 255 config access_profile profile_id 1 add access_id 1 ip source_ip 10 42 73 1 port 1 deny Here we use the profile_id 1 which was specified when the access profile was created The add parameter instructs the Switch to add the criteria that follows to the list of rules that are associated with access profile 1 For each rule entered into the access profile you...

Page 155: ...e 0 255 tcp src_port value 0 65535 dst_port value 0 65535 urg ack psh rst syn fin udp src_port value 0 65535 dst_port value 0 65535 protocol_id value 0 255 user_define hex 0x0 0xffffffff port portlist all permit deny packet_content offset_0 15 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_16 31 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0x...

Page 156: ... the specified frame header fields profile_id value 1 6 add access_id auto_assign value 1 128 ethernet vlan vlan_name 32 source_mac macaddr 000000000000 ffffffffffff destination_mac macaddr 000000000000 ffffffffffff 802 1p value 0 7 ethernet_type hex 0x0 0xffff permit deny port portlist all permit priority value 0 7 replace_priority rx_rate no_limit value 1 156249 deny delete access_id value 1 128...

Page 157: ...e value in the packet header priority value 0 7 This parameter is specified if you want to re write the 802 1p default priority previously set in the Switch which is used to determine the CoS queue to which packets are forwarded to Once this field is specified packets accepted by the Switch that match this priority are forwarded to the CoS queue specified previously by the user replace_priority En...

Page 158: ... 1 and 6 that will identify the access profile being created with this command source_ip_mask netmask Specifies an IP address mask for the source IP address dscp Specifies that the Switch will examine the DiffServ Code Point DSCP field in each frame s header icmp Specifies that the Switch will examine the Internet Control Message Protocol ICMP field in each frame s header tcp Specifies that the Sw...

Page 159: ... into the IP fields in each packet to see if it will be either forwarded or filtered based on one or more of the following auto_assign Choose this parameter to configure the Switch to automatically assign a numerical value between 1 and 65535 for the rule being configured source_ip ipaddr Specifies that the access profile will apply to only packets with this source IP address destination_ip ipaddr...

Page 160: ...specified for the IP access profile Restrictions Only administrator level users can issue this command priority value 0 7 This parameter is specified if you want to re write the 802 1p default priority previously set in the Switch which is used to determine the CoS queue to which packets are forwarded to Once this field is specified packets accepted by the Switch that match this priority are forwa...

Page 161: ...onfig access_profile profile_id ipv6 Purpose Used to configure the IPv6 access profile on the Switch and to define specific values for the rules that will be used to by the Switch to determine if a given packet should be forwarded or filtered Masks entered using the create access_profile command will be combined using a logical AND operational method with the values the Switch finds in the specifi...

Page 162: ...lar to the Type of Service ToS or Precedence bits field in IPv4 flowlabel hex 0x0 fffff Entering this parameter will instruct the Switch to examine the flow label field of the IPv6 header This flow label field is used by a source to label sequences of packets such as non default quality of service or real time service packets This field is to be defined by the user in hex form source_ipv6 ipv6addr...

Page 163: ... of 1 DGS 3400 4 delete access_profile profile_id 1 Command delete access_profile profile_id 1 Success DGS 3400 4 show access_profile Purpose Used to display the currently configured access profiles on the Switch Syntax show access_profile profile_id value 1 6 Description The show access_profile command is used to display the currently configured access profiles Parameters profile_id value 1 6 Ent...

Page 164: ...d that will be combined with the values the Switch finds in the specified frame header fields Specific values for the rules are entered using the config cpu access_profile command below Syntax create cpu access_profile profile_id value 1 5 ethernet vlan source_mac macmask destination_mac macmask 802 1p ethernet_type ip vlan source_ip_mask netmask destination_ip_mask netmask dscp icmp type code igm...

Page 165: ...ent Protocol IGMP field type Specifies that the switch will examine each frame s IGMP Type field tcp Specifies that the switch will examine each frames Transport Control Protocol TCP field src_port_mask hex 0x0 0xffff Specifies a TCP port mask for the source port dst_port_mask hex 0x0 0xffff Specifies a TCP port mask for the destination port flag_mask all urg ack psh rst syn fin Enter the appropri...

Page 166: ...ess_profile command will be combined using a logical AND operation with the values the Switch finds in the specified frame header fields Specific values for the rules are entered using the config cpu access_profile command below Syntax config cpu access_profile profile_id value 1 5 add access_id value 1 100 ethernet vlan vlan_name 32 source_mac macaddr destination_mac macaddr 802 1p value 0 7 ethe...

Page 167: ...tion_mac macaddr Specifies that the access profile will apply to this destination MAC address ethernet_type hex 0x0 0xffff Specifies that the access profile will apply only to packets with this hexadecimal 802 1Q Ethernet type value in the packet header vlan vlan_name 32 Specifies that the access profile will apply to only this VLAN source_ip ipaddr Specifies that the access profile will apply to ...

Page 168: ... to mask the packet from byte 64 to byte 79 Restrictions Example usage Command config cpu access_profile profile_id 10 add access_id 1 ip vlan default source_ip 20 2 2 3 destination_ip 10 1 1 252 dscp 3 icmp type 11 code 32 port 1 deny To configure CPU access list entry DGS 3400 4 config cpu access_profile profile_id 5 add access_id 1 ip vlan default source_ip 20 2 2 3 destination_ip 10 1 1 252 ds...

Page 169: ...r an integer between 1 and 5 that is used to identify the CPU access profile to be deleted with this command This value is assigned to the access profile when it is created with the create cpu access_profile command Restrictions Only administrator level users can issue this command Example usage To show the CPU filtering state on the Switch DGS 3400 4 show cpu access_profile Command show cpu acces...

Page 170: ... the Switch will minimize the IP packet bandwidth received by the Switch by adjusting the bandwidth for all IP packets by setting a acceptable bandwidth for both unicast and broadcast IP packets The Switch uses an internal algorithm to filter IP packets through while adjusting the bandwidth dynamically IP packets may also be limited by the Switch by configuring only certain IP addresses to be acce...

Page 171: ... value 20 100 The user can set a percentage value of the falling CPU utilization which will trigger the Safeguard Engine function to cease Once the CPU utilization falls to this percentage the Safeguard Engine mechanism will shut down strict If selected this function will instruct the Switch to minimize the IP and ARP traffic flow to the CPU by dynamically allotting an even bandwidth to all traffi...

Page 172: ...tch CLI Manual DGS 3400 4 show safeguard_engine Command show safeguard_engine Safeguard engine state Disabled Safeguard engine current status normal mode CPU utilization information Rising 30 Falling 20 Trap Log state Disabled Mode Fuzzy DGS 3400 4 169 ...

Page 173: ...ive forwarded frames from the ports specified in the portlist above Restrictions null No ports are specified all Specifies all ports on the Switch portlist Specifies a range of ports for the forwarding list This list must be on the same switch previously specified for traffic segmentation i e following the portlist specified above for config traffic_segmentation Only administrator level users can ...

Page 174: ...ion on the Switch DGS 3400 4 show traffic_segmentation Command show traffic_segmentation Traffic Segmentation Table Port Forward Portlist 2 1 28 17 1 28 1 1 28 3 1 28 4 1 28 5 1 28 6 1 28 7 1 28 8 1 28 9 1 28 10 1 28 11 1 28 12 1 28 13 1 28 14 1 28 15 1 28 16 1 28 18 1 28 CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 171 ...

Page 175: ...h command is listed in detail in the following sections config sntp Purpose Used to setup SNTP service Syntax config sntp primary ipaddr secondary ipaddr poll interval int 30 99999 Description Use this command to configure SNTP service from an SNTP server SNTP must be enabled for this command to function See enable sntp Parameters primary This is the primary server the SNTP information will be tak...

Page 176: ... SNTP server support Syntax enable sntp Description This will enable SNTP support SNTP service must be separately configured see config sntp Enabling and configuring SNTP support will override any manually configured system time settings Parameters None Restrictions Only administrator level users can issue this command SNTP settings must be configured for SNTP to function config sntp Example usage...

Page 177: ...anually configured system time and date settings are overridden if SNTP support is enabled Used to manually configure system time and date settings Syntax Description Example usage To manually set system time and date settings DGS 3400 4 config time 30jun2003 16 30 30 Command config time 30jun2003 16 30 30 Success DGS 3400 4 config time_zone Used to determine the time zone used in order to adjust ...

Page 178: ...nual mode will enable DST seasonal time adjustment Annual mode requires that the DST beginning and ending date be specified concisely For example specify to begin DST on April 3 and end DST on October 14 s_week Configure the week of the month in which DST begins e_week Configure the week of the month in which DST ends e_day Configure the day of the week in which DST ends s_mth Configure the month ...

Page 179: ...e_day wed e_mth 10 e_time 15 30 offset 30 Command config dst repeating s_week 2 s_day tue s_mth 4 s_time 15 00 e_week 2 e_day wed e_mth 10 e_time 15 30 offset 30 Success show time Purpose Used to display the current time settings and status Syntax show time This will display system time and date configuration as well as display current system time Parameters None Restrictions None Description Exam...

Page 180: ...nd the corresponding MAC address into the Switch s ARP table Parameters ipaddr The IP address of the end node or station macaddr The MAC address corresponding to the IP address above Restrictions Only administrator level users can issue this command The Switch supports up to 255 static ARP entries Example Usage To create a static ARP entry for the IP address 10 48 74 121 and MAC address 00 50 BA 0...

Page 181: ...ll clears the Switch s ARP table Parameters ipaddr The IP address of the end node or station all Deletes all ARP entries Restrictions Only administrator level users can issue this command Example Usage To delete an entry of IP address 10 48 74 121 125 from the ARP table DGS 3400 4 delete arpentry 10 48 74 121 Command delete arpentry 10 48 74 121 Success DGS 3400 4 delete arpentry ipv6 Purpose Used...

Page 182: ...e of 0 65535 minutes with a default setting of 20 minutes Restrictions Only administrator level users can issue this command Example Usage To configure ARP aging time DGS 3400 4 config arp_aging time 30 DGS 3400 4 Command config arp_aging time 30 Success show arpentry Purpose Used to display the ARP table Syntax show arpentry ipif ipif_name 12 ipaddress ipaddr static This command is used to displa...

Page 183: ...3 00 80 C8 40 C1 06 Dynamic System 10 40 44 60 00 50 BA 6B 2A 1E Dynamic System 10 42 73 221 00 01 02 03 04 00 Dynamic System 10 44 67 1 00 50 BA DA 02 51 Dynamic System 10 47 65 25 00 50 BA DA 03 2B Dynamic System 10 50 8 7 00 E0 18 45 C7 28 Dynamic System 10 90 90 90 00 01 02 03 04 00 Local System 10 255 255 255 FF FF FF FF FF FF Local Broadcast Total Entries 20 DGS 3400 4 show arpentry ipv6 Use...

Page 184: ... command is used to remove dynamic ARP table entries from the Switch s ARP table Static ARP table entries are not affected Parameters None Restrictions Only administrator level users can issue this command Syntax Description Example Usage To remove dynamic entries in the ARP table DGS 3400 4 clear arptable Command clear arptable Success DGS 3400 4 181 ...

Page 185: ...reate iproute network_address ipaddr metric 1 65535 primary backup Description This command is used to create a primary and backup IP route entry to the Switch s IP routing table Parameters network_address IP address and netmask of the IP interface that is the destination of the route The address and mask information can be specified using the traditional format for example 10 1 2 3 255 0 0 0 or i...

Page 186: ...proute default 10 48 74 121 1 Command create iproute default 10 48 74 121 1 Success DGS 3400 4 delete iproute Purpose Used to delete an IP route entry from the Switch s IP routing table Syntax delete iproute network_address ipaddr primary backup Description This command will delete an existing entry from the Switch s IP routing table Parameters network_address IP address and netmask of the IP inte...

Page 187: ...delete iproute default Command delete iproute default Success DGS 3400 4 show iproute Purpose Used to display the Switch s current IP routing table Syntax show iproute network_address Description This command will display the Switch s current IP routing table Parameters network_address IP address and netmask of the IP interface that is the destination of the route The address and mask information ...

Page 188: ...ictions Only administrator level users can issue this command Example Usage To add a single static IPv6 entry in IPv6 format DGS 3400 4 create iproute 1234 5D7F 32 2D30 AC21 Command create iproute 1234 5D7F 32 2D30 AC21 Success DGS 3400 4 delete iproute ipv6 Purpose Used to delete an static IPv6 route entry from the Switch s IP routing table Syntax delete iproute ipv6 ipv6networkaddr ipv6addr all ...

Page 189: ...trictions None Example Usage To display the static IPv6 entries in the routing table DGS 3400 4 show iproute ipv6 Command show iproute ipv6 Routing Table IPV6 Address Netmask Gateway Cost Protocol 1234 32 2D30 AC21 1 Static Total Entries 1 DGS 3400 4 create iproute ipv6 default Purpose Used to create IP route entries to the Switch s IP routing table Syntax create iproute ipv6 default ipv6addr metr...

Page 190: ...ult Purpose Used to delete a default IPv6 route entry from the Switch s IP routing table Syntax delete iproute ipv6 default Description This command will delete an existing default entry from the Switch s IP routing table Parameters None Restrictions Only administrator level users can issue this command Example usage To delete the default IPv6 route DGS 3400 4 delete iproute default Command delete...

Page 191: ...ess table notification on the Switch Syntax enable mac_notification Description This command is used to enable MAC address notification without changing configuration Only administrator level users can issue this command Parameters None Restrictions Example Usage To enable MAC notification without changing basic configuration DGS 3400 4 enable mac_notification Command enable mac_notification Succe...

Page 192: ...e the Switch s MAC address table notification global settings DGS 3400 4 config mac_notification interval 1 historysize 500 Command config mac_notification interval 1 historysize 500 Success DGS 3400 4 config mac_notification ports Used to configure MAC address notification status settings Syntax config mac_notification ports portlist all enable disable Description MAC address notificiation is use...

Page 193: ...ation Command show mac_notification Global MAC Notification Settings State Enabled Interval 1 History Size 1 DGS 3400 4 show mac_notification ports Purpose Used to display the Switch s MAC address table notification status settings Syntax show mac_notification ports portlist Description This command is used to display the Switch s MAC address table notification status settings Parameters portlist ...

Page 194: ...s Port MAC Address Table Notification State 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled 9 Disabled 10 Disabled 11 Disabled 12 Disabled 13 Disabled 14 Disabled 15 Disabled 16 Disabled 17 Disabled 18 Disabled 19 Disabled 20 Disabled CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 191 ...

Page 195: ...thentication the Switch contacts the TACACS XTACACS TACACS RADIUS server to verify and the server will respond with one of three messages A The server verifies the username and password and the user is granted normal user privileges on the Switch B The server will not accept the username and password and the user is denied access to the Switch C The server doesn t respond to the verification query...

Page 196: ...lnet ssh http all login enable default method_list_name string 15 show authen application create authen server_group string 15 config authen server_group tacacs xtacacs tacacs radius string 15 add delete server_host ipaddr protocol tacacs xtacacs tacacs radius delete authen server_group string 15 show authen server_group string 15 create authen server_host ipaddr protocol tacacs xtacacs tacacs rad...

Page 197: ...ntax disable authen_policy Description This command will disable the administrator defined authentication policy for users trying to access the Switch When disabled the Switch will access the local user account database for username and password verification In addition the Switch will now accept the local enable password as the authentication for normal users attempting to access administrator le...

Page 198: ...ault method_list_name string 15 method tacacs xtacacs tacacs radius server_group string 15 local none Description This command will configure a user defined or default method list of authentication methods for users logging on to the Switch The sequence of methods implemented in this command will affect the authentication result For example if a user enters a sequence of methods like tacacs xtacac...

Page 199: ...e authenticated using the TACACS protocol from the remote TACACS server hosts of the TACACS server group list radius Adding this parameter will require the user to be authenticated using the RADIUS protocol from the remote RADIUS server hosts of the RADIUS server group list local Adding this parameter will require the user to be authenticated using the local user account database on the Switch non...

Page 200: ...ription This command is used to show a list of authentication methods for user login Parameters default Entering this parameter will display the default method list for users logging on to the Switch method_list_name string 15 Enter an alphanumeric string of up to 15 characters to define the given method list the user wishes to view all Entering this parameter will display all the authentication l...

Page 201: ...st the user wishes to create Restrictions Only administrator level users can issue this command Syntax Example usage To create a user defined method list named Permit for promoting user privileges to Adminstrator privileges DGS 3400 4 create authen_enable method_list_name Permit Command show authen_login method_list_name Permit Success DGS 3400 4 config authen_enable Purpose Used to configure a us...

Page 202: ...re the user to be authenticated using the XTACACS protocol from the remote XTACACS server hosts of the XTACACS server group list tacacs Adding this parameter will require the user to be authenticated using the TACACS protocol from the remote TACACS server hosts of the TACACS server group list radius Adding this parameter will require the user to be authenticated using the RADIUS protocol from the ...

Page 203: ...rator level privileges Parameters string 15 Enter an alphanumeric string of up to 15 characters to define the given enable method list the user wishes to delete Restrictions Only administrator level users can issue this command Example usage To delete the user defined method list Permit DGS 3400 4 delete authen_enable method_list_name Permit Command delete authen_enable method_list_name Permit Suc...

Page 204: ...ity protocols are implemeted per method list name None Example usage To display all method lists for promoting user level privileges to administrator level privileges DGS 3400 4 show authen_enable all Command show authen_enable all Method List Name Priority Method Name Comment Permit 1 tacacs Built in Group 2 tacacs Built in Group 3 Darren User defined Group 4 local Keyword default 1 tacacs Built ...

Page 205: ... Enter a alphanumeric string of up to 15 characters to define a previously configured method list Restrictions Only administrator level users can issue this command Example usage To configure the default method list for the web interface Command config authen application http login default Success DGS 3400 4 config authen application http login default DGS 3400 4 show authen application Purpose Us...

Page 206: ... virtual port number of the authentication protocol on a server host The default port number is 49 for TACACS XTACACS TACACS servers and 1812 and 1813 for RADIUS servers but the user may set a unique port number for higher security key key_string 254 Authentication key to be shared with a configured TACACS or RADIUS server only Specify an alphanumeric string up to 254 characters timeout int 1 255 ...

Page 207: ... port number of the authentication protocol on a server host The default port number is 49 for TACACS XTACACS TACACS servers and 1812 and 1813 for RADIUS servers but the user may set a unique port number for higher security key key_string 254 Authentication key to be shared with a configured TACACS or RADIUS server only Specify an alphanumeric string up to 254 characters or choose none timeout int...

Page 208: ...To delete a user defined TACACS authentication server host DGS 3400 4 delete authen server_host 10 1 1 121 protocol tacacs Command delete authen server_host 10 1 1 121 protocol tacacs Success DGS 3400 4 show authen server_host Purpose Used to view a user defined authentication server host Syntax show authen server_host Description This command is used to view user defined authentication server hos...

Page 209: ... Purpose Syntax Example usage To create the server group group_1 DGS 3400 4 create authen server_group group_1 Command create authen server_group group_1 Success DGS 3400 4 config authen server_group Purpose Used to configure a user defined authentication server group Syntax config authen server_group tacacs xtacacs tacacs radius string 15 add delete server_host ipaddr protocol tacacs xtacacs taca...

Page 210: ... are three options Restrictions Only administrator level users can issue this command tacacs Use this parameter to define the protocol if the server host is using the TACACS authentication protocol xtacacs Use this parameter to define the protocol if the server host is using the XTACACS authentication protocol tacacs Use this parameter to define the protocol if the server host is using the TACACS ...

Page 211: ...l authentication server groups on the Switch Restrictions None Example usage To view authentication server groups currently set on the Switch DGS 3400 4 show authen server_group Command show authen server_group Group Name IP Address Protocol Darren 10 53 13 2 TACACS tacacs 10 53 13 94 TACACS tacacs This group has no entry This group has no entry Total Entries 4 DGS 3400 4 config authen parameter r...

Page 212: ...empts the user may try to become authenticated by the Switch before being locked out Restrictions Only administrator level users can issue this command Example usage To set the maximum number of authentication attempts at 5 DGS 3400 4 config authen parameter attempt 5 Command config authen parameter attempt 5 Success DGS 3400 4 show authen parameter Purpose Used to display the authentication param...

Page 213: ...nd a password configured by the administrator that will support the enable function This function becomes inoperable when the authentication policy is disabled Parameters None Only administrator level users can issue this command Description Restrictions Example usage To enable administrator privileges on the Switch DGS 3400 4 enable admin Password DGS 3400 4 config admin local_enable Purpose Used...

Page 214: ...o configure the password for the local_enable authentication method DGS 3400 4 config admin local_enable Command config admin local_ebable Enter the old password Enter the case sensitive new password Enter the new password again for confirmation Success DGS 3400 4 211 ...

Page 215: ...ent and the SSH Server Finally enable SSH on the Switch using the enable ssh command After following the above steps you can configure an SSH Client on the remote PC and manage the Switch using secure in band communication The Secure Shell SSH commands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table Command Parameters enable ssh disable ssh...

Page 216: ...e the SSH authentication mode for users attempting to access the Switch Parameters password This parameter may be chosen if the administrator wishes to use a locally configured password for authentication on the Switch publickey This parameter may be chosen if the administrator wishes to use a publickey configuration set on a SSH server for authentication hostbased This parameter may be chosen if ...

Page 217: ...authfail int 2 20 rekey 10min 30min 60min never Description This command allows you to configure parameters for the SSH server setting on the Switch Parameters maxsession int 1 8 Allows the user to set the number of users that may simultaneously access the Switch The default setting is 8 contimeout sec 120 600 Allows the user to set the connection timeout The user may set a time between 120 and 60...

Page 218: ...stname domain_name hostname_IP domain_name ipaddr password publickey Description This command allows you to configure the SSH user authentication method username Enter a username of no more than 15 characters to identify the SSH user authmode Specifies the authentication mode of the SSH user wishing to log on to the Switch The administrator may choose between hostbased This parameter should be cho...

Page 219: ...ommand allows you to display the current SSH user setting Parameters None Restrictions None Example usage To display the SSH user DGS 3400 4 show ssh user authmode Command show ssh user authmode Current Accounts UserName Authentication Host Name Host IP Trinity Hostbased 12334 10 45 25 8 DGS 3400 4 Note To configure the SSH user the administrator must create a user account on the Switch For inform...

Page 220: ...the Cast128 encryption algorithm twofish128 This parameter will enable or disable the twofish128 encryption algorithm twofish192 This parameter will enable or disable the twofish192 encryption algorithm MD5 This parameter will enable or disable the MD5 Message Digest encryption algorithm SHA1 This parameter will enable or disable the Secure Hash Algorithm encryption RSA This parameter will enable ...

Page 221: ... ssh algorithm Encryption Algorithm 3DES Enabled AES128 Enabled AES192 Enabled AES256 Enabled arcfour Enabled blowfish Enabled cast128 Enabled twofish128 Enabled twofish192 Enabled twofish256 Enabled Data Integrity Algorithm MD5 Enabled SHA1 Enabled Public Key Algorithm RSA Enabled DSA Enabled DGS 3400 4 218 ...

Page 222: ... encrypted text 3 Hash Algorithm This part of the ciphersuite allows the user to choose a message digest function which will determine a Message Authentication Code This Message Authentication Code will be encrypted with a sent message to provide integrity and prevent against replay attacks The Switch supports two hash algorithms MD5 Message Digest 5 and SHA Secure Hash Algorithm These three param...

Page 223: ...el users can issue this command RSA_with_RC4_128_MD5 This ciphersuite combines the RSA key exchange stream cipher RC4 encryption with 128 bit keys and the MD5 Hash Algorithm RSA_with_3DES_EDE_CBC_SHA This ciphersuite combines the RSA key exchange CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm DHE_DSS_with_3DES_EDE_CBC_SHA This ciphersuite combines the DSA Diffie Hellman key exchan...

Page 224: ...E_CBC_SHA This ciphersuite combines the DSA Diffie Hellman key exchange CBC Block Cipher 3DES_EDE encryption and SHA Hash Algorithm RSA_EXPORT_with_RC4_40_MD5 This ciphersuite combines the RSA Export key exchange stream cipher RC4 encryption with 40 bit keys Example usage DGS 3400 4 disable ssl To disable the SSL status on the Switch Command disable ssl Success DGS 3400 4 To disable ciphersuite RS...

Page 225: ...ut timeout 7200 Success show ssl cachetimeout Purpose Used to show the SSL cache timeout Syntax show ssl cachetimeout Description Entering this command will allow the user to view the SSL cache timeout cuurently implemented on the Switch Parameters None Restrictions None Example usage To view the SSL cache timeout on the Switch DGS 3400 4 show ssl cachetimeout DGS 3400 4 Command show ssl cachetime...

Page 226: ...e SSL function on the Switch Syntax download SSL certificate ipaddr certfilename path_filename 64 keyfilename path_filename 64 Description This command is used to download a certificate file for the SSL function on the Switch from a TFTP server The certificate file is a data record used for authenticating devices on the network It contains information on the owner keys for authentication and digit...

Page 227: ...witch CLI Manual DGS 3400 4 download ssl certificate 10 53 13 94 certfilename c cert der keyfilename c pkey der Command download ssl certificate 10 53 13 94 certfilename c cert der keyfilename c pkey der Certificate Loaded Successfully DGS 3400 4 224 ...

Page 228: ...ctions enable jumbo_frame Purpose Used to enable the jumbo frame function on the Switch Syntax enable jumbo_frame Description This command will allow ethernet frames larger than 1536 bytes to be processed by the Switch The maximum size of the jumbo frame may not exceed 9k Parameters None Restrictions Only administrator level users can issue this command Example usage To enable the jumbo frame func...

Page 229: ... the jumbo frame function on the Switch Syntax show jumbo_frame Description This command will show the status of the jumbo frame function on the Switch Parameters None Restrictions None Usage Example To show the jumbo frame status currently configured on the Switch DGS 3400 4 show jumbo_frame Command show jumbo_frame Jumbo frame state disabled DGS 3400 4 Maximum Jumbo frame size 1536 bytes 226 ...

Page 230: ... not a Commander Switch or Member Switch of another Single IP group It is connected to the Member Switches through its management VLAN Member Switch MS This is a switch that has joined a single IP group and is accessible from the CS and it takes on the following characteristics It is not a CS or MS of another IP group It is connected to the CS through the CS management VLAN Candidate Switch CaS Th...

Page 231: ...process cannot occur This version will support multiple switch upload and downloads for firmware configuration files and log files as follows Firmware The switch now supports multiple MS firmware downloads from a TFTP server Configuration Files This switch now supports multiple downloading and uploading of configuration files both to for configuration restoration and from for configuration backup ...

Page 232: ... defined device name on the Switch MAC Address Displays the MAC Address of the Switch Capabilities Displays the type of switch be it Layer 2 L2 or Layer 3 L3 Platform Switch Description including name and model number SIM State Displays the current Single IP Management State of the Switch whether it be enabled or disabled Role State Displays the current role the Switch is taking including Commande...

Page 233: ... show sim SIM Version VER 1 61 MAC Address 00 10 20 33 45 00 Command show sim Firmware Version 1 20 B15 Device Name Capabilities L2 Platform DGS 3400 L2 Switch SIM State Disabled Role State Candidate Discovery Interval 30 sec Holdtime 100 sec DGS 3400 4 To show the candidate information in summary if the candidate ID is specified DGS 3400 4 show sim candidates 1 2 Command show sim candidates 1 2 I...

Page 234: ... Example usage To view SIM neighbors DGS 3400 4 show sim neighbor Command show sim neighbor Neighbor Info Table Port MAC Address Role 23 00 35 26 00 11 99 Commander 23 00 35 26 00 11 91 Member 24 00 35 26 00 11 90 Candidate Total Entries 3 DGS 3400 4 reconfig Purpose Used to connect to a member switch through the commander switch using telnet Syntax reconfig member_id value 1 32 exit Description T...

Page 235: ... this parameter to change a Candidate Switch CaS to a Member Switch MS of a SIM group The CaS may be defined by its ID number and a password if necessary delete member_id 1 32 Use this parameter to delete a member switch of a SIM group The member switch should be defined by ID number Restrictions Only administrator level users can issue this command Example usage To add a member DGS 3400 4 config ...

Page 236: ...nnected to it Ex MS CaS The user may set the dp_interval from 30 to 90 seconds hold time sec 100 255 Using this parameter the user may set the time in seconds the CS will hold information sent to it from other switches utilizing the discovery interval protocol The user may set the hold time from 100 to 255 seconds dp_interval 30 90 The user may set the discovery protocol interval in seconds that t...

Page 237: ...d device from a TFTP server firmware_from_tftp Specify this parameter if the user wishes to download firmware to members of a SIM group configuration_from_tftp Specify this parameter if the user wishes to download a switch configuration to members of a SIM group ipaddr Enter the IP address of the TFTP server path_filename Enter the path and the filename of the firmware or switch on the TFTP server...

Page 238: ..._tftp ipaddr path_filename members mslist all Description This command will upload a configuration file to a TFTP server from a specified member of a SIM group Parameters configuration_to_tftp Specify this parameter if the user wishes to upload a switch configuration to members of a SIM group log_to_tftp Specify this parameter if the user wishes to upload a switch log to members of a SIM group ipa...

Page 239: ...t Managed Switch CLI Manual To upload configuration files to a TFTP server DGS 3400 4 upload sim_ms configuration 10 55 47 1 D configuration txt 1 Success Command upload sim_ms configuration 10 55 47 1 D configuration txt 1 DGS 3400 4 236 ...

Page 240: ...th an appropriate command will list all the corresponding parameters for the specified command along with a brief description of the commands function and similar commands having the same words in the command Restrictions None Example usage To display all of the commands in the CLI DGS 3400 4 clear clear arptable clear counters clear fdb clear log clear port_security_entry port config 802 1p defau...

Page 241: ...nfig command_history Purpose Used to configure the command history Syntax config command_history value 1 40 Description This command is used to configure the command history value 1 40 The number of previously executed commands maintained in the buffer Up to 40 of the latest executed commands may be viewed Restrictions Only administrator level users can issue this command Parameters Example usage ...

Page 242: ...xStack DGS 3400 Series Layer 2 Gigabit Managed Switch CLI Manual DGS 3400 4 show command_history Command show command_history show show vlan show command history DGS 3400 4 239 ...

Page 243: ...anner command then the banner will be reset to the original factory banner To open the Banner Editor click enter after typing the config greeting_message command Type the information to be displayed on the banner by using the commands described on the Banner Editor Quit without save Ctrl C Save and quit Ctrl W Move cursor Left Right Up Down Delete line Ctrl D Erase all setting Ctrl X Reload origin...

Page 244: ... line Ctrl X Erase all setting Ctrl L Reload original setting show greeting_message Purpose Used to view the currently configured greeting message configured on the Switch Syntax show greeting_message Description This command is used to view the currently configured greeting message on the Switch Parameters None Restrictions None Example usage To view the currently configured greeting message DES ...

Page 245: ...e The command prompt will be changed to the login username default The command prompt will reset to factory default command prompt Restrictions Only administrator level users can issue this command Other restrictions include If the reset reset config command is executed the modified command prompt will remain modified However the reset system command will reset the command prompt to the original f...

Page 246: ...p Priority Queues IEEE 802 3ad Link Aggregation Control IEEE 802 3x Full duplex Flow Control IEEE 802 3 Nway auto negotiation Protocols CSMA CD Data Transfer Rates Ethernet Fast Ethernet Gigabit Ethernet Fiber Optic Half duplex Full duplex 10 Mbps 20Mbps 100Mbps 200Mbps n a 2000Mbps SFP Mini GBIC Support IEEE 802 3z 1000BASE LX DEM 310GT transceiver IEEE 802 3z 1000BASE SX DEM 311GT transceiver IE...

Page 247: ...midity 5 95 non condensing Dimensions 441mm x 389mm x 44mm Weight DGS 3400 Series Switch DGS 3426 5 42 kg Module Inserts DGS 3427 5 51 kg DGS 3450 5 74 kg DEM 410CX 0 16 kg DEM 410X 0 18 kg EMI CE class A FCC Class A Safety CSA International CB Report Performance Transmission Method Store and forward Packet Buffer 0 75 MB per device Packet Filtering Forwarding Rate Full wire speed for all connecti...

Reviews:

No comments

Related manuals for xStack DGS-3426

D-Link DSL-500 Command Reference Manual preview
DSL-500
Brand: D-Link Pages: 15
D-Link DSN-4100 Series Quick Start Manual preview
DSN-4100 Series
Brand: D-Link Pages: 2
D-Link DWL-G550 Product Data Sheet preview
DWL-G550
Brand: D-Link Pages: 2
Axis AXIS P1354 Installation Manual preview
AXIS P1354
Brand: Axis Pages: 104
Google AC-1304 User Manual preview
AC-1304
Brand: Google Pages: 14
Macsense MIH-108 User Manual preview
MIH-108
Brand: Macsense Pages: 39
Speedtouch IPQoS Configuration Manual preview
IPQoS
Brand: Speedtouch Pages: 124
Linksys NSLU2 - Network Storage Link NAS Server Quick Installation Manual preview
NSLU2 - Network Storage Link NAS Server
Brand: Linksys Pages: 64
TRENDnet TEW-733GR User Manual preview
TEW-733GR
Brand: TRENDnet Pages: 62
Cowfish Technologies VanConnect User Manual And Installation Manual preview
VanConnect
Brand: Cowfish Technologies Pages: 38
NC-link NC-AP111 User Manual preview
NC-AP111
Brand: NC-link Pages: 20
Airlinkplus ASW224 User Manual preview
ASW224
Brand: Airlinkplus Pages: 20
Alcatel-Lucent 9364 Installation And Commissioning Manual preview
9364
Brand: Alcatel-Lucent Pages: 60
National Instruments PXI Terminal Block NI TB-2709 Installation Manual preview
PXI Terminal Block NI TB-2709
Brand: National Instruments Pages: 12
Firetide HotPort 3103 User Manual preview
HotPort 3103
Brand: Firetide Pages: 32
H3C WT2024-U-PWR Compliance And Safety Manual preview
WT2024-U-PWR
Brand: H3C Pages: 51
NETGEAR DG834GUV5 User Manual preview
DG834GUV5
Brand: NETGEAR Pages: 120
SMC Networks EZ Switch SMC-1026DT V.2 User Manual preview
EZ Switch SMC-1026DT V.2
Brand: SMC Networks Pages: 27

Brands by name

Popular brands

Load more brands