D-Link xStack DGS-3600 Series Page 238 Cli Manual Download | Manualshive

Page: 238 / 431

background image

xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual

235

create access_profile (packet content )

is divided up into four “chunks” where each chunk represents 4 bytes. Values within
the packet header chunk to be identified are to be marked in hexadecimal form in the
“mask” field. The following table will help you identify the bytes in the respective
chunks.

chunk0 chunk1 chunk2…….. chunk29 chunk30

chunk31

b126 b2 b6 b114 b118 b122

b127 b3 b7 b115 b119 b123

b1 b4 b8 b116 b120 b124

b0 b5 b9 b117 b121 b125

Check the box of the chunk, from 1 to 4, you wish to examine and then enter the
hexadecimal value in the

mask

field.

profile_id <value 1-14>

- Specifies an index number between

1

and

14

that will

identify the access profile being created with this command.

Restrictions

Only administrator-level and operator-level users can issue this command.

Example usage:

To create an Access profile by packet content mask:

DGS-3627:5#create access_profile packet_content_mask offset_chunk_1 1
0xFFFFFFFF profile_id 3
Command: create access_profile packet_content_mask offset_chunk_1 1
0xFFFFFFFF profile_id 3

Success.

DGS-3627:5#

config access_profile profile_id (packet content)

Purpose

To configure the rule for a previously created access profile command based on the packet
content mask. Packet content masks entered will specify certain bytes of the packet header
to be identified by the Switch. When the Switch recognizes a packet with the identical byte
as the one configured, it will either forward or filter the packet, based on the users command
entered here.

Syntax

config access_profile profile_id <value 1-14> [add access_id <value 1-128>
packet_content {offset_chunk_1 <hex 0x0-0xffffffff> | offset_chunk_2 <hex 0x0-
0xffffffff> | offset_chunk_3 <hex 0x0-0xffffffff> | offset_chunk_4 <hex 0x0-0xffffffff>}
port [<portlist> | all] [permit {priority <value 0-7> {replace_priority} | rx_rate {no_limit |
<value 1-156249>]} | counter [enable | disable]} | mirror | deny} {time_range
<range_name 32>} | delete access_id <value 1-128>]

Description

This command is used to set the rule for a previously configured access profile setting
based on packet content mask. These rules will determine if the Switch will forward or filter
the identified packets, based on user configuration specified in this command. Users will set
bytes to identify by entering them in hex form, offset from the first byte of the packet.

Parameters

profile_id <value 1-14>

- Enter an integer between

1

and

14

that is used to identify the

access profile that will be configured with this command. This value is assigned to the
access profile when it is created with the

create access_profile

command. The lower the

profile ID, the higher the priority the rule will be given.

add access_id

- Adds an additional rule to the above specified access profile.

•

auto_assign

– Adding this parameter will automatically assign an access_id to

identify the rule.

•

<value 1-128> -

The value specifies the relative priority of the additional rule. Up

to 128 different rules may be configured for the Ethernet access profile.

offset_chunk_1 –

The offset field is used to examine the packet header which is divided up

«
...
236
237
238
239
240
...
»

Summary of Contents for xStack DGS-3600 Series

Page 1: ...CLI Manual ProductModel DGS 3600 Series Layer3GigabitEthernetManagedSwitch Release2 4 Copyright 2008 All rights reserved...

Page 2: ...NG COMMANDS 118 VLAN COMMANDS 121 PROTOCOL VLAN GROUP COMMANDS 132 LINK AGGREGATION COMMANDS 137 IP MAC PORT BINDING IMPB 142 IP COMMANDS INCLUDING IP MULTINETTING 150 IPV6 NEIGHBOR DETECTION COMMANDS...

Page 3: ...S 328 MD5 COMMANDS 330 OSPF CONFIGURATION COMMANDS 332 ROUTE PREFERENCE COMMANDS 349 MAC NOTIFICATION COMMANDS 352 WEB BASED ACCESS CONTROL WAC COMMANDS 356 ACCESS AUTHENTICATION CONTROL COMMANDS 363...

Page 4: ...s then connected to the Switch s serial port via an RS 232 DB 9 cable With the serial port properly connected to a management computer the following screen should be visible If this screen does not ap...

Page 5: ...ress to be assigned to the IP interface named System and the y s represent the corresponding subnet mask 2 Alternatively you can enter config ipif System ipaddress xxx xxx xxx xxx z Where the x s repr...

Page 6: ...ooted If the Switch is rebooted without using the save command the last configuration saved to NV RAM will be loaded Connecting to the Switch The console interface is used by connecting the Switch to...

Page 7: ...lp In this case the command config account was entered with the parameter username The CLI will then prompt to enter the username with the message Next possible completions Every command in the CLI ha...

Page 8: ...the help prompts are the same as presented in this manual angle brackets indicate a numerical value or character string braces indicate optional parameters or a choice of parameters and brackets indic...

Page 9: ...3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual Figure 2 6 Next possible completions Create command In the above example all of the possible next parameters for the create command are d...

Page 10: ...N name in the vlan_name 32 space and the network address including the netmask in the network_address ip_addr netmask space Do not type the angle brackets Example Command create ipif Engineering 10 24...

Page 11: ...he right Left Arrow Moves the cursor to the left Right Arrow Moves the cursor to the right Up Arrow Repeats the previously entered command Each time the up arrow is pressed the command previous to tha...

Page 12: ...drive_id pathname 64 log all reboot string reset config system string login logout show device_status config command_prompt config greeting_message default show greeting_message Each command is listed...

Page 13: ...reate account operator frazier Enter a case sensitive new password Enter the new password again for confirmation Success DGS 3627 5 To create a user level user account with the username reed DGS 3627...

Page 14: ...issue this command Example usage To display the accounts that have been created DGS 3627 5 show account Command show account Current Accounts Username Access Level dlink Admin DGS 3627 5 delete accoun...

Page 15: ...tal Entries 1 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh show switch Purpose Used to display general information about the Switch Syntax show switch Description This command display...

Page 16: ...IP Management Disabled DGS 3627 5 show serial_port Purpose Used to display the current serial port settings Syntax show serial_port Description This command displays the current serial port settings...

Page 17: ...vel and operator level users can issue this command Example usage To configure baud rate DGS 3627 5 config serial_port baud_rate 115200 Command config serial_port baud_rate 115200 Success DGS 3627 5 e...

Page 18: ...t Purpose Used to enable communication with and management of the Switch using the Telnet protocol Syntax enable telnet tcp_port_number 1 65535 Description This command is used to enable the Telnet pr...

Page 19: ...or Telnet requests Parameters tcp_port_number 1 65535 The TCP port number TCP ports are numbered between 1 and 65535 The well known port for the Web based management software is 80 Restrictions Only a...

Page 20: ...laced pathname 64 Enter a name of up to 64 characters to define the file to be saved on the flash drive log Specify to save current Switch log to NV RAM all Use to save the configuration and log file...

Page 21: ...clear all entries in the Forwarding Data Base If no parameter is specified the Switch s current IP address user accounts and the switch history log are not changed All other parameters are restored t...

Page 22: ...and_prompt string 16 username default Description This command is used to configure the command prompt for the CLI interface of the Switch The current command prompt consists of product name user leve...

Page 23: ...alter the configured greeting message yet the reset system command will return the greeting message to its original factory default setting The maximum character capacity for the greeting banned is 6...

Page 24: ...used to view the currently configured greeting message on the Switch Parameters None Restrictions Only administrator level and operator level users can issue this command Example usage To view the cur...

Page 25: ...adjust the speed for a port or range of ports The user has a choice of the following auto Enables auto negotiation for the specified range of ports 10 100 1000 Configures the speed in Mbps for the spe...

Page 26: ...ll display ports that have been disconnected due to an error on the port such as a Loopback Detection Restrictions None Example usage To display the configuration of all ports on a standalone switch D...

Page 27: ...3 Enabled Auto Disabled Link Down Enabled Description 4 Enabled Auto Disabled Link Down Enabled Description 5 Enabled Auto Disabled Link Down Enabled Description 6 Enabled Auto Disabled Link Down Ena...

Page 28: ...Timeout DeleteOnReset Description This command allows for the configuration of the port security feature Only the ports listed in the portlist are affected Parameters portlist Specifies a port or rang...

Page 29: ...which the user wishes to delete port port Enter the port number which has learned the previously entered MAC address Restrictions Only administrator level and operator level users can issue this comm...

Page 30: ...the Switch s ports The information displayed includes port security admin state maximum number of learning address and lock mode Parameters portlist Specifies a port or range of ports to be viewed The...

Page 31: ...g configured Range is 1 12 priority value 1 63 Assigns a priority value to the box with lower numbers having higher priority The possible priority range is 1 63 This field is important when the stacki...

Page 32: ...escription This command display stack information Parameters None Restrictions None Usage example To display stack information DGS 3627 5 show stack_information Command show stack_information Topology...

Page 33: ...o prompt the user to answer a confirmation question regarding the reboot of the switch Entering n will disable the question and the switch will automatically restart once the command has been entered...

Page 34: ...xStack DGS 3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual 31 DGS 3627 5 show stacking mode Command show stacking mode Stacking mode Enabled DGS 3627 5...

Page 35: ...ion is based on the HMAC MD5 or HMAC SHA algorithms AuthNoPriv v3 MD5 DES or SHA DES Authentication is based on the HMAC MD5 or HMAC SHA algorithms AuthPriv DES 56 bit encryption is added based on the...

Page 36: ...nmp v6host ipv6addr create trusted_host ipaddr network network_address delete trusted_host ipaddr network network_address all show trusted_host network_address enable snmp traps enable snmp authentica...

Page 37: ...or level and operator level users can issue this command Example usage To disable SNMP DGS 3627 5 disable snmp Command disable snmp Success DGS 3627 5 enable snmp linkchange_traps Purpose Used to enab...

Page 38: ...ange_traps Purpose Used to configure SNMP link change traps on the Switch Syntax config snmp linkchange_traps ports all portlist enable disable Description This command is used to configure SNMP linkc...

Page 39: ...The key is defined by specifying the key in hex form below This method is not recommended auth The user may also choose the type of authentication algorithms used to authenticate the snmp user The ch...

Page 40: ...rom its SNMP group and then deletes the associated SNMP group Parameters user_name 32 An alphanumeric string of up to 32 characters that identifies the SNMP user that will be deleted Restrictions Only...

Page 41: ...manager can access Parameters view_name 32 An alphanumeric string of up to 32 characters that identifies the SNMP view that will be created oid The object ID that identifies an object tree MIB tree t...

Page 42: ...Command delete snmp view dlinkview all Success DGS 3627 5 show snmp view Purpose Used to display an SNMP view previously created on the Switch Syntax Show snmp view view_name 32 Description The show s...

Page 43: ...SNMP community string and to assign access limiting characteristics to this community string Parameters community_string 32 An alphanumeric string of up to 32 characters that is used to identify membe...

Page 44: ...Command delete snmp community dlink Success DGS 3627 5 show snmp community Purpose Used to display SNMP community strings configured on the Switch Syntax show snmp community community_string 32 Descri...

Page 45: ...ification of the SNMP engine on the Switch Syntax Show snmp engineID Description The show snmp engineID command displays the identification of the SNMP engine on the Switch Parameters None Restriction...

Page 46: ...orized source noauth_nopriv Specifies that there will be no authorization and no encryption of packets sent between the Switch and a remote SNMP manager auth_nopriv Specifies that authorization will b...

Page 47: ...SNMP groups currently configured on the Switch The security model level and status of each group are also displayed Syntax Show snmp groups Description The show snmp groups command displays the group...

Page 48: ...iew WriteView Name Notify View Name CommunityView Security Model SNMPv2 Security Level NoAuthNoPriv Group Name WriteGroup ReadView Name CommunityView WriteView Name CommunityView Notify View Name Comm...

Page 49: ...adds Message integrity ensures that packets have not been tampered with during transit Authentication determines if an SNMP message is from a valid source Encryption scrambles the contents of message...

Page 50: ...how snmp host ipaddr Description The show snmp host command is used to display the IP addresses and configuration information of remote SNMP managers that are designated as recipients of SNMP traps th...

Page 51: ...FF FF SNMP Version V3 na np CommunityName SNMPv3 User Name initial Total Entries 1 DGS 3627 5 create trusted_host Purpose Used to create the trusted host Syntax create trusted_host ipaddr network netw...

Page 52: ...d to display a list of trusted hosts entered on the Switch using the create trusted_host command above Parameters network_address IP address and netmask of the trusted host to be viewed The address an...

Page 53: ...all configured trusted hosts Restrictions Only administrator level users can issue this command Example usage To delete a trusted host with an IP address 10 48 74 121 DGS 3627 5 delete trusted_host 10...

Page 54: ...upport status currently configured on the Switch Parameters None Restrictions Only administrator level and operator level users can issue this command Example usage To view the current SNMP trap DGS 3...

Page 55: ...Used to enter the name of a contact person who is responsible for the Switch Syntax config snmp system_contact sw_contact Description The config snmp system_contact command is used to enter the name...

Page 56: ...the name for the Switch Syntax config snmp system_name sw_name Description The config snmp system_name command configures the name of the Switch Parameters sw_name A maximum of 255 characters is allo...

Page 57: ...RMON on the Switch Syntax disable rmon Description This command is used in conjunction with the enable rmon command above to enable and disable remote monitoring RMON on the Switch Parameters None Res...

Page 58: ...1 12 drive_id pathname 64 filename 64 dir unit unitid 1 12 all drive_id copy drive_id pathname 64 unit unit_id 1 12 drive_id pathname 64 show boot_file unit unitid 1 12 all show storage_media_info un...

Page 59: ...om a TFTP server ipaddr The IP address of the TFTP server ipv6addr The IPv6 address of the TFTP server path_filename 64 The DOS path and filename of the switch configuration file on the TFTP server Fo...

Page 60: ...ipaddr ipv6addr path_filename 64 unit unit_id 1 12 Description This command is used to upload a configuration file or log file to a TFTP server The user now has the option of saving the log or config...

Page 61: ...d a switch attack log to a TFTP server such as a spoofing attack ipaddr Enter the IPv4 address of the TFTP server to which to upload the attack log ipv6addr Enter the IPv6 address of the TFTP server t...

Page 62: ...h memory which will be used as the boot up firmware upon next reboot of the Switch boot_up Entering this parameter will specify the firmware file as a boot up section Restrictions Only administrator l...

Page 63: ...ntering this parameter will display configurations entered without being saved to NVRAM boot_up Entering this parameter will display configurations that are to be used upon the next reboot of the Swit...

Page 64: ...parameter will first load and then activate this configuration file on the switch Restrictions Only administrator level users can issue this command Example usage To configure FLASH file c startup cf...

Page 65: ...be renamed This entry cannot exceed 64 characters in length Restrictions Only administrator level and operator level users can issue this command Example usage To rename a file DGS 3627 5 rename C abc...

Page 66: ...a file from a source location and paste it to a host location This command is only operable for the storage media accessory Parameters drive_id Enter the drive ID of the internal flash drive where the...

Page 67: ...iguration file C STARTUP CFG DGS 3627 5 show storage_media_info Purpose Used to view flash memory information on the Switch Syntax show storage_media_info unit unitid 1 12 all Description This command...

Page 68: ...rs may not return to release one firmware as it may damage the file system Parameters version_number 1 2 Enter the version number of the file system If the designated file system version is lower than...

Page 69: ...The default is 0 timeout sec 1 99 Defines the time out period while waiting for a response from the remote device A value of 1 to 99 seconds can be specified The default is 1 second Restrictions None...

Page 70: ...atistics for 2009 280 C8FF FE3C 5C8A Packets Sent 4 Received 4 Lost 0 DGS 3627 5 traceroute Purpose Used to trace the routed path between the Switch and a destination endstation Syntax traceroute ipad...

Page 71: ...ctions for information on loading a configuration file If the Switch is unable to complete the autoconfiguration process the previously saved local configuration file present in Switch memory will be...

Page 72: ...configuration Done The very end of the autoconfig process including the logout appears like this DGS 3627 5 disable authen_policy Command disable authen_policy Success DGS 3627 5 DGS 3627 5 DGS 3627 5...

Page 73: ...Purpose Used to display the current autoconfig status of the Switch Syntax show autoconfig Description This will list the current status of the autoconfiguration function Parameters None Restrictions...

Page 74: ...able config syslog host all index 1 4 severity informational warning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr state enable disable...

Page 75: ...display the error statistics for a range of ports Syntax show error ports portlist Description This command will display all of the packet error statistics collected and logged by the Switch for a giv...

Page 76: ...itch Restrictions None Example usage To display the port utilization statistics DGS 3627 5 show utilization ports Command show utilization ports Port TX sec RX sec Util Port TX sec RX sec Util 1 0 0 0...

Page 77: ...orts 2 9 Command clear counters ports 2 9 Success DGS 3627 5 clear log Purpose Used to clear the Switch s history log Syntax clear log Description This command will clear the Switch s history log Para...

Page 78: ...unit_id 1 12 index value_list Description This command will display the contents of the attack log of the Switch This log displays the time and date of a possible attack on the switch such as a spoof...

Page 79: ...k log DGS 3627 5 clear attack_log Command clear attack_log Success DGS 3627 5 enable syslog Purpose Used to enable the system log to be sent to a remote host Syntax enable syslog Description The enabl...

Page 80: ...rity informational warning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr state enable disable Description The create syslog host comman...

Page 81: ...mon 10 security authorization messages 11 FTP daemon 12 NTP subsystem 13 log audit 14 log alert 15 clock daemon 16 local use 0 local0 17 local use 1 local1 18 local use 2 local2 19 local use 3 local3...

Page 82: ...severity informational warning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr state enable disable Description The config syslog host co...

Page 83: ...have not been explicitly assigned a Facility may use any of the local use facilities or they may use the user level Facility Those Facilities that have been designated are shown in the following Bold...

Page 84: ...from the list above local6 Specifies that local use 6 messages will be sent to the remote host This corresponds to number 22 from the list above local7 Specifies that local use 7 messages will be sent...

Page 85: ...l hosts Restrictions Only administrator level and operator level users can issue this command Example usage To delete a previously configured syslog host DGS 3627 5 delete syslog host 4 Command delete...

Page 86: ...fing attacks Parameters Choose one of the following to identify where severity messages are to be sent trap Entering this parameter will define which events occurring on the Switch will be sent to a S...

Page 87: ...in 1 65535 on_demand log_trigger Description The config log_save_timing command allows the user to configure the time method used in saving log files to the switch s flash memory Parameters time_inter...

Page 88: ...ax show log_save_timing Description The show log_save_timing command allows the user to view the time method configured for saving log files to the switch s flash memory Parameters None Restrictions N...

Page 89: ...ning trees Each switch utilizing the MSTP on a network will have a single MSTP configuration that will have the following three attributes a A configuration name defined by an alphanumeric string of u...

Page 90: ...he Switch Parameters None Restrictions Only administrator level and operator level users can issue this command Example usage To enable STP globally on the Switch DGS 3627 5 enable stp Command enable...

Page 91: ...l commands here will be implemented for the STP version that is currently set on the Switch Parameters maxage value 6 40 This value may be set to ensure that old information does not endlessly circula...

Page 92: ...ort at a time The default is enabled lbd_recover_timer value 0 value 60 1000000 This field will set the time the STP port will wait before recovering the STP state set 0 will denote that the LBD will...

Page 93: ...BPDU packet is received it automatically loses edge port status false indicates that the port does not have edge port status p2p true false auto true indicates a point to point P2P shared link P2P po...

Page 94: ...figured STP instances on the Switch by creating an instance_id A STP instance may have multiple members with the same MSTP configuration There is no limit to the number of STP regions in a network but...

Page 95: ...3627 5 delete stp instance_id 2 Command delete stp instance_id 2 Success DGS 3627 5 config stp priority Purpose Used to update the STP instance configuration Syntax config stp priority value 0 61440...

Page 96: ...35 to identify the MSTP region This value along with the name will identify the MSTP region configured on the Switch The default setting is 0 name string Enter an alphanumeric string of up to 32 chara...

Page 97: ...quickest route automatically and optimally for an interface The default value is derived from the media speed of the interface value 1 200000000 Selecting this parameter with a value in the range of...

Page 98: ...Delay 15 Max Hops 20 TX Hold Count 3 Forwarding BPDU Enabled Loopback Detection Enabled LBD Recover Time 60 DGS 3627 5 Status 3 STP enabled for MSTP DGS 3627 5 show stp Command show stp STP Bridge Glo...

Page 99: ...display the Switch s STP instance configuration Syntax show stp instance_id value 0 15 Description This command displays the Switch s current STP Instance Settings and the STP Instance Operational St...

Page 100: ...on identification Syntax show stp mst_config_id Description This command displays the Switch s current MSTP configuration identification Parameters None Restrictions None Example usage To show the MST...

Page 101: ...onfig multicast filtering_mode vlan_name 32 all forward_all_groups forward_unregistered_groups filter_unregistered_groups show multicast filtering_mode vlan vlan_name 32 Each command is listed in deta...

Page 102: ...st MAC forwarding DGS 3627 5 create multicast_fdb default 01 00 00 00 00 01 Command create multicast_fdb default 01 00 00 00 00 01 Success DGS 3627 5 config multicast_fdb Purpose Used to configure the...

Page 103: ...may be aged out too soon This will result in a high percentage of received packets whose source addresses cannot be found in the forwarding table in which case the Switch will broadcast the packet to...

Page 104: ...orresponding to the MAC destination address The Switch will always forward traffic to the specified device through this port all Clears all dynamic entries to the Switch s forwarding database Restrict...

Page 105: ...t mac_address macaddr static aging_time Description This command will display the current contents of the Switch s forwarding database Parameters port port The port number corresponding to the MAC des...

Page 106: ...U Self 1 default 00 01 02 03 04 05 1 Dynamic 1 default 00 01 30 10 2C C7 1 Dynamic CTRL C ESC q Quit SPACE n Next Page Enter Next Entry a All show ipfdb Purpose Used to display the current network add...

Page 107: ...nregistered groups on all VLANs DGS 3627 5 config multicast filtering_mode all filter_unregistered_groups Command config multicast filtering_mode all filter_unregistered_groups Success DGS 3627 5 show...

Page 108: ...isabled port and returning it to an Enabled status To utilize this method of Storm Control choose the Shutdown option of the Action field in the window below The broadcast storm control commands in th...

Page 109: ...ol function These packet counts are the determining factor in deciding when incoming packets exceed the Threshold value sec 5 30 The Interval may be set between 5 and 30 seconds with the default setti...

Page 110: ...traffic control recover DGS 3627 5 config traffic control_recover 1 6 Command config traffic control_recover 1 6 Success DGS 3627 5 config traffic trap Purpose Used to configure traps for traffic cont...

Page 111: ...hold Storm Storm Storm down Interval Forever 1 131072 Enabled Disabled Disabled drop 0 5 2 131072 Enabled Disabled Disabled drop 0 5 3 131072 Enabled Disabled Disabled drop 0 5 4 131072 Disabled Disa...

Page 112: ...next lower priority to transmit its packets When the lowest hardware priority queue has finished transmitting all of its packets the highest hardware priority queue will begin transmitting any packet...

Page 113: ...e parameters below no_limit or value 1 156249 will be applied to the rate at which the above specified ports will be allowed to transmit packets no_limit Specifies that there will be no limit on the r...

Page 114: ...allowed to transmit three packets then the next lowest hardware priority queue number 5 will be allowed to transmit three packets and so on until all of the queues have transmitted three packets The...

Page 115: ...Example usage To display the current scheduling configuration DGS 3627 5 show scheduling Command show scheduling QOS Output Scheduling Class ID MAX Packets Class 0 1 Class 1 2 Class 2 3 Class 3 4 Clas...

Page 116: ...evel and operator level users can issue this command Example usage To configure 802 1 user priority on the Switch DGS 3627 5 config 802 1p user_priority 1 6 Command config 802 1p user_priority 1 6 Suc...

Page 117: ...d packets received by the Switch or a range of ports on the Switch Restrictions Only administrator level and operator level users can issue this command Example usage To configure 802 1p default prior...

Page 118: ...of service queue 6 to the lowest priority class of service queue 0 Each queue will transmit all of the packets in its buffer before allowing the next lower priority class of service to transmit its p...

Page 119: ...27 5 show scheduling_mechanism 116 Command show scheduling_mechanism QOS scheduling_mechanism CLASS ID Mechanism Class 0 strict Class 1 strict Class 2 strict Class 3 strict Class 4 strict Class 5 stri...

Page 120: ...level users can issue this command Example usage To disable HOL prevention DGS 3627 5 disable hol_prevention Command disable hol_prevention Success DGS 3627 5 show hol_prevention Purpose Used to show...

Page 121: ...or both is mirrored to the Target port Parameters port This specifies the Target port the port where mirrored packets will be received The target port must be configured in the same VLAN and must be...

Page 122: ...figuration into the Switch and then turn the port mirroring on and off without having to modify the port mirroring configuration Parameters None Restrictions Only administrator level and operator leve...

Page 123: ...rpose Used to show the current port mirroring configuration on the Switch Syntax show mirror Description This command displays the current port mirroring configuration on the Switch Parameters None Re...

Page 124: ...ket is then routed through this provider VLAN which contains smaller VLANs with similar configurations to ensure speedy and guaranteed routing destination of the packet The VLAN commands in the Comman...

Page 125: ...ns Each VLAN name can be up to 32 characters Only administrator level and operator level users can issue this command Example usage To create a VLAN v1 tag 2 DGS 3627 5 create vlan v1 tag 2 Command cr...

Page 126: ...ning and end of the port list range are separated by a dash advertisement enable disable Enables or disables GVRP on the specified VLAN Restrictions Only administrator level and operator level users c...

Page 127: ...ed_only implies that only VLAN tagged frames will be accepted while admit_all implies tagged and untagged frames will be accepted by the Switch pvid Specifies the default VLAN ID associated with the p...

Page 128: ...LAN Registration Protocol GVRP DGS 3627 5 disable gvrp Command disable gvrp Success DGS 3627 5 show vlan Purpose Used to display the current VLAN configuration on the Switch Syntax show vlan vlan_name...

Page 129: ...o be displayed The beginning and end of the port list range are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 Restrictions None Example usage To display GVRP...

Page 130: ...e this command Example usage To enable the Double VLAN feature on the Switch thus disabling normal VLANs and GVRP DGS 3627 5 enable double_vlan Command enable double_vlan Current Double VLAN mode Disa...

Page 131: ...as Double VLAN tagged packets The default setting is 0x8100 Restrictions Only administrator level and operator level users can issue this command Users must have the Switch enabled for Double VLANs DG...

Page 132: ...tify packets to devices as Double VLAN tagged packets The default setting is 0x8100 Restrictions Only administrator level and operator level users can issue this command Users must have the Switch ena...

Page 133: ...the VLAN list When a user removes a port from the untagged membership of the PVID s VLAN the port s PVID will be assigned with default VLAN The default setting is enabled Parameters None Restrictions...

Page 134: ...d auto_assign Purpose Used to display the PVID auto assign status Syntax show pvid auto_assign Description The show pvid auto_assign command displays the PVID auto assignment state Parameters None Res...

Page 135: ...Command Line Interface CLI are listed along with the appropriate parameters in the following table Command Parameter create dot1v_protocol_group group_id id config dot1v_protocol_group group_id id add...

Page 136: ...r if you wish this protocol group to employ the Ethernet2 frame type This frame type is identified by the 16 bit 2 octet IEEE802 3 type field in the packet header which is to be stated using the follo...

Page 137: ..._protocol_group group_id 1 Success DGS 3627 5 show dot1v_protocol_group Purpose Used to display the configurations for a protocol VLAN group Syntax show dot1v_protocol_group group_id id Description Th...

Page 138: ...eger from 1 to 16 to identify the protocol VLAN group being assigned to the ports or range of ports configured in the previous field vlan Use this parameter bind a VLAN with a specific protocol templa...

Page 139: ...Enter the port or group of ports for which to display the protocol VLAN group settings Entering this command without this parameter will display all ports and their corresponding protocol VLAN group...

Page 140: ...e lacp static Description This command will create a link aggregation group with a unique identifier Parameters value Specifies the group ID The Switch allows up to 32 link aggregation groups to be co...

Page 141: ...created with the create link_aggregation command above Parameters group _id value 32 Specifies the group ID The Switch allows up to 32 link aggregation groups to be configured The group number identif...

Page 142: ...e destination IP address ip_source_dest Indicates that the Switch should examine the source and the destination IP address Restrictions Only administrator level and operator level users can issue this...

Page 143: ...y to change an aggregated port group that is to add or subtract ports from the group at least one of the participating devices must designate LACP ports as active Both devices must support LACP passiv...

Page 144: ...Manual 141 show lacp_port Restrictions None Example usage To display LACP port mode settings DGS 3627 5 show lacp_port 1 10 Command show lacp_port 1 10 Port Activity 1 Active 2 Active 3 Active 4 Activ...

Page 145: ...n the user must enable the mode by entering the enable address_binding acl_mode command If an IP MAC Port binding IMPB entry is created and the user wishes to change it to an ACL mode entry the user m...

Page 146: ...ured for address binding The beginning and end of the port list range are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 all Specifies that all ports on the sw...

Page 147: ...be configured for address binding mode The user may set the mode for this IP MAC Port binding settings by choosing one of the following arp Choosing this selection will set a normal IP MAC Port bindin...

Page 148: ...3627 5 show address_binding Purpose Used to display IP MAC Port binding entries Syntax ip_mac all ipaddress ipaddr mac_address macaddr blocked all vlan_name vlan_name mac_address macaddr ports Descrip...

Page 149: ...Address Binding entries can be deleted by entering the physical and IP addresses of the device Toggling to all will delete all the Address Binding entries Blocked Blocked address binding entries bindi...

Page 150: ...create two ACL packet content mask entries that can be viewed using the show access_profile command These two ACL entries will aid the user in processing certain IP MAC Port binding entries created Pa...

Page 151: ...acl_mode and NOT though the delete access_profile profile_id command Also the show config command will not display the commands for creating the IP MAC ACL mode access profile entries Example usage To...

Page 152: ...f trap log messages for IP MAC Port binding When enabled the Switch will send a trap log message to the SNMP agent and the Switch log when an ARP packet is received that doesn t match the IP MAC Port...

Page 153: ...solution Problems may include The Switch may use extra resources to process packets for multiple IP interfaces The amount of broadcast data such as RIP update packets and PIM hello packets will be in...

Page 154: ...6 ipv6address ipv6networkaddr Description This command is used to configure an IP interface on the Switch Users may add one IPv4 address per interface but multiple IPv6 addresses may be added to a sin...

Page 155: ...and Example usage To configure the IP interface System DGS 3627 5 config ipif System ipaddress 10 48 74 122 8 Command config ipif System ipaddress 10 48 74 122 8 Success DGS 3627 5 Example usage To co...

Page 156: ...Purpose Used to delete the configuration of an IP interface on the Switch Syntax delete ipif ipif_name 12 ipv6address ipv6networkaddr all Description This command will delete the configuration of an...

Page 157: ...t the IP interface is a primary IP interface while TRUE denotes a secondary IP interface enable ipif_ipv6_link_local_auto Purpose Used to enable the autoconfiguration of the link local address when no...

Page 158: ...ces currently configured on the switch Restrictions Only administrator level and operator level users can issue this command Example usage To disable the IP interface IPv6 link local settings DGS 3627...

Page 159: ...0 4294967295 valid_life_time uint 0 4294967295 on_link_flag enable disable autonomus_flag enable disable config ipv6 nd ns ipif ipif_name 12 retrans_time uint 0 4294967295 show ipv6 nd ipif ipif_name...

Page 160: ...can issue this command Example usage To delete a static IPv6 neighbor DGS 3627 5 delete ipv6 neighbor_cache ipif Zira 3FFC 1 Command delete ipv6 neighbor_cache ipif Zira 3FFC 1 Success DGS 3627 5 show...

Page 161: ...his IPv6 interface to be the default router for the link local network A value of 0 represents that this Switch should not be recognized as the default router for this link local network The user may...

Page 162: ...issue this command Example usage To configure the parameters for the Router Advertisements DGS 3627 5 config ipv6 nd ra ipif triton state enable life_time 1000 reachable_time 10000 retrans_time 50000...

Page 163: ...rs can issue this command Example usage To configure the prefix option for the interface Zira DGS 3627 5 config ipv6 nd ra prefix_option ipif Zira 3FFE 501 FFFF 100 64 preferred_life_time 1000 valid_l...

Page 164: ...information regarding neighbor detection currently set on the switch Restrictions Only administrator level and operator level users can issue this command Example usage To display the neighbor detecti...

Page 165: ...t or deny traffic from these specific sources In IGMPv2 Membership reports could contain only one multicast group whereas in v3 these reports can contain multiple multicast groups Leaving a multicast...

Page 166: ...IGMPv2 for all IP interfaces DGS 3627 5 config igmp all version 2 Command config igmp all version 2 Success DGS 3627 5 show igmp Purpose Used to display the IGMP configuration for the Switch of for a...

Page 167: ...be displayed ipif_name 12 The name of the IP interface of which the IGMP group is a member Restrictions None Example usage To display IGMP group table DGS 3627 5 show igmp group Command show igmp gro...

Page 168: ...ame 32 vlanid 2 4094 config igmp_snooping multicast_vlan vlan_name 32 member_port portlist source_port portlist state enable disable replace_source_ip ipaddr delete igmp_snooping multicast_vlan vlan_n...

Page 169: ...will produce the error message Cannot set Fast leave when IGMP is running and consequently will not be implemented config igmp_snooping querier Purpose This command configures IGMP snooping querier Sy...

Page 170: ...ed as an IGMP Querier or Non querier Restrictions Only administrator level and operator level users can issue this command Example usage To configure IGMP snooping DGS 3627 5 config igmp_snooping quer...

Page 171: ...7 9 Restrictions Only administrator level and operator level users can issue this command Example usage To set up forbidden router ports DGS 3627 5 config router_ports_forbidden default add 2 10 Comma...

Page 172: ...ut the parameter will disable igmp snooping on the Switch Restrictions Only administrator level and operator level users can issue this command Example usage To disable IGMP snooping on the Switch DGS...

Page 173: ...l State Disabled Multicast router Only Disabled VLAN Name default Query Interval 125 Max Response Time 10 Robustness Value 2 Last Member Query Interval 1 Host Timeout 260 Router Timeout 260 Leave Time...

Page 174: ...Reports 1 Port Member 2 5 VLAN Name default Multicast group 224 0 0 9 MAC address 01 00 5E 00 00 09 Reports 1 Port Member 6 8 VLAN Name default Multicast group 234 5 6 7 MAC address 01 00 5E 05 06 07...

Page 175: ...s None Example usage To view the IGMP snooping forwarding table for VLAN Marcello DGS 3627 5 show igmp_snooping forwarding vlan Marcello Command show igmp_snooping forwarding vlan Marcello VLAN Name M...

Page 176: ...nter a port or list of ports to be added to the multicast VLAN Source ports will become the tagged members of the multicast VLAN state enable disable Use these parameters to enable or disable the mult...

Page 177: ...0 0 DGS 3627 5 config igmp_snooping multicast_vlan_group Purpose Used to add or remove multicast addresses to or from a previously created Multicast VLAN Syntax config igmp_snooping multicast_vlan_gro...

Page 178: ...ange 1 Success DGS 3627 5 show igmp_snooping multicast_vlan_group Purpose Used to display the settings of a multicast VLAN group on the Switch Syntax show igmp_snooping multicast_vlan_group vlan_name...

Page 179: ...ch advertises a specific multicast address that is also ready These two types of messages are distinguished by a multicast destination address located in the IPv6 header and a multicast address in the...

Page 180: ...disable mld_snooping Purpose Used to disable MLD snooping globally on the switch Syntax disable mld_snooping forward_mcrouter_only Description This command in conjunction with the enable mld_snooping...

Page 181: ...fast_done enable disable This parameter allows the user to enable the fast done function Enabled this function will allow members of a multicast group to leave the group immediately when a done messa...

Page 182: ...mmand Example usage To configure MLD snooping forbidden multicast router ports DGS 3627 5 config mld_snooping mrouter_ports_forbidden default add 11 12 Command config mld_snooping mrouter_ports_forbid...

Page 183: ...obustness variable of the MLD snooping querier is used in creating the following MLD message intervals Group Listener Interval This is the amount of time that must pass before a multicast router decid...

Page 184: ...er Behavior Non Querier State Disabled Fast Done Disabled Total Entries 1 DGS 3627 5 show mld_snooping group Purpose Used to display MLD snooping group configurations on the Switch Syntax show mld_sno...

Page 185: ...00 00 00 17 Reports 1 Listening Port 2 7 Total Entries 5 DGS 3627 5 show mld_snooping mrouter_ports Purpose Used to display the current router ports set on the Switch Syntax show mld_snooping mrouter_...

Page 186: ...yntax show mld_snooping forwarding vlan vlan_name 32 Description This command will display the current MLD snooping forwarding table entries currently configured on the Switch Parameters vlan_name 32...

Page 187: ...elay feature of the switch Syntax config dhcp_relay hops value 1 16 time sec 0 65535 Description This command is used to configure the DHCP BOOTP relay feature Parameters hops value 1 16 Specifies the...

Page 188: ...nistrator level and operator level users can issue this command Example usage To delete an IP destination from the DHCP relay table DGS 3627 5 config dhcp_relay delete ipif System 10 58 44 6 Command c...

Page 189: ...lay option 82 state DGS 3627 5 config dhcp_relay option_82 state enable Command config dhcp_relay option_82 state enable Success DGS 3627 5 config dhcp_relay option_82 check Purpose Used to configure...

Page 190: ...is command Example usage To configure DHCP relay option 82 policy DGS 3627 5 config dhcp_relay option_82 policy replace Command config dhcp_relay option_82 policy replace Success DGS 3627 5 show dhcp_...

Page 191: ...Disabled DHCP Relay Agent Information Option 82 Check Disabled DHCP Relay Agent Information Option 82 Policy Replace Interface Server 1 Server 2 Server 3 Server 4 DGS 3627 5 enable dhcp_relay Purpose...

Page 192: ...tion on the Switch Syntax disable dhcp_relay Description This command is used to disable the DHCP BOOTP relay function on the Switch Parameters None Restrictions Only administrator level and operator...

Page 193: ...t route to another device on the network Users also have the ability to bind IP addresses within the DHCP pool to specific MAC addresses in order to keep consistent the IP addresses of devices that ma...

Page 194: ...ly administrator level and operator level users can issue this command Example usage To create the DHCP pool Floor2 DGS 3627 5 create dhcp pool Floor2 Command create dhcp pool Floor2 Success DGS 3627...

Page 195: ...hernet will denote that the manually bound device is connected directly to the Switch while the IEEE802 denotes that the manually bound device is outside the local network of the Switch Restrictions O...

Page 196: ...strictions None Example usage To display the manual binding entries of the DHCP pool accounting DGS 3627 5 show dhcp pool manual_binding accounting Command show dhcp pool manual_binding accounting Poo...

Page 197: ...ng information on the Switch DGS 3627 5 clear dhcp_binding Command clear dhcp_binding Success DGS 3627 5 config dhcp ping_packets Purpose Used to set the number of ping packets that will be sent out t...

Page 198: ...el users can issue this command Example usage To configure the Ping timeout DGS 3627 5 config dhcp ping_timeout 500 Command config dhcp ping_timeout 500 Success DGS 3627 5 config dhcp pool boot_file P...

Page 199: ...5 config dhcp pool default_router accounting 10 245 32 1 Command config dhcp pool default_router accounting 10 245 32 1 Success DGS 3627 5 config dhcp pool dns_server_address Purpose Used to configur...

Page 200: ...accounting d_link com Success DGS 3627 5 config dhcp pool lease Purpose Used to configure the lease time of DCHP clients within a DHCP pool Syntax config dhcp pool lease pool_name 12 day 0 365 hour 0...

Page 201: ...issue this command Example usage To configure the Net BIOS name server for the DHCP pool DGS 3627 5 config dhcp pool netbios_name_server accounting 10 98 254 2 Command config dhcp pool netbios_name_se...

Page 202: ...ss 10 10 10 2 then assigned addresses to DHCP Clients will resemble 10 10 10 x where x is a number between 1 and 255 but does not include the assigned 10 10 10 2 Parameters pool_name 12 Enter the prev...

Page 203: ...ress of the server that has the boot file for the DHCP pool Parameters pool_name 12 Enter the previously created pool name for which to set the next server ipaddr Enter the IP address of the next serv...

Page 204: ..._server Purpose Used to disable the DHCP function on the switch Syntax disable dhcp_server Description This command along with the enable dhcp_server will enable and disable the DHCP server function w...

Page 205: ...ctions Only administrator level and operator level users can issue this command Example usage To display the multicast range Trinity DGS 3627 5 create dhcp excluded_address begin_address 10 10 10 1 en...

Page 206: ...ddress begin_address 10 10 10 1 end_address 10 10 10 10 Success DGS 3627 5 show dhcp excluded_address Purpose Used to display the excluded IP addresses of the DHCP server function Syntax show dhcp exc...

Page 207: ...address range Syntax config limited multicast address portlist from multicast_ipaddr to multicast_ipaddr access permit deny state enable disable Description The config limited multicast address comman...

Page 208: ...or level and operator level users can issue this command This command is used as a backwards compatible command for legacy devices Example usage To delete the limited multicast address on ports 1 3 DG...

Page 209: ...d or denied by the switch Parameters range_name 32 Enter a name of up to 32 alphanumeric characters that will be used to identify this multicast range from multicast_ipaddr Enter the beginning IP addr...

Page 210: ...command will display a multicast range that was created with the create multicast_range command Parameters range_name 32 Enter a name of up to 32 alphanumeric characters that will be used to identify...

Page 211: ...s multicast_range range_name 32 Enter a name of up to 32 alphanumeric characters that will be used to identify this multicast range to be configured all Use this parameter to delete these ports from a...

Page 212: ...r list of ports to be displayed The beginning and end of the port list range are separated by a dash Non contiguous portlist entries are separated by a comma ex 1 3 7 9 Entering this command without t...

Page 213: ...req value 1 10 reauth_period sec 1 65535 enable_reauth enable disable config 802 1x init port_based ports portlist all mac_based ports portlist all mac_address macaddr config 802 1x auth_mode port_bas...

Page 214: ...l server application on the Switch To select between port based or MAC based use the config 802 1x auth_mode command Parameters None Restrictions Only administrator level and operator level users can...

Page 215: ...dministrative control over the port s authorization status ForceAuth forces the Authenticator of the port to become Authorized ForceUnauth forces the port to become Unauthorized QuietPeriod Shows the...

Page 216: ...Initialize Success Timeout Shows the current state of the Backend Authenticator Port Status Authorized Unauthorized Shows the result of the authentication process Authorized means that the user was a...

Page 217: ...yntax config 802 1x auth_mode port_based mac_based Description The config 802 1x auth_mode command is used to enable either the port based or MAC based 802 1x authentication feature on the Switch Para...

Page 218: ...ange to their default 802 1x settings Syntax config 802 1x auth_parameter ports portlist all default direction both in port_control force_unauth auto force_auth quiet_period sec 0 65535 tx_period sec...

Page 219: ...s Only administrator level and operator level users can issue this command Example usage To configure 802 1x authentication parameters for ports 1 to 10 DGS 3627 5 config 802 1x auth_parameter ports 1...

Page 220: ...d mac_based This instructs the Switch to re authorize 802 1x functions based only on the MAC address MAC addresses approved for re authorization can then be specified ports portlist Specifies a port o...

Page 221: ...s 1812 acct_port udp_port_number 1 65535 The UDP port number for accounting requests The default is 1813 Restrictions Only administrator level users can issue this command Example usage To configure t...

Page 222: ...e RADIUS server passwd 32 The shared secret key used by the RADIUS server and the Switch Up to 32 characters can be used auth_port udp_port_number 1 65535 The UDP port number for authentication reques...

Page 223: ...ator level users can issue this command Example usage To view the current RADIUS accounting client DGS 3627 5 show acct_client Command show acct_client radiusAcctClient radiusAcctClientInvalidServerAd...

Page 224: ...cts 0 radiusAuthClientAccessChallenges 0 radiusAuthClientMalformedAccessResponses 0 radiusAuthClientBadAuthenticators 0 radiusAuthClientPendingRequests 0 radiusAuthClientTimeouts 0 radiusAuthClientUnk...

Page 225: ...rts portlist all Description The show auth_session statistics command is used to display the current authentication session statistics of the Switch on a per port basis Parameters ports portlist Speci...

Page 226: ...istics ports 1 Command show auth_statistics ports 1 Port number 1 EapolFramesRx 0 EapolFramesTx 0 EapolStartFramesRx 0 EapolReqIdFramesTx 0 EapolLogoffFramesRx 0 EapolReqFramesTx 0 EapolRespIdFramesRx...

Page 227: ...ccount on the Switch Syntax delete 802 1x user username 15 Description The delete 802 1x user command is used to delete the 802 1x Port based or MAC based Network Access control local users currently...

Page 228: ...Syntax config 802 1x guest_vlan ports portlist all state enable disable Description The config 802 1x guest_vlan ports command is used to configure ports to be enabled or disabled for the 802 1x guest...

Page 229: ...VLAN Setting Guest VLAN Tiberius Enable guest VLAN ports 5 8 DGS 3627 5 delete 802 1x guest_vlan Purpose Used to delete an 802 1x Guest VLAN Syntax delete 802 1x guest_vlan vlan_name 32 Description Th...

Page 230: ...e 1 For each rule entered into the access profile you can assign an access_id that both identifies the rule and establishes a priority within the list of rules A lower access_id gives the rule a highe...

Page 231: ..._mask offset 0 15 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset 16 31 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff offset 32 47 hex...

Page 232: ...fies a MAC address mask for the destination MAC address in the following format 000000000000 FFFFFFFFFFFF 802 1p Specifies that the Switch will examine the 802 1p priority value in the frame s header...

Page 233: ...ntries are separated by a comma ex 1 3 7 9 permit Specifies that packets that match the access profile are permitted to be forwarded by the Switch priority value 0 7 This parameter is specified to re...

Page 234: ...rotocol_id_mask hex 0x0 0xff user_define_mask hex 0x0 0xffffffff Description This command will allow the user to create a profile for packets that may be accepted or denied by the Switch by examining...

Page 235: ...xample usage To configure a rule for the IP access profile DGS 3627 5 create access_profile profile_id 2 ip protocol_id_mask 0xFF Command create access_profile profile_id 2 ip protocol_id_mask 0xFF Su...

Page 236: ...to be masked The choices are urg TCP control flag urgent ack TCP control flag acknowledgement psh TCP control flag push rst TCP control flag reset syn TCP control flag synchronize fin TCP control fla...

Page 237: ...nge settings that has been previously configured using the config time_range command This will set specific times when this access rule will be enabled or disabled on the Switch delete access_id value...

Page 238: ...cal byte as the one configured it will either forward or filter the packet based on the users command entered here Syntax config access_profile profile_id value 1 14 add access_id value 1 128 packet_c...

Page 239: ...0 63 Allows the user to specify a value to be written to the DSCP field of an incoming packet that meets the criteria specified in the first part of the command This value will over write the value in...

Page 240: ...ch to examine the class field of the IPv6 header This class field is a part of the packet header that is similar to the Type of Service ToS or Precedence bits field in IPv4 flowlabel Entering this par...

Page 241: ...on IPv6 address port portlist all The access profile for Ethernet may be defined for each port on the Switch Up to 128 rules may be configured for each port Selecting all will configure this rule for...

Page 242: ..._profile profile_id value 1 14 all Description The delete access_profile command is used to delete a previously created access profile on the Switch Parameters profile_id value 1 14 Enter an integer b...

Page 243: ...fffffff destination_mac macmask 000000000000 ffffffffffff ethernet_type ip vlan source_ip_mask netmask destination_ip_mask netmask dscp icmp type code igmp type tcp src_port_mask hex 0x0 0xffff dst_po...

Page 244: ...termine what to do with the packet The user may deny packets by denying certain flag bits within the packets The user may choose between all urg urgent ack acknowledgement psh push rst reset syn synch...

Page 245: ...urg ack psh rst syn fin udp src_port value 0 65535 dst_port value 0 65535 protocol_id value 0 255 user_define hex 0x0 0xffffffff packet_content offset_0 15 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0...

Page 246: ...that the access profile will apply to this ICMP code igmp Specifies that the Switch will examine the Internet Group Management Protocol IGMP field within each packet type value 0 255 Specifies that t...

Page 247: ...3 7 9 permit Specifies that packets that match the access profile are permitted to be forwarded by the Switch deny Specifies that packets that match the access profile are not permitted to be forwarde...

Page 248: ...ate command is used view the current CPU interface filtering entries set on the Switch Parameters profile_id value 1 5 Enter an integer between 1 and 5 that is used to identify the CPU access profile...

Page 249: ...determine a period of time when an access profile and an associated rule are to be enabled on the Switch Remember this time range can only be applied to one period of time and also it is based on the...

Page 250: ...s DGS 3627 5 show time_range Purpose To view the current configurations of the time range set on the Switch Syntax show time_range Description This command is used to display the currently configured...

Page 251: ...he configured CBS and EBS A packet flow that does not reach the CBS is marked green if it exceeds the CBS but not the EBS its marked yellow and if it exceeds the EBS its marked red CBS Committed Burst...

Page 252: ...ode and set the following parameters to determine the color rate of the IP packet flow cir value 1 156249 The Committed Information Rate can be set between 1 and 156249 IP flow rates at or below this...

Page 253: ...0 63 Packets that are in the yellow flow may have their DSCP field rewritten using this parameter and entering the DSCP value to replace drop Enter this parameter to drop packets that are in the yell...

Page 254: ...r the profile ID of the ACL entry to be viewed for flow metering access_id value 1 128 Enter the access ID corresponding to the ACL entry to be viewed Restrictions None Example usage To enable the sFl...

Page 255: ...ommands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table Command Parameters enable sflow disable sflow create sflow analyzer_server value 1 4 o...

Page 256: ...e switch Syntax disable sflow Description This command along with the enable sflow command is used to disable the sFlow function on the switch without altering configurations Parameters None Restricti...

Page 257: ...etting for this field is 6343 Only one Analyzer Server address can be set for one UDP Collector Port maxdatagramsize value 300 1400 This field will specify the maximum number of data bytes that can be...

Page 258: ...0 This field will specify the maximum number of data bytes that can be packaged into a single sFlow datagram Users may select a value between 300 to 1400 bytes with a default setting of 1400 bytes Res...

Page 259: ...ts portlist all analyzer_server_id value 1 4 interval disable sec 20 120 Description This command will allow the user to configure the settings for the Switch s counter poller This mechanism will take...

Page 260: ...Parameters portlist Use this parameter to set the ports that will be mined for sFlow information all Use this parameter to set all ports to be mined for sFlow information interval disable sec 20 120 U...

Page 261: ...yntax show sflow counter_poller Description This command will allow the user to display the Switch s counter poller Parameters None Restrictions Only administrator level and operator level users can i...

Page 262: ...nly administrator level and operator level users can issue this command Example usage To create the sFlow flow sampler DGS 3627 5 create sflow flow_sampler ports 1 analyzer_server_id 1 rate 10000 maxh...

Page 263: ...axheadersize 128 Command config sflow flow_sampler ports 1 rate 20000 maxheadersize 128 Success DGS 3627 5 delete sflow flow_sampler ports Purpose Used to delete the flow sampler for the sFlow functio...

Page 264: ...e sFlow flow sampler settings DGS 3627 5 show sflow flow_sampler Command show sflow flow_sampler Port Analyzer Server ID Configured Rate Active Rate Max Header Size 1 1 10000 0 128 Total Entries 1 DGS...

Page 265: ...te 1 31 e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 show time Each command is listed in detail in the following sections config sntp Purpose Used to setup SNTP service Syntax config s...

Page 266: ...y SNTP configuration information DGS 3627 5 show sntp Command show sntp Current Time Source System Clock SNTP Disabled SNTP Primary Server 10 1 1 1 SNTP Secondary Server 10 1 1 2 SNTP Poll Interval 72...

Page 267: ...yntax config time date ddmthyyyy time hh mm ss Description This will configure the system time and date settings These will be overridden if SNTP is configured and enabled Parameters date Express the...

Page 268: ...r level users can issue this command Example usage To configure time zone settings DGS 3627 5 config time_zone operator hour 2 min 30 Command config time_zone operator hour 2 min 30 Success DGS 3627 5...

Page 269: ...day of the week in which DST begins start_day sun sat The day of the week in which DST begins expressed using a three character abbreviation sun mon tue wed thu fri sat e_day Configure the day of the...

Page 270: ...current time settings and status Syntax show time Description This will display system time and date configuration as well as display current system time Parameters None Restrictions None Example usa...

Page 271: ...to the gateway router When the time is ready to deploy the policy route the administrator must enable this function here as well state enable disable Once completed the Switch will identify the devic...

Page 272: ...4 Enter the ID number of the previously created access profile that is to be associated with this policy route access_id value 1 128 Enter the previously created access ID that has been created in con...

Page 273: ...er Success DGS 3627 5 show policy_route Purpose Used to display policy route settings Syntax show policy_route Description This command is used to display policy route settings Parameters None Restric...

Page 274: ...osen the Switch will minimize the IP packet bandwidth received by the Switch by adjusting the bandwidth for all IP packets by setting a acceptable bandwidth for both unicast and broadcast IP packets T...

Page 275: ...been activated by a high CPU utilization rate mode Used to select the type of Safeguard Engine to be activated by the Switch when the CPU utilization reaches a high rate The user may select strict If...

Page 276: ...Switch CLI Manual 273 DGS 3627 5 show safeguard_engine Command show safeguard_engine Safeguard engine state Disabled Safeguard engine current status normal mode CPU utilization information Rising 30 F...

Page 277: ...orwarded frames from the ports specified in the portlist above null No ports are specified all All ports are specified portlist Specifies a range of ports for the forwarding list This list must be on...

Page 278: ...rd list must be on the same Switch Example usage To display the current traffic segmentation configuration on the Switch DGS 3627 5 show traffic_segmentation Command show traffic_segmentation Traffic...

Page 279: ...log config gratuitous_arp send periodically ipif ipif_name 12 interval value 0 65535 show gratuitous_arp ipif ipif_name 12 Each command is listed in detail in the following sections create arpentry Pu...

Page 280: ...48 74 121 Command delete arpentry 10 48 74 121 Success DGS 3627 5 config arp_aging time Purpose Used to configure the age out timer for ARP table entries on the Switch Syntax config arp_aging time va...

Page 281: ...169 00 50 BA 70 E4 4E Dynamic System 10 1 1 254 00 01 30 FA 5F 00 Dynamic System 10 9 68 1 00 A0 C9 A4 22 5B Dynamic System 10 9 68 4 00 80 C8 2E C7 45 Dynamic System 10 10 27 51 00 80 C8 48 DF AB Dyn...

Page 282: ...arpentry Purpose Used to configure a static entry in the ARP table Syntax config arpentry ipaddr macaddr Description This command is used to configure a static entry in the ARP Table The user may spe...

Page 283: ...send dup_ip_detected Purpose Used to enable disable the sending of gratuitous ARP requests while a duplicate IP address is being detected Syntax config gratuitous_arp send duplicate_ip_detected enabl...

Page 284: ...this command Example usage To enable learning of ARP entry based on the received gratuitous ARP packet DGS 3627 5 config gratuitous_arp learning enable Command config gratuitous_arp learning enable Su...

Page 285: ...disable gratuitous_arp System trap log Command disable gratuitous_arp System trap log Success DGS 3627 5 config gratuitous_arp send periodically Purpose Used to configure the interval for periodical s...

Page 286: ...the Layer 3 device Restrictions None Example usage To display gratuitous ARP log and trap state DGS 3627 5 show gratuitous_arp Command show gratuitous_arp Send on IPIF status up Enabled Send on Dupli...

Page 287: ...IP interface on the Switch VRRP routers within the same VRRP group must be consistent in configuration settings for this protocol to function optimally The VRRP commands in the Command Line Interface...

Page 288: ...Parameters ping Adding this parameter to the command will stop the virtual IP address from being pinged from other host end nodes to verify connectivity This will only disable the ping connectivity ch...

Page 289: ...t physical IP address as the Master router The default value is 100 The value of 255 is reserved for the router that owns the IP address associated with the virtual router and is therefore set automat...

Page 290: ...IP interface must be assigned to a VLAN on the Switch state enable disable Used to enable and disable the VRRP router on the Switch priority int 1 254 Enter a value between 1 and 254 to indicate the...

Page 291: ...ult is disable Restrictions Only administrator level and operator level users can issue this command Example usage To configure a VRRP entry DGS 3627 5 config vrrp vrid 1 ipif Zira state enable priori...

Page 292: ...ription This command is used to view current VRRP settings of the VRRP Operations table Parameters ipif ipif_name 12 Enter the name of a previously configured IP interface for which to view the VRRP s...

Page 293: ...local device Parameters vrid vrid 1 255 Enter the VRRP ID of the virtual router to be deleted Not entering this parameter will delete all VRRP entries on the Switch ipif ipif_name 12 Enter the name o...

Page 294: ...his parameter to create a default static IP route entry to the Switch s IP routing table network_address IP address and netmask of the IP interface that is the destination of the route The address and...

Page 295: ...raditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 null0 Specify the null interface as the next hop ipaddr The gateway IP address for the next hop router Restrictions Only a...

Page 296: ...ary and backup IP route entry to the Switch s IP routing table Parameters default Use this parameter to create a default static IPv6 route entry to the Switch s IP routing table ipv6networkaddr IPV6 a...

Page 297: ...12 Enter the corresponding IP interface name of the IPv6 address to be deleted here ipv6addr IPv6 address for the next hop router all This will delete all IPv6 static entries Restrictions Only admini...

Page 298: ...yer 3 Gigabit Ethernet Managed Switch CLI Manual 295 DGS 3627 5 show ipv6route Command show ipv6route IPv6 Prefix 0 Protocol Static Metric 65535 Next Hop 3003 30 IPIF ip3 Backup Backup Status Active T...

Page 299: ...st ospf src static rip local mettype 1 2 metric value 0 16777214 Description This command will redistribute routing information between the OSPF and RIP routing protocols to all routers on the network...

Page 300: ...ice the user may set the following parameters for that source device from the following options all Specifies both internal an external internal Specifies the internal protocol of the source device ex...

Page 301: ...idual router s current routing protocol The switch can redistribute routing information between the OSPF and RIP routing protocols to all routers on the network that are running OSPF or RIP Routing in...

Page 302: ...ters on the network that are running OSPF or RIP Routing information entered into the Static Routing Table on the local switch is also redistributed Parameters src Allows the selection of the protocol...

Page 303: ...delete route redistribution settings DGS 3627 5 delete route redistribute dst rip src ospf Command delete route redistribute dst rip src ospf Success DGS 3627 5 show route redistribute Purpose Used t...

Page 304: ...relay function on the Switch Parameters primary Indicates that the IP address below is the address of the primary DNS server secondary Indicates that the IP address below is the address of the seconda...

Page 305: ...lay on the Switch Parameters cache This parameter will allow the user to enable the cache lookup for the DNS rely on the Switch static This parameter will allow the user to enable the static table loo...

Page 306: ...ator level users can issue this command Example usage To disable status of DNS relay DGS 3627 5 disable dnsr Command disable dnsr Success DGS 3627 5 Example usage To disable cache lookup for DNS relay...

Page 307: ...3627 5 show dnsr Command show dnsr DNSR Status Disabled Primary Name Server 0 0 0 0 Secondary Name Server 0 0 0 0 DNSR Cache Status Disabled DNSR Static Cache Table Status Disabled DNS Relay Static Ta...

Page 308: ...the Switch password 16 Allows the specification of a case sensitive password tx_mode Determines how received RIP packets will be interpreted as RIP version V1 only V2 Only or V1 Compatible V1 and V2...

Page 309: ...used to enable RIP on the Switch Parameters None Restrictions Only administrator level and operator level users can issue this command Example Usage To enable RIP DGS 3627 5 enable rip Command enable...

Page 310: ...ommand will display the global RIP configuration for the Switch Restrictions None Example usage To display RIP configuration DGS 3627 5 show rip Command show rip RIP Global State Disabled RIP Interfac...

Page 311: ...s that DVMRP is to be configured for all IP interfaces on the Switch metric value 1 31 Allows the assignment of a DVMRP route cost to the above IP interface A DVMRP route cost is a relative number tha...

Page 312: ...l and operator level users can issue this command Example usage To enable DVMRP DGS 3627 5 enable dvmrp Command enable dvmrp Success DGS 3627 5 disable dvmrp Purpose Used to disable DVMRP Syntax disab...

Page 313: ...8 20 1 1 1 2 Dynamic ip2 117 30 0 0 0 8 30 1 1 1 2 Dynamic ip3 106 Total Entries 3 DGS 3627 5 show dvmrp neighbor Purpose Used to display the DVMRP neighbor table Syntax show dvmrp neighbor ipif ipif...

Page 314: ...itional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 Restrictions None Example usage To display DVMRP routing next hop table DGS 3627 5 show dvmrp nexthop Command show dvmrp next...

Page 315: ...naged Switch CLI Manual 312 DGS 3627 5 show dvmrp Command show dvmrp DVMRP Global State Disabled Interface IP Address Neighbor Timeout Probe Metric State System 10 90 90 90 8 35 10 1 Disabled Zira 12...

Page 316: ...ters these routers can only join or be pruned from a multicast group through the use of Join Prune Messages exchanged between the DR and RP Join Prune Messages are packets relayed between routers that...

Page 317: ...that there are no multicast members on their respective branches PIM DM then removes these branches prunes them from the multicast delivery tree Because a member of a pruned branch of a multicast del...

Page 318: ...level and operator level users can issue this command Usage example To enable PIM as previously configured on the Switch DGS 3627 5 enable pim Command enable pim Success DGS 3627 5 disable pim Purpose...

Page 319: ...removed or pruned from that group The user may state an interval time between 1 and 18724 seconds with a default interval time of 30 seconds state enable disable Used to enable or disable PIM for this...

Page 320: ...this command Usage example To create an IP interface to become a Candidate RP on the Switch DGS 3627 5 create pim crp group 231 0 0 1 32 rp Zira Command create pim crp group 231 0 0 1 32 rp Zira Succe...

Page 321: ...if there is a tie for the highest priority the router having the higher IP address will become the RP The user may set a priority between 0 and 255 with a default setting of 192 wildcard_prefix_cnt 0...

Page 322: ...s group network_address Enter the multicast group IP address used in identifying the Rendezvous Point RP This address must be a class D address Restrictions Only administrator level and operator level...

Page 323: ...receive multicast data from the shortest path tree This command is for PIM SM configurations only Parameters never Using this command will configure the router to always receive multicast data from t...

Page 324: ...e Example To view the CRP settings DGS 3627 5 show pim crp Command show pim crp PIM Candidate RP Table C RP Holdtime 150 C RP Priority 2 C RP Wildcard Prefix Count 0 Group Interface 224 0 0 0 4 Zira D...

Page 325: ...mand See the examples below for a better understanding bootstrap_period value 1 255 Enter a time period between 1 and 255 to determine the interval the Switch will send out Boot Strap Messages BSM to...

Page 326: ...y all CBSRs Restrictions None Usage example To view the CBSR settings DGS 3627 5 show pim cbsr Command show pim cbsr PIM Candidate BSR Table C BSR Hash Mask Len 30 C BSR Bootstrap Period 2 Interface I...

Page 327: ...s of the Switch Syntax show pim neighbor ipif ipif_name12 ipaddress network_address Description This command will display the PIM neighbor table for the Switch Parameters ipif_name 12 Enter the name o...

Page 328: ...229 55 150 208 10 38 45 151 32 0 0 0 0 SPT S G 229 55 150 208 10 38 45 192 32 0 0 0 0 SPT S G 229 55 150 208 10 50 93 100 32 0 0 0 0 SPT S G 229 55 150 208 10 51 16 1 32 0 0 0 0 SPT S G 229 55 150 208...

Page 329: ...sending Register packets to and create checksums to be included with the data in Registered packets Restrictions Only administrator level and operator level users can issue this command Usage example...

Page 330: ...t Ethernet Managed Switch CLI Manual 327 DGS 3627 5 show pim register_checksum_include_data_rp_list Command show pim register_checksum_include_data_rp_list PIM Register Checksum Include Data RP Addres...

Page 331: ...traditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 Restrictions None Usage example To display the current IP multicast forwarding cache DGS 3627 5 show ipmc cache Command...

Page 332: ...only those entries that are related to the DVMRP protocol pim Specifying this parameter will display only those entries that are related to the PIM protocol Restrictions None Usage example To display...

Page 333: ...s key_id 1 255 The MD5 key ID The user may enter a key ranging from 1 to 255 password An MD5 password of up to 16 bytes Restrictions Only administrator level and operator level users can issue this co...

Page 334: ...ly administrator level and operator level users can issue this command Usage example The delete an entry in the MD5 key table DGS 3627 5 delete md5 key 1 Command delete md5 key 1 Success DGS 3627 5 sh...

Page 335: ...dvertise enable disable delete ospf aggregation area_id network_address lsdb_type summary nssa_ext config ospf aggregation area_id network_address lsdb_type summary advertise enable disable nssa_ext a...

Page 336: ...ospf Purpose Used to enable OSPF on the Switch Syntax enable ospf Description This command in combination with the disable ospf command below is used to enable and disable OSPF on the Switch Paramete...

Page 337: ...Parameters None Restrictions None Usage example To show OSPF state DGS 3627 5 show ospf Command show ospf OSPF Router ID 10 1 1 2 State Enabled OSPF Interface Settings Interface IP Address Area ID St...

Page 338: ...main type The OSPF area mode of operation the user has three choices to choose from to define the area created here normal Choosing this parameter will define the OSPF area created here as a normal ar...

Page 339: ...that uniquely identifies the OSPF area in the OSPF domain Restrictions Only administrator level and operator level users can issue this command Usage example To delete an OSPF area DGS 3627 5 delete o...

Page 340: ...ns Only administrator level and operator level users can issue this command Usage example To configure an OSPF area s settings DGS 3627 5 config ospf area 10 48 74 122 type stub stub_summary enable me...

Page 341: ...ost_route 10 48 74 122 area 10 1 1 1 metric 2 Success DGS 3627 5 delete ospf host_route Purpose Used to delete an OSPF host route Syntax delete ospf host_route ipaddr Description This command is used...

Page 342: ...F host route table DGS 3627 5 show ospf host_route Command show ospf host_route Host Address Metric Area_ID 10 48 73 21 2 10 1 1 1 10 48 74 122 1 10 1 1 1 Total Entries 2 DGS 3627 5 create ospf aggreg...

Page 343: ...ete ospf aggregation area_id network_address lsdb_type summary nssa_ext Description This command is used to delete an OSPF area aggregation configuration Parameters area_id A 32 bit number in the form...

Page 344: ...ource advertise enable disable Allows for the advertisement trigger to be enabled or disabled Restrictions Only administrator level and operator level users can issue this command Usage example To con...

Page 345: ...F LSDB table for the area_id or the Cost this is interpreted as no area ID for external LSAs and as no cost given for the advertised link Usage example To display the link state database of OSPF DGS 3...

Page 346: ...ies the remote area s Area Border Router Restrictions None Usage example To display the current OSPF virtual neighbor table DGS 3627 5 show ospf virtual_neighbor Command show ospf virtual_neighbor Tra...

Page 347: ...1 to 255 is required metric value 1 65535 This field allows the entry of a number between 1 and 65 535 that is representative of the OSPF cost of reaching the selected OSPF interface The default metri...

Page 348: ...escription This command will display the current OSPF settings for all OSPF interfaces on the Switch Parameters None Restrictions None Usage example To display the current OSPF interface settings for...

Page 349: ...ackets from a neighbor router before the selected area declares that router down An interval between 1 and 65535 seconds can be specified The Dead Interval must be evenly divisible by the Hello Interv...

Page 350: ...ameter will set a simple authentication which includes a case sensitive password of no more than 8 characters md5 key_id 1 255 Choosing this parameter will set authentication based on md5 encryption A...

Page 351: ...xx xxx xxx xxx that uniquely identifies the OSPF area in the OSPF domain neighbor_id The OSPF router ID for the remote area This is a 32 bit number in the form of an IP address xxx xxx xxx xxx that un...

Page 352: ...always be the first choice for routing purposes and the next most reliable path is Static due to the fact that its has the next lowest value To set a higher reliability for a route change its value to...

Page 353: ...reference value for the OSPF AS External route type 1 route ospfExtT2 Choose this parameter to configure the preference value for the AS External route type 2 route value 1 999 Enter a value between 1...

Page 354: ...fExtT2 Enter this parameter to view the route preference settings for the OSPF AS External route type 2 Entering this command with no parameters will display the route preference for all routes Restri...

Page 355: ...tification on the Switch Syntax enable mac_notification Description This command is used to enable MAC address notification without changing configuration Parameters None Restrictions Only administrat...

Page 356: ...he Switch s MAC address table notification global settings DGS 3627 5 config mac_notification interval 1 historysize 500 Command config mac_notification interval 1 historysize 500 Success DGS 3627 5 c...

Page 357: ...te Enabled Interval 1 History Size 1 DGS 3627 5 show mac_notification ports Purpose Used to display the Switch s MAC address table notification status settings Syntax show mac_notification ports portl...

Page 358: ...355 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled 9 Disabled 10 Disabled 11 Disabled 12 Disabled 13 Disabled 14 Disabled 15 Disabled 16 Disabled 17 Disabled 18 Disabled 19 Disable...

Page 359: ...sword again Please note that if you choose to use Web based Access Control SSL will not be available as the two are mutually exclusive The Web based Access Control WAC commands in the Command Line Int...

Page 360: ...nter the VLAN name which users will be placed when authenticated by the Switch or a RADIUS server This VLAN should be pre configured to have limited access rights to web based authenticated users port...

Page 361: ...DGS 3627 5 Example usage To configure the WAC ports DGS 3627 5 config wac ports 1 7 state enable Command config wac ports 1 7 state enable Success DGS 3627 5 Example usage To configure the Web based...

Page 362: ...on the Switch DGS 3627 5 create wac user ctsnow vlan Tiberius Command create wac user ctsnow vlan Tiberius Enter a case sensitive new password Enter the new password again for confirmation Success DGS...

Page 363: ...nce authenticated if a change in VLANs is desired Restrictions Only administrator level users can issue this command Example usage To configure a WAC user on the Switch DGS 3627 5 config wac user Pete...

Page 364: ...ter to display all ports for their Web based Access Control settings Entering no parameters will display the remaining parameters of state authentication method and Web based Access Control VLAN curre...

Page 365: ...sful authentication should direct the client to the stated web page If the client does not reach this web page yet does not receive a Fail message the client will already be authenticated and therefor...

Page 366: ...When the user is prompted by the Switch to enter usernames and passwords for authentication the Switch contacts the TACACS XTACACS TACACS RADIUS server to verify and the server will respond with one...

Page 367: ...enable default method_list_name string 15 all config authen application console telnet ssh http all login enable default method_list_name string 15 show authen application create authen server_group s...

Page 368: ...olicy Syntax disable authen_policy Description This command will disable the administrator defined authentication policy for users trying to access the Switch When disabled the Switch will access the...

Page 369: ...figure a user defined or default method list of authentication methods for user login Syntax config authen_login default method_list_name string 15 method tacacs xtacacs tacacs radius server_group str...

Page 370: ...ed on the Switch local Adding this parameter will require the user to be authenticated using the local user account database on the Switch none Adding this parameter will require no authentication to...

Page 371: ...lete authen_login method_list_name string 15 Description This command is used to delete a list for authentication methods for user login Parameters string 15 Enter an alphanumeric string of up to 15 c...

Page 372: ...n login method list named Trinity DGS 3627 5 show authen_login method_list_name Trinity Command show authen_login method_list_name Trinity Method List Name Priority Method Name Comment Dlee 1 tacacs B...

Page 373: ...point the Switch will restart the same sequence with the following protocol listed XTACACS If no authentication takes place using the XTACACS list the local_enable password set in the Switch is used t...

Page 374: ...re the user to be authenticated using the local user account database on the Switch The local enable password of the device can be configured using the config admin local_password command none Adding...

Page 375: ...ring this parameter will display the default method list for users attempting to gain access to Administrator level privileges on the Switch method_list_name string 15 Enter an alphanumeric string of...

Page 376: ...nfigure console Choose this parameter to configure the command line interface login method telnet Choose this parameter to configure the Telnet login method ssh Choose this parameter to configure the...

Page 377: ...pose Used to create an authentication server host Syntax create authen server_host ipaddr protocol tacacs xtacacs tacacs radius port int 1 65535 key key_string 254 none timeout int 1 255 retransmit 1...

Page 378: ...vel users can issue this command Example usage To create a TACACS authentication server host with port number 1234 a timeout value of 10 seconds and a retransmit count of 5 DGS 3627 5 create authen se...

Page 379: ...in seconds the Switch will wait for the server host to reply to an authentication request The default value is 5 seconds retransmit int 1 255 Enter the value in the retransmit field to change how many...

Page 380: ...hentication server hosts previously created on the Switch The following parameters are displayed IP Address The IP address of the authentication server host Protocol The protocol used by the server ho...

Page 381: ...ver group A server group is a technique used to group TACACS XTACACS TACACS RADIUS server hosts into user defined categories for authentication using method lists The user may define the type of serve...

Page 382: ...rotocol Restrictions Only administrator level users can issue this command Example usage To add an authentication host to server group group_1 DGS 3627 5 config authen server_group group_1 add server_...

Page 383: ...authen server_group Command show authen server_group Group Name IP Address Protocol Darren 10 53 13 2 TACACS tacacs 10 53 13 94 TACACS tacacs xtacacs Total Entries 4 DGS 3627 5 config authen paramete...

Page 384: ...o set the maximum number of authentication attempts at 5 DGS 3627 5 config authen parameter attempt 5 Command config authen parameter attempt 5 Success DGS 3627 5 show authen parameter Purpose Used to...

Page 385: ...rs None Restrictions Only user level users can issue this command Example usage To enable administrator privileges on the Switch DGS 3600 3 enable admin Password DGS 3627 5 config admin local_enable P...

Page 386: ...d the SSH Server 4 Finally enable SSH on the Switch using the enable ssh command After following the above steps you can configure an SSH Client on the remote PC and manage the Switch using secure in...

Page 387: ...users to configure the SSH authentication mode for users attempting to access the Switch Parameters password This parameter may be chosen if the administrator wishes to use a locally configured passw...

Page 388: ...on int 1 8 timeout sec 120 600 authfail int 2 20 rekey 10min 30min 60min never Description This command allows you to configure the SSH server Parameters maxsession int 1 8 Allows the user to set the...

Page 389: ...g ssh user Purpose Used to configure the SSH user Syntax config ssh user username authmode hostbased hostname domain_name hostname_IP domain_name ipaddr password publickey Description This command all...

Page 390: ...onfig ssh user Tiberius authmode Password Enter a case sensitive new password Enter the new password again for conformation Success DGS 3627 5 show ssh user authmode Purpose Used to display the SSH us...

Page 391: ...n algorithm cast128 This parameter will enable or disable the Cast128 encryption algorithm twofish128 This parameter will enable or disable the twofish128 encryption algorithm twofish192 This paramete...

Page 392: ...rrently set on the Switch DGS 3627 5 show ssh algorithm Command show ssh algorithm Encryption Algorithm 3DES Enabled AES128 Enabled AES192 Enabled AES256 Enabled arcfour Enabled blowfish Enabled cast1...

Page 393: ...e 3DES_EDE encryption code defined by the Data Encryption Standard DES to create the encrypted text 3 Hash Algorithm This part of the ciphersuite allows the user to choose a message digest function wh...

Page 394: ...e CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm DHE_DSS_with_3DES_EDE_CBC_SHA This ciphersuite combines the DSA Diffie Hellman key exchange CBC Block Cipher 3DES_EDE encryption and S...

Page 395: ..._SHA This ciphersuite combines the DSA Diffie Hellman key exchange CBC Block Cipher 3DES_EDE encryption and SHA Hash Algorithm RSA_EXPORT_with_RC4_40_MD5 This ciphersuite combines the RSA Export key e...

Page 396: ...ess DGS 3627 5 show ssl cachetimeout Purpose Used to show the SSL cache timeout Syntax show ssl cachetimeout Description Entering this command will allow the user to view the SSL cache timeout current...

Page 397: ...certificate file is a data record used for authenticating devices on the network It contains information on the owner keys for authentication and digital signatures Both the server and the client must...

Page 398: ...e Purpose Used to enable the jumbo frame function on the Switch Syntax enable jumbo_frame Description This command will allow ethernet frames larger than 1536 bytes to be processed by the Switch The m...

Page 399: ...status of the jumbo frame function on the Switch Syntax show jumbo_frame Description This command will show the status of the jumbo frame function on the Switch Parameters None Restrictions None Usag...

Page 400: ...tlist all dot1_tlv_pvid enable disable config lldp ports portlist all dot1_tlv_protocol_vid vlan all vlan_name 32 vlanid vid_list enable disable config lldp ports portlist all dot1_tlv_vlan_name vlan...

Page 401: ...information from the LLDP packets advertised from the neighbor in the Neighbor s table The default state for LLDP is disabled Parameters None Restrictions Only administrator level and operator level...

Page 402: ...dp message_tx_interval 30 Success DGS 3627 5 config lldp message_tx_hold_multiplier Purpose Used to configure the message hold multiplier Syntax config lldp message_tx_hold_multiplier int 2 10 Descrip...

Page 403: ...an or equal to 0 25 msgTxInterval Restrictions Only administrator level and operator level users can issue this command Example usage To configure the delay interval DGS 3627 5 config lldp tx_delay 8...

Page 404: ...configured SNMP trap receiver s Syntax config lldp ports portlist all notification enable disable Description Enable or disable each port for sending changes notification to configured SNMP trap rece...

Page 405: ...ministrator level and operator level users can issue this command Example usage To configure ports 1 to 5 to transmit and receive DGS 3627 5 config lldp ports 1 1 1 5 admin_status tx_and_rx Command co...

Page 406: ...ort_description system_name system_description and system_capability Parameters portlist Use this parameter to define ports to be configured all Use this parameter to set all ports in the system port_...

Page 407: ...ports all dot1_tlv_pvid enable Command config lldp ports all dot1_tlv_pvid enable Success DGS 3627 5 config lldp dot1_tlv_protocol_vid Purpose Used to configure an individual port or group of ports to...

Page 408: ...ce will be transmitted on the port If a port is associated with multiple VLANs those enabled VLAN IDs will be advertised Parameters portlist Use this parameter to define ports to be configured all Use...

Page 409: ...l be transmitted on the port The Protocol Identity TLV provides a way for stations to advertise protocols that are important to the operation of the network such as Spanning Tree Protocol the Link Agg...

Page 410: ...BASE T 100BASE TX and 1000BASE T allow power to be supplied over the link for connected non powered systems The Power Via MDI TLV allows network management to advertise and discover the MDI power supp...

Page 411: ...S 3627 5 show lldp Command show lldp LLDP System Information Chassis ID Subtype MAC Address Chassis ID 00 19 5B F1 CA 80 System Name System Description Gigabit Ethernet Switch System Capabilities Repe...

Page 412: ...command displays the LLDP per port configuration for advertisement options Parameters portlist Use this parameter to define ports to be configured Restrictions None Example usage To display the LLDP p...

Page 413: ...information in normal mode This is the default display mode detailed Display the information in detailed mode Restrictions None Usage Example To display outbound LLDP advertisements for port 1 DGS 362...

Page 414: ...normal mode This is the default display mode detailed Display the information in detailed mode Restrictions None Example usage To display remote table in brief mode DGS 3627 5 show lldp remote_ports...

Page 415: ...per port LLDP statistics command displays per port LLDP statistics Parameters portlist Use this parameter to define ports to be configured When portlist is not specified information for all ports will...

Page 416: ...may take on three different roles Commander Switch CS This is a switch that has been manually configured as the controlling device for a group and takes on the following characteristics It has an IP A...

Page 417: ...a MS has been rediscovered it will add the MS back into the SIM tree automatically No configuration will be necessary to rediscover these switches There are some instances where pre saved MS switches...

Page 418: ...le sim Description This command will disable SIM globally on the Switch Parameters None Restrictions Only administrator level users can issue this command Example usage To disable SIM on the Switch DG...

Page 419: ...s of the SIM group To view a specific member include that member s id number listed from 1 to 32 group commander_mac macaddr Entering this parameter will display information concerning the SIM group T...

Page 420: ...0 DGS 3627 L3 Switch 40 2 40 B19 The Man Total Entries 2 DGS 3627 5 To show other groups information in summary DGS 3627 5 show sim group Command show sim group SIM Group Name default ID MAC Address P...

Page 421: ...GS 3627 5 reconfig member_id 2 Command reconfig member_id 2 DGS 3627 5 Login config sim_group Purpose Used to add candidates and delete members from the SIM group Syntax config sim add candidate_id 1...

Page 422: ...er may set the dp_interval from 30 to 90 seconds hold time sec 100 255 Using this parameter the user may set the time in seconds the CS will hold information sent to it from other switches utilizing t...

Page 423: ...filename members mslist 1 32 all Description This command will download a firmware file or configuration file to a specified device from a TFTP server Parameters firmware_from_tftp Specify this parame...

Page 424: ...03 04 00 Success 2 00 07 06 05 04 03 Success 3 00 07 06 05 04 03 Success DGS 3627 5 upload sim_ms Purpose User to upload a configuration file to a TFTP server from a specified member of a SIM group Sy...

Page 425: ...l Add this parameter to specify all members of the SIM group will receive the switch configuration or log files Restrictions Only administrator level and operator level users can issue this command Ex...

Page 426: ...and Entering the question mark with an appropriate command will list all the corresponding parameters for the specified command along with a brief description of the commands function and similar comm...

Page 427: ...config stp version DGS 3627 5 config command_history Purpose Used to configure the command history Syntax config command_history value 1 40 Description This command is used to configure the command hi...

Page 428: ...xStack DGS 3600 Series Layer 3 Gigabit Ethernet Managed Switch CLI Manual DGS 3627 5 show command_history Command show command_history 425 show show vlan show command history DGS 3627 5...

Page 429: ...000BASE SX DEM 311GT transceiver IEEE 802 3z 1000BASE SX DEM 312GT2 transceiver IEEE 802 3z 1000BASE LH DEM 314GT transceiver IEEE 802 3z 1000BASE ZX DEM 315GT transceiver IEEE 802 3z WDM Transceiver...

Page 430: ...3650 131 3W DGS 3612G 60W DGS 3612 38W DC Fans DGS 3627 Four 40mm x 40mm x 20mm one 50mm x 50mm x 20mm one 44mm x 44mm x 11mm DGS 3627G Four 40mm x 40mm x 20mm one 50mm x 50mm x 20mm fans DGS 3650 Tw...

Page 431: ...e and forward Packet Buffer 2 MB per device Packet Filtering Forwarding Rate 14 881 pps 10M port 148 810 pps 100M port 1 488 100 pps 1Gbps port MAC Address Learning Automatic update Supports 16K MAC a...

Reviews:

No comments

Related manuals for xStack DGS-3600 Series

Brand: GarrettCom Pages: 24

OfficeConnect 5

Brand: 3Com Pages: 2

OfficeConnect 3C1670500C

Brand: 3Com Pages: 18

Brand: OEM Pages: 1

RoamAbout RBT-4102-BG

Brand: Enterasys Pages: 72

LS-5500-28C-PWR-SI-OVS

Brand: H3C Pages: 86

Brand: IPGARD Pages: 2

START-LINE AGC-3500

Brand: Trust Pages: 16

Brand: SMART-AVI Pages: 2

Personal MiniHub

Brand: Black Box Pages: 22

Brand: PIKA Pages: 7

TNS5000D Series

Brand: 3onedata Pages: 3

Brand: LINK-MI Pages: 9

Brand: Lantech Pages: 80

FS5300-EI Series

Brand: H3C Pages: 57

Brand: Xantech Pages: 32

Brand: Netis Pages: 9

Brand: Lindy Pages: 8

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands