manualshive.com logo in svg

D-Link xStack DGS-3426P, Reference Manual

Share
Download
D-Link xStack DGS-3426P Reference Manual Download Page 459

xStack

®

 DGS-3400 Series Layer 2 Gigabit Ethernet Managed Switch CLI Manual

 

 

455 

61  

P

ORT 

S

ECURITY 

C

OMMANDS

 

The Port Security commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in 
the following table. 

Command 

Parameters 

config port_security ports 

[<portlist> | all] {admin_state [enable | disable] | max_learning_addr 
<max_lock_no 0-64> | lock_address_mode [permanent | delete ontimeout | 
deleteonreset]}(1) 

delete port_security_entry vlan_name 

<vlan_name 32> port <port> mac_address <macaddr> 

clear port_security_entry port 

<portlist> 

show port_security 

{ports <portlist>} 

Each command is listed, in detail, in the following sections. 

 

config port_security 

Purpose 

This command is used to set the port level port security setting. 

Syntax 

config port_security ports [<portlist> | all] {admin_state [enable | disable] | 
max_learning_addr <max_lock_no 0-64> | lock_address_mode [permanent | delete 
ontimeout | deleteonreset]}(1) 

Description 

This command configures admin state, maximum learning address and lock address mode.  

There is limitation on the learned entry number for a port. If any limitation is exceeded, the 
new entry will be discarded. 

Parameters 

portlist

 - Specifies a range of ports to be configured. 

all

 - Specifies that all ports will be configured. 

admin_state

 - Specifies to enable/disable the port security function on the port. By default, 

the setting is disabled. 

max_learning_addr

 - Specifies the maximum of port security entries that can be learned on 

this port. If the value is set to 0, it means that no user can get authorized by port security 
function on this port. If the setting is smaller than the number of current learned entries on the 
port, the command will be rejected. The default value is 1. 

lock_address_mode

 - Indicates the mode of locking address. The default mode is 

deleteonreset. 

permanent

 - The address will never be deleted unless the user removes it manually 

or the VLAN of the entry is removed or the port is removed from the VLAN, or port 
security is disabled on the port where the address resides.. 

deleteontimeout

 - This entry will be removed if it’s idle for the ageing time. 

deleteonreset

 - This address will be removed if the switch is reset or reboots. The 

cases under which the permanent entries are deleted also apply to the deleteonreset 
entries, 

Restrictions 

Only Administrator and Operator-level users can issue this command. 

 

Example usage: 

To config port security setting: 

Summary of Contents for xStack DGS-3426P

Page 1: ... CLI Reference Guide ProductModel xStack DGS 3400Series Layer2ManagedGigabitEthernetSwitch Release3 0 ...

Page 2: ...CP RELAY COMMANDS 150 DHCP SERVER SCREENING COMMANDS 160 DHCP SERVER COMMANDS 163 DHCPV6 CLIENT COMMANDS 181 DHCPV6 RELAY COMMANDS 183 DHCPV6 SERVER COMMANDS 189 DIGITAL DIAGNOSTIC MONITORING DDM COMMANDS 202 D LINK SINGLE IP MANAGEMENT COMMANDS 209 D LINK UNIDIRECTIONAL LINK DETECTION DULD COMMANDS 220 DOMAIN NAME SERVER DNS RESOLVER COMMANDS 222 DOMAIN NAME SERVER DNS RELAY COMMANDS 227 ETHERNET...

Page 3: ...SSWORD RECOVERY COMMANDS 448 PING COMMANDS 451 PORT SECURITY COMMANDS 455 POWER OVER ETHERNET POE COMMANDS 458 PROTOCOL VLAN GROUP COMMANDS 462 QUALITY OF SERVICE QOS COMMANDS 467 REMOTE COPY PROTOCOL RCP COMMANDS 480 REMOTE SWITCHED PORT ANALYZER RSPAN COMMANDS 489 ROUTING INFORMATION PROTOCOL RIP COMMANDS 495 RIPNG COMMANDS 498 SAFEGUARD ENGINE COMMANDS 503 SECURE SHELL SSH COMMANDS 506 SECURE S...

Page 4: ...CONTROL COMMANDS 589 TRAFFIC SEGMENTATION COMMANDS 593 TRUSTED HOST COMMANDS 595 UNICAST ROUTE COMMANDS 597 UTILIZATION COMMANDS 603 VOICE VLAN COMMANDS 606 WEB BASED ACCESS CONTROL WAC COMMANDS 613 TECHNICAL SPECIFICATIONS 623 PASSWORD RECOVERY PROCEDURE 625 ...

Page 5: ...e Switch via the Serial Port The Switch s serial port s default settings are as follows 115200 baud no parity 8 data bits 1 stop bit A computer running a terminal emulation program capable of emulating a VT 100 terminal and a serial port configured as above is then connected to the Switch s serial port via an RS 232 DB 9 cable With the serial port properly connected to a management computer the fo...

Page 6: ...present the IP address to be assigned to the IP interface named System and the y s represent the corresponding subnet mask 2 Alternatively you can enter config ipif System ipaddress xxx xxx xxx xxx z Where the x s represent the IP address to be assigned to the IP interface named System and the z represents the corresponding number of subnets in CIDR notation The IP interface named System on the Sw...

Page 7: ...ole interface is used by connecting the Switch to a VT100 compatible terminal or a computer running an ordinary terminal emulator program e g the HyperTerminal program included with the Windows operating system using an RS 232C serial cable Your terminal parameters will need to be set to VT 100 compatible 115200 baud 8 data bits No parity One stop bit No flow control Users can also access the same...

Page 8: ...450 admin Figure 2 3 Example Command Parameter Help In this case the command config account was entered with the parameter username The CLI will then prompt to enter the username with the message Next possible completions Every command in the CLI has this feature and complex commands have several layers of parameter prompting In addition after typing any given command plus one space all of the nex...

Page 9: ...ure 2 5 Available Commands The top level commands consist of commands such as show or config Most of these commands require one or more parameters to narrow the top level command This is equivalent to show what or config what Where the what is the next parameter For example if you enter the create command with no additional parameters the CLI will then display all of the possible next parameters D...

Page 10: ...dress ip_addr netmask space Do not type the angle brackets Example Command create ipif Engineering 10 24 22 5 255 0 0 0 Design square brackets Purpose Encloses a required value or set of required arguments One value or argument can be specified Syntax create account admin operator user username 15 Description In the above syntax example users must specify the admin operator or user level account t...

Page 11: ...rrow Repeats the previously entered command Each time the up arrow is pressed the command previous to that displayed appears This way it is possible to review the command history for the current session Use the down arrow to progress sequentially forward through the command history list Down Arrow The down arrow will display the next command in the command history entered in the current session Th...

Page 12: ...sion show switch show serial_port config serial_port baud_rate 9600 19200 38400 115200 auto_logout never 2_minutes 5_minutes 10_minutes 15_minutes enable clipaging disable clipaging enable telnet tcp_port_number 1 65535 disable telnet telnet ipaddr domain_name 255 tcp_port value 0 65535 enable web tcp_port_number 1 65535 disable web Save config config_id 1 2 log all reboot string reset config syst...

Page 13: ...umeric characters to define the user account created here Restrictions Only Administrator level users can issue this command Example usage To create an administrator level user account with the username dlink DGS 3450 admin create account admin dlink Command create account admin dlink Enter a case sensitive new password Enter the new password again for confirmation Success DGS 3450 admin To create...

Page 14: ...SHA 1 encryption password Enter the password here Restrictions Only Administrator level users can issue this command Example usage To configure the user password of dlink account DGS 3450 admin config account dlink Command config account dlink Enter a old password Enter a case sensitive new password Enter the new password again for confirmation Success DGS 3450 admin show account Purpose Used to d...

Page 15: ...sage To delete the user account System DGS 3450 admin delete account System Command delete account System Are you sure to delete the last administrator account y n y Success DGS 3450 admin show session Purpose Used to display a list of currently logged in users Syntax show session Description This command displays a list of all the users that are logged in at the time the command is issued Paramet...

Page 16: ...efault Subnet Mask 255 0 0 0 Default Gateway 0 0 0 0 Boot PROM Version Build 1 00 B13 Firmware Version Build 3 00 B10 Hardware Version A2 System Name System Location System Uptime 0 days 2 hours 11 minutes 7 seconds System Contact Spanning Tree Disabled GVRP Disabled IGMP Snooping Disabled MLD Snooping Disabled RIP Disabled RIPng Disabled TELNET Enabled TCP 23 WEB Enabled TCP 80 CTRL C ESC q Quit ...

Page 17: ...ill log out the current user if there is no user input for 5 minutes 10_minutes The console will log out the current user if there is no user input for 10 minutes 15_minutes The console will log out the current user if there is no user input for 15 minutes Restrictions Only Administrator and Operator level users can issue this command Example usage To configure baud rate DGS 3450 admin config seri...

Page 18: ...ing of the screen display when show command output reaches the end of the page DGS 3450 admin disable clipaging Command disable clipaging Success DGS 3450 admin enable telnet Purpose Used to enable communication with and management of the Switch using the Telnet protocol Syntax enable telnet tcp_port_number 1 65535 Description This command is used to enable the Telnet protocol on the Switch The us...

Page 19: ...n telnet Purpose Used to login remote system with telnet protocol Syntax telnet ipaddr domain_name 255 tcp_port value 0 65535 Description This command is used to login remote system with Telnet protocol on the Switch Parameters ipaddr Specify the IP address of telnet server system domain_name 255 Specify the domain name used tcp_port The TCP port number TCP ports are numbered between 1 and 65535 T...

Page 20: ...l known port for the Web based management software is 80 Restrictions Only Administrator and Operator level users can issue this command Example usage To enable HTTP and configure port number DGS 3450 admin enable web 80 Command enable web 80 Note SSL will be disabled if web is enabled Success DGS 3450 admin disable web Purpose Used to disable the HTTP based management software on the Switch Synta...

Page 21: ...RAM all Use to save the configuration and log file to NV RAM Restrictions Only Administrator and Operator level users can issue this command Example usage To save the Switch s current configuration to non volatile RAM DGS 3450 admin save Command save Saving all configurations to NV RAM Done DGS 3450 admin reboot Purpose Used to restart the Switch Syntax reboot string Description This command is us...

Page 22: ...lt Rebooting will clear all entries in the Forwarding Data Base If no parameter is specified the Switch s current IP address user accounts and the switch history log are not changed All other parameters are restored to the factory default settings The Switch will not save or reboot Restrictions Only Administrator level users can issue this command Example usage To restore all of the Switch s param...

Page 23: ... show device_status Description This command displays the current status of the power and fans on the system In the fan status display there are fans on the left of the switch on the right at the back and a CPU fan if the fans are working normally the display will read OK in the fan field If any of the fans fail the corresponding field will read Fail Parameters None Restrictions None Example usage...

Page 24: ...ministrator and Operator level users can issue this command Example usage To configure the greeting message config command_prompt Purpose Used to configure the command prompt for the Command Line Interface Syntax config command_prompt string 16 username default Description This command is used to configure the command prompt for the CLI interface of the Switch The current command prompt consists o...

Page 25: ...etting Ctrl L Reload original setting show greeting_message Purpose Used to view the currently configured greeting message configured on the Switch Syntax show greeting_message Description This command is used to view the currently configured greeting message on the Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To view the curr...

Page 26: ... Control This mechanism is intended to allow only authorized users or other network devices access to network resources by establishing criteria for each port on the Switch that a user or network device must meet before allowing that port to forward or receive frames The 802 1X commands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table ...

Page 27: ...t port_based ports portlist all mac_based ports portlist all mac_address macaddr config 802 1x reauth port_based ports portlist all mac_based ports portlist all mac_address macaddr create 802 1x guest_vlan vlan_name 32 delete 802 1x guest_vlan vlan_name 32 config 802 1x guest_vlan ports portlist all state enable disable show 802 1x guest_vlan config radius add server_index 1 3 server_ip ipv6addr k...

Page 28: ...ers None Restrictions Only Administrator and Operator level users can issue this command Example usage Used to enable the 802 1X function DGS 3450 admin enable 802 1x Command enable 802 1x Success DGS 3450 admin disable 802 1x Purpose Used to disable the 802 1X function Syntax disable 802 1x Description The disable 802 1x command disable 802 1X function Parameters None Restrictions Only Administra...

Page 29: ...or confirmation Success DGS 3450 admin delete 802 1x user Purpose Used to delete an 802 1X user Syntax delete 802 1x user username 15 Description The delete 802 1x user command delete an 802 1X user Parameters username Specifies the adding user name Restrictions Only Administrator and Operator level users can issue this command Example usage To delete user test DGS 3450 admin delete 802 1x user te...

Page 30: ...DIUS EAP DGS 3450 admin config 802 1x auth_protocol radius_eap Command config 802 1x auth_protocol radius_eap Success DGS 3450 admin config 802 1x fwd_pdu system Purpose Used to configure forwarding of EAPOL PDU when 802 1X is disabled Syntax config 802 1x fwd_pdu system enable disable Description This is a global setting to control the forwarding of EAPOL PDU When 802 1X functionality is disabled...

Page 31: ...ator and Operator level users can issue this command Example usage To configure 802 1X fwd_pdu for ports DGS 3450 admin config 802 1x fwd_pdu ports 1 2 enable Command config 802 1x fwd_pdu ports 1 2 enable Success DGS 3450 admin config 802 1x authorization network radius Purpose The enable or disable the acceptation of an authorized configuration Syntax config 802 1x authorization network radius e...

Page 32: ...some or all ports portlist Specifies a range of ports to be displayed If no port is specified all ports will be displayed If no parameter is specified the 802 1X system configurations will be displayed Restrictions None Example usage To display the 802 1X states DGS 3450 admin show 802 1x auth_state ports 1 4 Command show 802 1x auth_state ports 1 4 Status A Authorized U Unauthorized P Port Based ...

Page 33: ...c MaxReq 2 times ReAuthPeriod 3400 sec ReAuthenticate Disabled Forward EAPOL PDU On Port Enabled Max Users On Port 10 DGS 3450 admin config 802 1x capability Purpose Used to configure the port capability Syntax config 802 1x capability ports portlist all authenticator none Description The config 802 1x capability command configures the port capability Parameters portlist Specifies a range of ports...

Page 34: ... auth_parameter Purpose Used to configure the parameters that control the operation of the authenticator associated with a port Syntax config 802 1x auth_parameter ports portlist all default direction both in port_control force_unauth auto force_auth quiet_period sec 0 65535 tx_period sec 1 65535 supp_timeout sec 1 65535 server_timeout sec 1 65535 max_req value 1 10 reauth_period sec 1 65535 max_u...

Page 35: ...nzero number of seconds which is used to be the re authentication timer The default value is 3400 max_users Specifies per port maximum number of users The range is 1 to 128 The default value is 16 enable_reauth You can enable or disable the re authentication mechanism for a specific port Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the ...

Page 36: ... 802 1x init port_based ports all Command config 802 1x init port_based ports all Success DGS 3450 admin config 802 1x reauth Purpose Used to re authenticate the device connected to the port Syntax config 802 1x reauth port_based ports portlist all mac_based ports portlist all mac_address macaddr Description The config 802 1x reauth command re authenticates the device connected to the port During ...

Page 37: ...ax delete 802 1x guest_vlan vlan_name 32 Description The delete 802 1x guest_vlan command will delete guest VLAN setting but not delete the static VLAN All ports which enabled guest VLAN will remove to original VLAN after deleted guest VLAN Parameters vlan_name 32 Specify the static VLAN to be guest VLAN Restrictions Only Administrator and Operator level users can issue this command Example usage ...

Page 38: ...st VLANs Parameters None Restrictions None Example usage To show 802 1X guest VLAN on the switch DGS 3450 admin show 802 1x guest_vlan Command show 802 1x guest_vlan Guest VLAN Setting Guest VLAN guest Enable Guest VLAN Ports 1 10 DGS 3450 admin config radius add Purpose Use to add a new RADIUS server The server with lower index has higher authenticative priority Syntax config radius add server_in...

Page 39: ...nsmit The count for re transmitting Default value is 2 Restrictions Only Administrator and Operator level users can issue this command Example usage To add a new RADIUS server DGS 3450 admin config radius add 1 10 48 74 121 key dlink default Command config radius add 1 10 48 74 121 key dlink default Success DGS 3450 admin config radius delete Purpose Used to delete a RADIUS server Syntax config ra...

Page 40: ...uth_port Specifies the UDP port number which is used to transmit RADIUS authentication data between the switch and the RADIUS server The range is 1 to 65535 Default value is 1812 acct_port Specifies the UDP port number which is used to transmit RADIUS accounting statistics between the switch and the RADIUS server The range is 1 to 65535 Default value is 1813 timeout The time in second for waiting ...

Page 41: ...ress 172 18 211 108 Auth Port 1812 Acct Port 1813 Retransmit 2 Key adfdslkfjefiefdkgjdassdwtgjk6y1w Total Entries 3 DGS 3450 admin show auth_statistics Purpose Use to display information of authenticator statistics Syntax show auth_statistics ports portlist all Description The show auth_statistics command displays information of authenticator statistics Parameters portlist Specifies a range of por...

Page 42: ...apLengthErrorFramesRx 0 LastEapolFrameVersion 0 LastEapolFrameSource 00 00 00 00 00 00 DGS 3450 admin show auth_diagnostics Purpose Used to display information of authenticator diagnostics Syntax show auth_diagnostics ports portlist all Description The show auth_diagnostics command displays information of authenticator diagnostics Parameters portlist Specifies a range of ports to be displayed all ...

Page 43: ...hileAuthenticated 0 BackendResponses 0 BackendAccessChallenges 0 BackendOtherRequestsToSupplicant 0 BackendNonNakResponsesFromSupplicant 0 BackendAuthSuccesses 0 BackendAuthFails 0 DGS 3450 admin show auth_session_statistics Purpose Use to display information of authenticator session statistics Syntax show auth_session_statistics ports portlist all Description The show auth_session_statistics comm...

Page 44: ...FramesTx 0 SessionId SessionAuthenticMethod Remote Authentication Server SessionTime 0 SessionTerminateCause SupplicantLogoff SessionUserName DGS 3450 admin show auth_client Purpose Use to display information of RADIUS authentication client Syntax show auth_client Description The show auth_client command displays information of RADIUS authentication client Parameters None Restrictions None Example...

Page 45: ...etransmissions 0 radiusAuthClientAccessAccepts 0 radiusAuthClientAccessRejects 0 radiusAuthClientAccessChallenges 0 radiusAuthClientMalformedAccessResponses 0 radiusAuthClientBadAuthenticators 0 radiusAuthClientPendingRequests 0 radiusAuthClientTimeouts 0 radiusAuthClientUnknownTypes 0 radiusAuthClientPacketsDropped 0 DGS 3450 admin show acct_client Purpose Used to display information of RADIUS ac...

Page 46: ...re the state of the specified RADIUS accounting service Syntax config accounting service network shell system state enable disable Description The config accounting service command is used to enable or disable the specified RADIUS accounting service Parameters network Accounting service for 802 1X port access control By default the service is disabled shell Accounting service for shell events When...

Page 47: ...e status of RADIUS accounting services Syntax show accounting service Description The show accounting service command displays the state for RADIUS accounting service Parameters portlist Specifies a range of ports to be configured Restrictions None Example usage To show information of RADIUS accounting services DGS 3450 admin show accounting service Command show accounting service Accounting Servi...

Page 48: ...in this section In order for the TACACS XTACACS TACACS RADIUS security function to work properly a TACACS XTACACS TACACS RADIUS server must be configured on a device other than the Switch called a server host and it must include usernames and passwords for authentication When the user is prompted by the Switch to enter usernames and passwords for authentication the Switch contacts the TACACS XTACA...

Page 49: ...ogin method_list_name string 15 show authen_login default method_list_name string 15 all create authen_enable method_list_name string 15 config authen_enable default method_list_name string 15 method tacacs xtacacs tacacs radius server_group string 15 local _enable none delete authen_enable method_list_name string 15 show authen_enable default method_list_name string 15 all config authen applicati...

Page 50: ...assword encryption is enabled the passwords will be in encrypted form When password encryption is disabled if the user specifies the password in plain text form the password will be in plan text form However if the user specifies the password in encrypted form or if the password has been converted to encrypted form by the last enable password encryption command the password will always be in the e...

Page 51: ...s A username can be between 1 and 15 characters The password is between 0 and 15 characters and is case sensitive The total number of accounts supported by the Switch including admin and user level accounts is 8 Parameters admin Specify an administrator level account The administrator is the highest privilege level in the Switch operator Specify an operator level account user Specify a user level ...

Page 52: ...text form password the password must be a minimum of 0 characters and a maximum of 15 characters For an encrypted form password the length is fixed to 35 bytes long The password is case sensitive Restrictions Only Administrator can issue this command Example usage To configure the user password of the alpha account DGS 3450 admin config account alpha Command config account alpha Enter an old passw...

Page 53: ...mple usage To delete the user account System DGS 3450 admin delete account System Command delete account System Success DGS 3450 admin enable authen_policy Purpose This command is used to enable the system access authentication policy Syntax enable authen_policy Description Enable system access authentication policy When authentication is enabled the device will adopt the login authentication meth...

Page 54: ...e to Admin level Parameters None Restrictions Only Administrator can issue this command Example usage To disable the system access authentication policy DGS 3450 admin disable authen_policy Command disable authen_policy Success DGS 3450 admin show authen_policy Purpose This command is used to display if the system access authentication policy is enabled or disabled Syntax show authen_policy Descri...

Page 55: ...g in the authentication request will be sent to the first server host in the tacacs built in server group If the first server host in the tacacs group is missing the authentication request will be sent to the second server host in the tacacs group and so on If all server hosts in the tacacs group are missing the authentication request will be sent to the first server host in the tacacs group If al...

Page 56: ...rictions Only Administrator can issue this command Example usage To delete the user defined method list called login_list_1 for users attempting to log in to the Switch DGS 3450 admin delete authen_login method_list_name login_list_1 Command delete authen_login method_list_name login_list_1 Success DGS 3450 admin show authen_login Purpose This command is used to display the method list of authenti...

Page 57: ...st of authentication methods for promoting a user s privilege to Admin level Syntax config authen_enable default method_list_name string 15 method tacacs xtacacs tacacs radius server_group string 15 local _enable none Description Configures a user defined or default method list of authentication methods for promoting a user s privilege to Admin level The sequence of methods will affect the authent...

Page 58: ...ser defined method list of authentication methods for promoting a user s privilege to Admin level Syntax delete authen_enable method_list_name string 15 Description Deletes a user defined method list of authentication methods for promoting a user s privilege to Admin level Parameters string 15 The user defined method list name Restrictions Only Administrator can issue this command Example usage To...

Page 59: ...tal Entries 2 DGS 3450 admin config authen application Purpose This command is used to configure login or enable method lists for all or the specified applications Syntax config authen application console telnet ssh http all login enable default method_list_name string 15 Description Configures login or enable method lists for all or the specified applications Parameters console Application Consol...

Page 60: ...then application Command show authen application Application Login Method List Enable Method List Console default default Telnet login_list_1 default HTTP default default DGS 3450 admin create authen server_group Purpose This command is used to create a user defined authentication server group Syntax create authen server_group string 15 Description Creates a user defined authentication server grou...

Page 61: ... host to a server group delete Remove a server host from a server group server_host Specify the server host s IP address protocol tacacs Specify TACACS for the server host s authentication protocol protocol xtacacs Specify XTACACS for the server host s authentication protocol protocol tacacs Specify TACACS for the server host s authentication protocol protocol radius Specify RADIUS for the server ...

Page 62: ...50 admin create authen server_host Purpose This command is used to create an authentication server host Syntax create authen server_host ipaddr protocol tacacs xtacacs tacacs radius port int 1 65535 key key_string 254 none encryption_key key_string 344 timeout int 1 255 retransmit int 1 20 Description Creates an authentication server host When an authentication server host is created the IP addres...

Page 63: ...to configure an authentication server host Syntax config authen server_host ipaddr protocol tacacs xtacacs tacacs radius port int 1 65535 key key_string 254 none encryption_key key_string 344 timeout int 1 255 retransmit int 1 20 Description Configures an authentication server host Parameters server_host Specify the server host s IP address protocol tacacs Specify that the server host s authentica...

Page 64: ...rver host s authentication protocol is TACACS protocol xtacacs Specify that the server host s authentication protocol is XTACACS protocol tacacs Specify that the server host s authentication protocol is TACACS protocol radius Specify that the server host s authentication protocol is RADIUS Restrictions Only Administrator can issue this command Example usage To delete an authentication server host ...

Page 65: ...nd Example usage To configure the amount of time the Switch will wait for a user to authenticate through a console Telnet or SSH application to 60 seconds DGS 3450 admin config authen parameter response_timeout 60 Command config authen parameter response_timeout 60 Success DGS 3450 admin config authen parameter attempt Purpose This command is used to configure the maximum number of attempts a user...

Page 66: ...Promote the user privilege level to admin level When the user enters this command the authentication method tacacs xtacacs tacacs user defined server groups local_enable or none will be used to authenticate the user Since TACACS XTACACS and RADIUS do not support the enable function by their selves if the user wants to use either one of these three protocols to enable authentication the user must c...

Page 67: ...orithm is based on SHA 1 Parameters None Restrictions Only Administrator can issue this command Example usage To configure the administrator password DGS 3450 admin config admin local_enable Command config admin local_enable Enter the old password Enter the case sensitive new password Enter the new password again for confirmation Success DGS 3450 admin enable authen_policy_encryption Purpose Used ...

Page 68: ...isabled TACACS and RADIUS key will be in the plain text form Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To disable the authentication policy encryption DGS 3450 admin disable authen_policy_encryption Command disable authen_policy_encryption Success DGS 3450 admin ...

Page 69: ...94 source_mac macaddr 000000000000 ffffffffffff destination_mac macaddr 000000000000 ffffffffffff 802 1p value 0 7 ethernet_type hex 0x0 0xffff port portlist all permit priority value 0 7 replace_priority rx_rate no_limit value 1 156249 replace_dscp value 0 63 counter enable disable mirror group_id value 1 4 deny ip vlan vlan_name 32 vlan_id vlanid 1 4094 source_ip ipaddr destination_ip ipaddr dsc...

Page 70: ...id value 0 255 user_define hex 0x0 0xffffffff packet_content offset_0 15 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_16 31 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_32 47 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_48 63 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex...

Page 71: ..._mask Specifies the tcp destination port mask flag_mask Specifies the TCP flag field mask udp Specifies that the rule applies to udp traffic src_port_mask Specifies theudp source port mask dst_port_mask Specifies theudp destination port mask protocod_id_mask Specifies that the rule applies to the ip protocol id traffic user_define_mask Specifies that the rule applies to the ip protocol id and the ...

Page 72: ... 3 Command create access_profile packet_content_mask offset_chunk_1 0 0xFFFFFFFF offset_chunk_2 1 0xFFFFFFFF offset_chunk_3 2 0xFFFFFFFF offset_chunk_4 3 0xFFFFFFFF profile_id 3 Success DGS 3450 admin delete access_profile Purpose Used to delete access list rules Syntax delete access_profile profile_id value 1 6 all Description The delete access_profile command deletes access list rules Delete acc...

Page 73: ...ity rx_rate no_limit value 1 156249 counter enable disable mirror group_id value 1 4 deny time_range range_name 32 delete access_id value 1 128 Description The config access_profile command configures access list entry ACL mirror function will be worked after mirror enabled and mirror port has been configured by mirror command When apply a access rule to a target if the target is VLAN then the set...

Page 74: ...eplace_priority Specifies 802 1p priority of the outgoing packet will be marked too replace_dscp Specifies that DSCP of the outgoing packet will be marked by the new value counter Specifies whether counter feature will be enabled disabled If the rule is binded with flow_meter then counter here will be overrided deny Specifies the packets that match the access profile are filtered by the switch mir...

Page 75: ...ile profile_id value 1 6 Description The show access_profile command displays current access list table Parameters profile_id Specifies the index of access list profile The range is depend on project Restrictions None Example usage To display current access list table DGS 3450 admin show access_profile Command show access_profile Access Profile Table Total Unused Rule Entries 765 Total Used Rule E...

Page 76: ...net CPU access control list rule vlan Specify a VLAN mask source_mac Specify the source MAC mask macmask000000000000 ffffffffffff Specify the source MAC mask destination_mac Specify the destination MAC mask macmask 000000000000 ffffffffffff Specify the destination MAC mask ethernet_type Specify the Ethernet type mask ip Specify an IP CPU access control list rule vlan Specify a VLAN mask source_ip_...

Page 77: ...sk for packet bytes 28 31 offset_32 47 Specify the mask for packet bytes 32 47 hex 0x0 0xffffffff Specify the mask for packet bytes 32 35 hex 0x0 0xffffffff Specify the mask for packet bytes 36 39 hex 0x0 0xffffffff Specify the mask for packet bytes 40 43 hex 0x0 0xffffffff Specify the mask for packet bytes 44 47 offset_48 63 Specify the mask for packet bytes 48 63 hex 0x0 0xffffffff Specify the m...

Page 78: ... 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_48 63 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset_64 79 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff ipv6 class value 0 255 flowlabel hex 0x0 0xfffff source_ipv6 ipv6addr destination_ipv6 ipv6addr port portlist all permit deny time_range range_name 32 delete access_id valu...

Page 79: ...ecify Urgent Pointer field significant ack Optional Specify Acknowledgment field significant psh Optional Specify Push Function rst Optional Specify to reset the connection syn Optional Specify to synchronize sequence numbers fin Optional No more data from sender udp Specify UDP src_port Optional Specify the UDP source port range value 0 65535 Specify the value between 0 and 65535 dst_port Optiona...

Page 80: ...o IPv6 fields class Specify the value of the IPv6 class value 0 255 Specify the value between 0 and 255 flowlabel Specify the value of the IPv6 flow label hex 0x0 0xfffff Specify the value of the IPv6 flow label source_ipv6 Specify the value of the IPv6 source address ipv6addr Specify the value of the IPv6 source address destination_ipv6 Specify the value of the IPv6 destination address ipv6addr S...

Page 81: ...rictions Only Administrator and Operator level users can issue this command Example usage To delete access list rules DGS 3450 admin delete cpu access_profile profile_id 3 Command delete cpu access_profile profile_id 3 Success DGS 3450 admin show cpu access_profile Purpose This command is used to display the current CPU access list table Syntax show cpu access_profile profile_id value 1 5 Descript...

Page 82: ...0 0 0 0 0 0 Access Profile ID 3 Type Packet Content MASK Option Offset 0 15 0x00000000 0x00000000 0x00000000 0x00000000 Offset 16 31 0x00000000 0x00000000 0x00000000 0x00000000 Offset 32 47 0x00000000 0x00000000 0x00000000 0x00000000 Offset 48 63 0x00000000 0x00000000 0x00000000 0x00000000 Offset 64 79 0x00000000 0x00000000 0x00000000 0x00000000 Access ID 1 Mode Permit Ports 1 1 Offset 0 15 0x0000...

Page 83: ...ers None Restrictions Only Administrator and Operator level users can issue this command Example usage To enable CPU interface filtering DGS 3450 admin enable cpu_interface_filtering Command enable cpu_interface_filtering Success DGS 3450 admin disable cpu_interface_filtering Purpose This command is used to disable CPU interface filtering Syntax disable cpu_interface_filtering Description This com...

Page 84: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch CLI Manual 80 DGS 3450 admin disable cpu_interface_filtering Command disable cpu_interface_filtering Success DGS 3450 admin ...

Page 85: ...he configured CBS and EBS A packet flow that does not reach the CBS is marked green if it exceeds the CBS but not the EBS its marked yellow and if it exceeds the EBS its marked red CBS Committed Burst Size Measured in bytes the CBS is associated with the CIR and is used to identify packets that exceed the normal boundaries of packet size The CBS should be configured to accept the biggest IP packet...

Page 86: ...e 0 156249 pbs value 0 16384 sr_tcm cir value 0 156249 cbs value 0 16384 ebs value 0 16384 conform permit replace_dscp value 0 63 counter enable disable exceed permit replace_dscp value 0 63 drop counter enable disable violate permit replace_dscp value 0 63 drop counter enable disable delete show flow_meter profile_id value 1 6 access_id value 1 128 Each command is listed in detail in the followin...

Page 87: ...o be used in conjunction with the PIR The PBS should be configured to accept the biggest IP packet that is expected in the IP flow sr_tcm Choosing this field will allow users to employ the Single Rate Three Color Mode and set the following parameters to determine the color rate of the IP packet flow cir value 0 156249 The Committed Information Rate can be set between 1 156249 The color rates are b...

Page 88: ...at are in the red flow counter enable disable Use this parameter to enable or disable the packet counter for the specified ACL entry in the red flow delete Use this parameter to delete the specified flow meter Restrictions Only Administrator and Operator level users can issue this command Only two counters may be enabled at any given time Example usage To configure a two rates three color flow met...

Page 89: ...file_id 1 access_id 1 Command show flow_meter profile_id 1 access_id 1 Profile ID 1 Access ID 1 Mode trTCM CIR 1000 64kbps CBS 200 Kbyte PIR 2000 64kbps PBS 200 Kbyte Action Conform Permit Counter Disabled Exceed Permit Replace DSCP 21 Counter Disabled Violate Drop Counter Disabled Total Entries 1 DGS 3450 admin ...

Page 90: ... to enter a static ARP entry into the switch s ARP table Parameters ipaddr The IP address of the end node or station macaddr The MAC address corresponding to the IP address above Restrictions Only Administrator and Operator level users can issue this command Example usage To create a static ARP entry for the IP address 10 48 74 121 and MAC address 00 50 BA 00 07 36 DGS 3450 admin create arpentry 1...

Page 91: ... this command Example usage To configure a static ARP entry with IP address 10 48 74 121 to have a MAC address of 00 50 BA 00 07 37 DGS 3450 admin config arpentry 10 48 74 121 00 50 BA 00 07 37 Command config arpentry 10 48 74 121 00 50 BA 00 07 37 Success DGS 3450 admin config arp_aging time Purpose Used to configure the aging out time for an ARP entry Syntax config arp_aging time min 0 65535 Des...

Page 92: ...mic ARP entries from the ARP table Syntax clear arptable Description This command is used to clear all the dynamic entries from ARP table Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To clear the ARP table DGS 3450 admin clear arptable Command clear arptable Success DGS 3450 admin show arpentry Purpose Used to display the ARP table S...

Page 93: ...ow arpentry ARP Aging Time 30 ARP Retry Times 2 Interface IP Address MAC Address Type System 10 0 0 0 FF FF FF FF FF FF Local Broadcast System 10 1 1 1 00 02 03 04 05 06 Static System 10 1 1 2 00 02 03 04 05 06 Dynamic System 10 1 1 3 00 02 03 04 05 06 Static System 10 90 90 90 00 01 02 03 04 00 Local System 10 255 255 255 FF FF FF FF FF FF Local Broadcast Total Entries 6 DGS 3450 admin ...

Page 94: ... but either its sender MAC field or source MAC field doesnot match the gateway MAC of the entry will be dropped by the system Parameters add Specifies to add an ARP spoofing prevention entry gateway_ip Specifies a gateway IP address to be configured ipaddr Enter the IP address used for this configuration here gateway_mac Specifies a gateway MAC address to be configured macaddr Enter the MAC addres...

Page 95: ... Description This command is used to show the ARP spoofing prevention entry Parameters None Restrictions None Example usage To display the ARP spoofing prevention entries DGS 3450 admin show arp_spoofing_prevention Command show arp_spoofing_prevention ARP Spoofing Prevention Table Gateway IP Address Gateway MAC Address Port 10 254 254 251 00 00 00 11 11 11 1 1 1 2 Total Entries 1 DGS 3450 admin ...

Page 96: ...tdown 1 Description The config bpdu_protection ports command is used to configure the BPDP protection function for the ports on the switch In generally there are two states in BPDU protection function One is normal state and another is under attack state The under attack state have three modes drop block and shutdown A BPDU protection enabled port will enter under attack state when it receives one...

Page 97: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch CLI Manual 93 config bpdu_protection ports Restrictions Only Administrator and Operator level users can issue this command ...

Page 98: ...conds used by the Auto Recovery mechanism to recover the port The valid range is 60 to 1000000 Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the bpdu_protection recovery_timer to 120 seconds for the entire switch DGS 3450 admin config bpdu_protection recovery_timer 120 Commands config bpdu_protection recovery_timer 120 Success DGS 3450 a...

Page 99: ...Administrator and Operator level users can issue this command Example usage To enable bpdu_protection function globally for the entire switch DGS 3450 admin enable bpdu_protection Commands enable bpdu_protection Success DGS 3450 admin disable bpdu_protection Purpose Used to disalbe bpdu_protection globally Syntax disable bpdu_protection Description The disable bpdu_protection command is used to di...

Page 100: ...ction Commands show bpdu_protection BPDU Protection Global Settings BPDU Protection status Enabled BPDU Protection Recovery Time 60 seconds BPDU Protection Trap State None BPDU Protection Log State None DGS 3450 admin To show the bpdu_protection status ports 1 12 DGS 3450 admin show bpdu_protection ports 1 12 Commands show bpdu_protection ports 1 12 Port State Mode Status 1 Enabled shutdown Normal...

Page 101: ... in the following sections Purpose Used to display all commands in the Command Line Interface CLI Syntax command Description This command will display all of the commands available through the Command Line Interface CLI Parameters command Entering the question mark with an appropriate command will list all the corresponding parameters for the specified command along with a brief description of the...

Page 102: ...and DGS 3450 admin config stp Command config stp Command config stp Usage maxage value 6 40 maxhops value 1 20 hellotime value 1 10 forwa rddelay value 4 30 txholdcount value 1 10 fbpdu enable disable lbd enable disable lbd_recover_timer value 0 value 60 1000000 Description Used to update the STP Global Configuration config stp instance_id config stp mst_config_id config stp mst_ports config stp p...

Page 103: ... DGS 3450 admin show command_history Purpose Used to display the command history Syntax show command_history Description This command will display the command history Parameters None Restrictions None Example usage To display the command history DGS 3450 admin show command_history Command show command_history show show vlan show command history DGS 3450 admin ...

Page 104: ...following table Command Parameters enable command logging disable command logging show command logging Each command is listed in detail in the following sections enable command logging Purpose Used to enable command logging Syntax enable command logging Description The enable command logging command is used to enable the command logging function NOTE When the switch is under the booting procedure ...

Page 105: ... Success DGS 3450 admin show command logging Purpose This command displays the switch s general command logging configuration status Syntax show command logging Description Use this command to show the command logging configuration status Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To show the command logging configuration status DG...

Page 106: ...any dot1x_impb impb_jwac 1 show authentication guest_vlan show authentication ports portlist enable authorization attributes disable authorization attributes show authorization config authentication server failover local permit block show authentication Each command is listed in detail in the following sections create authentication guest_vlan Purpose Used to assign a static VLAN to be guest VLAN ...

Page 107: ...LAN ID Restrictions Only Administrator and Operator level users can issue this command Example usage To delete an authentication guest VLAN DGS 3450 admin delete authentication guest_vlan vlan guestVLAN Command delete authentication guest_vlan vlan guestVLAN Success DGS 3450 admin config authentication guest_vlan ports Purpose Used to configure security port s as specified guest VLAN member Syntax...

Page 108: ...list from authentication VLAN s If vlanid is not specified or all VLANs is disabled means do not care whitch VLAN the client comes from the client will be authenticated if the client s MAC not care the VLAN is not authenticated After the client is authenticated the client will not be re authenticated when received from other VLANs All VLANs are disabled by default NOTE When port s authorization mo...

Page 109: ...sage This example displays the guest VLAN setting DGS 3450 admin show authentication guest_vlan Command show authentication guest_vlan Guest VLAN VID 1 Guest VLAN Member Ports 4 Guest VLAN VID 3 Guest VLAN Member Ports 1 8 Total Entries 2 DGS 3450 admin show authentication ports Purpose Used to display authentication setting on port s Syntax show authentication ports portlist Description User can ...

Page 110: ... local database will be accepted which depends on the individual module s setting Authorization for attributes is enabled by default Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage This example sets authorization global state enabled DGS 3450 admin enable authorization attributes Command enable authorization attributes Success DGS 3450 ...

Page 111: ...over function Syntax config authentication server failover local permit block Description Description When authentication server fails administrator can configure to Use local DB to authenticate the client o The switch will resort to using local database to authenticate the client If the client fails on local authentication the client is regarded as un authenticated otherwise it authenticated Pass...

Page 112: ...entication global configuration Syntax show authentication Description Used to show authentication global configuration Parameters None Restrictions None Example usage To show authentication DGS 3450 admin show authentication Command show authentication Authentication Server Failover Block DGS 3450 admin show authentication Command show authentication Authentication Server Failover Permit DGS 3450...

Page 113: ... exclude begin filter_string 80 filter_string 80 filter_string 80 include exclude begin filter_string 80 filter_string 80 filter_string 80 information config configuration config_id config_id 1 2 delete boot_up active save config config_id 1 2 Each command is listed in detail in the following sections download cfg_fromTFTP Purpose Used to down load a switch configuration file from TFTP server Synt...

Page 114: ...rver Note that for stacking system only the master s configuration file is allowed to be uploaded The output stream of the configuration data can be filtered by the expression specified at the end of the command The expression can contain up to three multiple filter evaluations A filter evaluation begins with a filter type include exclude and begin followed by up to three filter strings ex stp A f...

Page 115: ...onfiguration to be used in next boot or the configuration file specified by the command Syntax show config current_config current_config include exclude begin filter_string 80 filter_string 80 filter_string 80 include exclude begin filter_string 80 filter_string 80 filter_string 80 include exclude begin filter_string 80 filter_string 80 filter_string 80 config_in_nvram config_id 1 2 include exclud...

Page 116: ...e following example illustrates how the special filters account affect the configuration display DGS 3450 admin show config current_config include account Command show config current_config include account create account admin brent config accounting service network state disable config accounting service shell state disable config accounting service system state disable DGS 3450 admin config conf...

Page 117: ...his command is required to be supported regardless of whether file system is supported or whether multiple configuration files are supported The configuration will only save to the master unit Parameters config_id Specifies the configuration file ID If configuration ID is not specified it refers to the boot up configuration file Restrictions Only Administrator and Operator level users can issue th...

Page 118: ...uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 state enable disable ccm enable disable pdu_priority int 0 7 fault_alarm all mac_status remote_ccm error_ccm xcon_ccm none alarm_time centisecond 250 1000 alarm_reset_time centisecond 250 1000 delete cfm mep mepname string 32 mepid int 1 8191 md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 delete cfm ma strin...

Page 119: ...294967295 mepid int 1 8191 period 1sec 1min level int 0 7 state enable disable config cfm lock md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 mepid int 1 8191 period 1sec 1min level int 0 7 state enable disable Each command is listed in detail in the following sections create cfm md Purpose Used to create a maintenance domain Syntax create cfm md string 22 md_index...

Page 120: ... default value chassis Transmit the sender ID TLV with the chassis ID information manage Transmit the sender ID TLV with the managed address information chassis_manage Transmit the sender ID TLV with the chassis ID information and the managed address information Restrictions Only Administrator and Operator level users can issue this command Example usage To configure a maintenance domain called op...

Page 121: ...ated on any ports in this MA if that port is not configured with an MEP of that MA explicit MIP can be created on any ports in this MA only if the next existing lower level has an MEP configured on that port and that port is not configured with an MEP of this MA defer Inherit the setting configured for the maintenance domain that this MA is associated with This is the default value sender_id This ...

Page 122: ...ng an MEP its MEPID should be configured in the MA s MEPID list Parameters mep string 32 Enter the MEP name It is unique among all MEPs configured on the device This name can be up to 32 characters long mepid int 1 8191 Specify the MEP MEPID It should be configured in the MA s MEPID list first md string 22 Specify the maintenance domain name md_index uint 1 4294967295 Specify the maintenance domai...

Page 123: ...ex state Specify the MEP administrative state enable Enable the MEP disable Disable the MEP This is the default value ccm Specify the CCM transmission state enable Enable the CCM transmission disable Disable the CCM transmission This is the default value pdu_priority The 802 1p priority is set in the CCM and the LTM messages transmitted by the MEP The default value is 7 fault_alarm This controls t...

Page 124: ...in index ma string 22 Specify the maintenance association name ma_index uint 1 4294967295 Specify the maintenance association index Restrictions Only Administrator and Operator level users can issue this command Example usage To delete a CFM MEP DGS 3450 admin delete cfm mep mepname mep1 Command delete cfm mep mepname mep1 Success DGS 3450 admin delete cfm ma Purpose Used to delete a created maint...

Page 125: ...Specify the maintenance domain name md_index uint 1 4294967295 Specify the maintenance domain index index Restrictions Only Administrator and Operator level users can issue this command Example usage To delete a CFM MD DGS 3450 admin delete cfm md op_domain Command delete cfm md op_domain Success DGS 3450 admin enable cfm Purpose Used to enable the CFM globally Syntax enable cfm Description This c...

Page 126: ...ted on the port MEPs can still be created on the port and the configuration can be saved MEPs created on that port can not generate or process CFM PDUs If the user issues a Loopback or Link trace test on those MEPs it will prompt a message that the CFM function is disabled on that port to user Parameters ports portlist Specify the logical port list state enable disable Enable or disable the CFM fu...

Page 127: ...on Parameters md string 22 Specify the maintenance domain name md_index uint 1 4294967295 Specify the maintenance domain index ma string 22 Specify the maintenance association name ma_index uint 1 4294967295 Specify the maintenance association index mep string 32 Enter the MEP name It is unique among all MEPs configured on the device This name can be up to 32 characters long mepid int 1 8191 Speci...

Page 128: ... CFM Port Status Enabled MAC Address 00 22 B0 DE F0 46 MEP State Enabled CCM State Enabled PDU Priority 7 Fault Alarm Disabled Alarm Time 250 centisecond 1 100 s Alarm Reset Time 1000 centisecond 1 100 s Highest Fault None AIS State Disabled AIS Period 1 Second AIS Client Level Invalid AIS Status Not Detected LCK State Disabled LCK Period 1 Second LCK Client Level Invalid LCK Status Not Detected O...

Page 129: ... ma_index uint 1 4294967295 Specify the maintenance association index Restrictions None Example usage To show the CFM faults DGS 3450 admin show cfm fault Command show cfm fault MD Name MA Name MEPID Status AIS Status LCK Status op_domain op1 1 Cross connect CCM Received DGS 3450 admin show cfm port Purpose Used to show the MEPs and MIPs created on a port Syntax show cfm port port level int 0 7 di...

Page 130: ...the peer MEP as the target of management action action start stop Specify the management lock action This action can be set to start or stop Restrictions Only Administrator and Operator level users can issue this command Example usage To start management lock DGS 3450 admin cfm lock md op_domain ma op1 mepid 1 remote_mepid 2 action start Command cfm lock md op_domain ma op1 mepid 1 remote_mepid 2 ...

Page 131: ...eply from MPID 52 bytes xxx time xxxms Request timed out CFM loopback statistics for 00 01 02 03 04 05 Packets Sent 4 Received 1 Lost 3 75 loss DGS 3450 admin cfm linktrace Purpose Used to issue a CFM link track message Syntax cfm linktrace macaddr mepname string 32 mepid int 1 8191 md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 ttl int 2 255 pdu_priority int 0 7 D...

Page 132: ... Specify the Maintenance Domain name md_index uint 1 4294967295 Specify the Maintenance Domain index ma string 22 Specify the Maintenance Association name ma_index uint 1 4294967295 Specify the Maintenance Association index trans_id unit Specify the identifier of the transaction to be displayed Restrictions None Example usage To show the link trace reply when the all MPs reply LTRs function is ena...

Page 133: ...cription This command is used to delete the stored link trace response data that have been initiated by the specified MEP Parameters md string 22 Specify the Maintenance Domain name md_index uint 1 4294967295 Specify the Maintenance Domain index ma string 22 Specify the Maintenance Association name ma_index uint 1 4294967295 Specify the Maintenance Association index mepid int 1 8191 Specify the ME...

Page 134: ... enable Specify that the MP s reply to the LTR function will be set to all disable Disable sending the all MPs replay LTRs function Restrictions Only Administrator and Operator level users can issue this command Example usage To enable the all MPs reply LTRs function DGS 3450 admin config cfm mp_ltr_all enable Command config cfm mp_ltr_all enable Success DGS 3450 admin show cfm mp_ltr_all Purpose ...

Page 135: ...pecify the MEP ID remote_mepid int 1 8191 Specify the remote MEP ID Restrictions None Example usage To show the CFM remote MEP information DGS 3450 admin show cfm remote_mep mepname mep1 remote_mepid 2 Command show cfm remote_mep mepname mep1 remote_mepid 2 Remote MEPID 2 MAC Address 00 11 22 33 44 02 Status OK RDI Yes Port State Blocked Interface Status Down Last CCM Serial Number 1000 Sender Cha...

Page 136: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch CLI Manual 132 show cfm pkt_cnt Restrictions None Example usage To show the CFM packet s RX TX counters ...

Page 137: ...0 0 0 0 0 0 12 0 0 0 0 0 0 0 0 CFM TX Statistics Port AllPkt CCM LBR LBM LTR LTM all 3988 3984 0 0 0 4 1 0 0 0 0 0 0 2 204 204 0 0 0 4 3 578 578 0 0 0 0 4 578 578 0 0 0 0 5 578 578 0 0 0 0 6 578 578 0 0 0 0 7 578 578 0 0 0 0 8 578 578 0 0 0 0 9 578 578 0 0 0 0 10 578 578 0 0 0 0 11 578 578 0 0 0 0 12 578 578 0 0 0 0 DGS 3450 admin show cfm pkt_cnt ccm Command show cfm pkt_cnt ccm CCM RX counters X...

Page 138: ...eters of the AIS function on a MEP Syntax config cfm ais md string 22 md_index uint 1 4294967295 ma string 22 ma_index uint 1 4294967295 mepid int 1 8191 period 1sec 1min level int 0 7 state enable disable Description This command is used to configure the parameters of the AIS function on a MEP Parameters md string 22 Specify the Maintenance Domain name md_index uint 1 4294967295 Specify the Maint...

Page 139: ...94967295 Specify the Maintenance Domain index ma string 22 Specify the Maintenance Association name ma_index uint 1 4294967295 Specify the Maintenance Association index mepid int 1 8191 Specify the MEP ID period Specify the transmitting interval of the LCK PDU The default is 1 second level Specify the client level ID to which the MEP sends LCK PDU The default client MD level is the MD level that t...

Page 140: ...clear counters ports portlist Each command is listed in detail in the following sections show packet ports Purpose Used to show statistics about the packets which were sent and received by the switch Syntax show packet ports portlist Description The show packet ports command shows statistics about the packets which were sent and received by the switch Parameters portlist Specifies a range of ports...

Page 141: ...e Use to show error statistics information for a range of ports Syntax show error ports portlist Description The show error ports command shows error statistics for a range of ports Parameters portlist Specifies a range of ports to be displayed Unit ID port number Restrictions None Example usage To display the errors of the port 3 of unit 1 DGS 3450 admin show error ports 1 3 Command show error po...

Page 142: ... 0 0 2 6 0 0 0 1 12 0 0 0 2 7 0 30 1 1 13 0 0 0 2 8 0 0 0 1 14 0 0 0 2 9 30 0 1 1 15 0 0 0 2 10 0 0 0 1 16 0 0 0 2 11 0 0 0 1 17 0 0 0 2 12 0 0 0 1 18 0 0 0 2 13 0 0 0 1 19 0 0 0 2 14 0 0 0 1 20 0 0 0 2 15 0 0 0 1 21 0 0 0 2 16 0 0 0 clear counter Purpose Used to clear the switch s statistics counters Syntax clear counters ports portlist Description The clear counters command clears the switch s s...

Page 143: ...counter If no parameter is specified system will counter all of the ports Restrictions Only Administrator and Operator level users can issue this command Example usage To clear the switch s statistics counters DGS 3450 admin clear counters Command clear counters Success DGS 3450 admin ...

Page 144: ...le debug show error_reboot state debug show error ports sio1 sio2 debug show packet ports sio1 sio2 Each command is listed in detail in the following sections debug error_log Purpose Use this command to dump clear or upload the software error log to a TFTP server Syntax debug error_log dump clear upload_toTFTP ipaddr path_filename 64 Description Dump clear or upload the debug log to a TFTP server ...

Page 145: ...A5D6C TASK NAME StackTop CurStkSP StackSize SchCnt PRIO I STATUS 8069E7D0 FWD ETH 823E9798 823E95C4 1K 32K 2 160 160 Q IP_PKT 806A3E70 SysLogTask 80BD040C 80BD0298 1K 16K 3 180 180 E SysLogEvent 806A4340 PktStorm 80BF3188 80BF2DAC 2K 16K 807E4 190 190 Q ST_Storm To clear the error log DGS 3450 admin debug error_log clear Command debug error_log clear Success DGS 3450 admin To upload the error log ...

Page 146: ...P server It can be a relative pathname or an absolute pathname Restrictions Only Administrator and Operator level users can issue this command Example usage To show the debug buffer s state DGS 3450 admin debug buffer utilization Command debug buffer utilization Allocate from System memory Total size 2 MB Utilization rate 30 DGS 3450 admin To clear the debug buffer DGS 3450 admin debug buffer clea...

Page 147: ...aved in NVRAM If the error_reboot is enabled the watchdog shall be enabled after all information is stored into NVRAM Syntax debug config error_reboot enable disable Description Set if the switch needs to be rebooted when a fatal error occurs Parameters enable Need reboot switch when fatal error happens if the project do not define the default setting enable for default disable Do not need reboot ...

Page 148: ...n debug show status Command debug show status Debug Global State Enabled SYS Enabled OS Enabled MSTP Enabled ACL Disabled CLI Enabled SNMP Disabled IGMP Enabled DGS 3450 admin debug config state Purpose Use the command to set the state of the debug Syntax debug config state enable disable Description Use the command to set the state of the debug Parameters enable Enable the debug state disable Dis...

Page 149: ...ple usage To show the error reboot status DGS 3450 admin debug show error_reboot state Command debug show error_reboot state Error Reboot Enabled DGS 3450 admin debug show error ports Purpose Used to configure the show error ports debugging command Syntax debug show error ports sio1 sio2 Description This command is used to configure the show error ports debugging command Parameters sio1 Specifies ...

Page 150: ...ts 0 Collision 0 Symbol Error 0 Buffer Full Drop 0 ACL Drop 0 Multicast Drop 0 VLAN Ingress Drop 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh debug show packet ports Purpose Used to configure the show packet ports debugging command Syntax debug show packet ports sio1 sio2 Description This command is used to configure the show packet ports debugging command Parameters sio1 Specif...

Page 151: ... Port number 1 49 Frame Size Type Frame Counts Frames sec 64 0 0 65 127 0 0 128 255 0 0 256 511 0 0 512 1023 0 0 1024 1518 0 0 1519 2047 0 0 2048 4095 0 0 4096 9216 0 0 Unicast RX 0 0 Multicast RX 0 0 Broadcast RX 0 0 Frame Type Total Total sec RX Bytes 0 0 RX Frames 0 0 TX Bytes 0 0 TX Frames 0 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh ...

Page 152: ...specified vlan When DHCP local relay is enabled for the VLAN the DHCP packet will be relayed in broadcast way without change of the source MAC address and gateway address DHCP option 82 will be automatically added Parameters vlan_name The name of the VLAN to be enabled DHCP local relay state Enable or disable DHCP local relay for specified vlan Restrictions Only Administrator and Operator level us...

Page 153: ...rictions Only Administrator and Operator level users can issue this command Example usage To disable the DHCP local relay function DGS 3450 admin disable dhcp_local_relay Command disable dhcp_local_relay Success DGS 3450 admin show dhcp_local_relay Purpose Used to display the current DHCP local relay configuration Syntax show dhcp_local_relay Description The show dhcp_local_relay command displays ...

Page 154: ...ess ipaddr default config dhcp_relay option_61 state enable disable config dhcp_relay option_61 add mac_address macaddr string mutiword 255 relay ipaddr drop config dhcp_relay option_61 default relay ipaddr drop config dhcp_relay option_61 delete mac_address macaddr string mutiword 255 all show dhcp_relay option_61 Each command is listed in detail in the following sections config dhcp_relay Purpos...

Page 155: ...er IP address Restrictions Only Administrator and Operator level users can issue this command Example usage To add a DHCP BOOTP server to the relay table DGS 3450 admin config dhcp_relay add ipif System 10 43 21 12 Command config dhcp_relay add ipif System 10 43 21 12 Success DGS 3450 admin config dhcp_relay delete Purpose Used to delete one or all IP destination addresses from the switch s DHCP r...

Page 156: ...abled For packet come from client side the packet should not have the option 82 s field If the packet has this option field it will be dropped For packets come from the server side the packet should have the option 82 s field If the packet does not have option field and does not have correct option fields the packet will be dropped The default setting is disabled policy Specifies the way to proces...

Page 157: ...command disables the DHCP relay function on the switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To disable the DHCP relay function DGS 3450 admin disable dhcp_relay Command disable dhcp_relay Success DGS 3450 admin show dhcp_relay Purpose Used to display the current DHCP relay configuration Syntax show dhcp_relay ipif ipif_name 1...

Page 158: ...he relay servers will be determined based on either option 61 or per IPIF configured servers If the relay servers are determined based on option 60 or option 61 then per IPIF configured servers will be ignored If the relay servers are not determined either by option 60 or option 61 then per IPIF configured servers will be used to determine the relay servers Parameters state See below enable Enable...

Page 159: ...y drop Description When there are no match servers found for the packet based on option 60 the relay servers will be determined by the default relay server setting When there is no matching found for the packet the relay servers will be determined based on the default relay servers When drop is specified the packet with no matching rules found will be dropped without further process If the setting...

Page 160: ...ified ipaddress default Delete all defaut relay ipaddress if ipaddress is not specified ipaddr Delete the default relay ipaddress that is specified by the user Restrictions Only Administrator and Operator level users can issue this command Example usage To delete the DHCP Relay option 60 entry DGS 3450 admin config dhcp_relay option_60 delete string abc relay 10 90 90 1 Command config dhcp_relay o...

Page 161: ...per IPIF configured servers will be ignored If the relay servers are not determined either by option 60 or option 61 then per IPIF configured servers will be used to determine the relay servers Parameters state See below enable Enable the fuction dhcp_relay use option_61 ruler to relay dhcp packet disable Disable the fuction dhcp_relay use option_61 ruler to relay dhcp packet Restrictions Only Adm...

Page 162: ...y option_61 default Purpose This command is used to configure the default ruler for option 61 Syntax config dhcp_relay option_61 default relay ipaddr drop Description Up to default server IP address can be specified This setting will be used to determine the rule to process those packets that have no option 61 matching rules The default default rule is drop Parameters relay Specify to relay the pa...

Page 163: ...lay option_61 delete mac_address 00 11 22 33 44 55 Success DGS 3450 admin show dhcp_relay option_61 Purpose This command is used to show all rulers for option 61 Syntax show dhcp_relay option_61 Description This command is used to show all rulers for option 61 Parameters None Restrictions None Example usage To show all rulers for option 61 DGS 3450 admin show dhcp_relay option_61 Command show dhcp...

Page 164: ...iltered from a specific port except those that meet the Server IP Address and Client MAC Address binding Command Parameters config filter dhcp_server add permit server_ip ipaddr client_mac macaddr ports portlist all delete permit server_ip ipaddr client_mac macaddr ports portlist all ports portlist all state enable disable illegal_server_log_suppress_duration 1min 5min 30min trap_log enable disabl...

Page 165: ...server add permit server_ip 10 1 1 1 client_mac 00 00 00 00 00 01 ports 1 1 1 3 Command config filter dhcp_server add permit server_ip 10 1 1 1 client_mac 00 00 00 00 00 01 ports 1 1 1 3 Success DGS 3450 admin To configure the filter DHCP server state DGS 3450 admin config filter dhcp_server ports 1 1 1 3 state enable Command config filter dhcp_server ports 1 1 1 3 state enable Success DGS 3450 ad...

Page 166: ...al_server_log_suppress_duration 1min 5min 30min Description The DHCP server filtering function filters any illegal DHCP server packets The DHCP server who sends the illegal packets will be logged This command is used to suppress the logging of DHCP servers who continue to send illegal DHCP packets The same illegal DHCP server IP address that is detected will be logged only once regardless of how m...

Page 167: ...mportant device such as a DNS server or the IP address of the default route to another device on the network Users also have the ability to bind IP addresses within the DHCP pool to specific MAC addresses in order to keep consistent the IP addresses of devices that may be important to the upkeep of the network that require a static IP address The DHCP Server Commands in the Command Line Interface ...

Page 168: ...1 254 show dhcp option_profile profile_name 12 Each command is listed in detail in the following sections create dhcp pool Purpose Used to create a DHCP pool Syntax create dhcp pool pool_name 12 Description This command will create a DCHP pool for the DHCP server Once created this pool may be modified for accepting DHCP clients into this pool Parameters pool_name 12 Enter an name of up to 12 alpha...

Page 169: ...y by the Switch Parameters pool_name 12 Enter the name of the previously created pool that will contain the manual binding entry ipaddr Enter the IP address to be statically bound to a device within the local network that will be specified by entering the Hardware Address in the following field hardware_address macaddr Enter the MAC address of the device to be statically bound to the IP address en...

Page 170: ...0 admin delete dhcp pool manual_binding Floor2 10 10 10 1 Command delete dhcp pool manual_binding Floor2 10 10 10 1 Success DGS 3450 admin show dhcp pool manual_binding Purpose Used to display the manual binding settings for a DHCP pool Syntax show dhcp pool manual_binding pool_name 12 Description This command will display the manual binding entries for the selected DHCP pool Parameters pool_name ...

Page 171: ... DGS 3450 admin show dhcp_binding Command show dhcp_binding Pool Name IP Address Hardware Address Type Status Life Time secs engineering 192 168 0 1 01 22 b7 35 ce 99 Ethernet Manual 864000 Total Entries 1 DGS 3450 admin clear dhcp_binding Purpose Used to clear the DHCP binding information Syntax clear dhcp_binding pool_name 12 Description This command is used to clear the DHCP binding settings fo...

Page 172: ...nd Operator level users can issue this command Example usage To configure the number of ping packets to be used for DHCP DGS 3450 admin config dhcp ping_packets 2 Command config dhcp ping_packets 2 Success DGS 3450 admin config dhcp ping_timeout Purpose Used to set the time the Switch will wait before timing out a ping packet Syntax config dhcp ping_timeout millisecond 500 2000 Description This co...

Page 173: ...ounting boot had Command config dhcp pool boot_file accounting boot had Success DGS 3450 admin config dhcp pool default_router Purpose Used to configure the default router for the DHCP client Syntax config dhcp pool default_router pool_name 12 ipaddr ipaddr ipaddr Description This command is used to configure the default router for DHCP clients requesting DHCP information for the switch Users may ...

Page 174: ...erver address foe a DHCP pool DGS 3450 admin config dhcp pool dns_server_address accounting 10 245 32 1 Command config dhcp pool dns_server_address accounting 10 245 32 1 Success DGS 3450 admin config dhcp pool domain_name Purpose Used to configure the domain name for the DHCP pool of the Switch Syntax config dhcp pool domain_name pool_name 12 domain_name 64 Description This command is used to con...

Page 175: ...configure the lease time for the DHCP pool DGS 3450 admin config dhcp pool lease accounting infinite Command config dhcp pool lease accounting infinite Success DGS 3450 admin config dhcp pool netbios_name_server Purpose Used to configure the IP address es for the Net BIOS name server Syntax config dhcp pool netbios_name_server pool_name 12 ipaddr ipaddr ipaddr Description This command is used to e...

Page 176: ...dmin config dhcp pool netbios_node_type accounting hybrid Command config dhcp pool netbios_node_type accounting hybrid Success DGS 3450 admin config dhcp pool network_addr Purpose Used to configure the network address and corresponding subnet mask for the DHCP pool Syntax config dhcp pool network_addr pool_name 12 network_address Description This command will allow users to enter the IP address po...

Page 177: ... pool name for which to set the next server ipaddr Enter the IP address of the next server which has the boot file Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the IP address of the next server DGS 3450 admin config dhcp pool next_server accounting 10 99 88 77 Command config dhcp pool next_server accounting 10 99 88 77 Success DGS 3450 ...

Page 178: ...s Only Administrator and Operator level users can issue this command Example usage To disable the DHCP server DGS 3450 admin disable dhcp_server Command disable dhcp_server Success DGS 3450 admin show dhcp_server Purpose Used to display the DHCP server settings Syntax show dhcp_server Description This command will display the DHCP server settings for its Global state ping packet count and ping tim...

Page 179: ..._address 10 10 10 1 end_address 10 10 10 10 Command create dhcp excluded_address begin_address 10 10 10 1 end_address 10 10 10 10 Success DGS 3450 admin delete dhcp excluded_address Purpose Used to delete IP addresses that have been configured as excluded from the DHCP Server pool of addresses Syntax delete dhcp excluded_address begin_address ipaddr end_address ipaddr all Description This command ...

Page 180: ... DHCP server function Parameters None Restrictions None Example usage To display the DHCP server settings DGS 3450 admin show dhcp excluded_address Command show dhcp excluded_address Index Begin_Address End_Address 1 10 10 10 1 10 10 10 10 Total Entry 1 DGS 3450 admin show dhcp pool Purpose Used to show the DHCP pool information Syntax show dhcp pool pool_name 12 Description This command is used t...

Page 181: ...CP pool name here This name can be up to 12 characters long add Specify to add the DHCP Option 43 string to a DHCP pool string mutiword 255 Specify the DHCP Option 43 string to be added delete Specify to delete the DHCP Option 43 string Restrictions Only Administrator and Operator level users can issue this command Example usage To add a DHCP Option 43 for a DHCP pool DGS 3450 admin config dhcp po...

Page 182: ...profile pool1 delete profile1 Command config dhcp pool option_profile pool1 delete profile1 Success DGS 3450 admin create dhcp option_profile Purpose Used to create a DHCP option profile Syntax create dhcp option_profile profile_name 12 Description This command is used to create a DHCP option profile with a name that is a symbolic string such as profile1 Create a DHCP option profile in which you c...

Page 183: ...string 254 delete option value 1 254 Description This command is used to configure an option to DHCP server option profile Parameters profile_name 12 Enter the profile name used here This name can be up to 12 characters long add Specifies to add an option to the DHCP server option profile option value 1 254 Specfies the option index string mutiword 255 Specifies the option string hex string 254 Sp...

Page 184: ...le configuration Syntax show dhcp option_profile profile_name 12 Description This command is used to display the current DHCP option profile configuration Parameters profile_name 12 Enter the profile name used here This name can be up to 12 characters long Restrictions None Example usage To display the current DHCP option profile configuration DGS 3450 admin show dhcp option_profile Command show d...

Page 185: ...le the DHCPv6 client debug function Parameters state See below enable Enable the DHCPv6 client debug function disable Disable the DHCPv6 client debug function Restrictions Only Administrator and Operator level users can issue this command Example usage To enabled the DHCPv6 client debug function DGS 3450 admin debug dhcpv6_client state enable Command debug dhcpv6_client state enable Success DGS 34...

Page 186: ...le Description Enable or disable the debug information flag for DHCPv6 client packets including packet receiving and sending Parameters all Set packet receiving and sending debug flags receiving Set packet receiving debug flag sending Set packet sending debug flag enable Enable the designated flags disable Disable the designated flags Restrictions Only Administrator and Operator level users can is...

Page 187: ...lay hop_count Purpose This command is used to configure the DHCPv6 relay hop count of the switch Syntax config dhcpv6_relay hop_count value 1 32 Description This command is used to configure the DHCPv6 relay hop count of the switch Parameters hop_count The hop count is the number of relay agents that have to be relayed in this message The range is 1 to 32 The default value is 4 Restrictions Only A...

Page 188: ... used to configure the DHCPv6 relay state of one or all of the specified interfaces Parameters ipif_name The name of the IP interface The value all indicates all configured IP interfaces state See below enable Choose this parameter to enable the DHCPv6 relay state of the interface disable Choose this parameter to disable the DHCPv6 relay state of the interface Restrictions Only Administrator and O...

Page 189: ...y Status Enabled Server Address Total Entries 1 DGS 3450 admin To show the DHCPv6 relay configuration of the System interface DGS 3450 admin show dhcpv6_relay ipif System Command show dhcpv6_relay ipif System DHCPv6 Relay Global State Disabled DHCPv6 Hops Count Limit 4 IP Interface System DHCPv6 Relay Status Enabled Server Address DGS 3450 admin enable dhcpv6_relay Purpose Used to enable the DHCPv...

Page 190: ...lay Success DGS 3450 admin debug dhcpv6_relay state Purpose This command is used to enable or disable DHCPv6 relay debug functions Syntax debug dhcpv6_relay state enable disable Description This command is used to enable or disable DHCPv6 relay debug functions Parameters state See below enable Enable the DHCPv6 relay debug function disable Disable the DHCPv6 relay debug function Restrictions Only ...

Page 191: ...is used to enable or disable the debug information flag of the DHCPv6 relay packet including packets receiving and sending Parameters all Set packet receiving and sending debug flags receiving Set packet receiving debug flag sending Set packet sending debug flag enable Enable the designated flags disable Disable the designated flags Restrictions Only Administrator and Operator level users can issu...

Page 192: ...e hop_count state disable Disable the hop_count state Restrictions Only Administrator and Operator level users can issue this command Example usage To enable debug information flag about the hop count DGS 3450 admin debug dhcpv6_relay hop_count state enalbe Command debug dhcpv6_relay hop_count state enalbe Success DGS 3450 admin ...

Page 193: ...ame 12 show dhcpv6 binding pool_name 12 clear dhcpv6 binding pool_name 12 enable dhcpv6_server disable dhcpv6_server show dhcpv6_server ipif ipif_name 12 config dhcpv6 pool excluded_address pool_name 12 add begin ipv6addr end ipv6addr delete begin ipv6addr end ipv6addr all show dhcpv6 excluded_address pool_name 12 config dhcpv6_server ipif ipif_name 12 state enable disable debug dhcpv6_server stat...

Page 194: ...itch will be deleted Restrictions Only Administrator and Operator level users can issue this command Example usage To delete the DHCPv6 pool by specifying the pool name pool1 DGS 3450 admin delete dhcpv6 pool pool1 Command delete dhcpv6 pool pool1 Success DGS 3450 admin show dhcpv6 pool Purpose This command is used to display one or all DHCPv6 pools configuration Syntax show dhcpv6 pool pool_name ...

Page 195: ...he prefix of begin_networkaddr and end_networkaddr must be consistence e g the begin_networkaddr is 2000 1 64 and the end_networkaddr is 3000 100 64 2 The begin address must not be large than end address otherwise the switch will print an error message The begin IPv6 address must be lower than or equal to the end IPv6 address e g the begin_networkaddr is 2000 200 64 and the end_networkaddr is 2000...

Page 196: ...S 3450 admin config dhcpv6 pool domain_name pool1 d_link com Command config dhcpv6 pool domain_name pool1 d_link com Success DGS 3450 admin config dhcpv6 pool dns_server Purpose This command is used to configure the DNS server s IPv6 addresses for a specific DHCPv6 pool Syntax config dhcpv6 pool dns_server pool_name 12 ipv6addr ipv6addr Description This command is used to configure the DNS server ...

Page 197: ...f IPv6 address preferred_lifetime sec 60 4294967295 The amount of time in seconds that the IPv6 address based on the specified pool remains in preferred state valid_lifetime sec 60 4294967295 The amount of time in seconds that the IPv6 address based on the specified pool remains in valid state Restrictions Only Administrator and Operator level users can issue this command Example usage To configur...

Page 198: ...ool Restrictions Only Administrator and Operator level users can issue this command Example usage To add a manual binding DHCPv6 entry DGS 3450 admin config dhcpv6 pool manual_binding pool1 add 2000 3 client_duid 00010006124dd5840021918d4d9f Command config dhcpv6 pool manual_binding pool1 add 2000 3 client_duid 00010006124dd5840021918d4d9f success DGS 3450 admin show dhcpv6 manual_binding Purpose ...

Page 199: ...ng information Entering the command without the pool name will display all information regarding DHCPv6 dynamic binding on the switch This command only displays the dynamic binding information not including manual binding information Parameters pool_name 12 Enter the name of the DHCPv6 pool for which to view dynamic binding information Entering this command without the pool name will display all d...

Page 200: ...HCPv6 dynamic binding information on the Switch DGS 3450 admin clear dhcpv6 binding Command clear dhcpv6 binding Success DGS 3450 admin enable dhcpv6_server Purpose This command is used to enable the DHCPv6 server function on the Switch Syntax enable dhcpv6_server Description This command is used to enable the DHCPv6 server global state on the Switch Parameters None Restrictions Only Administrator...

Page 201: ...led Total Entries 2 DGS 3450 admin config dhcpv6 pool excluded_address Purpose This command is used to configure the reserved IPv6 addresses on the DHCPv6 server Syntax config dhcpv6 pool excluded_address pool_name 12 add begin ipv6addr end ipv6addr delete begin ipv6addr end ipv6addr all Description This command will configure the IPv6 addresses range that the DHCPv6 server should not assign to DH...

Page 202: ...ed_address pool1 add begin 2000 3 end 2000 8 Success DGS 3450 admin show dhcpv6 excluded_address Purpose This command is used to display the groups of IPv6 addresses which are excluded from the legal assigned IPv6 address Syntax show dhcpv6 excluded_address pool_name 12 Description This command will display the groups of IPv6 addresses which are excluded from the legal assigned IPv6 address Parame...

Page 203: ...ble Description This command configures the DHCPv6 Server state on the IP interface Parameters ipif ipif_name 12 The name of the IP interface state See below enable Enable the dhcpv6 server state for a specified interface disable Disable the dhcpv6 server state for a specified interface Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the D...

Page 204: ... of the DHCPv6 server packet including packets receiving and sending Parameters all Set packet receiving and sending debug flags receiving Set packet receiving debug flag sending Set packet sending debug flag enable Enable the designated flags disable Disable the designated flags Restrictions Only Administrator and Operator level users can issue this command Example usage To enabled the DHCPv6 ser...

Page 205: ...be between 1 and 128 ipif_name 12 Enter the IP interface name here This can be up to 12 characters long Restrictions Only Administrator and Operator level users can issue this command Example usage To To create a DHCPv6 prefix pool prefixpool1 for interface System DGS 3450 admin config dhcpv6 pool prefix_delegation prefixpool1 1111 48 64 System Command config dhcpv6 pool prefix_delegation prefixpo...

Page 206: ...e following sections config ddm ports Purpose Used to configure the DDM settings of the specified ports Syntax config ddm ports portlist all temperature_threshold high_alarm float low_alarm float high_warning float low_warning float 1 Description The command is used to configure the DDM settings of the specified ports Parameters portlist Enter the range of ports to be configured here all Specify t...

Page 207: ...n float Enter the low threshold warning value here tx_power_threshold Specify the threshold of the optic module s output power high_alarm Specify the high threshold for the alarm When the operating parameter rises above this value the action associated with the alarm is taken mw_or_dbm Enter the high threshold alarm value used here low_alarm Specify the low threshold for the alarm When the operati...

Page 208: ...m ports 9 temperature_threshold high_alarm 84 9555 low_alarm 10 high_warning 70 low_warning 2 2525 Command config ddm ports 9 temperature_threshold high_alarm 84 9555 low_alarm 10 high_warning 70 low_warning 2 2525 According to the DDM precision definition closest value 84 9531 and 2 25 are cho sen Success DGS 3450 admin To configure the port 9 s voltage threshold DGS 3450 admin config ddm ports 9...

Page 209: ...sociate with alarm DGS 3450 admin config ddm ports 11 state enable shutdown alarm Command config ddm ports 11 state enable shutdown alarm Success DGS 3450 admin config ddm log Purpose Enable or disable log action when the SFP exceed its DDM threshold Syntax config ddm log enable disable Description The command configures the DDM log action when encounter an exceeding alarm or warning thresholds ev...

Page 210: ... TX RX power unit globally Parameters power_unit Specify the unit of DDM TX RX power If the unit has been set the display message and configure value of TX RX power use the same unit The default unit is mW Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the unit of DDM TX RX power DGS 3450 admin config ddm power_unit dbm Command config ddm...

Page 211: ...as configured by user it will be shown on this command with a tag indicate that it is a threshold that user configured else it would be the threshold read from the SFP module that is being inserted Parameters portlist Specified a range of ports to be displayed UnitID port number If all parameter is chosen all SFP ports operating parameters will be displayed Restrictions None Example usage To show ...

Page 212: ...Switch CLI Manual 208 show ddm Description The command displays the DDM global setting Parameters None Restrictions None Example usage To display the global DDM setting DGS 3450 admin show ddm Command show ddm DDM Log Enabled DDM Trap Enabled DGS 3450 admin ...

Page 213: ...an one hop away from the CS The SIM group is a group of switches that are managed as a single entity The DGS 3400 Series may take on three different roles 1 Commander Switch CS This is a switch that has been manually configured as the controlling device for a group and takes on the following characteristics a It has an IP Address b It is not a Commander Switch or Member Switch of another Single IP...

Page 214: ...ty to automatically rediscover member switches that have left the SIM group either through a reboot or web malfunction This feature is accomplished through the use of Discover packets and Maintain packets that previously set SIM members will emit after a reboot Once a MS has had its MAC address and password saved to the CS s database if a reboot occurs in the MS the CS will keep this MS informatio...

Page 215: ... members mslist all Each command is listed in detail in the following sections enable sim Purpose Used to enable Single IP Management SIM on the Switch Syntax enable sim Description This command will enable SIM globally on the Switch SIM features and functions will not function properly unless this function is enabled Parameters None Restrictions Only Administrator level users can issue this comma...

Page 216: ...covery packets out over the network Hold time Displays the time in seconds the Switch will hold discovery results before dropping it or utilizing it Parameters candidates candidate_id 1 100 Entering this parameter will display information concerning candidates of the SIM group To view a specific candidate include that candidate s ID number listed from 1 to 100 members member_id 1 32 Entering this ...

Page 217: ...didate ID is not specified DGS 3450 admin show sim candidates Command show sim candidates ID MAC Address Platform Hold Firmware Device Name Capability Time Version 2 00 55 55 00 55 00 DGS 3450 L2 Switch 140 3 00 B10 default master Total Entries 1 DGS 3450 admin To show the member information in summary if the member ID is specified DGS 3450 admin show sim members 1 Command show sim members 1 Membe...

Page 218: ...hbor Neighbor Info Table Port MAC Address Role 23 00 35 26 00 11 99 Commander 23 00 35 26 00 11 91 Member 24 00 35 26 00 11 90 Candidate Total Entries 3 DGS 3450 admin reconfig Purpose Used to connect to a member switch through the commander switch using telnet Syntax reconfig member_id value 1 32 exit Description This command is used to reconnect to a member switch using Telnet Parameters member_...

Page 219: ... switch of a SIM group The member switch should be defined by ID number Restrictions Only Administrator level users can issue this command Example usage To add a member DGS 3450 admin config sim_group add 2 Command config sim_group add 2 Please wait for ACK SIM Config Success Success DGS 3450 admin To delete a member DGS 3450 admin config sim_group delete 1 Command config sim_group delete 1 Please...

Page 220: ...ill hold information sent to it from other switches utilizing the discovery interval protocol The user may set the hold time from 100 to 255 seconds Restrictions Only Administrator level users can issue this command To change the time interval of the discovery protocol DGS 3450 admin config sim dp_interval 40 Command config sim dp_interval 40 Success DGS 3450 admin To change the hold time of the d...

Page 221: ...me Enter the path and the filename of the firmware or switch on the TFTP server members Enter this parameter to specify the members the user prefers to download firmware or switch configuration files to The user may specify a member or members by adding one of the following mslist 1 32 Enter a value or values to specify which members of the SIM group will receive the firmware or switch configurati...

Page 222: ...configuration_to_tftp Specify this parameter if the user wishes to upload a switch configuration to members of a SIM group log_to_tftp Specify this parameter to upload a switch log to members of a SIM group ipaddr Enter the IP address of the TFTP server to upload a configuration or log file to path_filename Enter a user defined path and file name on the TFTP server which is used to upload files to...

Page 223: ...ration_to_tftp 10 55 47 1 D configuration txt members 1 Command upload sim_ms configuration_to_tftp 10 55 47 1 D configuration txt memebers 1 This device is uploading configuration Please wait several minutes Upload Status ID MAC Address Result 1 00 01 02 03 04 00 Success 2 00 07 06 05 04 03 Success DGS 3450 admin ...

Page 224: ...nk is bidirectional Otherwise it starts detecting task to detect the link status Parameters portlist Specify a range of ports state Specifies these ports unidirectional link detection status The default state is disabled mode See below shutdown If any unidirectional link is detected disable the port and log an event normal Only log an event when a unidirectional link is detected discovery_time Spe...

Page 225: ...ect the unidirectional link Parameters portlist Specify a range of ports to display If no port specified all ports will be displayed Restrictions Only Administrator and Operator level users can issue this command Example usage To show ports 1 4 unidirectional link detection information DGS 3450 admin config duld ports 1 2 4 state enable Commands config duld ports 1 2 4 state enable Success DGS 345...

Page 226: ...he IP address is the same to the name server s the name server will be deleted don t check the priority parameter When adding a name server if one primary name server exists in the static name server table then add a new primary name server the existing primary name server will be changed to a normal name server If the added primary name server s IP address is the same to an existed normal name se...

Page 227: ...admin To configure DNS Resolver name server time out to 10 seconds DGS 3450 admin config name_server timeout 10 Command config name_server timeout 10 Success DGS 3450 admin show name_server Purpose Used to display the current DNS Resolver name servers and name server time out on the switch Syntax show name_server Description The show name_server command is used to display the current DNS Resolver ...

Page 228: ...nd then add the created host name entry is added into the static host name table and a log for duplicate is recorded Parameters name 255 The host s host name ipaddr The host s IP address Restrictions Only Administrator and Operator level users can issue this command Example usage To create static host name www example com DGS 3450 admin create host_name www example com 10 10 10 10 Command create h...

Page 229: ...e entries dynamic Display the dynamic host name entries Restrictions None Example usage To display the static and dynamic host name entries DGS 3450 admin show host_name Command show host_name Static Host Name Table Host Name IP Address www example com 10 10 10 10 www exampla com 20 20 20 20 Total Static Entries 2 Dynamic Host Name Table Host Name IP Address TTL www examplc com 30 30 30 30 60 minu...

Page 230: ...se Used to configure the DNS Resolver state of the switch to disabled Syntax disable dns_resolver Description The disable dns_resolver command is used to configure the switch s DNS Resolver state to disabled Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the DNS Resolver state to disabled DGS 3450 admin disable dns_resolve...

Page 231: ..._name 32 ipaddr Description This command is used to configure the DNS relay function on the Switch Parameters primary Indicates that the IP address below is the address of the primary DNS server secondary Indicates that the IP address below is the address of the secondary DNS server nameserver ipaddr The IP address of the DNS nameserver add delete Indicates whether to add or delete the DNS relay f...

Page 232: ... This command is used in combination with the disable dnsr command below to enable and disable DNS Relay on the Switch Parameters cache This parameter will allow the user to enable the cache lookup for the DNS rely on the Switch static This parameter will allow the user to enable the static table lookup for the DNS rely on the Switch Restrictions Only Administrator and Operator level users can iss...

Page 233: ... DNS relay on the Switch static This parameter will allow the user to disable the static table lookup for the DNS relay on the Switch Restrictions Only Administrator and Operator level users can issue this command Example usage To disable status of DNS relay DGS 3450 admin disable dnsr Command disable dnsr Success DGS 3450 admin Example usage To disable cache lookup for DNS relay DGS 3450 admin di...

Page 234: ...s into the DNS relay table If this parameter is omitted the entire DNS relay table will be displayed Restrictions None Example usage To display DNS relay status DGS 3450 admin show dnsr Command show dnsr DNSR Status Disabled Primary Name Server 0 0 0 0 Secondary Name Server 0 0 0 0 DNSR Cache Status Disabled DNSR Static Table Status Disabled DNS Relay Static Table Domain Name IP Address www 123 co...

Page 235: ...fig erps log enable disable show erps raps_vlan vlanid sub_ring config erps trap enable disable config erps raps_vlan vlanid state enable disable config erps raps_vlan vlanid add delete sub_ring raps_vlan vlanid config erps raps_vlan vlanid sub_ring raps_vlan vlanid tc_propagation state enable disable Each command is listed in detail in the following sections enable erps Purpose Used to enable the...

Page 236: ...DGS 3450 admin disable erps Command disable erps Success DGS 3450 admin create erps raps_vlan Purpose Used to create an R APS VLAN on a switch Syntax create erps raps_vlan vlanid Description This command is used to create an R APS VLAN on a switch Only one R APS VLAN should be used to transfer R APS messages NOTE The R APS VLAN must already have been created by the create vlan command Parameters r...

Page 237: ...ing MEL is one field in the R APS PDU NOTE If CFM Connectivity Fault Management and ERPS are used at the same time the R APS PDU is one of a suite of Ethernet OAM PDU The behavior for forwarding of R APS PDU should follow the Ethernet OAM If the MEL of R APS PDU is not higher than the level of the MEP with the same VLAN on the ring ports the R APS PDU cannot be forwarded on the ring Parameters rin...

Page 238: ...3450 admin config erps raps_vlan rpl Purpose Used to configure the RPL port or the RPL owner for a specific R APS VLAN Syntax config erps raps_vlan vlanid rpl_port west east none rpl_owner enable disable Description This command is used to configure the RPL port and the RPL owner RPL port Specifies one of the R APS VLAN ring ports as the RPL port To remove an RPL port from an R APS VLAN use the no...

Page 239: ...his command is used to configure the protocol timers Holdoff timer The Holdoff timer is used to filter out intermittent link faults when link failures occur during the protection switching process When a ring node detects a link failure it will start the holdoff timer and report the link failure event R APS BPDU with SF flag after the link failure is confirmed within period of time specified Guard...

Page 240: ...Purpose Used to configure the ERPS log state Syntax config erps log enable disable Description This command is used to configure the log state of ERPS events Parameters log Enable or disable the log state The default value is disabled Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the ERPS log state DGS 3450 admin config erps log enable C...

Page 241: ...inistrative state is enabled and the device is operated as the active RPL owner Inactive is used to indicate that the RPL owner administrative state is enabled but the device is operated as the inactive RPL owner Parameters raps_vlan vlanid Specifies the R APS VLAN sub_ring Display sub ring configuration information Restrictions None Example usage To display ERPS information ...

Page 242: ...el East Port 10 Forwarding RPL Port None RPL Owner Disabled Protected VLANs 200 220 Ring MEL 2 Holdoff Time 0 milliseconds Guard Time 500 milliseconds WTR Time 5 minutes Current Ring State Idle R APS VLAN 4094 Ring Status Enabled West Port Virtual Channel East Port 12 Forwarding RPL Port None RPL Owner Disabled Protected VLANs 250 300 Ring MEL 2 Holdoff Time 0 milliseconds Guard Time 500 milliseco...

Page 243: ...d ring ports RPL port RPL owner are configured Note that these parameters cannot be changed when the ring is activated In order to guarantee correct operation the following integrity will be checked when the ring is enabled and the global ERPS state is enabled 1 R APS VLAN is created 2 The Ring port is the tagged member port of the R APS VLAN 3 The RPL port is specified if RPL owner is enabled The...

Page 244: ...urpose Used to configure the state of topology change propagation for the sub ring Syntax config erps raps_vlan vlanid sub_ring raps_vlan vlanid tc_propagation state enable disable Description This command is used to configure the state of topology change propagation for the sub ring This command is applied on the interconnection node Parameters raps_vlan vlanid Specifies the R APS VLAN state See ...

Page 245: ...ticast_fdb vlan vlan_name 32 vlanid vidlist mac_address macaddr show fdb port port vlan vlan_name 32 vlanid vidlist mac_address macaddr static aging_time show multicast filtering_mode vlan vlan_name 32 Each command is listed in detail in the following sections create fdb Purpose Used to create a static entry in the unicast MAC address forwarding table database Syntax create fdb vlan_name 32 macadd...

Page 246: ...ure the switch s multicast MAC address forwarding database Syntax config multicast_fdb vlan_name 32 macaddr add delete portlist Description The config multicast_fdb command is used to configure the multicast MAC address forwarding table Parameters vlan_name The name of the VLAN on which the MAC address resides The maximum name length is 32 macaddr The MAC address that will be added or deleted to t...

Page 247: ...tering mode for VLANs This switch support vlan filtering mode Parameters vlan_name Specifies the name of the VLAN forward_all_groups All multicast groups forwarded based on VLAN forward_unregistered_groups The registered group forwarded based on register table The un register group forwarded based on VLAN filter_unregistered_groups The registered group forwarded based on register table The un regi...

Page 248: ...onding to the MAC destination address The switch will always forward traffic to the specified device through this port Restrictions Only Administrator and Operator level users can issue this command Example usage To clear all FDB dynamic entries DGS 3450 admin clear fdb all Command clear fdb all Success DGS 3450 admin show multicast_fdb Purpose Used to display the contents of the switch s multicas...

Page 249: ...base Syntax show fdb port port vlan vlan_name 32 vlanid vidlist mac_address macaddr static aging_time Description The show fdb command displays the current unicast MAC address forwarding database Parameters port Displays the entries for one port vlan_name Displays the entries for a specific VLAN vlanid Display the entries for the VLANs indicated by VID list static Displays all permanent entries ag...

Page 250: ...ng 1 default 00 00 00 00 10 15 1 7 JWAC_Authed 1 default 00 00 00 00 10 16 1 7 JWAC_Blocked 1 default 00 00 00 00 10 19 BlackHole 1 default 00 00 00 00 10 21 1 11 Del_on_Reset 1 default 00 00 00 00 10 22 1 12 Del_on_Timeout 1 default 00 00 00 00 10 23 1 13 Secured_Permanent 1 default 00 00 00 00 10 24 1 14 Del_on_Reset Total Entries 15 DGS 3450 admin show multicast filtering_mode Purpose Used to s...

Page 251: ...icast filtering_mode Command show multicast filtering_mode VLAN Name Multicast Filter Mode default forward_unregistered_groups n61 forward_unregistered_groups n101 forward_unregistered_groups n103 forward_unregistered_groups n172 forward_unregistered_groups sue forward_unregistered_groups DGS 3450 admin ...

Page 252: ...ontrol packets that are trapped to CPU Syntax show cpu port l2 l3 unicast multicast type lacp stp gvrp erps cfm 802 1x lldp udld stacking ctp rip ripng reserved_ipv4_ipmc reserved_ipv6_ipmc unknow_ipv4_ipmc unknow_ipv6_ipmc arp icmp ndp icmpv6 sntp dns tftp rcp telnet dhcp dhcpv6 Description This command is use to show statistics for L2 L3 control packets that are trapped to CPU Parameters l2 Disp...

Page 253: ...Pv6 0 0 0 SNTP 0 0 0 DNS 0 0 0 TFTP 0 0 0 RCP 0 0 0 TELNET 0 0 0 DGS 3450 admin To display statistics of all L3 multicast routing control packets DGS 3450 admin show cpu port l3 multicast Command show cpu port l3 multicast Type PPS Total Drop Reserved IPv4 IPMC 0 0 0 Reserved IPv6 IPMC 0 0 0 Unknown IPv4 IPMC 0 0 0 Unknown IPv6 IPMC 0 0 0 DGS 3450 admin To display statistics of ICMP packets DGS 34...

Page 254: ...ecovery mode Syntax enable password_recovery Description The command is used to enable the state of the password recovery mode The configuration does not take effect until being saved Parameters None Restrictions Only Administrator level users can issue this command Example usage To enable the password recovery mode DGS 3450 admin enable password_recovery Command enable password_recovery Success D...

Page 255: ...ecovery mode Note Only the NV RAM configuration will take effect when the Switch restarts the running configuration does not take effect until being saved That means the password recovery is determined by the state stored in the NV RAM and takes effect when the Switch starts up the next time The Running Configuration is the current configured state of the password recovery the configuration is del...

Page 256: ...is used to enable disable sending of gratuitous ARP request packet while IPIF interface become up This is used to automatically announce the interface s IP address to other nodes By default the state is disabled After enable this state one gratuitous ARP packet will be broadcast Parameters enable Enable sending of gratuitous ARP when IPIF status become up disable Disable sending of gratuitous ARP ...

Page 257: ... system will only learn the ARP reply packet or a normal ARP request packet that asks for the MAC address that corresponds to the system s IP address The command is used to enable disable learning of ARP entry in ARP cache based on the received gratuitous ARP packet The gratuitous ARP packet is sent by a source IP address that is identical to the IP that the packet is queries for Note that with th...

Page 258: ... switch can trap and log the IP conflict event to inform the administrator By default trap is disabled and event log is enabled Parameters ipif ipif_name 12 Interface name of L3 interface trap Specify to enable traps for gratuitous ARP log Specify to enable the log for gratuitous ARP Restrictions Only Administrator and Operator level users can issue this command Example usage To enable system inte...

Page 259: ...command is used to display gratuitous ARP configuration Parameters ipif ipif_name 12 Interface name of L3 interface Restrictions None Example usage To display gratuitous ARP configuration DGS 3450 admin show gratuitous_arp Command show gratuitous_arp Send on IPIF status up Enabled Send on Duplicate_IP_Detected Disabled Gratuitous ARP Learning Enabled IP Interface Name System Gratuitous ARP Trap Di...

Page 260: ...complication be avoided but now the administrator has over 4000 VLANs in which over 4000 VLANs can be placed therefore greatly expanding the VLAN network Implementation of this feature adds a VLAN frame to an existing VLAN frame for the ISP VLAN recognition and classification To ensure devices notice this added VLAN frame an Ethernet encapsulation here known as a tpid is also added to the frame Th...

Page 261: ...me add access uplink delete portlist tpid hex 0x0 0xffff delete double_vlan vlan_name show double_vlan vlan_name enable pvid auto_assign disable pvid auto_assign show pvid auto_assign config private_vlan vlan_name 32 vid vlanid 1 4094 add isolated community remove vlan_name 32 vlanid vidlist Each command is listed in detail in the following sections create vlan Purpose Used to create a VLAN on the...

Page 262: ...mmand create vlan v1 tag 2 Success DGS 3450 admin delete vlan Purpose Used to delete a previously configured VLAN on the Switch Syntax delete vlan vlan_name 32 Description This command will delete a previously configured VLAN on the Switch Parameters vlan_name 32 The VLAN name of the VLAN to delete Restrictions Only Administrator and Operator level users can issue this command Example usage To rem...

Page 263: ...ed ports to the VLAN v1 DGS 3450 admin config vlan v1 add tagged 1 4 1 8 Command config vlan v1 add tagged 1 4 1 8 Success DGS 3450 admin config gvrp Purpose Used to configure GVRP on the Switch Syntax config gvrp portlist all state enable disable ingress_checking enable disable acceptable_frame tagged_only admit_all pvid vlanid 1 4094 Description This command is used to configure the GARP VLAN Re...

Page 264: ...to enable GVRP on the Switch Syntax enable gvrp Description This command along with disable gvrp below is used to enable and disable GVRP globally on the Switch without changing the GVRP configuration on the Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To enable the generic VLAN Registration Protocol GVRP DGS 3450 admin enable...

Page 265: ...he VLAN for which to display a summary of settings vlanid vidlist Users may alternately choose the VLAN to be displayed by entering the VLAN ID ports portlist Users may also view VLANs by designated port Restrictions None Example usage To display the Switch s current VLAN settings DGS 3450 admin show vlan Command show vlan VID 1 VLAN Name default VLAN Type Static Advertisement Enabled Member Ports...

Page 266: ...abled Enabled All Frames 1 8 1 Disabled Enabled All Frames 1 9 1 Disabled Enabled All Frames 1 10 1 Disabled Enabled All Frames 1 11 1 Disabled Enabled All Frames 1 12 1 Disabled Enabled All Frames 1 13 1 Disabled Enabled All Frames 1 14 1 Disabled Enabled All Frames 1 15 1 Disabled Enabled All Frames 1 16 1 Disabled Enabled All Frames 1 17 1 Disabled Enabled All Frames 1 18 1 Disabled Enabled All...

Page 267: ...perator level users can issue this command Example usage To disable the Double VLAN feature on the Switch DGS 3450 admin disable double_vlan Command disable double_vlan Current Double VLAN mode Enabled Disable Double VLAN need to reset system config Are you sure y n y Success DGS 3450 admin create double_vlan Purpose Used to create a Double VLAN on the Switch Syntax create double_vlan vlan_name 32...

Page 268: ...ed as uplink ports access Add this parameter to configure these ports as access ports Access ports are for connecting Switch VLANs to customer VLANs portlist Enter a list of ports to be added to this VLAN The beginning and end of the port list range are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 delete Specify this parameter to delete ports configured i...

Page 269: ..._vlan RG Global Double VLAN Enabled SPVID 2 VLAN Name RG TPID 0x9100 Uplink Ports Access Ports 1 4 1 8 Unknow Ports Total Entries 1 DGS 3450 admin enable pvid auto_assign Purpose Used to enable auto assignment of PVID Syntax enable pvid auto_assign Description If Auto assign PVID is enabled PVID will be possibly changed by PVID or VLAN configuration When a user configures a port to VLAN X s untagg...

Page 270: ... default setting is enabled Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To disable the auto assign PVID DGS 3450 admin disable pvid auto_assign Command disable pvid auto_assign Success DGS 3450 admin show pvid auto_assign Purpose Used to display the PVID auto assign status Syntax show pvid auto_assign Description The show pvid auto_...

Page 271: ...secondary VLAN and the trunk port of the primary VLAN will behave as the tagged member of the secondary VLAN A secondary VLAN cannot be specified with advertisement Only the primary VLAN can be configured as a layer 3 interface The private VLAN member port cannot be configured with the traffic segmentation function Parameters vlan_name 32 Specify the name of the private VLAN The maximum length is ...

Page 272: ...nd Operator level users can issue this command Example usage To display private VLAN settings DGS 3450 admin show private_vlan Command show private_vlan Private VLAN 100 Promiscuous Ports 1 Trunk Ports 2 Isolated Ports 3 5 Isolated VLAN 20 Community Ports 6 8 Community VLAN 30 Community Ports 9 10 Community VLAN 40 DGS 3450 admin ...

Page 273: ... 0 7 Each command is listed in detail in the following sections enable qinq Purpose Used to enable QinQ Syntax enable qinq Description When QinQ is enabled all network port roles will be NNI port and outer TPID will be set to 0x88A8 All existed static VLAN will run as S VLAN All dynamic learned L2 address will be cleared All dynamic registered VLAN entries will be cleared and GVRP will be disabled...

Page 274: ...obal QinQ status Syntax show qinq Description Use this command to display the global QinQ status Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To show qinq DGS 3450 admin show qinq Command show qinq QinQ Status Enabled DGS 3450 admin config qinq ports Purpose Used to configure QinQ ports parameters Syntax config qinq ports portlist al...

Page 275: ...urpose Used to show qinq configuration of ports Syntax show qinq ports portlist Description The command used to show qinq configuration of ports include Role of port Outer TPID of port Miss drop state of port Use inner priority of a port Parameters portlist Specifies a range of ports to be displayed Unit ID port number If no parameter specified system will display all ports information Restriction...

Page 276: ...nslation ports 1 4 Success DGS 3450 admin show vlan_translation Purpose Used to show existed C VLAN based VLAN translation rules Syntax show vlan_translation ports portlist Description Used to show existed C VLAN based VLAN translation rules Parameters ports The C VLAN based VLAN translation rule of the ports Restrictions Only Administrator and Operator level users can issue this command Example u...

Page 277: ...SP VLAN cvid Specify the C VLAN ID to match svid Specify the S VLAN ID Restrictions Only Administrator and Operator level users can issue this command Example usage To replace C Tag which CVID is 20 by S Tag S VID is 200 at UNI Port 1 DGS 3450 admin create vlan_translation ports 1 cvid 20 replace svid 200 Command create vlan_translation ports 1 cvid 20 replace svid 200 Success DGS 3450 admin To Ad...

Page 278: ...t allows a Layer 2 switch to listen in on the IGMP conversation between hosts and routers by processing the Layer 2 or Layer 3 IGMP packets sent in a multicast network The Multicast Listener Discovery MLD is protocol used by an IPv6 router to discover the presence of multicast listeners that is nodes wishing to receive multicast packets on its directly attached links and to discover specifically w...

Page 279: ...g mld_snooping vlan vlan_name 32 all node_timeout sec 1 16711450 router_timeout sec 1 16711450 done_timer sec 1 16711450 state enable disable fast_done enable disable config mld_snooping querier vlan vlan_name 32 all query_interval sec 1 65535 max_response_time sec 1 25 robustness_variable value 1 255 last_listener_query_interval sec 1 25 state enable disable version value 1 2 1 config mld_snoopin...

Page 280: ...eave message report_suppression When IGMP report suppression is enabled the default the switch sends the first IGMP report from all hosts for a group to all the multicast routers The switch does not send the remaining IGMP reports for the group to the multicast routers If the multicast router query includes requests only for IGMPv1 and IGMPv2 reports the switch forwards only the first IGMPv1 or IG...

Page 281: ...mount of time between group specific query messages including those sent in response to leave group messages You might lower this interval to reduce the amount of time it takes a router to detect the loss of the last member of a group On receiving a leave message the router will assume there are no local members on the interface if there are no reports received after the response time which is las...

Page 282: ...x config router_ports_forbidden vlan_name 32 add delete portlist Description This command allows you to designate a range of ports as being not connected to multicast enabled routers This ensures that the forbidden router port will not propagate routing packets out Parameters vlan Specify the name of the VLAN on which the router port resides add delete Specify to add or delete the router ports por...

Page 283: ...le igmp_snooping Command enable igmp_snooping Success DGS 3450 admin disable igmp_snooping Purpose Used to disable IGMP snooping on the switch Syntax disable igmp_snooping forward_mcrouter_only Description This command disables IGMP snooping on the switch Disabling the IGMP snooping allows all IGMP and IP multicast traffic to flood within a given IP interface Note that disabling IGMP snooping will...

Page 284: ... The static member port will only affect V2 IGMP operation The Reserved IP multicast address 224 0 0 X must be excluded from the configured group The VLAN must be created first before a static group can be created Parameters vlan_name Specify the name of the VLAN on which the router port resides ipaddr Specify the multicast group IP address for Layer 3 switch Restrictions Only Administrator and Op...

Page 285: ...ber port will only affect V2 IGMP operation Parameters vlan Specify the name of the VLAN on which the static group resides vlanid Specify the ID of the VLAN on which the static group resides ipaddr Specify the multicast group IP address for Layer 3 switch add delete Specify to add or delete the member ports portlist Specify a range of ports to be configured Restrictions Only Administrator and Oper...

Page 286: ...arameters vlan Specify the name of the VLAN for which you want to view IGMP snooping group information data_driven Specify to display the dynamic data learning groups Restrictions Only Administrator and Operator level users can issue this command Example usage To show IGMP snooping groups when IGMP v3 is supported The first item means that for ports 1 2 the data from the 10 0 0 2 225 0 0 2 will be...

Page 287: ... NULL 225 0 0 5 VLAN Name VID default 1 Port Member Router Ports 24 Mode EXCLUDE Total Entries 1 DGS 3450 admin show router_ports Purpose Used to display the currently configured router ports on the switch Syntax show router_ports vlan vlan_name 32 static dynamic forbidden Description This command displays the currently configured router ports on the switch Parameters vlan Specify the name of the ...

Page 288: ...Specify the router time out value here done_timer Specify the done timer here state Enable or disable MLD snooping for the chosen VLAN fast_done Enable or disable MLD snooping fast_leave function If enable the membership is immediately removed when the system receive the MLD leave message If the multicast router query includes requests only for MLDv1 reports the switch forwards only the first MLDv...

Page 289: ...rier present interval Amount of time that must pass before a multicast router decides that there is no longer another multicast router that is the querier This interval is calculated as follows robustness variable query interval 0 5 query response interval Last listener query count Number of group specific queries sent before the router assumes there are no local listeners of a group The default n...

Page 290: ...forbidden vlan_name 32 add delete portlist Description This command allows you to designate a range of ports as being not connected to multicast enabled routers This ensures that the forbidden router port will not propagate routing packets out Parameters add delete Specify to add or delete the router ports portlist Specify a range of ports to be configured UnitID port number Restrictions Only Admi...

Page 291: ...ss DGS 3450 admin disable mld_snooping Purpose Used to disable MLD snooping on the switch Syntax disable mld_snooping forward_mcrouter_only Description This command disables MLD snooping on the switch Disabling MLD snooping allows all MLD and IP multicast traffic to flood within a given IP interface Note that disabling MLD snooping will also disable the forward multicast router only function The d...

Page 292: ... current MLD snooping configurations Restrictions None Example usage To show MLD snooping DGS 3450 admin show mld_snooping Command show mld_snooping MLD Snooping Global State Disabled Multicast router Only Disabled Data Driven Learning Max Entries 56 VLAN Name default Query Interval 125 Max Response Time 10 Robustness Value 2 Last Listener Query Interval 1 Node Timeout 260 Router Timeout 260 Done ...

Page 293: ...nformation Restrictions None Example usage To show an MLD snooping group when MLD v2 is supported The first item means that for ports 1 2 the data from the 2001 1 FF1E 1 will be forwarded The second item means that for port 3 the data from the 2002 2 FF1E 1 must not be forwarded The third item means that for ports 4 5 the data from FF1E 2 will be forwarded MLD v1 group doesn t care about the sourc...

Page 294: ...e VID default 1 Reports 1 Member Ports 4 5 Router Ports 24 UP Time 40 Expiry Time 205 Filter Mode EXCLUDE Source Group NULL FF1E 5 VLAN Name VID default 1 Reports 0 Member Ports Router Ports 24 UP Time 100 Expiry Time 200 Filter Mode EXCLUDE Total Entries 4 DGS 3450 admin show mld_snooping group data_driven Command show mld_snooping group data_driven Source Group NULL FF1E 5 VLAN Name VID default ...

Page 295: ...fig igmp_snooping data_driven_learning Purpose This command is used to enable or disable the data driven learning of an IGMP snooping group Syntax config igmp_snooping data_driven_learning vlan_name vlan_name vlanid vlanid_list all state enable disable aged_out enable disable expiry_time sec 1 65535 1 Description This command is used to enable or disable the data driven learning of an IGMP snoopin...

Page 296: ...lifetime in seconds This parameter is valid only when aged_out is enabled sec 1 65535 Enter the expiry time here This value must be between 1 and 65535 seconds Restrictions Only Administrator and Operator level users can issue this command Example usage To enable the data driven learning of an IGMP snooping group on the default VLAN Prompt config igmp_snooping data_driven_learning vlan default sta...

Page 297: ...ode for all ports is ignored That is the multicast packets will be forwarded to router ports If the data driven learning table is full the multicast packets will be forwarded according to the multicast filtering mode Note that if a data driven group is created and MLD member ports are learned later the entry will become an ordinary MLD snooping entry That is the aging out mechanism will follow the...

Page 298: ...ximum learned entry value here This value must be between 1 and 511 Restrictions Only Administrator and Operator level users can issue this command Example usage To set the maximum number of groups that can be learned by data driven Prompt config mld_snooping data_driven_learning max_learned_entry 50 Command config mld_snooping data_driven_learning max_learned_entry 50 Success Prompt config igmp_s...

Page 299: ...p_mode Purpose Used to show IGMP snooping forward lookup mode Syntax show igmp_snooping forward_lookup_mode Description The command is used to show IGMP snooping forward lookup mode on the switch Parameters None Restrictions None Example usage To show IGMP snooping forward lookup mode DGS 3450 admin show igmp_snooping forward_lookup_mode Command show igmp_snooping forward_lookup_mode IGMP snooping...

Page 300: ... a layer 3 interface Syntax create ipif ipif_name 12 network_address vlan_name 32 secondary state enable disable proxy_arp enable disable local enable disable Description This command creates a L3 interface This interface can be configured with IPv4 or IPv6 address Currently it has a restriction An interface can have only one IPv4 address defined But it can have multiple IPv6 addresses defined Thu...

Page 301: ...dress later the mode will be changed to manual configured mode For IPv6 multiple addresses can defined on the same L3 interface For IPv4 multi netting must be done by creation of a secondary interface Note that IPv6 address is not allowed to be configured on a secondary interface Only the system interface is allowed to set to DHCP mode Parameters ipif_name The name of the interface network_address...

Page 302: ...ip_directed_broadcast See below enable Enabled the IP directed broadcast state of the interface disable Disabled the IP directed broadcast state of the interface Restrictions Only Administrator and Operator level users can issue this command Example usage To set the IP Directed Broadcast state of System interface to enable DGS 3450 admin config ipif System ip_directed_broadcast enable Command conf...

Page 303: ...ame DGS 3450 admin enable ipif Purpose Used to enable the admin state for an interface Syntax enable ipif ipif_name 12 all Description This command is used to enable the state for an IPIF When the state is enabled the IPv4 processing will be started when the IPv4 address is configured on the IPIF The IPv6 processing will be started when the IPv6 address is explicitly configured on the IPIF Paramet...

Page 304: ...gured and the IPv6 processing will be started When there is no IPv6 address explicitly configured by default link local address is not configured and the IPv6 processing will be disabled By enable this automatic configuration the link local address will be automatically configured and IPv6 processing will be started Parameters ipif_name Specifies the name of the IPv6 interface used all Specifies t...

Page 305: ...ocal address for an interface DGS 3450 admin disable ipif_ipv6_link_local_auto System Command disable ipif_ipv6_link_local_auto System Success DGS 3450 admin show ipif Purpose Used to display the interface s information Syntax show ipif ipif_name 12 Description This command is used to show an interface s information Configuration for both IPv4 and IPv6 addresses will be displayed Parameters ipif_n...

Page 306: ...PD State Disabled DHCP Option12 State Disabled DHCP Option12 Host Name Total Entries 2 DGS 3450 admin show ipif_ipv6_link_local_auto Purpose Used to display the link local address automatic configuration state Syntax show ipif_ipv6_link_local_auto ipif_name 12 Description This command is used to display the link local address automatic configuration state Parameters ipif_name Specifies the name of...

Page 307: ...if Parameters ipif_name 12 Enter the IP interface name here ipv6address Specifies the IPv6 interface address prefix_name string 1 12 Specifies the IPv6 interface prefix name ipv6networkaddr Enter the IPv6 interface prefix address here all Specifies that all interfaces will be used Restrictions Only Administrator and Operator level users can issue this command Example usage To delete an interface D...

Page 308: ...binding ip_mac ipaddress ipaddr ipv6address ipv6addr mac_address macaddr ports portlist all delete address_binding ip_mac ipaddress ipaddr ipv6address ipv6addr mac_address macaddr all blocked all vlan_name vlan_name mac_address macaddr config address_binding ip_mac ipaddress ipaddr ipv6address ipv6addr mac_address macaddr ports portlist all show address_binding ip_mac all ipaddress ipaddr ipv6addr...

Page 309: ...RP and IP broadcast packets are sent to the CPU for IMPB checking Packets are forwarded unless the check finds a specified source MAC address that is blocked Packets with MAC addresses that match IMPB entries are set to dynamic state while MAC addresses with no match are set to block All other packets are bypassed allow_zeroip Specify whether to allow an ARP packet with a source IP address of 0 0 ...

Page 310: ...esses that match IMPB entries are set to dynamic state while MAC addresses with no match are set to block All other packets are dropped loose Used to implement a more loose or less strict mode of control In loose mode ARP and IP broadcast packets are sent to the CPU for IMPB checking Packets are forwarded unless the check finds a specified source MAC address that is blocked Packets with MAC addres...

Page 311: ...level users can issue this command Example usage To create an IMPB entry DGS 3450 admin create address_binding ip_mac ipaddress 10 1 1 1 mac_address 00 00 00 00 00 11 Command create address_binding ip_mac ipaddress 10 1 1 1 mac_address 00 00 00 00 00 11 Success DGS 3450 admin create address_binding ip_mac Purpose Used to create an IMPB entry Syntax create address_binding ip_mac ipaddress ipaddr ip...

Page 312: ... macaddr Description Use this command to delete an IMPB entry or a blocked entry If the ACL mode is enabled the switch will delete the related ACL access entries automatically Parameters ip_mac Specify the user created IMPB database blocked Specify the address database that the system has automatically learned and blocked ipaddr Specify the learned IP address of the entry in the database ipv6addr ...

Page 313: ... macaddr Specify the MAC address of the entry being updated ports Specify which ports are used for the IMPB entry being updated If not specified then it is applied to all ports Restrictions Only Administrator and Operator level users can issue this command Example usage To configure an IMPB entry DGS 3450 admin config address_binding ip_mac ipaddress 10 1 1 1 mac_address 00 00 00 00 00 11 Command ...

Page 314: ...w address_binding Purpose Used to display the IMPB entries blocked MAC entries and port status Syntax show address_binding ip_mac all ipaddress ipaddr ipv6address ipv6addr mac_address macaddr blocked all vlan_name vlan_name mac_address macaddr ports portlist Description This command is used to show the IMPB information Parameters ip_mac Specify the user created IMPB database blocked Specify the ad...

Page 315: ...is disabled If a user enables DHCP sSnooping mode all ports which have IMPB disabled will become server ports The switch will learn the IP addresses through server ports by using DHCP Offer and DHCP ACK packets Note that the DHCP discover packet cannot be passed thru the user ports if the allow_zeroip function is disabled on the port The auto learned IMPB entry will be mapped to a specific source ...

Page 316: ...450 admin enable address_binding dhcp_snoop Command enable address_binding dhcp_snoop Success DGS 3450 admin To enable DHCP IPv6 snooping mode DGS 3450 admin enable address_binding dhcp_snoop ipv6 Command enable address_binding dhcp_snoop ipv6 Success DGS 3450 admin disable address_binding dhcp_snoop Purpose Used to disable DHCP snooping mode Syntax disable address_binding dhcp_snoop ipv6 all Desc...

Page 317: ...es on ports 1 3 DGS 3450 admin clear address_binding dhcp_snoop binding_entry ports 1 3 Command clear address_binding dhcp_snoop binding_entry ports 1 3 Success DGS 3450 admin To clear DHCP IPv6 snooping entries on ports 1 3 DGS 3450 admin clear address_binding dhcp_snoop binding_entry ports 1 3 ipv6 Command clear address_binding dhcp_snoop binding_entry ports 1 3 ipv6 Success DGS 3450 admin show ...

Page 318: ... number no_limit Specifies that the maximum number of learned entries is unlimited Restrictions Only Administrator and Operator level users can issue this command Example usage To set the maximum number of DHCP IPv4 snooping entries that ports 1 3 can learned to 10 DGS 3450 admin config address_binding dhcp_snoop max_entry ports 1 3 limit 10 Command config address_binding dhcp_snoop max_entry port...

Page 319: ...50 admin disable address_binding trap_log Command disable address_binding trap_log Success DGS 3450 admin config address_binding recover_learning ports Purpose Used to recover IMPB checking Syntax config address_binding recover_learning ports portlist all Description Use this command to recover the IMPB check function which was previously stopped Parameters ports See below portlist Specify the lis...

Page 320: ...ddress_binding nd_snoop Purpose Use to disable ND snooping on the switch Syntax disable address_binding nd_snoop Description This command allows the user to disable ND Snooping on switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To disable the DHCPv6 snooping function on the switch DGS 3450 admin disable address_binding nd_snoop C...

Page 321: ...ntry Purpose Used to show binding entries of ND snooping on the switch Syntax show address_binding nd_snoop binding_entry port port Description This command allows the user to display binding entries of ND Snooping on the switch Parameters port Specify port number If no parameter is specified it will show all ND snooping binding entries Restrictions None Example usage To display the ND snooping bi...

Page 322: ...dule receives an ARP IP packet or a DHCP packet Syntax debug address_binding event dhcp all Description Use this command to start the IMPB debug when the IMPB module receives an ARP IP packet or a DHCP packet Parameters event To print out the debug messages when IMPB module receives ARP IP packets dhcp To print out the debug messages when the IMPB module receives the DHCP packets all Print out all...

Page 323: ...abit Ethernet Managed Switch CLI Manual 319 Example usage To stop IMPB debug starting when the IMPB module receives an ARP IP or DHCP packet DGS 3450 admin no debug address_binding Command no debug address_binding Success DGS 3450 admin ...

Page 324: ...t ports portlist delete ipmc_vlan_replication_entry name 16 show ipmc_vlan_replication show ipmc_vlan_replication_entry name 16 hardware Each command is listed in detail in the following sections enable ipmc_vlan_replication Purpose Used to enable static IP multicast VLAN replication on the switch Syntax enable ipmc_vlan_replication Description This command is used to enable static IP multicast VL...

Page 325: ...ameters ttl Species whether to decrease the time to live of packet By default the TTL will be decreased src_mac Specifies whether to replace a source MAC address of a packet By default the source MAC address will be replaced Restrictions Only Administrator and Operator level users can issue this command Example usage To configure an IP multicast VLAN replication s TTL DGS 3450 admin config ipmc_vl...

Page 326: ... If the entries V G S and V G both exist in the table the entries V G S will not take effect Parameters name The name of the IP multicast VLAN replication entry to be configured vlan The source VLAN name vlanid The source VLAN ID group Specifies the multicast IP address list mcast_ip The multicast IP address list source_ip The source IP address Restrictions Only Administrator and Operator level us...

Page 327: ...AN replication entry Syntax delete ipmc_vlan_replication_entry name 16 Description This command deletes an IP multicast VLAN replication entry Parameters name The name of the IP multicast VLAN replication entry to be deleted Restrictions Only Administrator and Operator level users can issue this command Example usage To delete an IP multicast VLAN replication entry named mr1 DGS 3450 admin delete ...

Page 328: ...ctive status indicates whether the entry is inserted into chip successfully Parameters name The name of the IP multicast VLAN replication entry to be deleted hardware Show the S G groups which are in the chipset Restrictions None Example usage This example displays the IP multicast VLAN replication entry named mr1 DGS 3450 admin show ipmc_vlan_replication_entry mr1 Command show ipmc_vlan_replicati...

Page 329: ...lication_entry hardware Name ipmc_vlan_replication_entry name Src v The source VLAN Dest v The destination VLAN Name Src V Group SIP Dest V Portlist mr1 1 255 1 1 1 2 1 1 1 11 1 13 mr1 1 255 1 1 1 3 1 12 1 15 mr1 1 255 1 1 1 10 0 0 1 2 1 1 1 11 1 13 mr1 1 255 1 1 1 10 0 0 1 3 1 12 1 15 mr2 3 255 1 1 2 2 1 5 1 6 mr2 3 255 1 1 2 10 0 0 1 2 1 5 1 6 DGS 3450 admin ...

Page 330: ...tworkaddr preferred_life_time sec 0 4294967295 valid_life_time sec 0 4294967295 on_link_flag enable disable autonomous_flag enable disable 1 show ipv6 nd ipif ipif_name 12 Each command is listed in detail in the following sections create ipv6 neighbor_cache Purpose Adds a static neighbor on an IPv6 interface Syntax create ipv6 neighbor_cache ipif ipif_name 12 ipv6addr macaddr Description Adds a st...

Page 331: ...he IP interface System DGS 3450 admin delete ipv6 neighbor_cache ipif System 3ffc 1 Command delete ipv6 neighbor_cache ipif System 3FFC 1 Success DGS 3450 admin show ipv6 neighbor_cache Purpose Shows the IPv6 neighbor cache Syntax show ipv6 neighbor_cache ipif ipif_name 12 all ipv6address ipv6addr static dynamic all Description Displays the neighbor cache entry for the specified interface You can ...

Page 332: ...rans_time Neighbor solicitation s retransmit timer in milliseconds It has the same value as the RA retrans_time in the config IPv6 ND RA command If the retrans_time parameter is configured in one of the commands the retrans_time value in the other command will also change so that the values in both commands are the same If the value user configured is less than 1000ms Neighbor solicitation s retra...

Page 333: ...tion other_config_flag When set to enable it indicates that hosts receiving this RA must use a stateful address configuration protocol to obtain on address configuration information min_rtr_adv_interval The minimum time allowed between sending unsolicited multicast Router Advertisements from the interface in seconds MUST be no less than 3 seconds and no greater than 75 MaxRtrAdvInterval Default 0 ...

Page 334: ...xample usage To configure the value of the preferred_life_time of prefix option to be 1000 seconds for the prefix 3ffe 501 ffff 100 64 which is the prefix of the ip1 interface DGS 3450 admin config ipv6 nd ra prefix_option ipif ip1 3ffe 501 ffff 100 64 preferred_life_time 1000 Command config ipv6 nd ra prefix_option ipif ip1 3ffe 501 ffff 100 64 preferred_life_time 1000 Success DGS 3450 admin show...

Page 335: ...imit 64 NS Retransmit Time 0 ms Router Advertisement Disabled RA Max Router AdvInterval 600 s RA Min Router AdvInterval 198 s RA Router Life Time 1800 s RA Reachable Time 1200000 ms RA Retransmit Time 0 ms RA Managed Flag Disabled RA Other Config Flag Disabled Prefix Preferred Valid OnLink Autonomous 2000 64 604800 2592000 Enabled Enabled 2002 64 604800 2592000 Enabled Enabled ...

Page 336: ...OTE If an IPv6 global address is added on interface this local route will be wrote into IPv6 routing table automatically If both the destination network address and next hop of the new route entry are the same with existed entry the created command for the new entry will return failure If only the destination network address is the same with the existed entry and both primary and backup route entr...

Page 337: ...twork of the route ipif_name The interface name of the next hop with the maximum of 12 characters ipv6addr The next hop address of the default route tunnel_name The tunnel name of the next hop When this option is specified it is indicated that this route to be deleted is an IP tunnel route all All static IPv6 routes will be deleted Restrictions Only Administrator and Operator level users can issue...

Page 338: ...op 3000 4 IPIF Intface_1 IPv6 Prefix 3005 64 Protocol RIPng Metric 1 Next Hop 3000 5 IPIF Intface_1 IPv6 Prefix 4000 64 Protocol Local Metric 1 Next Hop IPIF Intface_2 IPv6 Prefix 4005 64 Protocol RIPng Metric 1 Next Hop 4000 5 IPIF Intface_2 Total Entries 6 DGS 3450 admin enable ipv6_route_longprefix Purpose Used to enable to record syslog for the function supporting IPv6 route with prefix more t...

Page 339: ...ictions Only Administrator and Operator level users can issue this command Example usage To disable the syslog recording function DGS 3450 admin disable ipv6_route_longprefix log Command disable ipv6_route_longprefix log Success DGS 3450 admin show ipv6_route_longprefix status Purpose Used to display the settings about IPv6 route with prefix more than 64 bits Syntax show ipv6_route_longprefix stat...

Page 340: ...ls Automatic 6to4 Tunnels and ISATAP Tunnels The IPv6 Tunnel commands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table Command Parameters create ip_tunnel tunnel_name 12 delete ip_tunnel tunnel_name 12 config ip_tunnel manual tunnel_name 12 ipv6address ipv6networkaddr source ipaddr destination ipaddr 1 config ip_tunnel 6to4 tunnel_name 12 ip...

Page 341: ...he tunnel s information will still exist in the database However whether the tunnel s former information is invalid or not will depend on the current mode IPv6 Manual tunnels are simple point to point tunnels that can be used within a site or between sites Parameters tunnel_name 12 IPv6 Tunnel interface name maximum of 12 characters ipv6address ipv6networkaddr The IPv6 address assigned to this IPv...

Page 342: ...obal Internet or a corporate backbone The key requirement is that each site has a globally unique IPv4 address which is used to construct a 48 bit globally unique 6to4 IPv6 prefix It starts with the prefix 2002 16 Parameters tunnel_name 12 IPv6 Tunnel interface name maximum of 12 characters ipv6address ipv6networkaddr The IPv6 address assigned to this IPv6 tunnel interface IPv6 processing would be...

Page 343: ...configured The last 32 bits of the IPv6 ISATAP address correspond to an IPv4 address assigned to the tunnel source source ipaddr The source IPv4 address of this IPv6 tunnel interface It is used as the source address for packets in this IPv6 tunnel The tunnel destination IPv4 address is extracted from the last 32 bits of the remote tunnel endpoint s IPv6 ISATAP address Restrictions Only Administrat...

Page 344: ...mum of 12 characters If no tunnel is specified all tunnels on the Switch will be enabled Restrictions Only Administrator and Operator level users can issue this command Example usage To enable an IPv6 tunnel interface Tunnel name is tn2 DGS 3450 admin enable ipif tunnel tn2 Command enable ipif tunnel tn2 Success DGS 3450 admin disable ip_tunnel Purpose Used to disable an IPv6 tunnel interface or a...

Page 345: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch CLI Manual 341 DGS 3450 admin disable ip_tunnel tn2 Command disable ip_tunnel tn2 Success DGS 3450 admin ...

Page 346: ...ernet Managed Switch CLI Manual 342 44 JAPANESE WEB BASED ACCESS CONTROL JWAC COMMANDS The Japanese Web based Access Control JWAC commands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table ...

Page 347: ... tcp_port_number 1 65535 http https config jwac ports portlist all state enable disable max_authenticating_host value 0 50 aging_time infinite min 1 1440 idle_time infinite min 1 1440 block_time sec 0 300 auth_mode host _based port_based 1 config jwac radius_protocol local pap chap ms_chap ms_chapv2 eap_md5 create jwac user username 15 vlan vlanid 1 4094 config jwac user username 15 vlan vlanid 1 ...

Page 348: ...he second stage the authentication is similar to WAC except that there is no port VLAN membership change by JWAC after a host passes authentication The RADIUS server will share the server configuration defined by 802 1X command set Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To enable JWAC function DGS 3450 admin enable jwac Command...

Page 349: ...trator and Operator level users can issue this command Example usage To enable JWAC redirect function DGS 3450 admin enable jwac redirect Command enable jwac redirect Success DGS 3450 admin disable jwac redirect Purpose Used to disable JWAC redirect function Syntax disable jwac redirect Description When redirect is disabled all web accesses are denied except for accesses to quarantine server or JW...

Page 350: ... authenticated host to the JWAC Switch with TTL 1 will be ignored and the host is still in an authenticated state Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To disable JWAC forcibly logout function DGS 3450 admin disable jwac forcible_logout Command disable jwac forcible_logout Success DGS 3450 admin enable jwac udp_filtering Purpo...

Page 351: ...onitor Purpose Used to enable JWAC Quarantien Server monitor function Syntax enable jwac quarantine_server_monitor Description When JWAC Quarantine Server monitor feature is enabled the JWAC Switch will monitor the Quarantine Server to ensure the server is OK If the Switch detects no Quarantine Server it will redirect all unauthenticated HTTP accesses to JWAC Login Page forcibly if the redirect is...

Page 352: ...king improperly Parameters sec 5 300 To specify the error timeout interval Restrictions Only Administrator and Operator level users can issue this command Example usage To set Quarantine Server error timeout DGS 3450 admin config jwac quarantine_server_error_timeout 60 Command config jwac quarantine_server_error_timeout 60 Success DGS 3450 admin config jwac redirect Purpose Used to configure redir...

Page 353: ...tion request from host DGS 3450 admin config jwac virtual_ip 1 1 1 1 url www kyoto ac jp Command config jwac virtual_ip 1 1 1 1 url www kyoto ac jp Success DGS 3450 admin config jwac quarantine_server_url Purpose Used to configure JWAC Quarantine Server URL Syntax config jwac quarantine_server_url string 128 Description This command allows you to configure URL of Quarantine Server If the redirecti...

Page 354: ...config jwac update server command allows you to add or delete server network address to which the traffic from unauthenticated client host will not be blocked by the JWAC Switch Any servers update microsoft com or some sites of the Anti Virus software companies which the ActiveX needs to access to accomplish the authentication before the client passes the authentication should be added with its IP...

Page 355: ...the HTTPS cannot run at TCP port 80 Parameters tcp_port_number 1 65535 A TCP port which the JWAC Switch listens to and uses to finish the authenticating process http To specify the JWAC runs HTTP protocol on this TCP port https To specify the JWAC runs HTTPS protocol on this TCP port Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the HTTP...

Page 356: ...figure state and other parameters of the ports DGS 3450 admin config jwac ports 1 9 state enable Command config jwac ports 1 9 state enable Success DGS 3450 admin config jwac radius_protocol Purpose Used to configure RADIUS protocol used by JWAC Syntax config jwac radius_protocol local pap chap ms_chap ms_chapv2 eap_md5 Description The config jwac radius_protocol command allows you to specify the ...

Page 357: ...ccount to pass authentication Restrictions Only Administrator and Operator level users can issue this command Example usage To create a local user DGS 3450 admin create jwac user 112233 Command create jwac user 112233 Enter a case sensitive new password Enter the new password again for confirmation Success DGS 3450 admin config jwac user Purpose Used to update local user DB Syntax config jwac user...

Page 358: ...ify the user name to be deleted all_user All user accounts in local DB will be deleted Restrictions Only Administrator and Operator level users can issue this command Example usage To delete a local user DGS 3450 admin delete jwac user juser_tom Command delete jwac user juser_tom Success DGS 3450 admin show jwac user Purpose Used to show JWAC user into local DB Syntax show jwac user Description Th...

Page 359: ...orized configuration Syntax config jwac authorization attributes radius enable disable local enable disable 1 Description Used to enable or disable acceptation of authorized configuration When the authorization is enabled for JWAC s RADIUS the authorized data assigned by the RADUIS server will be accepted if the global authorization network is enabled When the authorization is enabled for JWAC s l...

Page 360: ...led Redirect State Enabled Redirect Delay Time 3 Seconds Redirect Destination Quarantine Server Quarantine Server http 172 18 212 147 pcinventory Q Server Monitor Enabled Running Q Server Error Timeout 5 Seconds RADIUS Auth Protocol PAP RADIUS Authorization Enabled Local Authorization Enabled DGS 3450 admin show jwac update_server Purpose Used to display the configuration of JWAC update server Syn...

Page 361: ... does not exist or target VLAN has not been specified at all the ID of RX VLAN will be displayed RX VLAN ID is 4004 in this example MAC 00 00 00 00 00 02 is authenticated with target VLAN assigned the ID of target VLAN will be displayed target VLAN ID is 1234 in this example MAC 00 00 00 00 00 03 failed to pass authentication the VID field will be shown as indicating that packets with SA 00 00 00 ...

Page 362: ...ription The show jwac port command allows you to display port configuration of JWAC Parameters all To show all ports configuration of JWAC portlist To specify a port range to show the configuration of JWAC If no port is specified the configuration for all ports will be displayed Restrictions None Example usage To display port configuration DGS 3450 admin show jwac ports 1 4 Command show jwac ports...

Page 363: ...age notification_line This parameter is used to set the notification information by line in authentication web pages Restrictions Only Administrator and Operator level users can issue this command Example usage To customize the authenticate page DGS 3450 admin config jwac page_element japanese page_title ディーリンクジャパン株式会社 Command config jwac page_element japanese page_title ディーリンクジャパン株式会社 Success DGS...

Page 364: ...ユーザ ID Password Title パスワード Logout Window Title 社内 LAN 認証ログアウト Notification Copyright 2010 ディーリンクジャパン株式会社 サイト http www dlink jp com DGS 3450 admin config jwac authenticate_page Purpose Used to choose authenticate page language Syntax config jwac authenticate_page japanese english Description This let administrator decide which authenticated page need to be used Parameters japanese Choose the Japan...

Page 365: ...s listed in detail in the following sections enable jumbo_frame Purpose Used to enable the jumbo frame function on the Switch Syntax enable jumbo_frame Description This command will allow ethernet frames larger than 1536 bytes to be processed by the Switch The maximum size of the jumbo frame may not exceed 9216 bytes tagged Parameters None Restrictions Only Administrator and Operator level users c...

Page 366: ... jumbo frame state to be applied to a range of ports specified enable Enable the jumbo frame state disable Disable the jumbo frame state Restrictions Only Administrator and Operator level users can issue this command Example usage To enable jumbo frames on ports 1 1 1 5 DGS 3450 admin config jumbo_frame ports 1 1 1 5 state enable Command config jumbo_frame ports 1 1 1 5 state enable The maximum si...

Page 367: ...e Jumbo Frame Global State Enable Maximum Jumbo Frame Size 9216 Bytes Port Jumbo Frame State 1 1 Enable 1 2 Enable 1 3 Enable 1 4 Enable 1 5 Enable 1 6 Enable 1 7 Enable 1 8 Enable 1 9 Enable 1 10 Enable 1 11 Enable 1 12 Enable 1 13 Enable 1 14 Enable 1 15 Enable 1 16 Enable CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All ...

Page 368: ...to multicast_ipaddr access permit deny state enable disable Description The config limited multicast address command allows the user to configure the multicast address range access level and state Parameters portlist A port or range of ports to config the limited multicast address The beginning and end of the port list range are separated by a dash Non contiguous portlist entries are separated by ...

Page 369: ...e beginning and end of the port list range are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 Restrictions Only Administrator and Operator level users can issue this command This command is used as a backwards compatible command for legacy devices Example usage To delete the limited multicast address on ports 1 to 3 DGS 3450 admin delete limited multicast a...

Page 370: ...ch CLI Manual 366 To show the limited multicast address on ports 1 to 2 DGS 3450 admin show limited multicast address 1 2 Command show limited multicast address 1 2 Port From To Access Status 1 1 0 0 0 0 0 0 0 0 disable 1 2 0 0 0 0 0 0 0 0 disable DGS 3450 admin ...

Page 371: ...portlist Each command is listed in detail in the following sections create link_aggregation Purpose Used to create a link aggregation group on the Switch Syntax create link_aggregation group_id value 1 32 type lacp static Description This command will create a link aggregation group with a unique identifier Parameters value Specifies the group ID The Switch allows up to 32 link aggregation groups ...

Page 372: ... group Syntax config link_aggregation group_id value 1 32 master_port port ports portlist state enable disable Description This command allows users to configure a link aggregation group that was created with the create link_aggregation command above Parameters group _id value 32 Specifies the group ID The Switch allows up to 32 link aggregation groups to be configured The group number identifies ...

Page 373: ...dest Indicates that the Switch should examine the source and destination MAC addresses ip_source Indicates that the Switch should examine the source IP address ip_destination Indicates that the Switch should examine the destination IP address ip_source_dest Indicates that the Switch should examine the source and the destination IP address Restrictions Only Administrator and Operator level users ca...

Page 374: ...etermine if LACP ports will process LACP control frames active Active LACP ports are capable of processing and sending LACP control frames This allows LACP compliant devices to negotiate the aggregated link so the group may be changed dynamically as needs require In order to utilize the ability to change an aggregated port group that is to add or subtract ports from the group at least one of the p...

Page 375: ... beginning and end of the port list range are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 If no parameter is specified the system will display the current LACP status for all ports Restrictions None Example usage To display LACP port mode settings DGS 3450 admin show lacp_port 1 10 Command show lacp_port 1 10 Port Activity 1 1 Active 1 2 Active 1 3 Activ...

Page 376: ...delay sec 1 8192 config lldp reinit_delay sec 1 10 config lldp notification_interval sec 5 3400 config lldp ports portlist all notification enable disable config lldp ports portlist all admin_status tx_only rx_only tx_and_rx disable config lldp ports portlist all mgt_addr ipv4 ipaddr ipv6 ipv6addr enable disable config lldp ports portlist all basic_tlvs all port_description system_name system_desc...

Page 377: ...orts For the receiving of LLDP packets the switch will learn the information from the LLDP packets advertised from the neighbor in the Neighbor s table The default state for LLDP is disabled Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To enable LLDP DGS 3450 admin enable lldp Command enable lldp Success DGS 3450 admin disable lldp P...

Page 378: ...p message_tx_interval 30 Success DGS 3450 admin config lldp message_tx_hold_multiplier Purpose Used to configure the message hold multiplier Syntax config lldp message_tx_hold_multiplier int 2 10 Description This parameter is a multiplier on the msgTxInterval that is used to compute the TTL value of txTTL in an LLDPDU TheTTL will be carried in the LLDPDU packet The lifetime will be the minimum of ...

Page 379: ...n or equal to 0 25 msgTxInterval Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the delay interval DGS 3450 admin config lldp tx_delay 7 Command config lldp tx_delay 7 Success DGS 3450 admin config lldp reinit_delay Purpose Change the minimum time of the reinitialization delay interval Syntax config lldp reinit_delay sec 1 10 Description ...

Page 380: ...o configured SNMP trap receiver s Syntax config lldp ports portlist all notification enable disable Description Enable or disable each port for sending changes notification to configured SNMP trap receiver s if an LLDP data change is detected in an advertisement received on the port from an LLDP neighbor The definition of change includes new available information information timeout information up...

Page 381: ... Administrator and Operator level users can issue this command Example usage To configure ports 1 to 5 to transmit and receive DGS 3450 admin config lldp ports 1 1 1 5 admin_status tx_and_rx Command config lldp ports 1 1 1 5 admin_status tx_and_rx Success DGS 3450 admin config lldp ports mgt_addr Purpose Used to enable or disable port s specified for advertising indicated management address instan...

Page 382: ...re port_description system_name system_description and system_capability Parameters portlist Use this parameter to define ports to be configured all Use this parameter to set all ports in the system port_description This TLV optional data type indicates that LLDP agent should transmit Port Description TLV on the port The default state is disabled system_name This TLV optional data type includes in...

Page 383: ...Success DGS 3450 admin config lldp dot1_tlv_protocol_vid Purpose Used to configure an individual port or group of ports to exclude one or more of IEEE 802 1 organization port and protocol VLAN ID TLV data types from outbound LLDP advertisements Syntax config lldp ports portlist all dot1_tlv_protocol_vid vlan all vlan_name 32 vlanid vidlist enable disable Description This TLV optional data type ind...

Page 384: ...n protocol identity TLV data types from outbound LLDP advertisements Syntax config lldp ports portlist all dot1_tlv_ protocol_identity all eapol lacp gvrp stp enable disable Description This TLV optional data type indicates whether the corresponding Local System s Protocol Identity instance will be transmitted on the port The Protocol Identity TLV provides a way for stations to advertise protocols...

Page 385: ...enabled the auto negotiated advertised capability and the operational MAU type The default state is disabled link_aggregation This TLV optional data type indicates that LLDP agent should transmit Link Aggregation TLV This type indicates the current link aggregation status of IEEE 802 3 MACs More precisely the information should include whether the port is capable of doing link aggregation whether ...

Page 386: ...age enable Command config lldp forward_message enable Success DGS 3450 admin show lldp Purpose This command displays the switch s general LLDP configuration status Syntax show lldp Description This command displays the switch s general LLDP configuration status Parameters None Restrictions None Example usage To display the LLDP system level configuration status DGS 3450 admin show lldp Command sho...

Page 387: ...ss information DGS 3450 admin show lldp mgt_addr ipv4 10 90 90 90 Command show lldp mgt_addr ipv4 10 90 90 90 Address 1 Subtype IPv4 Address 10 90 90 90 IF Type IfIndex OID 1 3 6 1 4 1 171 10 70 6 Advertising Ports DGS 3450 admin show lldp ports Purpose Display the LLDP per port configuration for advertisement options Syntax show lldp ports portlist Description This command displays the LLDP per p...

Page 388: ...nk Aggregation Disabled Maximum Frame Size Disabled DGS 3450 admin show lldp local_ports Purpose Used to display the per port information currently available for populating outbound LLDP advertisements Syntax show lldp local_ports portlist mode brief normal detailed Description This command displays the per port information currently available for populating outbound LLDP advertisements Parameters...

Page 389: ...cription This command display the information learned from the neighbor parameters Due to a memory limitation only 32 VLAN Name entries and 10 Management Address entries can be received Parameters portlist Use this parameter to define ports to be configured mode Choose from three options brief Display the information in brief mode normal Display the information in normal mode This is the default d...

Page 390: ...dmin show lldp statistics ports Purpose Used to display the ports LLDP statistics information Syntax show lldp statistics ports portlist Description The per port LLDP statistics command displays per port LLDP statistics Parameters portlist Use this parameter to define ports to be configured When portlist is not specified information for all ports will be displayed Restrictions None Example usage T...

Page 391: ...ing sections config lldp_med fast_start repeat_count Purpose Used to to configure the fast start repeat count Syntax config lldp_med fast_start repeat_count value 1 10 Description When an LLDP MED Capabilities TLV is detected for an MSAP identifier not associated with an existing LLDP remote system MIB the application layer shall start the fast start mechanism and set the medFastStart timer to med...

Page 392: ...le each port for sending topology change notification to configured SNMP trap receiver s if an endpoint device is removed or moved to another port Parameters portlist Specify a range of ports to be configured all Specify to set all ports in the system state Enable or disable the SNMP trap notification of topology change detected state Restrictions Only Administrator and Operator level users can is...

Page 393: ...tting of LLDP MED TLVs disable Disable the transmitting of LLDP MED TLVs Restrictions Only Administrator and Operator level users can issue this command Example usage To enable transmitting all capabilities on all ports DGS 3450 admin config lldp_med ports all med_transmit_capabilities all state enable Command config lldp_med ports all med_transmit_capabilities all state enable Success DGS 3450 ad...

Page 394: ...S 3450 admin show lldp_med local_ports 1 1 Command show lldp_med local_ports 1 1 Port ID 1 1 LLDP MED Capabilities Support Capabilities Support Network Policy Support Location Identification Not Support Extended Power Via MDI PSE Not Support Extended Power Via MDI PD Not Support Inventory Support Network Policy None Extended Power Via MDI None DGS 3450 admin show lldp_med ports Purpose Used to dis...

Page 395: ...s Parameters portlist Specify a range of ports to be displayed Restrictions None Example usage To display remote entry information DGS 3450 admin show lldp_med remote_ports 1 1 Command show lldp_med remote_ports 1 1 Port ID 1 1 Remote Entities Count 1 Entity 1 Chassis ID Subtype MAC Address Chassis ID 00 01 02 03 04 00 Port ID Subtype Net Address Port ID 172 18 10 11 LLDP MED capabilities LLDP MED...

Page 396: ...ged True Location Identification Location Subtype CoordinateBased Location Information Location Subtype CivicAddress Location Information Extended Power Via MDI Power Device Type PD Device Power Priority High Power Source From PSE Power Request 8 Watts Inventory Management Hardware Revision Firmware Revision Software Revision Serial Number Manufacturer Name Model Name Asset ID DGS 3450 admin ...

Page 397: ...ed by the Auto Recovery mechanism to decide how long to check before determining that the loop status has gone The valid range is from 60 to 1000000 0 is a special value that specifies that the auto recovery mechanism should be disabled When the auto recovery mechanism is disabled a user would need to manually recover a disabled port The default value for the recover timer is 60 seconds 0 Specifie...

Page 398: ...t all ports in the system you may use the all parameter state Specify whether the LBD function should be enabled or disabled on the ports specified in the port list The default state is disabled enable Specify to enable the LBD function disable Specify to disable the LBD function Restrictions Only Administrator and Operator level users can issue this command Example usage To enable the LBD functio...

Page 399: ...e Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To disable the LBD function globally DGS 3450 admin disable loopdetect Command disable loopdetect Success DGS 3450 admin show loopdetect Purpose Used to display the LBD global configuration Syntax show loopdetect Description This command is used to display the LBD global configura...

Page 400: ...4094 Log State Enabled Function Version v4 05 DGS 3450 admin show loopdetect ports Purpose Used to display the LBD per port configuration Syntax show loopdetect ports portlist Description This command is used to display the LBD per port configuration Parameters portlist Enter the list of port to be displayed If no port is specified the configuration for all ports will be displayed Restrictions Non...

Page 401: ...th Description This command is used to configure the trap modes for LBD Parameters none There is no trap in the LBD function loop_detected Trap will only be sent when the loop condition is detected loop_cleared Trap will only be sent when the loop condition is cleared both Trap will either be sent when the loop condition is detected or cleared Restrictions Only Administrator and Operator level use...

Page 402: ...ct log state enable Command config loopdetect log state enable Success DGS 3450 admin config loopdetect vlan Purpose Used to configure the LBD state for the VLANs Syntax config loopdetect vlan vid_list all state enable disable Description This command is used to configure the LBD state for the VLANs Parameters vid_list Enter a list of VLANs to be configures all Specify to configure all VLANs state...

Page 403: ... notification on the Switch Syntax enable mac_notification Description This command is used to enable MAC address notification without changing configuration Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To enable MAC notification without changing basic configuration DGS 3450 admin enable mac_notification Command enable mac_notificati...

Page 404: ...the Switch s MAC address table notification global settings DGS 3450 admin config mac_notification interval 1 historysize 500 Command config mac_notification interval 1 historysize 500 Success DGS 3450 admin config mac_notification ports Purpose Used to configure MAC address notification status settings Syntax config mac_notification ports portlist all enable disable Description MAC address notifi...

Page 405: ...ication Command show mac_notification Global Mac Notification Settings State Enabled Interval 1 History Size 1 DGS 3450 admin show mac_notification ports Purpose Used to display the Switch s MAC address table notification status settings Syntax show mac_notification ports portlist Description This command is used to display the Switch s MAC address table notification status settings Parameters por...

Page 406: ...ation ports Port MAC Address Table Notification State 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled 9 Disabled 10 Disabled 11 Disabled 12 Disabled 13 Disabled 14 Disabled 15 Disabled 16 Disabled 17 Disabled 18 Disabled 19 Disabled 20 Disabled CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh ...

Page 407: ...cess_control guest_vlan vlan_name 32 guest_vlanid vlanid 1 4094 clear mac_based_access_control auth_state ports all portlist mac_addr macaddr create mac_based_access_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 config mac_based_access_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 clear_vlan delete mac_based_access_control_local mac macaddr vlan vlan_name 32 v...

Page 408: ...inistrator and Operator level users can issue this command Example usage To disable the MAC based Access Control global state DGS 3450 admin disable mac_based_access_control Command disable mac_based_access_control Success DGS 3450 admin config mac_based_access_control password Purpose Used to configure the RADIUS authentication password for MAC based Access Control Syntax config mac_based_access_...

Page 409: ...ac_based_access_control method local Command config mac_based_access_control method local Success DGS 3450 admin config mac_based_access_control guest_vlan Purpose Used to configure the MAC based Access Control guest VLAN membership Syntax config mac_based_access_control guest_vlan ports portlist Description This command will assign a specified port list to the MAC based Access Control guest VLAN ...

Page 410: ...r will be authorized individually and be capable of getting its own assigned VLAN Parameters ports Specifies a range of ports for configuring the MAC based Access Control function parameters state Specifies whether the port s MAC based Access Control function is enabled or disabled mode See below port_based Port based means that all users connected to a port share the first authentication result h...

Page 411: ...block_time 120 Success DGS 3450 admin create mac_based_access_control guest_vlan Purpose Used to assign a static 802 1Q VLAN as a MAC based Access Control guest VLAN Syntax create mac_based_access_control guest_vlan vlan_name 32 guest_vlanid vlanid 1 4094 Description Used to assign a static 802 1Q VLAN as a MAC based Access Control guest VLAN This command can be used to manage unauthenticated host...

Page 412: ...t_vlan default Success DGS 3450 admin clear mac_based_access_control auth_state Purpose Used to clear the clients authentication information by specific port s or MAC address Syntax clear mac_based_access_control auth_state ports all portlist mac_addr macaddr Description This command is used to clear the authentication state of a user or port The port or the user will return to an un authenticated...

Page 413: ...this command Example usage To create one MAC based Access Control local database entry for MAC address 00 00 00 00 00 01 and specify that the host will be assigned to the default VLAN after the host has been authorized DGS 3450 admin create mac_based_access_control_local mac 00 00 00 00 00 01 vlan default Command create mac_based_access_control_local mac 00 00 00 00 00 01 vlan default Success DGS ...

Page 414: ... 3450 admin To delete the MAC based Access Control local database entry for the VLAN name VLAN3 DGS 3450 admin delete mac_based_access_control_local vlan VLAN3 Command delete mac_based_access_control_local vlan VLAN3 Success DGS 3450 admin config mac_based_access_control authorization network Purpose Used to enable or disable the acceptation of an authorized configuration Syntax config mac_based_a...

Page 415: ...ed Access Control settings will be displayed portlist Displays the MAC based Access Control settings for a specific port or range of ports If no port list is specified the settings will be displayed for ports which have MAC based Access Control enabled Restrictions None Example usage To show the MAC based Access Control port configuration for ports 1 to 4 Port State Aging Time Block Time Max User ...

Page 416: ...ased Access Control local database for the MAC address 00 00 00 00 00 01 DGS 3450 admin show mac_based_access_control_local mac 00 00 00 00 00 01 Command show mac_based_access_control_local mac 00 00 00 00 00 01 MAC Address VID 00 00 00 00 00 01 1 Total Entries 1 DGS 3450 admin To show MAC based Access Control local database for the VLAN called default DGS 3450 admin show mac_based_access_control_...

Page 417: ...tion the VID field will be shown as until authentication completes Suppose that port 2 is in port based mode MAC 00 00 00 00 00 10 is the host which causes port 2 to pass authentication the MAC address is followed by P to indicate port based mode authentication Suppose that port 3 is in port based mode MAC 00 00 00 00 00 20 attempts to start authentication the MAC address is followed by P to indic...

Page 418: ...er of users per port is also limited This is specified by the config config mac_based_access_control ports max_users command Parameters value 1 4000 Specify to set the maximum number of authorized clients on the whole device The default value is 1024 no_limit Specify to not limit the maximum number of users on the system Restrictions Only Administrator and Operator level users can issue this comma...

Page 419: ... to drop its operating speed to match that of the target port Syntax config mirror port port add delete source ports portlist rx tx both Description The config mirror command allows a range of ports to have all of their traffic also sent to a destination port where a network sniffer or other device can monitor the network traffic In addition you can specify that only traffic received by or sent by...

Page 420: ...evel users can issue this command Example usage To enable mirroring function DGS 3450 admin enable mirror Command enable mirror Success DGS 3450 admin disable mirror Purpose Used to disable mirror globally Syntax disable mirror Description This command combined with the enable mirror command above allows you to enable or disable mirror function without having to modify the mirror session configura...

Page 421: ...t Port Source Ports 1 Enabled 2 1 RX 1 1 TX 1 1 3 Enabled 3 5 RX 1 24 TX 1 24 DGS 3450 admin create mirror group_id Purpose Used to create a mirror group on the switch Syntax create mirror group_id value 1 4 Description This command used to create a mirror group If the mirror group has existed do nothing and return success Parameters group_id The mirror groups identify value The mirror groups iden...

Page 422: ...s source ports can t overlap Parameters group_id The mirror groups identify value The mirror groups identify value target_port The port that will receive the packets duplicated at the mirror port state The mirror group state to enable or disable the mirror group function add The mirror source ports to be add delete The mirror source ports to be delete portlist The port list of mirror group source ...

Page 423: ...the debug buffer command to dump clear or upload the debug buffer to the TFTP server Syntax debug buffer utilization dump clear upload_toTFTP ipaddr path_filename 64 Description Dump clear or upload the debug buffer to a TFTP server Parameters dump Displays the debug message in the debug message buffer clear Clears the debug message buffer upload_toTFTP ipaddr Uploads the debug message buffer to a...

Page 424: ... config ports portlist all event bpdu state_machine all state disable brief detail Description This command used to configure per port STP debug level on the specified ports Parameters debug flags See below event Debug the external operation and event processing bpdu Debug the BPDU s that have been received and transmitted state_machine Debug the state change of the STP state machine all Debug all...

Page 425: ...how the STP debug information Syntax debug stp show information Description This command used to display STP detailed information such as the hardware tables the STP state machine etc Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To show STP debug information ...

Page 426: ... Cost 0 Regional Root Bridge 32768 00 01 02 03 04 00 Internal Root Cost 0 Designated Bridge 32768 00 01 02 03 04 00 Designated Port 0 Message Age 0 Max Age 20 Forward Delay 15 Hello Time 2 Instance 1 Regional Root Bridge 32769 00 01 02 03 04 00 Internal Root Cost 0 Designated Bridge 32769 00 01 02 03 04 00 Designated Port 0 Remaining Hops 20 Designated Prioirty and Times Instance 0 Port 1 Designat...

Page 427: ...tate Enabled Port Index Event flag BPDU Flag State Machine Flag 1 Detail Brief Disable 2 Detail Brief Disable 3 Detail Brief Disable 4 Detail Brief Disable 5 Detail Brief Disable 6 Detail Brief Disable 7 Detail Brief Disable 8 Detail Brief Disable 9 Detail Brief Disable 10 Detail Brief Disable 11 Detail Brief Disable 12 Detail Brief Disable Success DGS 3450 admin debug stp show counter Purpose Use...

Page 428: ...PDU Length 0 Invalid Type 0 Invalid Timers 0 Success DGS 3450 admin debug stp clear counter Purpose Used to clear STP counters Syntax debug stp clear counter ports portlist all Description This command used to clear the STP counters Parameters ports portlist Specifies the port range all Clears all port counters Restrictions Only Administrator and Operator level users can issue this command Example...

Page 429: ...ble the STP debug state Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the STP debug state to enable and then disable the STP debug state DGS 3450 admin debug stp state enable Command debug stp state enable Success DGS 3450 admin debug stp state disable Command debug stp state disable Success DGS 3450 admin ...

Page 430: ...ue 0 7 none replace_priority Description The create igmp_snooping command creates a multicast VLAN and implements relevant parameters as specified More than one multicast VLANs can be configured The maximum number of configurable VLANs is project dependent Newly created IGMP snooping must use a unique VLAN ID and name i e they cannot use the VLAN ID or name of any existing 802 1q VLAN Also keep in...

Page 431: ...ed Parameters vlan_name The name of the multicast VLAN to be configured Can be up to 32 characters member_port A member port or range of member ports to be added to the multicast VLAN The specified range of ports will become untagged members of the multicast VLAN source_port A port or range of ports to be added to the multicast VLAN untag_source_port Specify the source port or range of source port...

Page 432: ...t group of the join packet cannot be classified into any multicast VLAN to which this port belongs then the join packet will be learned on the natural VLAN of the packet Parameters vlan_name The name of the multicast VLAN to be configured Each multicast VLAN is given a name of up to 32 characters add Add a list of MAC addresses delete Delete a list of MAC addresses Restrictions Only Administrator ...

Page 433: ..._name The name of the multicast VLAN to be deleted Restrictions Only Administrator and Operator level users can issue this command Example usage To delete an IGMP snooping multicast VLAN called v1 DGS 3450 admin delete igmp_snooping multicast_vlan v1 Command delete igmp_snooping multicast_vlan v1 Success DGS 3450 admin show igmp_snooping multicast_vlan Purpose Used to display information for a mul...

Page 434: ... Command show igmp_snooping multicast_vlan IGMP Multicast VLAN Global State Disabled IGMP Multicast VLAN Forward Unmatched Disabled VLAN Name test VID 100 Member Untagged Ports 1 Tagged Member Ports Source Ports 3 Untagged Source Ports Status Disabled Replace Source IP 0 0 0 0 Remap Priority None Total Entries 1 DGS 3450 admin ...

Page 435: ...5 config stp maxage value 6 40 maxhops value 1 40 hellotime value 1 10 forwarddelay value 4 30 txholdcount value 1 10 fbpdu enable 3 disable 2 lbd enable 1 disable 0 lbd_recover_timer value 0 value 60 1000000 nni_bpdu_addr dot1d dot1ad 1 config stp ports portlist externalCost auto value 1 200000000 hellotime value 1 10 migrate yes no edge true false auto p2p true false auto state enable disable re...

Page 436: ...Recover Time 60 NNI BPDU Address dot1ad DGS 3450 admin show stp instance Purpose Used to show each instance parameters settings Syntax show stp instance value 0 15 Description This command displays each instance parameters settings Value means the instance id if there is no input of this value all instance will be shown Parameters instance MSTP instance id Instance 0 represents for default instanc...

Page 437: ...pology Changes Count 0 DGS 3450 admin show stp ports Purpose Used to show the port information includes parameters setting and operational value Syntax show stp ports portlist Description This command displays each port s parameters settings If not input the portlist all ports will be shown If there are multi instances on this bridge the parameters of the port on different instances will be shown ...

Page 438: ...dge Parameters mst_config_id If two bridges has the same three elements in mst_config_id that means they are in the same MST region Restrictions None Example usage show stp mst_config_id DGS 3450 admin show stp mst_config_id Command show stp mst_config_id Current MST Configuration Identification Configuration Name 00 22 22 22 22 00 Revision Level 0 MSTI ID Vid list CIST 1 4094 DGS 3450 admin creat...

Page 439: ...S 3450 admin delete stp instance_id 2 Command delete stp instance_id 2 Success DGS 3450 admin config stp instance_id Purpose To map or remove the VLAN range of the specified MST instance for the existed MST Instances Syntax config stp instance_id value 1 15 add_vlan remove_vlan vidlist Description There are 2 different action type to deal with an MST Instance They are listed as follows add_vlan to...

Page 440: ...fied MST region revision_level The same given name with different revision level also represents for different MST region Restrictions Only Administrator and Operator level users can issue this command Example usage To change the name and revision level of the MST configuration Identification DGS 3450 admin config stp mst_config_id name R D_BlockG revision_level 1 Commands config stp mst_config_id...

Page 441: ...ig stp version mstp rstp stp Description If version is configured as stp or rstp all currently running MSTIs should be disabled For version is configured as mstp current design is enabled all available MSTIs assume that CIST is enabled Futher discussion needed to decide whether we let user to enable the MSTIs Parameters version To decide to run under which version of STP mstp Multiple Spanning Tre...

Page 442: ...nce_id 0 Syntax config stp maxage value 6 40 maxhops value 1 40 hellotime value 1 10 forwarddelay value 4 30 txholdcount value 1 10 fbpdu enable 3 disable 2 lbd enable 1 disable 0 lbd_recover_timer value 0 value 60 1000000 nni_bpdu_addr dot1d dot1ad 1 Description This command is used to configure the bridge parameters global settings Parameters maxage Used to determine if a BPDU is valid The defau...

Page 443: ... MSTP migrate To decide if the port can continue to transmit RSTP BPDUs edge To decide if this port is connected to a LAN or a Bridged LAN In auto mode the bridge will delay for a period to become edge port if no bridge BPUD is received The default is auto mode p2p To decide if this port is in Full Duplex or Half Duplex mode state To decide if this port supports the STP functionality restricted_ro...

Page 444: ...shed from the parameters of ports only at CIST level portlist One of CLI Value Type restrict the input value and format of the ports refer to section 1 4 Switch Numerical Ranges instance_id Instance 0 represents for CIST Instance from 1 to 15 represents for MSTI 1 MSTI 15 internalCost Port Path Cost used in MSTP priority Port Priority Restrictions Only Administrator and Operator level users can is...

Page 445: ...ltiple servers can share the same IP address and MAC address The requests from clients will be forwarded to all servers but will only be processed by one of them The server can work in multicast mode In multicast mode the client use the multicast MAC address as the destination MAC to reach the server Regarding of the mode this destination Mac is the named the shared MAC The server uses its own MAC...

Page 446: ...st_fdb command is used to add or delete the forwarding ports for the specified NLB multicast FDB entry Parameters vlan_name Specify the VLAN of the NLB multicast FDB entry to be configured vlanid vlanid Specify the VLAN by the VLAN ID macaddr Specify the Mac address of the NLB multicast FDB entry to be configured add portlist Specify a list of forwarding ports to be added delete portlist Specify a...

Page 447: ...gabit Ethernet Managed Switch CLI Manual 443 DGS 3450 admin show nlb fdb Command show nlb fdb MAC Address VLAN ID Egress Ports 03 bf 01 01 01 01 100 1 1 1 5 1 26 2 26 03 bf 01 01 01 01 1 1 1 1 5 1 26 2 26 Total Entries 2 DGS 3450 admin ...

Page 448: ...to the system later If the password encryption is enabled the password will be in encrypted form Parameters None Restrictions Only Administrator users can issue this command Example usage To enable the password encryption DGS 3450 admin enable password encryption Command enable password encryption Success DGS 3450 admin disable password encryption Purpose Used to create user accounts Syntax disabl...

Page 449: ...username 15 Name for a operator user acount Restrictions Only Administrator users can issue this command Example usage To create the admin level user dlink DGS 3450 admin create account admin dlink Command create account admin dlink Enter a case sensitive new password Enter the new password again for confirmation Success DGS 3450 admin config account Purpose Used to configure user accounts Syntax ...

Page 450: ...mmand Example usage To configure the user password of dlink account DGS 3450 admin config account dlink Command config account dlink Enter a old password Enter a case sensitive new password Enter the new password again for confirmation Success DGS 3450 admin To configure the user password of dlink account DGS 3450 admin config account adminstrator Command config account administrator encrypt sha_1...

Page 451: ...admin delete account Purpose Used to delete an existing account Syntax delete account username Description The delete account command deletes an existing account Parameters username Name of the user who will be deleted Restrictions Only Administrator users can issue this command Example usage To delete the user account System DGS 3450 admin delete account System Command delete account System Succe...

Page 452: ...arameters force_agree Specify to forcibly agree with the command Restrictions This command is only available in password recovery mode Example usage To reset the configuration DGS 3450 admin reset config Command reset config Are you sure to proceed with reset config y n y Success DGS 3450 admin reboot Purpose Used to exit Reset Configuration Mode and restart the switch Syntax reboot force_agree 1 ...

Page 453: ...e the created account DGS 3450 admin reset account Command reset account Success reset password Purpose Used to reset the password for user account Syntax reset password username Description The reset password command resets the password of the specified user to empty If username is not specified password of all users will be reset Parameters username Specify to enter an existing username Restrict...

Page 454: ...l already created accounts Parameters None Restrictions This command is only available in password recovery mode Example usage To show the created account DGS 3450 admin show account Command show account DGS 3450 admin show account Command show account Current Accounts Username Access Level Password admin1 Admin user1 User Total Entries 2 ...

Page 455: ...et Control Message Protocol ICMP echo messages to a remote IP address The remote IP address will then echo or return the message This is used to confirm connectivity between the switch and the remote device Parameters ipaddr Specify the IP address of the host domain_name Specify the domain name of the host times The number of individual ICMP echo messages to be sent A value of 0 will send an infin...

Page 456: ... 51 17 2 for 3 times the Switch s IP address is 10 51 17 8 DGS 3450 admin ping 10 51 17 2 times 3 source_ip 10 51 17 8 Command ping 10 51 17 2 times 3 source_ip 10 51 17 8 Reply from 10 51 17 2 time 10ms Reply from 10 51 17 2 time 10ms Reply from 10 51 17 2 time 10ms Ping Statistics for 10 51 17 2 Packets Sent 3 Received 3 Lost 0 DGS 3450 admin ping6 Purpose Used to test the IPv6 connectivity betw...

Page 457: ...3000 1 bytes 200 time 10ms Reply from 3000 1 bytes 200 time 10ms Ping Statistics for 3000 1 Packets Sent 4 Received 4 Lost 0 DGS 3450 admin To send ICMP echo message with source IPV6 address 3000 11 to 3000 1 for 3 times the Switch s IP address are 3000 11 and 3000 10 DGS 3450 admin ping6 3000 1 times 3 source_ip 3000 11 Command ping6 3000 1 times 3 source_ip 3000 11 Reply from 3000 1 bytes 200 ti...

Page 458: ... Administrator and Operator level users can issue this command Example usage To disable the broadcast ping reply state DGS 3450 admin disable broadcast_ping_reply Command disable broadcast_ping_reply Success DGS 3450 admin show broadcast_ping_reply Purpose Used to show the broadcast ping reply state Syntax show broadcast_ping_reply Description Show the device broadcast ping reply state Parameters ...

Page 459: ...d the new entry will be discarded Parameters portlist Specifies a range of ports to be configured all Specifies that all ports will be configured admin_state Specifies to enable disable the port security function on the port By default the setting is disabled max_learning_addr Specifies the maximum of port security entries that can be learned on this port If the value is set to 0 it means that no ...

Page 460: ...ers can issue this command Example usage To delete a port security entry DGS 3450 admin delete port_security_entry vlan_name default port 1 mac_address 00 01 30 10 2C C7 Command delete port_security_entry vlan_name default port 1 mac_address 00 01 30 10 2C C7 Success DGS 3450 admin clear port_security_entry port Purpose Used to clear the MAC entrieslearned by the port security function Syntax clea...

Page 461: ...ortlist Specifies a range of ports to show their configuration Restrictions None Example usage To display the port security configuration DGS 3450 admin show port_security Command show port_security Port Admin State Max Learning Addr Lock Address Mode 1 1 Disabled 1 DeleteOnReset 1 2 Disabled 1 DeleteOnReset 1 3 Disabled 1 DeleteOnReset 1 4 Disabled 1 DeleteOnReset 1 5 Disabled 1 DeleteOnReset 1 6...

Page 462: ...nimum setting is 37 W and the maximum setting is 370 W The actual range will depend on power supply capability power_disconnect_method Configure the disconnection method that will be used when the power budget is running out When the system attempts to supply power to a new port if the power budget is insufficient to do this PoE controller will initiate port disconnection procedure to prevent over...

Page 463: ... have the same level of priority the port ID will be used to determine the priority The lower port ID has higher priority The setting of priority will affect the ordering of supplying power Whether the disconnect_method is set to deny_low_priority_port priority of port will be used by the system to manage to supply power to ports power_limit Configure the per port power limit If a port exceeds its...

Page 464: ...Description Display the setting and actual values of the whole PoE system Parameters units Specified units that will be displayed If no parameter specified the system will display the status of all supported poe units in the systems Restrictions None Example usage To display PoE system DGS 3426P admin show poe system units 1 Command show poe system units 1 Unit 1 PoE System Information Power Limit...

Page 465: ...ivolt Current mA Status 1 Enabled Critical 15400 Class 0 Time_range_is_32_bytes____ 0 0 0 0 OFF Interim state during line detection 2 Enabled Critical 4000 Class 1 0 8200 504 162 ON 802 3af compliant PD was detected 3 Enabled Critical 7000 Class 2 0 0 0 0 OFF Interim state during line detection 4 Enabled Critical 15400 Class 3 0 400 504 10 ON 802 3af compliant PD was detected 5 Enabled Low 15400 U...

Page 466: ...ifferent ports The Protocol VLAN Group commands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table Command Parameter create dot1v_protocol_group group_id id config dot1v_protocol_group group_id id add delete protocol ethernet_2 ieee802 3_snap ieee802 3_llc protocol_value delete dot1v_protocol_group group_id id show dot1v_protocol_group group_i...

Page 467: ...lue The user has three choices ethernet_2 Choose this parameter if you wish this protocol group to employ the Ethernet2 frame type This frame type is identified by the 16 bit 2 octet IEEE802 3 type field in the packet header which is to be stated using the following protocol_value ieee802 3_snap Choose this parameter if you wish this protocol group to employ the Sub Network Access Protocol SNAP fr...

Page 468: ...col_group group_id 1 Success DGS 3450 admin show dot1v_protocol_group Purpose Used to display the configurations for a protocol VLAN group Syntax show dot1v_protocol_group group_id id Description This command will display the configurations of a protocol VLAN group Parameters group_id id Enter an integer from 1 to 16 to identify the protocol VLAN group to be displayed Entering this command without...

Page 469: ...a tag to ingress untagged packets vlanid Identify the VID for which to add a tag to ingress untagged packets delete protocol_group Use this parameter to remove this protocol VLAN group s association with the ports stated in this command by using the following parameters group_id id Enter this parameter with its corresponding group number to remove this pre defined protocol group from the ports spe...

Page 470: ...anual 466 DGS 3450 admin show port dot1v ports 1 6 1 8 Command show port dot1v ports 1 6 1 8 Port 1 6 Protocol Group ID VLAN Name 1 building1 Port 1 7 Protocol Group ID VLAN Name 1 building1 Port 1 8 Protocol Group ID VLAN Name 1 building1 Total Entries 3 DGS 3450 admin ...

Page 471: ...o_limit value 64 10000000 max_rate no_limit value 64 10000000 1 show per_queue bandwidth_control portlist config dscp trust portlist all state enable disable show dscp trust portlist config dscp map dscp_priority dscp_list to priority 0 7 dscp_dscp dscp_list to dscp 0 63 show dscp map dscp_priority dscp_dscp dscp dscp_list Each command is listed in detail in the following sections config bandwidth...

Page 472: ... 1 1 1 10 tx_rate 100 The setting value is not an integer multiple of granularity 64 The closest value 64 is chosen Success DGS 3450 admin show bandwidth_control Purpose Used to display the port bandwidth control table Syntax show bandwidth_control portlist Description The show bandwidth_control command displays the port bandwidth configuration The bandwidth can also be assigned by the RADIUS serv...

Page 473: ...specified the system will set all ports class_id This specifies the n 1 hardware priority queues that the config scheduling command will apply to The four hardware priority queues are identified by a number from 0 to n with the 0 queue being the lowest priority The determination of n is project dependent max_packet Specifies the maximum number of packets that the hardware priority queue specified ...

Page 474: ...ssue this command Example usage To configure the traffic scheduling mechanism for the CoS queue on port 1 1 DGS 3450 admin config scheduling_mechanism ports 1 1 strict Command config scheduling_mechanism ports 1 1 strict Success DGS 3450 admin show scheduling Purpose Used to display the current traffic scheduling parameters Syntax show scheduling portlist Description The show scheduling command di...

Page 475: ...mand will display the global setting only Restrictions None Example usage To show the scheduling mechanism for all ports DGS 3450 admin show scheduling_mechanism 1 1 Command show scheduling_mechanism 1 1 Port Mode 1 1 strict DGS 3450 admin config 802 1p user_priority Purpose Used to map the 802 1p user priority of an incoming packet to one of the eight hardware queues available on the Switch Synta...

Page 476: ...t Specifies the range of ports to be displayed If no portlist is specified this command will display the 802 1p user priority for all ports Restrictions Only Administrator and Operator level users can issue this command Example usage In the case of Project only support global configuration display the 802 1p user priority DGS 3450 admin show 802 1p user_priority 1 1 Command show 802 1p user_priori...

Page 477: ...r a range of ports on the switch Restrictions Only Administrator and Operator level users can issue this command Example usage To configure an 802 1p default priority settings of 5 on all Switch ports DGS 3450 admin config 802 1p default_priority all 5 Command config 802 1p default_priority all 5 Success DGS 3450 admin show 802 1p default_priority Purpose Used to display the current default priori...

Page 478: ...the Switch Note This feature only takes effect after a switch reboot Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To enable HOL prevention on the switch DGS 3450 admin enable hol_prevention Command enable hol_prevention Success DGS 3450 admin disable hol_prevention Purpose Used to disable HOL prevention Syntax disable hol_prevention ...

Page 479: ...c queue on specified ports min_rate specifies the minimum guaranteed bandwidth Specifying no limit for the minimum rate means that bandwidth will not be guaranteed max_rate limits the bandwidth When specified packets transmitted from the queue will not exceed the specified limit even if extra bandwidth is available The specification of min_rate and max_rate are effective regardless of whether the ...

Page 480: ...rate inputted rate minimum granularity minimal granularity Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the minimum rate to be 130 and the maximum rate to be 100000 on CoS bandwidth queue 1 for ports 1 1 1 10 DGS 3450 admin config per_queue bandwidth_control ports 1 1 1 10 1 min_rate 130 max_rate 100000 Command config per_queue bandwidt...

Page 481: ...onfiguration here all Specify that the command apply to all ports on the Switch state Enable or disable to trust DSCP By default DSCP trust is disabled Restrictions Only Administrator and Operator level users can issue this command Example usage To enable DSCP trust on ports 1 1 1 8 DGS 3450 admin config dscp trust 1 1 1 8 state enable Command config dscp trust 1 1 1 8 state enable Success DGS 345...

Page 482: ...s ingresses to the port The remaining processing of the packet will base on the new DSCP By default the DSCP is mapped to the same DSCP These DSCP mapping will take effect at the same time when IP packet ingress from a DSCP trusted port Parameters dscp_priority dscp_list Specify a list of DSCP value to be mapped to a specific priority T o priority 0 7 Specify that the above or following parameter ...

Page 483: ...t of DSCP value to be mapped to a specific DSCP dscp dscp_list This specifies DSCP value that will be mapped Restrictions None Example usage To show DSCP map configuration DGS 3450 admin show dscp map dscp_dscp Command show dscp map dscp_dscp DSCP to DSCP Mapping DSCP index 0 1 2 3 4 5 6 7 8 9 0 0 1 2 3 4 5 6 7 8 9 1 10 11 12 13 14 15 16 17 18 19 2 20 21 22 23 24 25 26 27 28 29 3 30 31 32 33 34 35...

Page 484: ...load cfg_toRCP username username 15 ipaddr dest_file path_filename 64 rcp string 128 config_id int 1 2 include exclude begin filter_string 80 filter_string 80 filter_string 80 include exclude begin filter_string 80 filter_string 80 filter_string 80 include exclude begin filter_string 80 filter_string 80 filter_string 80 upload log_toRCP username username 15 ipaddr dest_file path_filename 64 rcp st...

Page 485: ...itch will ask the user to input the Server IP address or remote user name while executing the RCP commands Parameters ipaddress The IP address or IPv6 address of the global RCP Server By default the server is unspecified username The remote user name for logging into the global RCP Server By default the global server s remote user name is unspecified both Both the RCP Server IP address and remote ...

Page 486: ...vironment paths unit Specifies which unit on the stacking system If it is not specified it refers to the master unit all When all is specified the boot_up firmware image on all units will be updated image_id Specifies which firmware image It is no need to support this argument when only one firmware image is supported If not specified it refers to the boot_up image rcp string 128 Syntax rcp userna...

Page 487: ...XXXX had Command download firmware_fromRCP rcp 10 1 1 1 DGS XXXX had Using RCP Server Username rcp_user Connecting to server Done Download firmware Done Do not power off Please wait programming flash Done Saving current settings to NV RAM Done DGS 3450 admin To download firmware from RCP using global configured server DGS 3450 admin download firmware_fromRCP src_file home DGS XXXX had Command down...

Page 488: ...XXX had No RCP Server IP configured Would you like to specify a RCP Server IP N RCP copy file aborted Fail DGS 3450 admin To download DGS XXXX had from Global RCP Server and save with default file path name DGS 3450 admin download firmware_fromRCP src_file DGS XXXX had Command download firmware_fromRCP src_file DGS XXXX had Using RCP Server IP 172 18 212 106 Using RCP Server Username rcp_user Conn...

Page 489: ...in To download a configuration using an RCP string DGS 3450 admin download cfg_fromRCP rcp rcp_user 172 18 212 106 home DGS XXXX cfg config_id 1 Command download cfg_fromRCP rcp rcp_user 172 18 212 106 home DGS XXXX cfg config_id 1 Connecting to server Done Download configuration Done DGS 3450 admin upload cfg_toRCP Purpose Upload a configuration file from the device to an RCP server Syntax upload...

Page 490: ... cfg Command upload cfg_toRCP username rcp_user 172 18 212 104 dest_file home DGS XXXX cfg Connecting to server Done Upload Configuration Done DGS 3450 admin To upload the configuration from a multi config device to an RCP server using an RCP string DGS 3450 admin upload cfg_toRCP rcp rcp_user 172 18 212 104 home DGS XXXX cfg config_id 1 Command upload cfg_toRCP rcp rcp_user 172 18 212 104 home DG...

Page 491: ...toRCP Purpose Upload attack log file from the device to an RCP server Syntax upload attack_log_toRCP username username 15 ipaddr dest_file path_filename 64 rcp string 128 unit unit_id 1 12 Description This command is used to upload the system attack log file from the device to an RCP server Parameters username The remote user name on the RCP Server ipaddr The IP address of the RCP server path_file...

Page 492: ...d upload attack_log_toRCP username rcp_user 172 18 212 104 dest_file home DGS XXXX alog unit 2 Connecting to server Done Upload attack log Done DGS 3450 admin To upload the attack log from the device to an RCP server using an RCP string DGS 3450 admin upload attack_log_toRCP rcp rcp_user 172 18 212 104 home DGS XXXX alog Command upload attack_log_toRCP rcp rcp_user 172 18 212 104 home DGS XXXX alo...

Page 493: ...lobally Syntax enable rspan Description This command controls the RSPAN function The purpose of the RSPAN function is to mirror packets to a remote switch A packet travels from the switch where the monitored packet is received passing through the intermediate switch and then to the switch where the sniffer is attached The first switch is also named the source switch To make the RSPAN function work...

Page 494: ...ate rspan vlan vlan_name vlan_name vlan_id value 1 4094 Description This command is used to create the RSPAN VLAN Up to 16 RSPAN VLANs can be created Parameters vlan_name Create the RSPAN VLAN by VLAN name vlan_id Create the RSPAN VLAN by VLAN ID Restrictions Only Administrator and Operator level users can issue this command Example usage To create an RSPAN VLAN entry by VLAN name v2 DGS 3450 admi...

Page 495: ...ource mirror_group_id value 1 4 add delete ports portlist rx tx both Description This command configures the source setting for the RSPAN VLAN on the source switch Parameters vlan See below vlan_name Specify the RSPAN VLAN by VLAN name vlan_id Specify the RSPAN VLAN by VLAN ID source If the ports are not specified by this command the source of RSPAN will come from the source specified by the mirro...

Page 496: ...or last switch to configure the output port of the RSPAN VLAN packets The redirect command makes sure that the RSPAN VLAN packets can egress to the redirect ports In addition to this redirect command the VLAN setting must be correctly configured to make the RSPAN VLAN work correctly That is for the intermediate switch the redirect port must be tagged member port of RSPAN VLAN For the last switch t...

Page 497: ... Used to display RSPAN configuration Syntax show rspan vlan_name vlan_name vlan_id vlanid 1 4094 Description This command displays the RSPAN configuration Parameters vlan_name Specify the RSPAN VLAN by VLAN name vlan_id Specify the RSPAN VLAN by VLAN ID Restrictions None Example usage Display the specific settings DGS 3450 admin show rspan vlan_id 63 Command show rspan vlan_id 63 RSPAN Enabled RSP...

Page 498: ...d Switch CLI Manual 494 DGS 3450 admin show rspan Command show rspan RSPAN Enabled RSPAN VLAN ID 1 Mirror Group ID 1 Target Port 1 1 Source Ports RX TX RSPAN VLAN ID 2 Redirect Ports 1 6 RSPAN VLAN ID 3 Redirect Ports 1 7 Total RSPAN VLAN 3 DGS 3450 admin ...

Page 499: ...P on the Switch password 16 Allows the specification of a case sensitive password tx_mode Determines how received RIP packets will be interpreted as RIP version V1 only V2 Only or V1 Compatible V1 and V2 This entry specifies which version of the RIP protocol will be used to transfer RIP packets The disabled entry prevents the reception of RIP packets disable Prevents the transmission of RIP packet...

Page 500: ...Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example Usage To enable RIP DGS 3450 admin enable rip Command enable rip Success DGS 3450 admin disable rip Purpose Used to disable RIP Syntax disable rip Description This command is used to disable RIP on the Switch Parameters None Restrictions Only Administrator and Operator level users can iss...

Page 501: ...will display the global RIP configuration for the Switch Restrictions None Example usage To display RIP configuration DGS 3450 admin show rip Command show rip RIP Global State Disabled RIP Interface Settings Interface IP Address TX Mode RX Mode Authen State tication System 10 90 90 90 8 Disabled Disabled Disabled Disabled Total Entries 1 DGS 3450 admin Example usage To display RIP configurations b...

Page 502: ...w flag debug ripng flag interface packet all rx tx route 1 all state enable disable Each command is listed in detail in the following sections enable ripng Purpose Used to enable RIPng globally for the Switch Syntax enable ripng Description This command is used to enable RIPng globally for the Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Ex...

Page 503: ... Enabled Method Split Horizon Update Time 30 seconds Expire Time 180 seconds Garbage Collection Time 120 seconds Interface State Metric int8 Disabled 1 int14 Disabled 1 Total Entries 2 DGS 3450 admin config ripng Purpose This command is used to configure the RIPng algorithm and timer Syntax config ripng method no_horizon split_horizon poison_reverse update sec 5 65535 expire sec 1 65535 garbage_co...

Page 504: ...lue of an interface The RIPng route that was learned from the interface will add this value as a new route metric The default value is 1 state Enable or disable the RIPng state on the specific IP interface If the state is disabled then RIPng packets will not be transmitted or received by the interface The default setting is disabled Restrictions Only Administrator and Operator level users can issu...

Page 505: ...ace State Change Packet Receiving Packet Sending Route DGS 3450 admin debug ripng flag Purpose Used to enable or disable the RIPng debug flag Syntax debug ripng flag interface packet all rx tx route 1 all state enable disable Description This command is used to enable or disable the RIPng debug flag Parameters interface The state of the RIPng interface debug The default setting is disabled packet ...

Page 506: ...0 admin debug ripng flag interface state enable Command debug ripng flag interface state enable Success DGS 3450 admin After enabling RIPng on an interface the following information may appear when the interface state changes The RIPng interface System has changed the link state to down ...

Page 507: ...ceiving all unnecessary broadcast IP packets even if the high CPU utilization is not caused by the high reception rate of broadcast IP packets b When fuzzy is chosen the Switch will minimize the IP packet bandwidth received by the Switch by adjusting the bandwidth for all IP packets by setting a acceptable bandwidth for both unicast and broadcast IP packets The Switch uses an internal algorithm to...

Page 508: ...l shut down trap_log enable disable Choose whether to enable or disable the sending of messages to the device s SNMP agent and switch log once the Safeguard Engine has been activated by a high CPU utilization rate mode Used to select the type of Safeguard Engine to be activated by the Switch when the CPU utilization reaches a high rate The user may select strict If selected this function will stop...

Page 509: ...To display the safeguard engine status DGS 3450 admin show safeguard_engine Command show safeguard_engine Safeguard engine state Disabled Safeguard engine current status normal mode CPU utilization information Rising 30 Falling 20 Trap Log state Disabled Mode Fuzzy DGS 3450 admin ...

Page 510: ...able download ssh client_pub_key ipaddr domain_name 255 src_file path_filename 64 upload ssh client_pub_key ipaddr domain_name 255 dest_file path_filename 64 Each command is listed in detail in the following sections config ssh algorithm Purpose Used to config ssh server algorithm Syntax config ssh algorithm 3DES AES128 AES192 AES256 Arcfour blowfish cast128 twofish128 twofish192 twofish256 MD5 SH...

Page 511: ...lgorithm Purpose Used to show ssh server algorithm Syntax show ssh algorithm Description The show ssh algorithm command show the ssh service algorithm Parameters None Restrictions None Example usage To show server algorithm DGS 3450 admin show ssh algorithm Command show ssh algorithm Encryption Algorithm 3DES Enabled AES128 Enabled AES192 Enabled AES256 Enabled Arcfour Enabled Blowfish Enabled Cas...

Page 512: ...config user authentication method DGS 3450 admin config ssh authmode publickey enable Command config ssh authmode publickey enable Success DGS 3450 admin show ssh authmode Purpose Used to show user authentication method Syntax show ssh authmode Description The show ssh authmode command show the user authentication method Parameters None Restrictions None Example usage To show user authentication m...

Page 513: ...or level users can issue this command Example usage To update user test authmode DGS 3450 admin config ssh user test publickey Command config ssh user test publickey Success DGS 3450 admin show ssh user authmode Purpose Used to show ssh user information Syntax show ssh user authmode Description The show ssh user command show the ssh user information Parameters None Restrictions Only Administrator ...

Page 514: ...trator and Operator level users can issue this command Example usage To config ssh server maxsession is 3 DGS 3450 admin config ssh server maxsession 3 Command config ssh server maxsession 3 Success DGS 3450 admin enable ssh Purpose Used to enable the SSH server Syntax enable ssh Description The enable ssh command enables ssh server services When enabling ssh telnet will be disabled Parameters Non...

Page 515: ...key authentication Syntax config ssh publickey bypass_login_screen state enable disable Description This command is used to enable or disable a secondary username password authentication after using SSH public key authentication The default configuration of this feature is disabled The login screen will be displayed and requires a secondary username password authentication after using SSH public k...

Page 516: ... into a file The number of public keys can be up to 8 Parameters ipaddr Specifies the IPv4 address of the TFTP server domain_name 255 Specifies the domain name of the TFTP server This name can be up to 255 characters long src_file path_filename 64 Specifies the path name and file name of the TFTP server It can be a relative path name or an absolute path name If path name is not specified it refers...

Page 517: ... TFTP server It can be a relative path name or an absolute path name If path name is not specified it refers to the TFTP server path The maximum length is 64 characters Restrictions Only Administrator and Operator level users can issue this command Example usage To upload a SSH public key file named id_rsa_keys to TFTP server 169 168 10 100 to the switch DGS 3450 admin upload ssh client_public_key...

Page 518: ... the Data Encryption Standard DES to create the encrypted text 3 Hash Algorithm This part of the ciphersuite allows the user to choose a message digest function which will determine a Message Authentication Code This Message Authentication Code will be encrypted with a sent message to provide integrity and prevent against replay attacks The Switch supports two hash algorithms MD5 Message Digest 5 ...

Page 519: ...hange CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm DHE_DSS_with_3DES_EDE_CBC_SHA This ciphersuite combines the DSA Diffie Hellman key exchange CBC Block Cipher 3DES_EDE encryption and SHA Hash Algorithm RSA_EXPORT_with_RC4_40_MD5 This ciphersuite combines the RSA Export key exchange stream cipher RC4 encryption with 40 bit keys The ciphersuites are enabled by default on the Swit...

Page 520: ...ombines the RSA Export key exchange stream cipher RC4 encryption with 40 bit keys Restrictions Only Administrator and Operator level users can issue this command Example usage To disable the SSL status on the Switch DGS 3450 admin disable ssl Command disable ssl Success DGS 3450 admin To disable ciphersuite RSA_EXPORT_with_RC4_40_MD5 only DGS 3450 admin disable ssl ciphersuite RSA_EXPORT_with_RC4_...

Page 521: ...S 3450 admin show ssl cachetimeout Command show ssl cachetimeout Cache timeout is 600 second s DGS 3450 admin show ssl Purpose Used to view the SSL status and the certificate file status on the Switch Syntax show ssl certificate chain path_filename 64 Description This command is used to 1 Show the certificates which were downloaded on the Switch 2 Show the SSL certificate chain on the Switch 3 Sho...

Page 522: ...ork It contains information on the owner keys for authentication and digital signatures Both the server and the client must have consistent certificate files for optimal use of the SSL function The Switch only supports certificate files with der file extensions Parameters ipaddr Enter the IP address of the TFTP server certfilename path_filename 64 Enter the path and the filename of the certificate...

Page 523: ... To specify the certificate chain on the switch DGS 3450 admin config ssl certificate chain web_ca2 cer server crt Command config ssl certificate chain web_ca2 cer server crt Success DGS 3450 admin delete ssl certificate Purpose Used to delete a certificate or certificate chain on the Switch Syntax delete ssl certificate path_filename 64 Description This command is used to delete a certificate or ...

Page 524: ... sec 1 2000000 infinity collectoraddress ipaddr ipv6addr collectorport udp_port_number 1 65535 maxdatagramsize value 300 1400 1 delete sflow analyzer_server value 1 4 enable sflow disable sflow show sflow show sflow flow_sampler show sflow counter_poller show sflow analyzer_server Each command is listed in detail in the following sections create sflow flow_sampler Purpose Used to create the sFlow ...

Page 525: ...reate a new one Parameters ports Specifies the list of ports to be configured rate The sampling rate for packet Rx sampling tx_rate The sampling rate for packet Tx sampling maxheadersize The maximum number of leading bytes in the packet which has been sampled that will be encapsulated and forwarded to the server If not specified the default value is 128 Restrictions Only Administrator and Operator...

Page 526: ...led If interval is not specified its default value is 0 Restrictions Only Administrator and Operator level users can issue this command Example usage Create sFlow counter poller which sample port 1 to analyzer server 1 DGS 3450 admin create sflow counter_poller ports 1 analyzer_server_id 1 Command create sflow counter_poller ports 1 analyzer_server_id 1 Success DGS 3450 admin config sflow counter_...

Page 527: ...eates the analyzer_server You can specify more than one analyzer_server with the same IP address but with different UDP port numbers You can have up to four unique combinations of IP address and UDP port number Parameters owner The entity making use of this sFlow analyzer_server When owner is set or modified the timeout value will become 400 automaticly timeout The length of time before the server...

Page 528: ...released and stops sampling When the analyzer_server times out all of the flow_samplers and counter_pollers associated with this analyzer_server will be deleted collectoraddress The IP address of the server If not specified or set a 0 address sFlow packets will not be sent to this server collectorport The destination port for sending sFlow datagrams maxdatagramsize The maximum number of data bytes...

Page 529: ...in enable sflow Command enable sflow Success DGS 3450 admin disable sflow Purpose Used to disable the sFlow function Syntax disable sflow Description Disable the sFlow function Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To disable the sFlow function DGS 3450 admin disable sflow Command disable sflow Success DGS 3450 admin show sflo...

Page 530: ...ue rate is 256 times the displayed rate value There are two types of rates The Configured Rate is configured by the user In order to limit the number of packets sent to the CPU when the rate of traffic to the CPU is high the sampling rate will be decreased This is specified as the active rate Parameters None Restrictions None Example usage To show the sFlow flow_sampler information of ports which ...

Page 531: ...ver information Syntax show sflow analyzer_server Description This command is used to show the sFlow analyzer_server information The Timeout field specifies the time configured by user The Current Countdown Time is the current time remaining before the server timeout Parameters None Restrictions None Example usage To show the sFlow flow_sampler information of ports which have been created DGS 3450...

Page 532: ...elete snmp user user_name 32 show snmp user create snmp group groupname 32 v1 v2c v3 noauth_nopriv auth_nopriv auth_priv read_view view_name 32 write_view view_name 32 notify_view view_name 32 delete snmp group groupname 32 show snmp groups create snmp view view_name 32 oid view_type included excluded delete snmp view view_name 32 all oid show snmp view view_name 32 create snmp host ipaddr v6host ...

Page 533: ...is not accepted view A MIB view name read_only read_write Read and write or read only permission Allows the user using the above community string to have read only or read and write access to the switch s SNMP agent Restrictions Only Administrator and Operator level users can issue this command Example usage To create a read only level SNMP community System with a CommunityView view DGS 3450 admin...

Page 534: ...auth_password 8 16 sha auth_password 8 20 priv none des priv_password 8 16 by_key auth md5 auth_key 32 32 sha auth_key 40 40 priv none des priv_key 32 32 Description This command is used to create a new user to an SNMP group originated by this command User can chose input authentication and privacy by password or by key Note This is SNMPv3 command if it is used All SNMPv1 v2 commands are not neces...

Page 535: ...ve a user from a SNMP group and deletes the associated group in SNMP group Note This is SNMPv3 command if it is used All SNMPv1 v2 commands are not necessary Parameters username32 The name of the user on the host that connects to the agent The range is 1 to 32 Restrictions Only Administrator and Operator level users can issue this command Example usage To delete a SNMP user user123 DGS 3450 admin ...

Page 536: ...st secure of the possible Specifies authentication of a packet noauth_nopriv Neither support packet authentication nor encrypting auth_nopriv Support packet authentication auth_priv Support packet authentication and encrypting view_name View name Restrictions Only Administrator and Operator level users can issue this command Example usage To create SNMP group group123 DGS 3450 admin create snmp gr...

Page 537: ... views Note This is SNMPv3 command if it is used All SNMPv1 v2 commands are not necessary Parameters None Restrictions None Example usage To show SNMP groups DGS 3450 admin show snmp groups Command show snmp groups Vacm Access Table Settings Group Name System ReadView Name CommunityView WriteView Name Notify View Name CommunityView Securiy Model SNMPv1 Securiy Level NoAuthNoPriv Group Name System ...

Page 538: ...rictions Only Administrator and Operator level users can issue this command Example usage To create SNMP view view123 DGS 3450 admin create snmp view view123 1 3 6 view_type included Command create snmp view view123 1 3 6 view_type included Success DGS 3450 admin delete snmp view Purpose Used to remove a view record Syntax delete snmp view view_name 32 all oid Description This command is used to r...

Page 539: ...noauth_nopriv auth_nopriv auth_priv auth_string 32 Description This command is used to create a recipient of an SNMP operation Note This is SNMPv3 command if it is used All SNMPv1 v2 commands are not necessary Parameters ipaddr The IP address of the recipient for which the traps are targeted ipv6addr Specifies the IPv6 host address to which the trap packet will be sent v1 The least secure of the p...

Page 540: ...te snmp host Purpose Used to delete a recipient of an SNMP trap operation Syntax delete snmp host ipaddr v6host ipv6addr Description This command is used to delete a recipient of an SNMP trap operation Note This is SNMPv3 command if it is used All SNMPv1 v2 commands are not necessary Parameters host The IP address of the recipient for which the traps are targeted v6host Specifies the IPv6 host add...

Page 541: ... 3450 admin show snmp v6host Purpose Used to display the recipient for which the traps are targeted Syntax show snmp v6host ipv6addr Description This command is used to display the recipient for which the traps are targeted Note This is SNMPv3 command if it is used All SNMPv1 v2 commands are not necessary Parameters ipaddr Specifies the IPv6 host address If no parameter specified all SNMP hosts wi...

Page 542: ...ine on the switch Syntax show snmp engineID Description This command is used to display the identification of the SNMP engine on the switch The default value is suggested in RFC2271 The very first bit is 1 and the first four octets are set to the binary equivalent of the agent s SNMP management private enterprise number as assigned by IANA D_Link is 171 The fifth octet is 03 to indicates the rest ...

Page 543: ...asking view CommunityView read_only Command create snmp community_masking view CommunityView read_only Enter a case sensitive community Enter the community again for confirmation Success DGS 3450 admin enable community_encryption Purpose Used to enable the encryption state on SNMP community string Syntax enable community_encryption Description This command is used to enable the encryption state on...

Page 544: ... show community_encryption Purpose Used to display the encryption state on SNMP community string Syntax show community_encryption Description This command is used to display the encryption state on SNMP community string Parameters None Restrictions None Example usage To display the encryption state on SNMP community string DGS 3450 admin show community_encryption Command show community_encryption ...

Page 545: ... 7 8 9 10 11 12 show stack_information show stack_device config stacking force_master_role state enable disable Each command is listed in detail in the following sections config stacking_mode Purpose Used to configure the stacking mode Syntax config stacking_mode disable enable string Description The config stacking_mode command configures the state of the stacking function By default stacking mod...

Page 546: ...rity Specifies the priority assigned to the box with a lower number meaning a higher priority The range is 1 63 Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the box priority of the Switch to have an ID of 1 and a priority value of 1 DGS 3450 admin config box_priority current_box_id 1 priority 1 Command config box_priority current_box_id...

Page 547: ...ator level users can issue this command Example usage To configure the Switch that has a current box ID of 1 to have an automatic ID assigned by the Switch DGS 3450 admin config box_id current_box_id 1 new_box_id auto Command config box_id current_box_id 1 new_box_id auto Success DGS 3450 admin show stack_information Purpose Used to display the stack information Syntax show stack_information Descr...

Page 548: ...Auto DGS 3450 Exist 32 00 22 B0 DE F0 46 1 00 B13 3 00 B10 A2 2 Not_Exist No 3 Not_Exist No 4 Not_Exist No 5 Not_Exist No 6 Not_Exist No 7 Not_Exist No 8 Not_Exist No 9 Not_Exist No 10 Not_Exist No 11 Not_Exist No 12 Not_Exist No DGS 3450 admin show stack_device Purpose Used to display information about the devices in the stack Syntax show stack_device Description The show stack_device command dis...

Page 549: ...escription This command is used to ensure the master role is unchanged when new device add to current stacking topology If the state is enabled the master s priority will become zero after the stacking has stabilized Parameters force_master_role Used to enable or disable the switch s Stacking Force Master Role state The default setting is disabled Restrictions Only Administrator and Operator level...

Page 550: ...etail in the following sections create mac_based_vlan Purpose Used to create a static mac based vlan entry Syntax create mac_based_vlan mac_address macaddr vlan vlan_name 32 vlanid vlanid 1 4094 Description This command only needs to be supported by the model which supports mac based VLAN The user can use this command to create a static mac based VLAN entry When a static mac_based_vlan entry is cr...

Page 551: ...uccess DGS 3450 admin show mac_based_vlan Purpose Used to show the static or dynamic MAC based VLAN entry Syntax show mac_based_vlan mac_address macaddr vlan vlan_name 32 Description User can use this command to display the static or dynamic MAC Based VLAN entry Parameters mac_address Specifies the entry that you would like to display vlan Specifies the VLAN to be associated with the MAC address t...

Page 552: ...r can use this command to create a subnet VLAN entry A subnet VLAN entry is an IP subnet based VLAN classification rule If an untagged or priority tagged IP packet is received on a port its source IP address will be used to match the subnet VLAN entries If the source IP is in the subnet of an entry the packet will be classified to the VLANdefined for this subnet Parameters network To specify an IP...

Page 553: ...t vlan entries that associated with this vlan will be deleted vidlist Specifies a list of VLANs by VLAN ID all If specify all all subnet vlan entries will be deleted Restrictions Only Administrator and Operator level users can issue this command Example usage This example shows how to delete a subnet VLAN entry DGS 3450 admin delete subnet_vlan network 172 168 1 1 24 Command delete subnet_vlan net...

Page 554: ...w subnet_vlan ipv6network FE80 250 BAFF 64 IP Address Subnet Mask VLAN Priority FE80 250 BAFF 64 10 1 DGS 3450 admin This example shows how to show all subnet VLAN entries DGS 3450 admin show subnet_vlan Command show subnet_vlan IP Address Subnet Mask VLAN Priority 172 168 1 0 255 255 255 0 4094 2 172 18 211 1 255 255 255 0 20 3 FE80 250 BAFF 64 10 2 Total Entries 3 DGS 3450 admin config vlan_prec...

Page 555: ...ers can issue this command Example usage This example shows how to configure subnet VLAN classification precedence on port 1 DGS 3450 admin config vlan_precedence 1 subnet_vlan Command config vlan_precedence 1 subnet_vlan Success DGS 3450 admin show vlan_precedence ports Purpose Use this command to show vlan classification precedence Syntax show vlan_precedence ports portlist Description This comm...

Page 556: ...rts portlist all medium_type fiber copper speed auto capability_advertised 10_half 10_full 100_half 100_full 1000_full 10_half 10_full 100_half 100_full 1000_full master slave auto_negotiation restart_an flow_control enable disable learning enable disable state enable disable description desc 1 32 clear_description show ports portlist description err_disabled auto_negotiation details media_type Ea...

Page 557: ...ed to duplex speed and physical layer type The master setting will also determine the master and slave relationship between the two connected physical layers This relationship is necessary for establishing the timing control between the two physical layers The timing control is set on a master physical layer by a local source The slave setting 1000M Full_S uses loop timing where the timing comes f...

Page 558: ...tion err_disabled auto_negotiation details media_type Description This command is used to display the current configuration of a range of ports Parameters portlist Specifies a port or range of ports to be displayed The beginning and end of the port list range are separated by a dash description Adding this parameter to the show ports command indicates that a previously entered port description wil...

Page 559: ...d Link Down Enabled 1 16 Enabled Auto Disabled Link Down Enabled 1 17 Enabled Auto Disabled Link Down Enabled 1 18 Enabled Auto Disabled Link Down Enabled 1 19 Enabled Auto Disabled Link Down Enabled CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh To display the configuration of all ports on the Switch with a description DGS 3450 admin show ports description Command show ports descri...

Page 560: ...gotiation Port 1 1 Auto Negotiation Enabled Capability Bits 10M_Half 10M_Full 100M_Half 100M_Full 1000M_Full Capbility Advertised Bits 10M_Half 10M_Full 100M_Half 100M_Full 1000M_Full Capbility Received Bits 10M_Half 10M_Full 100M_Half 100M_Full 1000M_Full Port 1 2 Auto Negotiation Enabled Capability Bits 10M_Half 10M_Full 100M_Half 100M_Full 1000M_Full Capbility Advertised Bits 10M_Half 10M_Full ...

Page 561: ...pif config trap source_ipif ipif_name ipaddr ipv6addr none show trap source_ipif Each command is listed in detail in the following sections config syslog source_ipif Purpose Configure syslog source IP interface Syntax config syslog source_ipif ipif_name ipaddr none Description This command is used to configure syslog source IP interface Parameters ipif_name IP interface name If only specify this p...

Page 562: ...pose Configure trap source IP interface Syntax config trap source_ipif ipif_name ipaddr ipv6addr none Description This command is used to configure trap source IP interface Parameters ipif_name IP interface name If only specify this parameter the least IPv4 address and the smallest IPv6 address of ipif_name will be used as source IP addresses none For clearing the configured source IP interface ip...

Page 563: ...ipif Purpose Show trap source IP interface Syntax show trap source_ipif Description This command is used to display the trap source IP interface Parameters None Restrictions None Example usage Show trap source IP interface DGS 3450 admin show trap source_ipif Command show trap source_ipif Trap Source IP Interface Configuration IP Interface ipif4 IPv4 Address None IPv6 address 3000 52 DGS 3450 admi...

Page 564: ...formational debug all level 0 7 facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr state enable disable delete syslog host index 1 4 all show syslog host index 1 4 config log_save_timing time_interval min 1 65535 on_demand log_trigger show log_save_timing show attack_log unit unit_id 1 12 index value_list clear attack_log unit unit_id 1 12 al...

Page 565: ...alert Severity level 1 critical Severity level 2 error Severity level 3 warning Severity level 4 notice Severity level 5 informational Severity level 6 debug Severity level 7 level_list Specifies a list of severity levels to be displayed If there is more than one severity level please separate them by comma The level number is from 0 to 7 Restrictions None Example usage To display the switch s his...

Page 566: ...slog messages Syntax disable syslog Description This command disables the sending of syslog messages Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To disable the sending of syslog messages DGS 3450 admin disable syslog Command disable syslog Success DGS 3450 admin show syslog Purpose Used to display the syslog protocol global state Sy...

Page 567: ...l be prompted to the user when configuring syslog hosts with all option and just assigning one IP address to those hosts This configuration will fail When the specified IP address already exists the prompt message The host IP address already exists will be displayed and this configuration will fail Parameters host The host index or all hosts severity emergency Severity level 0 alert Severity level...

Page 568: ...vel for a specific host messages which are at that severity level or higher will be reported to that host When the IP address is invalid the prompt message Invalid IP address will be displayed and this configuration will fail When the specified IP address already exists the prompt message The host IP address already exists will be displayed and this configuration will fail When the specified host ...

Page 569: ...t 1 ipaddress 10 90 90 1 severity all facility local0 Success DGS 3450 admin delete syslog host Purpose Used to delete the syslog host s Syntax delete syslog host index 1 4 all Description This command deletes the syslog host s When the specified host doesn t exist the prompt message The entry does not exist will be displayed and this configuration will fail Parameters host index 1 4 all Host inde...

Page 570: ... 514 Status Disabled Total Entries 3 DGS 3450 admin config log_save_timing Purpose Used to configure the method for saving the log Syntax config log_save_timing time_interval min 1 65535 on_demand log_trigger Description This command is used to set the method for saving the log Parameters time_interval Save log to flash every xxx minutes If no new log events occur in this period don t save on_dema...

Page 571: ...g messages driven by modules such as DOS and the IP MAC port binding module This type of log message may generate a large amount of messages and quickly cause the system to run out of system log storage Therefore for this type of log messages only the first log that is generated each minute can be stored in the system log with the rest of them being stored in a separate table named attack log When...

Page 572: ... Command clear attack_log Success DGS 3450 admin upload attack_log_toTFTP Purpose Used to upload the attack log on a unit Syntax upload attack_log_toTFTP ipaddr ipv6addr domain_name 255 dest_file path_filename 64 unit unit_id 1 12 Description To upload the attack log stored on a unit When the attack log is empty the prompt message Log is empty will be displayed Parameters unit The attack log messa...

Page 573: ...rch strategy will depend on the server system For some systems it will search the current user working directory first and then search the environment paths dest_file Specify the destination file here rcp string 128 Syntax rcp username ipaddr directory filename Example for FULL path user_name 10 1 1 1 home user_name desxxxx had Example for relative path user_name 10 1 1 1 desxxxx had NOTE Do not u...

Page 574: ...tion of technique s support Syntax show tech_support Description This command is especially used by the technical support personnel to dump the device overall operation information The information is project dependent and includes the following information Basic System information system log Running configuration Layer 1 information Layer 2 information Layer 3 information Application OS status Con...

Page 575: ...d the information of technique s support Syntax upload tech_support_toTFTP ipaddr path_filename 64 Description The upload tech_support_toTFTP command is used to upload the information of technique s support to TFTP server The information is project dependent and includes the following information Basic System information system log Running configuration Layer 1 information Layer 2 information Laye...

Page 576: ...ernet Managed Switch CLI Manual 572 DGS 3450 admin upload tech_support_to_TFTP 10 0 0 66 tech_report txt Command upload tech_support_to_TFTP 10 0 0 66 tech_report txt Connecting to server Done Upload techsupport file Done Success DGS 3450 admin ...

Page 577: ...meters specified by the command will only be used for the establishment of this specific session They will not affect the establishment of other sessions Parameters ipaddr The IP address of the Telnet server domain_name Specify the domain name of the Telnet server tcp_port Specifies the Telnet server port number to be connected If not specified the default port is 23 Restrictions None Example usag...

Page 578: ...it unit_id 1 12 Each command is listed in detail in the following sections download firmware_fromTFTP Purpose Used to download the firmware image from TFTP server Syntax download firmware_fromTFTP ipaddr ipv6addr domain_name 255 src_file path_filename 64 image_id int 1 2 unit all unitid 1 12 Description This command is used to download a firmware image file from the TFTP server Parameters ipaddr T...

Page 579: ...support one configuration file since the download of a configuration will automatically apply the setting to the system If increment is specified then the existing configuration will not be cleared before applying of the new configuration If it is not specified then the existing configuration will be cleared before applying of the new configuration Restrictions Only Administrator and Operator leve...

Page 580: ... 121 dest_file C test Connecting to server Done Upload Configuration Done DGS 3450 admin upload log_toTFTP Purpose Used to upload a log file from device to TFTP server This command is required to be supported when file system is not supported on device s FLASH EPROM Syntax upload log_toTFTP ipaddr ipv6addr domain_name 255 dest_file path_filename 64 Description This command is used to upload a log ...

Page 581: ...e TFTP server domain_name The domain name of the TFTP server dest_file Used to identify the parameter path_filename path_filename Specifies the path name on the TFTP server to hold the attack log unit The attack log messages on the specified unit will be uploaded to the TFTP server If it is not specified it refers to the master unit Restrictions Only Administrator and Operator level users can issu...

Page 582: ...2 e_time end_time hh mm offset 30 60 90 120 show time config sntp ipv6server primary ipv6addr secondary ipv6addr Each command is listed in detail in the following sections config sntp Purpose Used to setup SNTP service Syntax config sntp primary ipaddr secondary ipaddr poll interval int 30 99999 Description Use this command to configure SNTP service from an SNTP server SNTP must be enabled for thi...

Page 583: ...splay SNTP configuration information DGS 3450 admin show sntp Command show sntp Current Time Source System Clock SNTP Disabled SNTP Primary Server 10 1 1 1 SNTP Secondary Server 10 1 1 2 SNTP Poll Interval 720 sec DGS 3450 admin enable sntp Purpose To enable SNTP server support Syntax enable sntp Description This will enable SNTP support SNTP service must be separately configured see config sntp E...

Page 584: ...s Description This will configure the system time and date settings These will be overridden if SNTP is configured and enabled Parameters date Express the date using two numerical characters for the day of the month three alphabetical characters for the name of the month and four numerical characters for the year For example 03aug2003 time Express the system time using the format hh mm ss that is ...

Page 585: ...repeating s_week start_week 1 4 last s_day start_day sun sat s_mth start_mth 1 12 s_time start_time hh mm e_week end_week 1 4 last e_day end_day sun sat e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 annual s_date start_date 1 31 s_mth start_mth 1 12 s_time start_time hh mm e_date end_date 1 31 e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 Description DST can be enable...

Page 586: ...o begin DST expressed as a number e_mth Configure the month in which DST ends end_mth 1 12 The month to end DST expressed as a number s_time Configure the time of day to begin DST start_time hh mm Time is expressed using a 24 hour clock in hours and minutes e_time Configure the time of day to end DST end_time hh mm Time is expressed using a 24 hour clock in hours and minutes s_date Configure the s...

Page 587: ... last Sun 00 00 Annual From 29 Apr 00 00 To 12 Oct 00 00 DGS 3450 admin config sntp ipv6server Purpose Used to configure the IPv6 server for the SNTP function Syntax config sntp ipv6server primary ipv6addr secondary ipv6addr Description If both IPv4 and IPv6 servers are configured the IPv4 server has the higher priority it first sync its time to the IPv4 server Parameters primary ipv6addr Specifie...

Page 588: ...ed in conjunction with an access profile rule to determine a period of time when an access profile and an associated rule are to be enabled on the Switch Remember this time range can only be applied to one period of time and also it is based on the time set on the Switch Parameters range_name 32 Enter a name of no more than 32 alphanumeric characters that will be used to identify this time range o...

Page 589: ...6 30 00 end_time 21 40 00 weekdays mon fri Success DGS 3450 admin show time_range Purpose To view the current configurations of the time range set on the Switch Syntax show time_range Description This command is used to display the currently configured time range s set on the Switch Parameters None Restrictions Only Administrator and Operator level users can issue this command Example usage To vie...

Page 590: ...er of hops is exceeded At each TTL setting one probe packet is launched the number can be changed by specifying the parameter probe and traceroute prints a line showing the round trip time and the address of the gateway of each probe or time out of each probe If there is no response within the 5 seconds timeout interval an asterisk is printed for that probe Parameters ipaddr IP address of the dest...

Page 591: ...turned indicating that the packet reached the host or the maximum number of hops is exceeded At each TTL setting one probe are launched the number can be changed by specifying the parameter probe and traceroute prints a line showing the round trip time and the address of the gateway of each probe or time out of each probe If there is no response within the 5 seconds timeout interval an asterisk is...

Page 592: ...s 1345 142 11 10 ms 1345 142 11 10 ms 2011 14 100 10 ms 2011 14 100 Request timed out 10 ms 3000 1 Trace complete DGS 3450 admin To trace the IPv6 routed path between the switch and 1210 100 11 with port 40000 DGS 3450 admin traceroute6 1210 100 11 port 40000 Command traceroute6 1210 100 11 port 40000 10 ms 3100 25 10 ms 4130 100 10 ms 1210 100 11 Trace complete DGS 3450 admin ...

Page 593: ...e dropped If the port remains in shutdown status for a configurable period the count down value the port enters shutdown forever status The port link is down and remains disabled until either the configurable recover timer is timed out or the CLI command config ports portlist all state enable is manually entered The Traffic Control commands in the Command Line Interface CLI are listed along with t...

Page 594: ...ction parameter Default is 0 minutes 0 disables the forever state meaning that the port will not enter the shut down forever state disable Specifies that the countdown is disabled The port will directly shutdown when the switch detects a storm Restrictions Only Administrator and Operator level users can issue this command Example usage To configure the parameters so that the traffic control status...

Page 595: ...ver 1 1 Enabled Disabled Disabled Shutdown 5 10 2 1 Enabled Disabled Disabled Shutdown 5 10 3 1 Enabled Disabled Disabled Shutdown 5 10 4 1 Enabled Disabled Disabled Shutdown 5 10 5 1 Enabled Disabled Disabled Shutdown 5 10 6 1 Enabled Disabled Disabled Shutdown 5 10 7 1 Enabled Disabled Disabled Shutdown 5 10 8 1 Enabled Disabled Disabled Shutdown 5 10 9 1 Enabled Disabled Disabled Shutdown 5 10 ...

Page 596: ... control recover for any or all ports Syntax config traffic control_recover portlist all Description Configuring a port for traffic control recover will require an administrator to restart the specified ports if storm control shuts down the port or ports That is if a storm triggers the action shutdown for a port it will remain in the shutdown even if the threshold falls below the value that trigge...

Page 597: ...rts that will be configured for traffic segmentation The beginning and end of the port list range are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 forward_list Specifies a range of ports that will receive forwarded frames from the ports specified in the portlist above null No ports are specified all All ports are specified portlist Specifies a range of po...

Page 598: ... end of the port list range are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 Restrictions The port lists for segmentation and the forward list must be on the same Switch Example usage To display the current traffic segmentation configuration on the Switch DGS 3450 admin show traffic_segmentation Command show traffic_segmentation Traffic Segmentation Table...

Page 599: ...s must be members of the Management VLAN If no IP addresses are specified then there is nothing to prevent any IP address from accessing the switch provided the user knows the Username and Password When the access interface is not specified the trusted host will be created for all interfaces Parameters ipaddr The IP address of the trusted host network The network address of the trusted network The...

Page 600: ... delete trusted_host 10 48 74 121 Success DGS 3450 admin show trusted_host Purpose Used to display a list of trusted hosts entered on the switch using the create trusted_host command above Syntax show trusted_host Description The show trusted host command displays the trusted hosts Parameters None Restrictions None Example usage To display a trusted host DGS 3450 admin show trusted_host Command sh...

Page 601: ...reate iproute default network_address ipaddr metric 1 65535 primary backup Description Use this command to create an IP static route Selecting primary or backup means the newly created route is a floating static route If none of the following primary or backup is selected the static route will 1 be primary if there is no primary route that has the same destination 2 be backup if there has been a p...

Page 602: ...strictions Only Administrator and Operator level users can issue this command Example usage To delete an IP static route DGS 3450 admin delete iproute 10 48 74 121 255 0 0 0 10 1 1 254 Command delete iproute 10 48 74 121 8 10 1 1 254 Success DGS 3450 admin show iproute Purpose Used to display the switch s current IP routing table Syntax show iproute network_address ipaddr static rip hardware Descr...

Page 603: ...how iproute hardware Command show iproute hardware Routing Table IP Address Netmask Gateway Interface 0 0 0 0 0 10 1 1 11 ip1 10 1 1 0 24 0 0 0 0 System 100 1 1 0 24 10 1 1 11 ip1 192 168 1 0 24 10 1 1 11 ip1 Total Entries 4 DGS 3450 admin config route preference Purpose Used to configure route type preference Syntax config route preference static default rip value 1 999 Description Use this comma...

Page 604: ...show route preference Command show route preference Route Preference Settings Protocol Preference RIP 100 Static 60 Default 999 Local 0 DGS 3450 admin create route redistribute dst rip Purpose Used to redistribute routing information from other routing protocols to RIP Syntax create route redistribute dst rip src local static metric value 0 16 Description This command is used to redistribute routi...

Page 605: ...erator level users can issue this command Example usage To delete route redistribution settings DGS 3450 admin delete route redistribute dst rip src local Command delete route redistribute dst rip src local Success DGS 3450 admin config route redistribute dst rip Purpose Used to update the metric to be associated with the redistributed routes from a specific protocol to RIP protocol Syntax config ...

Page 606: ...oute redistributions settings Parameters dst Specify the target protocol rip Display the redistribution with the target protocol RIP src Specify the source protocol static Display the redistribution with the source static local Display the redistribution with the source local If no parameter is specified the system will display all route redistributions Restrictions None Example usage To display r...

Page 607: ...ctions show utilization Purpose Used to display real time port utilization statistics Syntax show utilization cpu ports dram unit unitid flash unit unitid Description The show utilization command displays real time CPU ports dram or flash utilization statistics Parameters ports Specifies a range of ports to be displayed UnitID port number dram To show dram memory utilization flash To show flash me...

Page 608: ... 11 0 0 0 2 6 0 0 0 1 12 0 0 0 2 7 0 30 1 1 13 0 0 0 2 8 0 0 0 1 14 0 0 0 2 9 30 0 1 1 15 0 0 0 2 10 0 0 0 1 16 0 0 0 2 11 0 0 0 1 17 0 0 0 2 12 0 0 0 1 18 0 0 0 2 13 0 0 0 1 19 0 0 0 2 14 0 0 0 1 20 0 0 0 2 15 0 0 0 1 21 0 0 0 2 16 0 0 0 Port TX sec RX sec Util Port TX sec RX sec Util 2 17 0 0 0 2 18 0 0 0 2 19 0 0 0 2 20 0 0 0 2 21 0 0 0 2 22 0 0 0 2 23 0 0 0 2 24 0 0 0 2 25 0 0 0 2 26 11 2 1 To...

Page 609: ... show utilization dram DRAM Utilization Total DRAM 262 144 KB Used DRAM 212 568 KB Utilization 81 Success DGS 3450 admin To display FLASH utilization DGS 3450 admin show utilization flash Command show utilization flash FLASH Memory Utilization Total FLASH 16 384 KB Used FLASH 13 440 KB Utilization 82 Success DGS 3450 admin ...

Page 610: ...t show voice_vlan lldp_med voice_device Each command is listed in detail in the following sections enable voice_vlan Purpose Used to enable the global voice VLAN function on a switch Syntax enable voice_vlan vlan_name 32 vlanid vlanid 1 4094 Description To enable the voice VLAN the voice VLAN must be also assigned At the same time the VLAN must be an existing static 802 1Q VLAN To change the voice...

Page 611: ... voice VLAN priority Syntax config voice_vlan priority int 0 7 Description The voice VLAN priority will be the priority associated with the voice VLAN traffic to distinguish the QoS of the voice traffic from data traffic Parameters int 0 7 Specify the priority of the voice VLAN The range is 0 to 7 The default priority is 5 Restrictions Only Administrator and Operator level users can issue this com...

Page 612: ...le or disable the voice VLAN function on ports or mode per port Syntax config voice_vlan ports portlist all state enable disable mode auto manual Description This command is used to enable or disable the voice VLAN function on ports or mode per port Parameters portlist Specify a range of ports to set all Specify to set all ports state Specify the voice VLAN function state on ports The default stat...

Page 613: ...nd Example usage To enable the voice VLAN log state DGS 3450 admin config voice_vlan log state enable Command config voice_vlan log state enable Success DGS 3450 admin config voice_vlan aging_time Purpose Used to set the aging time of the voice VLAN Syntax config voice_vlan aging_time min 1 65535 Description The aging time is used to remove a port from voice VLAN if the port is an automatic VLAN m...

Page 614: ...tion Parameters None Restrictions None Example usage To display voice VLAN information DGS 3450 admin show voice_vlan Command show voice_vlan Voice VLAN State Enabled VLAN ID 4094 VLAN Name v2 Priority 6 Aging Time 60 minutes Log State Enabled Member Ports Dynamic Member Ports DGS 3450 admin show voice_vlan oui Purpose Used to display the OUI information for voice VLAN Syntax show voice_vlan oui D...

Page 615: ... port voice VLAN information Syntax show voice_vlan ports portlist Description This command is used to display port voice VLAN information Parameters portlist Specify a range of ports to display Restrictions None Example usage To display voice VLAN ports 1 1 to 1 3 DGS 3450 admin show voice_vlan ports 1 1 1 3 Command show voice_vlan ports 1 1 1 3 Ports Status Mode 1 1 Disabled Auto 1 2 Disabled Au...

Page 616: ...is used to display the voice devices that are discovered by LLDP MED Parameters None Restrictions None Example usage To display the voice devices that were discovered by LLDP MED DGS 3450 admin show voice_vlan lldp_med voice_device Command show voice_vlan lldp_med voice_device Index 1 Local Port 1 1 Chassis ID Subtype MAC Address Chassis ID 00 E0 BB 00 00 11 Port ID Subtype Network Address Port ID...

Page 617: ...ttp https create wac user username 15 vlan vlan_name 32 vlanid vlanid 1 4094 delete wac user username 15 all_users config wac user username 15 vlan vlan_name 32 vlanid vlanid 1 4094 clear_vlan config wac authorization attributes radius enable disable local enable disable 1 show wac show wac ports portlist show wac user show wac auth_state ports portlist clear wac auth_state ports portlist all auth...

Page 618: ...e config wac ports command allows you to configure port state of WAC The default value of aging time is 1440 minutes The default value of idle time is infinite The default value of block_time is 60 seconds Parameters portlist A port range to set their WAC state all All the Switch ports WAC state is to be configured state To specify the port state of WAC aging_time A time period during which an aut...

Page 619: ...uthentication will be done via the RADIUS server Restrictions Only Administrator and Operator level users can issue this command Example usage To configure WAC auth method DGS 3450 admin config wac method radius Command config wac method radius Success DGS 3450 admin config wac default_redirpath Purpose Used to config WAC default redirect URL Syntax config wac default_redirpath string 128 Descript...

Page 620: ... redirect URL DGS 3450 admin config wac clear_default_redirpath Success DGS 3450 admin config wac virtual_ip Purpose Used to config the virtual IP address for WAC Syntax config wac virtual_ip ipaddr ipv6addr 1 Description The virtual IP of WAC is used to accept authentication request from unauthenticated host Only requests sent to this IP will get response correctly This IP does not respond to ARP...

Page 621: ...e range of port number is 1 65535 http To specify the WAC runs HTTP protocol on this TCP port https To specify the WAC runs HTTPS protocol on this TCP port Restrictions Only Administrator and Operator level users can issue this command Example usage To config HTTP s port of the switch used by WAC Used to config HTTP s port of the switch used by WAC DGS 3450 admin config wac switch_http_port 8888 h...

Page 622: ... Example usage To delete a WAC local user DGS 3450 admin delete wac user 123 Command delete wac user 123 Success DGS 3450 admin config wac user Purpose Used to configure WAC local user Syntax config wac user username 15 vlan vlan_name 32 vlanid vlanid 1 4094 clear_vlan Description The config wac user command updates the local user DB Only created user can be configured Parameters username The user...

Page 623: ... enable the authorized data assigned by the RADUIS server will be accepted if the global authorization network is enabled The default state is enabled local If specified to enable the authorized data assigned by the local database will be accepted if the global authorization network is enabled The default state is enabled Restrictions Only Administrator and Operator level users can issue this comm...

Page 624: ...ription This command allows the user to display the port level setting Parameters ports A range of member ports to show the status Restrictions None Example usage To show WAC port state and other parameters DGS 3450 admin show wac ports 1 3 Command show wac ports 1 3 Port State Aging Time Idle Time Block Time min min sec 1 1 Enabled 60 30 120 1 2 Enabled 60 30 120 1 3 Enabled 120 60 120 Success DG...

Page 625: ...nticated 4004 3 Infinite 40 1 00 00 00 00 00 02 1 Authenticated 1234 Infinite 50 1 00 00 00 00 00 03 1 Blocked 60 1 00 00 00 00 00 04 1 Authenticating 10 2 00 00 00 00 00 10 P 1 Authenticated 1234 2 1440 20 3 00 00 00 00 00 20 P 1 Authenticating 5 3 00 00 00 00 00 21 P 1 Blocked 100 Total Authenticating Hosts 2 Total Authenticated Hosts 3 Total Blocked Hosts 2 DGS 3450 admin clear wac auth_state P...

Page 626: ... authenticating users for a port Restrictions Only Administrator and Operator level users can issue this command Example usage To delete WAC host DGS 3450 admin clear wac auth_state ports 1 5 Command clear wac auth_state ports 1 5 Success DGS 3450 admin Purpose Used to Syntax Description Parameters Restrictions Example usage To Purpose Used to Syntax Description Parameters Restrictions Example usa...

Page 627: ...egation Control IEEE 802 3x Full duplex Flow Control IEEE 802 1u Fast Ethernet IEEE 802 3af Power over Ethernet Protocols CSMA CD Data Transfer Rates Ethernet Fast Ethernet Gigabit Ethernet Fiber Optic Half duplex Full duplex 10 Mbps 20Mbps 100Mbps 200Mbps 1000Mbps 2000Mbps SFP Mini GBIC Support IEEE 802 3z 1000BASE LX DEM 310GT transceiver IEEE 802 3z 1000BASE SX DEM 311GT transceiver IEEE 802 3z...

Page 628: ...C Humidity 5 95 non condensing Dimensions 441mm x 389mm x 44mm Weight DGS 3400 Series DGS 3426 5 42 kg DGS 3426P 6 kg DGS 3427 5 51 kg DGS 3450 5 74 kg Module Inserts DEM 410CX 0 16 kg DEM 410X 0 18 kg EMI CE class A FCC Class A Safety CSA International CB Report Performance Transmission Method Store and forward Packet Buffer 0 75 MB per device Packet Filtering Forwarding Rate Full wire speed for ...

Page 629: ...s to attach a terminal or PC with terminal emulation to the console port of the switch 2 Power on the Switch After the runtime image is loaded to 100 the Switch will allow 2 seconds for the user to press the hotkey Shift 6 to enter the Password Recovery Mode Once the Switch enters the Password Recovery Mode all ports on the Switch will be disabled Boot Procedure 1 00 B13 Power On Self Test 100 MAC...

Reviews:

No comments

Brands by name

Popular brands

Load more brands