manualshive.com logo in svg

Digitus DN-80233, User Manual

The Digitus DN-80233 is a cutting-edge device that guarantees seamless data transmission. With its exceptional performance and reliability, this product stands out from the competition. For a hassle-free experience, make sure to download the free user manual from our website, where you'll find detailed instructions to optimize your device's potential.

Share
Download
background image

 

211

9.2 IP Access Control List (ACL) Commands   

 

IP Access Control Lists (ACLs) ensure that only authorized users have access to specific 
resources while blocking off any unwarranted attempts to reach network resources.   

Note: 

 

„

 

IP ACL configuration for IP packet fragments is not supported.   

„

 

The maximum number of ACLs of any type that can be created is 100.   

„

 

The maximum number of rules per IP ACL translates into the number of hardware classifier 
entries used when an IP ACL is attached to an interface.    Increasing these values in the switch   
increases the RAM and NVSTORE usage.   

„

 

ACLs are configured separately for Layer 2 and Layer 3.    Some types of hardware do not allow 
both types of ACLs to be applied to the same interface.   

„

 

Wildcard masking for ACLs operates differently from a subnet mask. A wildcard mask is in 
essence the inverse of a subnet mask. With a subnet mask, the mask has ones (1's) in the bit 
positions that are used for the network address, and has zeros (0's) for the bit postions that are 
not used. In contrast, a wildcard mask has (0’s) in a bit position that must be checked. A ‘1’ in a 
bit position of the ACL mask indicates the corresponding bit can be ignored.   

 

9.2.1 access-list   

 
This command creates an IP Access Control List (ACL) that is identified by the 
parameter <

accesslistnumber>. 

 

The IP ACL number (<

accesslistnumber>) 

is an integer from 1 to 199. The <

accesslistnumber> 

range 1 to 99 is for an IP standard ACL and the <

accesslistnumber> 

range 100 to 199 is for an 

IP extended ACL.   

The IP ACL rule is specified with either a 

permit or deny 

action.  

The protocol to filter for an IP ACL rule is specified by giving the protocol to be used like 
i

cmp,igmp,ip,tcp,udp. 

 

The command specifies a source ipaddress and source mask for match condition of the IP ACL 
rule specified by the 

srcip 

and 

srcmask 

parameters.  

The source layer 4 port match condition for the IP ACL rule are specified by the 

port value 

parameter. The <

startport> 

and

 <endport> 

parameters identify the first and last ports that are part of 

the port range. They have values from 0 to 65535. The ending port must have a value equal or 
greater than the starting port. The starting port, ending port, and all ports in between will be part of 
the destination port range.   

The <

portvalue> 

parameter uses a single keyword notation and currently has the values of 

domain, 

echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp

, and 

www

. Each of these values translates into its 

equivalent port number, which is used as both the start and end of a port range.   

The command specifies a destination ipaddress and destination mask for match condition of the IP 
ACL rule specified by the 

dstip 

and 

dstmask 

parameters.  

The command specifies the TOS for an IP ACL rule depending on a match of precedence or 
DSCP values using the parameters 

dscp, precedence

tos, tosmask

.  

The command specifies the assign-queue which is the queue identifier to which packets matching 
this rule are assigned.   

The command specifies the redirect interface which is the unit/slot/port to which packets matching 

Summary of Contents for DN-80233

Page 1: ...User Manual Dynamic 24 PORT MANAGED GIGABIT SWITCH DN 80233 ...

Page 2: ...ation 34 3 1 Management Access Overview 34 3 1 1 Administration Console 35 3 1 2 Direct Access 35 3 2 Web Management 36 3 3 SNMP Based Network Management 36 3 4 Protocols 36 3 4 1 Virtual Terminal Protocols 36 3 4 2 SNMP Protocol 36 3 4 3 Management Architecture 37 4 0 Command Structure 38 4 1 Format 38 4 1 1 Command 38 4 1 2 Parameters 38 4 1 3 Values 39 4 1 4 Conventions 40 4 1 5 Annotations 40 ...

Page 3: ...o 65 7 1 10 snmp server 65 7 2 System Management Commands 66 7 2 1 telnet 66 7 2 2 transport input telnet 66 7 2 3 transport output telnet 66 7 2 4 session limit 67 7 2 5 session timeout 67 7 2 6 bridge aging time 67 7 2 7 mtu 68 7 2 8 network javamode 68 7 2 9 network mac address 69 7 2 10 network mac type 69 7 2 11 network parms 69 7 2 12 network protocol 70 7 2 13 telnetcon maxsessions 70 7 2 1...

Page 4: ... 7 3 8 snmp server community ro 79 7 3 9 snmp server community rw 79 7 3 10 snmp server enable traps 79 7 3 11 snmp server enable traps bcaststorm 80 7 3 12 snmp server enable traps linkmode 80 7 3 13 snmp server enable traps multiusers 81 7 3 14 snmp server enable traps stpmode 81 5 3 15 snmptrap 81 7 3 16 snmptrap ipaddr 82 7 3 17 snmptrap mode 82 7 3 18 snmp trap link status 82 7 3 19 snmp trap...

Page 5: ...multicast 92 7 5 26 show mac address table static 93 7 5 27 show mac address table stats 93 7 5 28 show monitor session 93 7 5 29 show port 94 7 5 30 show port protocol 95 7 5 31 show storm control 95 7 5 32 show interface protected 95 7 6 Virtual LAN VLAN Commands 96 7 6 1 vlanset 96 7 6 2 vlan 96 7 6 3 vlan acceptframe 96 7 6 4 vlan ingressfilter 97 7 6 5 vlan makestatic 97 7 6 6 vlan name 98 7 ...

Page 6: ...t channel 108 7 7 8 clear traplog 108 7 7 9 clear vlan 108 7 7 10 logout 108 7 7 11 ping 109 7 7 12 reload 109 7 7 13 copy 109 7 7 14 autosave 110 7 7 15 cpu port security 110 7 7 16 cpu port security max entries 111 7 7 17 cpu port security allow 111 7 7 18 cpu port security allow 111 7 7 19 cpu port security deny 111 7 7 20 cpu port security deny 112 7 7 21 show cpu statistics 112 7 7 22 show cp...

Page 7: ...23 7 12 1 disconnect 123 7 12 2 show loginsession 123 7 12 3 show users 123 7 12 4 users name 124 7 12 5 users passwd 124 7 12 6 users snmpv3 accessmode 125 7 12 7 users snmpv3 authentication 125 7 12 8 users snmpv3 encryption 126 7 13 Simple Network Time Protocol SNTP Commands127 7 13 1 sntp broadcast client poll interval 127 7 13 2 sntp client mode 127 7 13 3 sntp client port 128 7 13 4 sntp uni...

Page 8: ...ip dhcp global configuration 140 7 14 23 show ip dhcp pool configuration 141 7 14 24 show ip dhcp server statistics 141 7 14 25 show ip dhcp conflict 142 7 14 26 clear ip dhcp binding 143 7 14 27 clear ip dhcp server statistics 143 7 14 28 clear ip dhcp conflict 143 7 15 Double VLAN Commands 144 7 15 1 dvlan tunnel customer id 144 7 15 2 dvlan tunnel etherType 144 7 15 3 mode dot1q tunnel 145 7 15...

Page 9: ...tion 154 7 19 4 show mac address table gmrp 154 7 20 IGMP Snooping Commands 155 7 20 1 set igmp 155 7 20 2 set igmp fast leave 156 7 20 3 show igmpsnooping 156 7 20 4 show igmpsnooping mrouter interface 157 7 20 5 show mac address table igmpsnooping 157 7 21 Link Aggregation LAG Port Channel 802 3AD Commands 158 7 21 1 port channel staticcapability 158 7 21 2 port lacpmode all 158 7 21 3 port chan...

Page 10: ...nning tree interface 171 7 22 20 show spanning tree mst port detailed 172 7 22 21 show spanning tree mst port summary 173 7 22 22 show spanning tree mst summary 174 7 22 23 show spanning tree vlan 174 7 23 Bootp DHCP Relay Commands 175 7 23 1 bootpdhcprelay cidoptmode 175 7 23 2 bootpdhcprelay enable 175 7 23 3 bootpdhcprelay maxhopcount 175 7 23 4 bootpdhcprelay minwaittime 176 7 23 5 bootpdhcpre...

Page 11: ...ny 185 8 1 20 show port security violation 185 8 1 21 show port security cpu multicast rate limit 186 8 2 Port Based Network Access Control IEEE 802 1X Commands 187 8 2 1 authentication login 187 8 2 2 clear dot1x statistics 187 8 2 3 clear radius statistics 188 8 2 4 dot1x defaultlogin 188 8 2 5 dot1x initialize 188 8 2 6 dot1x login 188 8 2 7 dot1x max req 188 8 2 8 dot1x port control 189 8 2 9 ...

Page 12: ...11 show radius 200 8 3 12 show radius statistics 201 8 3 13 show tacacs server 202 8 4 Secure Shell SSH Commands 203 8 4 1 ip ssh 203 8 4 2 ip ssh protocol 203 8 4 3 sshcon maxsessions 203 8 4 4 sshcon timeout 204 8 4 5 show ip ssh 204 8 5 Hypertext Transfer Protocol HTTP Commands 205 8 5 1 ip http secure port 205 8 5 2 ip http secure protocol 205 8 5 3 ip http secure server 205 8 5 4 ip http serv...

Page 13: ... map 218 9 4 6 match cos 218 9 4 7 match destination address mac 219 9 4 8 match dstip 219 9 4 9 match dstl4port 219 9 4 10 match ip dscp 220 9 4 11 match ip precedence 220 9 4 12 match ip tos 220 9 4 13 match protocol 221 9 4 14 match source address mac 221 9 4 15 match srcip 222 9 4 16 match srcl4port 222 9 4 17 match vlan 222 9 5 Policy Commands 224 9 5 1 assign queue 224 9 5 2 drop 224 9 5 3 r...

Page 14: ...weights 236 9 8 7 cos queue strict 236 9 8 8 show classofservice dot1p mapping 237 9 8 9 show classofservice ip dscp mapping 237 9 8 10 show classofservice ip precedence mapping 237 9 8 11 show classofservice trust 238 9 8 12 show interfaces cos queue 238 9 9 Rate Limiting Commands 240 9 9 1 rate limiting 240 9 9 2 show rate limiting 240 10 0 Stacking Commands 241 10 1 Dedicated port Stacking 241 ...

Page 15: ...uting 253 11 2 1 routing 253 11 2 2 ip routing 253 11 2 3 ip address 253 11 2 4 ip route 254 11 2 5 ip route default 254 11 2 6 ip route distance 255 11 2 7 ip forwarding 255 11 2 8 ip netdirbcast 255 11 2 9 ip mtu 256 11 2 10 show ip brief 256 11 2 11 show ip interface 257 11 2 12 show ip interface brief 257 11 2 13 show ip route 258 11 2 14 show ip route bestroutes 258 11 2 15 show ip route entr...

Page 16: ...stats 267 11 5 10 show ip vrrp 268 11 5 11 show ip vrrp interface 268 11 5 12 show ip vrrp interface brief 268 11 6 Open Shortest Path First OSPF Commands 270 11 6 1 enable OSPF 270 11 6 2 ip ospf 270 11 6 3 1583compatibility 270 11 6 4 area authentication 271 11 6 5 area default cost 271 11 6 6 area nssa 271 11 6 7 area nssa default info originate 272 11 6 8 area nssa no redistribute OSPF 272 11 ...

Page 17: ...6 34 ip ospf transmit delay 282 11 6 35 ip ospf mtu ignore 282 11 6 36 router id 282 11 6 37 redistribute 283 11 6 38 maximum paths 283 11 6 39 show ip ospf 283 11 6 40 show ip ospf area 285 11 6 41 show ip ospf database 285 11 6 42 show ip ospf interface 286 11 6 43 show ip ospf interface brief 287 11 6 44 show ip ospf interface stats 288 11 6 45 show ip ospf neighbor 288 11 6 46 show ip ospf nei...

Page 18: ...p confederation identifier 302 12 1 8 bgp default local preference 303 12 1 9 bgp flapdamping dampfactor 303 12 1 10 bgp flapdamping flapmaxtime 303 12 1 11 bgp flapdamping mode 304 12 1 12 bgp flapdamping penaltyinc 304 12 1 13 bgp flapdamping reuselimit 304 12 1 14 bgp flapdamping reusemaxsize 305 12 1 15 bgp flapdamping suppresslimit 305 12 1 16 bgp flapdamping timerresolution 306 12 1 17 bgp i...

Page 19: ...1 46 neighbor peeripaddr confedmember 316 12 1 47 neighbor peeripaddr connretry 316 12 1 48 neighbor peeripaddr msgsendlimit 317 12 1 49 neighbor peeripaddr next hop self 317 12 1 50 neighbor peeripaddr optionalcap 317 12 1 51 neighbor peeripaddr remote as 318 12 1 52 neighbor peeripaddr maximum prefix 318 12 1 53 neighbor peeripaddr route reflector client 319 12 1 54 neighbor peeripaddr shutdown ...

Page 20: ...332 13 1 3 ip multicast staticroute 333 13 1 4 ip multicast ttl threshold 333 13 1 5 mrinfo 333 13 1 6 mstat 334 13 1 7 mtrace 334 13 1 8 show ip mcast 334 13 1 9 show ip mcast boundary 335 13 1 10 show ip mcast interface 335 13 1 11 show ip mcast mroute 336 13 1 12 show ip mcast mroute group 336 13 1 13 show ip mcast mroute source 337 13 1 14 show ip mcast mroute static 337 13 1 15 show mrinfo 33...

Page 21: ...et igmp mrouter interface 348 13 3 14 set igmp mrouter 349 13 3 15 show ip igmp 349 13 3 16 show ip igmp groups 350 13 3 17 show ip igmp interface 351 13 3 18 show ip igmp interface membership 351 13 3 19 show ip igmp interface stats 352 13 4 Protocol Independent Multicast Dense Mode PIM DM Commands 353 13 4 1 ip pimdm 353 13 4 2 ip pimdm mode 353 13 4 3 ip pimdm query interval 354 13 4 4 show ip ...

Page 22: ...13 5 13 show ip pimsm staticrp 360 13 5 14 show ip pimsm 361 13 5 15 show ip pimsm componenttable 361 13 5 16 show ip pimsm interface 362 13 5 17 show ip pimsm interface stats 362 13 5 18 show ip pimsm neighbor 363 13 5 19 show ip pimsm rp 363 13 5 20 show ip pimsm rphash 363 14 0 Using the Web Interface 365 14 1 Configuring for Web Access 365 14 1 1 Web Page Layout 365 14 1 2 Starting the Web Int...

Page 23: ...comply with the limits for a Class B digital device pursuant to Part 15 of FCC Rules These limits are designed to provide reasonable protection against such interference when operating in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used according to the instructions may cause harmful interference to radio communications Ope...

Page 24: ... Model One Power Cord Mounting Brackets One Serial Console Cable CD User Guide If any of the listed items is missing or damaged please contact the place of purchase 1 2 How to Use this Guide This user guide is structured as follows Chapter 2 Product Description explains the features of the switch and the front rear panel indicates Chapter 3 Installing the Switch explains how to physically install ...

Page 25: ...24 ...

Page 26: ...l duplex operation and collision like backpressure for half duplex operation z Store and forward forwarding scheme z Port mirroring function Multiple Port mirroring function z Link Aggregation function 2 3 or 4 ports per link z Up to 8 trunk group z 802 3ad LACP z Broadcast Storm Control z Multicast filtering IGMP snooping z GVRP protocol for VLAN management z 4092 802 1q Tagged VLAN z Protected p...

Page 27: ...Agent L3 IP packets wired speed Forwarding RIP v1 v2 OSPF v2 for backward compatible with traditional router 4K IPv4 address 16K Routing table Layer 3 wired speed routing among all ports IPV4 Fully compatible with existing routing protocol RIP V1 V2 OSPF V2 PIM DVMRP z 1 Male DB9 RS 232C console interface configured as DTE for operation diagnostics status and configuration information z IEEE 802 3...

Page 28: ...27 ...

Page 29: ...28 ...

Page 30: ...29 ...

Page 31: ...30 ...

Page 32: ...u will be using the switch for Fast Ethernet 100 Mbps operation observe the following guidelines z The maximum unshielded twisted pair UTP cable length is 100 meters 328 feet over Category 5 cable z Single repeater topologies permit a total network span of 325 meters 1066 feet Full Duplex Considerations The switch provides full duplex support for its Fast Ethernet ports Full duplex operation allow...

Page 33: ... the front panel facing you Step 2 Locate a mounting bracket over the mounting holes on one side of the switch Step 3 Insert three screws and use a screwdriver to secure Step 4 Repeat the two previous steps for the other side of the switch Step 5 Insert the switch into the 19 inch rack and secure with suitable screws Make sure the ventilation holes on the switch are not obstructed Step 6 Connect t...

Page 34: ...33 with integrity z Decompresses the main switching software run time image from the flash ROM into DRAM area z Begins executing the main switching software ...

Page 35: ... following methods z An administration console z Web browser interface z An external SNMP based network management application The administration console and Web browser interface support are embedded in the switch software and are available for immediate use Each of these management methods has their own advantages Table 4 compares the three management methods Table 1 Comparisons of Three Managem...

Page 36: ...The following sections describe these methods For more information about using the console refer to Chapter 4 Command Line Interface Console Management 3 1 2 Direct Access Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal emulation program such as HyperTerminal to the switch console serial port When using this management meth...

Page 37: ...n only knows the set community string it can read and write to the MIBs However if it only knows the get community string it can only read MIBs The default gets and sets community strings for the switch are public 3 4 Protocols The switch supports the following protocols z Virtual terminal protocols such as Telnet z Simple Network Management Protocol SNMP 3 4 1 Virtual Terminal Protocols A virtual...

Page 38: ...figuration parameters set using one method console port for example are immediately displayable by the other management methods for example SNMP agent of Web browser The management architecture of the switch adheres to the IEEE open standard This compliance assures customers that the switch is compatible with and will interoperate with other solutions that adhere to the same open standard ...

Page 39: ...etmask gateway network parms is the command name ipaddr netmask are the required values for the command gateway is the optional value for the command Example 2 snmp server location loc snmp server location is the command name loc is the required parameter for the command Example 3 clear vlan clear vlan is the command name 4 1 1 Command The following conventions apply to the command name The comman...

Page 40: ...ition to these formats decimal hexidecimal and octal formats are supported through the following input formats where n is any valid hexidecimal octal or decimal number 0xn CLI assumes hexidecimal format 0n CLI assumes octal format with leading zeros n CLI assumes decimal format macaddr The MAC address format is six hexadecimal numbers separated by colons for example 00 06 29 32 81 40 areaid Area I...

Page 41: ...to uniquely identify the command word The command may be exe cuted by typing enter command abbreviation or the command word may be completed by typing the tab or space bar command completion The value Err designates that the requested value was not internally accessible This should never happen and indicates that there is a case in the software that is not handled correctly The value of designates...

Page 42: ...aracter Ctrl A go to beginning of line Ctrl E go to end of line Ctrl F go forward one character Ctrl B go backward one character Ctrl D delete current character Ctrl H display command history or retrieve a command Ctrl U X delete to beginning of line Ctrl K delete to end of line Ctrl W delete previous word Ctrl T transpose previous character Ctrl P go to previous line in history buffer Ctrl N go t...

Page 43: ...he login area Since a number of the Quick Setup commands require administrator account rights we suggests logging into an administrator account Do not enter a password because there is no password in the default mode Press the enter key two times The CLI User EXEC prompt will be displayed Use enable to networking device to the Privileged EXEC mode from User EXEC Use configure to switch to the Glob...

Page 44: ... the admin user has Read Write access and the guest user has Read Only access There can only be one Read Write user and up to five Read Only users show loginsession in User EXEC Displays all of the login session information users passwd username in Global Config Allows the user to set passwords or change passwords needed to login A prompt will appear after the command is entered requesting the use...

Page 45: ...fault Gateway The default Gateway for this interface Default value is 0 0 0 0 Burned in MAC Address The Burned in MAC Address used for in band connectivity Locally Administered MAC Address Can be configured to allow a locally administered MAC address MAC Address Type Specifies which MAC address should be used for in band connectivity Network Configurations Protocol Current Indicates which network ...

Page 46: ...nly XMODEM Command Details copy url nvram startup config system image Sets the destination download data type to be an image system image or a configuration file nvram startup config The URL must be specified as xmodem filepath fileName For example If the user is using HyperTerminal the user must specify which file is to be sent to the switch The Switch will restart automatically once the code has...

Page 47: ... made to the switch copy system running config nvram startup config Enter yes when the prompt pops up that asks if you want to save the configurations made to the switch reload OR Cold Boot the Switch Enter yes when the prompt pops up that asks if you want to reset the system This is the users choice either reset the switch or cold boot the switch both work effectively ...

Page 48: ...the enable com mand Switch To exit to the User Exec mode enter exit or press Ctrl Z VLAN Mode From the Privi leged Exec mode enter the vlan database com mand Switch Vlan To exit to the Privileged Exec mode enter the exit command or press Ctrl Z to switch to the User Exec mode Global Config Mode From the Privi leged Exec mode enter the con figure command Switch Config To exit to the Privileged Exec...

Page 49: ...er ctrl Z Router OSPF Config Mode only for Layer 3 Series From the Global Config mode enter the router ospf command Switch Config router To exit to the Global Config mode enter exit To return to the User Exec mode enter ctrl Z Router RIP Config Mode only for Layer 3 Series From the Global Config mode enter the router rip command Switch Config router To exit to the Global Config mode enter exit To ...

Page 50: ...lobal Config mode enter the mac access list extended name command Switch Config mac access list To exit to the Global Config mode enter exit To return to the User Exec mode enter ctrl Z DHCP Pool Con fig Mode From the Global Config mode enter the ipdhcp pool pool name command Switch Config dhcp pool To exit to the Global Config mode enter exit To return to the User Exec mode enter ctrl Z Stack Glo...

Page 51: ...in one mode are not available until the operator switches to that particular mode with the exception of the User Exec mode commands The User Exec mode commands may also be executed in the Privileged Exec mode The commands available to the operator at any point in time depend upon the mode Entering a question mark at the CLI prompt displays a list of the available commands and descriptions of the c...

Page 52: ...ifications to the running configuration General setup commands are grouped in this mode From the Global Configuration mode the operator can enter the System Configuration mode the Physical Port Configuration mode the Interface Configuration mode or the Protocol Specific modes specified below The command prompt at this level is Command Prompt Config From the Global Config mode the operator may ente...

Page 53: ... Class Map Mode This mode consists of class creation deletion and matching commands The class match com mands specify Layer 2 Layer 3 and general match criteria Use the class map class map name commands to access the QoS class map configuration mode to configure QoS class maps Config class map class map name Command Prompt Config class map Router OSPF Config Mode In this mode the operator is allow...

Page 54: ...llocation command to access the Bandwidth provisioning Config Mode to configure bandwidth allocation Config bwp bwallocation Command Prompt Config bwp bwallocation MAC Access List Config Mode Use the MAC Access List Config mode to create a MAC access List and to enter the mode containing mac access list configuration commands Config mac access list extended name Command Prompt Config mac access li...

Page 55: ...tered are treated as optional parameters If any of the parameters are not recognized a syntax error message will be displayed 2 After the command is successfully parsed and validated the control of execution goes to the corresponding CLI callback function 3 For mandatory parameters the command tree extends till the mandatory parameters make the leaf of the branch The callback function is only invo...

Page 56: ...verse the action of a command or reset a value back to the default For example the no shutdown interface configuration command reverses the shutdown of an interface Use the command without the keyword no to re enable a disabled feature or to enable a feature that is disabled by default ...

Page 57: ... of the CLI commands The commands are divided into five functional groups Show commands display switch settings statistics and other information Configuration commands configure features and options of the switch For every configuration command there is a show command that displays the configuration setting Copy commands transfer or save configuration and informational files to and from the switch...

Page 58: ...achine Model Specifies the machine model as defined by the Vital Product Data Serial Number The unique box serial number for this switch FRU Number The field replaceable unit number Part Number Manufacturing part number Maintenance Level Indicates hardware changes that are significant to software Manufacturer Manufacture descriptor field Burned in MAC Address Universally assigned network address S...

Page 59: ...he total number of packets including broadcast packets and multicast packets received by the processor Broadcast Packets Received The total number of packets received that were directed to the broadcast address Note that this does not include multicast packets Packets Received With Error The number of inbound packets that contained errors preventing them from being deliverable to a higher layer pr...

Page 60: ...s but including FCS octets Packets Received 256 511 Octets The total number of packets including bad packets received that were between 256 and 511 octets in length inclusive excluding framing bits but including FCS octets Packets Received 512 1023 Octets The total number of packets including bad packets received that were between 512 and 1023 octets in length inclusive excluding framing bits but ...

Page 61: ... Traffic Frames The total number of frames dropped in the forwarding process because the destination address was located off of this port 802 3x Pause Frames Received A count of MAC Control frames received on this interface with an op code indicating the PAUSE operation This counter does not increment when the interface is operating in half duplex mode Unacceptable Frame Type The number of frames ...

Page 62: ...e excluding framing bits but including FCS octets Max Info The maximum size of the Info non MAC field that this port will receive or transmit Packets Transmitted Successfully Total The number of frames that have been transmitted by this port to its segment Unicast Packets Transmitted The total number of packets that higher level proto cols requested be transmitted to a subnetwork unicast address i...

Page 63: ...g in half duplex mode GVRP PDU s Received The count of GVRP PDU s received in the GARP layer GVRP PDU s Transmitted The count of GVRP PDU s transmitted from the GARP layer GVRP Failed Registrations The number of times attempted GVRP registrations could not be completed GMRP PDU s received The count of GMRP PDU s received in the GARP layer GMRP PDU s Transmitted The count of GMRP PDU s transmitted ...

Page 64: ...discarded or not sent Multicast Packets Transmitted The total number of packets that higher level protocols requested be transmitted to a Multicast address including those that were discarded or not sent Broadcast Packets Transmitted The total number of packets that higher level pro tocols requested be transmitted to the Broadcast address including those that were discarded or not sent Transmit Pa...

Page 65: ... entries following the requested MAC address Format show mac addr table macaddr all Mode Privileged EXEC Mac Address A unicast MAC address for which the switch has forwarding and or filtering informa tion The format is 6 or 8 two digit hexadecimal numbers that are separated by colons for example 01 23 45 67 89 AB In an IVL system the MAC address will be displayed as 8 bytes Unit Slot Port The port...

Page 66: ...ing config all scriptname Mode Privileged EXEC 7 1 9 show sysinfo This command displays switch information Format show sysinfo Mode Privileged EXEC Switch Description Text used to identify this switch System Name Name used to identify the switch System Location Text used to identify the location of the switch May be up to 31 alpha numeric characters The factory default is blank System Contact Text...

Page 67: ...port debug line noecho Modes Privileged EXEC User EXEC 7 2 2 transport input telnet This command regulates new telnet sessions If sessions are enabled new telnet sessions can be established until there are no more sessions available If sessions are disabled no new telnet sessions are established An established session remains active until the session is ended or an abnormal network error ends the ...

Page 68: ...number of simultaneous outbound telnet sessions to the default value Format no session limitMode Line Config 7 2 5 session timeout This command sets the outbound telnet session timeout value The timeout value unit of time is minutes A value of 0 indicates that a session remains active indefinitely Default 0 Format session timeout 0 160 Mode Line Config 7 2 5 1 no session timeout This command sets ...

Page 69: ...bytes for physical and port channel LAG interfaces For the standard implementation the range of mtusize is a valid integer between 1522 9216 for tagged packets and a valid interger between 1518 1926 for untagged packets Note To receive and process packets the Ethernet MTU must include any extra bytes that may be required for Layer 2 headers Whereaa the IP MTU size See ip mtu on page 183 refers to ...

Page 70: ...oup address b 1 The second character of the twelve character macaddr must be 2 6 A or E A locally administered address must have bit 6 On b 1 and bit 7 Off b 0 Format network mac address macaddr Mode Privileged EXEC 7 2 10 network mac type This command specifies whether the burned in MAC address or the locally administered MAC address is used Default burned in Format network mac type local burnedi...

Page 71: ...ivileged EXEC 7 2 13 1 no telnetcon maxsessions This command sets the maximum number of telnet connection sessions that can be established to the default value Format no telnetcon maxsessions Mode Privileged EXEC 7 2 14 telnetcon timeout This command sets the telnet connection session timeout value in minutes A session is active as long as the session has not been idle for the value set The time i...

Page 72: ...t no serial baudrate Mode Line Config 7 2 16 serial timeout This command specifies the maximum connect time in minutes without console activity A value of 0 indicates that a console can be connected indefinitely The time range is 0 to 160 Default 5 Format serial timeout 0 160 Mode Line Config 7 2 16 1 no serial timeout This command sets the maximum connect time in minutes without console activity ...

Page 73: ...s This field displays the forwarding database ID in an IVL system Agetime In an IVL system this parameter displays the address aging timeout for the associated forwarding database 7 2 20 show network This command displays configuration settings associated with the switch s network interface The network interface is the logical interface used for in band connectivity with the switch via any of the ...

Page 74: ... management VLAN ID 7 2 21 show telnetcon This command displays telnet settings Format show telnetcon Mode Privileged EXEC and User EXEC Remote Connection Login Timeout minutes This object indicates the number of minutes a remote connection session is allowed to remain inactive before being logged off A zero means there will be no timeout May be specified as a number from 0 to 160 The factory defa...

Page 75: ...y for each of them Format single_ip_mgmt enable Mode Privileged EXEC 7 2 24 single_ip_mgmt groupid only for Layer 2 Series This command sets the group ID for single IP management function Format single_ip_mgmt groupid 1 250 Mode Privileged EXEC 7 2 25 single_ip_mgmt mastered only for Layer 2 Series This command sets the master ID for single IP management function Format single_ip_mgmt master 1 250...

Page 76: ... Mode Privileged EXEC Single Ip Management Enable Disable this function Single Ip Mgmt Group Id The group ID of the switch Single Ip Mgmt Switch Id The ID of the switch Single Ip Mgmt Ip Address The IP of the switch Single Ip Mgmt Networkmask The network mask of the switch Single Ip Mgmt Gateway The default gateway of the switch Single Ip Mgmt Group Members List the member of the group This switch...

Page 77: ...b net Mask is set to 0 0 0 0 an IP Address of 0 0 0 0 matches all IP addresses The default value is 0 0 0 0 Client IP Mask A mask to be ANDed with the requesting entity s IP address before comparison with IP Address If the result matches with IP Address then the address is an authenticated IP address For example if the IP Address 9 47 128 0 and the corresponding Subnet Mask 255 255 255 0 a range o...

Page 78: ...factory default is enabled Indicates whether spanning tree traps will be sent Broadcast Storm Flag May be enabled or disabled The factory default is enabled Indicates whether broadcast storm traps will be sent DVMRP Traps May be enabled or disabled The factory default is disabled Indicates whether DVMRP traps will be sent OSPF Traps May be enabled or disabled The factory default is disabled Indica...

Page 79: ...ode Global Config 7 3 5 1 no snmp server community ipaddr This command sets a client IP address for an SNMP community to 0 0 0 0 The name is the applicable community name Format no snmp server community ipaddr name Mode Global Config 7 3 6 snmp server community ipmask This command sets a client IP mask for an SNMP community The address is the associated community SNMP packet sending address and is...

Page 80: ...d by default Format snmp server community mode name Mode Global Config 7 3 7 1 no snmp server community mode This command deactivates an SNMP community If the community is disabled no SNMP requests using this community are accepted In this case the SNMP manager associated with this community cannot manage the switch until the Status is changed back to Enable Format no snmp server community mode na...

Page 81: ...ble traps bcaststorm This command disables the broadcast storm trap When enabled broadcast storm traps are sent only if the broadcast storm recovery mode setting associated with the port is enabled Format no snmp server enable traps bcaststorm Mode Global Config 7 3 12 snmp server enable traps linkmode This command enables Link Up Down traps for the entire switch When enabled link traps are sent o...

Page 82: ...ers Mode Global Config 7 3 14 snmp server enable traps stpmode This command enables the sending of new root traps and topology change notification traps Default enabled Format snmp server enable traps stpmode Mode Global Config 7 3 14 1 no snmp server enable traps stpmode This command disables the sending of new root traps and topology change notification traps Format no snmp server enable traps s...

Page 83: ...ivers are active able to receive traps Disabled trap receivers are inactive not able to receive traps Format snmptrap mode name ipaddr Mode Global Config 7 3 17 1 no snmptrap mode This command deactivates an SNMP trap Disabled trap receivers are inactive not able to receive traps Format no snmptrap mode name ipaddr Mode Global Config 7 3 18 snmp trap link status This command enables link status tr...

Page 84: ...ap link status all Mode Global Config 7 3 19 1 no snmp trap link status all This command disables link status traps for all interfaces Note This command is valid only when the Link Up Down Flag is enabled see snmp server enable traps linkmode Format no snmp trap link status all Mode Global Config 7 3 20 snmptrap snmpversion This command configures SNMP trapversion for a specified community Format ...

Page 85: ...4 Management VLAN Command This command is used to set the Management VLAN 7 4 1 network mgmt_vlan This command configures the Management VLAN ID Default 1 Format network mgmt_vlan 1 4094 Mode Privileged EXEC ...

Page 86: ...nel Note Before adding a port to a port channel set the physical mode of the port See speed command Format addport logical unit slot port Mode Interface Config 7 5 2 cablestatus This command tests the status of the cable attached to an interface Format cablestatus unit slot port Mode Privileged EXEC 7 5 3 auto negotiate This command enables automatic negotiation on a port The default value is enab...

Page 87: ...g 7 5 7 monitor session mode This command configures the monitor session port monitoring mode to enable The probe and monitored ports must be configured before monitor session port monitoring can be enabled If enabled the probe port will monitor all traffic received and transmitted on the physical monitored port It is not necessary to disable port monitoring before modifying the probe and monitore...

Page 88: ...nitor session session id source interface unit slot port Mode Global config 7 5 8 1 no monitor session 1 source interface This command removes the specified mirrored port source port from the session Note The session id parameter is an integer value used to identify the session In the current version of the software the session id parameter is always 1 Format no monitor session session id source i...

Page 89: ...interface Format speed 100 10 half duplex full duplex Mode Interface Config Acceptable values are 100h 100BASE T half duplex 100f 100BASE T full duplex 10h 10BASE T half duplex 10f 10BASE T full duplex 7 5 12 speed all This command sets the speed and duplex setting for all interfaces Format speed all 100 10 half duplex full duplex Mode Global Config Acceptable values are 100h 100BASE T half duplex...

Page 90: ...e Config 7 5 15 storm control broadcast This command enables broadcast storm recovery mode If the mode is enabled broadcast storm recovery with high and low thresholds is implemented The threshold implementation follows a percentage pattern If the broadcast traffic on any Ethernet port exceeds the high threshold percentage as represented in Broadcast Storm Recovery Thresholds table of the link spe...

Page 91: ...control broadcast Mode Global Config 7 5 16 storm control flowcontrol This command enables 802 3x flow control for the switch Note 802 3x flow control works by pausing a port when the port becomes oversubscribed and dropping all traffic for small bursts of time during the congestion condition This can lead to high priority and or network control traffic loss Note This command only applies to full ...

Page 92: ...e config 7 5 20 1 no storm control mode broadcast This command disables broadcast storm control feature Format no storm control mode broadcast Mode interface config 7 5 21 storm control mode multicast This command enables multicast storm control feature Format storm control mode multicast Mode interface config 7 5 21 1 no storm control mode multicast This command disables multicast storm control f...

Page 93: ...ed EXEC Mac Address A multicast MAC address for which the switch has forwarding and or filtering information The format is two digit hexadecimal numbers that are separated by colons for example 01 23 45 67 89 AB In an IVL system the MAC address will be displayed as a MAC address and VLAN ID combination of 8 bytes Type This displays the type of the entry Static entries are those that are configured...

Page 94: ...isplays the Multicast Forwarding Database MFDB statistics Format show mac address table stats Mode Privileged EXEC Total Entries This displays the total number of entries that can possibly be in the Multicast Forwarding Database table Most MFDB Entries Ever Used This displays the largest number of entries that have been present in the Multicast Forwarding Database table This value is also known as...

Page 95: ...e If not blank this field indicates that this port is a special type of port The possible values are Mon this port is a monitoring port Look at the Port Monitoring screens to find out more information Lag this port is a member of a port channel LAG Probe this port is a probe port Admin Mode Selects the Port control administration state The port must be enabled in order for it to be allowed into th...

Page 96: ...dicates the type of protocol s for this group VLAN This field indicates the VLAN associated with this Protocol Group Interface s This field lists the unit slot port interface s that are associated with this Protocol Group 7 5 31 show storm control This command displays switch configuration information Format show storm control Mode Privileged EXEC Broadcast Storm Recovery Mode May be enabled or di...

Page 97: ...ntrunk port vid 10 0 8 0 5 both ports are tagged ports 0 5 is vlantrunk port vid 11 0 9 0 5 both ports are tagged ports 0 5 is vlantrunk port Format vlanset slot port slot port tagged untagged basepvid 1 4093 vlantrunk slot port Mode Global Config 7 6 2 vlan This command creates a new VLAN and assigns it an ID The ID is a valid VLAN identification number ID 1 is reserved for the default VLAN VLAN ...

Page 98: ...s ingress filtering If ingress filtering is disabled frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN Default disabled Format vlan ingressfilter Mode Interface Config 7 6 4 1 no vlan ingressfilter This command disables ingress filtering If ingress filtering is disabled frames received wi...

Page 99: ... participation exclude include auto 1 4094 Mode Interface Config Participation options are include The interface is always a member of this VLAN This is equivalent to registration fixed exclude The interface is never a member of this VLAN This is equivalent to registration for bidden auto The interface is dynamically registered in this VLAN by GVRP The interface will not participate in this VLAN u...

Page 100: ...nterfaces to Admit All For Admit All mode untagged frames or priority frames received on this interface are accepted and assigned the value of the interface VLAN ID for this port With either option VLAN tagged frames are forwarded in accordance with the IEEE 802 1Q VLAN Specification Format no vlan port acceptframe all Mode Global Config 7 6 10 vlan port ingressfilter all This command enables ingr...

Page 101: ... VLAN identification number Format vlan port tagging all 1 4094 Mode Global Config 7 6 12 1 no vlan port tagging all This command configures the tagging behavior for all interfaces in a VLAN to disabled If tagging is disabled traffic is transmitted as untagged frames The ID is a valid VLAN identification number Format no vlan port tagging all Mode Global Config 7 6 13 vlan protocol group This comm...

Page 102: ...ible values for protocol are ip arp and ipx Format no vlan protocol group add protocol groupid protocol Mode Global Config 7 6 15 vlan protocol group remove This command removes the protocol based VLAN group that is identified by this groupid Format vlan protocol group remove groupid Mode Global Config 7 6 16 protocol group This command attaches a vlanid to the protocol based VLAN identified by gr...

Page 103: ... ports will be removed from this protocol group Format no protocol vlan group groupid Mode Interface Config 7 6 18 protocol vlan group all This command adds all physical interfaces to the protocol based VLAN identified by groupid A group may have more than one interface associated with it Each interface and protocol combination can only be associated with one group If adding an interface to a grou...

Page 104: ...the tagging behavior for a specific interface in a VLAN to disabled If tagging is disabled traffic is transmitted as untagged frames The ID is a valid VLAN identification number Format no vlan tagging 1 4094 Mode Interface Config 7 6 21 show vlan This command displays detailed information including interface information for a specific VLAN The ID is a valid VLAN identification number Format show v...

Page 105: ...mber of this VLAN This is equivalent to registration fixed in the IEEE 802 1Q standard Exclude This port is never a member of this VLAN This is equivalent to registra tion forbidden in the IEEE 802 1Q standard Autodetect Specifies to allow the port to be dynamically registered in this VLAN via GVRP The port will not participate in this VLAN unless a join request is received on this port This is eq...

Page 106: ...is port is not a member of the VLAN with which this frame is associated In a tagged frame the VLAN is identified by the VLAN ID in the tag In an untagged frame the VLAN is the Port VLAN ID specified for the port that received this frame When disabled all frames are forwarded in accordance with the 802 1Q VLAN bridge specification The factory default is disabled GVRP May be enabled or disabled Defa...

Page 107: ...106 and no spaces use a hyphen to designate a range of IDs For example you may set vtrunk set 1 2 5 8 ...

Page 108: ...DP port used as the destination of packets sent as part of the traceroute This port should be an unused port on the destination system Format traceroute ipaddr port Mode Privileged EXEC 7 7 2 clear config This command resets the configuration to the factory defaults without powering off the switch The switch is automatically reset when this command is processed You are prompted to confirm that the...

Page 109: ...n hit the enter or the return key Format enable passwd Mode Privileged EXEC 7 7 7 clear port channel This command clears all port channels LAGs Format clear port channel Mode Privileged EXEC 7 7 8 clear traplog This command clears the trap log Format clear traplog Mode Privileged EXEC 7 7 9 clear vlan This command resets VLAN configuration parameters to the factory defaults Format clear vlan Mode ...

Page 110: ...on the switch Format reload Mode Privileged EXEC 7 7 13 copy This command uploads and downloads to from the switch Local URLs can be specified using tftp or xmodem The following can be specified as the source file for uploading from the switch startup configuration nvram startup config error log nvram errorlog message log nvram msglog trap log nvram traplog and configuration script nvram script sc...

Page 111: ...py tftp ip address filename nvram script copy system running config nvram startup config copy tftp ip address filename nvram sslpem root copy tftp ip address filename nvram sslpem server copy tftp ip address filename nvram sslpem dhweak copy tftp ip address filename nvram sslpem dhstrong copy tftp ip address filename nvram sshkey rsa1 copy tftp ip address filename nvram sshkey rsa2 copy tftp ip ad...

Page 112: ...at cpu port security allow Mode Privileged EXEC 7 7 17 1 no cpu port security allow This command disables allowing the mac addresses to CPU Format no cpu port security allow Mode Privileged EXEC 7 7 18 cpu port security allow This command adds Static MAC address to be allowed to CPU Format cpu port security allow mac addr Mode Privileged EXEC 7 7 18 1 no cpu port security allow This command remove...

Page 113: ...ress to be denied to CPU Format cpu port security deny mac addr Mode Privileged EXEC 7 7 21 show cpu statistics This command displays CPU statistics for the management switch unit Format show cpu statistics Mode Privileged EXEC Total Memory kb displays the total memory of the switch Used Memory kb displays the used memory of the switch Free Memory kb displays the free memory of the switch CPU Util...

Page 114: ...s enabled or disabled Filering Mode indicates the filtering mode of CPU MAC filter is allowing or denying Max Entries indicates the maximum number of MAC to be filtered S No indicates sequence number MAC Address indicates the list of MAC addresses to be filtered ...

Page 115: ... login Banner command 7 8 1 copy The copy command See copy on page 65 includes the clibanner option This command uploads and downloads to from the switch Local URLs can be specified using tftp or xmodem Default none Format copy tftp ip address filename nvram clibanner Mode Privileged EXEC ...

Page 116: ...ging cli command This command enables the CLI command Logging feature The Command Logging component enables the switch to log all Command Line Interface CLI commands issued on the system Default enabled Format logging cli command Mode Global Config 7 9 1 1 no logging cli command Format no logging cli command Mode Global Config ...

Page 117: ...xtension must be scr z A maximum of ten scripts are allowed on the switch z The combined size of all script files on the switch shall not exceed 2048 KB 7 10 1 script apply This command applies the commands in the configuration script to the switch We recommend that the system have default configuration but users are not prevented from applying scripts on systems with non default configurations Th...

Page 118: ...Line no Line contents 7 10 5 script validate This command validates a configuration script file by parsing each line in the script file where scriptname is the name of the script to be validated The validate option is intended to be used as a tool for script development Validation will identify potential problems It may or may not identify all problems with a given script on any given box Format s...

Page 119: ... from 0 to 7 or symbolically through one of the following keywords emergency 0 alert 1 critical 2 error 3 warning 4 notice 5 informational 6 debug 7 Default disabled critical Format logging buffered severitylevel Mode Global Config 7 11 1 1 no logging buffered This command disables logging to in memory log Format no logging buffered Mode Global Config 7 11 2 logging buffered wrap This command enab...

Page 120: ...d system operation logs to storage The severitylevel value is specified as either an integer from 0 to 7 or symbolically through one of the following keywords EMERGENCY 0 ALERT 1 CRITICAL 2 ERROR 3 WARNING 4 NOTICE 5 INFORMATIONAL 6 DEBUG 7 Default enabled severitylevel critical Format logging persistent severitylevel Mode Global Config 7 11 4 1 no logging persistent This command disables logging ...

Page 121: ...0 Format logging syslog Mode Global Config 7 11 7 1 no logging syslog port This command disables syslog logging for assigned port Format no logging syslog port Mode Global Config 7 11 8 show logging This command displays logging Format show logging Mode Privileged EXEC Client Local Port The port on the collector relay to which syslog messages are sent Console Logging Administrative Mode The mode f...

Page 122: ...ode Privileged EXEC Persistent Logging Administrative Mode The mode for historical logging Persistent Logging Severity Filter The minimum severity to log to the historical log Messages with an equal or lower numerical severity are logged Persistent Log Count The number of messages received by the log process This includes messages that are dropped or ignored Log Messages The log messages appear he...

Page 123: ...s is the port on the local host from which syslog messages are sent Host Status The state of logging to configured syslog hosts If the status is disable no logging occurs Log Messages The log messages appear here 7 11 12 show logging traplogs This command displays traprecords Format show logging traplogs Mode Privileged EXEC Number of Trap Since last Reset shows the no of traps after restarting th...

Page 124: ...ion Mode Privileged EXEC ID Login Session ID User Name The name the user will use to login using the serial port or Telnet A new user may be added to the switch by entering a name in a blank entry The user name may be up to 8 characters and is not case sensitive Two users are included as the factory default admin and guest Connection From IP address of the telnet client machine or EIA 232 for the ...

Page 125: ...SNMPv3 Authentication This field displays the authentication protocol to be used for the specified login user SNMPv3 Encryption This field displays the encryption protocol to be used for the specified login user 7 12 4 users name This command adds a new user account if space permits The account username can be up to eight characters in length The name may be comprised of alphanumeric characters as...

Page 126: ...rivileges for the specified login user as readwrite for the admin user readonly for all other users The username is the login user name for which the specified access mode will apply Format no users snmpv3 accessmode username Mode Global Config 7 12 7 users snmpv3 authentication This command specifies the authentication protocol to be used for the specified login user The valid authentication prot...

Page 127: ...rompted for the key When using the des protocol the user login password is also used as the snmpv3 encryption password and therefore must be at least eight characters in length If none is specified a key must not be provided The username is the login user name associated with the specified encryption Default no encryption Format users snmpv3 encryption username none des key Mode Global Config 5 12...

Page 128: ...f two where poll interval can be a value from 6 to 16 Default 6 Format sntp broadcast client poll interval poll interval Mode Global Config 7 13 1 1 no sntp broadcast client poll interval This command will reset the poll interval for SNTP broadcast client back to its default value Format no sntp broadcast client poll interval Mode Global Config 7 13 2 sntp client mode This command will enable Simp...

Page 129: ...seconds as a power of two where poll interval can be a value from 6 to 16 Default 6 Format sntp unicast client poll interval poll interval Mode Global Config 7 13 4 1 no sntp unicast client poll interval This command will reset the poll interval for SNTP unicast clients to its default value Format no sntp unicast client poll interval Mode Global Config 7 13 5 sntp unicast client poll timeout This ...

Page 130: ...unicast client poll retry Mode Global Config 7 13 7 sntp server This command configures an SNTP server with a maximum of three where the server address can be an ip address or a domain name and the address type either ipv4 or dns The optional priority can be a value of 1 3 the version a value of 1 4 and the port id a value of 1 65535 Format sntp server ipaddress domain name addresstype priority ve...

Page 131: ... Client Supported Modes Supported SNTP Modes Broadcast Unicast or Multicast SNTP Version The highest SNTP version the client supports Port SNTP Client Port Client Mode Configured SNTP Client Mode Poll Interval Poll interval value for SNTP clients in seconds as a power of two Poll Timeout Poll timeout value in seconds for SNTP clients Poll Retry Poll retry value for SNTP clients 7 13 10 show sntp s...

Page 132: ...P server Priority IP priority type of the configured server Version SNTP Version number of the server The protocol version used to query the server in unicast mode Port Server Port Number Last Attempt Time Last server attempt time for the specified server Last Attempt Status Last server attempt status for the server Total Unicast Requests Number of requests to the server Failed Unicast Requests Nu...

Page 133: ...HCP clients the client identifier is required instead of hardware addresses The unique identifier is a concatenation of the media type and the MAC address For example the Microsoft client identifier for Ethernet address c819 2488 f177 is 01c8 1924 88f1 77 where 01 represents the Ethernet media type Refer to the Address Resolution Protocol Parameters section of RFC 1700 Assigned Numbers for a list ...

Page 134: ...and specifies the IP servers available to a DHCP client Address parameters are valid IP addresses each made up of four decimal bytes ranging from 0 to 255 IP address 0 0 0 0 is invalid Default none Format dns server address1 address2 address8 Mode DHCP Pool Config 7 14 4 1 no dns server This command removes the DNS Server list Format no dns server Mode DHCP Pool Config 7 14 5 hardware address This...

Page 135: ...ess 0 0 0 0 is invalid The prefix length is an integer from 0 to 32 Default none Format host address mask prefix length Mode DHCP Pool Config 7 14 6 1 no host This command removes the IP address of the DHCP client Format no host Mode DHCP Pool Config 7 14 7 ip dhcp excluded address This command specifies the IP addresses that a DHCP server should not assign to DHCP clients Low address and high add...

Page 136: ...ber of packets to 0 disables this command Note The no form of this command sets the number of packets sent to a pool address to 0 and therefore prevents the server from pinging pool addresses Default 2 Format ip dhcp ping packets 0 2 10 Mode Global Config 7 14 8 1 no ip dhcp ping packets This command prevents the server from pinging pool addresses and sets the number of packets to 0 Default 0 Form...

Page 137: ...of the lease time for DHCP Server Format no lease Mode DHCP Pool Config 7 14 11 network This command is used to configure the subnet number and mask for a DHCP address pool on the server Network number is a valid IP address made up of four decimal bytes ranging from 0 to 255 IP address 0 0 0 0 is invalid Mask is the IP subnet mask for the specified address pool The prefix length is an integer from...

Page 138: ...es the boot image file Default none Format bootfile filename Mode DHCP Pool Config 7 14 13 1 no bootfile This command deletes the boot image name Format no bootfile Mode DHCP Pool Config 7 14 14 domain name This command specifies the domain name for a DHCP client The domain specifies the domain name string of the client Default none Format domain name domain Mode DHCP Pool Config 7 14 14 1 no doma...

Page 139: ...ct logging on DHCP server Default enabled Format ip dhcp conflict logging Mode Global Config 7 14 16 1 no ip dhcp conflict logging This command disables conflict logging on DHCP server Format no ip dhcp conflict logging Mode Global Config 7 14 17 netbios name server This command configures NetBIOS Windows Internet Naming Service WINS name servers that are available to DHCP clients One IP address i...

Page 140: ...ype Mode DHCP Pool Config 7 14 18 1 no netbios node type This command removes the NetBIOS node Type Format no netbios node type Mode DHCP Pool Config 7 14 19 next server This command configures the next server in the boot process of a DHCP client Address is the IP address of the next server in the boot process which is typically a Trivial File Transfer Protocol TFTP server Default If the next serv...

Page 141: ...onfig 7 14 20 1 no option This command removes the options Format no option code Mode DHCP Pool Config 7 14 21 show ip dhcp binding This command displays address bindings for the specific IP address on the DHCP server If no IP address is specified the bindings corresponding to all the addresses are displayed Format show ip dhcp binding address Modes Privileged EXEC User EXEC IP address The IP addr...

Page 142: ...l type Lease Time The lease expiration time of the IP Address assigned to the client DNS Servers The list of DNS servers available to the DHCP client Default Routers The list of the default routers available to the DHCP client Following additional field is displayed for Dynamic pool type Network The network number and the mask for the DHCP address pool Following additional fields are displayed for...

Page 143: ...re received by the server DHCPRELEASE The number of DHCPRELEASE messages that were received by the server DHCPINFORM The number of DHCPINFORM messages that were received by the server Message Sent DHCPOFFER The number of DHCPOFFER messages that were sent by the server DHCPACK The number of DHCPPACK messages that were sent by the server DHCPNACK The number of DHCPNACK messages that were sent by the...

Page 144: ...at clear ip dhcp binding address Mode Privileged EXEC 7 14 27 clear ip dhcp server statistics This command clears DHCP server statistics counters Format clear ip dhcp server statistics Mode Privileged EXEC 7 14 28 clear ip dhcp conflict The command is used to clear an address conflict from the DHCP Server database The server detects conflicts using a ping DHCP server clears all conflicts If the as...

Page 145: ... Format dvlan tunnel customer id 0 4095 Mode Interface Config 7 15 1 1 no dvlan tunnel customer id This command configures the customer identification for the Double VLAN tunnel on the specified interface to its default value Format no dvlan tunnel customer id Mode Interface Config 7 15 2 dvlan tunnel etherType This command configures the ether type for the specified interface The ether type may h...

Page 146: ...vlan tunnel This command is used to enable Double VLAN Tunneling on the specified interface By default Double VLAN Tunneling is disabled Default disabled Format mode dvlan tunnel Mode Interface Config 7 15 4 1 no mode dvlan tunnel This command is used to disable Double VLAN Tunneling on the specified interface By default Double VLAN Tunneling is disabled Format no mode dvlan tunnel Mode Interface ...

Page 147: ...w dvlan tunnel This command displays all interfaces enabled for Double VLAN Tunneling Format show dvlan tunnel Mode Privileged EXEC and User EXEC Unit Slot Port Valid unit slot and port number separated by forward slashes 7 15 8 show dvlan tunnel interface This command displays detailed information about Double VLAN Tunneling for the specified interface Format show dvlan tunnel interface unit slot...

Page 148: ...y trafficclass Mode Global Config Interface Config 7 16 2 show classofservice dot1pmapping This command displays the current 802 1p priority mapping to internal traffic classes for a specific interface The unit slot port parameter is required on platforms that support priority to traffic class mapping on a per port basis Platforms that support priority to traffic class mapping on a per port basis ...

Page 149: ...148 Default 0 Format vlan priority priority Mode Interface Config ...

Page 150: ...centiseconds the value 20 centiseconds is 0 2 seconds Default 20 Format set garp timer join 10 100 Mode Interface Config 7 17 1 1 no set garp timer join This command sets the GVRP join time per port and per GARP to 20 centiseconds 0 2 seconds This command has an effect only when GVRP is enabled Format no set garp timer join Mode Interface Config 7 17 2 set garp timer leave This command sets the GV...

Page 151: ... centiseconds is 10 seconds Note This command has an effect only when GVRP is enabled Default 1000 Format set garp timer leaveall 200 6000 Mode Interface Config 7 17 3 1 no set garp timer leaveall This command sets how frequently Leave All PDUs are generated per port to 1000 centiseconds 10 seconds Note This command has an effect only when GVRP is enabled Format no set garp timer leaveall Mode Int...

Page 152: ...RP VLAN Registration Protocol parameters for all ports Default disabled Format set gvrp Mode Interface Config 7 18 1 1 no set gvrp This command disables GARP VLAN Registration Protocol for all ports If GVRP is disabled Join Time Leave Time and Leave All Time have no effect Format no set gvrp Mode Interface Config 7 18 2 set gvrp adminmode This command enables GVRP Default disabled Format set gvrp ...

Page 153: ...ister request for an attribute before deleting the attribute Current attributes are a VLAN or multicast group This may be considered a buffer time for another station to assert registration for the same attribute in order to maintain uninterrupted service There is an instance of this timer on a per Port per GARP participant basis Permissible values are 20 to 600 centiseconds 0 2 to 6 0 seconds The...

Page 154: ...t gmrp interfacemode This command enables GARP Multicast Registration Protocol on a selected interface If an interface which has GARP enabled is enabled for routing or is enlisted as a member of a port channel LAG GARP functionality will be disabled on that interface GARP functionality will subsequently be re enabled if routing is disabled and port channel LAG membership is removed from an interfa...

Page 155: ...l Time controls how frequently LeaveAll PDUs are generated A LeaveAll PDU indicates that all registrations will shortly be deregistered Participants will need to rejoin in order to maintain registration There is an instance of this timer on a per Port per GARP participant basis The Leave All Period Timer is set to a random value in the range of LeaveAll Time to 1 5 LeaveAllTime Permissible values ...

Page 156: ...snooping on all interfaces participating in this VLAN If an interface which has IGMP Snooping enabled is enabled for routing or is enlisted as a member of a port channel LAG IGMP Snooping functionality will be disabled on that interface IGMP Snooping functionality will subsequently be re enabled if routing is disabled or port channel LAG membership is removed from an interface that has IGMP Snoopi...

Page 157: ...igmp fast leave This command disables IGMP Snooping fast leave admin mode on a selected interface Format no set igmp fast leave vlanId Modes Interface ConfigVlan Mode 7 20 3 show igmpsnooping This command displays IGMP Snooping information Configured information is displayed whether or not IGMP Snooping is enabled Format show igmpsnooping unit slot port vlanId Mode Privileged EXEC This display par...

Page 158: ...r group on a particular interface which is participating in the VLAN before deleting the interface from the entry This value may be configured 7 20 4 show igmpsnooping mrouter interface This command displays information about statically configured ports Format show igmpsnooping mrouter interface unit slot port Mode Privileged EXEC Slot Port The port on which multicast router information is being d...

Page 159: ... to clear port channels Note After a LAG is created the user should assign the LAG VLAN membership If VLAN membership is not assigned the LAG may become a member of the management VLAN This may result in learning and switching issues 7 21 1 port channel staticcapability This command enables the support of port channels static link aggregations LAGs on the device By default the static capability fo...

Page 160: ...t slot port all Mode Global Config 7 21 4 port channel adminmode all This command enables a port channel LAG The interface is a logical unit slot port for a configured port channel The option all sets every configured port channel with the same administrative mode setting Format port channel adminmode all Mode Global Config 7 21 4 1 no port channel adminmode This command disables a port channel LA...

Page 161: ...15 characters This command is used to modify the name that was associated with the port channel when it was created Format port channel name logical unit slot port all name Mode Global Config 7 21 7 show port channel brief This command displays the static capability of all port channels LAGs on the device as well as a summary of individual port channels Format show port channel brief Mode Privileg...

Page 162: ...ble values are Disable Spanning tree is disabled for this port Enable Spanning tree is enabled for this port Mbr Ports A listing of the ports that are members of this port channel LAG in unit slot port notation There can be a maximum of eight ports assigned to a given port channel LAG Port Speed Speed of the port channel port Type This field displays the status designating whether a particular por...

Page 163: ... of the lag Link State Indicates whether the Link is up or down Mbr Ports A listing of the ports that are members of this lag in slot port notation Active Ports A listing of ports that are actively participating in the LAG ...

Page 164: ...802 1D mode is the default The interface is a logical unit slot port for a configured port channel The all option sets all configured port channels LAGs with the same option The mode is one of the following 802 1d IEEE 802 1D compliant STP mode is used fast Fast STP mode is used off STP is turned off Format spanning tree logical unit slot port all off 802 1d fast Mode Global Config 7 22 2 spanning...

Page 165: ...in identifying the configuration that this switch is currently using The name is a string of at most 32 characters Default The base MAC address displayed using hexadecimal notation as specified in IEEE 802 standard Format spanning tree configuration name name Mode Global Config 7 22 4 1 no spanning tree configuration name This command resets the Configuration Identifier Name to its default Format ...

Page 166: ...hat this port is not an Edge Port within the common and internal spanning tree Format no spanning tree edgeport Mode Interface Config 7 22 7 spanning tree forceversion This command sets the Force Protocol Version parameter to a new value The Force Protocol Version can be one of the following z 802 1d ST BPDUs are transmitted rather than MST BPDUs IEEE 802 1d functionality supported z 802 1w RST BP...

Page 167: ...ning tree hello time This command sets the Admin Hello Time parameter to a new value for the common and internal spanning tree The hellotime value is in whole seconds within a range of 1 to 10 with the value being less than or equal to Bridge Max Age 2 1 Default 2 Format spanning tree hello time 1 10 Mode Interface Config 7 22 9 1 no spanning tree hello time This command sets the admin Hello Time ...

Page 168: ...rameter for the common and internal spanning tree to the default value Format no spanning tree max hops Mode Global Config 7 22 12 spanning tree mst instance This command adds a multiple spanning tree instance to the switch The instance mstid is a number within a range of 1 to 4094 that corresponds to the new instance ID to be added The maximum number of multiple instances supported by the device ...

Page 169: ...lobal Config 7 22 13 1 no spanning tree mst priority This command sets the bridge priority for a specific multiple spanning tree instance to the default value i e 32768 The instance mstid is a number that corresponds to the desired existing multiple spanning tree instance If 0 defined as the default CIST ID is passed as the mstid then this command sets the Bridge Priority parameter for the common ...

Page 170: ...s the Administrative Switch Port State for this port to disabled Format no spanning tree port mode Mode Interface Config 7 22 16 spanning tree port mode all This command sets the Administrative Switch Port State for all ports to enabled Default disabled Format spanning tree port mode all Mode Global Config 7 22 16 1 no spanning tree port mode all This command sets the Administrative Switch Port St...

Page 171: ...Age Derived value Root Port Bridge Forward Delay Derived value Hello Time Configured value of the parameter for the CST Bridge Hold Time Minimum time between transmission of Configuration Bridge Protocol Data Units BPDUs Bridge Max Hops Bridge max hops count for the device CST Regional Root Bridge Identifier of the CST Regional Root It is made up using the bridge priority and the base MAC address ...

Page 172: ...tion Digest Key Identifier used to identify the configuration currently being used MST Instances List of all multiple spanning tree instances configured on the switch 7 22 19 show spanning tree interface This command displays the settings and parameters for a specific switch port within the common and internal spanning tree The unit slot port is the desired switch port The following details are di...

Page 173: ...f the port Port Priority The priority for a particular port within the selected MST instance The port priority is displayed in multiples of 16 Port Forwarding State Current spanning tree state of this port Port Role Each MST Bridge Port that is enabled is assigned a Port Role for each spanning tree The port role is one of the following values Root Port Designated Port Alternate Port Backup Port Ma...

Page 174: ...ment Value of flag in next Configuration Bridge Protocol Data Unit BPDU transmission indicating if a topology change is in progress for this port Hello Time The hello time in use for this port Edge Port The configured value indicating if this port is an edge port Edge Port Status The derived value of the edge port status True if operating as an edge port false otherwise Point To Point MAC Status D...

Page 175: ...xecution the following details are displayed Format show spanning tree mst summary Modes Privileged EXEC User EXEC MST Instance ID List List of multiple spanning trees IDs currently configured For each MSTID Associated FIDs List of forwarding database identifiers associated with this instance Associated VLANs List of VLAN IDs associated with this instance 7 22 23 show spanning tree vlan This comma...

Page 176: ...the system Default disabled Format bootpdhcprelay cidoptmode Mode Global Config 7 23 1 1 no bootpdhcprelay cidoptmode This command disables the circuit ID option mode for BootP DHCP Relay on the system Format no bootpdhcprelay cidoptmode Mode Global Config 7 23 2 bootpdhcprelay enable This command enables the forwarding of relay requests for BootP DHCP Relay on the system Default disabled Format b...

Page 177: ...r has a range of 0 to 100 seconds Default 0 Format bootpdhcprelay minwaittime 0 100 Mode Global Config 7 23 4 1 no bootpdhcprelay minwaittime This command configures the default minimum wait time in seconds for BootP DHCP Relay on the system Format no bootpdhcprelay minwaittime Mode Global Config 7 23 5 bootpdhcprelay serverip This command configures the server IP Address for BootP DHCP Relay on t...

Page 178: ...ime Seconds Is the minimum wait time Admin Mode Represents whether relaying of requests is enabled or disabled Server IP Address Is the IP Address for the BootP DHCP Relay server Circuit Id Option Mode Is the DHCP circuit Id option which may be enabled or disabled Requests Received Is the number or requests received Requests Relayed Is the number of requests relayed Packets Discarded Is the number...

Page 179: ... no loopback detection enable all This command disables the loopback detection on all ports Format no loopback detection enable all Mode Global Config 7 24 2 loopback detection enable This command enables the loopback detection on a port Default disabled Format loopback detection enable Mode Interface Config 7 23 1 1 no loopback detection enable This command disables the loopback detection on a po...

Page 180: ...ack detection interval Mode Global Config 7 24 4 show loopback detection This command displays the configuration and status of the loopback detection Format show loopback detection unit slot port all Modes Privileged EXEC ...

Page 181: ...to configure features and options of the switch For every configuration command there is a show command that will display the configuration setting Show commands are used to display switch settings statistics and other information 8 1 1 port security This command enables port locking at the system level Global Config or port level Interface Config Default Disabled Format port security Modes Global...

Page 182: ...imit This command limits the CPU multicast rate on all the ports Format port security cpu multicast rate limit Mode Interface config 8 1 5 port security max dynamic This command sets the maximum of dynamically locked MAC addresses allowed on a specific port Default 600 Format port security max dynamic maxvalue Mode Interface Config 8 1 5 1 no port security max dynamic This command resets the maxim...

Page 183: ...face Config 8 1 7 no port security max static allow This command resets the maximum of statically locked MAC addresses allowed on a specific port to its default value Format no port security max static allow Modes Interface Config 8 1 8 port security max static deny This command sets the maximum number of statically locked MAC addresses denied on a specific port Default 64 Format port security max...

Page 184: ...terface Config 8 1 11 snmp server enable traps violation This command enables the sending of new violation traps designating when a packet with a disallowed MAC address is received on a locked port Default Disabled Format snmp server enable traps violation Mode Interface Config 8 1 11 1 no snmp server enable traps violation This command disables the sending of new violation traps Format no snmp se...

Page 185: ... the Interface Dynamic Limit Maximum dynamically allocated MAC Addresses Static Limit Maximum statically allocated MAC Addresses Allow mode Allow mode is Enabled Disabled 8 1 15 show port security deny This command displays the port security information for all interfaces for DENY case Format show port security deny interface all Mode Privileged EXEC Intf Indicates the interface Interface Admin Mo...

Page 186: ...terface Admin Mode Port Locking mode for the Interface Dynamic Limit Maximum dynamically allocated MAC Addresses Static Limit Maximum statically allocated MAC Addresses Violation Trap Mode Whether violation traps are enabled Allow Mode Deny mode is Enabled Disabled 8 1 18 show port security static allow This command displays the statically locked allow MAC addresses for port Format show port secur...

Page 187: ...te on all the ports Format show port security cpu multicast rate limit Mode Privileged EXEC Intf Indicates the interface Admin Mode Port Locking mode for the Interface Dynamic Limit Maximum dynamically allocated MAC Addresses Static Limit Maximum statically allocated MAC Addresses Violation Trap Mode Whether violation traps are enabled Allow Mode Deny mode is Enabled Disabled ...

Page 188: ...alues are local radius and reject The value of local indicates that the user s locally stored ID and password are used for authentication The value of radius indicates that the user s ID and password will be authenticated using the RADIUS server The value of reject indicates the user is never authenticated To authenticate a user the authentication methods in the user s login will be attempted in o...

Page 189: ... mode for the specified port is auto If the control mode is not auto an error will be returned Format dot1x initialize unit slot port Mode Privileged EXEC 8 2 6 dot1x login This command assigns the specified authentication login list to the specified user for 802 1x port security The user parameter must be a configured user and the listname parameter must be a configured authentication login list ...

Page 190: ... command sets the authentication mode to be used on the specified port to auto Format no dot1x port control Mode Interface Config 8 2 9 dot1x port control All This command sets the authentication mode to be used on all ports The control mode may be one of the following force unauthorized The authenticator PAE unconditionally sets the controlled port to unauthorized force authorized The authenticat...

Page 191: ... the dot1x authentication support on the switch By default the authentication support is disabled While disabled the dot1x configuration is retained and can be changed but is not activated Default disabled Format dot1x system auth control Mode Global Config 8 2 12 1 no dot1x system auth control This command is used to disable the dot1x authentication support on the switch Format no dot1x system au...

Page 192: ...od 60 seconds tx period 30 seconds supp timeout 30 seconds server timeout 30 seconds Format t1x timeout reauth period seconds quiet period sec onds tx period seconds supp timeout seconds server timeout seconds Mode Interface Config 8 2 13 1 no dot1x timeout This command sets the value in seconds of the timer used by the authenticator state machine on this port to the default values Depending on th...

Page 193: ...counting server Format show radius accounting statistics ipaddr Mode Privileged EXEC If the optional token statistics ipaddr is not included then only the accounting mode and the RADIUS accounting server details are displayed Mode Enabled or disabled IP Address The configured IP address of the RADIUS accounting server Port The port in use by the RADIUS accounting server Secret Configured Yes or No...

Page 194: ... number of RADIUS packets of unknown types which were received from this server on the accounting port Packets Dropped The number of RADIUS packets received from this server on the accounting port and dropped for some other reason 8 2 18 show authentication This command displays the ordered authentication methods for all authentication login lists Format show authentication Mode Privileged EXEC Au...

Page 195: ...n is displayed Protocol Version The protocol version associated with this port The only possible value is 1 corresponding to the first version of the dot1x specification PAE Capabilities The port access entity PAE functionality of this port Possible values are Authenticator or Supplicant Authenticator PAE State Current state of the authenticator PAE state machine Possible values are Initialize Dis...

Page 196: ...d The number of EAPOL start frames that have been received by this authenticator EAPOL Logoff Frames Received The number of EAPOL logoff frames that have been received by this authenticator Last EAPOL Frame Version The protocol version number carried in the most recently received EAPOL frame Last EAPOL Frame Source The source MAC address carried in the most recently received EAPOL frame EAP Respon...

Page 197: ...cation login list to use for non configured users when attempting to log in to the system This setting is overridden by the authentication login list assigned to a specific user if the user is configured locally If this value is not configured users will be authenticated using local authentication only Format users defaultlogin listname Mode Global Config 8 2 24 users login This command assigns th...

Page 198: ...aximum number of configured servers is reached the command will fail until one of the servers is removed by executing the no form of the command If the optional port parameter is used the command will configure the UDP port number to use to connect to the configured RADIUS server In order to configure the UDP port number the IP address must match that of a previously configured RADIUS authenticati...

Page 199: ...er key auth acct ipaddr Mode Global Config 8 3 4 radius server msgauth This command enables the message authenticator attribute for a specified server Default radius server msgauth ipaddr Mode Global Config 8 3 5 radius server primary This command is used to configure the primary RADIUS authentication server for this RADIUS client The primary server is the one that is used by default for handling ...

Page 200: ...riority priority timeout timeout single connection Mode Global Config ip address IP address of the host key string Optional Character string specifying authentication and encryption key Specifying this key overrides the key set bye the global command tacacs server key for this server only port number Optional Specifies a TACACS server port number This option overrides the default which is port 49 ...

Page 201: ...ut This command restore the default value Format no tacacs server timeout Mode Global Config 8 3 11 show radius This command is used to display the various RADIUS configuration items for the switch as well as the configured RADIUS servers If the optional token servers is not included the following RADIUS configuration items will be displayed Format show radius servers Mode Privileged EXEC Primary ...

Page 202: ...s server This number does not include retransmissions Access Retransmission The number of RADIUS Access Request packets retransmitted to this RADIUS authentication server Access Accepts The number of RADIUS Access Accept packets including both valid and invalid packets which were received from this server Access Rejects The number of RADIUS Access Reject packets including both valid and invalid pa...

Page 203: ...mat show tacacs server ip address Mode Privileged Exec ip address This field displays IP address of the TACACS server Status This field displays the status of TACACS server Port This field displays the port number of TACACS server Single connection This field displays the maintenance of a single open connection between the router and the TACACS server Timeout This field displays the value of timeo...

Page 204: ...8 4 1 1 no ip ssh This command is used to disable SSH Format no ip ssh Mode Privileged EXEC 8 4 2 ip ssh protocol This command is used to set or remove protocol levels or versions for SSH Either SSH1 1 SSH2 2 or both SSH 1 and SSH 2 1 and 2 can be set Default 1 and 2 Format ip ssh protocol 1 2 Mode Privileged EXEC 8 4 3 sshcon maxsessions This command specifies the maximum number of SSH connection...

Page 205: ...his command sets the SSH connection session timeout value in minutes to the default Changing the timeout value for active sessions does not become effective until the session is reaccessed Also any keystroke activates the new timeout duration Format no telnetcon timeout Mode Privileged EXEC 8 4 5 show ip ssh This command displays the ssh settings Format show ip ssh Mode Privileged EXEC Administrat...

Page 206: ...443 Format ip http secure port portid Mode Privileged EXEC 8 5 1 1 no ip http secure port This command is used to reset the sslt port to the default value Format no ip http secure port Mode Privileged EXEC 8 5 2 ip http secure protocol This command is used to set protocol levels versions The protocol level can be set to TLS1 SSL3 or to both TLS1 and SSL3 Default SSL3 and TLS1 Format ip http secure...

Page 207: ...cess to the switch through the Web interface When access is disabled the user cannot login to the switch s Web server Format no ip http server Mode Privileged EXEC 8 5 5 show ip http This command displays the http settings for the switch Format show ip http Mode Privileged EXEC Secure Server Administrative Mode This field indicates whether the administrative mode of secure HTTP is enabled or disab...

Page 208: ...VSTORE usage z ACLs are configured separately for Layer 2 and Layer 3 Layer 4 Some types of hardware do not allow both types of ACLs to be applied to the same interface z Wildcard masking for ACLs operates differently from a subnet mask A wildcard mask is in essence the inverse of a subnet mask With a subnet mask the mask has ones 1 s in the bit positions that are used for the network address and ...

Page 209: ...le may either deny or permit traffic according to the specified classification fields At a minimum the source and destination MAC value and mask pairs must be specified each of which may be substituted using the keyword any to indicate a match on any value in that field The bpdu keyword may be specified for the destination MAC value mask pair indicating a well known BPDU MAC value of 01 80 c2 xx x...

Page 210: ...t port Note The special command form deny permit any any is used to match all Ethernet layer 2 packets and is the equivalent of the IP access list match every rule Mode Mac Access List Config 9 1 4 mac access group This command attaches a specific MAC Access Control List ACL identified by name to an interface in a given direction The name parameter must be the name of an exsiting MAC ACL An option...

Page 211: ...isplays the destination MAC address for this rule Destination MAC Mask Displays the destination MAC mask for this rule Ethertype Displays the Ethertype keyword or custom value for this rule VLAN ID Displays the VLAN identifier value or range for this rule COS Displays the COS 802 1p value for this rule Secondary VLAN ID Displays the Secondary VLAN identifier value or range for this rule This field...

Page 212: ...dard ACL and the accesslistnumber range 100 to 199 is for an IP extended ACL The IP ACL rule is specified with either a permit or deny action The protocol to filter for an IP ACL rule is specified by giving the protocol to be used like icmp igmp ip tcp udp The command specifies a source ipaddress and source mask for match condition of the IP ACL rule specified by the srcip and srcmask parameters T...

Page 213: ... an interface An optional sequence number may be specified to indicate the order of this IP access list relative to other IP access lists already assigned to this interface and direction A lower number indicates higher precedence order If a sequence number is already in use for this interface and direction the specified access list replaces the currently attached IP access list using that sequence...

Page 214: ... port range for this rule Destination IP Address This displays the destination IP address for this rule Destination IP Mask This field displays the destination IP Mask for this rule Destination Ports This field displays the destination port range for this rule Service Type Field Match This field indicates whether an IP DSCP IP Precedence or IP TOS match condition is specified for this rule Service...

Page 215: ...ype of any processes its match rules in an ordered sequence additional rules specified for such a class simply extend this list A class type of acl obtains its rule list by interpreting each ACL rule definition at the time the Diffserv class is created Differences arise when specifying match criteria for a class type all since only one value for each non excluded match field is allowed within a cl...

Page 216: ...play summary and detailed information for classes policies and services All configuration information is accessible via the CLI Web and SNMP user interfaces 9 3 1 diffserv This command sets the DiffServ operational mode to active While disabled the DiffServ configuration is retained and can be changed but it is not activated When enabled Diffserv services are activated Format diffserv Mode Global ...

Page 217: ...cket to be considered a member of the class The class type of match any indicates only one of the match criteria must be true for a packet to belong to the class multiple matching criteria are evaluated in a sequential order with the highest precedence awarded to the first criterion defined for the class The class type of match access group indicates the individual class match criteria are evaluat...

Page 218: ...he newclassname parameter is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying the class Note the class name default is reserved and must not be used here Default none Format class map rename classname newclassname Mode Global Config 9 4 3 match ethertype This command adds to the specified class definition a match condition based on the value of the ethertype The et...

Page 219: ...this validity or the change attempt shall fail The total number of class rules formed by the complete reference class chain includes both predecessor and successor classes must not exceed a platform specific maximum In some cases each removal of a refclass rule reduces the maximum number of available rules in the class definition by one 9 4 5 1 no match class map This command removes from the spec...

Page 220: ...s i e match all destination IP addresses except for what is specified here Default none Format match not dstip ipaddr ipmask Mode Class Map Config 9 4 9 match dstl4port This command adds to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword or numeric notation or a numeric range notation To specify the match condition as a sing...

Page 221: ...which is defined as the high order three bits of the Service Type octet in the IP header the low order five bits are not checked The precedence value is an integer from 0 to 7 The optional not parameter has the effect of negating this match condition for the class i e match all IP Precedence values except for what is specified here Note The ip dscp ip precedence and ip tos match conditions are alt...

Page 222: ...ocol number values To specify the match condition using a numeric value notation the protocol number is a standard value assigned by IANA and is interpreted as an integer from 0 to 255 Note This command does not validatethe protocol number value against the current list defined by IANA The optional not parameter has the effect of negating this match condition for the class i e match all IP Protoco...

Page 223: ...ange To specify the match condition as a numeric value one layer 4 port number is required The portnumber is an integer from 0 to 65535 To specify the match condition as a range rwo layer 4 port numbers are required and together they specify a contiguous port range Each port number is an integer from 0 to 65535 but with the added requirement that the second number be equal to or greater than the f...

Page 224: ...223 Mode Class Map Config ...

Page 225: ...ts of policy creation deletion class addition removal and individual policy attributes Note that the only way to remove an individual policy attribute from a class instance within a policy is to remove the class instance and re add it to the policy The values associated with an existing policy attribute can be changed without removing the class instance Note Only the most recently added The CLI co...

Page 226: ...ning treatment of the traffic class through subsequent policy attribute statements The classname is the name of an existing DiffServ class Note This command causes the specified policy to create a reference to the class definition Note The CLI mode is changed to Policy classmap Config when this command is successfully executed Format class classname Mode Policy Map Config 9 5 5 1 no class This com...

Page 227: ... IP Precedence value is an integer from 0 to 7 Format mark ip precedence 0 7 Mode Policy classmap Config Policy Type In Incompatibilities Mark IP DSCP Police all forms 9 5 9 police simple This command is used to establish the traffic policing style for the specified class The simple form of the police command uses a single data rate and burst size resulting in two outcomes conform and violate The ...

Page 228: ... all forms 9 5 10 policy map This command establishes a new DiffServ policy The policyname parameter is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying the policy The type of policy is specific to the inbound traffic direction as indicated by the in parameter Note The policy type dictates which of the individual policy attribute commands are valid within the polic...

Page 229: ...for DiffServ Note This command shall fail if any attributes within the policy definition exceed the capabilities of the interface Once a policy is successfully attached to an interface any attempt to change the policy definition such that it would result in a violation of said interface capabilities shall cause the policy change attempt to fail Format service policy in policymapname Modes Global C...

Page 230: ...se derived from each ACL Rule grouped and evaluated simultaneously while each such grouping is evaluated sequentially Match Criteria The Match Criteria fields are only be displayed if they have been configured They are displayed in the order entered by the user The fields are evaluated in accordance with the class type The possible Match Criteria fields are Class of Service COS Destination IP Addr...

Page 231: ...ze The current number of entries rows in the Class Rule Table Class Rule Table Max The maximum allowed entries rows for the Class Rule Table Policy Table Size The current number of entries rows in the Policy Table Policy Table Max The maximum allowed entries rows for the Policy Table Policy Instance Table Size The current number of entries rows in the Policy Instance Table Policy Instance Table Ma...

Page 232: ...The action to be taken on excess packets per the policing metrics Exceed DSCP Value This field shows the DSCP mark value if this action is markdscp Exceed IP Precedence Value This field shows the IP Precedence mark value if this action is mark prec Exceed Secondary COS The action to be taken on excess packets conforming with the secondary class of service value per the policing metrics Excess Burs...

Page 233: ...and displays policy service information for the specified interface and direction The unit slot port parameter specifies a valid unit slot port number for the system The direction parameter indicates the interface direction of interest Format show diffserv service unit slot port in Mode Privileged EXEC DiffServ Admin Mode The current setting of the DiffServ administrative mode An attached policy i...

Page 234: ...e Offered Octets Packets A cumulative count of the octets packets offered to this service interface in the specified direction before the defined DiffServ treatment is applied Interface Discarded Octets Packets A cumulative count of the octets packets discarded by this service interface in the specified direction for any reason due to DiffServ treatment Interface Sent Octets Packets A cumulative c...

Page 235: ...v treatment is applied These are overall per interface per direction counts Discarded Packets A count of the total number of packets discarded for all class instances in this service for any reason due to DiffServ treatment These are overall per interface per direction counts Sent Packets A count of the total number of packets forwarded for all class instances in this service after their defined D...

Page 236: ...service dot1p mapping userpriority trafficclass Modes Global ConfigInterface Config 9 8 2 classofservice ip dscp mapping This command maps an IP DSCP value to an internal traffic class The ipdscp range is from 0 63 and the trafficclass range is from 0 7 although the actual number of available traffic classes depends on the platform The no form of this command is not supported Format classofservice...

Page 237: ... robin queuing scheduler mode for each interface queue The valid range of values for the weights is 1 to 15 Format cos queue wrr wrr weights wt 0 wt 7 Mode Global Config Interface Config 9 8 6 1 no cos queue min bandwidth This command restores the default of the weighted round robin queuing scheduler mode for each queue s minimum bandwidth value Format no cos queue wrr wrr weights Mode Global Conf...

Page 238: ...at support independent per port class of service mappings If the unit slot port is specified the IP DSCP mapping table of the interface is displayed If the unit slot port is omitted the most recent global configuration settings are displayed Note The global configuration settings do not take precedence over the per port configuration settings Format show classofservice ip dscp mapping unit slot po...

Page 239: ...t per port class of service mappings If specified the class of service queue configuration of the interface is displayed If omitted the most recent global configuration settings are displayed Format show interfaces cos queue unit slot port Mode Privileged EXEC Interface This displays the unit slot port of the interface If displaying the global configuration this output line is replaced with a Glob...

Page 240: ... so the queue may use any or all of the available bandwidth of the interface This is a configured value Scheduler Type Indicates whether this queue is scheduled for transmission using a strict priority or a weighted scheme This is a configured value Queue Mgmt Type The queue depth management technique used for this queue either tail drop or weighted random early discard WRED This is a configured v...

Page 241: ... The granularity of bandwidth for the 10 100 interface is 1 Mbps and for the gigabit interface is 8 Mbps Format rate limiting ingress egress limit Mode Interface Config 9 9 1 1 no rate limiting This command removes the bandwith limitation of specified interface Format no rate limiting ingress egress Mode Interface Config 9 9 2 show rate limiting This command displays the bandwidth of limiting in b...

Page 242: ...bout all supported switch types Format show supported switchtype Mode User Exec Switch Index SID This field displays the index into the database of supported switch types This index is used when pre configuring a member to be added to the stack Model Identifier This field displays the model identifier for the supported switch type Management Preference This field indicates the management preferenc...

Page 243: ...the switch identifier The value is the preference parameter that allows the user to specify priority of one backup switch over another The range for priority is 1 to 15 The switch with the highest priority value will be chosen to become the Primary Management Unit if the active Primary Management Unit fails The switch priority defaults to the hardware management preference value 1 Switches that do...

Page 244: ...ed on the destination system unit if specified otherwise the code is loaded on all switches in the stack Switch es must be reset for the new code to start running Format archive copy sw destination system unit Mode Stack Global Config 10 1 7 archive download sw This command downloads the STK file to the switch The url is the transfer mode The switch must be reset for the new code to start running ...

Page 245: ...ion from the contents of the slot If the slot is empty this administrative mode removes the configuration from any module inserted into the slot If a card is disabled all the ports on the device are operationally disabled and shown as unplugged on management screens Format no set slot disable unit slot port all Mode Global Config 10 1 10 set slot power This command configures the power mode of the...

Page 246: ...wered down 10 1 11 1 show slot This command displays information for the requested slot If the slot holds a card or module information about the contents of the slot is also displayed Format show slot unit slot port Mode User Exec Slot This field displays the slot identifier In a stacking environment this field is displayed in a unit slot port format Slot Status This field indicates whether the sl...

Page 247: ...dex is used when pre configuring a slot Card Model Identifier This field displays the model identifier for the supported card type 10 1 12 1 show supported cardtype cardindex This commands displays information about specific card types supported in the system Format show supported cardtype cardindex Mode User ExecCard Type This field displays the 32 bit numeric card type for the supported card Mod...

Page 248: ...nfiguration command there is a show command that displays the configuration setting 10 2 1 stack port This command sets front panel stacking per port to either stack or ethernet mode Default stack Format stack port unit slot port ethernet stack Mode Stack Global Config 10 2 2 qos mode This command enables QOS mode for front panel stacking Default enabled Format qos mode Mode Stack Global Config 10...

Page 249: ...for ipaddress is the IP address of a device on asubnet attached to an existing routing interface macaddr is a unicast MAC address for that device The format is 6 two digit hexadecimal numbers that are separated by colons for example 00 06 29 32 81 40 Format arp ipaddress macaddr Mode Global Config 11 1 1 1 no arp This command deletes an ARP entry The value for arpentry is the IP address of the int...

Page 250: ...ddr Mode Privileged EXEC 11 1 4 arp dynamicrenew This command enables ARP component to automatically renew ARP entries of type dynamic when they age out Format arp dynamicrenew Mode Privileged Exec 11 1 4 1 no arp dynamicrenew This command disables ARP component from automatically renewing ARP entries of type dynamic when they age out Format no arp dynamicrenew Mode Privileged Exec 11 1 5 arp resp...

Page 251: ...st for retries Format no arp retries Mode Global Config 11 1 7 arp timeout This command configures the ARP entry ageout time The value for seconds is a valid positive integer which represents the IP ARP entry ageout time in seconds The range for seconds is between 15 21600 seconds Default 1200 Format arp timeout 15 21600 Mode Global Config 11 1 7 1 no arp timeout This command configures the defaul...

Page 252: ...e and the peak entry count in the ARP table Static Entry Count Current Max Field listing the static entry count in the ARP table and maximum static entry count in the ARP table The following are displayed for each ARP entry IP Address Is the IP address of a device on a subnet attached to an existing routing interface MAC Address Is the hardware MAC address of that device Interface Is the routing u...

Page 253: ...the ARP component automatically attempts to renew dynamic ARP entries when they age out Total Entry Count Current Peak Field listing the total entries in the ARP table and the peak entry count in the ARP table Static Entry Count Current Max Field listing the static entry count in the ARP table and maximum static entry count in the ARP table ...

Page 254: ...face The current value for this function is displayed under show ip interface labeled as Routing Mode Default disabled Format routing Mode Interface Config 11 2 1 1 no routing This command disables routing for an interface The current value for this function is displayed under show ip interface labeled as Routing Mode Format no routing Mode Interface Config 11 2 2 ip routing This command enables t...

Page 255: ...pRtr preference Mode Global Config 11 2 4 1 no ip route This command deletes all next hops to a destination static route If the optional nextHopRtr parameter is designated the next hop is deleted and if the optional preference value is designated the preference value of the static route is reset to its default Format no ip route ip_addr subnet_mask nextHopRtr prefer ence Mode Global Config 11 2 5 ...

Page 256: ...ance command Default 1 Format ip route distance 1 255 Mode Global Config 11 2 6 1 no ip route distance This command sets the default static route preference value in the router Lower route preference values are preferred when determining the best route Format no ip route distance Mode Global Config 11 2 7 ip forwarding This command enables forwarding of IP frames Default enabled Format ip forwardi...

Page 257: ...s neighbors duringdatabase exchange If two OSPF neighbors advertise different IP MTUs they will not form anadjacency unless OSPF has been instructed to ignore differences in IP MTU with the ip ospf mtuignore command Note The IP MTU size refers to the maximum size of the IP packet IP Header IP payload It does not include any extra bytes that may be required for Layer 2 headers To receive and proces...

Page 258: ...nit Forward Net Directed Broadcasts Displays whether forwarding of network directed broadcasts is enabled or disabled This value was configured into the unit Active StateDisplays whether the interface is active or inactive An interface is considered active if its link is up and it is in forwarding state Link Speed Data Rate Is an integer representing the physical link data rate of the specified in...

Page 259: ...troutes This command causes the entire route table to be displayed This commands takes no options Format show ip route bestroutes Mode Privileged EXEC Network Address Is an IP route prefix for the destination Subnet Mask Is a mask of the network and host portion of the IP address for the specified interface Protocol Tells which protocol added the specified route The possibilities are local static ...

Page 260: ...is field displays the local route preference value Static This field displays the static route preference value OSPF Intra This field displays the OSPF Intra route preference value OSPF Inter This field displays the OSPF Inter route preference value OSPF Type 1 This field displays the OSPF Type 1 route preference value OSPF Type 2 This field displays the OSPF Type 2 route preference value RIP This...

Page 261: ...e Interface Config 11 3 1 1 no ip irdp This command disables Router Discovery on an interface Format no ip irdp Mode Interface Config 11 3 2 ip irdp address This command configures the address to be used to advertise the router for the interface The valid values for ipaddr are 224 0 0 1 and 255 255 255 255 Default 224 0 0 1 Format ip irdp address ipaddr Mode Interface Config 11 3 2 1 no ip irdp ad...

Page 262: ...me in seconds allowed between sending router advertisements from the interface The range for minadvertinterval is 3 to the value of maxadvertinterval Default 0 75 maxadvertinterval Format ip irdp minadvertinterval 3 maxadvertinterval Mode Interface Config 11 3 5 1 no ip irdp minadvertinterval This command configures the default minimum time in seconds Format no ip irdp minadvertinterval Mode Inter...

Page 263: ...Int Displays the maximum advertise interval which is the maximum time allowed between sending router advertisements from the interface in seconds Min Int Displays the minimum advertise interval which is the minimum time allowed between sending router advertisements from the interface in seconds Adv LifeDisplays advertise lifetime which is the value of the lifetime field of the router advertisement...

Page 264: ...mat vlan routing vlanid Mode VLAN Database 11 4 1 1 no vlan routing This command deletes routing on a VLAN The vlanid value has a range from 1 to 4094 Format no vlan routing vlanid Mode VLAN Database 11 4 2 show ip vlan This command displays the VLAN routing information for all VLANs with routing enabled in the system Format show ip vlan Modes Privileged EXEC User EXEC MAC Address used by Routing ...

Page 265: ... a secondary IP address on an interface The parameter vrID is the virtual router ID which has an integer value range from 1 to 255 Default none Format ip vrrp vrID ipaddress secondary Mode Interface Config 11 5 1 1 no ip vrrp This command removes all VRRP configuration details of the virtual router configured on a specific interface This command also removes a virtual rourter IP address as a secon...

Page 266: ...for a virtual router The value for ipaddr is the IP Addresswhich is to be configured on that interface for VRRP The parameter vrID is the virtual router IDwhich has an integer value range from 1 to 255 Default none Format ip vrrp vrID ip ipaddr Mode Interface Config 11 5 5 ip vrrp authentication This command sets the authorization details value for the virtual router configured on a specifiedinter...

Page 267: ... ip vrrp preempt This command sets the default preemption mode value for the virtual router configured on a specifiedinterface Format no ip vrrp vrID preempt Mode Interface Config 11 5 7 ip vrrp priority This command sets the priority value for the virtual router configured on a specified interface Thepriority of the interface is a priority integer from 1 to 254 The parameter vrID is the virtual r...

Page 268: ... number of times virtual router state has changed to MASTER Advertisement Received Represents the total number of VRRP advertisements received by this virtual router Advertisement Interval Errors Represents the total number of VRRP advertisements received for which advertisement interval is different than the configured value for this virtual router Authentication Failure Represents the total numb...

Page 269: ...h Unknown or unsupported version number Router VRID Errors Represents the total number of VRRP packets received with invalid VRID for this virtual router 11 5 11 show ip vrrp interface This command displays all configuration information and VRRP router statistics of a virtual router configured on a specific interface Format show ip vrrp interface unit slot port vrID Modes Privileged EXEC User EXEC...

Page 270: ... User EXEC Unit Slot Port Valid unit slot and port number separated by forward slashes VRID Represents the router ID of the virtual router IP Address Is the IP Address that was configured on the virtual router Mode Represents whether the virtual router is enabled or disabled State Represents the state Master backup of the virtual router ...

Page 271: ...re used to transfer configuration and informational files to and from the switch 11 6 1 enable OSPF This command resets the default administrative mode of OSPF in the router active Default enabled Format enable Mode Router OSPF Config 11 6 1 1 no enable OSPF This command sets the administrative mode of OSPF in the router to inactive Format no enable Mode Router OSPF Config 11 6 2 ip ospf This comm...

Page 272: ...ntication type to be used for the specified area id Default none Format area areaid authentication none simple encrypt Mode Router OSPF Config 11 6 4 1 no area authentication This command sets the default authentication type to be used for the specified area id Format no area areaid authentication Mode Router OSPF Config 11 6 5 area default cost This command configures the monetary default cost fo...

Page 273: ...n comparable Mode Router OSPF Config 11 6 8 area nssa no redistribute OSPF This command configures the NSSA ABR so that learned external routes will not be redistributed to the NSSA Format area areaid nssa no redistribute Mode Router OSPF Config 11 6 9 area nssa no summary OSPF This command configures the NSSA so that summary LSAs are not advertised into the NSSA Format area areaid nssa no summary...

Page 274: ...the area range can be optionally allowed or suppressed Format area areaid range ipaddr subnetmask summarylink nssaex ternallink advertise not advertise Mode Router OSPF Config 11 6 12 1 no area range This command deletes a specified area range The ipaddr is a valid IP address The subnetmask is a valid subnet mask Format no area areaid range ipaddr subnetmask Mode Router OSPF Config 11 6 13 area st...

Page 275: ...es the OSPF virtual interface from the given interface identified by areaid and neighbor The neighbor parameter is the Router ID of the neighbor Format no area areaid virtual link neighbor Mode Router OSPF Config 11 6 16 area virtual link authentication This command configures the authentication type and key for the OSPF virtual interface identified by areaid and neighbor The neighbor parameter is...

Page 276: ...or The neighbor parameter is the Router ID of the neighbor The range for seconds is 1 to 65535 Default 40 Format area areaid virtual link neighbor dead interval 1 65535 Mode Router OSPF Config 11 6 17 1 no area virtual link dead interval This command configures the default dead interval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor The neighbor parameter...

Page 277: ... configures the default retransmit interval for the OSPF virtual interface on the virtual interface identified by areaid and neighbor The neighbor parameter is the Router ID of the neighbor Format no area areaid virtual link neighbor retransmit interval Mode Router OSPF Config 11 6 20 area virtual link transmit delay This command configures the transmit delay for the OSPF virtual interface on the ...

Page 278: ...ult metric OSPF This command is used to set a default for the metric of distributed routes Format no default metric Mode Router OSPF Config 11 6 23 distance ospf This command sets the route preference value of OSPF in the router Lower route preference values are preferred when determining the best route The type of OSPF can be intra inter type 1 or type 2 The OSPF specification RFC 2328 requires t...

Page 279: ... non default AS external LSAs When set to 0 the router will not leave Overflow State until restarted The range for seconds is 0 to 2147483647 seconds Default 0 Format exit overflow interval 0 2147483647 Mode Router OSPF Config 11 6 25 1 no exit overflow interval This command configures the default exit overflow interval for OSPF Format no exit overflow interval Mode Router OSPF Config 11 6 26 exte...

Page 280: ... key is composed of standard displayable non control keystrokes from a Standard 101 102 key keyboard The authentication key must be 8 bytes or less if the authentication type is simple If the type is encrypt the key may be up to 256 bytes If the type is encrypt a keyid in the range of 0 and 255 must be specified Default The default authentication type is none Default The default password key is no...

Page 281: ... be the same for all routers attached to a common network This value should be some multiple of the Hello Interval i e 4 Valid values range for seconds is from 1 to 2147483647 Default 40 Format ip ospf dead interval 1 2147483647 Mode Interface Config 11 6 30 1 no ip ospf dead interval This command sets the default OSPF dead interval for the specified interface Format no ip ospf dead interval Mode ...

Page 282: ...f priority This command sets the default OSPF priority for the specified router interface Format no ip ospf priority Mode nterface Config 11 6 33 ip ospf retransmit interval This command sets the OSPF retransmit Interval for the specified interface The retransmit interval is specified in seconds The value for seconds is the number of seconds between link state advertisement retransmissions for adj...

Page 283: ...rface Format no ip ospf transmit delay Mode Interface Config 11 6 35 ip ospf mtu ignore This command disables OSPF maximum transmission unit MTU mismatch detection OSPF Database Description packets specify the size of the largest IP packet that can be sent without fragmentation on the interface When a router receives a Database Description packet it examines the MTU advertised by the neighbor By d...

Page 284: ...command configures OSPF protocol to redistribute routes from the specified source protocol routers Format no redistribute rip bgp static connected metric met ric type tag subnets Mode Router OSPF Config 11 6 38 maximum paths This command sets the number of paths that OSPF can report for a given destination where maxpaths is platform dependent Default 4 Format maximum paths maxpaths Mode OSPF Route...

Page 285: ...tric of the routes being redistributed Type value External Type 1 or External Type 2 routes Tag value Decimal value attached to each external route Subnets For redistributing routes into OSPF the scope of redistribution for the specified pro tocol Distribute list TAccess list used to filter redistributed routes Default info originate Indicates whether the default routes received from other source ...

Page 286: ... Area Border Router Count The total number of area border routers reachable within this area Area LSA Count Total number of link state advertisements in this area s link state database excluding AS External LSA s Area LSA Checksum A number representing the Area LSA Checksum for the specified AreaID excluding the external LS type 5 link state advertisements Stub Mode Represents whether the specifie...

Page 287: ...r the IFO object or virtual interface tables Format show ip ospf interface unit slot port Modes Privileged EXEC User EXEC IP Address Represents the IP address for the specified interface This is a configured value Subnet Mask Is a mask of the network and host portion of the IP address for the OSPF interface This value was configured into the unit This is a configured value OSPF Admin Mode States w...

Page 288: ...gured value 11 6 43 show ip ospf interface brief This command displays brief information for the IFO object or virtual interface tables This command takes no options Format show ip ospf interface brief Modes Privileged EXEC User EXEC Unit Slot Port Valid unit slot and port number separated by forward slashes OSPF Admin Mode States whether OSPF is enabled or disabled on a router interface This is a...

Page 289: ...xternal LSAs P Address The IP address associated with this OSPF interface OSPF Interface Events The number of times the specified OSPF interface has changed its state or an error has occurred Virtual Events The number of state changes or errors that occurred on this virtual link Neighbor Events The number of times this neighbor relationship has changed state or an error has occurred External LSA C...

Page 290: ...first step in creating an adjacency between the two neighboring routers the goal is to decide which router is the master and to decide upon the initial DD sequence number Exchange the router is describing its entire link state database by sending Database Description packets to the neighbor Loading Link State Request packets are sent to the neighbor asking for the more recent LSAs that have been d...

Page 291: ...nt associated with this area range Advertisement The status of the advertisement Advertisement has two possible settings enabled or disabled 11 6 48 show ip ospf stub table This command displays the OSPF stub table The information below will only be displayed if OSPF is initialized on the switch Format show ip ospf stub table Modes Privileged EXEC User EXEC Area ID Is a 32 bit identifier for the c...

Page 292: ...ation type of the OSPF virtual interface State The OSPF Interface States are down loopback waiting point to point designated router and backup designated router This is the state of the OSPF interface Neighbor State The neighbor state 11 6 50 show ip ospf virtual link brief This command displays the OSPF Virtual Interface information for all areas in the system Format show ip ospf virtual link bri...

Page 293: ...292 11 6 51 1 no trapflags This command disables OSPF traps Format no trapflags Mode Router OSPF Config ...

Page 294: ... the configuration setting Copy commands are used to transfer configuration and informational files to and from the switch 11 7 1 enable RIP This command resets the default administrative mode of RIP in the router active Default enabled Format enable Mode Router RIP Config 11 7 1 1 no enable RIP This command sets the administrative mode of RIP in the router to inactive Format no enable Mode Router...

Page 295: ...P Config 11 7 4 1 no default information originate RIP This command is used to control the advertisement of default routes Format no default information originate Mode Router RIP Config 11 7 5 default metric RIP This command is used to set a default for the metric of distributed routes Format default metric 0 15 Mode Router RIP Config 11 7 5 1 no default metric RIP This command is used to reset th...

Page 296: ...ute list 1 199 out ospf bgp static connected Mode Router RIP Config 11 7 7 2 no default information originate This command is used to control the advertisement of default routes Format no default information originate Mode Router RIP Config 11 7 8 ip rip authentication This command sets the RIP Version 2 Authentication Type and Key for the specified interface The value of type is either none simpl...

Page 297: ...llow any RIP control packets to be received Default both Format ip rip receive version rip1 rip2 both none Mode Interface Config 11 7 9 1 no ip rip receive version This command configures the interface to allow RIP control packets of the default version s to be received Format no ip rip receive version Mode Interface Config 11 7 10 ip rip send version This command configures the interface to allow...

Page 298: ... mode Default simple Format split horizon none simple poison Mode Router RIP Config 11 7 12 1 no split horizon This command sets the default RIP split horizon mode Format no split horizon Mode Router RIP Config 11 7 13 redistribute This command configures RIP protocol to redistribute routes from the specified source protocol routers There are five possible match options When you submit the command...

Page 299: ...soned reverse a route will be included in updates sent to the router from which it was learned but the metric will be set to infinity The default is simple Auto Summary Mode Select enable or disable from the pulldown menu If you select enable groups of adjacent routes will be summarized into single entries in order to reduce the total number of entries The default is enable Host Routes Accept Mode...

Page 300: ... This is a configured value Send version The RIP version s used when sending updates on the specified interface The types are none RIP 1 RIP 1c RIP 2 This is a configured value Receive version The RIP version s allowed when receiving updates from the specified interface The types are none RIP 1 RIP 2 Both This is a configured value Both RIP Admin Mode RIP administrative mode of router RIP operatio...

Page 301: ...t noneFormat aggregate address prefix mask Mode Router BGP Config 12 1 1 1 no aggregate address only for Layer 3 Series This command deletes an address aggregation entry The prefix is a valid IP address entry Format no aggregate address prefix mask Mode Router BGP Config 12 1 2 bgp addrfamily create This command assigns the an Address Family with a Subsequent Address Family Identifier SAFI The AFI...

Page 302: ...of connection failure Format no bgp autorestart Mode Router BGP Config 12 1 4 bgp calcmedmode This command informs the BGP4 module to enable or disable the use of the Calculated MED attribute The MED attribute is used to describe the degree of preference of a particular link Default disabled Format bgp calcmedmode Mode Router BGP Config 12 1 4 1 no bgp calcmedmode This command informs the BGP4 mod...

Page 303: ...mous system number in the first two octets The range for this field is 1 to 65535 Default none Format bgp community 1 65535 Mode Router BGP Config 12 1 6 1 no bgp community This command specifies the default associated community value for the route exchanges Default none Format no bgp community Mode Router BGP Config 12 1 7 bgp confederation identifier This command assigns the external AS number t...

Page 304: ...Config 12 1 9 bgp flapdamping dampfactor This command configures the flap damping factor The range for this field is 1 to 65535 Default 2 Format bgp flapdamping dampfactor dampfactor Mode Router BGP Config 12 1 9 1 no bgp flapdamping dampfactor This command configures the default flap damping factor The range for this field is 1 to 65535 Format no bgp flapdamping dampfactor Mode Router BGP Config ...

Page 305: ...ing suppresses the advertisement of the route close to the route source until the route becomes stable The possible values for this field are enable and disable Format no bgp flapdamping mode Mode Router BGP Config 12 1 12 bgp flapdamping penaltyinc This command configures the route damping penalty increment The range for this field is 1 to 65535 Default 100 Format bgp flapdamping penaltyinc penal...

Page 306: ...amping reusemaxsize size Mode Router BGP Config 12 1 14 1 no bgp flapdamping reusemaxsize This command configures the default reuse array size Format no bgp flapdamping reusemaxsize Mode Router BGP Config 12 1 15 bgp flapdamping suppresslimit This command configures the damping suppress limit of the route flaps The range for this field is 1 to 65535 Default 600 Format bgp flapdamping suppresslimit...

Page 307: ...s 1 to 32767 seconds Default 15 Format bgp interval minasorigin 1 32767 Mode Router BGP Config 12 1 17 1 no bgp interval minasorigin This command sets the time interval to default for the Minimum AS origination interval Format no bgp interval minasorigin Mode Router BGP Config 12 1 18 bgp interval minrouteadvint This command sets the time interval in seconds for the Minimum Route Advertisement Int...

Page 308: ...ormat no bgp localmed Mode Router BGP Config 12 1 20 bgp optionalcap This command enables the specified capability Optional capabilities allow a BGP4 speaker to be aware of the protocol extension capabilities of a BGP4 neighbor By default all capabilities are disabled The possible optional capabilities are multiproto routereflect community confed and all Each capability may be enabled or disabled ...

Page 309: ...is command configures an add action on the policy identified with the specified index This command is used with matchtypes that use an integer as a modifier The possible values for the matchtype are aspath origin localpreference multiexitdisc community confederationid lenaspath atomicaggregate and aggregatoras The value parameter is an integer If the matchtype is community the integer value is spe...

Page 310: ...ndex matchtype value Mode Router BGP Config 12 1 24 bgp policy action addip This command configures an add action on the policy identified with the specified index This command is used with matchtypes that use an IP Address as a modifier The possible values for the matchtype are clusternumber destippref nexthop and aggregatorid The ipaddr parameter is an IP Address Default none Format bgp policy a...

Page 311: ...92 which is equivalent to 0x00010100 Default none Format bgp policy action remove index matchtype Mode Router BGP Config 12 1 26 bgp policy range address This command adds a network IP address to a policy The value for peerlocalid is an IP address The value for mask is a network mask Use a mask of 255 255 255 255 for an exact peer match Default none Format bgp policy range address index peerlocali...

Page 312: ... from 0 to 4294967295 Default none Format bgp policy range lessthan index value Mode Router BGP Config 12 1 31 bgp policy range match This command allows you to enter a string policy command Default none Format bgp policy range match index string Mode Router BGP Config 12 1 32 bgp policy range remove This command removes a BGP4 policy range Format bgp policy range remove index Mode Router BGP Conf...

Page 313: ...rally this is the Router IP Address The Router IP Address will be taken as the default value unless this is explicitly configured Format no bgp router id ipaddress Mode Router BGP Config 12 1 35 bgp snpa This command builds the list of SNPAs Subnet Point of Attachment by adding each entered SNPA address and its length to the SNPA list The SNPA address is a valid IP address The SNPA length is a val...

Page 314: ...s the peer connection This command should be used carefully as it could cause route flapping and overhead The neighboraddress parameter specifies the neighboring BGP4 speaker s IP address Default none Format clear bgp neighboraddress Mode Privileged EXEC 12 1 38 default information originate BGP This command is used to control the advertisement of default routes Format default information originat...

Page 315: ...istance bgp This command sets the default route preference value of BGP 4 routes in the router Format no distance bgp Mode Router BGP Config 12 1 41 distribute list out This command is used to specify the access list to filter routes received from the source protocol Format distribute list 1 199 out rip ospf static connected Mode Router BGP Config 12 1 41 1 no distribute list out This command is u...

Page 316: ...is command removes the Address Family with the assigned Subsequent Address Family Identifier SAFI The AFI identifies a supported protocol and is defined as IP version 4 The SAFI describes a sub AFI value that is supported for the AFI The possible values for safi are unicast multicast both unicast multicast and labeldist After executing this command the BGP peer must be reset before the changes wil...

Page 317: ...Router BGP Config 12 1 46 1 no neighbor peeripaddr confedmember This command disables the peer as a member of the confederation The possible values for this field are enable and disable After executing this command the BGP peer must be reset before the changes will take affect Default disabled Format no neighbor peeripaddr confedmember Mode Router BGP Config 12 1 47 neighbor peeripaddr connretry T...

Page 318: ...BGP peer must be reset before the changes will take affect Default disabled Format neighbor peeripaddr next hop self Mode Router BGP Config 12 1 49 1 no neighbor peeripaddr next hop self This command disables the peer as the next hop for the locally originated paths After executing this command the BGP peer must be reset before the changes will take affect Format no neighbor peeripaddr next hop se...

Page 319: ... peeripaddr remote as peerasnumber Mode Router BGP Config 12 1 51 1 no neighbor peeripaddr remote as This command unassigns the remote Autonomous System AS Number for the peer After executing this command the BGP peer must be reset before the changes will take affect Default none Format no neighbor peeripaddr remote as Mode Router BGP Config 12 1 52 neighbor peeripaddr maximum prefix This command ...

Page 320: ...lector client This command disables the route reflector client After executing this command the BGP peer must be reset before the changes will take affect Format no neighbor peeripaddr route reflector client Mode Router BGP Config 12 1 54 neighbor peeripaddr shutdown This command disables the state of the BGP4 peer connection by stopping the connection mode The peeripaddr parameter specifies the n...

Page 321: ...ll take affect Format no neighbor peeripaddr timers Mode Router BGP Config 12 1 56 neighbor peeripaddr txdelayint This command configures the delay interval between two transmission sessions of MsgSendLimit packets The range for this field is 1 to 5 Default none Format neighbor peeripaddr txdelayint 1 5 Mode Router BGP Config 12 1 56 1 no neighbor peeripaddr txdelayint This command configures the ...

Page 322: ...rrent implementation these two can be different Default value for metric not configured Default value for match internal Format redistribute ospf metric 0 4294967295 match internal external 1 external 2 nssa external 1 nssa external 2 for OSPF as source protocol Format redistribute rip static connected metric 0 4294967295 for other source protocol Mode Router BGP Config 12 1 58 1 no redistribute T...

Page 323: ...disabled Format route reflect Mode Router BGP Config 12 1 60 1 no route reflect This command disables route reflection mode If this is enabled the BGP4 speaker will re advertise to other BGP4 neighbor s routes Format no route reflect Mode Router BGP Config 12 1 61 trapflags This command enables BGP4 trap flags Default disabled Format trapflags Mode Router BGP Config 12 1 61 1 no trapflags This com...

Page 324: ...ss Family Identifier AFI SAFI This displays the Subsequent Address Family Identifier SAFI 12 1 64 show ip bgp aggregate address This command displays all the aggregation entries that are present in the aggregation list Format show ip bgp aggregate address Mode Privileged EXEC Address Aggregation Mode This field displays whether Path Attribute Aggregation is enabled or disabled Prefix Len This fiel...

Page 325: ...value Optional Capabilities supported This lists the optional capabilities supported by the BGP4 router This is a configured value Route Reflector Mode This states whether or not this router is configured as a route reflector This is a configured value Cluster ID This represents the cluster ID of the BGP4 router This is a configured value Confederation ID This represents the AS confederation ID to...

Page 326: ...ened paths flap statistics Mode Privileged EXEC Route Flap Mode This field indicates whether or not damping of the route flaps is enabled Suppress Limit This field displays the damping suppress limit for the route flaps Reuse Limit This field displays the reuse limit for the dampened routes Penalty Increment This field displays the penalty increment for the route flaps Delta Time This field is the...

Page 327: ...the local originating routes Suppress Mode This indicates whether or not the selection of less specific routes is suppressed If this is set to enable then more specific routes will be suppressed Route Community This field displays the local associated community used for the locally originat ing routes Address Aggregation Mode This field states whether or not Address Aggregation is being used 12 1 ...

Page 328: ...This lists the optional capabilities supported by the BGP4 router This is a configured value Route Reflector Mode This states whether or not the peer is a route reflection client This is a configured value Next Hop Self Mode This states whether or not the BGP4 router will configure itself as the next hop for the locally originated paths This is a configured value Authentication Code This is the au...

Page 329: ...ess of the remote peer Updates Received This represents the total number of Update Packets received from the peer Updates Sent This represents the total number of Update Messages sent to the peer Total Messages Received This represents the total number of messages received from the peer Total Messages Sent This represents the total number of messages sent to the peer Last Error This states the las...

Page 330: ...te Origin The origin of the information This can have three values IGP learned from an internal peer EGP learned from an external peer Incomplete origin of information not known ASPath Displays the segments of the ASPath the path taken by the update through the different autonomous systems this path is used to prevent loops If the path attribute has no value it will show empty NextHop The address ...

Page 331: ...eld 12 1 74 show ip bgp peer list This command displays all the entries in the BGP4 Peer list Format show ip bgp peer list Mode Privileged EXEC and User EXEC Peer Address This is the IP Address of the Peer 12 1 75 show ip bgp policy brief This command displays the policy table for the BGP4 router Format show ip bgp policy brief Mode Privileged EXEC Index This displays the index of this entry in th...

Page 332: ...ype The match type associated with this action Values The values associated with this match 12 1 77 show ip bgp snpalist This command displays the list of SNPAs Subnet Point of Attachment that have been added to the BGP4 router Format show ip bgp snpalist Mode Privileged EXEC SNPA Address This displays the SNPA IP Address of this entry in the table SNPA Length This displays the length of this SNPA...

Page 333: ...plicable groupipaddr is a group IP address and mask is a group IP mask Format no ip mcast boundary groupipaddr mask Mode Interface Config 13 1 2 ip multicast This command sets the administrative mode of the IP multicast forwarder in the router to active For multicast routing to become operational IGMP must be currently enabled An error message will be displayed on the CLI if multicast routing is e...

Page 334: ...ceipaddr is the IP address of the multicast packet source Format no ip multicast staticroute sourceipaddr Mode G lobal Config 13 1 4 ip multicast ttl threshold This command applies the given ttlthreshold to a routing interface The ttlthreshold is the TTL threshold which is to be applied to the multicast Data packets which are to be forwarded from the interface The value for ttlthreshold has range ...

Page 335: ...rce group receiver group receiver Mode Privileged EXEC 13 1 7 mtrace This command is used to find the IP Multicast path from a source to a receiver unicast router ID of the host running mtrace A trace query is passed hop by hop along the reverse path from the receiver to the source collecting hop addresses packet counts and routing error conditions along the path and then the response is returned ...

Page 336: ...on the router Possible values are PIMDM PIMSM or DVMRP Entry Count This field displays the number of entries in the multicast table Highest Entry Count This field displays the highest entry count in the multicast table 13 1 9 show ip mcast boundary This command displays all the configured administrative scoped multicast boundaries Format show ip mcast boundary unit slot port all Modes Privileged E...

Page 337: ...acket Protocol This field displays the multicast routing protocol by which this entry was created Incoming Interface This field displays the interface on which the packet for this source group arrives Outgoing Interface List This field displays the list of outgoing interfaces on which this packet is forwarded 13 1 12 show ip mcast mroute group This command displays the multicast configuration sett...

Page 338: ...summary parameter is specified the follow fields are displayed Source IP Addr This field displays the IP address of the multicast data source Group IP Addr This field displays the IP address of the destination of the multicast packet Protocol This field displays the multicast routing protocol by which this entry was created Interface This field displays the interface on which the packet for this s...

Page 339: ... router interface Metric The metric value associated with this neighbor TTL The TTL threshold associated with this neighbor Flags Status of the neighbor 13 1 16 show mstat This command is used to display the results of packet rate and loss information from the results buffer pool of the router subsequent to the execution completion of a mstat source group receiver command Within two minutes of the...

Page 340: ...ce and the destination Intermediate Router Address The address of the intermediate router at the specified hop distance Mcast Protocol In Use The multicast routing protocol used for the out interface of the specified intermediate router TTL Threshold The Time To Live threshold of the out interface on the specified intermediate router Time Elapsed Between Hops msecs The time between arrival at one ...

Page 341: ...can be enabled Default disabled Format ip dvmrp Mode Global Config 13 2 1 1 no ip dvmrp This command sets administrative mode of DVMRP in the router to inactive IGMP must be enabled before DVMRP can be enabled Format no ip dvmrp Mode Global Config 13 2 2 ip dvmrp metric This command configures the metric for an interface This value is used in the DVMRP messages as the cost to reach this network Th...

Page 342: ... of entries in the routing table with non infinite metrics The following fields are displayed for each interface Unit Slot Port Valid unit slot and port number separated by forward slashes Interface Mode This field indicates the mode of this interface Possible values are Enabled and Disabled State This field indicates the current state of DVMRP on this interface Possible values are Operational or ...

Page 343: ...RP neighbor for which this entry con tains information State This field displays the state of the neighboring router The possible value for this field are ACTIVE or DOWN Up Time This field indicates the time since this neighboring router was learned Expiry Time This field indicates the time remaining for the neighbor to age out This field is not applicable if the State is DOWN Generation ID This i...

Page 344: ...ld be all 1s or both the prune source and prune mask must match Expiry Time secs This field indicates the expiry time in seconds This is the time remaining for this prune to age out 13 2 9 show ip dvmrp route This command displays the multicast routing information for DVMRP Format show ip dvmrp route Mode Privileged EXEC and User EXEC Source Address This field displays the multicast address of the...

Page 345: ... Format ip igmp Mode Global Config 13 3 1 1 no ip igmp This command sets the administrative mode of IGMP in the router to inactive Format no ip igmp Mode Global Config 13 3 2 ip igmp version This command configures the version of IGMP for an interface The value for version is either 1 2 or 3 Default 3 Format ip igmp version version Mode Interface Config 13 2 1 no ip igmp version This command reset...

Page 346: ...1 to 20 Format ip igmp last member query count count Mode Interface Config 13 3 4 1 no ip igmp last member query count This command resets the number of Group Specific Queries to the default value Format no ip igmp last member query count Mode Interface Config 13 3 5 ip igmp last member query interval This command configures the Maximum Response Time being inserted into Group Specific Queries sent...

Page 347: ...maximum query response time advertised in IGMPv2 queries on this interface The time interval is specified in tenths of a second The range for maxresptime is 0 to 255 tenths of a second Default 100 Format ip igmp query max response time seconds Mode Interface Config 13 3 7 1 no ip igmp query max response time This command resets the maximum response time interval for the specified interface which i...

Page 348: ...mand resets the number of Queries sent out on startup separated by the Startup Query Interval on the interface to the default value Format no ip igmp startup query count Mode Interface Config 13 3 10 ip igmp startup query interval This command sets the interval between General Queries sent by a Querier on startup on the interface The time interval value is in seconds The range for interval is 1 to...

Page 349: ...gVlan Mode 13 3 12 set igmp maxresponse This command sets the IGMP Maximum Response time for the system on a particular interface or VLAN The Maximum Response time is the amount of time in seconds that a switch will wait after sending a query on an interface because it did not receive a report for a particular group in that interface This value must be less than the IGMP Query Interval time value ...

Page 350: ...is command disables multicast router mode for a particular VLAN ID vlanId Format no set igmp mrouter vlanId Mode Interface Config 13 3 15 show ip igmp This command displays the system wide IGMP information Format show ip igmp Modes Privileged EXEC User EXEC IGMP Admin Mode This field displays the administrative status of IGMP This is a configured value Unit Slot Port Valid unit slot and port numbe...

Page 351: ...d Multicast IP Address This displays the IP Address of the registered multicast group on this interface Last Reporter This displays the IP Address of the source of the last membership report received for the specified multicast group address on this interface Up Time This displays the time elapsed since the entry was created for the specified multicast group address on this interface Expiry Time T...

Page 352: ...ness variable may be increased for that interface This is a configured value Startup Query Interval This value indicates the interval between General Queries sent by a Querier on startup This is a configured value Startup Query Count This value is the number of Queries sent out on startup separated by the Startup Query Interval This is a configured value Last Member Query Interval This value indic...

Page 353: ...nterface stats This command displays the IGMP statistical information for the given interface The statistics are only displayed when the interface is enabled for IGMP Format show ip igmp interface stats unit slot port Modes Privileged EXEC User EXEC Querier Status This field indicates the status of the IGMP router whether it is running in Querier mode or Non Querier mode Querier IP Address This fi...

Page 354: ...tting 13 4 1 ip pimdm This command enables the administrative mode of PIM DM in the router Default disabled Format ip pimdm Mode Global Config 13 4 1 1 no ip pimdm This command disables the administrative mode of PIM DM in the router IGMP must be enabled before PIM DM can be enabled Format no ip pimdm Mode Global Config 13 4 2 ip pimdm mode This command sets administrative mode of PIM DM on an int...

Page 355: ...nabled or disabled This is a con figured value Unit Slot Port Valid unit slot and port number separated by forward slashes Interface Mode This field indicates whether PIM DM is enabled or disabled on this interface This is a configured value State This field indicates the current state of PIM DM on this interface Possible values are Operational or Non Operational 13 4 5 show ip pimdm interface Thi...

Page 356: ... Router This indicates the IP Address of the Designated Router for this interface 13 4 7 show ip pimdm neighbor This command displays the neighbor information for PIM DM on the specified interface Format show ip pimdm neighbor unit slot port all Mode Privileged EXEC and User EXEC Neighbor Address This field displays the IP Address of the neighbor on an interface Interface Valid unit slot and port ...

Page 357: ...ormat ip pimsm cbsrpreference 1 255 Mode Interface Config 13 5 1 1 no ip pimsm cbsrpreference This command is used to reset the CBSR preference for a particular PIM SM interface to the default value Format no ip pimsm cbsrpreference Mode Interface Config 13 5 2 ip pimsm cbsrhashmasklength This command is used to configure the CBSR hash mask length to be advertised in bootstrap messages for a parti...

Page 358: ...sk 240 0 0 0 Default 0 Format ip pimsm crppreference 1 255 Mode Interface Config 13 5 3 1 no ip pimsm crppreference This command is used to reset the Candidate Rendezvous Point CRP for a particular PIM SM interface to the default value Format no ip pimsm crppreference Mode Interface Config 13 5 4 ip pimsm message interval This command is used to configure the global join prune interval for PIM SM ...

Page 359: ...de Global Config 13 5 6 ip pimsm mode This command sets administrative mode of PIM SM multicast routing on a routing interface to enabled Default disabled Format ip pimsm mode Mode Interface Config 13 5 6 1 no ip pimsm mode This command sets administrative mode of PIM SM multicast routing on a routing interface to disabled Format no ip pimsm mode Mode Interface Config 13 5 7 ip pimsm query interva...

Page 360: ...es per second The possible values are 0 to 2000 Default 50 Format ip pimsm spt threshold 0 2000 Mode Global Config 13 5 8 1 no ip pimsm spt threshold This command is used to reset the Threshold rate for the RP router to switch to the shortest path to the default value Format no ip pimsm spt threshold Mode Global Config 13 5 9 ip pim trapflags This command enables the PIM trap mode for both Sparse ...

Page 361: ...roupmask is the group mask for the group address Format no ip pimsm staticrp ipaddress groupaddress groupmask Mode Global Config 13 5 11 ip pimsm register rate limit This command the register threshold rate for PIM SM Default disabled Format ip pimsm register rate limit 0 2000 Mode Global Config 13 5 12 show ip pimsm rphash This command displays the RP router that will be selected from the set of ...

Page 362: ...is a configured value Register Threshold Rate K bits sec This field indicates the threshold rate for the RP router to switch to the shortest path This is a configured value Unit Slot Port Valid unit slot and port number separated by forward slashes Interface Mode This field indicates whether PIM SM is enabled or disabled on the interface This is a configured value Protocol State This field indicat...

Page 363: ...itted on this interface This is a configured value By default the value is 30 seconds CBSR Preference This field shows the preference value for the local interface as a candidate bootstrap router This is a configured value CRP Preference This field shows the preference value as a candidate rendezvous point on this interface CBSR Hash Mask Length This field shows the hash mask length to be advertis...

Page 364: ...roupmask provided in the command The information in the table is displayed for each IP multicast group Format show ip pimsm rp groupaddress groupmask candidate all Mode Privileged EXEC and User EXEC Group Address This field specifies the IP multicast group address Group Mask This field specifies the multicast group address subnet mask Address This field displays the IP address of the Candidate RP ...

Page 365: ...364 Mode Privileged EXEC and User EXE CRP IP Address This field displays the IP address of the RP Group Mask This field displays the group mask for the group address ...

Page 366: ...yed and the terminal interface only displays 10 entries starting at specified addresses 14 1 Configuring for Web Access To enable Web access to the switch 1 Configure the switch for in band connectivity 2 Enable HTTP Web mode For layer 2 see ip http server command 14 1 1 Web Page Layout A Web interface panel for the switch Web page consists of three frames Figure 3 Frame 1 across the top displays ...

Page 367: ...ed in Frame 2 and the System Description Menu is dis played in Frame 3 3 Make your selection by clicking on the appropriate item in the navigation tree in Frame 2 14 1 3 Command Buttons The following command buttons are used throughout the Web interface panels for the switch Save Implements and saves the changes you just made Some settings may require you to reset the system in order for them to t...

Page 368: ...field 802 1P specifies a method for indicating frame priority based on the new fields defined in the 802 1Q VLAN standard 802 1Q VLAN The IEEE protocol designator for Virtual Local Area Network VLAN This standard provides VLAN identification and quality of service QoS levels Four bytes are added to an Ethernet frame to allow eight priority levels QoS and to identify up to 4096 VLANs See VLAN on pa...

Page 369: ...g BGP communicate using the Transmission Control Protocol TCP and send updated router table information only when one host has detected a change Only the affected part of the routing table is sent BGP 4 the latest version lets administrators configure cost metrics based on policy statements BGP 4 is sometimes called BGP4 without the hyphen BGP communicates with autonomous local networks using Inte...

Page 370: ...controlling network traffic by class so that certain types of traffic get precedence for example voice traffic which requires a relatively uninterrupted flow of data might get precedence over other kinds of traffic Differentiated Services is the most advanced method for managing traffic in terms of what is called Class of Service CoS Unlike the earlier mechanisms of 802 1P tagging and Type of Serv...

Page 371: ...atically forwarded on an output port Frame Check Sequence The extra characters added to a frame for error detection and correction FCS is used in X 25 HDLC Frame Relay and other data link layer protocols G GARP See Generic Attribute Registration Protocol on page 297 GARP Information Propagation GIP is the propagation of information between GARP participants for the same application in a bridge is ...

Page 372: ...ment Protocol IGMP is the standard for IP Multicasting on the Internet IGMP is used to establish host memberships in particular multicast groups on a single network The mechanisms of the protocol allow a host to inform its local router using Host Membership Reports that it wants to receive messages addressed to a specific multicast group All hosts conforming to Level 2 of the IP Multicasting speci...

Page 373: ...ee Lightweight Directory Access Protocol on page 298 Lightweight Directory Access Protocol A set of protocols for accessing information directories LDAP is based on the standards contained within the X 500 standard but is significantly simpler Unlike X 500 LDAP supports TCP IP which is necessary for any type of Internet access Although not yet widely implemented LDAP should eventually make it poss...

Page 374: ...refers to the business model whereas multicast refers to the actual technology used to transmit the data Multicast OSPF With a MOSPF specification an IP Multicast packet is routed based both on the packet s source and its multicast destination commonly referred to as source destination routing As it is routed the multicast packet follows a shortest path to each multicast destination During packet ...

Page 375: ...d by the router to determine the current topology of a network Interior Gateway distributes routing information between routers belonging to a single Autonomous System routing protocol This protocol s algorithm determines the shortest path from its router to all the other routers in the network This protocol is rapidly replacing RIP on the Internet Open Systems Interconnection OSI is a seven 7 lay...

Page 376: ...uality of Service QoS is a networking term that specifies a guaranteed level of throughput Throughput is the amount of data transferred from one device to another or processed in a specified amount of time typically throughputs are measured in bytes per second Bps R Real Time Operating System RTOS is a component of the OSAPI module that abstracts operating systems with which other systems can inte...

Page 377: ...led SNMPv2star The documents defing this version were never published as RFCs SNMPv3 proposed This version of the protocol is a combination of user based security and the protocol operations and data types from SNMPv2p and support for proxies The security is based on that found in SNMPv2u and SNMPv2 and updated after much review The documents defing this protocol will soon be published as RFCs Sim...

Page 378: ...VLAN is a means of parsing a single network into logical user groups or organizations as if they physically resided on a dedicated LAN segment of their own In reality this virtually defined community may have individual members peppered across a large extended LAN The VLAN identifier is part of the 802 1Q tag which is added to an Ethernet frame by an 802 1Q compliant switch or router Devices recog...

Page 379: ... Authentication framework X 511 Abstract service definition X 518 Procedures for distributed operation X 519 Protocol specifications X 520 Selected attribute types X 521 Selected object types XModem One of the most popular file transfer protocols FTPs Xmodem is fairly effective at detecting errors It sends blocks of data together with a checksum and then waits for acknowledgment of the block s rec...

Reviews:

No comments

Related manuals for DN-80233

D-Link DES-3224 - Switch User Manual preview
DES-3224 - Switch
Brand: D-Link Pages: 75
Eaton ATC-900 Manual preview
ATC-900
Brand: Eaton Pages: 40
D-Link DWS-3160-24TC Datasheet preview
DWS-3160-24TC
Brand: D-Link Pages: 7
Aastra TA7102i Hardware Installation Manual preview
TA7102i
Brand: Aastra Pages: 52
Cabletron Systems 9F426-03 Appendix preview
9F426-03
Brand: Cabletron Systems Pages: 14
Cabletron Systems MicroMMAC-22E Installation Manual preview
MicroMMAC-22E
Brand: Cabletron Systems Pages: 83
Nextech XC5906 Instruction Manual preview
XC5906
Brand: Nextech Pages: 4
H3C S5120-EI Series Configuration Commands preview
S5120-EI Series
Brand: H3C Pages: 29
3onedata IES6200-PN-16T4GS-2P48 Quick Installation Manual preview
IES6200-PN-16T4GS-2P48
Brand: 3onedata Pages: 3
EtherWAN EX17162A Installation Manual preview
EX17162A
Brand: EtherWAN Pages: 2
EtherWAN EX19164A Installation Manual preview
EX19164A
Brand: EtherWAN Pages: 2
Raritan PC-Share Installation And Operation preview
PC-Share
Brand: Raritan Pages: 4
Minicom Smart 4 User Manual preview
Smart 4
Brand: Minicom Pages: 16
Pilz 506401 Operating Manual preview
506401
Brand: Pilz Pages: 20
Sven HB-012 User Manual preview
HB-012
Brand: Sven Pages: 4
BENDIX SL-3-SL-4 STOP LIGHT SWITCH Manual preview
SL-3-SL-4 STOP LIGHT SWITCH
Brand: BENDIX Pages: 4
Edimax ES-5160G+ Install Manual preview
ES-5160G+
Brand: Edimax Pages: 8
HB Products HBSC2-SSR Instruction Manual preview
HBSC2-SSR
Brand: HB Products Pages: 6

Brands by name

Popular brands

Load more brands