background image

 
 

 

switch(config)# interface vlan2 

switch(config-vlanif2)# ip address 192.168.2.1/24 

switch(config-vlanif2)# exit 

switch(config)# interface G2 

switch(config-G2)# switchport mode access   

switch(config-G2)# switchport pvid 2 

switch(config-G2)#exit 

switch(config)# ip route 192.168.3.0/24 192.168.2.2    2 

 

sw2: 

switch# configure terminal   

switch(config)# interface vlan1 

switch(config-vlanif1)# ip address 192.168.3.1/24 

switch(config-vlanif1)# exit 

switch(config)# interface vlan2 

switch(config-vlanif2)# ip address 192.168.2.2/24 

switch(config)# interface G2 

switch(config-G2)# switchport mode access   

switch(config-G2)# switchport pvid 2 

switch(config-G2)#exit 

switch(config)# ip route 192.168.1.0/24 192.168.2.1    2 

pc1: 

ip 192.168.1.100 gateway 192.168.1.1 

Pc2: 

ip 192.168.3.100 gateway 192.168.3.1 

phenomenon:   

 

pc1 ping pc2

 

 

 

 

 

 

 

 

Summary of Contents for DH-PFS6428-24T

Page 1: ...L3 Manage Switch CLI Configuration Manual Applicable to DH PFS6428 24T ...

Page 2: ...atus 12 Function Brief 12 1 8 1 show power 12 2 System Setting Commands 13 2 1 IP config 13 Function Brief 13 2 1 1 ip address 13 2 1 2 ip address dhcp 13 2 1 3 ip address old_ip 14 2 1 4 show interface 14 2 2 User config 15 Function Brief 15 2 2 1 username name 15 2 2 2 show user 16 2 3 Time setting 16 Function Brief 17 2 3 1 sntp enable disable 17 2 3 2 sntp unicast server 17 2 3 3 sntp auto syn...

Page 3: ... 3 1 mac address aging time 34 4 3 2 show mac address 35 4 4 ARP config 35 Function Brief 35 4 4 1 show arp 36 4 4 2 arp static 36 4 4 3 arp timeout 36 4 5 MSTP config 37 Function Brief 37 4 5 1 spanning tree 38 4 5 2 spanning tree mode 38 4 5 3 spanning tree max age 39 4 5 4 spanning tree hello time 39 4 5 5 spanning tree forward delay 39 4 5 6 spanning tree max hop 40 4 5 7 spanning tree instanc...

Page 4: ...0 4 cos map 56 4 10 5 dscp map 56 4 10 6 scheduler policy 57 4 10 7 example 57 4 11 VRRP 59 Function Brief 59 4 11 1 vrrp advertisement 59 4 11 2 vrrp ip 60 4 11 3 vrrp preempt 60 4 11 4 vrrp preempt time 61 4 11 5 vrrp priority 61 4 11 6 example 62 5 Routing configuration commands 64 5 1 Interface config 64 Function Brief 64 5 1 1 interface 64 5 1 2 shutdown no shutdown 64 5 1 3 ip address 65 5 1...

Page 5: ...mer 87 5 5 11 version 88 5 5 12 example 88 6 Network security commands 91 6 1 Anti attack 91 Function Brief 91 6 1 1 system ignore icmp echo 91 6 1 2 system protection syn ack 91 6 1 3 system rate limit 92 6 2 MAC binding 92 6 2 1 mac address static 93 6 3 ARP binding 93 Function Brief 93 6 3 1 ip mac bind 94 6 3 2 show ip mac bind 95 6 4 ACL config 95 Function Brief 95 6 4 1 mac acl 96 6 4 2 ip a...

Page 6: ...ction Brief 113 6 10 1 ip source guard 113 6 10 2 ip source guard trust 114 6 10 3 ip dhcp snooping binding 114 6 10 4 show ip source guard 115 7 Network management commands 116 7 1 HTTP config 116 Function Brief 116 7 1 1 ip http server http 116 7 1 2 ip http server https 116 7 2 SNMP config 117 Function Brief 117 7 2 1 snmp 117 7 2 2 snmp server trap2sink 118 7 2 3 snmp server trap 118 7 2 4 snm...

Page 7: ...vileged mode and the exit command is used to exit the privileged mode switch configure terminal switch config exit switch This command is used to enter the global mode and the exit command is used to exit the global mode and return to the privileged mode switch configure terminal switch config interface G1 switch config G1 exit switch config This command is used to enter the G1 interface mode from...

Page 8: ...nd Description This command is used to display the version information including the device name software version hardware version MAC address compile time system run time current version information and backup version information Parameter None Default None Command Mode Privileged mode To enter the privileged mode connect a serial port and enter the user name and password To exit the privileged m...

Page 9: ...o that maintenance staff can conveniently analyze relevant problems 1 3 1 show logging Command Description This command is used to display the current log of the switch Parameter None Default None Command Mode Privileged mode Example switch show logging 1 4 Port statistics Function Brief The port statistics module is used to display the number of sent received packets sent received bytes and numbe...

Page 10: ... all ports G 1 24 It is used to display data statistics Default None Command Mode Privileged mode Example switch show interface G1 1 5 LACP status Function Brief This function module is used to display the LACP port configurations 1 5 1 lacp state Command Description This command is used to display the status of the LACP system Parameter None Default None Command Mode ...

Page 11: ...ormation Parameter bgp View the BGP routing information connected View the connected routing information ospf View the ospf routing information rip View the rip routing information static View the static routing information A B C D View contains specific IP routing information A B C D M View of a routing information summary View all routing summary information Default None Command Mode Privileged ...

Page 12: ...information Parameter None Default None Command Mode Privileged mode Example switch show erps 1 8 Power status Function Brief The function module is used to display power supply information 1 8 1 show power Command Description This command is used to display the power supply information Parameter None Default None Command Mode Privileged mode Example switch show power ...

Page 13: ...a switch 2 1 1 ip address Command Description Configure IP port for A B C D M no ip address A B C D M Delete ports IP A B C D M Parameter None Default VLAN 1 interface Command Mode VLAN interface configuration mode Example switch config interface vlanif1 switch config vlanif1 ip address 192 168 100 1 24 switch config vlanif1 no ip address 192 168 100 1 24 2 1 2 ip address dhcp Command Description ...

Page 14: ...address old_ip A B C D M new_ip A B C D M Change the IP configuration of the interface amend the old_ip to new_ip Parameter None Default None Command Mode Interface configuration mode Example switch config interface vlanif1 switch config vlanif1 ip address old_ip 192 168 255 1 24 new_ip 192 168 10 1 24 2 1 4 show interface Command Description This command is used to display the interface IP inform...

Page 15: ...le is used to display modify or add user information so as to protect the switch configurations 2 2 1 username name Command Description username name password passwd privilege level This command is used to add a user modify the password of an existing user modify the management rights of an existing user or modify the password and management rights of an existing user no username name This command...

Page 16: ...sername test password test privilege guest Modify user the test management authority for the guest switch config no username test Delete user test 2 2 2 show user Command Description This command is used to display all the current user configurations of the switch Parameter None Default None Command Mode Privileged mode Example Switch show user 2 3 Time setting The configuration commands include s...

Page 17: ...rameter None Default Disable Command Mode Global configuration mode Example switch config sntp enable switch config sntp disable 2 3 2 sntp unicast server Command Description sntp unicast server A B C D This command is used to add the IP address of an NTP server no sntp unicast server A B C D This command is used to delete the ip address of an NTP server Parameter None Default None Command Mode Gl...

Page 18: ...ync timer 5 2 3 4 sntp connect Command Description sntp connect A B C D This command is used to select the SNTP server to connect Parameter None Default None Command Mode Global configuration mode Example switch config sntp connect 210 21 196 6 2 3 5 sntp timezone set Command Description switch config sntp timezone set 0 39 This command is used to select the time zone Parameter 0 39 Each number re...

Page 19: ... 6 local time date Command Description local time date YYYY MM DD time HH MM SS Set the local time year month day hours minutes seconds Parameter None Default None Command Mode Global configuration mode Example switch config local time date 2015 3 18 time 12 12 12 Note due to the chip is limited can only be set after January 1 1970 ...

Page 20: ...auto full half no duplex These commands are used to set the port rate mode Parameter parameter Parameters of the command mode auto Automatic negotiation full Full duplex half Half duplex Default By default the duplex modes of all ports are Auto For an optical port the duplex mode is always set to full Command Mode Interface configuration mode Note Light port duplex is fixed is a full duplex mode f...

Page 21: ... Command Mode Interface configuration mode Note Port speed of light is coerced into 1000M and 10000M Electricity mouth can only set auto 10M and 100M Example The port rate of G1 is set to 100M switch config interface G1 switch config G1 speed 100 3 1 3 flow control Command Description flowctrl no flowctrl This command is used to enable or disable the flow control function of a port Parameter None ...

Page 22: ... shutdown 3 1 5 description Command Description This command is to configure the port description information convenient for management composed of letters Numbers and underscore Parameter None Default None Command Mode Interface configuration mode Example switch config interface G1 switch config G1 description A1_1 3 2 Rate limit Function Brief It is used to configure the speed limiting policy of...

Page 23: ...o called port monitoring Port monitoring is a data packet acquisition technology It can be configured on a switch to copy data packets from one or more ports mirror source ports to a specified port mirror destination port The destination port is connected to a host installed with the packet analysis software The software analyzes the collected packets to implement network monitoring and eliminatin...

Page 24: ... a logical port using multiple physical ports of a switch Multiple links within the same aggregation group are deemed as a larger bandwidth logical link By link aggregation the communication traffic is shared among member ports of the aggregation group and thus the bandwidth is increased Besides member ports of the same aggregation share dynamic backups with each other and thus the link reliabilit...

Page 25: ...th mac Based on the source mesh MAC load balancing dst mac Based on the destination MAC load balancing src mac Based on the source MAC load balancing Default Disable Command Mode Interface configuration mode Example This command is to set up load balancing model based on source and destination MAC switch config load balance both mac 3 4 3 lacp enable disable Command Description lacp enable This co...

Page 26: ...uration mode Example switch config interface G1 switch config G1 lacp active 3 4 5 lacp key Command Description LACP key refers to the management key value of a dynamic aggregation port and determines whether the port can be added into an aggregation port LACP protocol generates an operation key based on the port configuration that is the rate duplex basic configuration and management key Members ...

Page 27: ...sed to configure the priority of an LACP port Parameter 1 32768 It specifies the priority range A smaller value indicates a higher priority Default 0 Command Mode Interface configuration mode Example switch config interface G1 switch config G1 lacp port priority 100 3 4 7 example The link aggregation is used to increase the bandwidth of device level serial ports and share loads based on the source...

Page 28: ...ch config interface G2 switch config G1 trunk 1 phenomenon After aggregation two links form one logical link and thus the bandwidth is doubled Besides the load is shared based on the source or destination MAC address When one link in the aggregation group is disconnected the packet is sent through another link and thus the communication is not interrupted ...

Page 29: ...can divide a physical LAN into multiple logical LANs that is VLANs Hosts located in the same VLAN can directly communicate with each other but hosts located in different VLANs cannot communicate with each other In this way broadcast packets are confined in the same VLAN That is each VLAN is a broadcast domain Advantages of VLAN are as follows 1 Improve network performance Broadcast packets are con...

Page 30: ...agged Ethernet frames Trunk mode The port is connected with other switches and can receive and send tagged Ethernet frames Hybrid mode The port can be connected to a PC or a switch and router The hybrid mode is the combination of the access mode and the trunk mode Example The port is configured to VLAN trunk hybrid access Switch config interface T1 Switch config T1 switchport mode trunk hybrid acc...

Page 31: ...mple This command is the trunk mode port to join one vlan or multiple vlan switch config interface T1 switch config T1 switchport mode trunk switch config T1 switchport trunk tag 2 switch config T1 switchport trunk tag 3 4 This command is the hybrid mode port to join one vlan or multiple vlan switch config T1 switchport mode hybrid switch config T1 switchport hybrid tag untag 2 switch config T1 sw...

Page 32: ...vlan3 4 1 5 example Enable VLAN communication across different switches PC1 and PC2 can communicate with each other normally SW1 SW2 switch configure terminal switch config interface G1 switch config if switchport mode trunk switch config if switchport trunk tag 2 switch config if exit switch config interface G2 switch config if switchport mode access switch config if switchport access vlan 2 phen...

Page 33: ...ly expanded the number of VLAN make the number of vlans up to 4094x4094 4 2 1 qinq Command Description Enable qinq no qinq express disable qinq function Parameter None Default None Command Mode Interface configuration mode Example switch config interface G1 switch config G1 qinq 4 2 2 qinq otpid Command Description Configuration tag QinQ layer protocol type Parameter ...

Page 34: ...e data is sent to the destination address the switch can locate the node position of the MAC address in the MAC address table and then send the data directly to the node of the location MAC address number refers to the number of MAC addresses that can be stored in the MAC address table of the switch the more the number of MAC addresses is stored the higher the speed and efficiency of data forwardi...

Page 35: ...bal configuration mode Example This command can display the MAC address and MAC address of the aging time switch show mac address MAC Vlan Port Type 94 de 80 dc cf 38 1 G4 dynamic 60 92 17 9d 30 c3 1 G4 dynamic Switch show mac address aging time Mac address aging time 100 4 4 ARP config ARP configuration commands include show arp arp static arp timeout Function Brief This function module you can v...

Page 36: ...tic Command Description arp static ip_addr mac_addr This command is used to add a static entry no arp static ip_addr This command is used to delete a static entry Parameter Parameter Parameters of the command mode ip_addr Ip address Value range X X X X mac_addr Mac address Value range H H H H Default None Command Mode Global configuration mode Example Add a static entry switch config arp static 19...

Page 37: ...e mode spanning tree max age spanning tree hello time spanning tree forward delay spanning tree max hop spanning tree instance show spanning tree show spanning tree interface brief Function Brief STP is developed based on IEEE 802 1D and is a protocol used to eliminate physical loops at the data link layer in the LAN STP enabled devices exchange information to detect loops on the network and selec...

Page 38: ...4 5 1 spanning tree Command Description spanning tree This command is used to enable the STP function no spanning tree This command is used to disable the STP function Parameter None Default Enable Command Mode Global configuration mode Example switch config spanning tree switch config no spanning tree 4 5 2 spanning tree mode Command Description spanning tree mode stp rstp mstp This command is us...

Page 39: ... configure the STP the largest survival time for 24 seconds switch config spanning tree max age 24 4 5 4 spanning tree hello time Command Description spanning tree hello time 1 10 Parameter Time Hello message sending interval Value range 1 10s Default 2s Command Mode Global configuration mode Example Switch config spanning tree hello time 10 This command configure the STP hello message sending tim...

Page 40: ...spanning tree max hop 1 40 Parameter hop BPDU max hop Value range 1 40 Default 20 Command Mode Global configuration mode Example switch config spanning tree max hop 40 This command configure bpdus protocol packet maximum hop count of 40 effective 4 5 7 spanning tree instance Command Description spanning tree instance This command is to configure the vlan and examples of MSTP mapping relationship P...

Page 41: ... configuration mode Example switch config spanning tree mstp name 2 4 5 9 spanning tree mstp revision Command Description spanning tree mstp revision This command is the configuration revision number of MSTP Parameter None Default None Command Mode Global configuration mode Example switch config spanning tree mstp revision 2 4 5 10 show spanning tree Command Description show spanning tree Paramete...

Page 42: ... orce protocol version mstp 4 5 11 show spanning tree interface brief Command Description show spanning tree interface brief Parameter None Default None Command Mode Global configuration mode and Privileged mode Example switch config show spanning tree interface brief 4 6 IGMP snooping IGMP snooping configuration commands include igmp snooping igmp snooping host age time igmp snooping fast leave i...

Page 43: ...ip 4 6 1 igmp snooping Command Description ip igmp snooping This command is used to enable the igmp snooping function no ip igmp snooping This command is used to disable the igmp snooping function Parameter None Default Disable Command Mode Global configuration mode Example This command will configure open and closed igmp snooping switch config igmp snooping switch config no igmp snooping 4 6 2 ig...

Page 44: ...t Disable Command Mode Interface configuration mode Example switch config interface G1 switch config G1 igmp snooping fast leave 4 6 4 igmp snooping static group Command Description igmp snooping static group This command is to add the static multicast group no igmp snooping static group This command is to delete the static multicast group Parameter None Default Disable Command Mode Interface conf...

Page 45: ... 255 255 250 G4 G2 1 0 0 0 0 224 0 0 252 G2 G4 4 6 6 example Member ports requesting to join the multicast group can receive multicast streams but non member ports not requesting to join the multicast group cannot receive multicast streams switch configure terminal switch config igmp snooping switch config interface G1 switch config G1 igmp snooping static group 233 2 2 2 vlan 1 switch config inte...

Page 46: ...tion Brief DHCP server refers to a computer that manages DHCP standards on a specific network It allocates a unique IP address to each workstation that logs in to the server DHCP server greatly simplifies network management which needs to be manually completed before 4 7 1 ip dhcpd Command Description ip dhcpd enable This command is used to enable the DHCP service ip dhcpd disable This command is ...

Page 47: ... command mode NAME Pool name Example dizhichi Default None Command Mode Global configuration mode Example This command is to create a named dizhichi address pool switch config dhcp pool dizhichi 4 7 3 network Command Description network A B C D M vlanif id This command is used to add an IP address segment to the address pool Parameter Parameter Parameters of the command mode A B C D M Address pool...

Page 48: ...Default None Command Mode Address pool configuration mode Example switch config dhcp Default router 192 168 1 1 This command is to set up DHCP issued a gateway 4 7 5 dns server Command Description Dns server A B C D This command is used to configure the IP address of the DNS server Parameter Parameter Parameters of the command mode A B C D dns address Default None Command Mode Address pool configu...

Page 49: ...inding 192 168 1 1 and 11 11 11 11 11 11 switch config dhcp no static 192 168 1 1 This command is used to delete static binding 4 7 7 lease Command Description lease 0 31536000 infinite This command is used to configure the lease period of the IP address in the address pool Parameter Parameter Parameters of the command mode 0 31536000 Time range Unit second infinite permanent Default Infinite Comm...

Page 50: ...re the DNS server domain name at www dahua com 4 7 9 nbns server Command Description nbns server A B C B This command is used to configure the secondary DNS server Parameter Parameter Parameters of the command mode A B C D DNS ip address Default None Command Mode Address pool configuration mode Example Set the secondary DNS server address 114 114 114 114 switch config dhcp pool 1 switch config dhc...

Page 51: ...dresses to clients in the VLAN 4 8 DHCP relay Function Brief If the DHCP client and the DHCP server on the same physical network segment the client can correctly obtain the IP address of dynamic allocation If they are not in the same physical network they need DHCP Relay Agent relay agent DHCP Relay agent can be removed to the necessary of DHCP server should be in each physical segment It can deli...

Page 52: ...IP address from an authorized server If an unauthorized DHCP server that is built privately exists on the network the DHCP clients may obtain incorrect IP addresses and network configuration parameters and consequently cannot implement communication normally To ensure that DHCP clients can obtain IP addresses from an authorized DHCP server the DHCP snooping security mechanism supports configuratio...

Page 53: ...e no ip dhcp snooping trust This command is used to configure the DHCP snooping non trust mode Parameter None Default Non Trust Command Mode Interface configuration mode Example This command is to set port 1 model for trust switch config interface G1 switch config G1 ip dhcp snooping trust 4 9 3 show ip dhcp snooping lease Command Description show ip dhcp snooping interface This command is used to...

Page 54: ... designated network communications It is a technique that used to solve the problem of network delay and congestion When the network overload or congestion QoS can ensure that the important traffic is not delayed or discarded while ensuring the efficient operation of the network 4 10 1 remask Command Description Qos remask all cos dscp Change the QoS trust mode weight Parameter None Default Cos Co...

Page 55: ...to COS port switch config interface G1 switch config G1 cos default 6 4 10 3 trust Command Description qos trust This command is to set port trust packets take priority no qos trust This command is to set port trust default port priority Parameter None Default Qos trust Command Mode Interface configuration mode Example This command is to set port 1 trust port the default priority Switch config int...

Page 56: ...Example Map the cos priority 0 to the queue 3 switch config cos map 0 3 4 10 5 dscp map Command Description dscp map Mapping relationship between DSCP priority and COS priority Parameter None Default Dscp priority Cos priority 0 7 0 8 15 1 16 23 2 24 31 3 32 39 4 40 47 5 48 55 6 56 63 7 Command Mode Global configuration mode Example Map the DSCP priority 45 to Cos priority 7 switch config cos map ...

Page 57: ... sp Command Mode Global configuration mode Example switch config scheduler policy wrr 1 2 3 4 5 6 7 8 4 10 7 example Test topology map test is based on the QoS of ports The 1 3 port of the Ixia tester corresponds to the G18 G22 of the switch 一 Configuration When the data packets in the port is not marked with any priority the priority of the port is set to the corresponding queue a Set the packets...

Page 58: ...f the Ixia1 2 port to the source MAC address of the Ixia3 port c 1 2 ports start sending data packets after learning MAC addresss 二 Test result Conclusion pass Observe the source MAC address of the packets which capture in port 3 you can find that the received data packets from port 11 the packets of high queue first pass ...

Page 59: ...ter VRRP is a routing fault tolerance protocol which can also be called backup routing protocol A default route is set for all hosts in a local area network when the destination address in the network from the host are not in the network segment the message will be sent to the external router through the default route so that the communication between the host and the external network is realized ...

Page 60: ...meter None Default None Command Mode Interface configuration mode Example This command is to set up virtual IP as 192 168 1 254 switch config interface vlanif1 switch config vlanif1 vrrp 1 ip 192 168 1 254 4 11 3 vrrp preempt Command Description vrrp group preempt This command is VRRP preemption mode no vrrp group preempt This command is disabled VRRP preemption mode Parameter None Default Enable ...

Page 61: ...econds after the preemption switch config interface vlanif1 switch config vlanif1 vrrp 1 preempt 3 4 11 5 vrrp priority Command Description vrrp group priority priority This command is to set up the gateway priority Parameter priority Priority range1 254 Default 100 the greater the number the higher the priority Default Enable Command Mode Interface configuration mode Example This command is to se...

Page 62: ...if2 exit switch config interface g2 switch config G2 switchport mode access switch config G2 switchport pvid 2 switch config interface vlanif1 switch config vlanif1 vrrp 1 ip 192 168 1 100 switch config vlanif1 vrrp 1 priority 120 switch config interface vlanif2 switch config vlanif2 vrrp 2 ip 192 168 2 100 switch config vlanif1 vrrp 2 priority 120 Sw2 switch config interface vlan1 switch config v...

Page 63: ...tch config G2 switchport pvid 2 switch config interface vlanif1 switch config vlanif1 vrrp 1 ip 192 168 1 100 switch config interface vlanif2 switch config vlanif2 vrrp 2 ip 192 168 2 100 Phenomena b PC1 continued to ping PC2 you can capture data packets and find that the packets forwarded by SW2 c Power down the SW2 observe the results of the Ping switching time is about 3S ...

Page 64: ...h Vlan 5 1 1 interface Command Description interface IFNAME This command is to enter interface configuration mode Parameter Parameter Parameters of the command mode IFNAME Interface vlan vlan range vlan1 vlan4094 Default None Command Mode Global configuration mode Example This command is to vlan1 configuration mode switch config interface vlan1 5 1 2 shutdown no shutdown Command Description shutdo...

Page 65: ...5 1 Command Mode Interface configuration mode Example This command is to add or delete an IP address switch config interface vlan1 switch config vlanif1 ip address 10 0 0 1 8 switch config vlanif1 no ip address 10 0 0 1 8 5 1 4 show interface Command Description show interface IFNAME Parameter Parameter Parameters of the command mode IFNAME Vlan interface Default None Command Mode Privileged mode ...

Page 66: ...ake the router to be shared Static routing is generally applicable to a relatively simple network environment in this environment the network administrator can easily understand the topology of the network easy to set up the correct routing information 5 2 1 ip route Command Description ip route A B C D M gateway 1 255 ip route A B C D mask gateway 1 255 This command is to set up the static routin...

Page 67: ...ute This command is used to display the static routes Parameter None Default None Command Mode Privileged mode Example Display the static routes switch show ip route static S 0 0 0 0 8 1 0 via 192 168 255 1 vlanif1 S 0 0 0 0 8 1 0 via 192 168 255 1 vlanif1 5 2 3 example This command is used to realize trans network segment communication between PC1 and PC2 through a static route sw1 switch configu...

Page 68: ...itch configure terminal switch config interface vlan1 switch config vlanif1 ip address 192 168 3 1 24 switch config vlanif1 exit switch config interface vlan2 switch config vlanif2 ip address 192 168 2 2 24 switch config interface G2 switch config G2 switchport mode access switch config G2 switchport pvid 2 switch config G2 exit switch config ip route 192 168 1 0 24 192 168 2 1 2 pc1 ip 192 168 1 ...

Page 69: ...pc2 ping pc1 ...

Page 70: ...dth based metrics OSPF uses the SPF algorithm to calculate the route no routing loop is guaranteed from the algorithm maintain route through neighbor relationship Avoid periodic updates on bandwidth consumption OSPF routing update rate is high and the network convergence is fast it is Suitable for large and medium sized networks 5 3 1 router ospf Command Description router ospf no router ospf Para...

Page 71: ...e Global configuration mode Example Declaration of 192 168 1 0 network and divided in region 0 switch config ospf Network 192 168 1 0 0 0 0 255 area 0 5 3 3 router id Command Description router id A B C D This command is to set up the router id no router id This command is set as the default router id Parameter Parameter Parameters of the command mode A B C D Router id address Default 0 0 0 0 Comm...

Page 72: ...000s Default Delay time 200s Initialization time 1000s Max age 10000s Command Mode Global configuration mode Example Set the delay the initialization hold time the maximum hold time is 111 switch config ospf timers throttle spf 111 111 111 5 3 5 default metric Command Description default metric metric This command is to configure OSPF default metric no default metric This command is to configure O...

Page 73: ...able OSPF passive ports no passive interface IFNAME This command is disable OSPF passive ports Parameter Parameter Parameters of the command mode IFNAME Port Example G1 T1 Default None Command Mode Global configuration mode Example switch config ospf passive interface T1 This command is the T1 for passive interface 5 3 7 redistribute Command Description redistribute RIP static connected no redistr...

Page 74: ... a default OSPF routing and related parameters and to notify the neighbors no default information originate command is used to cancel the generation of the default route or to change the associated parameters Parameter always Always notify the default route always Notice the cost of the default route metric type Notice the type of default route the value of 1 or 2 the default is 2 route map Notice...

Page 75: ...cost to 20 switch config interface vlanif2 switch config vlanif2 ip ospf cost 20 This command is to modify the network type of point to point switch config interface vlanif2 switch config vlanif2 ip ospf network point to point This command is to modify the interface priority for 254 switch config interface vlanif2 switch config vlanif2 ip ospf priority 254 Modify the effective interval of 30 secon...

Page 76: ...se interface Display interface OSPF information neighbor Neighbor view OSPF neighbor table route Route view OSPF route Default None Command Mode Privileged mode Example This command is to display the border routers switch show ip ospf border routers This command is to display the database switch show ip ospf database This command is to display OSPF interface information switch show ip ospf interfa...

Page 77: ...ospf network 192 168 222 0 24 area 0 sw1 switch config interface vlanif3 switch config vlanif3 ip address 192 168 3 1 24 switch config vlanif3 exit switch config interface G23 switch config G23 switchport mode access switch config G23 switchport pvid 3 switch config interface vlanif2 switch config vlanif2 ip address 192 168 2 2 24 switch config vlanif2 exit switch config interface G22 switch confi...

Page 78: ...P config BGP configuration commands include router bgp timers bgp redistribute neighbor Network Function Brief The border gateway protocol BGP is a routing protocol that runs on TCP which is a kind of autonomous system BGP is the only protocol that is used to ...

Page 79: ...ogy of AS interconnection and thus clears the routing loop At the same time the AS level can be implemented in strategic decision making 5 4 1 router bgp Command Description router bgp This command is enable BGP Parameter None Default None Command Mode Interface configuration mode Example This command is enable BGP switch config router bgp 1 5 4 2 timers bgp Command Description timers bgp This com...

Page 80: ...ion OSPF switch config bgp redistribute ospf 5 4 4 neighbor Command Description neighbor This command is to set up BGP neighbor information Parameter None Default None Command Mode Interface configuration mode Example This command is set the BGP neighbors to 192 168 222 222 belongs to AS1 switch config router bgp 2 switch config bgp neighbor 192 168 222 22 remote as1 5 4 5 network Command Descript...

Page 81: ...2 1 24 switch config interface G2 switch config G2 switchport pvid 2 switch config router bgp 1 switch config bgp network 192 168 2 0 switch config bgp network 192 168 222 0 switch config bgp neighbor 192 168 2 2 remote as 2 sw2 switch config interface vlan1 switch config vlanif1 ip address 192 168 3 1 24 switch config interface vlan2 switch config vlanif2 ip address 192 168 2 2 24 switch config i...

Page 82: ...ighbor 192 168 2 1 remote as 1 phenomenon sw1 Sw2 PC1 ping PC2 5 5 RIP config RIP configuration commands include default information default metric distance end exit quit network offset list passive interface redistribute ...

Page 83: ...as two different speed or bandwidth of the router but the same hop count Then RIP thinks that the two route is equal distance RIP maximum support of the number of hops is 15 the number of hops 16 indicates that it is not reachable 5 5 1 default information originate Command Description default information originate no default information originate Parameter None Default None Command Mode Interface...

Page 84: ...ameter Parameter Parameters of the command mode XX Range 1 255 Default 120 Default 120 Command Mode Interface configuration mode Example This command is to change administrative distance to 110 switch config router rip switch config rip distance 110 5 5 4 end Command Description end Parameter None Default None Command Mode Interface configuration mode Example switch config router rip switch config...

Page 85: ... rip exit 5 5 6 network Command Description Network A B C D M Network WORD Set the rip operating segments Parameter Parameter Parameters of the command mode A B C D M 192 168 1 0 24 WORD interface Default None Command Mode Interface configuration mode Example switch config router rip switch config rip network 192 168 1 0 24 5 5 7 offset list Command Description ...

Page 86: ...e configuration mode Example The rule that calls the ACL1 the offset is set to 16 at G2 port import direction switch config router rip switch config rip offset list 1 in 16 G2 5 5 8 passive interface Command Description passive interface if name This command is to configure RIP passive interface No passive interface if name This command is disable RIP passive interface Parameter None Default None ...

Page 87: ...is introduced Default None Command Mode Interface configuration mode Example The introduction of the direct route to RIP routing table and through the route map rule list123 rule the metric value of the specified route is 9 switch config router rip switch config rip redistribute connected metric 9 route map list123 5 5 10 timer Command Description timers basic update interval dead interval garbage...

Page 88: ...RIP protocol is 20 seconds the death time is 100 seconds garbage collection time is 60 seconds switch config router rip switch config rip timers basic 20 100 60 5 5 11 version Command Description Version This command is to modify the RIP version Parameter None Default None Command Mode Interface configuration mode Example This command is to modify the RIP version for V2 switch config router rip sw...

Page 89: ...k 192 168 222 0 24 sw2 switch config interface vlanif3 switch config vlanif3 ip address 192 168 3 1 24 switch config vlanif3 exit switch config interface G23 switch config G23 switchport mode access switch config G23 switchport pvid 3 switch config interface vlanif2 switch config vlanif2 ip address 192 168 2 2 24 switch config vlanif2 exit switch config interface G22 switch config G22 switchport m...

Page 90: ...PC1 ping PC2 ...

Page 91: ...nd Description system ignore icmp echo no system ignore icmp echo If you want to ignore the ICMP request for this device it can be configured by this command Use the no form of the command to cancel this configuration Parameter None Default None Command Mode Global configuration mode Example Configur ignores purpose for the ICMP request of this device switch config system ignore icmp echo 6 1 2 sy...

Page 92: ...o control the CPU of the received data value you can use this command to configure Use the no form of the command to cancel this configuration Parameter Paramet er Parameters of the command mode value 0 100000 pps default 0 disable limited Default None Command Mode Global configuration mode Example Configure the CPU data receiving threshold is 1000 switch config system rate limit 1000 Close the CP...

Page 93: ... 4094 interface id It specifies the physical port to which the MAC address belongs Default None Command Mode Global configuration mode Example Run the following command to bind the MAC address 00 00 00 00 00 01 to port 10 that belongs to VLAN2 switch config mac address static 00 00 00 00 00 01 vlan 2 interface T10 6 3 ARP binding ARP binding configuration commands include ip mac bind show ip mac b...

Page 94: ... bind add interface id ip addr mac addr This command is used to delete a ip mac binding ip mac bind del ip addr Parameter Parameter Parameters of the command mode interface id The physical port of the MAC address ip addr Ip address mac addr MAC address enable Global switch on disable Global switch off enable port Port opening eisable port Port shutdown add adjunction del delete Default None Comman...

Page 95: ...dr Ip address config Configuration statistics Static binding table list of bindin Default None Command Mode Privileged mode Example This command is used to display the ip mac bind table switch config show ip mac bind table 6 4 ACL config ACL configuration commands include mac acl ip acl rule ip mac access group Function Brief ACLs are used to filter packets based on the configured packet matching ...

Page 96: ...e value ranges from 1 to 99 Default None Command Mode Global configuration mode Example switch config mac acl 1 6 4 2 ip acl Command Description ip acl 100 999 This command is used to add an IP ACL entry no ip acl 100 999 This command is used to delete an IP ACL entry Parameter Parameter Parameters of the command mode 100 999 It specifies the ID of an IP ACL The value ranges from 100 to 999 Defaul...

Page 97: ...Vlan id range 1 4094 ETHTYPE Ethernet type range 0x0000 0xFFFF 0x0000 or do not fill in the representation does not match the Ethernet type field source ip Source IP address destination ip Destination IP address 0 7 Match the IP priority range 0 7 0 15 Match the TOS range 0 15 0 63 Match the DSCP range 0 63 Default None Command Mode Global configuration mode Example This command is used to add a M...

Page 98: ...ontrolled mode based on mac based on port dot1x auth dot1x auth user Function Brief 802 1x was proposed by IEEE802 LAN WAN Standards Committee to resolve the security issues of the WLAN Later this protocol is used on the Ethernet as a common access control mechanism of LAN ports 802 1x is mainly used to resolve the authentication and security issues on the Ethernet It implements authentication and...

Page 99: ...ess of the secret key and the standby server Parameter Parameter Parameters of the command mode A B C D Ipaddress secondary ip The standby server ip address Default Authentication server ip address 127 0 0 1 port number 1812 Key radius Command Mode Global configuration mode Example switch config dot1x auth server ip 127 0 0 2 secondary ip 127 0 0 3 port 1812 shared secret 123 6 5 3 dot1x auth serv...

Page 100: ...ress secondary ip The standby server ip address Default Remote Command Mode Global configuration mode Example switch config dot1x acct sever ip 127 0 0 2 secondary ip 127 0 0 3 port 1812 shared secret 123 6 5 5 dot1x timer Command Description dot1x timer reauth period quient period value 1 65535 Configure authentication server update interval hold authentication time Parameter Parameter Parameters...

Page 101: ...utomatic unauthorized force forced authenticating unsuccessfully Default auto Command Mode Interface configuration mode Example Configuration mandatory certification through of port1 switch config interface G1 switch config G1 dot1x auth mode authorized force 6 5 7 dot1x controlled mode Command Description dot1x controlled mode based on mac based on port This command is used to configure based on ...

Page 102: ...ertification aging time changed to 50 seconds switch config dot1x auth hold time 50 6 5 9 dot1x auth user Command Description dot1x auth user username password password This command is to create a new user name and password Parameter username login username of switch password login password of switch Default None Command Mode Global configuration mode Example This command to create a user called A...

Page 103: ...protected This command is used to disable switchport protected Parameter None Default Disable Command Mode Interface configuration mode Example This command is used to add ports T1 to switchport protected switch config interface T1 switch config T1 switchport protected 6 7 Storm control configuration commands include storm control broadcast pps storm control multicast pps storm control unicast pps...

Page 104: ...is used to limit the rate of broadcast packet of Port 1 to 1000pps switch config interface G1 switch config G1 storm control broadcast pps 1000 6 7 2 storm control multicast pps Command Description storm control multicast pps vlaue This command is used to enable the multicast storm control function no storm control multicast This command is used to disable the multicast storm control function Para...

Page 105: ...and Mode Interface configuration mode Example This command is used to limit the rate of unicast packet of Port 1 to 1000pps switch config interface G1 switch config G1 storm control unicast pps 1000 6 8 ERPS RING config configuration commands include loop protection loop protection tx time loop protection transmit Function Brief erps ring is similar to STP but it lacks an IEEE standard and is a pr...

Page 106: ...ection 6 8 2 loop protection tx time Command Description loop protection tx time TIME Parameter Parameter Parameters of the command mode TIME Unit ms range 500 5000 Default 500 Command Mode Global configuration mode Example switch config loop protection tx time 600 6 8 3 loop protection transmit Command Description loop protection transmit This command is used to enable the loop protection transmi...

Page 107: ... Command Mode privilege mode Example switch show loop protection status 6 8 5 example Three devices form a ring network SW2 is a switch without the management function and PC1 can communicate with PC2 normally When any of the other links except for the link in which the blocked port is located has a fault the loop protection function can implement fast switching sw1 switch configure terminal switc...

Page 108: ...d to enable the loop protection and loop protect transmit for Port G2 sw2 switch configure terminal switch config loop protection switch config loop protection transmit time 500 switch config interface G1 switch config G1 loop protection switch config G1 loop protection transmit switch config G1 exit switch config interface G2 switch config G2 loop protection switch config G2 loop protection trans...

Page 109: ...tocol developed by IEEE and has been widely used In practice application of STP is restricted by the network size and the convergence time is affected by the network topology The convergence time of STP is generally several seconds or longer if the network diameter is large The use of RSTP MSTP can reduce the convergence time to several milliseconds but still cannot meet the requirements of servic...

Page 110: ...ARD TIME Parameter Parameter Parameters of the command mode XX 1 24 PORT A any port PORT B In addition to the above fill in the port VLAN 1 4094 Default 3001 Wtr TIME 1 12min When the RPL has a node that receives the first R APS NR message the WTR timer is started GUARD TIME 100 2000ms The default is 500ms failure of adjacent nodes to detect the fault recovery time to start the warning time timer ...

Page 111: ...erps show erps erps ring id Parameter erps ring id rang 1 24 Default none Command Mode privilege mode Example switch show erps 6 9 4 example Three devices group an ERPS ring Port 0 on SW1 is configured to the owner port it controls the forwarding state that is the port is blocked when there is a loop When there is a loop PC1 and PC2 can communicate with each other normally When any of the other li...

Page 112: ... primary G1 slave G2 role transit vid 3001 wtr time 1 guard time 500 phenomenon G1 of SW1 is blocked pc1 192 168 222 107 ping pc2 192 168 222 95 When any of the other links except for the link in which the blocked port is located is disconnected manually fast switching is implemented without interrupting the ping process ...

Page 113: ...he switch when packets reach this port the switch checks the IP source guard entries If the packet matches an entry the switch forwards the packet or the packet enters the subsequent flow If the packet does not match any entry the switch drops the packet The binding function is port based After a port is bound only this port is affected by the binding relationship and other ports are not affected ...

Page 114: ...trust 1 6 10 3 ip dhcp snooping binding Command Description ip dhcp snooping binding MAC vlan VLANID ip A B C D mask Msak interface IFNAME no ip dhcp snooping binding MAC vlan VLANID ip A B C D interface IFNAME Parameter Parameter Parameters of the command mode MAC the MAC address of Static binding VLANID the VLAN ID of Static binding A B C D the IP address of Static binding Msak the mask address ...

Page 115: ...k 255 255 255 0 interface G1 6 10 4 show ip source guard Command Description show ip source guard leases Parameter none Default none Command Mode Privilege mode and global mode Example switch show ip source guard leases ...

Page 116: ...1 1 ip http server http Command Description ip http server http This command is used to enable the HTTP on the switch no ip http server This command is used to disable the HTTP on the switch After this command is executed the switch cannot be managed in HTTP mode Parameter None Default None Command Mode Global configuration mode Example Enable the HTTP service switch config ip http server http 7 1...

Page 117: ...me trap trap2sink trapsink user Function Brief SNMP is a set of network management standards It includes an application layer protocol a database schema and a set of data objects It is widely used in network management systems to monitor network attached devices for conditions that warrant administrative attention It is a component of the Internet Protocol Suite as defined by the Internet Engineer...

Page 118: ...sion snmp server trapsink ip This command is used to restore the default SNMP version Parameter None Default snmp Command Mode Global configuration mode Example Configure the SNMP version of the switch switch config snmp server trap2sink 192 168 1 1 7 2 3 snmp server trap Command Description snmp server trap This command is used to enable snmp trap no snmp server trap This command is used to disab...

Page 119: ...nfiguration mode Example This command is used to configure a switch switch config snmp server community ro 111 The authentication name is 123 and the permission is read only 7 2 5 snmp host Command Description snmp server sysname This command is used to configure the host name Parameter None Default None Command Mode Global configuration mode Example switch config snmp server sysname 1111 It indic...

Page 120: ...with MIB Browser to obtain the switch node information sw switch config snmp server switch config snmp server community ro 123 switch config snmp server community rw 123 This command is used to configure the SNMP version and read write community switch config snmp server trap enable switch config snmp server trap2sink 192 168 222 107 This command is used to configure SNMP trap information ...

Page 121: ... the switch IP address and corresponding community name Right click iso org dod internet and choose Work as shown in the following figure Related information is displayed Click Trap Receiver under Tools to display uploaded trap information ...

Page 122: ...ne Default None Command Mode Privileged mode Example switch write switch reboot Run the following commands to save the configuration and then restart the equipment 8 2 Restore factory The command for restoring factory settings is as follows default configure default configure keep ip Function Brief This chapter describes the recovery of the factory configuration command This command can be used to...

Page 123: ...the factory settings take effect after the equipment automatically restarts switch default configure 8 3 Config management Function Brief This chapter describes the configuration file save command This command can save the configuration Use commands of this chapter to configure the example please read the final sample section of the document 8 3 1 write Command Description write If you want to sav...

Page 124: ...is used to check whether the physical connection between the two PCs is normal The PING diagnose function of the switch helps the network administrator test whether a network device is disconnected on a LAN and locate network faults based on the test result 8 4 1 ping Command Description ping ip Test whether the switch and the host are reachable from each other Parameter None Default None Command ...

Reviews: