Extreme Networks ExtremeWare 7.7 Command Reference Manual Download Page 473 | Manualshive

Page: 473 / 2620

background image

ExtremeWare 7.7 Command Reference Guide

473

8

NAT Commands

This chapter describes commands for:

•

Configuring VLANs for Network Address Translation (NAT)

•

Configuring NAT translation rules

•

Displaying NAT settings

Network address translation (NAT) is a feature that allows one set of IP addresses, typically private IP
addresses, to be converted to another set of IP addresses, typically public Internet IP addresses. This
conversion is done transparently by having a NAT device (for example, any Extreme Networks switch)
rewrite the source IP address and layer 4 port of the packets.

You can configure NAT to conserve IP address space by mapping a large number of inside (private)
addresses to a much smaller number of outside (public) addresses.

In implementing NAT, you must configure at least two separate VLANs involved. One VLAN is
configured as inside, and corresponds to the private IP addresses you would like to translate into other
IP addresses. The other type of VLAN is configured as outside, which corresponds to the public
(probably Internet) IP addresses you want the inside addresses translated to. The mappings between
inside and outside IP addresses are done using rules that specify the IP subnets involved and the
algorithms used to translate the addresses.

NOTE

The NAT modes in ExtremeWare only support translating only traffic that initiates from inside addresses.

NAT rules are associated with a single outside VLAN. Multiple rules per outside VLAN are allowed.
The rules take effect in the order they are displayed using the

show

command. Any number of inside

VLANs can use a single outside VLAN, assuming that you have created proper rules. Similarly, a single
inside VLAN can use any number of different outside VLANs, assuming that the rules and routing are
set up properly.

TCP and UDP layer 4 ports, in combination with the IP addresses, form a unique identifier which
allows hosts (as well as the NAT switch) to distinguish between separate conversations. NAT operates
by replacing the inside IP packet’s source IP address and layer 4 port with an outside IP address and
layer 4 port. The NAT switch maintains a connection table to map the return packets on the outside
VLAN back into their corresponding inside sessions.

«
...
471
472
473
474
475
...
»

Summary of Contents for ExtremeWare 7.7

Page 1: ...me Networks Inc 3585 Monroe Street Santa Clara California 95051 888 257 3000 http www extremenetworks com ExtremeWare Command Reference Guide Software Version 7 7 Published October 2006 Part number 100231 00 ...

Page 2: ...without notice Adobe Acrobat and Reader are registered trademarks of Adobe Systems Incorporated NetWare and Novell are registered trademarks of Novell Inc Merit is a registered trademark of Merit Network Inc Solaris is a trademark of Sun Microsystems Inc F5 BIG ip and 3DNS are registered trademarks of F5 Networks Inc see IT is a trademark of F5 Networks Inc Data Fellows the triangle symbol and Dat...

Page 3: ...assword policy lockout on login failures 81 configure account password policy maxage 82 configure account password policy min pwd length 83 configure banner 85 configure banner netlogin 86 configure dns client add 87 configure dns client add domain suffix 88 configure dns client add name server 89 configure dns client default domain 90 configure dns client delete 91 configure dns client delete dom...

Page 4: ...ands for Managing the Switch configure snmp access profile readonly 127 configure snmp access profile readwrite 129 configure snmp add community 131 configure snmp add trapreceiver 133 configure snmp community 137 configure snmp delete community 139 configure snmp delete trapreceiver 141 configure snmp sysContact 143 configure snmp sysLocation 144 configure snmp sysName 145 configure snmpv3 add ac...

Page 5: ...target addr 175 configure snmpv3 delete target params 176 configure snmpv3 delete user 177 configure snmpv3 engine boots 178 configure snmpv3 engine id 179 configure snmpv3 extreme target addr ext 180 configure sntp client server 182 configure sntp client update interval 183 configure web login timeout 184 disable alt queue management 185 disable dhcp ports vlan 186 disable eapol flooding 187 disa...

Page 6: ...raps port up down 210 enable sntp client 211 enable system watchdog 212 enable telnet 213 exit 215 logout 216 quit 217 show eapol flooding 218 show management 219 show odometer 222 show session 224 show snmpv3 access 226 show snmpv3 context 229 show snmpv3 counters 230 show snmpv3 engine info 232 show snmpv3 extreme target addr ext 233 show snmpv3 filter 234 show snmpv3 filter profile 235 show snm...

Page 7: ...sm failover slave config 267 configure msm failover timeout 268 configure port aggregate bandwidth percent 269 configure port interpacket gap 270 configure ports 271 configure ports auto polarity 274 configure ports auto off 275 configure ports auto on 277 configure ports display string 279 configure ports link detection level 281 configure ports preferred medium 282 configure ports redundant 284 ...

Page 8: ...ort 315 enable ports 317 enable sharing grouping 319 enable slot 322 enable smartredundancy 324 restart ports 325 run msm failover 326 show edp 327 show mirroring 329 show msm failover 330 show ports vlan stats 332 show ports collisions 334 show ports configuration 336 show ports info 338 show ports packet 342 show ports redundant 344 show ports sharing 345 show ports utilization 347 show ports vl...

Page 9: ...configure vlan add ports 377 configure vlan add ports loopback vid 379 configure vlan add secondary ip 381 configure vlan delete member vlan 383 configure vlan delete port 384 configure vlan delete secondary ip 385 configure vlan ipaddress 386 configure vlan name 387 configure vlan protocol 388 configure vlan tag 389 create protocol 390 create vlan 391 delete protocol 393 delete vlan 394 disable m...

Page 10: ...429 unconfigure fdb scan period 430 Chapter 7 QoS Commands clear dlcs 433 configure diffserv examination code point qosprofile ports 434 configure diffserv replacement priority vpri code point ports 436 configure dot1p type 438 configure ports qosprofile 440 configure qosprofile 441 configure qostype priority 443 configure red drop probability 445 configure vlan priority 446 configure vlan qosprof...

Page 11: ...ype priority 471 Chapter 8 NAT Commands clear nat 474 configure nat add vlan map 475 configure nat delete 479 configure nat finrst timeout 481 configure nat icmp timeout 482 configure nat syn timeout 483 configure nat tcp timeout 484 configure nat timeout 485 configure nat udp timeout 486 configure nat vlan 487 disable nat 488 enable nat 489 show nat 490 Chapter 9 SLB Commands i Series Switches On...

Page 12: ... failover dead frequency 511 configure slb failover failback now 512 configure slb failover ping check 513 configure slb failover unit 514 configure slb global connection block 515 configure slb global connection timeout 516 configure slb global ftp 517 configure slb global http 519 configure slb global nntp 521 configure slb global persistence level 522 configure slb global persistence method 523...

Page 13: ... slb pool add 557 configure slb pool delete 559 configure slb pool lb method 561 configure slb pool member 562 configure slb proxy client persistence 564 configure slb vip 565 configure slb vip client persistence timeout 566 configure slb vip max connections 567 configure slb vip service check frequency 568 configure slb vip service check ftp 569 configure slb vip service check http 571 configure ...

Page 14: ...disable slb node tcp port check 604 disable slb proxy client persistence 606 disable slb vip 607 disable slb vip client persistence 609 disable slb vip service check 610 disable slb vip sticky persistence 611 disable slb vip svcdown reset 612 enable flow redirect 613 enable slb 614 enable slb 3dns 615 enable slb failover 616 enable slb failover manual failback 617 enable slb failover ping check 61...

Page 15: ...ilover 645 show slb global 647 show slb gogo mode 649 show slb L4 port 650 show slb node 652 show slb persistence 654 show slb pool 655 show slb stats 656 show slb vip 657 unconfigure slb all 659 unconfigure slb gogo mode health check 660 unconfigure slb gogo mode service check 661 unconfigure slb vip service check 662 Chapter 10 Commands for Status Monitoring and Statistics clear counters 665 cle...

Page 16: ...gure sflow agent 706 configure sflow backoff threshold 707 configure sflow collector 709 configure sflow poll interval 711 configure sflow sample rate 712 configure sys hardware recovery 713 configure sys health check alarm level 715 configure sys health check alarm level msm 717 configure sys health check auto recovery 719 configure sys health check scan recovery 722 configure sys recovery level ...

Page 17: ... 753 disable temperature logging 754 disable transceiver test 756 enable cli config logging 758 enable flowstats 759 enable flowstats filter ports 760 enable flowstats ping check 762 enable flowstats ports 763 enable log debug mode 764 enable log display 765 enable log target 766 enable rmon 768 enable sflow 770 enable sflow backoff threshold 771 enable sflow ports 772 configure sys hardware recov...

Page 18: ...show ports txerrors 817 show sflow configuration 820 show sflow statistics 822 show version 824 unconfigure flowstats filter ports 827 unconfigure flowstats ports 828 unconfigure log filter 829 unconfigure log target format 830 unconfigure packet mem scan recovery mode 832 unconfigure sflow agent 834 unconfigure sflow backoff threshold 835 unconfigure sflow collector 836 unconfigure sys hardware r...

Page 19: ...nfigure cpu dos protect filter precedence 868 configure cpu dos protect filter type allowed 869 configure cpu dos protect messages 870 configure cpu dos protect notice threshold 871 configure cpu dos protect timeouts 872 configure cpu dos protect trusted ports 873 configure cpu dos protect Port Based 874 configure cpu dos protect trusted ports 875 configure enhanced dos protect ipfdb agingtime 876...

Page 20: ...d 904 configure route map add goto 906 configure route map add match 907 configure route map add set 909 configure route map delete 911 configure route map delete goto 912 configure route map delete match 913 configure route map delete set 915 configure security profile default user vlan 917 configure security profile dot11 auth network auth encryption 919 configure security profile dot1x wpa time...

Page 21: ...unting timeout 948 configure vlan access profile 949 configure vlan dhcp address range 951 configure vlan dhcp lease timer 953 configure vlan dhcp options 954 configure vlan netlogin lease timer 957 create access list 958 create access list igmp destination source igmp type ipmc group ports 960 create access list icmp destination source 962 create access list ip destination source ports 964 create...

Page 22: ...wn timeout ports 997 disable netlogin 998 disable netlogin dot1x guest vlan ports 1000 disable netlogin logout privilege 1001 disable netlogin ports 1002 disable netlogin ports mac 1003 disable netlogin session refresh 1004 disable radius 1005 disable radius accounting 1006 disable source ip lockdown ports 1007 disable ssh2 1008 disable tacacs 1009 disable tacacs accounting 1010 disable tacacs aut...

Page 23: ...gin logout privilege 1034 enable netlogin ports 1035 enable netlogin ports mac 1036 enable netlogin session refresh 1037 enable radius 1039 enable radius accounting 1040 enable source ip lockdown ports 1041 enable ssh2 1042 enable tacacs 1044 enable tacacs accounting 1045 enable tacacs authorization 1046 enable trusted mac address 1047 enable web 1048 enable web http 1049 enable web http access pr...

Page 24: ...ting 1084 show rate limit 1086 show route map 1088 show security profile 1089 show source ip lockdown ports 1092 show ssl 1094 show tacacs 1097 show tacacs accounting 1099 show trusted mac address 1101 show vlan vlan_name security 1102 ssh2 1103 unconfigure auth mgmt access 1105 unconfigure auth netlogin 1106 unconfigure cpu dos protect 1107 unconfigure enhanced dos protect ipfdb agingtime 1108 un...

Page 25: ... unconfigure vlan dhcp address range 1126 unconfigure vlan dhcp options 1128 Chapter 12 Configuration and Image Commands configure configuration mode 1132 configure download server 1133 configure switch 1134 configure wireless image configuration 1136 configure wireless ports image configuration runtime 1138 download bootrom 1139 download configuration 1141 download configuration cancel 1143 downl...

Page 26: ...8 configure debug trace dvmrp route 1180 configure debug trace dvmrp timer 1182 configure debug trace eaps system 1183 configure debug trace flow redirect 1185 configure debug trace flowstats 1187 configure debug trace health check 1188 configure debug trace iparp 1191 configure debug trace ipxgns message 1193 configure debug trace ipxrip message 1195 configure debug trace ipxrip route 1197 config...

Page 27: ...e debug trace slb failover 1228 configure debug trace stacking 1229 configure debug trace transceiver test 1231 configure debug trace udp forwarding 1233 configure debug trace vrrp 1234 configure debug trace vrrp hello 1235 configure debug trace wireless 1237 configure diagnostics 1239 configure reboot loop protection 1241 configure reboot loop protection backup msm 1242 configure reboot loop prot...

Page 28: ...s ports counters 1292 clear wireless ports flash image 1293 clear wireless ports interface ap scan results 1294 clear wireless ports interface client history 1295 clear wireless ports interface client scan counters 1296 clear wireless ports interface client scan results 1297 clear wireless ports log 1298 configure antenna profile 1299 configure rf profile beacon interval 1300 configure rf profile ...

Page 29: ...imeout 1324 configure wireless ports interface ap scan send probe 1325 configure wireless ports interface ap scan updated trap 1326 configure wireless ports interface channel 1327 configure wireless ports interface client history size 1329 configure wireless ports interface client history timeout 1330 configure wireless ports interface client scan added trap 1331 configure wireless ports interface...

Page 30: ...able wireless ports time 1360 enable wireless ports 1361 enable wireless ports cancel scheduler 1362 enable wireless ports every 1363 enable wireless ports interface 1364 enable wireless ports interface ap scan 1365 enable wireless ports interface ap scan off channel 1366 enable wireless ports interface client history 1367 enable wireless ports interface client scan 1368 enable wireless ports inte...

Page 31: ...us 1410 show wireless ports interface client scan configuration 1412 show wireless ports interface client scan results 1414 show wireless ports interface client scan results mac address 1416 show wireless ports interface client scan status 1417 show wireless ports interface clients 1419 show wireless ports interface configuration 1421 show wireless ports interface pae diagnostics 1424 show wireles...

Page 32: ... protect vlan 1459 configure eaps failtime 1460 configure eaps failtime expiry action 1461 configure eaps fast convergence 1463 configure eaps hellotime 1464 configure eaps mode 1465 configure eaps name 1466 configure eaps port 1467 configure eaps shared port link id 1468 configure eaps shared port mode 1469 configure eaps shared port segment timeout expiry action 1470 create eaps 1471 create eaps...

Page 33: ...ure vlan add elrp poll ports 1515 configure vlan add ports no restart 1516 configure vlan add ports restart 1517 configure vlan add track bgp 1518 configure vlan add track diagnostic 1519 configure vlan add track environment 1520 configure vlan add track iproute 1521 configure vlan add track ospf 1522 configure vlan add track ping 1523 configure vlan add track rip 1524 configure vlan add track vla...

Page 34: ...ure vlan esrp group add esrp aware ports 1546 configure vlan esrp group delete esrp aware ports 1548 configure vlan esrp priority 1549 configure vlan esrp timer 1550 disable elrp client 1552 disable elsm auto restart ports 1553 disable elsm ports 1554 disable esrp vlan 1556 enable elrp client 1557 enable elsm auto restart ports 1558 enable elsm ports 1559 enable esrp vlan 1561 show elrp 1562 show ...

Page 35: ...e bpdu filter enable 1598 configure stpd ports link type edge bpdu filter disable 1599 configure stpd ports mode 1600 configure stpd ports priority 1601 configure stpd priority 1603 configure stpd tag 1604 configure vlan add ports stpd 1605 create stpd 1607 delete stpd 1609 disable ignore bpdu vlan 1610 disable ignore stp vlan 1611 disable stpd 1612 disable stpd ports 1613 disable stpd rapid root ...

Page 36: ...tprelay add 1654 configure bootprelay delete 1655 configure bootprelay dhcp agent information check 1656 configure bootprelay dhcp agent information option 1658 configure bootprelay dhcp agent information policy 1660 configure ip down vlan action 1662 configure iparp add 1663 configure iparp add proxy 1664 configure iparp delete 1666 configure iparp delete proxy 1667 configure iparp max entries 16...

Page 37: ...ge 1691 configure vlan upd profile 1692 create udp profile 1693 delete udp profile 1694 disable bootp vlan 1695 disable bootprelay 1696 disable icmp access list 1697 disable icmp address mask 1698 disable icmp parameter problem 1699 disable icmp port unreachables 1700 disable icmp redirects 1701 disable icmp time exceeded 1702 disable icmp timestamp 1703 disable icmp unreachables 1704 disable icmp...

Page 38: ...mp parameter problem 1727 enable icmp port unreachables 1728 enable icmp redirects 1729 enable icmp time exceeded 1730 enable icmp timestamp 1731 enable icmp unreachables 1732 enable icmp useredirects 1733 enable ip option loose source route 1734 enable ip option record route 1735 enable ip option record timestamp 1736 enable ip option strict source route 1737 enable ip option use router alert 173...

Page 39: ...option 1768 unconfigure bootprelay dhcp agent information policy 1769 unconfigure icmp 1770 unconfigure iparp 1771 unconfigure irdp 1772 unconfigure udp profile 1773 Chapter 21 IGP Commands clear isis adjacency 1777 clear isis lsdb 1778 configure isis add area address 1779 configure isis add vlan 1780 configure isis area add domain summary 1781 configure isis area delete domain summary 1782 config...

Page 40: ...f area add range 1805 configure ospf area delete range 1806 configure ospf area external filter 1807 configure ospf area interarea filter 1808 configure ospf area normal 1809 configure ospf area nssa stub default cost 1810 configure ospf area stub stub default cost 1811 configure ospf asbr filter 1812 configure ospf ase limit 1813 configure ospf ase summary add 1814 configure ospf ase summary dele...

Page 41: ...updatetime 1840 configure rip vlan cost 1841 configure rip vlan export filter 1842 configure rip vlan import filter 1843 configure rip vlan trusted gateway 1844 create isis area 1845 create ospf area 1846 delete isis area 1847 delete ospf area 1848 disable isis 1849 disable isis export 1850 disable isis ignore attached bit 1852 disable isis originate default 1853 disable isis overload 1854 disable...

Page 42: ...t rip 1881 enable ospf export static 1883 enable ospf export vip 1885 enable ospf originate default 1887 enable ospf originate router id 1888 enable rip 1889 enable rip aggregation 1890 enable rip export cost 1891 enable rip export static cost 1893 enable rip exportstatic 1894 enable rip originate default cost 1895 enable rip poisonreverse 1896 enable rip splithorizon 1897 enable rip triggerupdate...

Page 43: ...p delete aggregate address 1926 configure bgp delete confederation peer sub AS number 1927 configure bgp delete network 1928 configure bgp local preference 1929 configure bgp med 1930 configure bgp neighbor as path filter 1931 configure bgp neighbor dampening 1932 configure bgp neighbor maximum prefix 1934 configure bgp neighbor next hop self 1936 configure bgp neighbor nlri filter 1937 configure ...

Page 44: ...r 1960 configure bgp peer group route map filter 1961 configure bgp peer group soft reset 1962 configure bgp peer group source interface 1963 configure bgp peer group timer 1964 configure bgp peer group weight 1965 configure bgp routerid 1966 configure bgp soft reconfiguration 1967 create bgp neighbor peer group 1968 create bgp neighbor remote AS number 1969 create bgp peer group 1970 delete bgp n...

Page 45: ...hapter 23 IP Multicast Commands clear igmp group 2004 clear igmp snooping 2005 clear ipmc cache 2006 clear ipmc fdb 2007 configure dvmrp add vlan 2008 configure dvmrp delete vlan 2009 configure dvmrp timer 2010 configure dvmrp vlan cost 2011 configure dvmrp vlan export filter 2012 configure dvmrp vlan import filter 2013 configure dvmrp vlan timer 2014 configure dvmrp vlan trusted gateway 2015 conf...

Page 46: ...m delete vlan 2038 configure pim register checksum to 2039 configure pim register rate limit interval 2040 configure pim register suppress interval register probe interval 2041 configure pim spt threshold 2042 configure pim timer vlan 2043 configure pim timer bsm wait time 2044 configure pim vlan trusted gateway 2045 configure mvr 2046 disable dvmrp 2047 disable dvmrp rxmode vlan 2048 disable dvmr...

Page 47: ...ble mvr 2072 mrinfo 2073 mtrace 2075 run ipmcfdb check 2077 show dvmrp 2078 show igmp group 2079 show igmp snooping 2080 show igmp snooping filter 2081 show igmp snooping static group 2082 show ipmc cache 2083 show ipmc fdb 2084 show l2stats 2085 show mcast queue mgmt 2086 show mroute 2087 show pim 2089 show pim snooping 2090 show mvr 2091 unconfigure dvmrp 2092 unconfigure ext mcast 2093 unconfig...

Page 48: ... vlan 2109 configure ipxsap delete vlan 2110 configure ipxsap vlan delay 2111 configure ipxsap vlan export filter 2112 configure ipxsap vlan import filter 2113 configure ipxsap vlan max packet size 2114 configure ipxsap vlan trusted gateway 2115 configure ipxsap vlan update interval 2116 configure ipxsap vlan gns delay 2117 configure ipxservice add 2118 configure ipxservice delete 2119 configure v...

Page 49: ...ure route map set lpm routing 2147 disable accounting 2148 disable ipforwarding lpm routing 2149 disable lpm 2150 enable accounting 2151 enable ipforwarding lpm routing 2152 enable lpm 2153 show accounting 2154 show lpm 2155 Chapter 26 Remote Connect Commands clear APmgmt redirect db history 2158 clear APmgmt unknown ap history 2159 configure wireless bind 2160 configure wireless device db 2161 co...

Page 50: ...gure ports e1 timeslots 2187 configure ports snmp alert 2188 configure ports t1 cablelength 2189 configure ports t1 fdl 2190 configure ports t1 framing 2191 configure ports t1 lbdetect 2192 configure ports t1 linecoding 2193 configure ports t1 yellow 2194 configure ports t3 cablelength 2195 configure ports t3 framing 2196 configure ppp 2197 configure ppp authentication 2199 configure ppp user 2200...

Page 51: ...2223 show multilink e1 errors 2224 show multilink stats 2225 show multilink t1 errors 2226 show ports alarms 2227 show ports configuration 2228 show ports errors 2229 show ports e1 errors 2230 show ports info 2231 show ports stats 2232 show ppp 2233 show ppp info 2234 unconfigure ppp 2235 Chapter 29 High Density Gigabit Ethernet Commands Alpine 3800 and BlackDiamond 6800 Series Only abort diagnost...

Page 52: ...l ports 2261 run diagnostics cable 2262 show application examination 2264 show diagnostics cable 2265 show ports egress rate limit 2268 show ports ingress stats 2270 show qosprofile ingress 2273 show qostype ingress priority 2275 unconfigure diffserv ingress replacement ports 2276 unconfigure qostype ingress priority 2277 Chapter 30 PoS Commands BlackDiamond Switch Only configure aps 2280 configur...

Page 53: ...p quality ports 2310 configure ppp user ports 2311 configure qosprofile 2312 configure red 2314 configure red min threshold ports 2316 configure sonet clocking ports 2317 configure sonet framing ports 2318 configure sonet loop 2319 configure sonet signal label ports 2320 configure sonet threshold signal degrade ports 2321 configure sonet threshold signal fail ports 2322 configure sonet trace path ...

Page 54: ...4 configure inline power detection 2355 configure inline power disconnect precedence 2356 configure inline power display string configure inline power label ports 2357 configure inline power operator limit ports 2359 configure inline power power supply 2361 configure inline power priority 2362 configure inline power reserved budget 2363 configure inline power type 2364 configure inline power usage...

Page 55: ...budget ports 2407 unconfigure inline power usage threshold 2408 unconfigure inline power violation precedence ports 2409 Chapter 32 LLDP Commands configure lldp ports management address 2412 configure lldp ports port description 2413 configure lldp ports system capabilities 2414 configure lldp ports system description 2415 configure lldp ports system name 2416 configure lldp ports vendor specific ...

Page 56: ... Chapter 33 H VPLS Commands BlackDiamond Switch Only clear mpls vpls counters 2448 configure mpls add vpls 2449 configure mpls delete 2451 configure mpls edge service mode 2452 configure mpls ldp acl 2453 configure mpls ldp acl add peer 2454 configure mpls ldp acl delete peer 2455 configure mpls vpls add 2456 configure mpls vpls add peer 2458 configure mpls delete vpls 2461 configure mpls health c...

Page 57: ...pls vpls nodes 2491 vplsping 2492 vplstrace 2494 Chapter 34 MPLS Commands BlackDiamond Switch Only clear mpls vpls counters 2498 configure mpls 2499 configure mpls add vpls 2501 configure mpls add tls tunnel 2503 configure mpls add vlan 2506 configure mpls delete 2508 configure mpls delete tls tunnel 2509 configure mpls delete vlan 2510 configure mpls delete vpls 2511 configure mpls edge service m...

Page 58: ... delete path 2539 configure mpls rsvp te delete profile 2540 configure mpls rsvp te lsp add path 2541 configure mpls rsvp te delete path 2543 configure mpls rsvp te add ero 2544 configure mpls rsvp te delete ero 2546 configure mpls rsvp te profile 2547 configure mpls rsvp te vlan 2549 configure mpls tls tunnel lsp 2551 configure mpls vlan ip mtu 2552 configure mpls vlan ldp propagate 2554 configur...

Page 59: ...w mpls forwarding 2579 show mpls interface 2581 show mpls label 2582 show mpls ldp 2584 show mpls qos mapping 2586 show mpls rsvp te 2587 show mpls rsvp te lsp 2588 show mpls rsvp te path 2589 show mpls rsvp te profile 2590 show mpls tls tunnel 2591 show mpls vpls 2592 show mpls vpls nodes 2593 unconfigure mpls 2594 unconfigure mpls 2595 unconfigure mpls qos mapping 2596 vplsping 2597 vplstrace 25...

Page 60: ...60 ExtremeWare 7 7 Command Reference Guide Contents ...

Page 61: ...le for installing and setting up network equipment It assumes knowledge of Extreme Networks switch configuration For conceptual information and guidance on configuring Extreme Networks switches see the ExtremeWare Software User Guide for your version of the ExtremeWare software Terminology When features functionality or operation is specific to a modular or stand alone switch family the family nam...

Page 62: ...rsonal injury Table 2 Text Conventions Convention Description Screen displays This typeface indicates command syntax or represents information as it appears on the screen The words enter and type When you see the word enter in this guide you must type something and then press the Return or Enter key Do not press the Return or Enter key when an instruction simply says type Key names Key names are w...

Page 63: ...guide for any command mentioned in the user guide To ensure that the quick referencing feature functions properly follow these steps 1 Download both the user guide PDF file and the command reference guide PDF file to the same destination directory on your computer 2 You may open one or both PDF files to enable cross referenced linking between the user guide and command reference guide however it i...

Page 64: ...clicking the Reader or Acrobat icon on your desktop or by using the Windows Start menu and navigating to the appropriate Adobe program 2 In the Edit pull down menu select Preferences The Preferences window will be displayed 3 In the Preferences window select the General option displayed in the left hand column in the list of preference options The General options will be displayed in the Preferenc...

Page 65: ...ation examples For information about the various features and technologies supported by Extreme Networks switches see the installation and user guides for your product This guide does not replace the installation and user guides this guide supplements the installation and user guides Audience This guide is intended for use by network administrators who are responsible for installing and setting up...

Page 66: ...ine interface CLI supports only the US character set If you are using a pseudo tty session the output of the CLI commands may not be displayed completely This usually happens if the output is too long For each command the following information is provided Command Syntax The actual syntax of the command The syntax conventions the use of braces or curly brackets for example are defined in the sectio...

Page 67: ...re are more names than can be displayed The syntax helper also provides assistance if you have entered an incorrect command Table 3 Command Syntax Symbols Symbol Description angle brackets Enclose a variable or value You must specify the variable or value For example in the syntax configure vlan vlan name ipaddress ip_address you must supply a VLAN name for vlan name and an address for ip_address ...

Page 68: ...d When you enter a command to configure a named component you do not need to use the keyword of the component For example to create a VLAN you must enter a unique VLAN name create vlan engineering After you have created the VLAN with a unique name you can eliminate the keyword vlan from all subsequent commands that require the name to be entered For example instead of entering the modular switch c...

Page 69: ... Keys Key s Description Backspace Deletes character to left of cursor and shifts remainder of line to left Delete or Ctrl D Deletes character under cursor and shifts remainder of line to left Ctrl K Deletes characters from under cursor to end of line Insert Toggles on and off When toggled on inserts text and shifts previous text to right Left Arrow Moves cursor to left Right Arrow Moves cursor to ...

Page 70: ...eshold time interval count configure reboot loop protection backup msm threshold use master config configure stacking slot binding slot number loose strict configure stpd spanning tree name ports link type edge port number bpdu filter enable configure stpd spanning tree name ports link type edge port number bpdu filter disable enable stpd bpdu filter configure mvr add delete vlan vlan name disable...

Page 71: ...show ip security arp learning show arp learning ports portlist show ip security arp learning ports portlist show arp learning ports all show ip security arp learning ports all show arp learning vlan vlan name show ip security arp learning vlan vlan name show arp learning vlan vlan name ports portlist show ip security arp learning vlan vlan name ports portlist show arp learning vlan vlan name ports...

Page 72: ...72 ExtremeWare 7 7 Command Reference Guide Command Reference Overview ...

Page 73: ...count can view and change all switch parameters It can also add and delete users and change the password associated with any account name The administrator can disconnect a management session that has been established by way of a Telnet connection If this happens the user logged on by way of the Telnet connection is notified that the session has been terminated The DNS client in ExtremeWare augmen...

Page 74: ...they have been disabled for exceeding the three failed login attempts NOTE The default admin account and failsafe accounts are never locked out This command only clears the locked out or disabled condition of the account The action of locking out accounts following the failed login attempts remains until you turn it off by issuing the configure account all name password policy lockout on login fai...

Page 75: ...displays information about current Telnet sessions including The session number The login date and time The user name The type of Telnet session Depending on the software version running on your switch additional session information may be displayed The session number is the first number displayed in the show session output Example The following command terminates session 4 from the system clear s...

Page 76: ...crypted option in the CLI For ExtremeWare 6 1 and higher The password cannot be specified on the command line Instead the switch will interactively prompt you to enter the password and will then prompt you to reenter the password to verify that you have entered it correctly For ExtremeWare 6 0 and higher Passwords must have a minimum of 1 character and can have a maximum of 30 characters For Extre...

Page 77: ...u enter the password the switch will then prompt you to reenter it Reenter password Assuming you enter it successfully a second time the password is now changed In ExtremeWare 4 1 19 the following command defines a new password Extreme1 for the account admin configure account admin Extreme1 History This command was first available in ExtremeWare 2 0 This command was added to the e series of switch...

Page 78: ...Z Lower case a z 0 9 The minimum number of characters for these specifically formatted passwords is 8 characters and the maximum is 32 characters Use the none option to reset the password to accept all formats Example The following command requires all users to use this specified format for all passwords configure account all password policy char validation all char groups History This command was...

Page 79: ...configure account password policy char validation ExtremeWare 7 7 Command Reference Guide 79 Platform Availability This command is available on all platforms ...

Page 80: ... that is saved by the system up to the configured limit for that account this applies to both user and administrative accounts This also applies to a configured password on the default admin account on the switch The limit of previous passwords that the system checks for previous use is configurable from 1 to 10 Using the none option disables previous password tracking and returns the system to th...

Page 81: ...he account to allow innumerable consecutive failed login attempts which is the system default The system default is that three failed consecutive login attempts terminate the particular session but the user may launch another session there is no lockout feature by default NOTE The default admin account and failsafe accounts are never locked out no matter how many consecutive failed login attempts ...

Page 82: ...ystem first verifies that the entered password had been valid prior to expiring and then prompts the user to change the password NOTE This is the sole time that a user with a user level opposed to an administrator level account can make any changes to the user level account Using the none option prevents the password for the specified account from ever expiring it resets the password to the system...

Page 83: ...e password minimum is 0 by default NOTE If the account is configured to require a specific password format the minimum is 8 characters See configure account password policy char validation for more information Example The following command requires a minimum of 8 letters for the password for the account management configure account management password policy min length 8 History This command was f...

Page 84: ...84 ExtremeWare 7 7 Command Reference Guide Commands for Accessing the Switch Platform Availability This command is available on all platforms ...

Page 85: ... line For ExtremeWare 6 0 and higher including the e series releases You can enter up to 24 rows of 79 column text that is displayed before the login prompt of each session For ExtremeWare 2 0 and ExtremeWare 4 x You can enter up to 24 rows of 80 column text that is displayed before the login prompt of each session Example The following command adds a banner Welcome to the switch before the login ...

Page 86: ...no banner is configured the Extreme logo is displayed The network login banner displays in HTML No links or images are supported Press Enter to enter text on a new line Press Enter twice to finish entering the network login banner You can enter up to 1024 characters in the banner Example The following command adds the banner Welcome to your switch in 8 point purple Arial before the login prompt co...

Page 87: ...ions prior to 6 2 1 In ExtremeWare 6 2 1 and later eight DNS name servers can be configured Example The following command specifies that the switch use the DNS server 10 1 2 1 configure dns client add 10 1 2 1 History This command was first available in ExtremeWare 4 0 This command was modified in ExtremeWare 6 2 1 to support up to eight DNS name servers This command was added to the e series of s...

Page 88: ...list will be the last name used during name resolution This command will not overwrite any exiting entries If a null string is used as the last suffix in the list and all other lookups fail the name resolver will attempt to look up the name with no suffix Example The following command configures a domain name and adds it to the domain suffix list configure dns client add domain suffix xyz_inc com ...

Page 89: ... DNS name servers can be configured in ExtremeWare versions prior to 6 2 1 In ExtremeWare 6 2 1 and later eight DNS name servers can be configured Example The following command specifies that the switch use the DNS server 10 1 2 1 configure dns client add name server 10 1 2 1 History This command was first available in ExtremeWare 6 2 2 This command was added to the e series of switches in Extreme...

Page 90: ... to create a fully qualified host name when a domain name is not specified For example if the default default domain name is set to food com then when a command like ping dog is entered the ping will actually be executed as ping dog food com Example The following command configures the default domain name for the server configure dns client default domain xyz_inc com History This command was first...

Page 91: ...t for the DNS client Syntax Description Default N A Usage Guidelines None Example The following command removes a DNS server from the list configure dns client delete 10 1 2 1 History This command was first available in ExtremeWare 4 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ipaddress Specifies an IP ad...

Page 92: ...ed item was not the last entry in the list all items that had been added later are moved up in the list If no entries in the list match the domain name specified an error message will be displayed Example The following command deletes a domain name from the domain suffix list configure dns client delete domain suffix xyz_inc com History This command was first available in ExtremeWare 6 2 2 This co...

Page 93: ... server list for the DNS client Syntax Description Default N A Usage Guidelines None Example The following command removes a DNS server from the list configure dns client delete name server 10 1 2 1 History This command was first available in ExtremeWare 6 2 2 This command was added to the e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ipa...

Page 94: ...d to have an effect the idletimeouts feature is disabled by default In ExtremeWare v 6 2 0 the time out interval was specified in seconds not minutes Example The following command sets the time out for idle HTTP login and console sessions to 10 minutes configure idletimeouts 10 History This command was first available in ExtremeWare 6 2 This command was modified in ExtremeWare 6 2 1 to change the ...

Page 95: ... switches You cannot set the year past 2036 For ExtremeWare 6 0 and higher on the i series of switches You cannot set the year past 2035 For ExtremeWare 2 0 and 4 x You cannot set the year past 2023 Example The following command configures a system date of February 15 2005 and a system time of 8 42 AM and 55 seconds configure time 02 15 2005 08 42 55 History This command was first available in Ext...

Page 96: ...ngth The default is an empty string dst_offset Specifies an offset from standard time in minutes Value is in the range of 1 to 60 Default is 60 minutes floating_day Specifies the day week and month of the year to begin or end DST each year Format is week day month where week is specified as first second third fourth last or 1 5 day is specified as sunday monday tuesday wednesday thursday friday sa...

Page 97: ...y april The ends specification defaults to every last sunday october The ends date may occur earlier in the year than the begins date This will be the case for countries in the Southern Hemisphere If you specify only the starting or ending time not both the one you leave unspecified will be reset to its default The time_of_day specification defaults to 2 00 The timezone IDs are optional They are u...

Page 98: ... Italy Bern Switzerland Stockholm Sweden Oslo Norway 2 00 120 EET Eastern European Russia Zone 1 Athens Greece Helsinki Finland Istanbul Turkey Jerusalem Israel Harare Zimbabwe 3 00 180 BT Baghdad Russia Zone 2 Kuwait Nairobi Kenya Riyadh Saudi Arabia Moscow Russia Tehran Iran 4 00 240 ZP4 Russia Zone 3 Abu Dhabi UAE Muscat Tblisi Volgograd Kabul 5 00 300 ZP5 Russia Zone 4 5 30 330 IST India Stand...

Page 99: ... DST adjustment for the Middle European timezone with the optional timezone ID of MET configure timezone name MET 60 autodst name MDT begins every last sunday march at 1 ends every last sunday october at 1 The following command configures the GMT offset and automatic DST adjustment for New Zealand The ending date must be configured each year because it occurs on the first Sunday on or after March ...

Page 100: ...igher User account names must have a minimum of 1 character and can have a maximum of 32 characters Passwords must have a minimum of 0 characters admin Specifies an access level for account type admin pppuser Specifies an access level for account type pppuser sma ftp user Specifies an access level for account type sma ftp user user Specifies an access level for account type user username Specifies...

Page 101: ...a switch generated configuration using the download configuration command For version 2 0 User account name specifications are not available Password specifications are not available Example The following command creates a new account named John2 with administrator privileges create account admin john2 History This command was first available in ExtremeWare 2 0 This command was modified in Extreme...

Page 102: ...ere must be one administrator account on the system the command will fail if an attempt is made to delete the last administrator account on the system Do not delete the default administrator account If you do it is automatically restored with no password the next time you download a configuration To ensure security change the password on the default account but do not delete it The changed passwor...

Page 103: ...delete account ExtremeWare 7 7 Command Reference Guide 103 Platform Availability This command is available on all platforms ...

Page 104: ... mechanism and allows the display to print continuously to the screen NOTE Press q and then press Return to force a pause when CLI paging is disabled To view the status of CLI paging on the switch use the show management command The show management command displays information about the switch including the enable disable state for CLI paging Example The follow command disables clipaging and allow...

Page 105: ...d or you logoff Telnet sessions remain open until you close the Telnet client To view the status of idle time outs on the switch use the show management command The show management command displays information about the switch including the enable disable state for idle time outs Example The following command disables the timer that disconnects all sessions to the switch disable idletimeouts Histo...

Page 106: ...ge To view the status of CLI paging on the switch use the show management command The show management command displays information about the switch including the enable disable state for CLI paging If CLI paging is enabled and you use the show tech support command to diagnose system technical problems the CLI paging feature is disabled Example The following command enables clipaging and does not a...

Page 107: ...res that there are no hanging connections To view the status of idle time outs on the switch use the show management command The show management command displays information about the switch including the enable disable state for idle time outs In ExtremeWare 6 2 or later you can configure the length of the time out interval Example The following command enables a timer that disconnects any Telnet...

Page 108: ...e to your software or switch can be used To view the type of license you are currently running on the switch use the show switch command The license key number is not displayed but the type of license is displayed in the show switch output The type of license is displayed after the system name system location system contact and system MAC address Example The following command enables a full L3 lic...

Page 109: ...enable license ExtremeWare 7 7 Command Reference Guide 109 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 110: ...t N A Usage Guidelines ExtremeWare remembers the last 49 commands you entered on the switch Use the history command to display a list of these commands Example The following command displays the previous 49 commands entered on the switch history History This command was first available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability T...

Page 111: ...boot a module in a specific slot When you specify this option the command applies to the module in the specified slot rather than to the switch In general the modules that can be rebooted have separate images from the ExtremeWare image for the switch date Specifies a reboot date in mm dd yyyy format time Specifies a reboot time in hh mm ss format cancel Cancels a previously scheduled reboot slot n...

Page 112: ... reboot time 04 15 2002 08 00 00 On the i series of switches the following command reboots the MPLS module in slot number 5 It would also reboot the fifth switch in a stack of switches on the e series of switches reboot time 10 04 2001 10 46 00 slot 5 History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 7 0 0 to include the slot option This command w...

Page 113: ...ber of characters in passwords Character validation The passwords must be in the specific format required by the configure account password policy char validation command Lockout on login failures If enabled the system locks out users after 3 failed login attempts Accounts locked out Number of accounts locked out User Name The name of the user This list displays all of the users who have access to...

Page 114: ...racter Validation Disabled Accts lockout on login failures Disabled Accounts locked out No User Name Password Password Password Password Flags Expiry Max age Min len History Date Limit admin None None None user None None None test Apr 17 2005 12 32 9 C Flags C Password character validation enabled L Account locked out l Account lockout on login failures enabled History This command was first avail...

Page 115: ... in a tabular format User Name The name of the user This list displays all of the users who have access to the switch Access The SNMP community strings This may be listed as R W for read write or RO for read only Login OK The number of logins that are okay Failed The number of failed logins Depending on the software version running on your switch additional or different account information may be ...

Page 116: ...116 ExtremeWare 7 7 Command Reference Guide Commands for Accessing the Switch Platform Availability This command is only available on the i series of switches ...

Page 117: ...s displayed before the login prompt Example The following command displays the switch banner show banner Output from this command looks similar to the following Extreme Networks Summit48i Layer 3 Switch Unauthorized Access is strictly prohibited Violators will be prosecuted History This command was first available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare...

Page 118: ... command displays the DNS configuration show dns client Output from this command looks similar to the following Number of domain suffixes 2 Domain Suffix 1 njudah local Domain Suffix 2 dbackman com Number of name servers 2 Name Server 1 172 17 1 104 Name Server 2 172 17 1 123 History This command was first available in ExtremeWare 4 0 This command was added to the e series of switches in ExtremeWa...

Page 119: ...nfigured using an 802 1Q tag on the connecting port or if only a single VLAN is involved as untagged Example The following command displays ESRP awareness information for a VLAN named esrpEn Summit400 48t 8 show esrp aware vlan esrpEn The output of the command is similar to the following VLAN Interface esrpEn DisableLearnTimeout 0 secs Total Fdb Flushes 0 Esrp Group 0 Esrp Master Mac 00 04 96 14 4...

Page 120: ...show switch command displays sysName sysLocation sysContact MAC address License type System mode Recovery mode Transceiver diagnostics Watchdog state Reboot loop information Current date time system boot time and time zone configuration Configuration modified information Any scheduled reboot information Scheduled upload download information Operating environment temperature fans and power supply s...

Page 121: ...wing SysName Alpine3804 SysLocation Extreme Networks HQ SysContact Carlos_Beronio System MAC 00 01 30 23 C1 00 License Full L3 System Mode 802 1Q EtherType is 8100 Hex CPU Tx Priority High RED Probability 0 DLCS Enabled SysHealth Check Enabled Alarm Level Log Recovery Mode All System dump Reboot Transceiver Diag Enabled Failure action log only Fdb Scan Diag Enabled Failure action log only System W...

Page 122: ...SysLocation SysContact support extremenetworks com 1 888 257 3000 System MAC 00 04 96 18 40 AF License Advanced Edge System Mode 802 1Q EtherType is 8100 Hex Recovery Mode None System Watchdog Enabled Reboot Loop Prot Disabled Current Time Mon Jun 14 16 26 10 2055 Timezone Auto DST Enabled GMT Offset 0 minutes name is GMT DST of 60 minutes is currently in effect name is not set DST begins every fi...

Page 123: ...able in ExtremeWare 2 0 This command was modified in ExtremeWare 6 1 8 to display the mode of switch operation extended standard or auto for the Alpine 3802 This command was modified in ExtremeWare 7 0 0 This command was added to the e series of switches in ExtremWare 7 1e This command was modified in ExtremeWare 7 3 0 to add an indicator for default configuration mode standard or enhanced Platfor...

Page 124: ...e in ExtremeWare 2 0 This command was modified in ExtremeWare 4 0 to support the hostname parameter This command was modified in ExtremeWare 6 1 to support the from ttl and port parameters This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms host name Specifies the hostname of the destination endstation ip_address S...

Page 125: ...leted using the RMON2 trapDestTable MIB variable as described in RFC 2021 Authorized managers An authorized manager can be either a single network management station or a range of addresses for example a complete subnet specified by a prefix and a mask The switch can have a maximum of eight authorized managers Community strings The community strings allow a simple method of authentication between ...

Page 126: ... modify switch configurations Simple Network Time Protocol ExtremeWare supports the client portion of the Simple Network Time Protocol SNTP Version 3 based on RFC1769 SNTP can be used by the switch to update and synchronize its internal clock from a Network Time Protocol NTP server When enabled the switch sends out a periodic query to the indicated NTP server or the switch listens to broadcast NTP...

Page 127: ... only access to the switch The default read only community string is public The community string for all authorized trap receivers must be configured on the switch for the trap receiver to receive switch generated traps SNMP community strings can contain up to 32 characters To view the SNMP read only access communities configured on the switch use the show management command The show management co...

Page 128: ...128 ExtremeWare 7 7 Command Reference Guide Commands for Managing the Switch Platform Availability This command is available on all platforms ...

Page 129: ...unity strings provide read and write access to the switch The default read write community string is private The community string for all authorized trap receivers must be configured on the switch for the trap receiver to receive switch generated traps SNMP community strings can contain up to 32 characters To view the SNMP read write access communities configured on the switch use the show managem...

Page 130: ... ExtremeWare 7 7 Command Reference Guide Commands for Managing the Switch This command was added to the Summit e series of switches in 7 2e Platform Availability This command is available on all platforms ...

Page 131: ...and trap receivers are not forced to use identical community strings The configure snmp add community command allows you to add multiple community strings in addition to the default community string An SNMP community string can contain up to 32 characters To change the value of the default read write and read only community strings use the configure snmp community command The encrypted option is i...

Page 132: ...characters Example The following command adds a read write community string with the value extreme configure snmp add community readwrite extreme History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in 7 1e This command was modified in ExtremeWare 7 2e to add support for encryption Platform Availability This command is available on a...

Page 133: ... hex octets community string Specifies the community string of the trap receiver source ip address Specifies the IP address of a VLAN to be used as the source address for the trap enhanced Specifies enhanced traps which contain extra varbinds at the end standard Specifies standard traps which do not constrain the extra varbinds auth traps Specifies that authentication traps will be sent to the tra...

Page 134: ...topology changes and the IP address used by the switch changes Table 7 lists the currently defined SNMP trap groups From time to time new trap groups may be added to this command Table 7 SNMP Trap Groups Trap Group Notifications MIB Subtree stp traps newRoot topologyChange dot1dBridge 1 3 6 1 2 1 17 bgp traps1 bgpEstablished bgpBackwardTransition extremeBgpPrefixReachedThreshold extremeBgpPrefixMa...

Page 135: ... switch system traps extremeOverheat extremeFanFailed extremeFanOK extremePowerSupplyFail extremePowerSupplyGood extremeModuleStateChange extremeHealthCheckFailed extremeCpuUtilizationRisingTrap extremeCpuUtilizationFallingTrap coldStart warmStart 1 3 6 1 4 1 1916 0 6 1 3 6 1 4 1 1916 0 7 1 3 6 1 4 1 1916 0 8 1 3 6 1 4 1 1916 0 10 1 3 6 1 4 1 1916 0 11 1 3 6 1 4 1 1916 0 15 1 3 6 1 4 1 1916 4 1 0 ...

Page 136: ...mand adds port 9990 at the IP address 10 203 0 22 as a trap receiver with the community string public and the receiver should be sent standard traps for the trap groups for BGP and Extreme Networks configure snmp add trapreceiver ipaddress 10 203 0 22 port 9990 community public mode standard trap group extreme traps bgp traps History This command was first available in ExtremeWare 1 0 This command...

Page 137: ...s private It is recommended that you change the values of the default read write and read only community strings You use the configure snmp community command to change the value of the default community strings An SNMP community string can contain up to 32 characters The encrypted option is intended for use by the switch when generating an ASCII configuration file using the upload configuration co...

Page 138: ...witch History This command was first available in ExtremeWare 1 0 This command was added to the Summit e series of switches in 7 1e This command was modified in ExtremeWare 7 2e to add support for encryption Platform Availability This command is available on all platforms ...

Page 139: ...he trap receiver to receive switch generated traps SNMP community strings can contain up to 32 characters It is recommended that you change the defaults of the read write and read only community strings Use the configure snmp add command to configure an authorized SNMP management station The encrypted option should only be used by the switch to generate an ASCII configuration using the upload conf...

Page 140: ...unity string named extreme configure snmp delete community readwrite extreme History This command was first available in ExtremeWare 2 0 Support for the add parameter was discontinued in ExtremeWare 4 0 This command was added to the Summit e series of switches in 7 2e Platform Availability This command is available on all platforms ...

Page 141: ...ap receiver entry with the specified community string should be removed Example The following command deletes the trap receiver 10 101 0 100 from the trap receiver list configure snmp delete trapreceiver 10 101 0 100 The following command deletes entries in the trap receiver list for 10 101 0 100 port 9990 configure snmp delete trapreceiver 10 101 0 100 port 9990 Any entries for this IP address wi...

Page 142: ...142 ExtremeWare 7 7 Command Reference Guide Commands for Managing the Switch Platform Availability This command is available on all platforms ...

Page 143: ... switch use the show switch command The show switch command displays switch statistics including the name of the system contact To restore defaults to all SNMP related entries including the SNMP parameters modified using the configure snmp syscontact alphanumeric string command use the unconfigure management command Example The following command defines FredJ as the system contact configure snmp s...

Page 144: ...show switch command displays switch statistics including the location of the switch To restore defaults to all SNMP related entries including the SNMP parameters modified using the configure snmp syslocation alphanumeric string command use the unconfigure management command Example The following command configures a switch location name on the system configure snmp syslocation englab History This ...

Page 145: ...f the system listed on the switch use the show switch command The show switch command displays switch statistics including the name of the system To restore defaults to all SNMP related entries including the SNMP parameters modified using the configure snmp sysname alphanumeric string command use the unconfigure management command Example The following command names the switch configure snmp sysna...

Page 146: ...ntext There are a number of default permanent groups already defined These groups are admin initial initialmd5 initialsha initialmd5Priv initialshaPriv v1v2c_ro v1v2c_rw hex Specifies that the value to follow is to be supplied as a colon separated string of hex octets group name Specifies the group name to add or modify sec model Specifies the security model to use snmpv1 Specifies the SNMPv1 secu...

Page 147: ... security level noauth read view defaultUserView no write view notify view defaultUserView and storage nonvolatile configure snmpv3 add access defaultROGroup In the following command access for the group defaultROGroup is created with the values security model USM security level authnopriv read view defaultAdminView write view defaultAdminView notify view defaultAdminView and storage nonvolatile c...

Page 148: ...ntry with the community index hex of 4 E community name hex of EA 12 CD CF AB 11 3C user security name v1v2c_user using transport tag 34872 and volatile storage configure snmpv3 add community hex 4 E name hex EA 12 CD CF AB 11 3C user v1v2c_user tag 34872 volatile History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare ...

Page 149: ...configure snmpv3 add community ExtremeWare 7 7 Command Reference Guide 149 Platform Availability This command is available on all platforms ...

Page 150: ...ommand can be used multiple times to configure the exact filter profile desired Example Use the following command to add a filter to the filter profile prof1 that includes the MIB subtree 1 3 6 1 4 1 f0 configure snmpv3 add filter prof1 subtree 1 3 6 1 4 1 f0 type included History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in Ext...

Page 151: ...configure snmpv3 add filter ExtremeWare 7 7 Command Reference Guide 151 Platform Availability This command is available on all platforms ...

Page 152: ...and the filter profile is associated with a series of filters so in effect you are associating a series of filters with a target address Example Use the following command to associate the filter profile prof1 with the parameter name P1 configure snmpv3 add filter profile prof1 param P1 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of sw...

Page 153: ...ely identified by a security name and security model So the same security name can be associated to a group name but with different security models Example Use the following command to associate the user userV1 to the group defaultRoGroup with SNMPv1 security configure snmpv3 add group defaultRoGroup user userV1 sec model snmpv1 Use the following command to associate the user userv3 with security ...

Page 154: ...ide Commands for Managing the Switch History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 155: ...tAdminView and defaultNotifyView Example Use the following command to create the MIB view allMIB with the subtree 1 3 included as non volatile configure snmpv3 add mib view allMIB subtree 1 3 Use the following command to create the view extremeMib with the subtree 1 3 6 1 4 1 1916 included as non volatile configure snmpv3 add mib view extremeMib subtree 1 3 6 1 4 1 1916 Use the following command t...

Page 156: ...snmpv3 add mib view vrrpTrapNewMaster 1 3 6 1 2 1 68 0 1 ff8 type excluded volatile History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 157: ...n the table notifications will be sent based on the filters also associated with the target addresses Example Use the following command to send notification to addresses associated with the tag type1 configure snmpv3 add notify N1 tag type1 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availabili...

Page 158: ...and an entry in the snmpNotifyFilterProfileTable which specifies filters to use for notifications to the target address Example The following command specifies a target address of 10 203 0 22 port 9990 with the name A1 and associates it with the security parameters and filter profile P1 and the notification tags type1 and type2 configure snmpv3 add target addr A1 param P1 ipaddress 10 203 0 22 tra...

Page 159: ...Ware 7 7 Command Reference Guide 159 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 160: ...re snmpv3 add target addr on page 158 Example The following command specifies a target parameters entry named P1 a user name of guest message processing and security model of SNMPv2c and a security level of no authentication hex Specifies that the value to follow is to be supplied as a colon separated string of hex octets param name Specifies the parameter name associated with the target user name...

Page 161: ...mpv3 add target params P1 user guest mp model snmpv2c sec model snmpv2c sec level noauth History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 162: ...hentication The default user names are admin initial initialmd5 initialsha initialmd5Priv initialshaPriv The initial password for admin is password For the other default users the initial password is the user name Example Use the following command to configure the user guest on the local SNMP Engine with security level noauth no authentication and no privacy configure snmpv3 add user guest hex Spe...

Page 163: ...e the user authSHApriv to use SHA authentication with the hex key shown below the privacy password palertyu and volatile storage configure snmpv3 add user authShapriv authentication sha hex 01 03 04 05 01 05 02 ff ef cd 12 99 34 23 ed ad ff ea cb 11 privacy palertyu volatile History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in E...

Page 164: ...sword volatile Users cloned from the default users will have the storage type of non volatile The default names are admin initial initialmd5 initialsha initialmd5Priv initialshaPriv Example Use the following command to create a user cloneMD5 with same properties as the default user initalmd5 All authorization and privacy keys will initially be the same as with the default user initialmd5 configure...

Page 165: ...nd configure snmpv3 delete group hex group name user all non defaults hex user name sec model sec model snmpv1 snmpv2c usm Example The following command deletes all entries with the group name userGroup configure snmpv3 delete access userGroup all non defaults Specifies that all non default non permanent security groups are to be deleted hex Specifies that the value to follow is to be supplied as ...

Page 166: ...snmpv1 and security level of authentication and no privacy authnopriv configure snmpv3 delete access userGroup sec model snmpv1 sec level authnopriv History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 167: ...snmpv3 delete community comm_index Use the following command to create an entry with the community name hex of EA 12 CD CF AB 11 3C configure snmpv3 delete community name hex EA 12 CD CF AB 11 3C History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms...

Page 168: ...elete just those entries for that filter profile and subtree Example Use the following command to delete the filters from the filter profile prof1 that reference the MIB subtree 1 3 6 1 4 1 configure snmpv3 delete filter prof1 subtree 1 3 6 1 4 1 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Avai...

Page 169: ...entries for that profile name Specify a profile name and a parameter name to delete just those entries for that filter profile and parameter name Example Use the following command to delete the filter profile prof1 with the parameter name P1 configure snmpv3 delete filter profile prof1 param P1 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e ser...

Page 170: ...niquely identified by a security name and security model So the same security name can be associated to a group name but with different security models The default groups are admin initial v1v2c_ro v1v2c_rw The default users are admin initial initialmd5 initialsha initialmd5Priv initialshaPriv Example Use the following command to delete the user guest from the group UserGroup for the security mode...

Page 171: ... user guest from the group userGroup with the security model USM configure snmpv3 delete group userGroup user guest History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 172: ...its security group by specifying a different view Example The following command deletes all views only the permanent views will not be deleted configure snmpv3 delete mib view all non defaults The following command deletes all subtrees with the view name AdminView configure snmpv3 delete mib view AdminView The following command deletes the view AdminView with subtree 1 3 6 1 2 1 2 configure snmpv3...

Page 173: ...configure snmpv3 delete mib view ExtremeWare 7 7 Command Reference Guide 173 Platform Availability This command is available on all platforms ...

Page 174: ...ons will be sent based on the filters also associated with the target addresses There is one default notification that cannot be deleted defaultNotify Example Use the following command to remove the N1 entry from the table configure snmpv3 delete notify N1 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Pla...

Page 175: ...rgetAddressTable Example The following command deletes target address named A1 configure snmpv3 delete target addr A1 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on the e series platforms hex Specifies that the value to follow is to be supplied as a colon ...

Page 176: ...el security model and the storage parameters for messages to any target addresses associated with a particular parameter name Example The following command deletes a target parameters entry named P1 configure snmpv3 delete target params P1 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availabilit...

Page 177: ...pTable To remove the association use the following command configure snmpv3 delete group hex group name user all non defaults hex user name sec model snmpv1 snmpv2c usm Example The following command deletes all non default users configure snmpv3 delete user all non defaults The following command deletes the user guest configure snmpv3 delete user guest History This command was first available in E...

Page 178: ...igured Engine Boots and Engine Time will be reset to zero if the Engine ID is changed Engine Boots can be set to any desired value but will latch on its maximum 2147483647 Example The following command configures Engine Boots to 4096 configure snmpv3 engine boots 4096 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeW...

Page 179: ...ile non default users will be reset to the security level of no authorization no privacy On i series platform only In a chassis the snmpEngineID will be generated using the MAC address of the MSM with which the switch boots first For MSM hitless failover the same snmpEngineID will be propagated to both of the MSMs Example The following command configures the snmpEngineID to be 80 00 07 7C 00 0a 1c...

Page 180: ...ommand configure snmpv3 add target addr is uploaded instead The latter has no tokens for ignore mp model or ignore event come Therefore upon downloading the configuration the setting for these objects is lost This separate command corresponds to a private SNMP table that was subsequently added The table contains three objects ignoreMPModel useEventCommunity and Mode This private table the extremeT...

Page 181: ...pv3 extreme target addr ext ExtremeWare 7 7 Command Reference Guide 181 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 182: ...queries the second server If the switch cannot obtain the time it restarts the query process Otherwise the switch waits for the sntp client update interval before querying again Example The following command configures a primary NTP server configure sntp client primary server 10 1 2 2 History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switc...

Page 183: ...rmation from SNTP servers Syntax Description Default 64 seconds Usage Guidelines None Example The following command configures the interval timer configure sntp client update interval 30 History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms seconds Sp...

Page 184: ...Show for this parameter is displayed by using the following command show management Example The following command configures the interval timer configure sntp client update interval 30 History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms seconds Spec...

Page 185: ...bled Usage Guidelines The following command enables alternate queue management enable alt queue management To disable the alternative queue management feature for the next boot use the following command disable alt queue management Example The following command disables alternate queue management disable alt queue management History This command was available in ExtremeWare 7 2 Platform Availabili...

Page 186: ... DHCP server should be used with Network Login and not as a stand alone DHCP server Example The following command disables DHCP for port 9 in VLAN corp disable dhcp ports 9 vlan corp History This command was first available in ExtremeWare 7 1e Platform Availability This command is only available on the e series platforms portlist Specifies the ports for which DHCP should be disabled vlan name Spec...

Page 187: ...les Default Disabled Usage Guidelines Per IEEE 802 1D Summit e series switches do not forward EAPOL frames Also if network login is enabled EAPOL flooding cannot be enabled Example The following example disables EAPOL frame flooding on a Summit e series switch disable eapol flooding History This command was first available in ExtremeWare 7 1e Platform Availability This command is only available on...

Page 188: ...an enable all SNMP access no SNMP access or only SNMPv3 access You cannot enable only SNMPv1 v2c access To enable SNMPv3 only access on the switch use the following commands enable snmp access disable snmp access snmp v1v2c Example The following command disables all SNMP access on the switch disable snmp access History This command was first available in ExtremeWare 2 0 The snmp v1v2c keyword was ...

Page 189: ...witch use the show management command The show management command displays information about the switch including the enable disable state the dot1dTpFdb table To restore defaults to all SNMP related entries including the SNMP parameters modified using the disable snmp dot1dTpFdbTable command use the unconfigure management command Example The following command disables the dot1dTPFdb table disable...

Page 190: ...es not clear the SNMP trap receivers that have been configured The command prevents SNMP traps from being sent from the switch even if trap receivers are configured Example The following command prevents SNMP traps from being sent from the switch to the trap receivers disable snmp traps History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of swi...

Page 191: ...d use the show config command Example The following command will prevent SNMP exceed committed rate traps from being sent for all ingress QOS profiles on ports 2 5 through 2 8 disable snmp traps exceed committed rate ports 2 5 2 8 History This command was first available in ExtremeWare 7 2 Platform Availability This command is available on 3 series I O modules only portlist Specifies a list of 3 s...

Page 192: ...ax Description This command has no arguments or variables Default Disabled Usage Guidelines This command should be used in conjunction with the enable ip security gratuitous arp protection command Example The following command disables SNMP gratuitous ARP traps being sent from the switch disable snmp traps gratuitous arp protection History This command was first available in ExtremeWare 7 7 Platfo...

Page 193: ...mmand configures a limit on the number of MAC addresses that can be learned on a port s After that limit has been reached on a particular port a trap will be sent by the switch if a new MAC address appears on that port In addition a message will be generated in the syslog and the port will be blackholed Example The following command prevents SNMP mac security traps from being sent from the switch ...

Page 194: ...link up or link down traps from being sent for any port on the switch except the management port if it has one disable snmp traps port up down all History This command was first available in ExtremeWare 6 2 2 This command was modified to include the management port in ExtremeWare 7 0 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command ...

Page 195: ... the SNTP client has been enabled the switch sends out a periodic query to the indicated NTP server or the switch listens to broadcast NTP updates In addition the switch supports the configured setting for Greenwich Mean Time GMT offset and the use of Daylight Savings Time DST Example The following command disables the SNTP client disable sntp client History This command was first available in Ext...

Page 196: ...becomes trapped in a processing loop If the watchdog timer is executed the switch captures information on the cause of the reboot and posts it to the system log To view the watchdog status of the switch use the show switch command Example The following command disables the watchdog timer disable system watchdog History This command was first available in ExtremeWare 6 1 9 This command was added to...

Page 197: ... in as an administrator to enable or disable Telnet services Disabling Telnet services aborts any existing Telnet connection to the switch Example With administrator privilege the following command disables Telnet services on the switch disable telnet History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform A...

Page 198: ...tact support extremenetworks com 1 888 257 3000 System MAC 00 01 30 12 2A D0 License Full L3 System Mode 802 1Q EtherType is 8100 Hex Diag Mode Fast Post RED Probability 0 Marked Probability 0 DLCS Disabled Backplane Ls port based SysHealth Check Enabled Alarm Level Log Recovery Mode None Transceiver Diag Enabled Failure action log only Fdb Scan Diag Enabled Failure action sys health check MSM Fai...

Page 199: ...d to disable alternate queue management disable alt queue management Example The following command configures alternate queue management enable alt queue management History This command was available in ExtremeWare 7 2 Platform Availability This command is only available on the i series platforms ...

Page 200: ...elines None Example The following command enables DHCP for port 9 in VLAN corp enable dhcp ports 9 vlan corp History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms portlist Specifies the ports for which DHCP should be enabled vlan_name Specifies the VL...

Page 201: ... Also if network login is enabled EAPOL flooding cannot be enabled However under certain conditions you might opt to change this behavior to support an upstream central authenticator by enabling the switch to flood the EAPOL frame on the VLAN associated with the ingress port Example The following example enables EAPOL frame flooding on a Summit e series switch enable eapol flooding History This co...

Page 202: ...ities For SNMPv3 additional security keys are used to control access so an SNMPv3 manager is required for this type of access This command enables both v1 v2c and v3 access so the switch can be accessed with either method Use the following commands to allow only v3 access enable snmp access disable snmp access snmp v1v2c Use the following command to prevent any SNMP access disable snmp access Ther...

Page 203: ...enable snmp access ExtremeWare 7 7 Command Reference Guide 203 Platform Availability This command is available on all platforms ...

Page 204: ... switch use the show management command The show management command displays information about the switch including the enable disable state the dot1dTpFdb table To restore defaults to all SNMP related entries including the SNMP parameters modified using the enable snmp dot1dTpFdbTable command use the unconfigure management command Example The following command enables the dot1dTPFdb table enable ...

Page 205: ...s An authorized trap receiver can be one or more network management stations on your network The switch sends SNMP traps to all trap receivers Example The following command enables SNMP trap support on the switch enable snmp trap History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This comma...

Page 206: ...hen this trap is enabled The trap that is sent to the SNMP application will consist of Trap Type 1 Exceeded CIR 2 Dropped Bytes Status 1 event occurred 0 event condition cleared Port Queue Byte count valid only for Status 0 to show the Exceeded Dropped byte count This command affects ports on 3 series I O Ethernet modules only and is configurable per port all queues or per queue on specified ports...

Page 207: ...traps exceed committed rate ports ExtremeWare 7 7 Command Reference Guide 207 History This command was first available in ExtremeWare 7 2 Platform Availability This command is available on 3 series I O modules only ...

Page 208: ...iables Default Disabled Usage Guidelines This command should be used in conjunction with the enable ip security gratuitous arp protection command This command enables the switch to send the traps when it identifies a malicious gratuitous ARP packet Example The following command allows SNMP gratuitous ARP traps to be sent from the switch enable snmp traps gratuitous arp protection History This comm...

Page 209: ...and configures a limit on the number of MAC addresses that can be learned on a port s After that limit has been reached on a particular port a trap will be sent by the switch if a new MAC address appears on that port In addition a message will be generated in the syslog and the port will be blackholed Example The following command allows SNMP mac security traps to be sent from the switch enable sn...

Page 210: ...or link down traps on all ports of the switch except the management port if it has one enable snmp traps port up down all History This command was first available in ExtremeWare 6 2 2 This command was modified to include the management port in ExtremeWare 7 0 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platf...

Page 211: ...the SNTP client has been enabled the switch sends out a periodic query to the indicated NTP server or the switch listens to broadcast NTP updates In addition the switch supports the configured setting for Greenwich Mean Time GMT offset and the use of Daylight Savings Time DST Example The following command enables the SNTP client enable sntp client History This command was first available in Extrem...

Page 212: ...becomes trapped in a processing loop If the watchdog timer is executed the switch captures information on the cause of the reboot and posts it to the system log To viewthe watchdog status of the switch use the show switch command Example The following command enables the watchdog timer enable system watchdog History This command was first available in ExtremeWare 6 1 9 This command was added to th...

Page 213: ... must have at least one VLAN on the switch and it must be assigned an IP address and subnet mask IP addresses are always assigned to a VLAN The switch can be assigned multiple IP addresses For version 6 0 and higher Use an access profile to restrict Telnet access An access profile permits or denies a named list of IP addresses and subnet masks You must create and configure an access profile before...

Page 214: ... This command was first available in ExtremeWare 2 0 Support for the access profile none and port parameters was introduced in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 215: ...ables Default N A Usage Guidelines Use this command to log out of a CLI or Telnet session Example The following command logs out the session of a current user for CLI or Telnet exit History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on Summit switches ...

Page 216: ...rguments or variables Default N A Usage Guidelines Use this command to log out of a CLI or Telnet session Example The following command logs out the session of a current user for CLI or Telnet logout History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platfor...

Page 217: ...iables Default N A Usage Guidelines Use this command to log out of a CLI or Telnet session Example The following command logs out the session of a current user for CLI or Telnet quit History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 218: ...enabled EAPOL flooding cannot be enabled Also if network login is enabled EAPOL flooding cannot be enabled However under certain conditions you might opt to change this behavior to support an upstream central authenticator by enabling the switch to flood the EAPOL frame on the VLAN associated with the ingress port Example The following example displays EAPOL frame flooding on a Summit e series swi...

Page 219: ...MON polling configuration For ExtremeWare 6 2 2 and higher the enable disable state of the port up down traps is also displayed For ExtremeWare 7 0 0 and higher the enable disable state of the mac limit traps is also displayed For the i Series of Switches For ExtremeWare 7 1 0 and higher the SNMP access display item will show the additional states of v1 v2c disabled and v3 enabled The flags field ...

Page 220: ...aceroute v VRRP y System e Extreme m Smart Traps a Auth l Link Up Down r RMON c Security A All SNMP MAC Security traps disabled Link Up Link Down traps enabled on ports All including MgmtPort SNMP stats inPkts 301 outPkts 302 errors 0 authErrors 0 Gets 93 GetNexts 208 Sets 0 SNMP traps sent 10 authTraps enabled Login stats validLogins 3 badPasswords 0 unknownUSers 2 last bad user admin1 Telnet tot...

Page 221: ...show management ExtremeWare 7 7 Command Reference Guide 221 Platform Availability This command is available on all platforms ...

Page 222: ...ed into different chassis the odometer counter will be available in the new switch chassis The following components are monitored by the odometer For the Black Diamond MSM and I O modules For the Alpine SMM I O slots and power supplies For stackable switches the CPU Example The following command displays how long each component of a switch has been functioning since it s manufacture date show odom...

Page 223: ...45 Jan 22 2003 Slot 4 GM4X 145 Jan 22 2003 Upper PS PSU A 292 Apr 12 2002 Lower PS PSU B N A N A History This command was first available in ExtremeWare 6 2 1 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 224: ...ve sessions on the switch show session Following is the output from this command Login Time User Type Auth CLI Auth Location 0 Tue Feb 19 18 08 42 2002 admin console local disabled serial 5 Thu Feb 21 19 09 48 2002 admin http local disabled 10 0 4 76 1028 Thu Feb 21 18 56 40 2002 admin telnet local disabled 10 0 4 19 History This command was first available in ExtremeWare 2 0 Table 8 Show Command ...

Page 225: ...mand field definition was introduced in ExtremeWare 4 0 Support for the CLI Auth command field definition was introduced in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 226: ...lays all the access details show snmpv3 access Output from the command is similar to Group Name admin Context Prefix Security Model USM Security Level Authentication Privacy Context Match Exact Read View defaultAdminView Write View defaultAdminView Notify View defaultNotifyView Storage Type Permanent Row Status Active Group Name initial Context Prefix Security Model USM Security Level No Authentic...

Page 227: ... Status Active Group Name v1v2c_ro Context Prefix Security Model snmpv2c Security Level No Authentication No Privacy Context Match Exact Read View defaultUserView Write View Notify View defaultNotifyView Storage Type Permanent Row Status Active Group Name v1v2c_rw Context Prefix Security Model snmpv1 Security Level No Authentication No Privacy Context Match Exact Read View defaultUserView Write Vi...

Page 228: ...w Status Active Group Name v1v2cNotifyGroup Context Prefix Security Model snmpv2c Security Level No Authentication No Privacy Context Match Exact Read View Write View Notify View defaultNotifyView Storage Type Permanent Row Status Active Total num of entries in vacmAccessTable 9 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches ...

Page 229: ...t N A Usage Guidelines This command displays the entries in the View based Access Control Model VACM context table VACMContextTable Example The following command displays information about the SNMPv3 contexts on the switch show snmpv3 context History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availabi...

Page 230: ...andlers usmStatsUnsupportedSecLevels usmStatsNotInTimeWindows usmStatsUnknownUserNames usmStatsUnknownEngineIDs usmStatsWrongDigests usmStatsDecryptionErrors Issuing the command clear counters will reset all counters to zero Example The following command displays all the SNMPv3 counters show snmpv3 counters Output of the command is similar to snmpUnknownSecurityModels 0 snmpInvalidMessages 0 snmpU...

Page 231: ... 7 Command Reference Guide 231 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 232: ...er of times the agent has been rebooted EngineTime Time since agent last rebooted in centiseconds Max Message Size Maximum SNMP Message size supported by the Engine 8192 Example The following command displays information about the SNMPv3 engine on the switch show snmpv3 engine info The following is output from this command SNMP Engine ID 80 00 07 7c 03 00 01 30 23 c1 00 H SNMP Engine Boots 4 SNMP ...

Page 233: ...mmand displays the entry for the target address named v1v2cNotifyTAddr1 show snmpv3 extreme target addr ext v1v2cNotifyTADDr1 The output of the command is similar to Target Addr Name v1v2cNotifyTAddr1 Mode Enhanced IgnoreMPModel Yes UseEventComm Yes History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform A...

Page 234: ... a profile name then all the entries are displayed Example Use the following command to display the part of filter profile filter1 that includes the MIB subtree 1 3 6 1 1 2 show snmpv3 filter filter1 subtree 1 3 6 1 1 2 Output from the command is similar to Filter Profile Name filter1 Subtree 1 3 6 1 1 2 Mask Type Included Storage Type NonVolatile Row Status Active History This command was first a...

Page 235: ...so in effect you are associating a series of filters with a target address Example Use the following command to display the entry with filter profile fpro1 with the parameter name param1 show snmpv3 filter profile fpro 1 param param1 Output from the command is similar to Filter Profile Params Name param1 Name fpro 1 Storage Type NonVolatile Row Status Active History This command was first availabl...

Page 236: ... command displays information about all groups for every security model and user name show snmpv3 group The following command shows information about all groups show snmpv3 group The output of the command is similar to Group Name v1v2c_ro Security Name v1v2c_ro Security Model snmpv1 Storage Type Permanent Row Status Active Group Name v1v2c_rw Security Name v1v2c_rw Security Model snmpv1 Storage Ty...

Page 237: ...urity Model USM Storage Type Permanent Row Status Active Group Name initial Security Name initialsha Security Model USM Storage Type Permanent Row Status Active Group Name initial Security Name initialmd5Priv Security Model USM Storage Type Permanent Row Status Active Group Name initial Security Name initialshaPriv Security Model USM Storage Type Permanent Row Status Active Total num of entries in...

Page 238: ...FamilyTable Example The following command displays all the view details show snmpv3 mib view The following command displays a view with the view name Roview and subtree 1 3 6 1 2 1 1 show snmpv3 mib view Roview subtree 1 3 6 1 2 1 1 Output from the command is similar to View Name defaultUserView MIB Subtree 1 Mask View Type Included Storage Type Permanent Row Status Active View Name defaultUserVie...

Page 239: ...nent Row Status Active View Name defaultUserView MIB Subtree 1 3 6 1 6 3 15 1 2 2 1 9 Mask View Type Excluded Storage Type Permanent Row Status Active View Name defaultAdminView MIB Subtree 1 Mask View Type Included Storage Type Permanent Row Status Active View Name defaultNotifyView MIB Subtree 1 Mask View Type Included Storage Type Permanent Row Status Active Total num of entries in vacmViewTree...

Page 240: ...tags that the agent will use to send notifications traps If no notify name is specified all the entries are displayed Example The following command displays the notify table entry for N1 show snmpv3 notify N1 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on ...

Page 241: ... entry for the target address named tgtaddr1 show snmpv3 target addr tgaddr1 Output of the command is similar to Target Addr Name tgtaddr1 TDomain 1 3 6 1 6 1 1 TAddress 10 36 11 187 162 TMask Timeout 1500 Retry Count 0 Tag List defaultNotify Params param1 Storage Type NonVolatile Row Status History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series...

Page 242: ...meter name If no parameter name is specified all the entries are displayed Example The following command displays the target parameter entry named param1 show snmpv3 target params param1 Output from the command is similar to Target Params Name param1 MP Model snmpv3 Security Model USM User Name user1 Security Level No Authentication No Privacy Storage Type NonVolatile Row Status Active History Thi...

Page 243: ...es in SNMPv3 are stored in the USMUserTable so the entries are indexed by EngineID and user name Example The following command lists all user entries show snmpv3 user The following command lists details for the specified user admin show snmpv3 user admin Output from the command is similar to Engine ID 80 00 07 7c 03 00 e0 2b 80 07 00 H User Name admin Security Name admin Authentication HMAC MD5 Pr...

Page 244: ...meWare 7 7 Command Reference Guide Commands for Managing the Switch This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 245: ...TP client is enabled SNTP time is valid Primary server 172 17 1 104 Secondary server 172 17 1 104 Query interval 64 Last valid SNTP update From server 172 17 1 104 on Wed Oct 30 22 46 03 2002 SNTPC Statistics Packets transmitted to primary server 1 to secondary server 0 Packets received with valid time from Primary server 1 from Secondary server 0 from Broadcast server 0 Packets received without v...

Page 246: ...meWare 7 7 Command Reference Guide Commands for Managing the Switch This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 247: ...e IP address MAC address and time assigned to each end device Example The following command displays DHCP address allocation information about VLAN temp show vlan temp dhcp address allocation Output from the command is similar to IP MAC Lease Renewal Time 11 0 0 15 00 08 A1 5F 9B 30 00 00 09 History This command was first available in ExtremeWare 6 2 1 This command was added to the Summit e series...

Page 248: ...nd DHCP Lease Timer Example The following example shows output for the show vlan dhcp config command where the VLAN named vlantest3 is configured with a primary DHCP address range a secondary subnet DHCP address range and is also configured to provide addresses for a remote subnet show vlan vlantest3 dhcp config Following is sample output from this command Netlogin Lease Timer Not configured Defau...

Page 249: ...show vlan dhcp config ExtremeWare 7 7 Command Reference Guide 249 Platform Availability This command is available on the i series platform only ...

Page 250: ...rtently the switch terminates the session within two hours Before you can start a Telnet session you need to configure the switch IP parameters To open a Telnet connection you must specify the host IP address or the host name of the device you wish to manage Check the user manual supplied with the Telnet facility if you are unsure of how to do this To view the status of Telnet on the switch use th...

Page 251: ...s first available in ExtremeWare 2 0 This command was modified in ExtremeWare 4 x to support the hostname and port number parameters This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 252: ...tion This command has no arguments or variables Default N A Usage Guidelines None Example The following command restores default values to all SNMP related entries on the switch unconfigure management History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platfo...

Page 253: ...for each port You can select to manually configure the duplex setting and the speed of 10 100 Mbps ports and you can manually configure the duplex setting on Gigabit Ethernet ports All ports on the switch can be configured for half duplex or full duplex operation The ports are configured to autonegotiate the duplex setting but you can manually configure the duplex setting for your specific needs F...

Page 254: ...sues such as real time collision statistics link speed and packet size On the i series of switches flow control can also be viewed with the show ports command Commands that require you to enter one or more port numbers use the parameter portlist in the syntax On a modular switch a portlist can be a list of slots and ports On a stand alone switch a portlist can be one or more port numbers For a det...

Page 255: ...into a mismatch state where the inserted module does not match the configured slot and is not brought online To use the new module type in a slot the slot configuration must be cleared or configured for the new module type Use the configure slot command to configure the slot For version 6 0 and later This command is available on modular switches For version 4 0 This command is available on BlackDi...

Page 256: ...le so this command sets the algorithm used to choose the path for each packet crossing the backplane Selecting a policy for a particular situation will depend on the type of traffic and network topology however for many situations an address based policy will enhance performance over other policies You must save for changes to be saved across reboots Example The following command sets the backplan...

Page 257: ...include the additional 4 bytes of CRC included in a jumbo frame configuration Ensure that the NIC maximum MTU is at or below the maximum MTU size configured on the switch Frames that are larger than the MTU size configured on the switch are dropped at the ingress port If you use IP fragmentation with jumbo frames and you want to set the MTU size greater than 1500 all ports in the VLAN must have ju...

Page 258: ...258 ExtremeWare 7 7 Command Reference Guide Commands for Configuring Slots and Ports on a Switch Platform Availability This command is available on all platforms ...

Page 259: ...llowed by the switch Some network interface cards NICs have a configured maximum MTU size that does not include the additional 4 bytes of CRC Ensure that the NIC maximum MTU size is at or below the maximum MTU size configured on the switch Frames that are larger than the MTU size configured on the switch are dropped at the ingress port For MPLS modules You should enable jumbo frame support on the ...

Page 260: ...onfigures the maximum MTU size of a jumbo frame size to 5500 configure jumbo frame size 5500 History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on the i series platforms and on the Summit 400 48t ...

Page 261: ...d with one or more ports to a monitor port on the switch The monitor port can be connected to a network analyzer or RMON probe for packet analysis The switch uses a traffic filter that copies a group of traffic to the monitor port The traffic filter can be defined based on one of the following criteria Physical port All data that traverses the port regardless of VLAN configuration is copied to the...

Page 262: ...g example sends all traffic coming into or out of a stand alone switch on port 1 and the VLAN default to the mirror port configure mirroring add ports 1 vlan default The following example sends all traffic coming into or out of a modular switch on slot 3 port 2 and the VLAN default to the mirror port configure mirroring add ports 3 2 vlan default History This command was first available in Extreme...

Page 263: ... stand alone switch defined for port 1 on VLAN default configure mirroring delete ports 1 vlan default The following example deletes the mirroring filter on a modular switch defined for slot 3 port 2 on VLAN default configure mirroring add ports 3 2 vlan default History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 4 0 to support modular switches This...

Page 264: ...264 ExtremeWare 7 7 Command Reference Guide Commands for Configuring Slots and Ports on a Switch Platform Availability This command is available on all platforms ...

Page 265: ...l2_l3 the unicast hardware IP FDB is also preserved but the full route table and routing protocol databases for OSPF BGP RIP etc are not preserved After a hitless failover has completed the routing protocols initialize like they do on a full reboot The neighboring routers see that the router has restarted and the neighbors re route IP traffic to alternate routes until the switch has reestablished ...

Page 266: ..._l3 you also need to configure ESRP for hitless failover to preserve the ESRP state Example The following command prevents external ports from being reset when an MSM failover occurs configure msm failover link action keep links up History This command was first available in ExtremeWare 6 2 2 This command was modified to add the preserve state option in ExtremeWare 7 1 1 Platform Availability This...

Page 267: ... of the configure msm failover link action command Example The following command configures the slave MSM 3 to inherit the software configuration from the current master MSM 3 configure msm failover slave config inherited History This command was first available in ExtremeWare 7 1 1 Platform Availability This command is available on the BlackDiamond switch only inherited Specifies that the slave M...

Page 268: ... the time it takes from when hitless failover begins until the relearned layer 3 databases are linked to the FDB All FDB entries that are not linked to one of the databases at the timeout are deleted The time parameter specifies the failover time By default the failover time is 60 seconds and the range is 30 to 300 seconds This command is supported only on the MSM 3 Example The following command c...

Page 269: ...ontrol aggregate bandwidth of all queues of a specific port This feature is useful if you use several queues for classifying traffic e g importance delay sensitivity burst and you want to restrict total bandwidth for all queues to a certain amount while preserving the previously classified queues configuration Example The following command restricts the egress bandwidth of port 3 on slot 1 to 20 c...

Page 270: ...rop packets when packets are transmitted using a value of 12 Thus by increasing the Interpacket Gap packet transmission is slowed and packet loss can be minimized or prevented The Interpacket Gap value need not be modified when interconnecting Extreme Networks switches over 10 Gigabit Ethernet links The allowable range for the byte time is 12 1023 Example The following command configures Interpack...

Page 271: ...tries still get aged and can be cleared If entries are cleared or aged out after the learning limit has been reached new entries will then be able to be learned until the limit is reached again Permanent static and permanent dynamic entries can still be added and deleted using the create fdbentry and delete fdbentry commands These override any dynamically learned entries For ports that have a lear...

Page 272: ...still flow to the port Packets destined for the permanent MAC and other non blackholed MACs Broadcast traffic EDP traffic Traffic from the permanent MAC will still flow from the virtual port Once the port is locked down all the entries become permanent and will be saved across reboot When you remove the lockdown using the unlock learning option the learning limit is reset to unlimited and all asso...

Page 273: ... Command Reference Guide 273 History This command was first available in ExtremeWare 6 2 1 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 274: ...ich the feature has been disabled To verify the current autopolarity status use the show ports mgmt portlist vlan vlan name info detail command Example The following command disables the autopolarity detection feature on ports 3 5 on a Summit 200 switch configure ports 3 5 auto polarity off The following command enables the autopolarity detection feature on ports 3 5 on the Summit48si switch confi...

Page 275: ...nd alone switch can be configured for half duplex or full duplex operation By default the ports autonegotiate the duplex setting In certain interoperability situations it is necessary to turn autonegotiation off on a Gigabit Ethernet port Even though a Gigabit Ethernet port runs only at full duplex and gigabit speeds the command that turns off autonegotiation must still include the duplex setting ...

Page 276: ...ll The following example turns autonegotiation off for slot 2 port 1 on a modular switch configure ports 2 1 auto off duplex full History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 4 0 to support modular switches This command was modified in ExtremeWare 6 1 to support the all parameter This command was added to the Summit e series of switches in Ex...

Page 277: ...enabled or disabled as part of autonegotiation If autonegotiation is set to off flow control is disabled When autonegotiation is turned on flow control is enabled For version 6 1 The all parameter specifies all ports on the switch Example The following command configures the switch to autonegotiate for ports 4 and 6 on a stand alone switch configure ports 4 6 auto on The following command configur...

Page 278: ... the all parameter This command was modified in ExtremeWare 4 0 to support modular switches This command was added to the Summit e series of switches in ExtremeWare 7 1e This command was modified in ExtremeWare 7 2e to support the all and mgmt keywords This command was modified in ExtremeWare 7 6 to support the speed setting for Summit 400 series Platform Availability This command is available on ...

Page 279: ...mon display string The string is displayed in certain commands such as the show ports info command Example The following command configures the user defined string corporate for port 1 on a stand alone switch configure ports 1 display string corporate The following command configures the user defined string corporate for ports 3 4 and 5 on slot 1 on a modular switch configure ports 1 3 5 display s...

Page 280: ...280 ExtremeWare 7 7 Command Reference Guide Commands for Configuring Slots and Ports on a Switch Platform Availability This command is available on all platforms ...

Page 281: ...h level Example The following command configures the link detection level for port 3 to 4 configure ports 3 link detection level 4 History This command was first available in ExtremeWare 6 2 2 Platform Availability This command is only available on the i series platform portlist Specifies one or more primary ports or slots and ports On a modular switch can be a list of slots and ports On a stand a...

Page 282: ...e ports 4 preferred medium copper Port 4 becomes the primary uplink until a failure occurs on that link At that time port 4X becomes the primary uplink and port 4 becomes the redundant port This assignment stays in place until the next failure The following example forces the switch to use the fiber port whenever it has a link configure ports 3 preferred medium fiber force In this example port 3X ...

Page 283: ...referred medium ExtremeWare 7 7 Command Reference Guide 283 History This command was first available in ExtremeWare 7 2 e Platform Availability This command is only available on Summit 300 24 and Summit 400 48t switches ...

Page 284: ... redundant port Redundant port configuration is model specific See your Consolidated Hardware Installation Guide for specific switch information You must manually configure the primary and redundant ports identically in terms of VLANs QoS settings access lists and so on Auto negotiation must be enabled on both the primary and redundant port You cannot configure hardware redundant ports such as por...

Page 285: ...rolled redundant port on a stand alone switch configure ports 3 redundant 4 The following command configures a software controlled redundant port on a modular switch configure ports 1 3 redundant 2 3 The following command configures a software controlled redundant port using the port display strings corp1 and corp5 to identify the ports configure ports corp1 redundant corp5 History This command wa...

Page 286: ...ustomer premises equipment CPE A lower rate may support a longer cable distance depending on the installation Example The following command configures all the VDSL ports on slot 2 to 5 Mbps configure ports 2 vdsl 5meg History This command was first available in ExtremeWare 7 0 0 Platform Availability This command is available on all platforms that support VDSL ports portlist Specifies one or more ...

Page 287: ...n is only available on i series switches L2 L3 Indicates that the switch should examine the MAC and IP source and destination address NOTE This option is only available on i series switches L2 L3 L4 Indicates that the switch should examine the MAC and IP address and the UDP or TCP well know port number NOTE This option is only available on i series switches ip dest Indicates that the switch should...

Page 288: ... address based output displays the addressed based configurations on the switch Example The following examples configures the switch to examine the MAC source and destination address On the i series of switches configure sharing address based l2 On the e series of switches configure sharing address based mac source dest History This command was first available in ExtremeWare 6 2 This command was a...

Page 289: ...pecifies a Gigabit Ethernet 8 port copper module g12sx Specifies a Gigabit Ethernet 12 port fiber module g12tx Specifies a Gigabit Ethernet 12 port copper module g16x Specifies a Gigabit Ethernet 16 mini GBIC port oversubscribed fiber module g24t Specifies a Gigabit Ethernet 24 port oversubscribed copper module WDMi Specifies a Gigabit Ethernet WAN module arm Specifies an Accounting and Routing Mo...

Page 290: ... or when an I O module is hot swapped ExtremeWare automatically determines the system power budget and protects the BlackDiamond switch from any potential overpower configurations If power is available ExtremeWare powers on and initializes the module When ExtremeWare detects that a module will cause an overpower condition the module remains powered down and is not initialized An entry is made to t...

Page 291: ...7 7 Command Reference Guide 291 This command was modified in ExtremeWare 6 0 to support the Alpine and additional BlackDiamond F48T G8X and G12X I O modules Platform Availability This command is available on modular switches only ...

Page 292: ...l of the I O modules The backplane links go down on some or all of the I O modules The card scan feature discovers and repairs this condition thus preventing the need for a manual reset of the switch When card scan is enabled the system logs one of the following messages if a problem occurs when the MSM is inserted Cardscan msm insert Attmpting to fix broken BP connection for slot x Cardscan msm i...

Page 293: ...disable card scan ExtremeWare 7 7 Command Reference Guide 293 Platform Availability This command is available only on BlackDiamond switches ...

Page 294: ...no longer need to locate neighbor Extreme Networks switches For version 6 1 The all parameter specifies all ports on the switch For Version 6 0 and later SummitLink is not supported For version 2 0 and 4 0 EDP cannot be disabled on a port that has SummitLink enabled nor on ports that are connected to a Summit Virtual Chassis Example The following command disables EDP on port 4 and port 6 on a stan...

Page 295: ...dified in ExtremeWare 4 0 to support modular switches This command was modified in ExtremeWare 6 1 to support the all parameter This command was added to the Summit e series of switches in ExtremeWare 7 1e This command was modified in ExtremeWare 7 2e to support the all keyword Platform Availability This command is available on all platforms ...

Page 296: ...list can be a list of slots and ports On a stand alone switch portlist can be one or more port numbers For a detailed explanation of port specification see Modular Switch Numerical Ranges or Stand alone Switch Numerical Ranges in Chapter 1 Example The following command disables flooding on ports 6 7 and 8 on a stand alone switch disable flooding ports 6 7 8 History This command was first available...

Page 297: ...1 Use the disable jumbo frame ports command when you no longer need jumbo frame support Example The following command disables jumbo frame support on port 4 on a stand alone switch disable jumbo frame ports 4 The following command disables jumbo frame support on slot 1 port 2 on a BlackDiamond switch disable jumbo frame 1 2 History This command was first available in ExtremeWare 6 0 This command w...

Page 298: ...The feature will disable any port that both has the feature enabled and receives an LACP message that was sent from the local system Example The following example disables loopback detection on ports 9 through 12 disable lbdetect port 9 12 History This command was first available in ExtremeWare 7 0 0 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availabilit...

Page 299: ...s has been turned ON Forwarding of traffic through a particular port does not stop even after port learning is disabled for that port This characteristic is a known behavior of ExtremeWare Example The following command disables MAC address learning on port 4 on a stand alone switch disable learning ports 4 History This command was first available in ExtremeWare 2 0 This command was modified in Ext...

Page 300: ...r variables Default Enabled Usage Guidelines Use the disable mirroring command to stop configured copied traffic associated with one or more ports Example The following command disables port mirroring disable mirroring History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is avail...

Page 301: ...o enable or re enable a port use the enable ports portlist all vlan vlan name command Example The following command disables ports 3 5 and 12 through 15 on a stand alone switch disable ports 3 5 12 15 The following command disables slot 1 ports 3 5 and 12 through 15 on a modular switch disable ports 1 3 1 5 1 12 1 15 History This command was first available in ExtremeWare 2 0 This command was modi...

Page 302: ...d Reference Guide Commands for Configuring Slots and Ports on a Switch The command was modified in ExtremeWare 7 3 and ExtremeWare 7 3e to support the vlan option Platform Availability This command is available on all platforms ...

Page 303: ...Configuration for all other member ports is reset to default values Member ports are removed from all VLANs to prevent loops Example The following command disables sharing on master logical port 9 which contains ports 9 12 on a stand alone switch disable sharing 9 The following command disables sharing on master logical port 9 in slot 3 which contains ports 9 through 12 on a modular switch disable...

Page 304: ...t all to disable all the slots If there is no I O module present in a slot when the user disables the slot the slot still goes to the Disable state If a module is inserted in a slot that has been disabled the module does not come up and stays in the disabled state until the slot is enabled by using the enable slot command below If you do not save the configuration before you do a switch reboot the...

Page 305: ...able slot ExtremeWare 7 7 Command Reference Guide 305 History This command was first available in ExtremeWare 6 2 1 Platform Availability This command is available on BlackDiamond and Alpine switches only ...

Page 306: ...er 1 Use with Extreme Networks switches that support privacy and backup uplinks When smartredundancy is disabled the switch changes the active link only when the current active link becomes inoperable Example The following command disables the smart redundancy feature on ports 1 4 disable smartredundancy 1 4 History This command was first available in ExtremeWare 2 0 This command was added to the ...

Page 307: ...es The backplane links go down on some or all of the I O modules The card scan feature discovers and repairs this condition thus preventing the need for a manual reset of the switch When card scan is enabled the system logs one of the following messages if a problem occurs when the MSM is inserted Cardscan msm insert Attmpting to fix broken BP connection for slot x Cardscan msm insert Attmpting to...

Page 308: ...308 ExtremeWare 7 7 Command Reference Guide Commands for Configuring Slots and Ports on a Switch Platform Availability This command is available only on BlackDiamond switches ...

Page 309: ... on a normal switch port EDP is used to by the switches to exchange topology information with each other Information communicated using EDP includes the following Switch MAC address switch ID Switch software version information Switch IP address Switch VLAN IP information Switch port number For version 2 0 and 4 0 Information communicated using EDP also includes the following Virtual chassis ident...

Page 310: ...on a Switch History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 4 0 to support modular switches This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 311: ...ne switch portlist can be one or more port numbers For a detailed explanation of port specification see Modular Switch Numerical Ranges or Stand alone Switch Numerical Ranges in Chapter 1 Example The following command enables flooding on ports 6 7 and 8 on a stand alone switch enable flooding ports 6 7 8 History This command was first available in ExtremeWare 6 2 1 This command was modified in Ext...

Page 312: ... ports On a stand alone switch portlist can be one or more port numbers For a detailed explanation of port specification see Modular Switch Numerical Ranges or Stand alone Switch Numerical Ranges in Chapter 1 Example The following command enables jumbo frame support on port 5 on a stand alone switch enable jumbo frame ports 5 The following command enables jumbo frame support on slot 3 port 5 on a ...

Page 313: ...d and receives an LACP message that was sent from the local system If no timeout is specified the port is disabled permanently if there is a loop detected Otherwise the port is periodically re enabled and tested for loops every N seconds Example The following example enables loopback detection on ports 9 through 12 enable lbdetect port 9 12 History This command was first available in ExtremeWare 7...

Page 314: ... ports 7 8 The following command enables MAC address learning on slot 1 ports 7 and 8 on a modular switch enable learning ports 1 7 8 History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 4 0 to support modular switches This command was added to the Summit e series of switches in ExtremeWare 7 2e This command was modified in ExtremeWare 7 3 3b4 to mak...

Page 315: ...ied to the monitor port Virtual port All data specific to a VLAN on a specific port is copied to the monitor port Up to eight mirroring filters and one monitor port can be configured on the switch After a port has been specified as a monitor port it cannot be used for any other function Frames that contain errors are not mirrored For version 6 0 and later tagged and untagged are added to the comma...

Page 316: ...ged The following example selects slot 1 port 3 as the mirror port on a modular switch enable mirroring to port 1 3 History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 4 0 to support the tag untagged keywords and modular switches This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is avail...

Page 317: ...al Ranges in Chapter 1 Example The following command enables ports 3 5 and 12 through 15 on the stand alone switch enable ports 3 5 12 15 The following command enables slot 1 ports 3 5 and 12 through 15 on the modular switch enable ports 1 3 1 5 1 12 1 15 History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 6 1 to support PoS modules This command was...

Page 318: ...318 ExtremeWare 7 7 Command Reference Guide Commands for Configuring Slots and Ports on a Switch Platform Availability This command is available on all platforms ...

Page 319: ...e VLANs see the load sharing group as a single logical port The algorithm also guarantees packet sequencing between clients If a port in a load sharing group fails traffic is redistributed to the remaining ports in the load sharing group If the failed port becomes active again traffic is redistributed to include that port Load sharing must be enabled on both ends of the link or a network loop will...

Page 320: ...ink Aggregation Control Protocol LACP part of the IEEE 802 3ad standard to allow the switch to dynamically reconfigure the sharing groups The group is only enabled when LACP detects that the other side is also using LACP and wants these ports to be in a group Static load sharing on i series only A grouping of ports specifically configured to load share The switch ports at each end must be configur...

Page 321: ...witch enable sharing 9 grouping 9 12 The following example defines a load sharing group that contains ports 9 through 12 on slot 3 ports 7 through 10 on slot 5 and uses the first port on slot 3 as the master logical port 9 on a modular switch enable sharing 3 9 grouping 3 9 3 12 5 7 5 10 In this example logical port 3 9 represents physical ports 3 9 through 3 12 and 5 7 through 5 10 History This c...

Page 322: ... you enable the slot the show slot command shows the state as Operational or will display the appropriate state if the module could not be brought up successfully Note that there is no card state named Enable and the module goes to the appropriate states as determined by the card state machine when the enable slot command is invoked Only slots that have their state as disabled can be enabled using...

Page 323: ...able slot ExtremeWare 7 7 Command Reference Guide 323 History This command was first available in ExtremeWare 6 2 1 Platform Availability This command is available on BlackDiamond and Alpine switches only ...

Page 324: ...lar Switch Numerical Ranges or Stand alone Switch Numerical Ranges in Chapter 1 Example The following command enables the Smart Redundancy feature on port 4 on a switch enable smartredundancy 4 The following command enables the Smart Redundancy feature on slot 1 port 4 on a BlackDiamond switch enable smartredundancy 1 4 History This command was first available in ExtremeWare 2 0 Support for modula...

Page 325: ...xample The following command resets autonegotiation on port 4 on a stand alone switch restart ports 4 The following command resets autonegotiation on slot 1 port 4 on a modular switch restart ports 1 4 History This command was first available in ExtremeWare 4 0 This command was modified in ExtremeWare 6 1 to support PoS modules This command was modified by removing the mgmt option in ExtremeWare 6...

Page 326: ...TE This command is available only on the BlackDiamond switches Syntax Description This command has no arguments or variables Default N A Usage Guidelines None Example The following command causes a user specified MSM failover run msm failover History This command was first available in ExtremeWare 6 2 2 Platform Availability This command is available on the BlackDiamond switch only ...

Page 327: ...plays the connectivity and configuration of neighboring Extreme Networks switches show edp Following is the output from this command Port 1 EDP is enabled Remote system Summit5i Version 6 2 2 Remote ID 00 00 00 01 30 e9 ef 00 Remote Port 1 1 Age 37 Remote Vlans Mgmt 4094 10 45 208 223 test1 0 Default 1 MacVlanDiscover 0 Port 3 EDP is enabled Remote system Summit7i Version 6 2 2 Remote ID 00 00 00 ...

Page 328: ...on a Switch History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 4 0 to support modular switches This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 329: ...atistics and determine if mirroring is enabled or disabled on the switch To view the status of port mirroring on the switch use the show mirroring command The show mirroring command displays information about the enable disable state for port mirroring Example The following command displays switch mirroring statistics show mirroring Following is the output from this command Mirror port 5 is up por...

Page 330: ... link action preserve state slave configuration timeout ESRP failover mode Failover status for the supported subsystems configuration layer 2 hardware layer 3 hardware STP EAPS ARP ESRP Each of the supported subsystems display one of the following states disable Hitless failover is disabled This is also the initial state initial Hitless failover is enabled but the downloading of the subsystem stat...

Page 331: ...e current slave shows this if the slave is in the process of being rebooted or is not present in the chassis After a reboot or insertion of a slave MSM 3 use this command to ensure that the slave is ready before initiating a hitless failover History This command was first available in ExtremeWare 7 1 1 Platform Availability This command is available on the BlackDiamond switch only ...

Page 332: ...d VLAN statistics in real time Example The following command displays VLAN information for the corp VLAN show ports vlan corp vlan stats The output of the command is similar to Port Based Vlan Statistics Sun Sep 12 19 19 50 2004 PORT Rx Rx Rx Rx Byte Tx Tx Tx Tx Byte VLAN Ucast Mcast Bcast Count Ucast Mcast Bcast Count 7 8 9 10 0 Clear Counters U page up D page down ESC exit History This command w...

Page 333: ...show ports vlan stats ExtremeWare 7 7 Command Reference Guide 333 Platform Availability This command is available on the i series platforms only ...

Page 334: ... 7 on a stand alone switch show ports 7 collisions The following command displays real time collision statistics on slot 1 ports 1 16 on a modular switch show ports 1 1 1 16 collisions Following is the output from this command Port Collision Monitor Wed Oct 30 19 33 10 2002 Port Link Collision Histogram Status 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 1 A 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 R 0 0 0 0 0...

Page 335: ... 0 0 0 0 0 0 16 R 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Link Status A Active R Ready D Disabled NP Not Present LB Loopback 0 Clear Counters U page up D page down ESC exit History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 4 0 to support modular switches This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability Th...

Page 336: ...onfiguration statistics are displayed for all ports This status information may be useful for your technical support representative if you have a network problem This command displays port configuration which includes Port state Link state Link speed Duplex mode Flow control on i series only Load sharing information Link media information For version 6 0 and later Auto on off Example The following...

Page 337: ...UTO 3 1 ENABLED R ON 1000 AUTO SX 3 1 ENABLED R ON 1000 AUTO SX 3 2 ENABLED R ON 1000 AUTO SX 3 3 ENABLED R ON 1000 AUTO SX 3 4 ENABLED R ON 1000 AUTO SX 3 5 ENABLED R ON 1000 AUTO SX 3 6 ENABLED R ON 1000 AUTO SX 3 7 ENABLED R ON 1000 AUTO SX 3 8 ENABLED R ON 1000 AUTO SX 3 9 ENABLED R ON 1000 AUTO SX 3 10 ENABLED R ON 1000 AUTO SX 3 11 ENABLED R ON 1000 AUTO SX 3 12 ENABLED R ON 1000 AUTO SX 4 1...

Page 338: ...cription Default N A Usage Guidelines This command displays the following Port number Diagnostics Port configuration RED state on i series only Admin state Link state Link counter VLAN configuration STP configuration Aggregate bandwidth control percentage Trunking EDP DLCS on i series only Load balancing Learning mgmt Specifies the management port Supported only for switches that provide a managem...

Page 339: ...The link filter up indicates the number of link transitions from down to up at the middle layer filter The link filter down indicates the number of link transitions from up to down at the middle layer filter NOTE If you telnet to the switch and use the show ports info detail command the line feeds might not be recognized resulting in output lines overwriting previous lines Example The following co...

Page 340: ...is command Port 2 6 Type UTP Diagnostic passed Random Early Drop Disabled Admin state Enabled with auto duplex auto speed sensing Link state Ready Link counter Up 0 time s Down 0 times s VLAN cfg Default Internal Tag 0001 Mac Limit Cfg No limit LRN 0 BlkHole 0 STP cfg s0 disable Tag none Mode 802 1D State FORWARDING Aggregate B W Configured 25 Trunking Load sharing is not enabled Protocol VLAN Def...

Page 341: ...are redundant port disabled jitter tolerance enabled link filtering isr filter yes middle layer filter no History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 4 0 to support modular switches This command was modified in ExtremeWare 6 0 to support the detail keyword This command was modified in ExtremeWare 6 1 to support PoS modules This command was m...

Page 342: ...t statistics are displayed port number link status packet size Example The following command displays packet statistics for ports 1 through 6 on a stand alone switch show ports 1 6 packet Receive Packet Statistics Sun Sep 12 14 48 59 2004 Port Link Packet Sizes Status 0 64 65 127 128 255 256 511 512 1023 1024 1518 Jumbo 1 A 410465 3548292 97395 51257 7390 1547785 0 2 A 397578 1724578 94290 49422 1...

Page 343: ... 0 0 0 0 0 0 0 1 4 R 0 0 0 0 0 0 0 1 5 R 0 0 0 0 0 0 0 1 6 R 0 0 0 0 0 0 0 1 7 R 0 0 0 0 0 0 0 1 8 R 0 0 0 0 0 0 0 2 1 R 0 0 0 0 0 0 0 2 2 R 0 0 0 0 0 0 0 2 3 R 0 0 0 0 0 0 0 2 4 R 0 0 0 0 0 0 0 2 5 R 0 0 0 0 0 0 0 2 6 R 0 0 0 0 0 0 0 2 7 R 0 0 0 0 0 0 0 2 8 R 0 0 0 0 0 0 0 3 1 R 0 0 0 0 0 0 0 Link Status A Active R Ready D Disabled NP Not Present LB Loopback 0 Clear Counters U page up D page down...

Page 344: ...ot have any parameters or variables Default N A Usage Guidelines An asterisk appears when an individual link is active and an exclamation point when the link is disabled Example The following examples gives information about redundant ports show ports redundant The output of the command is similar to Primary 5 Redundant 7 Primary 6 Redundant 25 Flags Active Disabled History This command was first ...

Page 345: ...40 A 1 a 41 A 1 a 42 A 1 Link Status A Active D Disabled LB Loopback ND Not Distributing NP Not Present R Ready Ld Share Type a address based The next example shows dynamic load sharing configured on a Summit 300 24 Summit300 24 29 show ports sharing Load Sharing Monitor Config Current Ld Share Ld Share Link Link Master Master Type Group Status Ups 1 1 dy 1 ND 1 dy 2 D 0 Link Status A Active D Dis...

Page 346: ...n 3 sh port 5 4 sharing Load Sharing Monitor Config Current Ld Share Ld Share Link Link Master Master Type Group Status Ups 5 4 7 4 r 5 4 NP 1 r 5 5 NP 1 r 7 4 A 2 r 7 5 A 1 Link Status A Active D Disabled ND Not Distributing NP Not Present R Ready Ld Share Type a address based p port based r round robin dy dynamic History This command was first available in ExtremeWare 6 2 2 This command was modi...

Page 347: ...u do not specify a port number or range of ports port utilization information is displayed for all ports This status information may be useful for your technical support representative if you have a network problem Example The following command displays utilization statistics for port 1 on a stand alone switch show ports 1 utilization The following command displays utilization statistics for slot ...

Page 348: ...back spacebar toggle screen U page up D page down ESC exit The second display shows utilization in terms of bytes Link Utilization Averages Wed Jan 23 21 30 03 2002 Port Link Receive Peak Rx Transmit Peak Transmit Status bytes sec bytes sec bytes sec bytes sec 1 A 1102 69555 536 2671 2 R 0 0 0 0 3 R 0 0 0 0 4 R 0 0 0 0 5 R 0 0 0 0 6 R 0 0 0 0 7 R 0 0 0 0 8 R 0 0 0 0 Link Status A Active R Ready D ...

Page 349: ...up D page down ESC exit History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 4 0 to support modular switches This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 350: ... ESRP Slave f IP Forwarding Enabled G GVRP Enabled i ISIS Enabled I IP Forwarding lpm routing Enabled L Loopback Enabled M ESRP Master m IPmc Forwarding Enabled N GNS Reply Enabled o OSPF Enabled P IPX SAP Enabled p PIM Enabled R SubVLAN IP Range Configured r RIP Enabled S SuperVlan s SubVlan T Member of STP Domain v VRRP Enabled V VPLS TLS Enabled X IPX RIP Enabled Z Translation Vlan z Member Vla...

Page 351: ...show ports vlan info ExtremeWare 7 7 Command Reference Guide 351 Platform Availability This command is available on all platforms ...

Page 352: ...e source and destination MAC and IP address and the TCP port number IPX packets on i series only Uses the source and destination MAC address and IPX identifiers All other packets Uses the source and destination MAC address To verify your configuration use the show sharing address based command The show sharing address based output displays the addressed based configurations on the switch Example T...

Page 353: ...ing information slot number Specifies a slot on a modular switch or a location in a stack Field Description State The state of the slot as it comes up Initialization The first state of the switch Hardware and data structures are initialized in this state Diag This state applies mostly to remote switches which are placed in this state until diagnostics are run and are available through RPC Local sw...

Page 354: ...g the ARM ATM MPLS or PoS module has no problems the command show slot slot where slot is the number of the slot where you installed the module displays that ExtremeWare has detected the module and set it to the OPERATIONAL state Manager Member Stacked Switches only Indicates whether the switch is a stack manager master or a member slave Primary ExtremeWare Version Stacked Switches only ExtremeWar...

Page 355: ...le The slot state must be operational after the stack becomes active If the slot is in any other state then the stack is not completely up If the slot state indicates mismatch then the member is not allowed to join the stack because of operational vector problems Operational vector mismatch indicate that the corresponding slot supports certain features which are not compatible with the stack manag...

Page 356: ... 06 07 08 09 10 11 12 Slot 4 information State Operational Network Processor 1 Operational Network Processor 2 Operational General Purpose Proc Operational Serial number 701039 04 0128F07843 HW Module Type P12ci Optics Single mode Fiber NP 1 Rev C0 NP 2 Rev C0 Configured Type Not configured Bootrom Version 1 18 Software image booted secondary Software image configured secondary Primary software ve...

Page 357: ... Module Type Empty Configured Type Not configured Example 2 Stack of Switches The following example shows slot information for a stack of switches Stk Master 13 show slot Slot 1 information State Operational Serial number HW Module Type S400 24P Master 00 04 96 1F A7 3A Primary EW Ver 7 4e 0 28 non ssh Secondary EW Ver 7 4e 0 10 branch McastExtn_v74e0b10 r2 non ssh Image Selected Primary Image Boo...

Page 358: ...dary Config Empty Configured Type Not configured Inline power Total Common 376W Consumed 0 0W UTP ports available Link Active 25 Link Down 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 26 History This command was first available in ExtremeWare 4 0 This command was modified in ExtremeWare 6 1 to support PoS modules This command was modified in ExtremeWare 7 0 0 to support ...

Page 359: ...dule state Network Processor status General Purpose Processor status hardware serial number and type and image version and boot settings For the ARM ATM MPLS PoS and WAN modules the information displayed by this command includes data about the software images loaded on the module and information about the operational status and backplane connections of the module Example The following example disp...

Page 360: ...ted secondary Software image configured secondary Primary software version 7 0 0 Build 44 oc12 by Beta_Master on Sat 10 12 2002 06 16p Secondary software version 7 0 0 Build 44 oc12 by Beta_Master on Sat 10 12 2002 06 16p POS ports available Link Up Link Down 01 02 Slot 5 information State Operational Serial number 701026 10 0142F70250 HW Module Type F48Ti Configured Type Not configured UTP ports ...

Page 361: ...st available in ExtremeWare 4 0 This command was modified in ExtremeWare 6 1 to support PoS modules This command was modified in ExtremeWare 7 0 0 to support WAN modules This command was modified in ExtremeWare 7 4 to support the details option and stacking on Summit switches Platform Availability This command is available on modular switches and Summit 200 Summit 300 24 and Summit 400 switches co...

Page 362: ...ines The following occurs after you execute this command The external ports are reset when an MSM failover occurs No state is preserved when a failover occurs The MSM failover timeout returns to 60 seconds The new master uses the configuration file kept in its flash memory upon failover Example The following command disables hitless failover and returns factory defaults unconfigure msm failover Hi...

Page 363: ... to 100 NOTE This command is available only on the i series switches Syntax Description Default None Usage Guidelines None Example The following command restores the egress bandwidth of port 3 on slot 1 to 100 unconfigure port 1 3 aggregate bandwidth History This command was first available in ExtremeWare 7 3 0 Platform Availability This command is available on the i series platform portnumber Spe...

Page 364: ...cation see Modular Switch Numerical Ranges or Stand alone Switch Numerical Ranges in Chapter 1 Example The following command clears the user defined display from port 4 on a stand alone switch unconfigure ports 4 display string The following command clears the user defined display string from slot 2 port 4 on a modular switch unconfigure ports 2 4 display string History This command was first avai...

Page 365: ... redundant port s Example The following command unconfigures a software controlled redundant port on a stand alone switch unconfigure ports 5 redundant The output of the command is similar to Unconfig Redundant on Port 5 Summit400 48t 33 07 24 2004 04 50 36 42 Info SYST serial admin unconfigure ports 5 redundant The following command unconfigures a software controlled redundant port on a modular s...

Page 366: ...le type NOTE This command is available only on modular switches Syntax Description Default N A Usage Guidelines None Example The following command clears slot 4 of a previously assigned module type unconfigure slots 4 History This command was first available in ExtremeWare 4 0 Platform Availability This command is available on modular switches only slot number Specifies a slot on a modular switch ...

Page 367: ...ort can be a member of only one port based VLAN and is by default a member of the VLAN named Default 802 1Q tag Tagging is most commonly used to create VLANs that span switches Ethernet LLC SAP or LLC SNAP Ethernet protocol type Protocol based VLANs are most often used in situations where network segments contain hosts running multiple protocols NOTE Protocol based VLANS are supported only on the ...

Page 368: ...es an Ethertype value other than 8100 This feature is useful for VMAN tunneling Extreme Networks recommends the use of IEEE registered Ethertype 0x88a8 for deploying vMANs Extreme switches assume an Ethertype value of 8100 You must reboot the switch for this command to take effect Example The following command followed by a switch reboot changes the Ethertype value to 9100 configure dot1q ethertyp...

Page 369: ...alent to specifying the group number as any Example Given ports enabled for MAC based VLANs as follows enable mac vlan mac group any ports 16 17 enable mac vlan mac group 10 ports 11 12 The following command sets up the end station with MAC address 00 00 00 00 00 01 to participate in VLAN engineering via the MAC enabled ports 16 or 17 configure mac vlan add mac address 00 00 00 00 00 01 mac group ...

Page 370: ...ports in group 10 ports 11 or 12 or through ports 16 or 17 enabled for any mac group configure mac vlan add mac address 00 00 00 00 00 02 mac group 10 vlan engineering History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 371: ...mac vlan delete mac address 00 00 00 00 00 02 The following command removes all MAC addresses from participating in any VLANs configure mac vlan delete all History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms all Indicates that all MAC addresses shou...

Page 372: ...nfigure ports 8 1 8 6 monitor vlan accounting You can monitor up to four VLANs on the same port by issuing the command four times For example if you want to monitor VLANs dog1 dog2 dog3 and dog4 on slot 1 use the following commands configure ports 1 monitor vlan dog1 configure ports 1 monitor vlan dog2 configure ports 1 monitor vlan dog3 configure ports 1 monitor vlan dog4 After you have configure...

Page 373: ...tches no more than seven protocols can be active and configured for use Example The following command configures a protocol named Fred by adding protocol type LLC SAP with a value of FFEF configure protocol fred add llc feff History This command was first available in ExtremeWare 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e protocol_name Specifies a protocol fi...

Page 374: ...374 ExtremeWare 7 7 Command Reference Guide VLAN Commands Platform Availability This command is available on the i series platforms and the Summit 400 series switches ...

Page 375: ...ble in ExtremeWare 1 0 Platform Availability This command is available on the i series platforms and on the Summit 400 series switches protocol_name Specifies a protocol filter name protocol_type Specifies a protocol type Supported protocol types include etype IEEE Ethertype llc LLC Service Advertising Protocol snap Ethertype inside an IEEE SNAP packet encapsulation hex_value Specifies a four digi...

Page 376: ...member VLANs Traffic from any member VLAN destined for the translation VLAN is switched and the VLAN tag is translated appropriately Traffic from the translation VLAN destined for any member VLAN is switched and the VLAN tag is translated The added VLAN cannot have an IP address configured or already be a member VLAN or a translation VLAN it must contain only i series module Ethernet ports In addi...

Page 377: ...ault VLAN named Default To add untagged ports to a different VLAN you must first remove them from the default VLAN You do not need to do this to add them to another VLAN as tagged ports You must configure a loopback port with a unique loopback VLAN tag ID before adding rate shaped ports This command is not supported on SONET modules Example The following command assigns tagged ports 1 2 3 and 6 to...

Page 378: ...n ExtremeWare 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e This command was modified in ExtremeWare 7 2e to support rate limiting with the soft rate limit keyword Platform Availability This command is available on all platforms It is not supported on SONET modules ...

Page 379: ... rate shaped ports This command is not supported on SONET modules Example The following example sets up bi directional rate shaping using a loopback port and a rate shaped port First create the VLAN that will have rate shaped ports as members create vlan ratelimit Create the loopback port to rate shape ingress traffic configure vlan ratelimit add ports 1 loopback vid 100 Configure the user port th...

Page 380: ...380 ExtremeWare 7 7 Command Reference Guide VLAN Commands History This command was first available in ExtremeWare 6 0 Platform Availability This command is available only on the i series platforms ...

Page 381: ...onfigured for a VLAN You can configure a maximum of 64 secondary IP addresses A secondary IP address can be configured only if a primary IP address has been configured already for the VLAN Secondary IP addresses cannot be modified They must be deleted and added again Use the following command to delete a secondary IP address configure vlan delete secondary ip Example The following command configur...

Page 382: ...ubnet as the primary IP address With ExtremeWare 7 3 0 secondary IP addresses specify local subnets in the switch and must be unique When a secondary IP address configuration of a pre ExtremeWare 7 3 0 release is restored with an ExtremeWare 7 3 0 image the following syslog message will be logged WARN IPRT Secondary IP Address x x x x 32 will not be used Platform Availability This command is avail...

Page 383: ...nes This command deletes a member VLAN from a translation VLAN Use the all keyword to delete all the member VLANs from the specified translation VLAN Example The following command deletes the member VLAN named v101 from the translation VLAN named v1000 configure vlan v1000 delete member vlan v101 History This command was first available in ExtremeWare 7 1 0 Platform Availability This command is av...

Page 384: ...mple The following command removes ports 1 2 3 and 6 from a VLAN named accounting configure accounting delete port 1 2 3 6 History This command was first available in ExtremeWare 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vlan name Specifies a VLAN name portlist A list of ports or slots and port...

Page 385: ...Ds are associated with the secondary IP address Deletion of a secondary IP address automatically deletes the DHCP address ranges associated with the secondary IP address Example The following command deletes a secondary IP address from the VLAN named test1 configure vlan test1 delete secondary ip 95 0 0 1 24 History This command was modified to enhance the multinetting implementation It was made a...

Page 386: ...VLAN with an IP address Example The following commands are equivalent both assign an IP address of 10 12 123 1 to a VLAN named accounting configure vlan accounting ipaddress 10 12 123 1 24 configure vlan accounting ipaddress 10 12 123 1 255 255 255 0 History This command was first available in ExtremeWare 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Av...

Page 387: ...ange the name of the default VLAN Default Example The following command renames VLAN vlan1 to engineering configure vlan vlan1 name engineering History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms old_name Specifies the current old VLAN name new_name...

Page 388: ...r ports Use the configure protocol command to define a custom protocol filter Example The following command configures a VLAN named accounting as an IP protocol based VLAN configure accounting protocol ip History This command was first available in ExtremeWare 1 0 Platform Availability This command is available on the i series platforms and on the Summit 400 series switches vlan name Specifies a V...

Page 389: ...ternal VLANid by the switch You can specify a value that is currently used as an internal VLANid on another VLAN it will become the VLANid for the VLAN you specify and a new VLANid will be automatically assigned to the other untagged VLAN Example The following command assigns a tag and internal VLANid of 120 to a VLAN named accounting configure accounting tag 120 History This command was first ava...

Page 390: ... packet belongs to a particular VLAN After you create the protocol you must configure it using the configure protocol add command To assign it to a VLAN use the configure vlan protocol command Example The following command creates a protocol named fred create protocol fred History This command was first available in ExtremeWare 1 0 This command was added to the Summit 400 48t switch in ExtremeWare...

Page 391: ...contains the management port s on the switch It is assigned the next available internal VLANid as an 802 1Q tag Usage Guidelines A newly created VLAN has no member ports is untagged and uses protocol filter any until you configure it otherwise Use the various configure vlan commands to configure the VLAN to your needs Internal VLANids are assigned automatically using the next available VLANid star...

Page 392: ...llowing command creates a VLAN named accounting create vlan accounting History This command was first available in ExtremeWare 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 393: ...idelines If you delete a protocol that is in use by a VLAN the protocol associated with that VLAN becomes none Example The following command deletes a protocol named fred delete protocol fred History This command was first available in ExtremeWare 1 0 Platform Availability This command is available on the i series platforms and on the Summit 400 48t protocol_name Specifies a protocol name ...

Page 394: ...turned to the default VLAN you must add them back explicitly using the configure vlan add ports command NOTE The default VLAN cannot be deleted Example The following command deletes the VLAN accounting delete accounting History This command was first available in ExtremeWare 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is avai...

Page 395: ...urn it to the default VLAN If you need this port to be a member of the default VLAN you must explicitly add it back Example The following command disables ports 16 and 17 from using the MAC based VLAN algorithm disable mac vlan port 16 17 History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability T...

Page 396: ...p as any Examples The following set of commands removes ports 16 and 17 from the default VLAN and then enables them for use with the MAC based VLAN associated with any MAC group configure default delete port 16 17 enable mac vlan mac group any port 16 17 The following commands enable ports 11 and 12 for use with a MAC based VLAN associated with MAC group 10 configure default delete port 11 12 enab...

Page 397: ...owing is an example of the show mac vlan command Port Vlan Group State 11 MacVlanDiscover 10 Discover 12 MacVlanDiscover 10 Discover 16 MacVlanDiscover any Discover 17 MacVlanDiscover any Discover Total Entries in Database 2 Mac Vlan Group 00 00 00 00 00 AA anntest1 any any anntest1 10 2 matching entries History This command was first available in ExtremeWare 6 0 This command was added to the Summ...

Page 398: ...he show protocol command Protocol Name Type Value IP etype 0x0800 etype 0x0806 ipx etype 0x8137 netbios llc 0xf0f0 llc 0xf0f1 decnet etype 0x6003 etype 0x6004 appletalk snap 0x809b snap 0x80f3 ipx_8022 llc 0xe0e0 ipx_snap snap 0x8137 NOTE Output referring to IPX is displayed only on the i series platforms History This command was first available in ExtremeWare 1 0 This command was added to the Sum...

Page 399: ...lays the same information as for an individual VLAN but shows every VLAN one by one After each VLAN information display you can elect to continue or quit Protocol None in the output indicates that this VLAN was configured with a user defined protocol that has subsequently been deleted Use the command show vlan stats vlan name on i series switches to show real time statistics for the number of pack...

Page 400: ... Domain v VRRP Enabled X IPX RIP Enabled 2 IPX Type 20 Forwarding Enabled Total number of Vlan s 7 The following is an example of the show vlan Default command show vlan Default VLAN Interface 0 200 with name Default created by user Tagging 802 1Q Tag 1 Priority 802 1P Priority 7 IP 51 0 0 1 255 255 255 0 Sec IP 53 0 0 1 255 255 255 0 STPD s0 Disabled Auto bind Protocol Match all unfiltered protoc...

Page 401: ... Share Group c Cross Module Trunk Untag 1 25 5 10 5 25 7 25 Tagged 5 4c History This command was first available in ExtremeWare 1 0 This command was modified to support longer VLAN names in ExtremeWare 6 2 2 This command was modified to include the Member of STP Domain flag in ExtremeWare 7 0 This command was modified to support the 3 series modules in ExtremeWare 7 0 1 This command was modified t...

Page 402: ...s switches Syntax Description Default N A Usage Guidelines None Example The following command removes monitoring for ports on VLAN accounting unconfigure ports 8 1 8 6 monitor vlan accounting History This command was first available in ExtremeWare 6 2 Platform Availability This command is available only on the i series platforms portlist Specifies one or more ports May be in the form 1 2 3 5 2 5 2...

Page 403: ...address es configured for the VLAN Example The following command removes the primary IP address for the VLAN named vlantest4 unconfig vlan vlantest4 ip address History This command was first available in ExtremeWare 1 0 This command was modified to enhance the multinetting implementation It was made available in ExtremeWare 7 3 0 This command was added to the Summit e series of switches in Extreme...

Page 404: ...404 ExtremeWare 7 7 Command Reference Guide VLAN Commands ...

Page 405: ... to zero all aging entries in the database are defined as static nonaging entries This means that they do not age but they are still deleted if the switch is reset Permanent entries Permanent entries are retained in the database if the switch is reset or a power off on cycle occurs The system administrator must create permanent entries A permanent entry can be either a unicast or multicast MAC add...

Page 406: ...If the entry is not in use remaps around the entry location If the entry is in use but is safely removable most MAC and IP DA entries removes the questionable entry allows the table to be rebuilt naturally and remaps around the entry location If the entry is in use and is not safely removable MAC_NH IPSA IPMCDA IPDP IPSP IPXSN sends a warning message to the log If the switch detects more than eigh...

Page 407: ...and was available in ExtremeWare 2 0 The command was modified in ExtremeWare 6 2 1 to support the broadcast mac keyword and to support clearing locked static entries This command was modified in ExtremeWare 6 2 2b108 to support the remap keyword and questionable entries known as suspect entries are marked with an S flag The remap keyword was not supported in ExtremeWare 7 0 The remap keyword is su...

Page 408: ...ic nonaging entries This means that they do not age out but non permanent static entries can be deleted if the switch is reset Example The following command sets the FDB aging time to 3 000 seconds configure fdb agingtime 3000 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is ava...

Page 409: ...configuring an alarm level disables auto recovery and configuring auto recovery overrides the alarm level setting This setting is independent of and does not affect the system health check configurations To determine if you have FDB scanning enabled and the failure action the switch takes use the show switch command The following is sample FDB scanning output Fdb Scan Diag Enabled Failure action l...

Page 410: ... 7 7 Command Reference Guide FDB Commands This command was not supported in ExtremeWare 7 0 This command is supported in ExtremeWare 7 1 0 Platform Availability This command is available on the i series platform only ...

Page 411: ...03 10 29 28 INFO SYST serial admin configure fdb scan period 1 n Extreme Networks recommends an interval period of at least 15 seconds This setting is independent of and does not affect the system health check configurations Example The following command configures a timer interval of 20 seconds between FDB scans configure fdb scan period 20 History This command was first available in ExtremeWare ...

Page 412: ...r which it is configured it is blackholed Configuring a secure MAC address for a port does not prevent the port from learning other MAC addresses Example The following command specifies that MAC address 00 0a 01 02 03 04 is permitted only on ports 1 and 2 in VLAN test create fdbentry secure mac 00 0a 01 02 03 04 vlan test ports 1 2 History This command was first available in ExtremeWare release 7 ...

Page 413: ...manent set as well as the b for ingress blackhole and or B for egress blackhole flags set Example The following example adds a blackhole entry to the FDB for MAC address is 00 E0 2B 12 34 56 in VLAN marketing on port 4 create fdbentry 00 E0 2B 12 34 56 vlan marketing both History This command was available in ExtremeWare 2 0 Support for specifying source or destination MAC address was added in Ext...

Page 414: ...414 ExtremeWare 7 7 Command Reference Guide FDB Commands This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 415: ...try may not appear in the show fdb output Once the entry has been learned it is created as a permanent dynamic entry designated by dpm in the flags field of the show fdb output A dynamic entry is flushed and relearned updated when any of the following take place A VLAN is deleted A VLAN identifier VLANid is changed A port mode is changed tagged untagged A port is deleted from a VLAN mac_address Sp...

Page 416: ... destination MAC address of an egress packet are examined for QoS profile assignment Example The following example associates the QoS profile qp2 with a dynamic entry for MAC address 00 A0 23 12 34 56 on VLAN net34 that will be learned by the FDB create fdbentry 00 A0 23 12 34 56 vlan net34 dynamic qosprofile qp2 QoS profile qp2 will be applied when the entry is learned The following example assoc...

Page 417: ...entries After they have been created permanent static entries stay the same as when they were created If the same MAC address is encountered on another virtual port that is not included in the permanent MAC entry it is handled as a blackhole entry The static entry is not updated when any of the following take place A VLAN is deleted A VLAN identifier VLANid is changed A port mode is changed tagged...

Page 418: ...llowing example adds a permanent static entry to the FDB for MAC address is 00 E0 2B 12 34 56 in VLAN marketing on port 4 create fdbentry 00 E0 2B 12 34 56 vlan marketing port 4 History This command was available in ExtremeWare 2 0 Support for associating separate QoS profiles with ingress and egress ports was added in ExtremeWare 6 2 This command was added to the Summit e series of switches in Ex...

Page 419: ...mand was modified in ExtremeWare 6 2 0 to support the all option This command was modified in ExtremeWare 6 2 1 to support the broadcast mac option This command was added to the Summit e series of switches in ExtremeWare 7 1e This command was modified in ExtremeWare 7 2 e to support the broadcast mac option Platform Availability This command is available on all platforms mac_address Specifies a de...

Page 420: ...scan is enabled For ExtremeWare 6 2 2b134 and ExtremeWare 7 1 0 The default for the FDB scan is disabled If you load your saved ExtremeWare 6 2 2b108 configurations onto a switch with ExtremeWare 6 2 2b134 or ExtremeWare 7 1 0 or later FDB scanning is enabled You must manually disable FDB scanning if you want the feature disabled Example The following command disables FDB scanning on a stand alone...

Page 421: ...fdb scan all History This command was first available in ExtremeWare 6 2 2b108 The default for this command was changed to disabled in ExtremeWare 6 2 2b134 This command was not supported in ExtremeWare 7 0 This command is supported in ExtremeWare 7 1 0 Platform Availability This command is available on the i series platform and the BlackDiamond modules ...

Page 422: ...8 The default for the FDB scan is enabled For ExtremeWare 6 2 2b134 and ExtremeWare 7 1 0 The default for the FDB scan is disabled If you load your saved ExtremeWare 6 2 2b108 configurations onto a switch with ExtremeWare 6 2 2b134 or ExtremeWare 7 1 0 or later FDB scanning is enabled You must manually disable FDB scanning if you want the feature disabled Example The following command enables FDB ...

Page 423: ...b scan all History This command was first available in ExtremeWare 6 2 2b108 The default for this command was changed to disabled in ExtremeWare 6 2 2b134 This command was not supported in ExtremeWare 7 0 This command is supported in ExtremeWare 7 1 0 Platform Availability This command is available on the i series platform and the BlackDiamond modules ...

Page 424: ...nsistency checking on this entry run fdb check 00 00 00 00 00 01 run fdb check 00 00 00 00 00 01 detail run fdb check 00 00 00 00 00 01 extended detail run fdb check 00 00 00 00 00 01 vlan v1 run fdb check index cf3c 0 extended detail all Specifies all entries in the FDB bucket Specifies the bucket portion of the FDB hash index entry Specifies the entry portion of the FDB hash index mac address Sp...

Page 425: ...as first available in ExtremeWare 6 1 9 This command was modified in ExtremeWare 6 2 1 to support the broadcast mac keyword Platform Availability This command is available on the i series platform The extended option is available on the Black Diamond 6800 chassis based system only ...

Page 426: ...s of switches permanent Displays all permanent entries including the ingress and egress QoS profiles and secure MAC addresses portlist Displays the entries for one or more ports May be in the form 1 2 3 5 2 5 2 6 2 8 remap Displays the remapped FDB entries NOTE This option is only available on the i series of switches stats Displays the FDB statistics vlan name Displays the entries for a specific ...

Page 427: ...0000 s m CPU 51f50 100 00 01 30 CA F6 00 lab 4000 0000 0001 d i 1 67b20 100 00 30 D3 01 5A E0 lab 4000 0000 0001 d i 1 80a10 204 FF FF FF FF FF FF lab 4000 0000 0000 s m CPU 2 1 80fe0 208 FF FF FF FF FF FF MacVlanDis 4095 0000 0000 s m CPU 80ff0 202 FF FF FF FF FF FF Mgmt 4094 0000 0000 s m CPU 8d8d0 20a FF FF FF FF FF FF zzz 0652 0000 0000 s m CPU 2 8f000 200 FF FF FF FF FF FF Default 0001 0000 0...

Page 428: ...ult 0001 pm Flags B Egress Blackhole b Ingress Blackhole d Dynamic s Static p Permanent m MAC S secure MAC l lockdown MAC M Mirror i IP x IPX z translation MAC Q Questionable R Remapped authorize port list Total 3 Secure 0 NOTE IPX information only shows in i series switch output History This command was available in ExtremeWare 2 0 This command was modified in ExtremeWare 6 2 1 to support the bro...

Page 429: ...Ware 6 2 2b108 The failure action default is sys health check If you use the unconfigure fdb scan failure action command the switch returns to its default of performing the configured system health check action For ExtremeWare 6 2 2b134 and ExtremeWare 7 1 0 The failure action default is log If you use the unconfigure fdb scan failure action command the switch sends one instance of an error messag...

Page 430: ...ault N A Usage Guidelines This setting is independent of and does not affect the system health check configurations Example The following command returns the FDB scan interval to 30 seconds unconfigure fdb scan period History This command was first available in ExtremeWare 6 2 2b108 This command was not supported in ExtremeWare 7 0 This command is supported in ExtremeWare 7 1 0 Platform Availabili...

Page 431: ...nt service levels for outbound and inbound traffic QoS is an effective control mechanism for networks that have heterogeneous traffic patterns Using QoS you can specify the service that a traffic type receives Policy based QoS allows you to protect bandwidth for important categories of applications or specifically limit the bandwidth associated with less critical traffic The switch contains separa...

Page 432: ... IP DiffServ code points formerly known as IP TOS bits Priority bits used in IEEE 802 1p packets All Extreme switches support the standard 802 1p priority bits that are part of a tagged Ethernet packet DLCS i Series Switches Only The Dynamic Link Context System DLCS is a feature of ExtremeWare and Extreme i series switches that snoops Windows Internet Naming Service WINS NetBIOS packets and create...

Page 433: ...Usage Guidelines If the IP address of an end station changes and the end station is not immediately rebooted the old host to IP mapping is not deleted You must delete the mapping through the ExtremeWare Enterprise Manager Policy System Example The following command clears all learned DLCS data from the switch clear dlcs History This command was available in ExtremeWare 6 0 Platform Availability Th...

Page 434: ...irection code_point Specifies a DiffServ code point a 6 bit value in the IP TOS byte in the IP header qosprofile Specifies the QoS profile to which the DiffServ code point is mapped portlist Specifies a list of ports or slots and ports May be in the form 1 2 3 5 2 5 2 6 2 8 all Specifies that this applies to all ports on the device low drop probability Specifies that the DSCP has a low drop probab...

Page 435: ...y These keywords enable complete flexibility in assigning DSCPs to the two different drop probability levels Examples The following command specifies that packets arriving on ports 5 8 that use code point 25 be assigned to qp2 configure diffserv examination code point 25 qosprofile qp2 ports 5 8 The following command sets up the mapping for the EF PHB PoS module only configure diffserv examination...

Page 436: ...th 802 1p replacement and DiffServ replacement using the enable dot1p replacement ports and enable diffserv replacement ports commands The default 802 1p priority value to code point mappings are described in Table 11 value Specifies the 802 1p priority value code_point Specifies a 6 bit value to be used as the replacement code point in the IP TOS byte in the IP header portlist Specifies a list of...

Page 437: ...specifies that a code point value of 25 should be used to replace the TOS bits in packets with an 802 1p priority of 2 for ports 5 9 configure diffserv replacement priority 2 code point 25 ports 5 9 History This command was first available in ExtremeWare 6 0 Platform Availability This command is available on the i series platforms only ...

Page 438: ...ior The default mapping of each 802 1p priority value to QoS profile is described in Table 12 Example The following commands swap the QoS profiles associated with 802 1p priority values 1 and 2 on an i series device configure dot1p type 2 qosprofile qp2 configure dot1p type 1 qosprofile qp3 History This command was available in ExtremeWare 6 0 dot1p_priority Specifies the 802 1p priority value The...

Page 439: ...configure dot1p type ExtremeWare 7 7 Command Reference Guide 439 Platform Availability This command is available on the i series platforms only ...

Page 440: ...ntax Description Default N A Usage Guidelines Extreme switches support eight QoS profiles QP1 QP8 Example The following command configures port 5 to use QoS profile QP3 configure ports 5 qosprofile QP3 History This command was first available in ExtremeWare 6 0 Platform Availability This command is available on the i series platforms only portlist Specifies a list of ports or slots and ports May b...

Page 441: ...arameter allows you to set a maximum buffer for each queue so that a single queue will not consume all of the unallocated buffer space You should not modify the buffer qosprofile Specifies a QoS profile name min_percent Specifies a minimum bandwidth percentage for this queue The default setting is 0 max_percent Specifies the maximum bandwidth percentage this queue is permitted to use The default s...

Page 442: ...e QoS profile parameters of QoS profile qp5 for specific ports on an i series switch configure qosprofile qp5 minbw 10 maxbw 80 priority highHi ports 5 7 The following command configures the buffer size for QoS profile qp5 on an i series switch configure qosprofile qp5 minbw 10 maxbw 80 priority highhi minbuf 3 maxbuff 1024K History This command was available in ExtremeWare 2 0 The minbuff maxbuff...

Page 443: ... command forces FDB source mac QoS to take a higher precedence over FDB dest mac QoS with a default priority of 8 configure qostype priority source mac 9 History This command was first available in ExtremeWare 6 2 source mac Specifies the priority of traffic groupings based on FDB source MAC addresses Default is 7 dest mac Specifies the priority of traffic groupings based on FDB destination MAC ad...

Page 444: ...444 ExtremeWare 7 7 Command Reference Guide QoS Commands Platform Availability This command is available on the i series platforms only ...

Page 445: ...andom discard on subsequent packets based on the configured RED drop probability The destination node detects the dropped packet and using standard TCP windowing mechanisms slows the transmission from the source node RED drop probability is configured on a system wide basis The percentage range is 0 100 Example The following command configures the RED drop probability as 80 configure red drop prob...

Page 446: ...ut by a user on the switch console To configure which queue to use for traffic traveling across a VLAN use the following command configure vlan vlan name qosprofile qosprofile Example The following command configures VLAN accounting to use priority 6 in its generated traffic configure vlan accounting priority 6 History This command was available in ExtremeWare 6 0 This command was added to the Sum...

Page 447: ...i series switches Syntax Description Default N A Usage Guidelines Extreme switches support eight QoS profiles QP1 QP8 Example The following command configures the VLAN called accounting to use QoS profile QP3 configure vlan accounting qosprofile QP3 History This command was available in ExtremeWare 2 0 Platform Availability This command is available on the i series platforms only vlan name Specifi...

Page 448: ... command disables DiffServ examination on selected ports disable diffserv examination ports 3 5 6 History This command was available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms portlist Specifies a list of ports or slots and ports to which the parameters apply May be in the form 1 ...

Page 449: ...s switches Syntax Description Default N A Usage Guidelines None Example The following command disables DiffServ replacement on selected ports disable diffserv replacement ports 3 5 6 History This command was available in ExtremeWare 6 0 Platform Availability This command is available on the i series platforms only portlist Specifies a list of ports or slots and ports to which the parameters apply ...

Page 450: ...s disabled only on the system but not on all ports The ports are still dlcs enabled until they are specifically disabled by the disable dlcs ports all or disable dlcs ports port number command Using the ports parameter disables WINS packet snooping only on the specified port Example The following command disables all WINS packet snooping on the switch disable dlcs History This command was availabl...

Page 451: ...s switches Syntax Description Default N A Usage Guidelines None Example The following command disables DiffServ replacement on all ports disable dot1p replacement ports all History This command was available in ExtremeWare 6 0 Platform Availability This command is available on the i series platforms only portlist Specifies a list of ports or slots and ports to which the parameters apply May be in ...

Page 452: ...or is a utility on i series switches that monitors the eight hardware queues QP1 QP8 associated with any port s The QoS monitor keeps track of the number of frames and the frames per second that a specific queue is responsible for transmitting on a physical port By default QoS monitor is disabled on the switch Example The following command disables QoS monitoring disable qosmonitor History This co...

Page 453: ... is available only on the i series switches Syntax Description Default Disabled Usage Guidelines None Example The following command disables RED on ports 5 7 disable red ports 5 7 History This command was first available in ExtremeWare 6 0 10 Platform Availability This command is available on the i series platforms only portlist Specifies the port number s May be in the form 1 2 3 5 2 5 2 6 2 8 ...

Page 454: ...Example The following command enables DiffServ examination on selected ports enable diffserv examination ports 3 5 6 History This command was available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms portlist Specifies a list of ports or slots and ports to which the parameters apply Ma...

Page 455: ...user defined code points can be configured on each port The 802 1P priority bits 3 bits are used to select one of the eight code points Example The following command enables DiffServ replacement on selected ports enable diffserv replacement ports 3 5 6 History This command was available in ExtremeWare 6 0 Platform Availability This command is available on the i series platforms only portlist Speci...

Page 456: ... DLCS to work properly both commands need to be executed See PD3 26670001 for more details The fast ethernet ports parameter is a shortcut to enable DLCS on all Fast Ethernet ports rather than having to enter each port individually Example The following command enables DLCS snooping on port 4 enable dlcs ports 4 Use the following commands to enable DLCS snooping on the system and on all ports enab...

Page 457: ...enable dlcs ExtremeWare 7 7 Command Reference Guide 457 Platform Availability This command is available on the i series platforms only ...

Page 458: ...rved on ingress is preserved when transmitting the packet If 802 1p replacement is enabled the 802 1p priority information that is transmitted is determined by the hardware queue that is used when transmitting the packet The mapping is described in Table 13 This mapping cannot be changed Example The following command enables dot1p replacement on all ports enable dot1p replacement ports all portlis...

Page 459: ...ble dot1p replacement ports ExtremeWare 7 7 Command Reference Guide 459 History This command was available in ExtremeWare 6 0 Platform Availability This command is available on the i series platforms only ...

Page 460: ... a real time display and a separate option for retrieving information in the background and writing it to the log The real time display scrolls through the given portlist to provide statistics The particular port being monitored at that time is indicated by an asterisk appearing after the port number in the display Monitoring QoS in the background places transmit counter and any overflow informati...

Page 461: ...uent packets based on the configured RED drop probability Instead of dropping sessions during times when the queue depth is exceeded RED causes the switch to lower session throughput The destination node detects the dropped packet and using standard TCP windowing mechanisms slows the transmission from the source node RED drop probability is configured on a system wide basis and has a valid range f...

Page 462: ...vailable only on the i series switches Syntax Description This command has no arguments or variables Default N A Usage Guidelines None Example The following command displays DLCS status and data from the switch show dlcs It produces output such as the following DLCS Enabled Ports 4 History This command was available in ExtremeWare 6 0 Platform Availability This command is available on the i series...

Page 463: ... has no arguments or variables Default N A Usage Guidelines None Example The following command displays the current 802 1p to QoS mappings on the switch show dot1p Following is the output from this command 802 1p Priority Value QOS Profile 0 QP1 1 QP2 2 QP3 3 QP4 4 QP5 5 QP6 6 QP7 7 QP8 History This command was first available in ExtremeWare 4 0 Platform Availability This command is available on t...

Page 464: ... before the switch moves on to the next port in the list A port is sampled for five seconds before the packets per second pps value is displayed on the screen Example The following command shows the real time QoS statistics related to the specified ports show ports 1 2 49 qosmonitor mgmt Specifies the management port NOTE This option is supported only for switches that provide a management port po...

Page 465: ...mts Xmts Xmts Xmts Xmts Xmts Xmts 1 7 0 0 0 0 0 0 4 2 0 0 0 0 0 0 0 6 49 5 0 134 133 0 0 0 7 0 Clear Counters U page up D page down R rate screen ESC exit History This command was available in ExtremeWare 2 0 This command was updated to support PoS in Extreme 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all pla...

Page 466: ...sprofile 2 1 Following is sample output from this command 2 1 Queue Q0 using QP1 MinBw 0 MaxBw 100 Pri 2 Q1 using QP2 MinBw 0 MaxBw 100 Pri 1 Q2 using QP3 MinBw 0 MaxBw 100 Pri 4 Q3 using QP4 MinBw 0 MaxBw 100 Pri 3 Q4 using QP5 MinBw 0 MaxBw 100 Pri 4 Q5 using QP6 MinBw 0 MaxBw 100 Pri 5 Q6 using QP7 MinBw 0 MaxBw 100 Pri 6 Q7 using QP8 MinBw 0 MaxBw 100 Pri 7 History This command was available i...

Page 467: ...show qosprofile ExtremeWare 7 7 Command Reference Guide 467 Platform Availability This command is available on all platforms ...

Page 468: ...ilable only on the i series switches Syntax Description This command has no arguments or variables Default N A Usage Guidelines None Example The following command displays the QoS traffic grouping priority settings for this switch show qostype priority History This command was first available in ExtremeWare 6 2 Platform Availability This command is available on the i series platforms only ...

Page 469: ...e The following command removes DiffServ code point examination from ports 5 8 unconfigure diffserv examination ports 5 8 History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms portlist Specifies a list of ports or slots and ports May be in the form 1 ...

Page 470: ...tax Description Default N A Usage Guidelines None Example The following command removes DiffServ replacement from ports 5 8 unconfigure diffserv replacement ports 5 8 History This command was first available in ExtremeWare 6 0 Platform Availability This command is available on the i series platforms only portlist Specifies a list of ports or slots and ports May be in the form 1 2 3 5 2 5 2 6 2 8 a...

Page 471: ...witches Syntax Description This command has no arguments or variables Default N A Usage Guidelines Resets the traffic grouping priorities to the following access list 11 dest mac 8 source mac 7 diffserv 3 dot1p 2 vlan 1 Example The following command resets the QoS traffic grouping priorities unconfigure qostype priority History This command was first available in ExtremeWare 6 2 Platform Availabil...

Page 472: ...472 ExtremeWare 7 7 Command Reference Guide QoS Commands ...

Page 473: ...e public probably Internet IP addresses you want the inside addresses translated to The mappings between inside and outside IP addresses are done using rules that specify the IP subnets involved and the algorithms used to translate the addresses NOTE The NAT modes in ExtremeWare only support translating only traffic that initiates from inside addresses NAT rules are associated with a single outsid...

Page 474: ...delines None Example The following command clears NAT connections clear nat connections History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms connections Specifies the current NAT connections table stats Specifies the statistics counter ...

Page 475: ...tion IP address indicates that the rule applies only to packets with the specified layer 4 port s as their destination port Specifies a port number in the range 1 to 65535 any indicates that the rule should be applied to traffic to from any layer 4 port dest_ipaddress mask Specifies a subnet IP address in the format x x x x mask where mask is the number of bits in the subnet mask used to determine...

Page 476: ...s Port Mapping The addition of a layer 4 protocol name and the portmap keyword tells the switch to use port mapping mode As each new connection is initiated from the inside the NAT device picks the next available source layer 4 port on the first available outside IP address When all ports on a given IP address are in use the NAT device uses ports from the next outside IP address Optionally you may...

Page 477: ...fies that traffic coming from subnet 192 168 1 0 will be mapped to IP addresses in the range of 216 52 8 1 to 216 52 8 31 on outside VLAN out_vlan_1 configure nat add out_vlan_1 map source 192 168 1 0 24 to 216 52 8 1 216 52 8 31 Port Mapping The following command defines a translation rule that specifies that TCP UDP packets coming from 192 168 1 12 and destined for 192 168 5 20 will be mapped to...

Page 478: ...478 ExtremeWare 7 7 Command Reference Guide NAT Commands Platform Availability This command is available on all platforms ...

Page 479: ...t the rule applies only to traffic from the specified layer 4 port s When used with a destination IP address indicates that the rule applies only to packets with the specified layer 4 port s as their destination port Specifies a port number in the range 1 to 65535 any indicates that the rule should be applied to traffic to or from any layer 4 port dest_ipaddress mask Specifies a subnet IP address ...

Page 480: ...ation rule configure nat delete out_vlan_2 map source 192 168 2 128 25 to 216 52 8 64 28 tcp portmap 1024 8192 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 481: ...on table entries should not be timed out This setting is not normally recommended because NAT resources will be used up Example The following command configures the timeout for a reset or torn down TCP session to 120 seconds configure nat finrst timeout 120 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Plat...

Page 482: ...s should not be timed out This setting is not normally recommended because NAT resources will be used up Example The following command configures the timeout for an ICMP packet to 5 seconds configure nat icmp timeout 5 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is avail...

Page 483: ...entries should not be timed out This setting is not normally recommended because NAT resources will be used up Example The following command configures the timeout for a session with an unacknowledged SYN packet to 120 seconds configure nat syn timeout 120 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platf...

Page 484: ...e entries should not be timed out This setting is not normally recommended because NAT resources will be used up Example The following command configures the timeout for a TCP session to 90 seconds configure nat tcp timeout 90 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command ...

Page 485: ...ntries should not be timed out This setting is not normally recommended because NAT resources will be used up Example The following command configures the timeout for packets other than TCP UDP or ICMP to 240 seconds configure nat timeout 240 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availabili...

Page 486: ...s should not be timed out This setting is not normally recommended because NAT resources will be used up Example The following command configures the timeout for a UDP session to 90 seconds configure nat udp timeout 90 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is avail...

Page 487: ...ternal private IP addresses If you want to prevent this you can create IP and ICMP access lists on the outside VLAN ports to deny traffic destined for the inside IP addresses There is a NAT performance penalty when you do this When a VLAN is configured to be none all NAT functions are disabled and the VLAN operates normally Example The following command configures the VLAN out_vlan_1 as an outside...

Page 488: ...his command has no arguments or variables Default Disabled Usage Guidelines None Example The following command disables NAT functionality on the switch disable nat History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 489: ...s command has no arguments or variables Default Disabled Usage Guidelines None Example The following command enables NAT functionality on the switch enable nat History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 490: ...ide VLANs configured on the switch Rules are displayed in the order they are processed starting with the first one To display the NAT rules for a specific VLAN add the VLAN name Use the keyword timeout to display the NAT timeout settings configured on the switch Example The following command shows the NAT translation rules configured for VLAN out_vlan_1 show nat rules vlan out_vlan_1 History This ...

Page 491: ...show nat ExtremeWare 7 7 Command Reference Guide 491 Platform Availability This command is available on all platforms ...

Page 492: ...492 ExtremeWare 7 7 Command Reference Guide NAT Commands ...

Page 493: ...ections only if the virtual server and node are both enabled and passing health checks The switch considers a virtual server or node active unless a health check fails If a health check fails the switch considers the virtual server or node inactive A virtual server or node is also considered inactive if it is disabled and has zero active connections Flow redirection overrides routing decisions to ...

Page 494: ... connections from being established disable SLB to each virtual server using the following command disable slb vip vip name all To prevent new connections from being established to a specific virtual server and simultaneously close all current connections use the following command disable slb vip vip name all close connections now Example The following command clears the connections to the virtual...

Page 495: ...ault N A Usage Guidelines Use this command only during testing Clearing persistence disables applications such as shopping carts that require persistence Example The following command clears all information in the persistence table clear slb vip all persistence History This command was available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms vip name S...

Page 496: ...Syntax Description Default N A Usage Guidelines This command also automatically enables ping based health checking Example The following command adds the next hop of 10 2 1 20 to the flow redirection policy named http_flow configure flow redirect http_flow add next hop 10 2 1 20 History This command was available in ExtremeWare 6 1 4 Platform Availability This command is available on all i series ...

Page 497: ...ntax Description Default N A Usage Guidelines None Example The following command deletes the next hop of 10 2 1 20 from the flow redirection policy named http_flow configure flow redirect http_flow delete next hop 10 2 1 20 History This command was available in ExtremeWare 6 1 4 Platform Availability This command is available on all i series platforms flow redirect Specifies a flow redirection pol...

Page 498: ...f the FTP check is 180 seconds and you cannot configure these times For ExtremeWare 6 2 1 and later configure the frequency and timeout using the following command configure flow redirect timer service check Example The following command configures and enables FTP check for the flow redirection policy named ftp_flow and logs in with the user name test and password extreme configure flow redirect f...

Page 499: ... the path in the specified URL The maximum length of a URL is 255 characters For ExtremeWare 6 2 0 and prior the frequency of the HTTP check is 60 seconds the timeout of the HTTP check is 180 seconds and you cannot configure these times For ExtremeWare 6 2 1 and later configure the frequency and timeout using the following command configure flow redirect timer service check Example The following c...

Page 500: ...re 6 2 0 and prior the frequency of the layer 4 port check is 10 seconds the timeout of the layer 4 port check is 30 seconds and you cannot configure these times For ExtremeWare 6 2 1 and later configure the frequency and timeout using the following command configure flow redirect timer tcp port check Example The following command configures and enables layer 4 port check for the flow redirection ...

Page 501: ...heck is 60 seconds the timeout of the NNTP check is 180 seconds and you cannot configure these times For ExtremeWare 6 2 1 and later configure the frequency and timeout using the following command configure flow redirect timer service check Example The following command configures and enables NNTP check for the flow redirection policy named nttp_flow and checks the newsgroup testgroup configure fl...

Page 502: ...ext hop In ExtremeWare 6 2 0 and prior the frequency of the ping check is 10 seconds the timeout of the ping check is 30 seconds and you cannot configure these times For ExtremeWare 6 2 1 and later configure the frequency and timeout using the following command configure flow redirect timer ping check Example The following command configures and enables ping check for the flow redirection policy n...

Page 503: ...of the POP3 check is 180 seconds and you cannot configure these times For ExtremeWare 6 2 1 and later configure the frequency and timeout using the following command configure flow redirect timer service check Example The following command configures and enables POP3 check for the flow redirection policy named pop3_flow and logs in with the user name test and the password extreme configure flow re...

Page 504: ... the frequency of the SMTP check is 60 seconds the timeout of the SMTP check is 180 seconds and you cannot configure these times For ExtremeWare 6 2 1 and later configure the frequency and timeout using the following command configure flow redirect timer service check Example The following command configures and enables SMTP check for the flow redirection policy named smtp_flow configure flow redi...

Page 505: ...of the telnet check is 180 seconds and you cannot configure these times For ExtremeWare 6 2 1 and later configure the frequency and timeout using the following command configure flow redirect timer service check Example The following command configures and enables telnet check for the flow redirection policy named telnet_flow and logs in with the user name test and the password extreme configure f...

Page 506: ... The default timeout is 30 seconds Usage Guidelines The frequency must be less than the timeout Example The following command configures a flow redirection ping check frequency of 5 seconds and a timeout of 15 seconds configure flow redirect timer ping check frequency 5 timeout 15 History This command was first available in ExtremeWare 6 2 1 Platform Availability This command is available on all i...

Page 507: ... Usage Guidelines The frequency must be less than the timeout This frequency and timeout apply to all layer 7 service checks Example The following command configures a flow redirection service check frequency of 100 seconds and a timeout of 300 seconds configure flow redirect timer service check frequency 100 timeout 300 History This command was first available in ExtremeWare 6 2 1 Platform Availa...

Page 508: ... default timeout is 30 seconds Usage Guidelines The frequency must be less than the timeout Example The following command configures a flow redirection tcp port check frequency of 15 seconds and a timeout of 45 seconds configure flow redirect timer tcp port check frequency 15 timeout 45 History This command was first available in ExtremeWare 6 2 1 Platform Availability This command is available on...

Page 509: ...t number to associate a group of virtual servers with an ESRP VLAN so that ESRP controls the failover state of the virtual servers To set the unit number of a virtual server use the following command configure slb vip For simplicity Extreme Networks recommends that you put client server and virtual server VLANs in the same ESRP group Example The following command configures ESRP VLAN servers to co...

Page 510: ...nds that you set the timeout greater than an even multiple of the frequency To enable active active operation use the following command enable slb failover Example The following command sets the alive frequency to 5 seconds and the timeout to 10 seconds configure slb alive frequency 5 timeout 10 History This command was first available in ExtremeWare 6 1 Platform Availability This command is avail...

Page 511: ...efault The default dead frequency is 2 seconds Usage Guidelines To enable active active operation use the following command enable slb failover Example The following command sets the dead frequency to 5 seconds configure slb dead frequency 5 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms dead frequency The frequ...

Page 512: ...d manual failback is enabled use this command to force the recovered SLB unit to become the active unit Executing this command does not affect the SLB configuration To enable manual failback use the following command enable slb failover manual failback To disable manual failback use the following command disable slb failover manual failback Example The following command forces SLB to immediately f...

Page 513: ... configure ping check to the remote SLB switch If you configure ping check to the remote SLB switch and the remote switch fails the local switch also fails Example The following command sets the IP address of the remote gateway to 10 10 10 21 with a ping frequency of 5 seconds and a timeout of 10 seconds configure slb failover ping check 10 10 10 21 frequency 5 timeout 10 History This command was ...

Page 514: ...a dedicated layer 2 VLAN to connect the two active active switches Example The following command configures the local SLB switch with an IP address of 10 10 10 22 to direct unit 2 virtual servers to failover to the SLB switch with an IP address of 10 10 10 21 configure slb failover unit 2 remote ipaddress 10 10 10 21 local ipaddress 10 10 10 22 History This command was first available in ExtremeWa...

Page 515: ...ommand when you are sure that you will have a minimum guaranteed number of connections Additional connection blocks are allocated when necessary Do not use this command unless you are absolutely sure that you will use the memory allocated Example The following command allocates memory for 500 connections configure slb global connection block 500 History This command was first available in ExtremeW...

Page 516: ...nsparent and translation modes Syntax Description Default The default is one second Usage Guidelines None Example The following command configures the connection timeout for 50 seconds configure slb global connection timeout 50 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms seconds Specifies the number of second...

Page 517: ... using the upload configuration command and parses a switch generated configuration file using the download configuration command Do not select the encrypted option To enable service checking use the following command enable slb vip service check To configure the frequency and timeout of service checks use the following command configure slb global service check To configure the parameters for a s...

Page 518: ...518 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 519: ...eyond the root directory include the path in the specified URL The maximum length of a URL is 255 characters To enable service checking use the following command enable slb vip service check To configure the frequency and timeout of service checks use the following command configure slb global service check To configure the parameters for a specific virtual server use the following command configu...

Page 520: ...520 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 521: ...ice checking use the following command enable slb vip service check To configure the frequency and timeout of service checks use the following command configure slb global service check To configure the parameters for a specific virtual server use the following command configure slb vip service check ftp Example The following command configures the service check to log into the newsgroup comp dcom...

Page 522: ...tings If you configure any vip persistence ensure that all virtual servers in all pools have the same services Example The following command sets the global persistence level to any vip configure slb global persistence level any vip History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms any vip Specifies that an entry c...

Page 523: ...et the persistence timer use the following command configure slb vip vip name client persistence timeout Example The following command sets the global persistence method to expire at the end of the session configure slb global persistence method per session History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms per pack...

Page 524: ...e the global values using the following command configure slb node ip address ping check The frequency must be less than the timeout If the pinged node does not respond within the specified timeout period three ping intervals by default the node is considered down Shorter ping intervals require more CPU processing Example The following command sets the global ping check frequency to 5 seconds and ...

Page 525: ...ile using the upload configuration command and parses a switch generated configuration file using the download configuration command Do not select the encrypted option To enable service checking use the following command enable slb vip service check To configure the frequency and timeout of service checks use the following command configure slb global service check To configure the parameters for ...

Page 526: ...526 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 527: ... not specified for a specific virtual server the global values are used To set specific frequency and timeout values for a virtual server use the following command configure slb vip vip name service check Shorter intervals require more CPU processing Example The following command sets the service check frequency to 90 seconds and the timeout to 270 seconds configure slb global service check freque...

Page 528: ...service check accesses the service To enable service checking use the following command enable slb vip service check To configure the frequency and timeout of service checks use the following command configure slb global service check To configure the parameters for a specific virtual server use the following command configure slb vip service check ftp Example The following command configures the ...

Page 529: ...e SYN guard use the following command enable slb global synguard SYN guard is automatically enabled if you configure a max unacknowledged SYNs value greater than 0 A max unacknowledged SYNs value of 0 automatically disables SYN guard Example The following command configures the SYN guard feature to age out half open connections from the same source IP address when the number of connections exceeds...

Page 530: ...equency and timeout are not specified for a specific node the global values are used You can configure a node to override the global values using the following command configure slb node ip address L4 port tcp port check To enable TCP port checking use the following command enable slb node tcp port check Example The following command sets the global TCP port check frequency to 15 seconds and timeo...

Page 531: ...on file using the upload configuration command and parses a switch generated configuration file using the download configuration command Do not select the encrypted option To enable service checking use the following command enable slb vip service check To configure the frequency and timeout of service checks use the following command configure slb global service check To configure the parameters ...

Page 532: ...532 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 533: ...ge Guidelines Use this command to configure the IP address before configuring individual health checks Example The following command configures the GoGo mode health check for the group with port 29 as the master port and an IP address of 192 168 200 2 configure slb gogo mode 29 health check 192 168 200 2 History This command was first available in ExtremeWare 6 1 5 Platform Availability This comma...

Page 534: ...igure the IP address on the GoGo mode servers using the following command configure slb gogo mode health check To enable ping check for a GoGo mode group use the following command enable slb gogo mode ping check To disable ping check for a GoGo mode group use the following command disable slb gogo mode ping check Example The following command configures a GoGo mode ping check frequency of 15 secon...

Page 535: ...configure slb gogo mode ping check ExtremeWare 7 7 Command Reference Guide 535 Platform Availability This command is available on all i series platforms ...

Page 536: ...e GoGo mode servers using the following command configure slb gogo mode health check To enable service check for a GoGo mode group use the following command enable slb gogo mode service check To disable service check for a GoGo mode group use the following command disable slb gogo mode service check Example The following command configures GoGo mode service check for the group with port 29 as the ...

Page 537: ...ified URL The maximum length of a URL is 255 characters Before you use this command configure the IP address on the GoGo mode servers using the following command configure slb gogo mode health check To enable service check for a GoGo mode group use the following command enable slb gogo mode service check To disable service check for a GoGo mode group use the following command disable slb gogo mode...

Page 538: ...538 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 539: ...ode servers using the following command configure slb gogo mode health check To enable service check for a GoGo mode group use the following command enable slb gogo mode port number service check To disable service check for a GoGo mode group use the following command disable slb gogo mode port number service check Example The following command configures GoGo mode service check for the group with...

Page 540: ... command configure slb gogo mode health check To enable service check for a GoGo mode group use the following command enable slb gogo mode service check To disable service check for a GoGo mode group use the following command disable slb gogo mode service check Example The following command configures the GoGo mode service check for the group with port 29 as the master port to access the DNS domai...

Page 541: ...s on the GoGo mode servers using the following command configure slb gogo mode health check To enable service check for a GoGo mode group use the following command enable slb gogo mode service check To disable service check for a GoGo mode group use the following command disable slb gogo mode service check Example The following command configures GoGo mode service check for the group with port 29 ...

Page 542: ...le The following command configures GoGo mode FTP service check for the group with port 29 as the master port with a frequency of 15 seconds and a timeout of 45 seconds configure slb gogo mode 29 service check timer ftp frequency 15 timeout 45 History This command was first available in ExtremeWare 6 1 5 port number Specifies the GoGo mode master port all Specifies all service checks ftp Specifies...

Page 543: ...configure slb gogo mode service check timer ExtremeWare 7 7 Command Reference Guide 543 Platform Availability This command is available on all i series platforms ...

Page 544: ...o mode TCP port check for the group with port 29 as the master port configure slb gogo mode 29 tcp port check add ftp History This command was first available in ExtremeWare 6 1 5 port number Specifies the GoGo mode master port ftp Specifies the FTP TCP port check http Specifies the HTTP TCP port check https Specifies the HTTPS TCP port check imap4 Specifies the IMAP4 TCP port check ldap Specifies...

Page 545: ...configure slb gogo mode tcp port check add ExtremeWare 7 7 Command Reference Guide 545 Platform Availability This command is available on all i series platforms ...

Page 546: ...from the GoGo mode TCP port check for the group with port 29 as the master port configure slb gogo mode 29 tcp port check delete ftp History This command was first available in ExtremeWare 6 1 5 port number Specifies the GoGo mode master port ftp Specifies the FTP TCP port check http Specifies the HTTP TCP port check https Specifies the HTTPS TCP port check imap4 Specifies the IMAP4 TCP port check...

Page 547: ...configure slb gogo mode tcp port check delete ExtremeWare 7 7 Command Reference Guide 547 Platform Availability This command is available on all i series platforms ...

Page 548: ...lobal tcp port check The frequency must be less than the timeout port number Specifies the GoGo mode master port ftp Specifies the FTP TCP port check http Specifies the HTTP TCP port check https Specifies the HTTPS TCP port check imap4 Specifies the IMAP4 TCP port check ldap Specifies the LDAP TCP port check nntp Specifies the NNTP TCP port check pop3 Specifies the POP3 TCP port check smtp Specifi...

Page 549: ...de FTP TCP port check for the group with port 29 as the master port with a frequency of 15 seconds and a timeout of 45 seconds configure slb gogo mode 29 tcp port check timer ftp frequency 15 timeout 45 History This command was first available in ExtremeWare 6 1 5 Platform Availability This command is available on all i series platforms ...

Page 550: ... set the timeout values for a wildcard virtual server use a TCP or UDP port number of 0 Example The following command configures the ftp nodes with a TCP idle period of 30 seconds configure slb l4 port ftp treaper timeout 30 ftp Specifies the FTP service http Specifies the HTTP service https Specifies the HTTPS service imap4 Specifies the IMAP4 service ldap Specifies the LDAP service nntp Specifie...

Page 551: ...configure slb L4 port ExtremeWare 7 7 Command Reference Guide 551 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 552: ...a maximum of 10 connections configure slb node 10 1 1 2 80 max connections 10 ip address Specifies the IP address of the node ftp Specifies the FTP TCP port check http Specifies the HTTP TCP port check https Specifies the HTTPS TCP port check imap4 Specifies the IMAP4 TCP port check ldap Specifies the LDAP TCP port check nntp Specifies the NNTP TCP port check pop3 Specifies the POP3 TCP port check...

Page 553: ...gure slb node max connections ExtremeWare 7 7 Command Reference Guide 553 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 554: ... ping check frequency and timeout use the following command configure slb global ping check Example The following command sets the ping check for the node with an IP address of 10 2 1 2 to a frequency of 30 seconds and a timeout of 90 seconds configure slb node 10 2 1 2 ping check frequency 30 timeout 90 History This command was first available in ExtremeWare 6 1 Platform Availability This command...

Page 555: ...ress Specifies the IP address of the node ftp Specifies the FTP TCP port check http Specifies the HTTP TCP port check https Specifies the HTTPS TCP port check imap4 Specifies the IMAP4 TCP port check ldap Specifies the LDAP TCP port check nntp Specifies the NNTP TCP port check pop3 Specifies the POP3 TCP port check smtp Specifies the SMTP TCP port check socks Specifies the SOCKS TCP port check tel...

Page 556: ...P TCP port check for the node with an IP address of 10 2 1 2 to a frequency of 30 seconds and a timeout of 90 seconds configure slb node 10 2 1 2 ftp tcp port check frequency 30 timeout 90 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 557: ... use the same ratio connections are distributed equally among the nodes A ratio of 0 results in no traffic to the node When you pool name Specifies a pool ip address Specifies the IP address of the node ftp Specifies an FTP node http Specifies an HTTP node https Specifies an HTTPS node imap4 Specifies an IMAP4 node ldap Specifies an LDAP node nntp Specifies an NNTP node pop3 Specifies a POP3 node ...

Page 558: ...riority To configure a pool to use the priority load balancing method use the following command configure slb pool pool name lb method priority To change the ratio or priority of a node that is already in a pool use the following command configure slb pool pool name member Example The following command adds the FTP node with an IP address of 10 2 1 2 to the pool ftp and configures the node with a ...

Page 559: ...pool Example The following command deletes the FTP node with an IP address of 10 2 1 2 from the pool ftp configure slb pool ftp delete 10 2 1 2 ftp pool name Specifies a pool ip address Specifies the IP address of the node ftp Specifies an FTP node http Specifies an HTTP node https Specifies an HTTPS node imap4 Specifies an IMAP4 node ldap Specifies an LDAP node nntp Specifies an NNTP node pop3 Sp...

Page 560: ...tremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 561: ...or priority of a node use the following command configure slb pool member Example The following command changes the load balancing method for the pool ftp to ratio configure slb pool ftp lb method ratio History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms pool name Specifies a pool least connections Specifies the leas...

Page 562: ...io or priority use the following command configure slb pool add pool name Specifies a pool ip address Specifies the IP address of the node ftp Specifies an FTP node http Specifies an HTTP node https Specifies an HTTPS node imap4 Specifies an IMAP4 node ldap Specifies an LDAP node nntp Specifies an NNTP node pop3 Specifies a POP3 node smtp Specifies an SMTP node socks Specifies a SOCKS node telnet ...

Page 563: ...wing command changes the priority of the FTP node with an IP address of 10 2 1 2 in the pool ftp to 2 configure slb pool ftp member 10 2 1 2 ftp priority 2 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 564: ...ault N A Usage Guidelines Use this command to force all clients from the specified proxy array to connect to the same physical server Example The following command specifies that the subnet 10 10 10 20 24 should be treated as a single persistent entity configure slb proxy client persistence add 10 10 10 20 24 History This command was first available in ExtremeWare 6 1 Platform Availability This co...

Page 565: ...he virtual server before you use this command To create a virtual server use the following command create slb vip Example The following command configures the virtual server test with a unit number of 3 configure slb vip test unit 3 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms vip name Specifies a virtual serv...

Page 566: ...nds that you specify a short client persistence timeout because longer timeout values consume more memory Example The following command configures the virtual server ftp with a client persistence timeout of 3000 seconds configure slb vip ftp client persistence timeout 3000 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series pl...

Page 567: ...enforced When the maximum number of connections is reached the server stops responding to new requests existing connections are maintained Example The following command sets the maximum connections to the virtual server ftp to 10 configure slb vip ftp max connections 10 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platf...

Page 568: ...obal values specify 0 for frequency and timeout To set the global service check frequency and timeout use the following command configure slb global service check Example The following command sets the service check frequency to 15 and timeout to 45 for the virtual server named ftp configure slb vip ftp service check frequency 15 timeout 45 History This command was first available in ExtremeWare 6...

Page 569: ... it generates an ASCII configuration file using the upload configuration command and parses a switch generated configuration file using the download configuration command Do not select the encrypted option To configure the frequency and timeout of service checks use the following command configure slb global service check To configure the global parameters use the following command configure slb g...

Page 570: ...570 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 571: ...n the URL To check a URL beyond the root directory include the path in the specified URL The maximum length of a URL is 255 characters To configure the frequency and timeout of service checks use the following command configure slb global service check To configure the global parameters use the following command configure slb global http Example The following command configures service check to ac...

Page 572: ...572 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 573: ...e check logs in to the service To configure the frequency and timeout of service checks use the following command configure slb global service check To configure the global parameters use the following command configure slb global nntp Example The following command configures the service check to log into the newsgroup comp dcom lans ethernet on the virtual server called nntpvip configure slb vip ...

Page 574: ...enerates an ASCII configuration file using the upload configuration command and parses a switch generated configuration file using the download configuration command Do not select the encrypted option To configure the frequency and timeout of service checks use the following command configure slb global service check To configure the global parameters use the following command configure slb global...

Page 575: ...configure slb vip service check pop3 ExtremeWare 7 7 Command Reference Guide 575 Platform Availability This command is available on all i series platforms ...

Page 576: ...heck accesses the service To configure the frequency and timeout of service checks use the following command configure slb global service check To configure the global parameters use the following command configure slb global smtp Example The following command configures the service check to access the DNS domain servicecheck domain com on the virtual server named smtpvip configure slb vip smtpvip...

Page 577: ...t generates an ASCII configuration file using the upload configuration command and parses a switch generated configuration file using the download configuration command Do not select the encrypted option To configure the frequency and timeout of service checks use the following command configure slb global service check To configure the global parameters use the following command configure slb glo...

Page 578: ...578 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 579: ...erver originates or could possibly originate connections to other servers Example The following command configures the VLAN client_vlan as a client VLAN configure vlan client_vlan slb type client History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms both Configures the VLAN as both a server and a client VLAN client Con...

Page 580: ...rection policy named http that forwards TCP traffic to 10 1 1 10 port 80 from any source IP address create flow redirect http tcp destination 10 1 1 10 29 ip port 80 source any History This command was available in ExtremeWare 6 1 4 This command was modified in 6 2 to add the tup parameter flow redirect Specifies a flow redirection policy any Forwards traffic using either TCP or UDP on any IP port...

Page 581: ...create flow redirect ExtremeWare 7 7 Command Reference Guide 581 Platform Availability This command is available on all i series platforms ...

Page 582: ...ge the load balancing method of an existing pool use the following command configure slb pool lb method To add a node to the pool and set the ratio or priority use the following command configure slb pool add Example The following command creates the pool named ftp_pool and assigns the priority load balancing method configure slb pool ftp_pool lb method priority History This command was first avai...

Page 583: ... virtual server named ftp_vip with an IP address of 10 10 10 2 in the pool named ftp_pool and assigns the port translation forwarding mode configure slb vip ftp_vip pool ftp_pool mode port translation 10 10 10 2 ftp History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms vip name Specifies a virtual server pool name Spec...

Page 584: ...lt N A Usage Guidelines To rename or modify a flow redirection policy you must delete and recreate the flow redirection policy Example The following command deletes a flow redirection policy named http delete flow redirect http History This command was available in ExtremeWare 6 1 4 Platform Availability This command is available on all i series platforms flow redirect Specifies a flow redirection...

Page 585: ...first delete all virtual servers before deleting the pool To delete a virtual server use the following command delete slb vip Example The following command deletes the pool named http_pool delete slb pool http_pool History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms pool name Specifies a pool all Specifies all pools ...

Page 586: ...ge Guidelines You must use this command to delete all virtual servers from a pool before deleting the pool Example The following command deletes the virtual server named http_vip delete slb vip http_vip History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms vip name Specifies a virtual server all Specifies all virtual s...

Page 587: ...en you create a new flow redirection policy flow redirection is automatically enabled To enable flow redirection use the following command enable flow redirect Example The following command disables flow redirection for all flow policies disable flow redirect all History This command was available in ExtremeWare 6 1 4 Platform Availability This command is available on all i series platforms all Sp...

Page 588: ...g SLB causes the following to occur Closes all connections Withdraws virtual server routes or routes that do not respond with proxy ARP responses of virtual server addresses Disconnects the switch from redundant SLB switches To enable SLB use the following command enable slb Example The following command disables SLB disable slb History This command was first available in ExtremeWare 6 1 Platform ...

Page 589: ... This command has no arguments or variables Default 3DNS is disabled by default Usage Guidelines To enable 3DNS use the following command enable slb 3dns Example The following command disables 3DNS disable slb 3dns iquery client History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 590: ...ption This command has no arguments or variables Default SLB failover is disabled by default Usage Guidelines To enable SLB failover use the following command enable slb failover Example The following command disables SLB failover disable slb failover History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 591: ... command has no arguments or variables Default Manual failback is disabled by default Usage Guidelines To enable manual failback use the following command enable slb failover manual failback Example The following command disables manual failback disable slb failover manual failback History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i ...

Page 592: ...Description This command has no arguments or variables Default Ping check is disabled by default Usage Guidelines To enable ping check use the following command enable slb failover ping check Example The following command disables ping check disable slb failover ping check History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series pl...

Page 593: ...ption This command has no arguments or variables Default SYN guard is disabled by default Usage Guidelines To enable SYN guard use the following command enable slb global synguard Example The following command disables SYN guard disable slb global synguard History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 594: ...nnect the servers they all have identical MAC and IP addresses which can cause VLAN conflicts To enable GoGo mode use the following command enable slb gogo mode Example The following command disables GoGo mode for the group with port 29 as the master port disable slb gogo mode 29 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i se...

Page 595: ...k is disabled by default Usage Guidelines To enable ping check for a GoGo mode group use the following command enable slb gogo mode ping check Example The following command disables GoGo mode ping check for the group with port 29 as the master port disable slb gogo mode 29 ping check History This command was first available in ExtremeWare 6 1 5 Platform Availability This command is available on al...

Page 596: ...ce check Example The following command disables GoGo mode FTP service check for the group with port 29 as the master port disable slb gogo mode 29 service check ftp History This command was first available in ExtremeWare 6 1 5 Platform Availability This command is available on all i series platforms port number Specifies the GoGo mode master port all Specifies all service checks ftp Specifies the ...

Page 597: ... for the group with port 29 as the master port disable slb gogo mode 29 tcp port check all History This command was first available in ExtremeWare 6 1 5 port number Specifies the GoGo mode master port all Specifies all TCP port checks ftp Specifies the FTP TCP port check http Specifies the HTTP TCP port check https Specifies the HTTPS TCP port check imap4 Specifies the IMAP4 TCP port check ldap Sp...

Page 598: ...598 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 599: ...for FTP ports disable slb L4 port ftp History This command was first available in ExtremeWare 6 1 all Specifies all nodes ftp Specifies an FTP node http Specifies an HTTP node https Specifies an HTTPS node imap4 Specifies an IMAP4 node ldap Specifies an LDAP node nntp Specifies an NNTP node pop3 Specifies a POP3 node smtp Specifies an SMTP node socks Specifies a SOCKS node telnet Specifies a telne...

Page 600: ...600 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 601: ...virtual servers associated with that pool are effectively disabled To enable a node use the following command enable slb node all Specifies all nodes ip address Specifies an IP address ftp Specifies an FTP node http Specifies an HTTP node https Specifies an HTTPS node imap4 Specifies an IMAP4 node ldap Specifies an LDAP node nntp Specifies an NNTP node pop3 Specifies a POP3 node smtp Specifies an ...

Page 602: ... Only Example The following command disables all nodes and immediately closes all open connections disable slb node all close connections now History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 603: ...uidelines Ping check is automatically enabled when a node is added to a pool To enable ping check on a node use the following command enable slb node ping check Example The following command disables all ping checks disable slb node all ping check History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms all Specifies all ...

Page 604: ...lowing command disables all TCP port checks disable slb node all tcp port check History This command was first available in ExtremeWare 6 1 all Specifies all nodes ip address Specifies an IP address ftp Specifies an FTP node http Specifies an HTTP node https Specifies an HTTPS node imap4 Specifies an IMAP4 node ldap Specifies an LDAP node nntp Specifies an NNTP node pop3 Specifies a POP3 node smtp...

Page 605: ...disable slb node tcp port check ExtremeWare 7 7 Command Reference Guide 605 Platform Availability This command is available on all i series platforms ...

Page 606: ...has no arguments or variables Default Proxy client persistence is disabled by default Usage Guidelines To enable proxy client persistence use the following command enable slb proxy client persistence Example The following command disables proxy client persistence disable slb proxy client persistence History This command was first available in ExtremeWare 6 1 Platform Availability This command is a...

Page 607: ...all Specifies all virtual servers vip name Specifies a virtual server ip address Specifies an IP address ftp Specifies an FTP virtual server http Specifies an HTTP virtual server https Specifies an HTTPS virtual server imap4 Specifies an IMAP4 virtual server ldap Specifies an LDAP virtual server nntp Specifies an NNTP virtual server pop3 Specifies a POP3 virtual server smtp Specifies an SMTP virtu...

Page 608: ...xample The following command disables the virtual server named ftp_vip and closes all open connections disable slb vip ftp_vip close connections now History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 609: ...bled by default Usage Guidelines To enable client persistence use the following command enable slb vip client persistence Example The following command disables client persistence for the virtual server ftp_vip disable slb vip ftp_vip client persistence History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms all Specifie...

Page 610: ...abled by default Usage Guidelines To enable service check use the following command enable slb vip service check Example The following command disables service check for the virtual server named ftp_vip disable slb vip ftp_vip service check History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms all Specifies all virtual...

Page 611: ...nt tries to connect to a destination IP address the switch directs the client to the same cache server previously used for that destination IP address This helps reduce the amount of duplicated content on cache servers in your network To enable sticky persistence use the following command enable slb vip sticky persistence Example The following command disables sticky persistence for the virtual se...

Page 612: ...the switch to send TCP RST packets to both the clients and the virtual server if the virtual server fails a health check To enable svcdown reset use the following command enable slb vip svcdown reset Example The following command disables svcdown reset for the virtual server named ftp_vip disable slb vip ftp_vip svcdown reset History This command was first available in ExtremeWare 6 1 Platform Ava...

Page 613: ...reate a new flow redirection policy flow redirection is automatically enabled To disable flow redirection use the following command disable flow redirect Example The following command enables flow redirection for all flow policies enable flow redirect all History This command was available in ExtremeWare 6 1 4 Platform Availability This command is available on all i series platforms all Specifies ...

Page 614: ...ookup and connection setup Establishing communication with redundant SLB switches Positively responding to MIB 3DNS and SeeIT requests Before you enable SLB enable IP forwarding on the associated VLANs NOTE SLB cannot be enabled when MPLS or Destination sensitive accounting is enabled or SLPM is active Example The following command enables SLB enable slb History This command was first available in...

Page 615: ...ault Usage Guidelines The following 3DNS global balance modes are supported completion rate global_availability leastcon null packet_rate random ration rr return_to_dns To disable 3DNS use the following command disable slb 3dns Example The following command enables 3DNS enable slb 3dns iquery client History This command was first available in ExtremeWare 6 1 Platform Availability This command is a...

Page 616: ...lover is enabled the primary SLB switch automatically resumes primary status when it becomes active Before you enable SLB failover configure your switches using the following command configure slb failover unit To disable SLB failover use the following command disable slb failover Example The following command enables SLB failover enable slb failover History This command was first available in Ext...

Page 617: ...age Guidelines When manual failback is enabled the primary SLB switch does not automatically resume primary status until you use the following command configure slb failover failback now To disable manual failback use the following command disable slb failover manual failback Example The following command enables manual failback enable slb failover manual failback History This command was first av...

Page 618: ...his command has no arguments or variables Default Ping check is disabled by default Usage Guidelines To disable ping check use the following command disable slb failover ping check Example The following command enables ping check enable slb failover ping check History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 619: ...ion This command has no arguments or variables Default SYN guard is disabled by default Usage Guidelines To disable SYN guard use the following command disable slb global synguard Example The following command enables SYN guard enable slb global synguard History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 620: ...isable GoGo mode use the following command disable slb gogo mode Example The following command enables GoGo mode for the group containing ports 15 17 19 23 and 25 30 with port 29 as the master port enable slb gogo mode 29 grouping 15 17 19 23 25 30 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms port number Speci...

Page 621: ...es the previously configured IP address You must enable GoGo mode for the group before you enable ping check To enable GoGo mode use the following command enable slb gogo mode To disable ping check for a GoGo mode group use the following command disable slb gogo mode ping check Example The following command enables GoGo mode ping check for the group with port 29 as the master port to IP address 10...

Page 622: ...vice check Example The following command enables GoGo mode FTP service check for the group with port 29 as the master port enable slb gogo mode 29 service check ftp History This command was first available in ExtremeWare 6 1 5 Platform Availability This command is available on all i series platforms port number Specifies the GoGo mode master port all Specifies all service checks ftp Specifies the ...

Page 623: ... group with port 29 as the master port enable slb gogo mode 29 tcp port check all History This command was first available in ExtremeWare 6 1 5 port number Specifies the GoGo mode master port all Specifies all TCP port checks ftp Specifies the FTP TCP port check http Specifies the HTTP TCP port check https Specifies the HTTPS TCP port check imap4 Specifies the IMAP4 TCP port check ldap Specifies t...

Page 624: ...624 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 625: ...g command enables SLB for FTP ports enable slb L4 port ftp History This command was first available in ExtremeWare 6 1 ftp Specifies an FTP node http Specifies an HTTP node https Specifies an HTTPS node imap4 Specifies an IMAP4 node ldap Specifies an LDAP node nntp Specifies an NNTP node pop3 Specifies a POP3 node smtp Specifies an SMTP node socks Specifies a SOCKS node telnet Specifies a telnet n...

Page 626: ...626 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 627: ...lb node Example The following command enables all nodes enable slb node all all Specifies all nodes ip address Specifies an IP address ftp Specifies an FTP node http Specifies an HTTP node https Specifies an HTTPS node imap4 Specifies an IMAP4 node ldap Specifies an LDAP node nntp Specifies an NNTP node pop3 Specifies a POP3 node smtp Specifies an SMTP node socks Specifies a SOCKS node telnet Spec...

Page 628: ...tremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 629: ...elines Ping check is automatically enabled when a node is added to a pool To disable ping check on a node use the following command disable slb node ping check Example The following command enables all ping checks enable slb node all ping check History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms all Specifies all nod...

Page 630: ...owing command enables all TCP port checks enable slb node all tcp port check History This command was first available in ExtremeWare 6 1 all Specifies all nodes ip address Specifies an IP address ftp Specifies an FTP node http Specifies an HTTP node https Specifies an HTTPS node imap4 Specifies an IMAP4 node ldap Specifies an LDAP node nntp Specifies an NNTP node pop3 Specifies a POP3 node smtp Sp...

Page 631: ...enable slb node tcp port check ExtremeWare 7 7 Command Reference Guide 631 Platform Availability This command is available on all i series platforms ...

Page 632: ...s no arguments or variables Default Proxy client persistence is disabled by default Usage Guidelines To disable proxy client persistence use the following command disable slb proxy client persistence Example The following command enables proxy client persistence enable slb proxy client persistence History This command was first available in ExtremeWare 6 1 Platform Availability This command is ava...

Page 633: ...l virtual servers vip name Specifies a virtual server ip address Specifies an IP address ftp Specifies an FTP virtual server http Specifies an HTTP virtual server https Specifies an HTTPS virtual server imap4 Specifies an IMAP4 virtual server ldap Specifies an LDAP virtual server nntp Specifies an NNTP virtual server pop3 Specifies a POP3 virtual server smtp Specifies an SMTP virtual server socks ...

Page 634: ...tremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 635: ...e Guidelines To disable client persistence use the following command disable slb vip client persistence Example The following command enables client persistence for the virtual server named ftp_vip enable slb vip ftp_vip client persistence History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms all Specifies all virtual ...

Page 636: ...ormation If a service check is configured for a TCP port number instead of for a service ExtremeWare assigns the service based on the port number if the port number is well known and uses the global default parameters To disable service check use the following command disable slb vip service check Example The following command enables service check for the virtual server ftp_vip enable slb vip ftp...

Page 637: ...ce is disabled by default Usage Guidelines To disable sticky persistence use the following command disable slb vip sticky persistence Example The following command enables sticky persistence for the virtual server ftp_vip enable slb vip ftp_vip sticky persistence History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms al...

Page 638: ...tch to send TCP RST packets to both the clients and the virtual server if the virtual server fails a health check To disable svcdown reset use the following command disable slb vip svcdown reset Example The following command enables svcdown reset for the virtual server named ftp_vip enable slb vip ftp_vip svcdown reset History This command was first available in ExtremeWare 6 1 Platform Availabili...

Page 639: ... check Flow IPSA Mode Displays the IP source address mode Enumeration Mode The default mode used for network masks from 32 to 20 Subnet Mode Used for network masks from 19 to 1 The mode is selected automatically when you specify a network mask Proto Displays the flow type any Forwards any traffic over any IP port tcp Forwards TCP traffic over a single IP port tup Forwards both TCP and UDP traffic ...

Page 640: ... 60 Timeout 180 Flow IPSA Mode Enumeration Mode http1 Proto tcp Dest 0 0 0 0 0 L4 Port 80 Enabled yes Source 0 0 0 0 0 Servers Up 0 1 Service Checking ping IP Address State Flow Info 24 3 89 145 Down 0000 History This command was available in ExtremeWare 6 1 4 Platform Availability This command is available on all i series platforms Service Checking Displays the configured service check type ftp h...

Page 641: ...Description This command has no arguments or variables Default N A Usage Guidelines None Example The following command displays the current 3DNS information show slb 3dns members IP Address Port Encrypt Socket LastUpdated There are no known 3DNS entries in our local iQuery table History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i ser...

Page 642: ... is a wildcard Example The following command displays the current connection information for all connections show slb connections History This command was first available in ExtremeWare 6 1 ip address Specifies an IP address vip name Specifies a virtual server ftp Specifies an FTP port http Specifies an HTTP port https Specifies an HTTPS port imap4 Specifies an IMAP4 port ldap Specifies an LDAP po...

Page 643: ...show slb connections ExtremeWare 7 7 Command Reference Guide 643 Platform Availability This command is available on all i series platforms ...

Page 644: ...mmand has no arguments or variables Default N A Usage Guidelines None Example The following command displays the current ESRP configuration show slb esrp Following is the output from this command VLAN Name SLB Unit Status SLB Unit s servers Standby 1 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 645: ...d status show slb failover Following is the output from this command SLB Failover Configuration Failover Enabled Local unit ID 1 Local IP address 10 1 1 1 Remote IP address 10 1 1 2 TCP port number 1028 Remote Alive frequency 1 Remote Dead frequency 2 Keepalive Timeout 3 Ping check Disabled Ping check IP address 0 0 0 0 Ping frequency 1 Ping timeout 3 Manual failback Disabled SLB Failover Status R...

Page 646: ...646 ExtremeWare 7 7 Command Reference Guide SLB Commands i Series Switches Only Platform Availability This command is available on all i series platforms ...

Page 647: ...al configuration information show slb global Following is the output from this command SLB Enabled SynGuard Disabled 3DNS IQuery Support Status Disabled SLB persist level same vip same port SLB persistence method per session SLB pre allocated connection block size 10000 SLB connection timeout 1 SLB persistence on client proxies Disabled Proxy Client Persistence entries No of Proxy Client Persisten...

Page 648: ...ddress 10 1 1 2 TCP port number 1028 Remote Alive frequency 1 Remote Dead frequency 2 Keepalive Timeout 3 Ping check Disabled Ping check IP address 0 0 0 0 Ping frequency 1 Ping timeout 3 Manual failback Disabled SLB Failover Status Running Units active in local SLB 2 Units active in or requested by remote SLB None Send connection Down Receive connection Down Ping check Not Running History This co...

Page 649: ...ed Example The following command displays the current GoGo mode health check configuration for the group with port 29 as the master port show slb gogo mode 29 configuration The following command displays the current GoGO mode health check configuration for all groups show slb gogo mode No SLB GoGo mode Health Check configured History This command was first available in ExtremeWare 6 1 5 Platform A...

Page 650: ...4 port configuration show slb L4 port Following is the output from this command Port 80 Enabled TCP idle timeout treaper 600 UDP idle timeout 600 History This command was first available in ExtremeWare 6 1 ftp Specifies an FTP port http Specifies an HTTP port https Specifies an HTTPS port imap4 Specifies an IMAP4 port ldap Specifies an LDAP port nntp Specifies an NNTP port pop3 Specifies a POP3 po...

Page 651: ...show slb L4 port ExtremeWare 7 7 Command Reference Guide 651 Platform Availability This command is available on all i series platforms ...

Page 652: ...P Freq TCP UDP Frequency Max Node IP Address Flags Timeout Port Flags Timeout PoolsConns 1 111 1 1 E H 10 30 80 E 30 90 2 no limit 1 111 1 2 E H 10 30 80 E 30 90 2 no limit 1 111 1 3 E H 10 30 80 E 30 90 2 no limit ip address Specifies an IP address ftp Specifies an FTP node http Specifies an HTTP node https Specifies an HTTPS node imap4 Specifies an IMAP4 node ldap Specifies an LDAP node nntp Spe...

Page 653: ...de 653 Flags E Enable U Up R IP Route Up H Health check enabled P Health check passed VLAN not configured with slb type History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 654: ...ence status of existing clients Syntax Description This command has no arguments or variables Default N A Usage Guidelines None Example The following command displays the current persistence status show slb persistence History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 655: ...d ratio_pool show slb pool Following is the output from this command Name IP TCP UDP Ratio IP Flags Port Flags Priority rr_pool VIPs sharing 1 Load Bal Method Round Robin 1 111 1 1 E H 80 E 1 111 1 2 E H 80 E 1 111 1 3 E H 80 E ratio_pool VIPs sharing 1 Load Bal Method Ratio 1 111 1 3 E H 80 E 3 1 111 1 2 E H 80 E 2 1 111 1 1 E H 80 E 1 Flags E Enable U Up R IP Route Up H Health check enabled P He...

Page 656: ...s displayed If you specify vip but do not specify a specific virtual server status for all virtual servers is displayed If you do not specify a pool or virtual server status for all pools and virtual servers is displayed Example The following command displays the current pool connection status for all pools show slb stats pool History This command was first available in ExtremeWare 6 1 Platform Av...

Page 657: ...how slb vip Following is the output from this command Unit Export Servers Name IP Address Port Mode FlagsPool Up Defined vip name Specifies a virtual server ip address Specifies an IP address ftp Specifies an FTP virtual server http Specifies an HTTP virtual server https Specifies an HTTPS virtual server imap4 Specifies an IMAP4 virtual server ldap Specifies an LDAP virtual server nntp Specifies a...

Page 658: ...arent TL Translational PT Port Translational Automatically Exported via PA Proxy Arp HR Host Route SR Subnet Route Flags E Enable U Up A Active Unit H Health Check Enabled P Persistence S Sticky R SvcDown Reset VLAN has not been configured with slb type History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms ...

Page 659: ...elines This command does not delete nodes pools or virtual servers To delete all nodes and pools use the following command delete slb pool all To delete all virtual servers use the following command delete slb vip all Example The following command resets SLB global defaults and clears the SLB configuration unconfigure slb all History This command was first available in ExtremeWare 6 1 Platform Ava...

Page 660: ...check configurations for this GoGo mode group Syntax Description Default N A Usage Guidelines None Example The following command deletes all health check configurations for the GoGo mode group with port 29 as the master port unconfigure slb gogo mode 29 health check History This command was first available in ExtremeWare 6 1 5 Platform Availability This command is available on all i series platfor...

Page 661: ...eck configuration for the GoGo mode group with port 29 as the master port unconfigure slb gogo mode 29 service check ftp History This command was first available in ExtremeWare 6 1 5 Platform Availability This command is available on all i series platforms port number Specifies the GoGo mode master port all Specifies all service checks ftp Specifies the FTP service check http Specifies the HTTP se...

Page 662: ...n Syntax Description Default N A Usage Guidelines None Example The following command disables and deletes the FTP service check configurations for the virtual server named ftp_vip unconfigure slb vip ftp_vip service check History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all i series platforms all Specifies all virtual servers vip name S...

Page 663: ...amp The time when the event occurred Severity level Critical A desired switch function is inoperable The switch may need to be reset Error A problem is interfering with normal operation Warning An abnormal condition exists that may lead to a function failure Notice A normal but significant condition has been detected the system is functioning as expected Info Actions and events are occurring consi...

Page 664: ...ector The algorithm also ensures that the flow records of the ingress direction of a TCP or UDP connection are exported to the same collector For Ethernet applications only ingress traffic is monitored on Ethernet ports By default each Ethernet port configured for flow switching maintains statistics for all the flows traversing the link in the ingress direction Generalized filtering options exist ...

Page 665: ...the show log counters command to show event statistics Viewing and maintaining statistics on a regular basis allows you to see how well your network is performing If you keep simple daily records you will see trends emerging and notice problems arising before they cause major network faults By clearing the counters you can see fresh statistics for the time period you are monitoring Example The fol...

Page 666: ...RAM depending on the switch configuration Upon reboot the switch will not try to bring up a module with an error code so it will be shown in a failed state Use the clear log diag status command to clear the hardware error code so the module can be brought up after the next reboot This command clears the state for all the modules For the BlackDiamond Switches There are three ways to clear the ERR L...

Page 667: ...ption was added in ExtremeWare 7 0 0 The error led option was added in ExtremeWare 7 1 0 The messages option was added in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e The diag status and messages options were added in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 668: ...o get a listing of the event conditions in the system use the following command show log events detail To get a listing of the components present in the system use the following command show log components Example The following command clears the event counters for event conditions of severity error or greater in the component BGP on an i series switch clear log counters BGP severity error event c...

Page 669: ...7 Command Reference Guide 669 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 670: ...y at the direction of Extreme Networks personnel Extreme Networks support personnel can clear the Alpine diagnostics failures from the NVRAM using the following command clear log diag error slot number Example The following command clears the Alpine diagnostics failures from the NVRAM for the module in slot 4 clear log diag remap 4 History This command was first available in ExtremeWare 7 2 0b25 P...

Page 671: ...s personnel Extreme Networks support personnel can clear the packet memory diagnostics failures from the EEPROM using the following command clear log diag remap slot number This command clears any error remapping Example The following command clears the packet memory diagnostics failures from the EEPROM for the module in slot 5 clear log diag remap 5 History This command was first available in Ext...

Page 672: ... Pass Fail Counters Are in HEX Slot Cardtype Cardstate Test Pass Fail Time_last_fail slot 1 Unknown slot 2 Unknown slot 3 FM8V Operational MAC 2b81b 0 slot 4 GM4X Operational MAC 2b81b 0 BPLNE SMMI Operational UART 2b81a 0 BPLNE SMMI Operational FLASH 2b81a 0 BPLNE SMMI Operational SRAM 2b81a 0 BPLNE SMMI Operational NVRAM 2b81a 0 BPLNE SMMI Operational ENET 2b81a 0 BPLNE Basbrd Operational QUAKE ...

Page 673: ...clear transceiver test ExtremeWare 7 7 Command Reference Guide 673 Platform Availability This command is available on i series modular switches only ...

Page 674: ...mes of exported data The distribution algorithm ensures that all the records for a given flow are exported to the same collector The algorithm also ensures that flow records for both the ingress and egress directions of a TCP or UDP connection are exported to the same collector when both flows traverse the same link and both filters are configured to export to the same group Issuing this command a...

Page 675: ...e flowstats export add port ExtremeWare 7 7 Command Reference Guide 675 History This command was first available in ExtremeWare 6 2 Platform Availability This command is available only on the i series platforms ...

Page 676: ...for the PoS module Example The following command removes the flow collector device with IP address 10 205 30 15 using UDP port 2025 from export group 5 on this switch configure flowstats export 5 delete 10 205 30 15 2025 History This command was first available in ExtremeWare 6 2 Platform Availability This command is available only on the i series platforms group Specifies the export group to whic...

Page 677: ...sed as default export group aggregation To reduce the volume of exported data use this optional keyword to maintain a single set of statistics for all the flows that match the specified filter filterspec Specifies a set of five parameters four are value mask pairs that define the criteria by which a flow is evaluated to determine if it should be exported The parameters are dest ip ipaddress_value ...

Page 678: ...equence components can be configured with a single command Examples The following command example configures filter 2 to collect aggregate statistics for all traffic flowing through ports 1 8 from the 192 170 0 0 16 subnet to the 192 171 132 0 24 subnet configure flowstats filter 2 aggregation export 1 ports 1 8 ingress dest ip 192 171 132 0 24 source ip 192 170 0 0 16 dest port 0 0 source port 0 ...

Page 679: ...ault Uses the IP address of the VLAN that has the default route to the flow collector device Usage Guidelines The IP address must have a route to the flow collector device Example The following command specifies that IP address 198 168 100 1 is the source configure flowstats source ipaddress 198 168 100 1 History This command was first available in ExtremeWare 6 2 Platform Availability This comman...

Page 680: ...r the PoS module the minutes parameter is an integer in the range 1 1440 Example The following command configures a timeout value of 15 minutes for ports 1 8 configure flowstats timeout 15 ports 1 8 This means that flow records for these ports will be exported after they have aged 15 minutes History This command was first available in ExtremeWare 6 1 5b20 for the PoS module only This command was f...

Page 681: ...ry debug verbose and debug data In ExtremeWare 7 1 0 the ability to control logging to different targets was introduced The new command equivalent to configure log display is the following configure log target console display severity severity To display the current configuration of the log display use the following command show log configuration target console display Example The following comman...

Page 682: ...682 ExtremeWare 7 7 Command Reference Guide Commands for Status Monitoring and Statistics Platform Availability This command is available on all platforms ...

Page 683: ...ecified The delete keyword is used to remove events from the filter item list that were previously added using the add command All filter items currently in the filter item list that are identical to or a subset of the set of events specified in the delete command will be removed Event Filtering Process From a logical standpoint the filter associated with each enabled log target is examined to det...

Page 684: ...ll can be used as a convenience when delete or exclude is specified The use of delete or exclude with severity all deletes or excludes previously added events of the same component of all severity values NOTE If no severity is specified when delete or exclude is specified severity all is used If the keyword only is present following the severity value then only the events in the specified componen...

Page 685: ...nitions use the following command show log events To see the current configuration of a filter use the following command show log configuration filter filter name Example The following command adds all events in the STP InBPDU component at severity info to the filter called mySTPFilter configure log filter myStpFilter add events stp inbpdu severity info The following command adds events in the STP...

Page 686: ...page 683 for more information about specifying and using filters event conditions and components and the details of the filtering process The discussion here is about the concepts of matching type value pairs to more narrowly define filters Types and Values Each event in ExtremeWare is defined with a message format and zero or more parameter types The show log events detail command on page 804 can...

Page 687: ... a source MAC address and a destination MAC address XYZ event5 will match the filter when the source MAC address matches regardless of the destination MAC address since the event contains no destination MAC address If you specify the strict match keyword then the filter will never match since XYZ event5 does not contain the destination MAC address In other words if the match keyword is specified a...

Page 688: ...ive severity notice configure log bgpFilter add exclude events bgp keepalive severity notice match bgp neighbor 10 1 2 0 24 Filter Optimization As explained for the configure log filter events command each time a configure log filter match command is issued an attempt is made to logically simplify the configuration This simplification extends to cases where one set of match criteria is a superset ...

Page 689: ...ity critical error warning notice and info For any of these events containing a physical port number as a match parameter limit the incidents to only those occurring on physical ports 3 4 and 5 on slot 1 and all ports on slot 2 configure log DefaultFilter add events stp severity info match ports 1 3 1 5 2 You can use the unconfigure log DefaultFilter command to restore the DefaultFilter back to it...

Page 690: ...nd configure log filter bgpFilter2 add events bgp keepalive severity notice use the following command configure log filter bgpFilter2 set severity info events bgp keepalive Using this single command is preferred to using a delete command followed by an add command configure log filter bgpFilter2 delete events bgp keepalive configure log filter bgpFilter2 add events bgp keepalive severity info Usin...

Page 691: ...of the filter item added with this command configure log filter bgpFilter2 add events bgp keepalive severity notice use the following command configure log filter bgpFilter2 set severity info events bgp keepalive History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available...

Page 692: ...o change the severity level of the filter item added with this command configure log slbFilter2 add exclude events slb conn severity notice match source ipaddress 10 1 2 0 24 use the following command configure log slbFilter2 set severity info events events slb conn match source ipaddress 10 1 2 0 24 Using this single command is preferred to using a delete command followed by an add command config...

Page 693: ...ay memory buffer nvram session syslog host name ip udp port local0 local7 To see the current configuration of a filter use the following command show log configuration filter filter name Example To change the severity level of the filter item added with this command configure log filter bgpFilter2 add events bgp keepalive severity notice use the following command configure log filter bgpFilter2 se...

Page 694: ...rget A message is sent to a target if the target has been enabled the message passes the associated filter the message is at least as severe as the configured severity level and the message output matches the regular expression specified By default the memory buffer and the NVRAM targets are enabled For other targets use the command enable log target on page 766 Table 14 describes the default char...

Page 695: ... were stored in NVRAM so they would be available across a reboot This remains the default behavior for ExtremeWare releases but message filtering for the NVRAM target is now configurable Example The following command sends log messages that pass the filter myFilter and are of severity warning and above to the previously configured syslog host at 10 31 8 25 port 8993 and facility local3 configure l...

Page 696: ...n Specifies the current session including console display syslog Specifies a syslog target host name ip Specifies the syslog host name or IP address udp port Specifies the UDP port number for the syslog target local0 local7 Specifies the local syslog facility timestamp Specifies a timestamp formatted to display seconds hundredths or none date Specifies a date formatted as specified or none severit...

Page 697: ...e items and set the format for those items but you cannot vary the order in which the items are assembled When applied to the targets console display or session the format specified is used for the messages sent to the console display or telnet session Configuration changes to the session target be it either a telnet or console display target session are in effect only for the duration of the sess...

Page 698: ...Critical Error Warning Notice Informational Debug Summary Debug Verbose and Debug Data Event Names An event name can be output in the following ways As the component name alone by specifying event name component As component and subcomponent name by specifying event name subcomponent As component and subcomponent name with condition mnemonic by specifying event name condition Event names can be su...

Page 699: ...e off The default setting is source line off Example In the following example the switch generates the identical event from the component SNTP using three different formats Using the default format for the session target an example log message might appear as 05 29 2003 12 15 25 00 Warn SNTP RslvSrvrFail The SNTP server parameter value TheWrongServer example com can not be resolved If you set the ...

Page 700: ...y default targets do not have a match expression Specifying any instead of match expression effectively removes a match expression that had been previously configured causing any message to be sent that has satisfied all of the other requirements To see the configuration of a target use the following command show log configuration target To see the current configuration of a filter use the followi...

Page 701: ...t session if they pass the current filter and severity level and contain the string user5 configure log target session match user5 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 702: ...he message is at least as severe as the configured severity level and the message output matches the regular expression specified See the show log command on page 791 for a detailed description of severity levels To see the current configuration of a target use the following command show log configuration target To see the current configuration of a filter use the following command show log config...

Page 703: ...current session that pass the current filter at a severity level of info or greater configure log target session severity info History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 704: ...ry you can define a specific slot s behavior if an error is discovered To configure the system health check for auto recovery use the configure sys health check auto recovery command The alarm level and auto recovery options are mutually exclusive configuring an alarm level disables auto recovery and configuring auto recovery overrides the alarm level setting offline Specifies that a faulty BlackD...

Page 705: ...e offline slot 1 The following command enables packet memory scanning on the MSM module in slot B and specifies that the module be kept online configure packet mem scan recovery mode online slot msm b History This command was first available in ExtremeWare 6 2 2b108 This command was not supported in ExtremeWare 7 0 This command is supported in ExtremeWare 7 1 0 Platform Availability This command i...

Page 706: ...ss that the sFlow agent uses when sending data Typically you would set this to the IP address used to identify the switch in the network management tools that you use We recommend that you not leave this parameter in its default value One agent per switch is supported Example The following command sets the source IP address to 10 2 0 1 for UDP datagrams sent out by the sFlow agent to the sFlow col...

Page 707: ...r of packets are received This effectively doubles the sampling frequency of all the ports on that slot with a sub sampling factor of 1 The sampling frequency of ports on that slot with a sub sampling factor greater than 1 will not change the sub sampling factor is halved so that the same sample rate applies to that port Use the following command to reset the sFlow backoff threshold value to 0 zer...

Page 708: ...708 ExtremeWare 7 7 Command Reference Guide Commands for Status Monitoring and Statistics Platform Availability This command is available only on the i series platforms ...

Page 709: ...tted to and from the sFlow agent You can configure up to four sFlow collectors Each unique combination of an IP address and a UDP port identifies a collector Using the unconfigure sflow collector command resets the collector parameters to the default NOTE The notation can be used instead of port as in the examples Example The following command specifies that the sFlow agent will send all samples t...

Page 710: ...710 ExtremeWare 7 7 Command Reference Guide Commands for Status Monitoring and Statistics Platform Availability This command is available only on the i series platforms ...

Page 711: ...then sent to the sFlow collector This command is used to set the polling interval The same value is used for all data sources The polling interval applies to each counter separately and the polling is distributed among the counters For example if the polling interval is 20 seconds and there are two counters data is collected alternately every 10 seconds Example The following command sets the polli...

Page 712: ... This command configures the rate at which the sFlow agent collects network traffic samples One sample per number of packets received is sent to the sFlow collector If the sample rate is set to 0 zero no samples are sent to the collector Example The following command sets the sample rate to one packet out of every 10000 configure sflow sample rate 10000 History This command was first available in ...

Page 713: ...cover from a hung state that is due to multicast or broadcast storms This recovery mechanism does not provide recovery from a physical hardware failure log Posts a CRIT message to the syslog card reset Shuts down an I O module and brings it up again After three resets the I O module is taken off line Shuts down an MSM NOTE This option is available only on BlackDiamond switches card offline Checks ...

Page 714: ...stics Example The following command sets a switch to reset an I O module with a processor in a hang state configure sys hardwre recovery card reset History This command was first available in ExtremeWare 7 6 Platform Availability This command is available only on the i series platforms ...

Page 715: ...ompleted by performing a checksum To configure a separate system health checker response for just the MSMs use the configure sys health check alarm level msm command By isolating faults to a specific module or backplane connection the system health checker prevents corrupted packets from being propagated to the CPU upper layer modules or the rest of your network If you observe a failure please con...

Page 716: ...undant system If you are using ESRP with ESRP diagnostic tracking enabled in your configuration a system health check failure automatically reduces the ESRP priority of the system to the configured failover priority This allows the healthy standby system to take over ESRP and become responsible for handling traffic I O module faults are permanently recorded on the module s EEPROM A module that has...

Page 717: ... module the system health checker prevents corrupted packets from being propagated to the CPU upper layer modules or the rest of your network If you observe a failure please contact Extreme Technical Support Depending on how you have configured the system health checker failed system health checks may generate critical error messages in the syslog and may also send a trap and or shut down the syst...

Page 718: ...sable the health checker use the disable sys health check command The alarm level system down option is especially useful in an ESRP configuration where the entire system is backed by an identical system By powering down the faulty system you ensure that erratic ESRP behavior in the faulty system does not affect ESRP performance and ensures full system failover to the redundant system If you are u...

Page 719: ...packets from being propagated to the CPU upper layer modules or the rest of your network If you observe a failure please contact Extreme Technical Support Depending on how you have configured the system health checker failed system health checks can generate critical error messages in the syslog and can also send a trap and or shut down the system The system health checker continues to periodicall...

Page 720: ...eight defects are detected Three consecutive checksum errors were detected by the health checker but no new defects were found by the memory scanning and mapping process After defects were detected and mapped out the same checksum errors are again detected by the system health checker The auto recovery repetition value is ignored in these cases In any of these cases please contact Extreme Technica...

Page 721: ...if you use the run diagnostics command Example The following command configures the system health checker to try ten times to bring a faulty MSM back on line configure sys health check auto recovery 10 History This command was first available in ExtremeWare 6 1 9 The system health check functionality was modified in ExtremeWare 6 2 1 to support packet memory defect detection and mapping on selecte...

Page 722: ...imply to reset the module without running diagnostics configure system health check scan recovery reset remap Entering this command generates the following message This command should only be used at the direction of Extreme Personnel Do you wish you continue y n Answering y immediately implements the change Answering n implements no change and returns you to the command line Use the reset option ...

Page 723: ... recovery ExtremeWare 7 7 Command Reference Guide 723 History This command was first available in ExtremeWare 7 2 0b25 Platform Availability This command is available only on i series switches other than the BlackDiamond 6816 switch ...

Page 724: ... shut down if a critical task exception occurs Critical tasks include the tBGTask tNetTask tEdpTask and tESRPTask none Configures the level to no recovery No action is taken when a task exception occurs there is no system shutdown or reboot all Configures ExtremeWare to log an error into the syslog and either shutdown or reboot the system after any task exception occurs critical Configures Extreme...

Page 725: ...switch Examples The following command configures a switch to reboot after a critical task exception occurs configure sys recovery level critical reboot The following command configures the Master MSM to failover to the Slave MSM if a software exception occurs configure sys recovery level critical msm failover History This command was first available in ExtremeWare 6 1 Modified in ExtremeWare 6 2 t...

Page 726: ...ssages in a wrap around memory buffer which may cause you to lose valuable information once the buffer becomes full The remote syslog server does not overwrite log information and can store messages in non volatile files disks for example Syslog is disabled by default The enable syslog command must be issued for messages to be sent to the remote syslog server s A total of four syslog servers can b...

Page 727: ... 123 45 67 78 local1 critical configure syslog add 123 45 67 78 local1 critical History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 728: ... a remote syslog server target Example The following command deletes the remote syslog server with an IP address of 10 0 0 1 configure syslog delete 10 0 0 1 local1 History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms host name ip Specifies the remot...

Page 729: ...lusive configuring an alarm level disables auto recovery and configuring auto recovery overrides the alarm level setting By default the switch checks for errors within the last eight 20 second windows Use the configure transceiver test window command to modify the number of windows To determine if you have the transceiver test enabled and the failure action the switch takes use the show switch com...

Page 730: ...onitoring and Statistics The default for this command was changed to log in ExtremeWare 6 2 2b134 This command was not supported in ExtremeWare 7 0 This command is supported in ExtremeWare 7 1 0 Platform Availability This command is available only on modular switches ...

Page 731: ...d to 11 seconds or less can affect system performance therefore Extreme Networks does not recommend changing the default transceiver test period The default is adequate for most networks Example The following command configures the transceiver test to run every 15 seconds configure transceiver test period 15 History This command was first available in ExtremeWare 6 2 2b108 This command was not sup...

Page 732: ...n be brought off line Extreme Networks does not recommend changing the default transceiver test threshold parameter The default parameter is adequate for most networks Example The following command configures the switch to accept 4 errors before an action is taken configure transceiver test threshold 4 History This command was first available in ExtremeWare 6 2 2b108 This command was not supported...

Page 733: ...ight 20 second windows To determine the number of errors the switch accepts before it takes action use the configure transceiver test threshold command Extreme Networks does not recommend changing the default transceiver test window parameter The default parameter is adequate for most networks Example The following command configures the switch to check for errors within the last seven 20 second w...

Page 734: ... customized Therefore the create log filter command can be used to create a filter other than DefaultFilter As its name implies DefaultFilter initially contains the default level of logging in which every ExtremeWare component and subcomponent has a pre assigned severity level If you need to create another filter similar to an existing filter use the copy option to populate the new filter with the...

Page 735: ...create log filter ExtremeWare 7 7 Command Reference Guide 735 Platform Availability This command is available on all platforms ...

Page 736: ...a target To remove that association associate the target with DefaultFilter instead of the filter to be deleted using the following command configure log target target filter DefaultFilter Example The following command deletes the filter named fdb2 delete log filter fdb2 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in Extre...

Page 737: ... telnet or the local console After you disable configuration logging no further changes are logged to the system log To view the status of configuration logging on the switch use the show management command The show management command displays information about the switch including the enable disable state for configuration logging Example The following command disables the logging of CLI configur...

Page 738: ...only on the i series switches Syntax Description This command has no arguments or variables Default Disabled Usage Guidelines When this feature is disabled no flow records are exported Example The following command disables the NetFlow statistics feature on this switch disable flowstats History This command was first available in ExtremeWare 6 2 Platform Availability This command is available only...

Page 739: ... identify the particular filter that is being disabled One of either the ingress or egress keywords are required for SONET ports Example The following command disables filter 3 for ports 1 8 on an i series switch disable flowstats filter 3 ports 1 8 The following command example disables ingress filter 2 on port 1 of the PoS module installed in slot 8 of the BlackDiamond switch disable flowstats f...

Page 740: ...itoring and Statistics History This command was first available in ExtremeWare 6 1 5b20 for the PoS module only This command was modified in ExtremeWare 6 2 to support all i series platforms Platform Availability This command is available only on the i series platforms ...

Page 741: ...fault Disabled Usage Guidelines On the PoS module if you do not include a group number ping check is disabled for all export groups The group number is not optional for other Extreme i series devices Example The following command disables the ping check function for all export groups disable flowstats ping check History This command was first available in ExtremeWare 6 2 Platform Availability This...

Page 742: ... to use the bridging control protocol BCP Also there are no configuration restrictions that prohibit enabling of the flow statistics function on ports that are not configured to use IPCP statistics are not collected on those ports Example The following command disables NetFlow statistics for ports 1 8 on this switch disable flowstats ports 1 8 History This command was first available in ExtremeWar...

Page 743: ...logging debug messages which can severely degrade performance For typical network device monitoring debug mode should remain disabled the default setting Debug mode should only be enabled when you are advised to do so by technical support or when advanced diagnosis is required The debug mode setting is saved to FLASH Example The following command disables debug mode disable log debug mode History ...

Page 744: ...sole This command setting is saved to FLASH and determines the initial setting of the console display at boot up In ExtremeWare 7 1 0 the ability to control logging to different targets was introduced The new command equivalent to disable log display is the following disable log target console display Example The following command disables the log display disable log display History This command w...

Page 745: ...e not saved in FLASH Changes to the other targets are saved to FLASH In earlier versions of ExtremeWare a similar command was used to disable displaying the log on the console That command disable log display is equivalent to disable log target console display Example The following command disables log messages to the current session disable log target session History This command was first availa...

Page 746: ...746 ExtremeWare 7 7 Command Reference Guide Commands for Status Monitoring and Statistics Platform Availability This command is available on all platforms ...

Page 747: ...r its delta value In addition alarm thresholds may be auto calibrated or set manually Events The Events group creates entries in an event log and or sends SNMP traps to the management workstation An event is triggered by an RMON alarm The action taken can be configured to ignore it to log the event to send an SNMP trap to the receivers listed in the trap receiver table or to both log and send a tr...

Page 748: ...riables Default Disabled Usage Guidelines This command disables sFlow globally on the switch This command does not disable sFlow if it is enabled on individual ports Before executing this command you must first disable per port sFlow using the following command disable sflow ports Example The following command disables sFlow sampling globally disable sflow History This command was first available ...

Page 749: ...er of packets sent to the sFlow collector in a second To set the backoff threshold use the following command configure sflow backoff threshold If the number of packets sent to the collector exceeds the limit set by the configure sflow backoff threshold command the sampling rate is doubled The backoff threshold is enabled when the enable sflow backoff threshold command is executed and the sample ra...

Page 750: ...ling stop on that port If sFlow is disabled globally all sampling and polling stops Use the following command to disable sFlow globally disable sflow Sampling and polling must first be stopped on every port using the disable sflow ports command before all ports can be disabled globally with the disable sflow command Example The following command disables sFlow sampling on port 3 1 disable sflow po...

Page 751: ...s command is available only on the i series switches Syntax Description This command has no arguments or variables Default The polling mechanism is disabled by default Usage Guidelines N A Example The following command configures a passive mode for the system hardware recovery mechanism disable sys hardware recovery polling History This command was first available in ExtremeWare 7 5 Platform Avail...

Page 752: ...itches Syntax Description This command has no arguments or variables Default Enabled Usage Guidelines If the system health checker is disabled it does not test I O modules MSM modules and the backplane for system faults Example The following command disables the BlackDiamond system health checker disable sys health check History This command was first available in ExtremeWare 6 2 Platform Availabi...

Page 753: ... Disables logging to all remote syslog server targets but not to the switch targets This setting is saved in FLASH and will be in effect upon boot up Example The following command disables logging to all remote syslog server targets disable syslog History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Avail...

Page 754: ...to the syslog If you have already enabled temperature logging and you want to view the current temperature of the system do the following 1 Disable the temperature logging feature using the following command disable temperature logging 2 Re enable the temperature logging feature using the following command enable temperature logging 3 Display the syslog using the following command show log Example...

Page 755: ...disable temperature logging ExtremeWare 7 7 Command Reference Guide 755 Platform Availability This command is available on modular switches only ...

Page 756: ...t output Transceiver Diag Enabled Failure action log only To display the transceiver test statistics use the show diagnostics sys health check command The following is sample output Transceiver system health diag result Pass Fail Counters Are in HEX all Specifies all of the slots in the chassis slot number Specifies a single slot in the chassis backplane Specifies the backplane of the chassis NOTE...

Page 757: ... or immediately after you enable the test For ExtremeWare 6 2 2b134 and ExtremeWare 7 1 0 The default for the transceiver test is disabled If you load your saved ExtremeWare 6 2 2b108 configurations onto a switch with ExtremeWare 6 2 2b134 or ExtremeWare 7 1 0 or later the transceiver test is enabled You must manually disable the transceiver test if you want the feature disabled Example The follow...

Page 758: ...s the user account name that performed the changes and the source IP address of the client if Telnet was used Configuration logging applies only to commands that result in a configuration change To view the status of configuration logging on the switch use the show management command The show management command displays information about the switch including the enable disable state for configurat...

Page 759: ...nd is available only on the i series switches Syntax Description This command has no arguments or variables Default Disabled Usage Guidelines None Example The following command enables NetFlow statistics feature on this switch enable flowstats History This command was first available in ExtremeWare 6 2 Platform Availability This command is available on i series platforms ...

Page 760: ...ameter and either the ingress or egress keyword are used to identify the particular filter that is being disabled One of either the ingress or egress keywords are required for SONET ports Example The following command enables filter 3 for ports 1 8 on the switch enable flowstats filter 3 ports 1 8 History This command was first available in ExtremeWare 6 1 5b20 for the PoS module only This command...

Page 761: ...enable flowstats filter ports ExtremeWare 7 7 Command Reference Guide 761 Platform Availability This command is available on i series platforms ...

Page 762: ...sts it is temporarily removed from the distribution list for any export groups of which it is a member The device will be returned to the distribution list automatically when subsequent ping checks are successful On the PoS module if you do not include a group number ping check is enabled for all export groups Example The following command enables the ping check function for export group 3 enable ...

Page 763: ...use the bridging control protocol BCP Also there are no configuration restrictions that prohibit enabling of the flow statistics function on ports that are not configured to use IPCP statistics are not collected on those ports Example The following command enables the ping check function for all export groups enable flowstats ping check History This command was first available in ExtremeWare 6 1 5...

Page 764: ...d prior to logging debug messages which can severely degrade performance For typical network device monitoring debug mode should remain disabled the default setting Debug mode should only be enabled when advised by technical support or when advanced diagnosis is required The debug mode setting is saved to FLASH Example The following command enables debug mode enable log debug mode History This com...

Page 765: ...ing the configure log display or configure log target console display commands In ExtremeWare 7 1 0 the ability to control logging to different targets was introduced The new command equivalent to enable log display is the following enable log target console display To change the log filter association severity threshold or match expression for messages sent to the console display use the configur...

Page 766: ...ay or telnet session and are not saved in FLASH Others are saved in FLASH In earlier versions of ExtremeWare a similar command was used to enable displaying the log on the console That command enable log display is equivalent to enable log target console display Example The following command enables log messages on the current session enable log target session History This command was first availa...

Page 767: ...enable log target ExtremeWare 7 7 Command Reference Guide 767 Platform Availability This command is available on all platforms ...

Page 768: ...MON variable Both rising and falling thresholds are supported and thresholds can be on the absolute value of a variable or its delta value In addition alarm thresholds may be auto calibrated or set manually Events The Events group creates entries in an event log and or sends SNMP traps to the management workstation An event is triggered by an RMON alarm The action taken can be configured to ignore...

Page 769: ...ormation about the switch including the enable disable state for RMON polling Example The following command enables the collection of RMON statistics on the switch enable rmon History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 770: ...o arguments or variables Default Disabled Usage Guidelines This command enables sFlow globally on the switch You must enable sFlow globally before you can enable a per data source sFlow To enable a per data flow sFlow use the following command enable sflow ports portlist Example The following command enables sFlow sampling globally enable sflow History This command was first available in ExtremeWa...

Page 771: ...nd To set the backoff threshold use the following command configure sflow backoff threshold If the number of packets sent to the collector exceeds the limit set by the configure sflow backoff threshold command the sampling rate is doubled The backoff threshold is enabled when the enable sflow backoff threshold command is executed and the sample frequency set by the configure sflow sample rate comm...

Page 772: ...so enable sFlow globally to gather statistics and send the data to the collector Traffic is sampled on enabled ports only After sFlow is enabled both globally and on the specified ports sampling and polling begin Use the following command to enable sFlow globally enable sflow Example The following command enables sFlow sampling on the port 3 1 enable sflow portlist 3 1 History This command was fir...

Page 773: ... for a system with such a hung state Example The following command sets the a BlackDiamond switch to reset an I O module with a processor in a hang state configure sys hardware recovery card reset log Posts a CRIT message to the syslog card reset Shuts down an I O module and brings it up again After three resets the I O module is taken off line and placed in a failed state Shuts down an MSM NOTE T...

Page 774: ...re 7 7 Command Reference Guide Commands for Status Monitoring and Statistics History This command was first available in ExtremeWare 7 6 Platform Availability This command is available only on the i series platforms ...

Page 775: ...ly on the i series switches Syntax Description Default The default value is 30 seconds Usage Guidelines The value set by this command is valid only when the hardware recovery mechanism is enabled in active polling mode Example The following command sets the polling interval to 160 seconds configure sys hardware recovery poll interval 160 History This command was first available in ExtremeWare 7 6 ...

Page 776: ...ommand is available only on the i series switches Syntax Description This command has no arguments or variables Default The polling mechanism is disabled by default Usage Guidelines N A Example The following command enables the active polling mode for the system hardware recovery mechanism enable sys hardware recovery polling History This command was first available in ExtremeWare 7 5 Platform Ava...

Page 777: ... may generate critical error messages in the syslog and may also send a trap and or shut down the system The system health checker will continue to periodically forward test packets to failed components If auto recovery is configured the system will attempt to automatically reset the faulty module and bring it back online In ExtremeWare versions prior to 6 2 you cannot use both mirroring and the s...

Page 778: ...re 7 7 Command Reference Guide Commands for Status Monitoring and Statistics History This command was first available in ExtremeWare 6 2 Platform Availability This command is available on BlackDiamond switches only ...

Page 779: ... remote logging by using the enable syslog command Configure remote logging by using the configure syslog command When you use the enable syslog command the exporting process of the syslog begins This command also determines the initial state of an added remote syslog target Example The following command enables logging to all remote syslog hosts enable syslog History This command was first availa...

Page 780: ... 01 19 2006 18 42 47 58 Info TRXDIAG Current temperature reading 0 is 39C 01 19 2006 17 42 47 58 Info TRXDIAG Current temperature reading 0 is 39C To clear all of the log statistics including the system temperature output use the clear log command Since the temperature is recorded based on the time you enabled temperature logging it may take up to one hour for a new temperature to be recorded to t...

Page 781: ... This command was first available in ExtremeWare 6 2 2b108 This command was not supported in ExtremeWare 7 0 The command was supported and the syntax changed from enable log temperature in ExtremeWare 7 1 0 Platform Availability This command is available on modular switches only ...

Page 782: ...e transceivers To determine if you have the transceiver test enabled and the failure action the switch takes use the show switch command The following is sample transceiver test output Transceiver Diag Enabled Failure action log only all Specifies all of the slots in the chassis slot number Specifies a single slot in the chassis backplane Specifies the backplane of the chassis NOTE This option is ...

Page 783: ...fault for the transceiver test is enabled The test is enabled two minutes after the switch boots or immediately after you enable the test For ExtremeWare 6 2 2b134 and ExtremeWare 7 1 0 The default for the transceiver test is disabled If you load your saved ExtremeWare 6 2 2b108 configurations onto a switch with ExtremeWare 6 2 2b134 or ExtremeWare 7 1 0 or later the transceiver test is enabled Yo...

Page 784: ...s the log to a local file For more details on most of the options of this command see the command show log on page 791 and for the format option see the command configure log target format on page 696 local filespec Specifies the local file name for storing the log messages Specifies the location from which to display the log messages memory buffer Show messages stored in volatile memory nvram Sho...

Page 785: ...r or critical severity to the filename switch4warn log save log switch4warn log warning The following command saves messages starting August 1 ending August 31 containing the string slot 2 in order of oldest to newest to the filename switch4aug03 log save log switch4aug03 log starting date 8 1 ending date 8 31 match slot 2 History This command was first available in ExtremeWare 7 1 0 Platform Avai...

Page 786: ...ntax The following information is displayed Whether the flowstats feature is enabled or disabled Whether flowstats is enabled or disabled for individual ports The configuration of flow collector devices NetFlow Server Config NetFlow Timeout configurations Whether NetFlow Filters are enable or disabled NetFlow filter specifications NetFlow ping check configuration Example The show flowstats command...

Page 787: ...TCP 5 32 N A EIA DestIP 10 0 1 1 255 255 255 254 DestPort any SrcIP 10 201 32 1 255 255 255 255 SrcPort any Flags E Enable D Disable I Ingress S Egress A Aggregation History This command was first available in ExtremeWare 6 2 Platform Availability This command is available on i series platforms ...

Page 788: ...disabled Whether flowstats is enabled or disabled for the specified port NetFlow Timeout configuration for the port Whether NetFlow Filters are enable or disabled for the port NetFlow filter specifications for the port Example The following command displays statistics for ports 1 40 and 48 Summit48i show flowstats 1 40 48 Flowstats enabled Port Filter proto timeout group OverflowPkts flags 1 3 IP ...

Page 789: ...IA DestIP 10 201 26 0 255 255 255 0 DestPort any SrcIP 10 201 31 0 255 255 255 0 SrcPort any Flags E Enable D Disable I Ingress S Egress A Aggregation History This command was first available in ExtremeWare 6 2 Platform Availability This command is available on i series platforms ...

Page 790: ...ormation is displayed Whether the flowstats feature is enabled or disabled The configuration of flow collector devices for the export group NetFlow Server Config NetFlow ping check configuration Example The following command displays detailed configuration information for export group 1 show flowstats export 1 detail Group 1 ping check enable Source ip_address 10 201 26 217 ip_address 10 201 31 23...

Page 791: ...ong with the time hours minutes seconds and hundredths Severity Level indicates the urgency of a condition reported in the log Table 15 describes the severity levels assigned to events messages Specifies the target location from which to display the log messages memory buffer Show messages stored in volatile memory default nvram Show messages stored in NVRAM severity Specifies the minimum severity...

Page 792: ...ts and match expression if specified If the format phrase is specified this format overrides the format already configured for the specified log See the command configure log target format on page 696 for more information on specifying a format If a match phrase is specified the formatted message must match the simple regular expression specified by match expression for it to be shown A simple reg...

Page 793: ...cy were deprecated The equivalent level is critical Level Description Critical A serious problem has been detected which is compromising the operation of the system and that the system can not function as expected unless the situation is remedied The switch may need to be reset Error A problem has been detected which is interfering with the normal operation of the system and that the system is not...

Page 794: ...chronological option This command was modified in ExtremeWare 7 1 0 to include the messages severity only starting ending match and format options This command was added to the Summit e series of switches in ExtremeWare 7 1e This command was modified in ExtremeWare 7 2e to include the messages severity only starting ending chronological match and format options In ExtremeWare 7 3e the Summit 300 4...

Page 795: ...e Flap Dampening Error Event BGP Finite State Machine Error Keepalive BGP Keepalive Messages Error Message BGP Messages Open Update Notification Error Misc BGP Miscellaneous Import Aggregate NextHop Error UpdateIn BGP Incoming Update Messages Error UpdateOut BGP Outgoing Update Messages Error Bridge Layer 2 Bridging Error Learning Layer 2 Bridge Learning Error EAPS Ethernet Automatic Protection Sw...

Page 796: ...m EMS Error OSPF Open Shortest Path First Error Event OSPF Events Error Hello OSPF Hello Error LSA OSPF Link State Advertisement Error Neighbor OSPF Neighbor Error SPF OSPF Shortest Path First Error SNTP Simple Network Time Protocol Warning STP Spanning Tree Protocol STP Error InBPDU STP In BPDU subcomponent Warning OutBPDU STP Out BPDU subcomponent Warning System STP System subcomponent Error His...

Page 797: ...isplayed Example The following command displays the configuration of all the log targets show log configuration The output produced by the command is similar to the following Severities Critical Error Warning Notice Info Debug Summary Debug Verbose Debug Data Log Target session 1028 10 38 0 42 Enabled no Filter Name DefaultFilter Severity info through critical Match none Format MM DD YYYY HH MM SS...

Page 798: ...mmands for Status Monitoring and Statistics The additional EMS information was added in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 799: ...Include E Exclude Component Unreg Component Subcomponent is not currently registered Severity Values C Critical E Error W Warning N Notice I Info Debug Severity S Debug Summary V Debug Verbose D Debug Data Caution Debug Severities require enable log debug mode Parameter Flags S Source D Destination as applicable I Ingress E Egress B BGP Parameter Types Port Physical Port list Slot Physical Slot MA...

Page 800: ...ning events from the STP component The severity value is show as indicating that the component s default severity threshold controls which messages are passed History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 801: ...d Example The following command displays the log configuration show log configuration target History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms console display Show the log configuration for the console display memory buffer Show the log configur...

Page 802: ...s filtered or not This command also displays a reference count the column titled Rf in the output The reference count is the number of enabled targets receiving notifications of this event See the command show log on page 791 for more information about severity levels To get a listing of the event conditions in the system use the following command show log events To get a listing of the components...

Page 803: ...he event condition PDUDrop in the component STP InBPDU show log counters STP InBPDU PDUDrop The output produced by the above command is similar to the following Comp SubComp Condition Severity Rf Notified Occurred STP InBPDU PDUDrop Error 1 0 0 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availa...

Page 804: ...parameters are replaced by the value of the parameters when the message is generated To get a listing of the components present in the system use the following command show log components Example The following command displays the event conditions of severity debug summary or greater in the component STP InBPDU show log events stp inbpdu severity debug summary The output produced by the above comm...

Page 805: ...g events stp inbpdu pdutrace detail The output produced by the above command is similar to the following Comp SubComp Condition Severity Parameters STP InBPDU PDUTrace Info 2 Total 0 string 1 ports Port 1 0 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on al...

Page 806: ...nt memory both free and allocated memory used by the system and the users Cumulative memory both free and allocated memory used by the users Software packet memory statistics including the type of packet the number of allocated and free packets the number of packet failures and data and other blocks Memory utilization statistics including the total blocks of memory available and the memory being u...

Page 807: ...Command Reference Guide 807 History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 808: ...stem health check Auto recovery settings for slots that have packet memory scanning enabled Example The following command displays the settings for each slot that has packet memory scanning enabled show packet mem scan recovery mode The following is sample output from this command Global sys health check online setting is ONLINE slot 3 AUTORECOVERY MODE is OFFLINE MSM B AUTORECOVERY MODE is ONLINE...

Page 809: ...show packet mem scan recovery mode ExtremeWare 7 7 Command Reference Guide 809 Platform Availability This command is available on BlackDiamond switches only ...

Page 810: ...pport personnel can capture corrupted packet data to help in troubleshooting problems using the following command show packet miscompare slot number verbose Example The following command captures corrupted packet data for the module in slot 5 show packet miscompare 5 History This command was first available in ExtremeWare 7 2 0b25 Platform Availability This command is available on i series platfor...

Page 811: ...D The link is disabled at this port Not Present NP The link is not present at this port Receive Bad CRC Frames RX CRC The total number of frames received by the port that were of the correct length but contained a bad FCS value Receive Oversize Frames RX Over The total number of good frames received by the port greater than the supported maximum length of 1 522 bytes Receive Undersize Frames RX Un...

Page 812: ...ive error statistics for slot 1 ports 1 through 3 on a modular switch show ports 1 1 1 3 rxerrors The following command displays receive error statistics for slot 1 ports 1 through 3 on a modular switch show ports 1 1 1 3 rxerrors The output of either command is similar to Port Rx Error Monitor Sun Sep 12 14 53 17 2004 Port Link Rx Rx Rx Rx Rx Rx Rx Status CRC Over Under Frag Jabber Align Lost 1 A...

Page 813: ...show ports rxerrors ExtremeWare 7 7 Command Reference Guide 813 Platform Availability This command is available on all platforms ...

Page 814: ...d at this port Not Present NP The link is not present at this port Transmitted Packet Count Tx Pkt Count The number of packets that have been successfully transmitted by the port Transmitted Byte Count Tx Byte Count The total number of data bytes successfully transmitted by the port Received Packet Count Rx Pkt Count The total number of good packets that have been received by the port mgmt Specifi...

Page 815: ...a stand alone switch show ports 1 3 stats The following command displays port statistics for slot 1 ports 1 through 3 on a modular switch show ports 1 1 1 3 stats The following command displays port statistics for all ports show ports stats The output produced by the show ports stats command is similar to the following Port StatisticsThu Jul 8 09 50 50 2004 PortLinkTx PktTx ByteRx PktRx ByteRxRx S...

Page 816: ...mmand was modified in ExtremeWare 4 0 to support modular switches This command was modified in Extreme 4 1 to discontinue support for the chassis link status indicator This command was added to the Summit e series of switches in ExtremeWare 7 1e This command was modified in ExtremeWare 7 3 0 to include the cable diagnostics keyword Platform Availability This command is available on all platforms ...

Page 817: ...Active A The link is present at this port Disabled D The link is disabled at this port Not Present NP The link is not present at this port Transmit Collisions TX Coll The total number of collisions seen by the port regardless of whether a device connected to the port participated in any of the collisions Transmit Late Collisions TX Late Coll The total number of collisions that have occurred after ...

Page 818: ...ugh 3 on a modular switch show ports 1 1 1 3 txerrors The output produced by the show ports txerrors command is similar to the following Port Tx Error Monitor Thu Dec 27 19 19 07 2001 Port Link Tx Tx Tx Tx Tx Tx Status Coll Late Coll Deferred Error Lost Parity 1 A 0 0 0 0 0 0 2 R 0 0 0 0 0 0 3 R 0 0 0 0 0 0 4 R 0 0 0 0 0 0 5 R 0 0 0 0 0 0 6 R 0 0 0 0 0 0 7 R 0 0 0 0 0 0 8 R 0 0 0 0 0 0 Link Status...

Page 819: ...show ports txerrors ExtremeWare 7 7 Command Reference Guide 819 Platform Availability This command is available on all platforms ...

Page 820: ...rage once for every rate number of packets BackOff Threshold Enabled or disabled Used to limit the number of packets sent to the collector in a second BackOff Threshold No of Samples Configured threshold used to limit the number of packets sent to the collector in a second Configured Agent IP IP address of the operational sFlow agent Collectors Collected packet samples will be sent to this list of...

Page 821: ...es 50 SFLOW Configured Agent IP 10 201 6 100 Collectors Collector IP 10 201 6 250 Port 6343 Collector IP 123 124 125 111 port 6344 SFLOW Port Configuration Port Status 3 9enabled 3 10enabled 3 11enabled 3 12enabled 5 33enabled 5 34enabled 5 35enabled 5 36enabled History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on i series platforms ...

Page 822: ...rames received on sFlow enabled ports Sampled Frames Number of frames scheduled for sending to collector s Transmitted Frames Number of UDP packets sent to remote collector s Broadcast Frames Number of broadcast frames received on sFlow enabled ports Multicast Frames Number of multicast frames received on sFlow enabled ports Packet Drops Number of samples dropped Zero Sampling rate No Receivers Ex...

Page 823: ...remeWare 7 7 Command Reference Guide 823 Packet Drops 0 Zero Sampling rate 0 No Receivers 0 History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on i series platforms ...

Page 824: ...he switch CPU Serial Number A collection of numbers and letters that make up the serial number of the CPU running in the switch A rev number may also be listed Image The ExtremeWare software version currently running on the switch If you have two software images downloaded on the switch only the currently running ExtremeWare version information is displayed The information displayed includes the v...

Page 825: ...age Extremeware Version 6 2 0 Build 60 by Release_Master 09 21 0120 53 17 BootROM 7 2 Using the detail option in the show version command produces output similar to the following on a BlackDiamond switch Chassis MSM64 801000 07 9946F00987 MSM A MSM64i MSM B MSM64i 701021 08 0023F25758 SLOT 1 F48Ti 701026 03 0003Y00043 SLOT 2 G8Xi 701024 04 9949Y00055 SLOT 3 F32T 701005 09 9946F25172 SLOT 4 Empty S...

Page 826: ...826 ExtremeWare 7 7 Command Reference Guide Commands for Status Monitoring and Statistics Platform Availability This command is available on all platforms ...

Page 827: ...filter specification this effectively disables this filter on all ports for which it was configured Example The following command resets the values for filter 4 on slot 1 port s 2 and 3 unconfigure flowstats filter 4 ports 1 2 1 3 History This command was first available in ExtremeWare 6 2 Platform Availability This command is available on i series platforms filter Specifies the filter specificati...

Page 828: ... collection on these ports nor does it affect the configured export destinations Example The following command resets the flow statistics configuration parameters for port 1 of slot 8 to their default values unconfigure flowstats ports 8 1 History This command was first available in ExtremeWare 6 1 5b20 for the PoS module This command was modified in ExtremeWare 6 2 to support all i series platfor...

Page 829: ...er this command sets the filter to have no events configured and therefore no incidents will pass This is the configuration of a newly created filter that was not copied from an existing one See the delete log filter command for information about deleting a filter Example The following command sets the log filter myFilter to stop passing any events unconfigure log filter myFilter History This comm...

Page 830: ...ondition host name off priority off tag id off tag name off sequence number off process name off process id off source function off source line off The following defaults apply to syslog targets per RFC 3164 timestamp seconds date mmm dd console display Specifies the console display format memory buffer Specifies the switch memory buffer format nvram Specifies the switch NVRAM format session Speci...

Page 831: ... off Usage Guidelines Use this command to reset the target format to the default format Example The following command sets the log format for the target session the current session to the default unconfigure log target session format History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This...

Page 832: ...ou have the system health check alarm level configured individual packet memory scanning is ignored Example The following command disables packet memory scanning on a module installed in slot 1 unconfigure packet mem scan recovery mode slot 1 The following command disables packet memory scanning on the MSM module installed in slot B unconfigure packet mem scan recovery mode slot msm b History This...

Page 833: ...unconfigure packet mem scan recovery mode ExtremeWare 7 7 Command Reference Guide 833 Platform Availability This command is available on BlackDiamond switches only ...

Page 834: ...hes Syntax Description This command has no arguments or variables Default The default IP address is 0 0 0 0 Usage Guidelines This command resets the sFlow agent IP address to its default value Example The following command resets the source IP address to 0 0 0 0 for UDP datagrams sent out by the sFlow agent unconfigure sflow agent History This command was first available in ExtremeWare 7 3 0 Platf...

Page 835: ...old feature is used to limit the number of packets sent to the sFlow collector in a second To set the backoff threshold use the following command configure sflow backoff threshold If the number of packets sent to the collector exceeds the limit set by the configure sflow backoff threshold command the sampling rate will be doubled The backoff threshold is enabled when the enable sflow backoff thres...

Page 836: ...switches Syntax Description Default N A Usage Guidelines This command removes the IP address of one or all configured sFlow collectors No counters or flow samples will be sent to these collectors Example The following command removes IP addresses of all configured sFlow collectors unconfigure sflow collector all History This command was first available in ExtremeWare 7 3 0 Platform Availability Th...

Page 837: ...only on the i series switches Syntax Description This command has no arguments or variables Default N A Usage Guidelines This command removes a previously configured hardware recovery mechanism for systems with a hung processor chip Example The following command removes the configured system hardware recovery mechanism unconfigure sys hardware recovery History This command was first available in E...

Page 838: ...igure a health check alarm level response for MSMs that is different from the response configured for the backplane and other modules This command removes such a health check alarm level configuration that has previously been set for MSMs To configure a health check alarm level response for MSMs use the configure sys health check alarm level msm command Example The following command returns the sw...

Page 839: ...r errors within the last eight 20 second windows and sends messages to the syslog To configure the number of windows the switch waits to check for errors use the configure transceiver test window command To modify how the switch responds if too many failures are detected use the configure transceiver test failure action command Example The following command returns the switch to its default of sen...

Page 840: ...en the switch can be brought off line Configuring the transceiver test period to 11 seconds or less can affect system performance therefore Extreme Networks does not recommend changing the default transceiver test period The default is adequate for most networks Example The following command returns the transceiver test period to 12 seconds unconfigure transceiver test period History This command ...

Page 841: ... Default N A Usage Guidelines Use this feature when the switch can be brought off line Extreme Networks does not recommend changing the default transceiver test period The default is adequate for most networks Example The following command returns the transceiver test threshold to 3 errors unconfigure transceiver test threshold History This command was first available in ExtremeWare 6 2 2b108 This...

Page 842: ...ught off line This configuration provides a sliding window When you return to the default window the switch checks for errors within the last eight 20 second windows Extreme Networks does not recommend changing the default transceiver test window The default is adequate for most networks Example The following command returns the transceiver test window to eight 20 second windows configure transcei...

Page 843: ... file on the TFTP server you specify For more details on host name ip Specifies the TFTP server filename Specifies the file name for the log stored on the TFTP server messages Specifies the location from which to display the log messages memory buffer Show messages stored in volatile memory nvram Show messages stored in NVRAM severity Specifies the minimum severity level to display if the keyword ...

Page 844: ...and uploads messages with warning error or critical severity to the filename switch4warn log on TFTP server at 10 31 8 25 upload log 10 31 8 25 switch4warn log warning The following command uploads messages starting August 1 ending August 31 containing the string slot 2 in order of oldest to newest to the filename switch4aug03 log on TFTP server at 10 31 8 25 upload log 10 31 8 25 switch4aug03 log...

Page 845: ...lists also referred to as access lists or ACLs consist of IP access rules They are used to perform packet filtering and forwarding decisions on incoming traffic Each packet arriving on an ingress port is compared to the access list in sequential order and is either forwarded to a specified QoS profile or dropped Using access lists has no impact on switch performance Access lists are typically appl...

Page 846: ... you can set a timer on the learned addresses that limits the length of time the learned addresses will be maintained if devices are disconnected or become inactive Commands for this function are described in this chapter SSH Secure Shell 2 SSH2 is a feature of ExtremeWare that allows you to encrypt session data between a network administrator using SSH2 client software and the switch or to send e...

Page 847: ...N after authentication has been completed successfully This mode is for the roaming user who will not always be using the same port for authentication Campus mode requires a DHCP server and a RADIUS server configured for Extreme network login ISP mode used when the port and VLAN used will remain constant All network settings are configured for that VLAN A DHCP server is included to support network...

Page 848: ... the Altitude 300 wireless port 802 1x Authentication 802 1x authentication PEAP EAP TTLS EAP TLS Web based network login http and https based user authentication The unified structure simplifies security policies without compromising protection and provides the following benefits Single user experience Same authentication procedures for wired and wireless users Unified management Single managemen...

Page 849: ...ated state The port will be moved to its original VLAN if configured in campus mode Example The following example clears the network login state of port 9 in VLAN corp clear netlogin state port 9 vlan corp History This command was first available in ExtremeWare 7 0 0 The MAC states were not cleared by this command until ExtremeWare 7 1 0 This command was added to the Summit e series of switches in...

Page 850: ...DB the port is put back to its original VLAN for campus mode and the port state is set to unauthenticated if this was the last authenticated MAC on this port Example The following example resets the network login session for the supplicant with the MAC address of 00 e0 18 01 32 1f clear netlogin state mac address 00 e0 18 01 32 1f History This command was first available in ExtremeWare 7 1 0 This ...

Page 851: ...ny specification The per entry attribute takes effect only if the access profile mode is none Otherwise the overall access profile type takes precedence ip address mask Specifies an IP address and mask as an entry in the profile list exact Specifies that an exact match with address and mask will be performed Subnets within the address range will not match entry against entry path expression Specif...

Page 852: ...fies an IPX netID and mask as an entry in the profile list NOTE This option is available only on i series switches sap_type service_name Specifies an IPX SAP service type and service name as an entry in the profile list NOTE This option is available only on i series switches vlan Specifies a VLAN name as an entry in the profile list NOTE This option is supported only on BlackDiamond 6800 MSM32 run...

Page 853: ... 2 8 and ending with either AS number 11 13 or 15 configure access profile AS1 add 15 permit as path 1 2 8 11 13 15 History A limited version of this command was first available in ExtremeWare 4 0 This form of the command was available in ExtremeWare 6 1 Support for IPX NetID and IPX SAP matching was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in Ex...

Page 854: ...ccess profile AS1 configure access profile AS1 delete 15 History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms access profile Specifies an access profile name seq number Specifies the order of the entry within the access profile If no sequence number ...

Page 855: ...file no_subnet_33 mode deny The following command specifies that the access profile no_subnet_33 uses per entry access control configure access profile no_subnet_33 mode none History This command was first available in ExtremeWare 4 0 The per entry access control was added in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This co...

Page 856: ...sions can be configured for RADIUS authentication independently of the management session authentication method TACACS authentication cannot be used with network login The following types of management sessions can be configured Telnet SSH Console HTTP If local authentication is configured for management sessions users are authenticated through the local user database even if RADIUS or TACACS is e...

Page 857: ...configure auth mgmt access local ExtremeWare 7 7 Command Reference Guide 857 Platform Availability This command is available on all platforms ...

Page 858: ...rvers are not configured The following types of management sessions can be configured Telnet SSH Console HTTP If you are using RADIUS authentication servers you should only use RADIUS accounting servers for accounting management sessions RADIUS authentication servers should be configured before configuring RADIUS accounting servers for management sessions Example In the following example managemen...

Page 859: ...configure auth mgmt access radius ExtremeWare 7 7 Command Reference Guide 859 Platform Availability This command is available on all platforms ...

Page 860: ... given primary and secondary RADIUS servers are not configured or if RADIUS authentication is not configured for management sessions Example The following example shows the configuration of primary and secondary RADIUS servers with the specified IP addresses configure auth mgmt access radius accounting primary 192 168 14 12 secondary 192 168 14 55 History This command was first available in Extrem...

Page 861: ...essions can be configured Telnet SSH Console HTTP If you are using TACACS authentication servers you should only use TACACS accounting servers for accounting management sessions TACACS authentication servers should be configured before configuring TACACS accounting servers for management sessions Example In the following example management sessions for both the primary and secondary servers are co...

Page 862: ...862 ExtremeWare 7 7 Command Reference Guide Security Commands Platform Availability This command is available on all platforms ...

Page 863: ...onfigured The following types of management sessions can be configured Telnet SSH Console HTTP If you are using TACACS authentication servers you should only use TACACS accounting servers for accounting management sessions TACACS authentication servers should be configured before configuring TACACS accounting servers for management sessions Example In the following example management sessions for ...

Page 864: ...864 ExtremeWare 7 7 Command Reference Guide Security Commands Platform Availability This command is available on all platforms ...

Page 865: ...tlogin sessions can be configured Dot1x based netlogin Web based netlogin If you are using RADIUS authentication servers you should only use RADIUS accounting servers for accounting management sessions RADIUS authentication servers should be configured before configuring RADIUS accounting servers for management sessions Examples In the following example both primary and secondary RADIUS servers ar...

Page 866: ...s of netlogin sessions can be configured Dot1x based netlogin Web based netlogin If you are using RADIUS authentication servers you should only use RADIUS accounting servers for accounting management sessions RADIUS authentication servers should be configured before configuring RADIUS accounting servers for management sessions Example This example configures both primary and secondary RADIUS accou...

Page 867: ...eshold a hardware ACL is created that blocks the traffic for the timeout number of seconds Example The following command configures a threshold of 3000 or more packets configure cpu dos protect alert threshold 3000 History This command was first available in ExtremeWare 6 2 2 The filter type allowed keyword was added in ExtremeWare 7 0 0 This command was added to the Summit e series of switches in...

Page 868: ... default is 10 Usage Guidelines When heavy traffic reaches the alert threshold a hardware ACL is created that blocks the traffic for the timeout number of seconds Example The following command configures filter precedence of 5 configure cpu dos protect filter precedence 5 History This command was first available in ExtremeWare 6 2 2 The filter type allowed keyword was added in ExtremeWare 7 0 0 Th...

Page 869: ...t threshold a hardware ACL is created that blocks the traffic for the timeout number of seconds Example The following command specifies that source ACLs can be created configure cpu dos protect filter type allowed source History This command was first available in ExtremeWare 6 2 2 The filter type allowed keyword was added in ExtremeWare 7 0 0 This command was added to the Summit e series of switc...

Page 870: ...ault is on Usage Guidelines None Example The following command sets messaging to be off configure cpu dos protect messages off History This command was first available in ExtremeWare 6 2 2 The filter type allowed keyword was added in ExtremeWare 7 0 0 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms on Tu...

Page 871: ...t is 4000 Usage Guidelines None Example The following command configures a notice threshold of 2000 configure cpu dos protect notice threshold 2000 History This command was first available in ExtremeWare 6 2 2 The filter type allowed keyword was added in ExtremeWare 7 0 0 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available o...

Page 872: ... a hardware ACL is created that blocks the traffic for the timeout number of seconds Example The following command configures timeout of 10 seconds configure cpu dos protect timeouts 10 History This command was first available in ExtremeWare 6 2 2 The filter type allowed keyword was added in ExtremeWare 7 0 0 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Av...

Page 873: ...o be trusted configure cpu dos protect trusted ports all The following command adds port 1 4 to the trusted list configure cpu dos protect trusted ports add 1 4 The following command deletes ports 1 4 and 1 5 from the trusted list configure cpu dos protect trusted ports delete 1 4 1 5 History This command was first available in ExtremeWare 6 2 2 The filter type allowed keyword was added in Extreme...

Page 874: ... ports You can also use it to identify layer 3 misses to the CPU or when too many IP multicasts are coming on a port Examples The following example configures an alert threshold of 500 packets on port 8 every 3 seconds config cpu dos protect port 8 disable alert threshold 500 interval time 3 History This command was first introduced in ExtremeWare 7 2e Platform Availability This command is availab...

Page 875: ...e denial of service protection to only a few of the ports on a switch Use the all parameter then use the command configure cpu dos protect trusted ports delete port number to set ports that should not be trusted that denial of service protection should be applied to Example The following command configures a port as trusted so that denial of service protection is not applied to port 3 configure cp...

Page 876: ...mn Example The following command configures the aging time on port 2 to 100 seconds configure enhanced dos protect ipfdb agingtime 100 ports 2 History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e Platform Availability This command is available on all platforms aging Specifies the number of seconds for the aging time per port The aging value is the software cache timeo...

Page 877: ... IPFDB entries according to the cache size limit Use this command to set the cache size to a value other than the default value of 256K Use the following command to reset the cache size to the 256K default value unconfigure enhanced dos protect cache size Example The following command configures the cache size at 512K configure enhanced dos protect ipfdb cache size 512 History This command was fir...

Page 878: ...mand unconfigure enhanced dos protect ipfdb learn limit Example The following command configures the learn limit on port 3 at 75 packets within the learning window before the IPFDB entry is created configure enhanced dos protect ipfdb learn limit 75 ports 3 History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e Platform Availability This command is available on all plat...

Page 879: ...ommand show enhanced dos protect ipfdb ports portlist Example The following command configures the learn window on port 2 at 80 seconds configure enhanced dos protect ipfdb learn window 80 ports 2 History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e Platform Availability This command is available on all platforms learn window Specifies the number of seconds for the le...

Page 880: ... port use the following command show enhanced dos protect rate limit ipfdb ports portlist Example The following command configures a range of ports as trusted so that enhanced denial of service protection is not applied to ports 2 through 4 configure enhanced dos protect ports trusted 2 4 History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e Platform Availability This ...

Page 881: ...ting threshold on port 3 to 200 packets configure enhanced dos protect rate limit threshold 200 ports 3 The following command sets the rate limiting drop probability on port 4 to 60 percent threshold Specifies the number of packets allowed on a given port within the learning window before the rate limit is applied The valid value range is 100 1953125 The default on Fast Ethernet ports is 100 packe...

Page 882: ...s 2 and 3 to 90 seconds configure enhanced dos protect rate limit learn window 90 ports 2 3 The following command sets the rate limiting protocol to all packet types on ports 1 through 3 configure enhanced dos protect rate limit protocol all ports 1 3 History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 883: ...escription Default The default length of the subnet lookup mask is 24 bits Usage Guidelines For a new setting to be effective system rebooting is needed Example The following example changes the length of the IPDA subnet lookup mask to 18 bits configure ip subnet lookup maskbits 18 History This command was first available in ExtremeWare 7 0 0 Platform Availability This command is available on i se...

Page 884: ... enable the lockdown timer use the enable mac lockdown timeout ports command Example The following example sets a MAC address lockdown timeout duration of 300 seconds for ports 3 4 and 5 configure mac lockdown timeout ports 3 5 aging time 300 History This command was first available in ExtremeWare 7 5 Platform Availability This command is available on all platforms portlist Specifies one or more p...

Page 885: ...clients will be aged out Syntax Description Default The default is 5 minutes Usage Guidelines Example The following example configures the aging time as 1 minute for the network login configure netlogin agingtime 60 History This command was first available in ExtremeWare 7 7 Platform Availability This command is available on all platforms seconds Sets the length of the timeout value in seconds Def...

Page 886: ...ed base URL which is the DNS name for the switch You must configure a DNS name of the type www xx xx xxx or xx xx xxx This command applies only to the web based authentication mode of network login Example The following example configures the base URL as access net configure netlogin base url access net History This command was first available in ExtremeWare 7 0 This command was added to the Summi...

Page 887: ...ifferent guest VLAN Example The following example configures a guest VLAN named visit for all ports configure netlogin dot1x guest vlan visit The following example configures a guest VLAN named visit for ports 3 and 5 configure netlogin dot1x guest vlan visit ports 3 5 History This command was first available in ExtremeWare 7 6 Platform Availability This command is available on all platforms excep...

Page 888: ...conds Usage Guidelines The supplicant response timeout value is a global setting that is applicable for all ports Example The following example configures a supplicant response timer of 60 seconds configure netlogin dot1x timers supplicant response timeout 60 History This command was first available in ExtremeWare 7 7 Platform Availability This command is available on all platforms supplicant resp...

Page 889: ...e the port is moved to the guest VLAN Syntax Description Default The default value is 30 seconds Usage Guidelines The supplicant response timeout value is a global setting that is applicable for all the guest VLAN enabled ports Example The following example configures a supplicant response timer of 60 seconds configure netlogin dot1x guest vlan supplicant response timeout 60 History This command w...

Page 890: ...890 ExtremeWare 7 7 Command Reference Guide Security Commands ...

Page 891: ... If no mask is specified the default mask ff ff ff ff ff ff will be assigned to the MAC entry If a password is not configured locally the user name sent in the RADIUS Access Request is used as the password Example The following example adds a MAC address mask pair to the table used for authentication and defines a password configure netlogin mac address 00 11 33 55 77 99 mask ff ff ff ff ff 00 png...

Page 892: ...ed network login an authentication message RADIUS Access Request message is sent from the RADIUS client to the RADIUS server for validation This command specifies the maximum number of times the RADIUS client tries again if the validation request fails After the third retry the authentication attempt times out Example The following example sets a retry count of 8 configure netlogin mac auth retry ...

Page 893: ... mechanism periodically sends a RADIUS Access Request message to the RADIUS server to reauthenticate the port This command specifies the number of seconds between successive reauthentication messages Example The following example sets a reauthentication period of 300 seconds configure netlogin mac reauth period 300 History This command was first available in ExtremeWare 7 4 Platform Availability T...

Page 894: ...ation then base page redirection configured on the RADIUS server takes priority over this configuration You must configure a complete URL starting from either http or https This command applies only to the web based authentication mode of network login Example The following example configures the redirect URL as http www extremenetworks com configure netlogin redirect page http www extremenetworks...

Page 895: ...ure a specific reauthentication interval other than the default for dot1x You can also use this command to disable reauthentication by setting the timer value to zero Example The following example configures a reauthentication interval of 4800 seconds configure netlogin dot1x timers reauth period 4800 History This command was first available in ExtremeWare 7 6 Platform Availability This command is...

Page 896: ... user name authentication and CLI command authentication Example The following command configures the primary RADIUS server on host radius1 using the default UDP port 1645 for use by the RADIUS client on switch 10 10 20 30 configure radius primary server radius1 client ip 10 10 20 30 History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switch...

Page 897: ...configure radius server ExtremeWare 7 7 Command Reference Guide 897 Platform Availability This command is available on all platforms ...

Page 898: ...d primary and secondary RADIUS authentication servers You must configure the RADIUS server first before configuring the shared secret for a specific server Example The following command configures the shared secret as purplegreen on the primary RADIUS server configure radius primary shared secret purplegreen History This command was first available in ExtremeWare 4 1 This command was added to the ...

Page 899: ...e configures a timeout interval of 10 seconds for the primary RADIUS authentication server After 30 seconds three attempts the alternate RADIUS server is used After 50 seconds five attempts local user authentication is used configure radius primary timeout 10 This example configures a timeout interval of 10 seconds for RADIUS secondary server 192 168 4 4 authentication After 30 seconds three attem...

Page 900: ...900 ExtremeWare 7 7 Command Reference Guide Security Commands Platform Availability This command is available on all platforms ...

Page 901: ...e following command configures RADIUS accounting on host radius1 using the default UDP port 1646 for use by the RADIUS client on switch 10 10 20 30 configure radius accounting primary server radius1 client ip 10 10 20 30 History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is ava...

Page 902: ...figure the RADIUS accounting server first before configuring the shared secret for a specific server Example The following command configures the shared secret as purpleaccount on the primary RADIUS accounting server configure radius accounting primary shared secret purpleaccount History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switches i...

Page 903: ...ple configures the timeout interval for RADIUS accounting authentication to 10 seconds on the primary server After 30 seconds three attempts the alternate RADIUS server is used configure radius accounting primary timeout 10 This example configures the timeout interval for RADIUS accounting authentication to 10 seconds for the secondary server After 30 seconds three attempts the alternate RADIUS se...

Page 904: ...words specify how packets are to be routed for route map matched IP prefixes If the lpm routing property is added to a route map packets are forwarded to the IP prefixes next hop by the ARM MPLS module using LPM routing If the set iphost routing property is added to a route map packets are forwarded to the IP prefixes next hop using the Inferno hardware host based IP FDB The set lpm routing keywor...

Page 905: ...es configure route map bgp out add 10 deny The following command adds an entry to the route map named bgp out that will be evaluated after the previous entry and that permits all matching routes configure route map bgp out add 20 permit History This command was first available in ExtremeWare 6 1 Platform Availability This command is available only on the i series platforms ...

Page 906: ... and set statements have been evaluated Example The following command adds a goto statement to entry 25 in route map map1 that causes evaluation control to transfer to route map map2 configure route map map1 25 add goto map2 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available only on the i series platforms route map The name of the route map ...

Page 907: ...tes should be matched community access profile Specifies a BGP community access profile against which the community attribute should be matched as_number number Specifies a BGP community number specified in as_number number format against which the community attribute should be matched community Specifies a BGP community number specified as an unsigned 32 bit integer in decimal format against whic...

Page 908: ...uccess If an entry has no match statements the entry is always considered a successful match Example The following command adds a statement to entry 10 in route map bgp out that matches the NLRI against the access profile named iplist configure bgp out 10 add match nlri list iplist The following command adds a statement to entry 15 in route map bgp out that matches the AS path attribute against th...

Page 909: ...fied BGP community number specified in as_number number format in the path attribute community Sets the community in the path attribute to the specified BGP community number specified as an unsigned 32 bit integer in decimal format no export Sets the community in the path attribute to the no export attribute no advertise Sets the community in the path attribute to the no advertise attribute no exp...

Page 910: ...et med 200 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available only on the i series platforms next hop ipaddress Sets the next hop in the path attribute to the specified IP address internal When used in the BGP neighbor output route map sets the MED attribute to a value equal to the metric to reach the nexthop med_number Sets the MED attribut...

Page 911: ...elines None Example The following command removes the entry with sequence number 20 from the route map named bgp out configure route map bgp out delete 20 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available only on the i series platforms route_map The name of the route map to which this entry should be added seq_number Specifies a sequence nu...

Page 912: ...e following command deletes the goto statement from entry 25 in route map map1 that specifies transfer to route map map2 configure route map map1 25 delete goto map2 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available only on the i series platforms route_map The name of the route map from which this statement should be deleted seq_number The ...

Page 913: ...er The sequence number of the entry in the route map from which this statement should be deleted nrli_access_profile Specifies an NRLI list access profile as_access_profile Specifies an AS path access profile as number Specifies an AS number com_access_profile Specifies a BGP community access profile as_number number Specifies a BGP community number in as_number number format community Specifies a...

Page 914: ...from entry 15 in route map bgp out that specifies that the access profile aslist should be used to match the AS path configure bgp out 15 add match as path access profile aslist History This command was first available in ExtremeWare 6 1 Platform Availability This command is available only on the i series platforms ...

Page 915: ...er Specifies a BGP community number in as_number number format community Specifies a BGP community number as an unsigned 32 bit integer in decimal format no export Specifies the no export attribute no advertise Specifies the no advertise attribute no export subconfed Specifies the no export subconfed attribute remove Specifies removing the community attribute add delete as_access_profile Specifies...

Page 916: ...on the i series platforms add delete med_number Specifies add or delete of the specified value to or from the MED local preference number Specifies a local preference number weight number Specifies a weight associated with the NLRI origin igp egp incomplete Specifies the origin tag tag_number Specifies the tag in the route to the specified number accounting index index_number Specifies the index n...

Page 917: ...c tagged or untagged If neither option is specified explicitly user traffic is sent tagged By default a remote connect Altitude 300 AP sends user traffic tagged If the remote connect Altitude 300 AP is connected to the rest of the network through an edge switch that does not have the VLAN tag defined the edge switch will drop this user traffic since the VLAN tag is unknown To handle this situation...

Page 918: ... AP can send the user traffic untagged configure security profile open auth default user vlan open vlan untagged History This command was first available in ExtremeWare 6 2a It was added to the e series in 7 3e and to the i series in 7 3 0 In 7 6 the option to specify tagged or untagged was added Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and ...

Page 919: ...etwork authentication is imposed dot1x Specifies that 802 1x network authentication is used mac radius Specifies MAC level authentication using the RADIUS server web based Specifies use of network login for authentication wpa Specifies WPA1 authentication with RADIUS wpa psk Specifies WPA1 authentication with pre shared keys wpa2 Specifies 802 11i WPA2 authentication with RADIUS wpa2 psk Specifies...

Page 920: ... command was first available in ExtremeWare 6 2s open web based Choices none wep64 wep128 open mac radius Choices none wep64 wep128 open dot1x Choices wep64 wep128 open wpa Choices tkip aes aes tkip open wpa psk Choices tkip aes aes tkip open wpa2 Choices aes open wpa2 psk Choices aes shared none Choices wep64 wep128 shared web based Choices wep64 wep128 shared mac radius Choices wep64 wep128 Dot1...

Page 921: ...urity profile dot11 auth network auth encryption ExtremeWare 7 7 Command Reference Guide 921 Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine 3800 switches ...

Page 922: ...Change timers only when you do not want the keys to be updated frequently Example The following command sets the interval for updating keys to 29 minutes in the security profile called open profile configure security profile open profile dot1x wpa timers group update timer 29 History This command was first available in ExtremeWare 6 2a It was added to the e series in 7 3e and to the i series in 7 ...

Page 923: ... to change WPA and dot1x key update time values Change timers only when you do not want the keys to be updated frequently Examples The following example sets the interval for updating keys to 60 minutes configure security profile open profile dot1x wpa timers pairwise update timer 60 History This command was first available in ExtremeWare 6 2a It was added to the e series in 7 3e and to the i seri...

Page 924: ...ty profile Change timers only when you do not want the client to be re authenticated frequently Examples The following command sets the re authentication interval for clients to 2 minutes configure security profile open profile dot1x wpa timers reauth period 120 History This command was first available in ExtremeWare 6 2a It was added to the e series in 7 3e and to the i series in 7 3 0 Platform A...

Page 925: ...mes can be shared across wireless ports and interfaces Example The following example assigns the name shared_ess to the security profile shared auth config security profile shared auth ess name shared_ess History This command was first available in ExtremeWare 6 2a It was added to the e series in 7 3e and to the i series in 7 3 0 Platform Availability This command is available on the Summit 300 48...

Page 926: ...nfiguration changes take effect immediately and are propagated to all ports sharing the named profile If the command fails none of the changes is propagated to any of the ports Example The following command configures the security profile called secure1 not to publish the SSID in the beacon configure security profile secure1 ssid in beacon off History This command was first available in ExtremeWar...

Page 927: ...able is set to N no the user will be placed in the VLAN indicated by default user vlan regardless of any VSAs from the RADIUS server NOTE In systems with the Basic software license i series or Edge software license e series users are placed in the VLAN indicated default user vlan regardless of the VSAs pushed back from the RADIUS server Use the following command to configure the default user vlan ...

Page 928: ...928 ExtremeWare 7 7 Command Reference Guide Security Commands Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine 3800 switches ...

Page 929: ...and are propagated to all ports sharing the named profile If the command fails none of the changes is propagated to any of the ports The index value is used when a user sets the WEP key using the following command configure security profile wep key add Examples The following example sets the index of the WEP key to 3 configure security profile wep secure wep default key index 3 History This comman...

Page 930: ...o on Plaintext does not mean passphrase Configuration changes take effect immediately and are propagated to all ports sharing the named profile If the command fails none of the changes is propagated to any of the ports Examples The following example adds the first WEP key 0 with the hexadecimal encryption code 1234567891 configure security profile wep secure wep key add 0 hex 1234567891 History Th...

Page 931: ... changes take effect immediately and are propagated to all ports sharing the named profile If the command fails none of the changes is propagated to any of the ports Example The following example deletes the first WEP key 0 configure security profile wep secure wep key delete 0 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e and to the i series in 7 3...

Page 932: ... Examples The following example configures the WPA pre shared key abcdefgh for the security profile sec_prof1 configure security profile sec_prof1 wpa psk passphrase abcdefgh History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e and to the i series in 7 3 0 Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and...

Page 933: ...I alphanumeric string 8 to 63 characters long Examples The following example configures the WPA2 pre shared key abcdefgh for the security profile sec_prof1 configure security profile sec_prof1 wpa2 psk passphrase abcdefgh History This command is introduced in ExtremeWare 7 4 Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine 3800 switches n...

Page 934: ...d may be required to pass the WPA2 system interoperability test Examples The following command sequence configures WPA security with AES encryption and forces only WPA to be used not WPA2 configure security profile secure1 dot11 auth open network auth wpa encryption aes configure security profile secure1 wpa only on History This command is first introduced in ExtremeWare 7 4 Platform Availability ...

Page 935: ...done automatically by the switch or you can enter a previously generated key If you elect to have the key generated you are prompted to enter a set of random characters to be used in generating the key The key generation process takes approximately ten minutes and cannot be canceled after it has started When the key has been generated you should save your configuration to preserve the key To use a...

Page 936: ... generation process proceeds To configure an SSH2 session using a previously generated key use the following command configure ssh2 key pregenerated The command responds with the following message Please enter the server key Enter the previously generated key you can copy and paste it from the saved configuration file History This command was first available in ExtremeWare 6 0 This command was add...

Page 937: ... using the issuer s private key The certificate and private key file should be in PEM format and generated using RSA as the cryptography algorithm Example The following command obtains the pre generated certificate from the user configure ssl certificate pregenerated Next the user will open the certificate and then file copy and paste the certificate into the console telnet session followed by a p...

Page 938: ... key length privkeylen and the length of the other parameters country organization name and so forth supplied by the user If the RSA key length is 1024 the certificate size is 1kb and the private key length is 1kb For RSA Key length of 4096 the certificate length is 2kb and the private key length is 3kb Example The following command creates an SSL certificate in the USA for a website called bigcat...

Page 939: ...n country organization common name ExtremeWare 7 7 Command Reference Guide 939 Platform Availability This command is available in all platforms that use the SSH image except for the Summit i platform switches that use the SSH Base image ...

Page 940: ...d passphrase you should not modify the private key information in the configuration file The certificate and private key file should be in PEM format and generated using RSA as the cryptography algorithm Example The following command obtains the pre generated private key from the user configure ssl privkey pregenerated Next the user will open the certificate and then file copy and paste the certif...

Page 941: ...hostname parameter requires that DNS be enabled Example The following command configures server tacacs1 as the primary TACACS server for client switch 10 10 20 35 configure tacacs primary server tacacs1 client ip 10 10 20 35 History This command was first available in ExtremeWare 6 1 primary Configures the primary TACACS server secondary Configures the secondary TACACS server ipaddress Specifies t...

Page 942: ...42 ExtremeWare 7 7 Command Reference Guide Security Commands This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 943: ...ures the timeout interval for TACACS authentication requests When the timeout has expired another authentication attempt will be made to the next alternative authentication method Example The following command configures the timeout interval for TACACS authentication to 10 seconds configure tacacs primary server 192 168 14 8 timeout 10 History This command was first available in ExtremeWare 7 0 0 ...

Page 944: ...ACS authentication servers You must first configure the TACACS server information before configuring the shared secret for a specific server Example The following command configures the shared secret as purplegreen on the primary TACACS server configure tacacs accounting primary shared secret purplegreen History This command was first available in ExtremeWare 6 1 This command was added to the Summ...

Page 945: ...mmand for e platforms configures the timeout interval for the secondary TACACS authentication to 10 seconds configure tacacs secondary timeout 10 The following command for e platforms configures the timeout interval for TACACS authentication to 10 seconds configure tacacs primary server 192 168 14 8 timeout 10 History This command was first available in ExtremeWare 7 0 0 This command was added to ...

Page 946: ...owing command configures server tacacs1 as the primary TACACS accounting server for client switch 10 10 20 35 configure tacacs accounting primary server tacacs1 client ip 10 10 20 35 History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms primary Config...

Page 947: ...irst configure the TACACS accounting server information before configuring the shared secret for a specific server Example The following command configures the shared secret as tacacsaccount on the primary TACACS accounting server configure tacacs accounting primary shared secret tacacsaccount History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series...

Page 948: ...entication to 10 seconds configure tacacs accounting timeout 10 On an e series switch the following command configures the timeout interval for TACACS accounting authentication to 10 seconds configure tacacs accounting primary server 192 168 12 12 timeout 10 History This command was first available in ExtremeWare 7 0 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e P...

Page 949: ...cified in the access profile will be routed to egress VLANs configured to use that access profile The VLAN must already exist The access profile must be of type VLAN supported only in ExtremeWare releases 4 0 and earlier Example Given an access profile created and configured as follows create access profile okprofile vlan configure access profile okprofile mode permit configure access profile okpr...

Page 950: ...950 ExtremeWare 7 7 Command Reference Guide Security Commands Platform Availability This command is available on the BlackDiamond 6800 MSM32 only ...

Page 951: ... maximum of 64 local and remote address ranges Example You can allocate IP addresses for a remote subnet non local subnet using the DHCP server The following command configures DHCP address ranges for a remote subnet using the subnet 60 0 0 x 24 in the VLAN named test configure vlan test dhcp address range 60 0 0 5 60 0 0 40 mask 255 255 255 0 NOTE The mask option is required when configuring the ...

Page 952: ...952 ExtremeWare 7 7 Command Reference Guide Security Commands Platform Availability This command is available on all platforms ...

Page 953: ...he DHCP server should be used with network login and not as a stand alone DHCP server Example The following command configures the DHCP lease timer value for VLAN corp configure vlan corp dhcp lease timer lease timer History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is availab...

Page 954: ... is identified as the one whose starting IP address is the same as start addr If start addr is not provided then the DHCP option will be applied for the primary DHCP address range To clear DHCP options for a VLAN use the following command unconfigure vlan dhcp options Example 1 Consider a VLAN named test with a primary subnet 40 0 0 x 24 and a secondary subnet 50 0 0 x 24 Assume that for the prima...

Page 955: ...configure vlan test dhcp options dns server 40 0 0 90 To configure the DNS Server as 50 0 0 90 for the secondary subnet use the following command configure vlan test dhcp options dns server 50 0 0 90 50 0 0 5 NOTE You can configure multiple DHCP address ranges for a VLAN The start addr option in the command 50 0 0 5 in this example specifies the exact DHCP address range for which the command appli...

Page 956: ...mmit e series of switches in ExtremeWare 7 1e This command was modified so that remote or secondary subnets could be configured for DHCP options in ExtremeWare through the addition of the parameter start addr This enhanced command was made available in ExtremeWare 7 3 0 and ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 957: ... The timer value is specified in seconds This command applies only to the web based authentication mode of network login Example The following command sets the timer value to 15 seconds for VLAN corp configure vlan corp netlogin lease timer 15 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availabil...

Page 958: ...orts create access list igmp destination source igmp type ipmc group ports Syntax Description name Specifies the name of the access list access mask Specifies the name of the associated access mask code point Specifies a 6 bit DiffServ code point Valid entries are from 0 to 63 dest mac Specifies the destination MAC address source mac Specifies the source MAC address vlan Specifies the VLANid ether...

Page 959: ...ence 10 create access list deny102_23 tcp dest 10 2 0 0 16 ip port 23 source any ip port any deny ports any precedence 20 create access list allow10_23 tcp dest 10 0 0 0 8 ip port 23 source any ip port any permit qosprofile qp4 ports any precedence 30 create access list allow102 ip dest 10 2 0 0 16 source 0 0 0 0 0 permit qosprofile qp3 ports any precedence 40 The following example shows a default...

Page 960: ...e following command creates an access list rule named igmp_acl1 with precedence 30 that drops all IGMP v2 membership reports for groups 224 10 1 x received on any port access list name Specifies the name of the access list destination Specifies the destination IP address with mask any specifies that any address matches source Specifies the source IP address with mask any specifies that any address...

Page 961: ...ce Guide 961 create access list igmp_acl1 destination any source any igmp type v2 membership report ipmc group 224 10 1 0 24 deny ports any precedence 30 History This form of the command was first available in ExtremeWare 7 6 Platform Availability This command is available on the i series switches only ...

Page 962: ...list denyping icmp destination any source any type 8 code 0 deny ports any name Specifies the access list name The access list name can be between 1 and 31 characters dest_ipaddress mask Specifies an IP destination address and subnet mask A mask length of 32 indicates a host entry any specifies that any address will match src_ipaddress source_mask Specifies a source IP address and subnet mask any ...

Page 963: ...ion source ExtremeWare 7 7 Command Reference Guide 963 History This command was first available in ExtremeWare 6 0 and replaced the configure ipqos command Platform Availability This command is available on the i series platforms only ...

Page 964: ... 0 0 permit qosprofile qp3 ports any precedence 40 The following command defines a default entry that is used to specify an explicit deny name Specifies the access list name The access list name can be between 1 and 31 characters dest_ipaddress mask Specifies an IP destination address and subnet mask A mask length of 32 indicates a host entry any specifies that any address will match src_ipaddress...

Page 965: ...ference Guide 965 create access list denyall ip dest 0 0 0 0 0 source 0 0 0 0 0 deny ports any History This command was first available in ExtremeWare 6 0 and replaced the configure ipqos command Platform Availability This command is available on the i series platforms only ...

Page 966: ...ecifies the beginning of a TCP layer 4 port range dst_port_max Specifies the end of a TCP layer 4 port range src_ipaddress src_mask Specifies a source IP address and subnet mask any specifies that any address will match src_port Specifies a TCP layer 4 port any specifies that all TCP ports will match src_port_min Specifies the beginning of a TCP layer 4 port range src_port_max Specifies the end of...

Page 967: ...allow10_23 with precedence 30 that permits TCP port 23 traffic destined for other 10 x x x networks and assigns QoS profile Qp4 create access list allow10_23 tcp dest 10 0 0 0 8 ip port 23 source any ip port any permit qosprofile qp4 ports any precedence 30 History This command was first available in ExtremeWare 6 0 and replaced the configure ipqos command Platform Availability This command is ava...

Page 968: ...dst_port Specifies a UDP layer 4 port any specifies that all UDP ports will match dst_port_min Specifies the beginning of a UDP layer 4 port range dst_port_max Specifies the end of a UDP layer 4 port range src_ipaddress src_mask Specifies a source IP address and subnet mask any specifies that any address will match src_port Specifies a UDP layer 4 port any specifies that all UDP ports will match s...

Page 969: ...0_35 with precedence 70 that permits udp port 35 traffic destined for other 10 X X X networks and assigns QoS profile Qp2 create access list allow10_35 udp dest 10 0 0 0 8 ip port 35 source any ip port any permit qosprofile qp2 ports any precedence 70 History This command was first available in ExtremeWare 6 0 and replaced the configure ipqos command Platform Availability This command is available...

Page 970: ... ipmc group mask length Specifies that the IP multicast group and mask length should be specified when you create an access list using this access mask dest ip mask length Specifies that the destination IP address and mask length should be specified when you create an access list using this access mask dest L4port Specifies that the destination TCP UDP port should be specified when you create an a...

Page 971: ...only source L4port Specifies that the source TCP UDP port should be specified when you create an access list using this access mask source mac Specifies that the source MAC address should be specified when you create an access list using this access mask tos Specifies that the 3 bit precedence field within the IP ToS field should be specified when you create an access list using this access mask v...

Page 972: ... MSM32 running ExtremeWare 4 1 the VLAN keyword specifies that profile entries will be a list of VLANs access profile Specifies an access profile name ipaddress Specifies that the profile entries will be a list of IP address mask pairs ipx node Specifies that the profile entries will be a list of IPX node addresses NOTE This option is available only on the e series switches ipx net Specifies that ...

Page 973: ...access profile that will contain AS path expressions create access profile AS1 type as path History A limited version of this command was first available in ExtremeWare 4 0 This form of the command was available in ExtremeWare 6 1 Support for the IPX node NetID and SAP advertisement types was added in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Pla...

Page 974: ... the VLANid ethertype Specifies the Ethernet type field tos Specifies a 3 bit precedence field within the IP ToS field Valid entries are from 0 to 7 code point Specifies a 6 bit DiffServ code point Valid entries are from 0 to 63 iprotocol Specifies the IP protocol dest ip Specifies the destination IP address source ip Specifies the source IP address dest L4port Specifies the destination TCP UDP po...

Page 975: ...kets ICMP echo packets are defined as type 8 code 0 create access list denyping icmp destination any source any type 8 code 0 deny ports any History This command was first available in ExtremeWare 7 1e Platform Availability This command is available on the e series platforms only vlan pri 2bits Specifies the two most significant bits of the vlan pri field ...

Page 976: ...stributed Route maps are used in conjunction with the match and set operations A match operation specifies a criteria that must be matched A set operation specifies a change that is made to the route when the match operation is successful After a route map statement has been created you must add entries to the route map and then add statements to the route map entries Example The following command...

Page 977: ... profile or to copy an existing profile using a new name Example The following example creates a new security profile called wep secure using an existing profile called unsecure create security profile wep secure copy unsecure History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e and to the i series in 7 3 0 Platform Availability This command is available o...

Page 978: ...the VLAN Devices matching a created trusted OUI list are allowed to bypass network login using a specified protocol ExtremeWare performs an AND operation between the source MAC address of the incoming packet and its mask It then compares that result with the result of the AND operation between the configured address and the mask If the results are the same the address is trusted and the packet is ...

Page 979: ...0 18 01 32 1f for all ports in the VLAN named vlan1 create trusted mac address 00 e0 18 01 32 1f vlan1 The following example creates a trusted MAC address on all ports in the VLAN bldg5 allowing the use of the DHCP protocol create trusted mac address mac address 00 07 40 79 58 EB bldg5 protocol dhcp History This command was first available in ExtremeWare 7 3 0 This command was added to the Summit ...

Page 980: ...s access list allow102 delete access list allow102 History This command was first available in ExtremeWare 6 0 The command was modified in ExtremeWare 6 2 1 to provide the all option This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms name Specifies the name of the access list to be deleted all Specifies tha...

Page 981: ...only on the e series switches Syntax Description Usage Guidelines None Example The following command disables statistics collection for access list allow102 delele access list allow102 History This command was first available in ExtremeWare 7 1e Platform Availability This command is available only on the e series platforms name Specifies the name of the access list to be deleted ...

Page 982: ...A Usage Guidelines None Example The following command deletes an access profile named nosales delete access profile nosales History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms access profile Specifies the access profile name to be deleted ...

Page 983: ...lable only on the e series switches Syntax Description Usage Guidelines None Example The following command deletes a rate limit rule named throttle2 delete access profile throttle2 History This command was first available in ExtremeWare 7 1e Platform Availability This command is available on the e series platforms only name Specifies the name of the rate limit rule ...

Page 984: ...This command is available only on the i series switches Syntax Description Default N A Usage Guidelines None Example The following command deletes a route map named bgp out delete route map bgp out History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on the i series platforms only route map Specifies a route map name ...

Page 985: ...ofile cannot be attached to any active ports before deletion Example The following command deletes the security profile named wep_secure delete security profile wep_secure History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e and to the i series in 7 3 0 Platform Availability This command is available on Summit 300 48 Summit 300 24 Summit 400 24p and Alpine...

Page 986: ...tlist protocol DHCP ARP Examples The following command deletes a MAC address from a VLAN named corp delete trusted mac address mac address 00 04 0D 23 45 C2 corp History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e xx yy zz aa bb cc or mac_address Specifies the MAC address of the enabled trusted MAC Either is specified in the form xx yy zz aa bb cc mask dd ee ff gg hh...

Page 987: ...delete trusted mac address ExtremeWare 7 7 Command Reference Guide 987 Platform Availability This command is available on all platforms ...

Page 988: ...idelines None Example The following command disables statistics collection for access list allow102 disable access list allow102 counter History This command was first available in ExtremeWare 6 0 Platform Availability This command is available on the i series platforms only name Specifies the name of the access list counter Specifies that access list statistics collection should be disabled log S...

Page 989: ...plies only to the layer 3 environment The switch allows only those hosts whose IP addresses are assigned by the locally configured DHCP server switch acting as a DHCP server or assigned by an external DHCP server In the latter case the switch should be configured as a BootP relay Example N A History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e This command is modifed ...

Page 990: ...fault By default ARP learning is enabled Usage Guidelines None Example N A History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e This command is modifed in ExtremeWare 7 7 0 The new command is disable ip security arp learning learn from arp ports portlist Both the commands can be used in ExtremeWare 7 7 0 Platform Availability This command is available on all platforms...

Page 991: ... a specified VLAN Syntax Description Default By default ARP learning is enabled Usage Guidelines None Example N A History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e This command is modifed in ExtremeWare 7 7 0 The new command is disable ip security arp learning learn from arp vlan vlan name Both the commands can be used in ExtremeWare 7 7 0 Platform Availability Thi...

Page 992: ... By default ARP learning is enabled Usage Guidelines None Example N A History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e This command is modifed in ExtremeWare 7 7 0 The new command is disable ip security arp learning learn from arp vlan vlan name ports portlist Both the commands can be used in ExtremeWare 7 7 0 Platform Availability This command is available on all...

Page 993: ...e no arguments or variables for this command Default The default is disabled Usage Guidelines None Example The following command disables denial of service protection disable cpu dos protect History This command was first available in ExtremeWare 6 2 2 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 994: ...k login and not as a stand alone DHCP server Example The following command disables DHCP for port 9 in VLAN corp disable dhcp ports 9 vlan corp History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms portlist Specifies the ports for which DHCP should be...

Page 995: ...os protect ipfdb command To globally disable the IPFDB learning qualifier omit the ports keyword and qualifier Examples The following command disables enhanced denial of service protection rate limiting for ports 5 through 7 dos protect rate limit ports 5 7 The following command globally disables the enhanced denial of service protection IPFDB learning qualifier disable enhanced dos protect ipfdb ...

Page 996: ...ault The default is disabled Usage Guidelines On the i series switches system rebooting is needed for a new setting to be effective On the e series switches rebooting is not required Example The following command disables IPDA lookup disable ip subnet lookup History This command was first available in ExtremeWare 7 3 0 This command was added to the e series switches in ExtremeWare 7 5 Platform Ava...

Page 997: ...s learning limit the limit continues to apply to the port When you disable the MAC lockdown timer on a port existing MAC address entries for the port will time out based on the FDB aging period Example The following example disables the MAC address lockdown timeout set for ports 3 and 5 disable mac lockdown timeout ports 3 5 History This command was first available in ExtremeWare 7 5 Platform Avai...

Page 998: ...of network login was introduced in ExtremeWare 7 1 0 The deprecated version of the command is temporarily supported in configurations During an upgrade the deprecated command disable netlogin will be interpreted as disable netlogin web based disable netlogin dot1x Example The following command disables web based authentication for network login disable netlogin web based The following command glob...

Page 999: ...disable netlogin ExtremeWare 7 7 Command Reference Guide 999 The mac keyword was added in Extremeware 7 4 Platform Availability This command is available on all platforms ...

Page 1000: ...list Example The following command disables the guest VLAN on ports 3 and 5 disable netlogin dot1x guest vlan ports 3 5 The following command globally disables the guest VLAN disable netlogin dot1x guest vlan ports all History This command was first available in ExtremeWare 7 6 Platform Availability This command is available on all platforms except the Altitude 300 Access Point all Disables the gu...

Page 1001: ...controls the logout window pop up on the web based network client This command applies only to the web based authentication mode of network login When disabled the logout window pop up no longer opens Example The following command disables the network login logout pop up window disable netlogin logout privilege History This command was first available in ExtremeWare 7 0 0 This command was added to...

Page 1002: ...To control which authentication mode is used by network login use the following commands enable netlogin web based dot1x disable netlogin web based dot1x Example The following command disables network login on port 9 in the VLAN called corp disable netlogin ports 9 vlan corp History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in Ext...

Page 1003: ...s Syntax Description Default By default MAC based network login is disabled Usage Guidelines None Example The following command disables network login on all ports disable netlogin ports 9 mac History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all platforms portlist Specifies the ports for which MAC based network login should be disabled ...

Page 1004: ...se the connection by clicking on the LogOut link Any abnormal closing of this window is detected on the switch and the user is logged out after a time interval as configured for session refresh The session refresh is enabled and set to five minutes by default This command applies only to the web based authentication mode of network login Example The following command disables network login session...

Page 1005: ...r variables Default RADIUS authentication is disabled by default Usage Guidelines None Example The following command disables RADIUS authentication for the switch disable radius History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1006: ...his command has no arguments or variables Default N A Usage Guidelines None Example The following command disables RADIUS accounting for the switch disable radius accounting History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1007: ...ault source IP lockdown is disabled Usage Guidelines None Example The following command enables source IP lockdown on ports 1 to 10 and 15 disable ip security source ip lockdown ports 1 10 15 History This command was first available in ExtremeWare 7 4 This command is modifed in ExtremeWare 7 7 0 The new command is disable ip security source ip lockdown ports all portlist Both the commands can be u...

Page 1008: ...the status of SSH2 telnet sessions on the switch use the show management command The show management command displays information about the switch including the enable disable state for SSH2 telnet sessions SSH2 client connections can still be initiated from the switch when the SSH2 server is disabled Example The following command disables the SSH2 server disable ssh2 History This command was firs...

Page 1009: ...mand has no arguments or variables Default N A Usage Guidelines None Example The following command disables TACACS authentication for the switch disable tacacs History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1010: ...ption This command has no arguments or variables Default N A Usage Guidelines None Example The following command disables TACACS accounting disable tacacs accounting History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1011: ...ariables Default N A Usage Guidelines This command disables CLI command authorization but leaves user authentication enabled Example The following command disables TACACS CLI command authorization disable tacacs authorization History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command i...

Page 1012: ...ic configurations The system default is disable trusted mac address To disable the feature globally use disable trusted mac address To disable the feature on a VLAN use disable trusted mac address vlan vlan name Use the following command to enable a trusted MAC address enable trusted mac address Example The following command disables trusted MAC addresses on the VLAN named corp disable trusted mac...

Page 1013: ...his command has no parameters or variables Default Enabled Usage Guidelines Use this command to prevent web access Example The following command disables HTTP and HTTPS disable web History This command was first available in ExtremeWare 6 2a This command was added to the Summit e series of switches in ExtemeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1014: ...ing with HTTP Disabling HTTP access forces users to use a secured HTTPS connection if web HTTPS is enabled Use the following command to enable web HTTPS enable web https Example The following command disables HTTP on the default port disable web http History This command was first available in ExtremeWare 6 2a This command was added to the Summit e series of switches in ExtremeWare 7 3e it was add...

Page 1015: ...ult Enabled Usage Guidelines Use this command to disable HTTPS before changing the certificate or private key Example The following command disables HTTPS on the default port disable web https History This command was first available in ExtremeWare 6 2a This command was added to the Summit e series of switches in ExtremeWare 7 3e it was added to the i series of switches in ExtremeWare 7 3 0 Platfo...

Page 1016: ... in the certificate This warning is a reminder to the user to download the private key also The certificate and private key file should be in PEM format and generated using RSA as the cryptography algorithm Example The following example downloads a certificate from IP address 166 81 0 14 download ssl 166 81 0 14 certificate g0ethner1 History This command was first available in ExtremeWare 6 2a Thi...

Page 1017: ...load is successful a check is performed to find out whether the private key downloaded matches the public key stored in the certificate If they do not match a warning message is displayed Warning The Private Key does not match with the Public Key in the certificate This warning is a reminder to the user to download the corresponding certificate The certificate and private key file should be in PEM...

Page 1018: ...Command Reference Guide Security Commands Platform Availability Beginning with ExtremeWare 7 4 this command is available in all platforms using SSH image except for the Summit i platform switches using SSH Base image SBxtr ...

Page 1019: ...ction for access list allow102 enable access list allow102 counter The following command enables logging of packets for access list allow102 enable access list allow102 log History This command was first available in ExtremeWare 6 0 Platform Availability This command is available on the i series platforms only name Specifies the name of the access list counter Specifies that access list statistics...

Page 1020: ...witch Syntax Description This command has no arguments or variables Default By default ARP learning is enabled Usage Guidelines None Example N A History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e This command is modifed in ExtremeWare 7 7 0 The new command is enable ip security arp learning learn from arp Both the commands can be used in ExtremeWare 7 7 0 Platform A...

Page 1021: ... Default By default ARP learning is enabled Usage Guidelines None Example N A History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e This command is modifed in ExtremeWare 7 7 0 The new command is enable ip security arp learning learn from arp ports portlist Both the commands can be used in ExtremeWare 7 7 0 Platform Availability This command is available on all platfor...

Page 1022: ...s available only on the i series switches Syntax Description Default By default ARP learning is enabled Usage Guidelines None Example N A History This command was first available in ExtremeWare 7 3 0 This command is modifed in ExtremeWare 7 7 0 The new command is enable ip security arp learning learn from arp vlan vlan name Both the commands can be used in ExtremeWare 7 7 0 Platform Availability T...

Page 1023: ...fault By default ARP learning is enabled Usage Guidelines None Example N A History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e This command is modifed in ExtremeWare 7 7 0 The new command is enable ip security arp learning learn from arp vlan vlan name ports portlist Both the commands can be used in ExtremeWare 7 7 0 Platform Availability This command is available on...

Page 1024: ...o arguments or variables for this command Default The default is disabled Usage Guidelines None Example The following command enables denial of service protection enable cpu dos protect History This command was first available in ExtremeWare 6 2 2 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 1025: ... service protection is enabled no ACLs are created This mode is useful to gather information about normal traffic levels on a switch This will assist in configuring denial of service protection so that legitimate traffic is not blocked Example The following command enables simulated denial of service protection enable cpu dos protect simulated History This command was first available in ExtremeWar...

Page 1026: ... A Usage Guidelines The DHCP server should be used with network login and not as a stand alone DHCP server Example The following command enables DHCP for port 9 in VLAN corp enable dhcp ports 9 vlan corp History This command was first available in ExtremeWare 7 1e Platform Availability This command is available on the e series platforms only portlist Specifies the ports for which DHCP should be di...

Page 1027: ...following command enables enhanced denial of service protection rate limiting for ports 1 3 and 1 4 enable enhanced dos protect rate limit ports 1 3 1 4 The following command globally enables the enhanced denial of service protection IPFDB learning qualifier enable enhanced dos protect ipfdb History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e Platform Availability Th...

Page 1028: ...55 0 On e series switches default routes are not supported by this feature Example enable ip subnet lookup To be effective system rebooting is needed show ipc IP Routing Enabled MPLS Disabled IP SUBNET Lookup Run Time Disabled 0 Config Enabled 24 In default status IPDA SUBNET lookup feature is disabled show ipc IP Routing Enabled MPLS Disabled IP SUBNET Lookup Run Time Disabled 0 Config Disabled 0...

Page 1029: ...enable ip subnet lookup ExtremeWare 7 7 Command Reference Guide 1029 Platform Availability This command is available on all platforms ...

Page 1030: ...that also has the lock learning feature enabled For more information about MAC lock learning MAC address lockdown see MAC Address Lockdown on page 266 Example The following example enables the MAC address lockdown timeout set for ports 3 and 5 enable mac lockdown timeout ports 3 5 History This command was first available in ExtremeWare 7 5 Platform Availability This command is available on all pla...

Page 1031: ...deprecated when the 802 1x mode of network login was introduced in ExtremeWare 7 1 0 The deprecated version of the command is temporarily supported in configurations During an upgrade the deprecated command enable netlogin will be interpreted as enable netlogin web based enable netlogin dot1x Example The following command enables web based network login enable netlogin web based The following comm...

Page 1032: ...1032 ExtremeWare 7 7 Command Reference Guide Security Commands The mac keyword was added in ExtremeWare 7 4 Platform Availability This command is available on all platforms ...

Page 1033: ...the following command disable netlogin dot1x guest vlan ports all port list Example The following command enables the guest VLAN on ports 3 and 5 enable netlogin dot1x guest vlan ports 3 5 The following command globally enables the guest VLAN enable netlogin dot1x guest vlan ports all History This command was first available in ExtremeWare 7 6 Platform Availability This command is available on all...

Page 1034: ...lines This command controls the logout window pop up on the web based network client This command applies only to the web based authentication mode of network login Example The following command enables the network login logout pop up window enable netlogin logout privilege History This command was first available in ExtremeWare 7 0 0 This command was added to the Summit e series of switches in Ex...

Page 1035: ...IUS server must be configured to enable the Extreme network login capability For ISP mode login no special conditions are required A RADIUS server must be used for authentication Network login is used on a per port per VLAN basis On the i series switches a port that is tagged can belong to more than one VLAN In this case network login can be enabled on one port for each VLAN Windows authentication...

Page 1036: ...gure netlogin mac address When a new MAC address is detected on a port that is enabled for MAC based network login the RADIUS client sends an authentication message RADIUS access request to the RADIUS server for validation The RADIUS client tries the configured maximum number of retries to validate the supplicant To configure the maximum number of retries use the following command configure netlog...

Page 1037: ...than the network login session refresh timer This command applies only to the web based authentication mode of network login The enable netlogin session refresh command enables the session refresh option only if this option was disabled earlier using the disable netlogin session refresh command It does not reset the refresh minutes to default value The session keepalive interval sets the interval ...

Page 1038: ...erence Guide Security Commands History This command was first available in ExtremeWare 7 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1039: ... RADIUS servers for authentication When used with a RADIUS server that supports ExtremeWare CLI authorization each CLI command is sent to the RADIUS server for authorization before it is executed Example The following command enables RADIUS authentication for the switch enable radius History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switch...

Page 1040: ...rguments or variables Default Disabled Usage Guidelines The RADIUS client must also be enabled Example The following command enables RADIUS accounting for the switch enable radius accounting History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1041: ...y configured IP ARP entries the MAC address specified during the addition of a IP ARP entry should already exist in the FDB Before enabling source IP lockdown on a port the switch should be configured either as a DHCP Server or a BOOTP Relay Example The following command enables source IP lockdown on ports 3 and 5 enable source ip lockdown ports 3 5 History This command was first available in Extr...

Page 1042: ...sses To create an access profile use the create access profile type command To configure an access profile use the configure access profile add command Use the none option to cancel a previously configured access profile Use the port option to specify a TCP port number other than the default To view the status of SSH2 sessions on the switch use the show management command The show management comma...

Page 1043: ...enable ssh2 ExtremeWare 7 7 Command Reference Guide 1043 Platform Availability This command is available on all platforms ...

Page 1044: ...ines After they have been enabled all web and CLI logins are sent to one of the two TACACS servers for login name authentication and accounting Example The following command enables TACACS user authentication enable tacacs History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is a...

Page 1045: ... or variables Default Disabled Usage Guidelines If accounting is used the TACACS client must also be enabled Example The following command enables TACACS accounting for the switch enable tacacs accounting History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all pl...

Page 1046: ...sage Guidelines When enabled each command is transmitted to the remote TACACS server for authorization before the command is executed Example The following command enables TACACS command authorization for the switch enable tacacs authorization History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availabil...

Page 1047: ...e the feature globally enter enable trusted mac address To enable and activate trusted MAC on an individual VLAN enter enable trusted mac address vlan vlan name Use the following command to disable a trusted MAC address disable trusted mac address Disabling this feature does not remove the previous port specific information Example The following command enables the trusted MAC feature globally on ...

Page 1048: ... Guidelines Use this command to enable HTTP and HTTPS access to the switch web pages on the default ports The default port for HTTP is port 80 and HTTPS is port 443 Example The following command enables HTTP and HTTPS on the default port enable web History This command was first available in ExtremeWare 6 2a This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Ava...

Page 1049: ...ult Enabled Usage Guidelines Use this command to enable HTTP access to the switch web pages Example The following command enables HTTP on the default port enable web http History This command was first available in ExtremeWare 6 2a This command was added to the Summit e series of switches in ExtremeWare 7 3e it was added to the i series of switches in ExtremeWare 7 3 0 Platform Availability This c...

Page 1050: ...le enables HTTP access using the access profile named open_web on slot 1 port 4 enable web http access profile open_web port 1 4 History This command was first available in ExtremeWare 6 2a This command was added to the Summit e series of switches in ExtremeWare 7 3e it was added to the i series of switches in ExtremeWare 7 3 0 Platform Availability This command is available on all platforms none ...

Page 1051: ...lt Enabled Usage Guidelines Use this command to allow users to connect using a more secure HTTPS connection Example The following command enables HTTPS on the default port enable web https History This command was first available in ExtremeWare 6 2a This command was added to the Summit e series of switches in ExtremeWare 7 3e it was added to the i series of switches in ExtremeWare 7 3 0 Platform A...

Page 1052: ...nables HTTPS access using the access profile named secure_web on slot 1 port 2 enable web https access profile secure_web port 1 2 History This command was first available in ExtremeWare 6 2a This command was added to the Summit e series of switches in ExtremeWare 7 3e it was added to the i series of switches in ExtremeWare 7 3 0 Platform Availability This command is available on all platforms non...

Page 1053: ...wfish Specifies that the blowfish cipher should be used for encryption portnum Specifies the TCP port number to be used for communicating with the SSH2 client Default is port 22 debug_level Specifies a debug level Default is 0 user Specifies a login name for the remote host host Specifies the name of the remote host ipaddress Specifies the IP address of the remote host remote file Specifies the na...

Page 1054: ...e configuration will be corrupted Example The following command copies a configuration file from the file configpart1 save on host system1 to the switch as an incremental configuration scp2 admin system1 configpart1 save configuration incremental History This command was first available in ExtremeWare 6 2 1 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Avai...

Page 1055: ..._file Example The following command copies the switch configuration and saves it as file config1 save on host system1 scp2 configuration admin system1 config1 save History This command was first available in ExtremeWare 6 2 1 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms 3des Specifies that the 3des ci...

Page 1056: ...I P X 1531 Flags I IP T TCP U UDP E Established M ICMP P Permit Rule D Deny Rule N Port Specific Rule X Any Port The following command shows information on all current access lists show access list It produces output similar to the following show access list Access List Access mask Vlan QoS Flags a2 f2 DM D a1 f1 QP5 DI IP P Flags DM Dest MAC SM Source MAC ET Ether Type T TOS C Code Point I IP Pro...

Page 1057: ...hows real time access list statistics for ingress ports 5 7 show access list port 5 7 The following command shows information for access list test1 show access list test1 The command generates output similar to the following test1 Protocol ip Action permit qp1 Destination 0 0 0 0 0 any Source any any Precedence 0 Rule Number 0 Hit Count 4566 Flags ac Ports any The following example shows output of...

Page 1058: ...58 ExtremeWare 7 7 Command Reference Guide Security Commands This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1059: ...created for the source IP lockdown feature Syntax Description This command has no arguments or variables Default N A Usage Guidelines Example The following command displays the ACLs created for the source IP lockdown feature show access list source ip lockdown History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all platforms ...

Page 1060: ...and is available only on the i series switches Syntax Description This command has no arguments or variables Default N A Usage Guidelines None Example The following command displays the hardware access control list mapping show access list fdb History This command was first available in ExtremeWare 6 0 Platform Availability This command is available on the i series platforms only ...

Page 1061: ...e 17 to change the view of the data The Esc or Return keys discontinue the display Example The following command initiates the access list information display show access list monitor The command displays output similar to the following Access List Proto Destination Source Hit Count test1 ip 0 0 0 0 0 0 0 0 0 0 1922 The Hit Count continues to be updated until you exit from the display or enter 0 t...

Page 1062: ...1062 ExtremeWare 7 7 Command Reference Guide Security Commands Platform Availability This command is available on the i series platforms only ...

Page 1063: ... N A Usage Guidelines None Example The following command shows information about the access mask called MyIpMask show MyIpMask The command generates output similar to the following Access mask with name MyIpMask created by user MAC IP mask L4port Layer 2 Layer 3 4 Ports Precedence ACL Rate limit History This command was first available in ExtremeWare 7 1e Platform Availability This command is avai...

Page 1064: ...ofile information for the switch Usage Guidelines None Example The following command displays access profile related information for access profile called nosales show access profile nosales History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms access...

Page 1065: ... arp learning vlan mgmt Arp Learning Enabled on vlan Mgmt Vlan Port Arp Learning Port Arp learning Mgmt Mgmt Enabled Mgmt Enabled The following command shows that ARP learning is enabled on the management VLAN with new command show ip security arp learning vlan mgmt Arp Learning Enabled on vlan Mgmt Vlan Port Arp Learning Port Arp learning Mgmt Mgmt Enabled Mgmt Enabled History This command was fi...

Page 1066: ...1066 ExtremeWare 7 7 Command Reference Guide Security Commands Platform Availability This command is available on all platforms ...

Page 1067: ...ation on that port Example The following example displays the arp learning configuration on the VLAN called vlan1 Summit400 48t 55 show arp learning vlan1 ports all The command generates output similar to the following Vlan Port Arp Learning Port Arp learning vlan1 3 Enabled 3 Enabled History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e This command is modifed in Extr...

Page 1068: ...he primary and secondary servers that are configured for that particular type of session Example The following example displays the authentication information show auth The output of the command is similar to Session Type mgmt access Authentication Server Type Radius Primary Authentication Server 12 16 1 2 Secondary Authentication Server None Primary Accounting Server None Secondary Accounting Ser...

Page 1069: ... None Examples The following command displays the status of denial of service protection on an i series switch show cpu dos protect Following is the output from this command Denial of service protection to CPU is ENABLED Notice level 4000 new packets second level for logging Alert level 4000 new packets second level for ACL creation Filter types destination ACL timeout 15 seconds ACL rule preceden...

Page 1070: ...packets with options IPMC packets but not class D address with checksum errors and non IP packets Broadcast traffic IP multicast unknown These are IPMC packets that do not have corresponding IPMC FDB entries Learning packets These are packets that do not have a corresponding FDB entries Current interval The current time interval less than or equal to the configured interval Configured alert thresh...

Page 1071: ... Example The following command shows global enhanced denial of service protection rate limit information show enhanced dos protect rate limit PortNum Status Trusted Proto Threshold Learn Window Drop Prob PktsDrop 4 4 Enabled Trusted icmp 100 10 50 0 Enhanced DOS Protect Rate Limit Global Configuration Global Status Enabled rate limit Displays rate limiting configuration ipfdb Displays IPFDB learni...

Page 1072: ... ExtremeWare 7 7 Command Reference Guide Security Commands History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1073: ... command generates output similar to the following Dest IP Addr TblIdx MacIdx Flag Flow MAC Address VLAN Port 20 2 0 0 11402 0 CCFA 0 00000 0000 00 00 00 00 00 04 4091 4 3 20 3 0 0 11403 0 CCFA 0 00000 0000 00 00 00 00 00 04 4091 4 3 20 4 0 0 11404 0 CCFA 0 00000 0000 00 00 00 00 00 04 4091 4 3 20 10 128 0 1940A 0 CCFA 0 00000 0000 00 00 00 00 00 04 4091 4 3 Total number of entries 61 IPFDB SUBNET...

Page 1074: ...xample The following example shows information about the MAC address lockdown timeout settings for ports 21 22 24 and 25 show mac lockdown timeout ports 21 22 24 25 The command generates output similar to the following Port Mac lockdown timeout Timeout In secs 21 Enabled 2000 22 Enabled 3000 24 Disabled 200 25 Disabled 15 History This command was first available in ExtremeWare 7 5 Platform Availab...

Page 1075: ...tries learned on that port will not be displayed Example The following example shows information about the MAC entries for ports 21 and 22 show mac lockdown timeout fdb ports 21 22 The command generates output similar to the following Mac Vlan Age Use Port Flags 00 00 01 02 03 04 v1 4094 0010 0000 21 F 00 00 01 00 00 02 v1 4094 0030 0000 21 FB b 00 00 0A 02 03 04 v2 4093 0050 0000 22 L 00 00 0B 02...

Page 1076: ...1076 ExtremeWare 7 7 Command Reference Guide Security Commands Platform Availability This command is available on all platforms ...

Page 1077: ...ion 802 1x or HTTP web based Examples The following command shows the summary network login information show netlogin The command generates output similar to the following Netlogin Authentication Mode web based ENABLED 802 1x ENABLED Web based Mode Global Configuration Base URL network access net Default Redirect Page http www extremenetworks com Logout privilege YES Netlogin Session Refresh DISAB...

Page 1078: ...og In DISABLED MAC IP address Auth Type ReAuth Timer User 00 B0 D0 90 2F 72 0 0 0 0 No 802 1x 12 Unknown Total Number of Authenticated MACs 0 The following command shows the detailed network login information for the port 1 13 in the VLAN named Default show netlogin ports 1 13 Default Following is the output from this command before authentication Port 1 13 Vlan Default Mac Based Enabled Port Stat...

Page 1079: ...e in ExtremeWare 6 2 This command was modified to show the authentication type in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e This command was modified to show the mac based enabled disabled information in ExtremeWare 7 7 Platform Availability This command is available on all platforms ...

Page 1080: ...out the guest VLAN configuration Stk Master 15 show netlogin guest vlan port 1 1 The output from this command is as follows Netlogin DOT1X Guest vlan configuration Guest Supplicant Response Timeout 30 secs Port Guest vlan Vlan 1 1 Enabled visit Stk Master 16 History This command was first available in ExtremeWare 7 6 Platform Availability This command is available on all platforms portlist Specifi...

Page 1081: ...server must be populated with the MAC addresses of the clients or with MAC addresses plus a mask This command displays the list of MAC addresses or MAC address mask pairs used for authentication Example The following command displays the MAC address list for RADIUS authentication show netlogin mac Mac Addr Mac Mask Password FF FF FF FF FF FF FF FF FF FF FF FF pngs2r 00 10 DC A2 04 3E FF FF FF FF F...

Page 1082: ...adius Accounting enabled Radius Server Connect Timeout sec 3 Primary radius server Server name 172 17 1 123 IP address 172 17 1 123 Server IP Port 1645 Client address 172 17 1 221 Shared secret Access Requests 0 Access Accepts 0 Access Rejects 0 Access Challenges 0 Access Retransmits 0 Client timeouts 0 Bad authenticators 0 Unknown types 0 Round Trip Time 0 sec s Secondary radius server Server nam...

Page 1083: ...e following is an example of output from this command where RADIUS is not configured on the switch Radius disabled Radius Accounting disabled Primary radius server Not configured Secondary radius server Not configured Primary radius accounting server Not configured Secondary radius accounting server Not configured History This command was first available in ExtremeWare 4 1 This command was added t...

Page 1084: ...nting Following is the output from this command Radius Accounting enabled Radius Acct Server Connect Timeout sec 3 Primary radius accounting server Server name 172 17 1 104 IP address 172 17 1 104 Server IP Port 1646 Client address 172 17 1 221 Shared secret lf nki Acct Requests 0 Acct Responses 0 Acct Retransmits 0 Timeouts 0 Secondary radius accounting server Server name 172 17 1 123 IP address ...

Page 1085: ...accounting server Not configured Secondary radius accounting server Not configured History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1086: ... mask Vlan QoS Limit Port Flags r1 f1 10 5 DI IP P EC r2 f3 3 3 IP P ED Flags DM Dest MAC SM Source MAC ET Ether Type T TOS C Code Point I IP Protocol DI Dest IP SI Src IP D4 Dest L4 Port S4 Src L4 Port MT ICMP Type MC ICMP Code EP Egress Port P Permit Q Qosprofile SC Set Code Point SD Set Dot 1p ED Exceed Drop EC Exceed Set Code Point The next example shows information for the r1 rate limit show ...

Page 1087: ...or the rate limit configured on port 5 show rate limit port 5 Rate Limit r1 Access mask f1 MAC IP mask L4port dest ip 13 13 13 0 24 source ip none Layer 2 Layer 3 4 Egress Port Ingress Ports 5 In Profile permit Rate Limit 10 Mbps Out Profile set code point 0x2c History This command was first available in ExtremeWare 7 1e Platform Availability This command is available on the e series platforms onl...

Page 1088: ...hes Syntax Description Default N A Usage Guidelines If you do not specify a route map name information is displayed for all the route maps Example The following command displays the route map named bgp out show route map bgp out History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on the i series platforms only route map Specifies a route map ...

Page 1089: ...The output of the command is similar to Profile Name Unsecure ESS Name fz unsecure Dot11 Authentication open Network Authentication none Encryption none User VLAN Default Use Dynamic VLAN yes SSID in Beacon on Interfaces 180 1 1 2 1 2 2 1 3 2 1 4 1 1 4 2 1 4 2 1 5 1 1 5 2 1 5 2 1 6 1 1 6 2 1 6 2 1 7 1 1 7 2 1 7 2 1 8 1 1 8 2 1 8 2 1 9 1 1 9 2 1 9 2 1 10 1 1 10 2 1 10 2 1 11 1 1 11 2 1 11 2 1 12 1 ...

Page 1090: ...23 2 2 23 2 2 24 1 2 24 2 2 24 2 2 25 1 2 25 2 2 25 2 2 26 1 2 26 2 2 26 2 2 27 1 2 27 2 2 27 2 2 28 1 2 28 2 2 28 2 2 29 1 2 29 2 2 29 2 2 30 1 2 30 2 2 30 2 2 31 1 2 31 2 2 31 2 2 32 1 2 32 2 2 32 2 Profile Name open64wep ESS Name fz open wep 64 Dot11 Authentication open Network Authentication none Encryption wep64 User VLAN SKSPVlan Use Dynamic VLAN no WEP Key 0 3 75 5 Default WEP Key 0 SSID in...

Page 1091: ...ion none Encryption wep128 User VLAN VSA DKSP Use Dynamic VLAN yes WEP Key 0 3 75 50 6343 2 9 44 Default WEP Key 0 SSID in Beacon on No interfaces bound to this security profile History This command was first available in ExtremeWare 6 2a This command was added to the Summit e series of switches in ExtremeWare 7 3e it was added to the i series of switches in ExtremeWare 7 3 0 Platform Availability...

Page 1092: ...own feature show source ip lockdown ports all Or show ip security source ip lockdown ports all The following new command displays the configuration of the source IP lockdown feature on port 1 7 show source ip lockdown ports 1 7 Or show ip security source ip lockdown ports 1 7 History This command was first available in ExtremeWare 7 4 This command is modifed in ExtremeWare 7 7 0 The new command is...

Page 1093: ...show source ip lockdown ports ExtremeWare 7 7 Command Reference Guide 1093 Platform Availability This command is available on all platforms ...

Page 1094: ... detail provides the same output as the show ssl command plus the complete certificate Private key in PEM format is displayed for users with administration privileges Examples The following command displays the SSL configuration show ssl The output of the command is similar to HTTPS Port Number 443 Private Key matches the Certificate s public key RSA Key Length 1026 Certificate Data Version 3 0x2 ...

Page 1095: ...b fc f4 7a 17 58 92 3f df 9c 4b f3 f0 f7 9f b2 fe 48 d4 92 9e d7 31 89 71 82 2e d6 88 ac a7 72 dc a5 48 35 26 75 aa 1d 0d 9c 40 94 7a 9f 56 05 99 6b 1e 1f e8 42 01 ec 6a ea 29 f3 87 e2 af 07 b1 8a 57 25 2a 10 84 ef eb 69 17 cc a1 81 e7 f8 b7 78 d2 c2 50 f2 01 ea 84 0e 69 c2 72 e0 f4 6a 3d 29 6d 78 14 10 85 5d f7 53 ef f7 ea 25 23 c5 a3 43 4b 4e 57 83 e7 af d4 c2 RSA Private key BEGIN RSA PRIVATE K...

Page 1096: ...2a This command was added to the Summit e series of switches in ExtremeWare 7 3e it was added to the i series of switches in ExtremeWare 7 3 0 Platform Availability Beginning with ExtremeWare 7 4 this command is available in all platforms using SSH image except for the Summit i platform switches using SSH Base image SBxtr ...

Page 1097: ...guration and statistics show tacacs The output from this command is similar to TACACS enabled TACACS Authorization enabled TACACS Accounting enabled TACACS Server Connect Timeout sec 3 Primary TACACS Server Server name 172 17 1 104 IP address 172 17 1 104 Server IP Port 49 Client address 172 17 1 220 Shared secret lf nki Secondary TACACS Server Server name 172 17 1 123 IP address 172 17 1 123 Serv...

Page 1098: ...secret lf nki Secondary TACACS Accounting Server Server name 172 17 1 123 Client address 172 17 1 220 Shared secret lf nki History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1099: ...ing command displays TACACS accounting client configuration and statistics show tacacs accounting Following is the output from this command TACACS Accounting enabled TACACS Acct Server Connect Timeout sec 3 Primary TACACS Accounting Server Server name 172 17 1 104 IP address 172 17 1 104 Server IP Port 49 Client address 172 17 1 220 Shared secret lf nki Secondary TACACS Accounting Server Server na...

Page 1100: ...erence Guide Security Commands History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1101: ...atus of the enable disable keywords and then displays all of the configured trusted MAC addresses for all VLANs show trusted mac address The following command displays trusted MAC address information for the VLAN named corp show trusted mac address vlan corp History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 3e Pla...

Page 1102: ... named vsa dksp S24 FZ 6 show vlan vsa dksp security Port Limit State Appeared Learnt Blackholed Locked 1 Unlimited Unlocked 7 7 0 0 2 Unlimited Unlocked 4 4 0 0 3 Unlimited Unlocked 0 0 0 0 4 Unlimited Unlocked 2 2 0 0 5 Unlimited Unlocked 0 0 0 0 6 Unlimited Unlocked 4 4 0 0 25 Unlimited Unlocked 13 13 0 0 26 Unlimited Unlocked 0 0 0 0 S24 FZ 7 History This command was first available in Extreme...

Page 1103: ...f you include a remote command you will receive an error message The default settings for SSH2 parameters are as follows cipher 3DES port 22 3des Specifies that the 3des cipher should be used for encryption This is the default blowfish Specifies that the blowfish cipher should be used for encryption portnum Specifies the TCP port number to be used for communicating with the SSH2 client Default is ...

Page 1104: ...n engineering1 The following command establishes an SSH2 session with the switch summit48i over TCP port 2050 with compression enabled ssh2 port 2050 compression on admin summit48i History This command was first available in ExtremeWare 6 2 1 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 1105: ...ion Disables the remote authentication for management sessions Syntax Description This command has no arguments or variables Default N A Usage Guidelines N A Example unconfigure auth mgmt access History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1106: ...sables the remote authentication for netlogin sessions Syntax Description This command has no arguments or variables Default N A Usage Guidelines N A Example unconfigure auth netlogin History This command was first available in ExtremeWare 7 3 0 and ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1107: ...use the following commands enable cpu dos protect disable cpu dos protect The default values for the denial of service protection parameters are as follows alert threshold 4000 packets per second notice threshold 4000 packets per second timeout 15 seconds messages on messages are sent to syslog filter precedence 10 Example The following command resets the denial of service protection configuration...

Page 1108: ...ify configuration use the show enhanced dos protect ipfdb ports portlist command and view data in the Aging column Example The following command resets the aging time on port 2 to the default value 30 seconds unconfigure enhanced dos protect ipfdb agingtime ports 2 History This command was first available in ExtremeWare 7 3 0 This command was added to the Summit e series of switches in ExtremeWare...

Page 1109: ...ed denial of service protection maintains the number of IPFDB entries according to the cache size limit Use this command to reset the cache size to the default of 256K Use the following command to set the cache size to something other than the 256K default value configure enhanced dos protect ipfdb cache size Example The following command resets the cache size to the 256K default value unconfigure...

Page 1110: ...usted ports for enhanced denial of service protection use the following command configure enhanced dos protect ipfdb learn limit Usage Guidelines Use this command to reset the learning limit value to the default number of packets being counted before the software can create an entry in hardware Example The following command resets the learn limit on Fast Ethernet port 3 to 100 packets within the l...

Page 1111: ...alues for selected untrusted ports to the default value of 10 seconds To verify configuration use the show enhanced dos protect ipfdb ports portlist command Example The following command resets the learning window on port 2 to the default value 10 seconds unconfigure enhanced dos protect ipfdb learn window ports 2 History This command was first available in ExtremeWare 7 3 0 This command was added...

Page 1112: ...rnet port 3 to the default value 100 packets unconfigure enhanced dos protect rate limit threshold ports 3 The following command resets the rate limiting drop probability on port 4 to the default value 50 percent threshold Resets to the default value the number of packets allowed on a given port within the learning window before the rate limit is applied The default on Fast Ethernet ports is 100 p...

Page 1113: ...earn window ports 2 3 The following command resets the rate limiting protocol to the default value ICMP packet types on ports 1 through 3 unconfigure enhanced dos protect rate limit protocol ports 1 3 The following command removes ports 1 through 4 from rate limiting unconfigure enhanced dos protect rate limit ports 1 4 History This command was first available in ExtremeWare 7 3 0 This command was...

Page 1114: ...e Syntax Description This command does not have a syntax Default The default is 5 minutes Usage Guidelines Use this command to set the network login aging time out Example The following example sets the network login aging time to the default value unconfigure netlogin agingtime History This command was first available in ExtremeWare 7 7 Platform Availability This command is available on all platf...

Page 1115: ...e guest VLAN feature for all ports unconfigure netlogin dot1x guest vlan The following example unconfigures the guest VLAN feature for ports 3 and 5 unconfigure netlogin dot1x guest vlan ports 3 5 History This command was first available in ExtremeWare 7 6 Platform Availability This command is available on all platforms except the Altitude 300 Access Point port list Specifies one or more ports or ...

Page 1116: ...fault value of 30 seconds Syntax Description This command does not have a syntax Default N A Usage Guidelines The supplicant response timeout value is a global setting that is applicable for all ports Example The following example unconfigures a supplicant response timer unconfigure netlogin dot1x timers supplicant response timeout History This command was first available in ExtremeWare 7 7 Platfo...

Page 1117: ...imer for the 802 1x guest VLAN feature to its default setting of 30 seconds Syntax Description This command has no keywords or arguments Default N A Usage Guidelines None Example The following example returns the supplicant response timer to the default setting of 30 seconds unconfigure netlogin dot1x guest vlan supplicant response timeout History This command was first available in ExtremeWare 7 ...

Page 1118: ... 3600 seconds Syntax Description This command has no arguments or variables Default N A Usage Guidelines Use this command to reset the reauthentication interval to the default value for dot1x Example The following example sets the reauthentication interval to the default value of 3600 seconds unconfigure netlogin dot1x timers reauth period History This command was first available in ExtremeWare 7 ...

Page 1119: ... IP phones RADIUS is used as the transport protocol for authentication Only one default entry can be configured this will be used if none of the configured entries match If a password is not configured locally the MAC address is used as the password Example The following example deletes a MAC address mask pair from the table used for authentication unconfigure netlogin mac address 00 11 33 55 77 9...

Page 1120: ...ccess Request message is sent from the RADIUS client to the RADIUS server for validation By default the RADIUS client tries again a maximum of three times if the validation request fails After the third retry the authentication attempt times out This command returns the retry count to its default value To set the authentication retry count to a number besides 3 use the following command configure ...

Page 1121: ...00 seconds Usage Guidelines While a port is in an authenticated state the reauthentication mechanism periodically sends a RADIUS Access Request message to the RADIUS server to reauthenticate the port You can specify an interval in seconds between successive reauthentication messages This command returns the interval to the default value of 1800 seconds Example The following example sets the reauth...

Page 1122: ...llowing command unconfigures the secondary RADIUS server for the client unconfigure radius server secondary History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switches in 7 1e Platform Availability This command is available on all platforms primary Unconfigures the primary RADIUS server secondary Unconfigures the secondary RADIUS server ipa...

Page 1123: ...command unconfigures the secondary RADIUS accounting server for the client unconfigure radius accounting server secondary History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms primary Unconfigures the primary RADIUS accounting server secondary Unconfi...

Page 1124: ...nconfigures all TACACS servers for the client unconfigure tacacs History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms primary Unconfigures the primary TACACS server secondary Unconfigures the secondary TACACS server ipaddress Specifies the IP address...

Page 1125: ...ng command unconfigures all TACACS accounting servers for the client unconfigure tacacs accounting History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms primary Unconfigures the primary TACACS accounting server secondary Unconfigures the secondary TAC...

Page 1126: ... 24 Assume that for the primary subnet a DHCP address range is configured ranging from 40 0 0 5 to 40 0 0 40 Similarly for the secondary subnet the DHCP address range is configured ranging from 50 0 0 5 to 50 0 0 40 To unconfigure the DHCP address range of the primary subnet use the following command unconfigure vlan test dhcp address range To unconfigure the DHCP address range with the start addr...

Page 1127: ... command has been modified so that clearing of the secondary or remote address ranges is possible through the addition of the parameter start addr This enhanced command was made available in ExtremeWare 7 3 0 and ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1128: ...ons Examples Consider a VLAN named test with a primary subnet 40 0 0 x 24 and a secondary subnet 50 0 0 x 24 Assume that for the primary subnet a DHCP address range is configured ranging from 40 0 0 5 to 40 0 0 40 Similarly for the secondary subnet the DHCP address range is configured ranging from 50 0 0 5 to 50 0 0 40 Assume that for the DHCP Address range 40 0 0 5 to 40 0 0 40 the DHCP gateway i...

Page 1129: ...s range for which the command applies If the last option is not specified the command is applied for the primary subnet History This command has been modified so that clearing the DHCP options for secondary or remote subnets is possible through the addition of the parameter start addr This enhanced command was made available in ExtremeWare 7 3 0 and ExtremeWare 7 3e Platform Availability This comm...

Page 1130: ...1130 ExtremeWare 7 7 Command Reference Guide Security Commands ...

Page 1131: ...ch image will load on the next switch reboot The configuration is the customized set of parameters that you have selected to run on the switch As you make configuration changes the new settings are stored in run time memory To retain the settings and have them load when you reboot the switch you must save the configuration to nonvolatile storage A switch can store two different configurations a pr...

Page 1132: ...configure configuration mode command Example The following command sets the default startup configuration for the switch to enhanced mode in which the switch will start up with all ports disabled configure configuration mode enhanced History This command was first available in ExtremeWare 7 3 0 Platform Availability This command is available on all platforms standard Specifies the standard default...

Page 1133: ... done from the server named tftphost from the ASCII file primeconfig txt residing in directory configs archive on the server configure download server primary tftphost configs archive prime_config txt History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platfo...

Page 1134: ... Slots 1 and 2 support all existing Alpine I O modules Alpine Ethernet I O modules green stripe and Alpine Access I O modules silver stripe The Standard mode LED lights when the switch is in extended mode Auto In auto mode the switch determines if it is in standard or extended mode depending upon the type of modules installed in the chassis or the slot preconfigurations If an Alpine I O module wit...

Page 1135: ...1135 Example The following command specifies that the Alpine 3802 operates in standard mode configure switch standard History This command was first available in ExtremeWare 6 1 8 Platform Availability This command is available on the Alpine 3802 switch only ...

Page 1136: ...itch this command affects all physical and virtual wireless ports Example The following example configures all wireless ports to download bootstrap image file ABS 1_8_0 bin located at path apimages bootstrap on the TFTP server at IP address 10 12 123 1 configure wireless image configuration bootstrap tftphost 10 12 123 1 apimages bootstrap ABS 1_8_0 bin The following example configures all wireles...

Page 1137: ...mand Reference Guide 1137 In ExtremeWare 7 6 this command was modified to provide switch level configuration applicable to all wireless ports Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1138: ... mode ExtremeWare configure wireless ports 1 1 image runtime tftphost ART 7_5_8 bin The following example configures a wireless port to download a SummitWM runtime image file from the TFTP server called tftphost configure wireless ports 1 1 mode SummitWM configure wireless ports 1 1 image runtime tftphost A300 1 1 3 00 03 img History This command was first available in ExtremeWare 7 5 Platform Ava...

Page 1139: ...pter 13 Configuration and Image Commands in the ExtremeWare Software User Guide Use of the hostname parameter requires that DNS be enabled Example The following command downloads a bootROM image from the tftp server called tftphost from the file bootimages residing in directory images on the server download bootrom tftphost images bootimage History This command was first available in ExtremeWare 4...

Page 1140: ...1140 ExtremeWare 7 7 Command Reference Guide Configuration and Image Commands Platform Availability This command is available on all platforms ...

Page 1141: ...ve to the TFTP server base directory You can specify a path as part of the file name Use of the hostname parameter requires that DNS be enabled Use the incremental keyword to specify an incremental or partial configuration download In this case the commands specified in the incremental download file are executed but configuration settings not specified in the file are left intact No reboot is requ...

Page 1142: ... available in ExtremeWare 2 0 Support for the hostname parameter was introduced in ExtremeWare 4 0 Support for incremental downloads was introduced in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1143: ... download command completely not just the next scheduled daily download The download configuration every hour command must be issued again to resume automatic downloads If no downloads are scheduled this command has no effect Example The following command cancels a previously scheduled download download configuration cancel History This command was first available in ExtremeWare 6 0 This command w...

Page 1144: ...oaded configuration will be obtained Whether this TFTP server is the primary server or the secondary backup TFTP server To view information about a scheduled download use the show switch command Example The following commands set up a scheduled incremental download of the file config_info txt to be done from the TFTP server named tftphost into the primary configuration area every day at 10 00 pm c...

Page 1145: ...ew AP image files to the switch being used as the attachment switch for the APs To upgrade Direct Connect APs download the new AP image files to the switch with the physical connection to the APs Examples The following command downloads the AP image file ABS 1_8_0 bin from the TFTP server named tftphost at IP address 10 12 123 1 download file name 10 12 123 1 tftphost ABS 1_8_0 bin History This co...

Page 1146: ...eatures are available on the Alpine and BlackDiamond chassis You can update the operational images for all installed modules that run a software image All of the operational image files must be located in the same directory on the TFTP server and they must have the same filename prefix The main ExtremeWare image always downloads first The download image process proceeds with each slot starting at ...

Page 1147: ...yed MSM A Primary bank Downloading image v710b35 xtr Verifying the image Done Slot 2 Primary bank Downloading image v710b35 oc3 Download to slot 2 successful Slot 3 Primary bank Downloading image v710b35 mpls Download to slot 3 successful Slot 4 Primary bank Downloading image v710b35 oc3 Download to slot 4 successful Slot 7 Primary bank Downloading image v710b35 atm3 Table 18 Supported modules and...

Page 1148: ...g image v700b68 oc3 Download to slot 2 successful Slot 3 Primary bank Downloading image v700b68 mpls Download to slot 3 successful Slot 4 Secondary bank Downloading image v700b68 oc3 Download to slot 4 successful Slot 7 Secondary bank Downloading image v700b68 atm3 Download to slot 7 successful History This command was available in ExtremeWare 2 0 Support for the hostname parameter was introduced ...

Page 1149: ...e slot If the slot is not specified the image is downloaded to the all active slots Use the show slot command to find the discovered members their operational and configured platform types History This command was first available in ExtremeWare 7 4 This command was modified in ExtremeWare 7 7 to download the image to all active slots Platform Availability This command is only available with stacki...

Page 1150: ... of all the members and the stack manager The configuration takes effect on the next reboot In version earlier to ExtremeWare 7 7 if the option all is used the switch asks for confirmation while trying to save the configuration on each slot But in ExtremeWare 7 7 you need to confirm only once and the switch will save the configuration on all slots Example The following command saves the current sw...

Page 1151: ... slot 4 primary History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e This command was modified in ExtremeWare 7 4 to support stacking Support for the all and slot keywords was added in ExtremeWare 7 4 In ExtremeWare 7 7 modified the saving option for all ports in stacked switches Platform Availability This command is av...

Page 1152: ...splays the VLAN default without any ports assigned The ports still belong to the VLAN default as the show vlan output correctly displays Example This command shows the current configuration active in the switch show configuration detail History This command was available in ExtremeWare 2 0 This command was modified to show the auto negotiation status of Gigabit Ethernet ports in ExtremeWare 6 2 2 ...

Page 1153: ...s configuration This image configuration mismatch will likely cause the switch to operate differently after failover Use the synchronize command to replicate all saved images and configurations from the master to the slave However if one of the configurations on the master MSM is empty the sync process will not overwrite the corresponding configuration on the slave If the configuration on the slav...

Page 1154: ...n mode Usage Guidelines Use this command on i series switches to remove an enhanced mode configuration and reset the configuration to the default standard configuration mode To configure the default startup configuration for the switch use the configure configuration mode command Example The following command removes the effect of the default startup configuration currently defined for the switch ...

Page 1155: ...anced mode the switch boots with all ports disabled If the enhanced parameter is not entered the default configuration mode will be reset to the standard mode in which the switch boots with all ports in forwarding mode To configure the default startup configuration for the switch use the configure configuration mode command NOTE After using the unconfigure switch all command the show configuration...

Page 1156: ... History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e This command was modified to include the enhanced parameter in ExtremeWare 7 3 0 Platform Availability This command is available on all platforms ...

Page 1157: ...The following command unconfigures the bootloader image unconfigure wireless image configuration bootloader The following command unconfigures both the bootstrap and bootloader images unconfigure wireless image configuration all History This command was introduced in ExtremeWare 7 5 and was configurable at a wireless port level In ExtremeWare 7 6 this command was modified to operate as a switch le...

Page 1158: ...he runtime configuration of a wireless port that is enabled You must disable the port first Examples The following command unconfigures the runtime image for port 1 18 on the Summit 300 48 unconfigure wireless ports 1 18 image configuration runtime History This command was introduced in ExtremeWare 7 5 This command was modified in ExtremeWare 6 6 to exclude the bootstrap and bootloader options Pla...

Page 1159: ...a copy of the configuration file to Extreme Networks Technical Support for problem solving purposes If every time is specified the switch automatically saves the configuration to the server once per day at the specified time Because the filename is not changed the configured file stored in the TFTP server is overwritten every day For version 4 0 The keyword every is not supported Specify the time ...

Page 1160: ...e TFTP server named tftphost every night at 10 15 p m upload configuration tftphost configbackup txt every 22 15 History This command was available in ExtremeWare 2 0 Support for the hostname parameter was introduced in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1161: ...led upload command completely not just the next scheduled daily upload You must re issue the upload configuration every hour command to resume automatic uploads If no uploads are scheduled this command has no effect Example The following command cancels the current automatic upload schedule upload configuration cancel History This command was available in ExtremeWare 2 0 This command was added to ...

Page 1162: ...ies that the next reboot should use the primary saved configuration use configuration primary History This command was available in ExtremeWare 2 0 Support for the slot parameter was introduced in ExtremeWare 7 0 0 The slot parameter is applicable to the Alpine and BlackDiamond chassis Support for the all keyword was introduced in ExtremeWare 7 1 0 This command was added to the Summit e series of ...

Page 1163: ...To view information about the image selected for the next reboot use the show switch command Example The following command configures the switch to use the primary image on the next reboot use image primary History This command was first available in ExtremeWare 2 0 Support for the slot parameter was introduced in ExtremeWare 7 0 0 This command was added to the Summit e series of switches in Extre...

Page 1164: ...1164 ExtremeWare 7 7 Command Reference Guide Configuration and Image Commands ...

Page 1165: ...ands used for EMS are detailed in this document in Chapter 10 Commands for Status Monitoring and Statistics Until all the systems in ExtremeWare are converted you may need to use a mix of EMS and debug trace commands under the guidance of Extreme Networks technical personnel Included in this chapter as well as in Chapter 10 are the EMS commands to enable and disable debug mode for EMS components T...

Page 1166: ...yntax Description This command has no arguments or variables Default N A Usage Guidelines None Example The following command resets the debug trace levels to level 0 clear debug trace History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 1167: ...npipe received DSA message GET_COUNTS DBUG DSA processDSBMessage rsp type 2 from slot 6 DBUG DSA npGenPipe sendMsg 0x8093f70c sends to slot 5 len 68 DBUG DSA npGenPipeAllocTCB TCB allocated by Accounting DSB Accounting DBUG DSA Vlan vlan1 Vlan ID 4091 DBUG DSA processDSBMessage rsp type 2 from slot 6 DBUG DSA npGenPipe sendMsg 0x8093f70c sends to slot 5 len 68 DBUG DSA npGenPipeAllocTCB TCB alloca...

Page 1168: ...ing DBUG DSA Vlan MacVlanDiscover Vlan ID 4095 DBUG DSA processDSBMessage rsp type 2 from slot 6 DBUG DSA npGenPipe sendMsg 0x8093f70c sends to slot 5 len 68 DBUG DSA npGenPipeAllocTCB TCB allocated by Accounting DSB Accounting DBUG DSA Vlan Default Vlan ID 1 DBUG DSA All Vlan History This command was first available in an ExtremeWare IP Technology Services Release based on ExtremeWare v6 1 8b12 T...

Page 1169: ...corded at lower levels Example The following command sets the reporting level for BOOTP relay errors to 3 configure debug trace bootprelay 3 History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms debug level Specifies a debug level 0 None 1 Records err...

Page 1170: ...This command is not currently supported Example This command is not currently supported History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms debug level Specifies a debug level 0 Not currently supported 1 Not currently supported 2 Not currently suppo...

Page 1171: ...es debug trace for link detection configure debug trace debug link 1 The following command disables debug trace for link detection configure debug trace debug link 0 History This command was first available in ExtremeWare 6 2 2b108 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms debug level Specifies a d...

Page 1172: ...owing command displays the cache entries show ipmc cache detail IP multicast group The trace is based on the ingress VLAN of a cache Use this tool if the egress list of a cache is incorrect if there are missing cache entries or if the DVMRP task has been intermittently suspended Example The following command sets the reporting level for DVMRP cache errors to 3 configure debug trace dvmrp cache 3 v...

Page 1173: ...G DVMR dvcareq c 213 Build Cache for 192 168 3 10 224 2 127 254 DBUG DVMR dvcareq c 596 dvmrp mask del interface 6 in 239 1 1 1 192 168 3 0 255 255 255 0 DBUG DVMR dvcareq c 213 Build Cache for 192 168 3 10 224 10 253 4 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i platforms only ...

Page 1174: ...xample The following command sets the reporting level for DVMRP hello errors to 3 configure debug trace dvmrp hello 3 vlan v49 Following is the log output at this level INFO SYST serial admin configure debug trace dvmrp hello 4 vlan v49 DBUG DVMR dvrx c 151 Rx Hello from 192 168 200 2 on VLAN v49 DBUG DVMR dvnbr c 612 Tx Hello on Vlan v49 Len 16 nbr 1 DBUG DVMR dvrx c 151 Rx Hello from 192 168 200...

Page 1175: ...erence Guide 1175 DBUG DVMR dvnbr c 612 Tx Hello on Vlan v49 Len 16 nbr 1 DBUG DVMR dvrx c 151 Rx Hello from 192 168 200 2 on VLAN v49 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i platforms only ...

Page 1176: ... graft acknowledgement coming into a VLAN Use this command if a multicast stream cannot be stopped or does not come down to the receiver after the IGMP snooping entry is verified Example The following command sets the reporting level for DVMRP message errors to 3 configure debug trace dvmrp message 3 vlan v49 Following is the log output at this level INFO SYST last message repeated 2 times INFO SY...

Page 1177: ...configure debug trace dvmrp message ExtremeWare 7 7 Command Reference Guide 1177 Platform Availability This command is available on i platforms only ...

Page 1178: ...s This command traces the state of all DVMRP neighbors on a common VLAN to monitor when a neighbor is added or deleted Example The following command sets the reporting level for DVMRP neighbor errors to 3 configure debug trace dvmrp neighbor 3 vlan v49 Following is the log output at this level INFO SYST serial admin enable dvmrp DBUG DVMR dvnbr c 149 Add new Nbr 192 168 200 2 on Vlan v49 Len 16 Hi...

Page 1179: ...configure debug trace dvmrp neighbor ExtremeWare 7 7 Command Reference Guide 1179 Platform Availability This command is available on i platforms only ...

Page 1180: ... route errors to 3 configure debug trace dvmrp route 3 vlan v49 Following is the log output at this level INFO SYST serial admin configure debug trace dvmrp route 3 vlan v49 DBUG DVMR dvrx c 159 Rx Report from 192 168 200 2 in VLAN v49 DBUG DVMR dvrx c 298 Rx route 10 1 2 0 24 Metric 0 1 from 192 168 200 2 DBUG DVMR dvrtrx c 330 Replace RT 10 1 2 0 24 Metrix 1 Flag 01 4 DBUG DVMR dvrx c 298 Rx rou...

Page 1181: ...etric 1 1 from 192 168 200 2 DBUG DVMR dvrtrx c 330 Replace RT 192 168 3 0 24 Metrix 1 Flag 00 0 DBUG DVMR dvrx c 298 Rx route 192 168 1 3 32 Metric 1 1 from 192 168 200 2 DBUG DVMR dvrtrx c 330 Replace RT 192 168 1 3 32 Metrix 1 Flag 00 0 DBUG DVMR dvrttx c 492 Tx periodic report on VLAN v49 Len 49 DBUG DVMR dvrx c 159 Rx Report from 192 168 200 2 in VLAN v49 DBUG DVMR dvrx c 298 Rx route 172 17 ...

Page 1182: ... record the messages recorded at lower levels Example The following command sets the reporting level for DVMRP timer errors to 3 configure debug trace dvmrp timer 3 vlan v49 Following is the log output at this level INFO SYST serial admin configure debug trace dvmrp timer 3 v49 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i platform...

Page 1183: ... unchanged EAPS man1 DBUG EAPS eaps_runtime c 931 Pdu Health Pdu EAPS man1 MAC 00 01 30 33 14 00 RcvdSeq 14851 CurrSeq DBUG EAPS eaps_runtime c 852 pdu Health Pdu DBUG EAPS eaps_runtime c 843 DEBUG vlanId 10 eapsdInst 0 DBUG EAPS eaps c 520 DEBUG Found Control Vlan EapsInst 0 DBUG EAPS eaps c 368 DEBUG Wowie Received EAPS_PDU_MSG debug level Specifies a debug level 0 Records software bugs and seve...

Page 1184: ...port 1 2 vlan c1 vlanId 10 DBUG EAPS eaps_runtime c 1295 EAPS man1 Hello Timer expired DBUG EAPS eaps_runtime c 1673 Complete state unchanged EAPS man1 DBUG EAPS eaps_runtime c 931 Pdu Health Pdu EAPS man1 MAC 00 01 30 33 14 00 RcvdSeq 14850 CurrSeq History This command was first available in ExtremeWare 6 1 9 Platform Availability This command is available on i platforms only ...

Page 1185: ... 148 Nexthop 30 0 0 9 Nfg ffff DBUG SYST i 3 Changing Nexthop fg fffc Source 24 3 89 147 Nexthop 30 0 0 8 Nfg fffe DBUG SYST i 2 Changing Nexthop fg fffc Source 24 3 89 146 Nexthop 30 0 0 7 Nfg fffd DBUG SYST i 1 Changing Nexthop fg fffc Source 24 3 89 145 Nexthop 30 0 0 6 Nfg fffb DBUG SYST i 0 Changing Nexthop fg fffc Source 24 3 89 144 Nexthop 30 0 0 5 Nfg fffa DBUG SYST Sag fffc DBUG SYST Grps...

Page 1186: ...efc 1 4 DBUG SYST redirectServerListDelEntry 0x8 66c2f5c 0 4 DBUG SYST redirectServerListDelEntry Checking server entry 0x866c198c 2 4 DBUG SYST redirectServerListDelEntry 0x866c19ec 0 4 DBUG SYST redirectServerListDelEntry Checking server entry 0x866c201c 3 4 DBUG SYST redirectServerListDelEntry 0x866c207c 0 4 DBUG SYST redirectServerListDelEntry Freeing server entry 0x866c3efc 0 4 DBUG SYST redi...

Page 1187: ...nfigure debug trace flowstats 3 History This command was first available in ExtremeWare 6 2 2 Platform Availability This command is available on i platforms only debug level Specifies a debug level 0 Records error messages such as cannot open a socket cannot bind a socket or cannot add or remove a flow from health check 1 No additional information recorded 2 No additional information recorded 3 No...

Page 1188: ...AP4 messages ldap Specifies LDAP messages nntp Specifies NNTP messages pop3 Specifies POP3 messages smtp Specifies SMTP messages socks Specifies SOCKS messages telnet Specifies Telnet messages tftp Specifies TFTP messages web Specifies HTTP messages wildcard Specifies messages from all services www Specifies HTTP messages debug level Specifies a debug level 0 Records unable to initialize or add a ...

Page 1189: ...the IP addresses and services you specify If you do not configure a filter debug trace records messages at the debug level you specify for every service on every IP address When you save your configuration you also save your configured filter values Example The following command enables level 2 debug tracing configure debug trace health check 2 The following command then configures a filter for a ...

Page 1190: ...1190 ExtremeWare 7 7 Command Reference Guide Troubleshooting Commands History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i platforms only ...

Page 1191: ...r out multicast and broadcast source address Header too short ARP Ethernet IP Invalid hw prot length Wrong length 2 Records the following errors Router interface down Bad IP destination No mbuf available Failed to ARP SubVLAN proxy ARP disabled replied or ARPing NOTE This error is supported only on the i series switches No bridge available No ARP available No router interface in ARPT Loopback entr...

Page 1192: ...y for 192 168 192 12 00 00 86 54 7f 2a DBUG SYS arpresolve START ac 0x82f3d6e0 m 0x849a6c00 IP 192 168 192 12 DBUG SYS arpresolve Filled entry for 192 168 192 12 00 00 86 54 7f 2a DBUG SYS arpresolve START ac 0x82f3d6e0 m 0x849a6800 IP 192 168 192 12 DBUG SYS arpresolve Filled entry for 192 168 192 12 00 00 86 54 7f 2a INFO SYST serial admin configure debug trace iparp 3 t2 INFO SYST Port 2 1 link...

Page 1193: ... 3 Following is the log output at this level DBUG XSAP SAP Traverse Stuffing entry into packet DBUG XSAP SAP Traverse Ignoring type 0278 DBUG XSAP SAP Traverse Ignoring type 026b DBUG XSAP SAP Traverse Ignoring type 0640 DBUG XSAP SAP Traverse Ignoring type 0278 DBUG XSAP SAP Traverse Ignoring type 026b DBUG XSAP SAP Traverse Ignoring type 0640 DBUG XSAP type 0004 net 3646f895 mac 00 90 27 a1 44 3...

Page 1194: ...1194 ExtremeWare 7 7 Command Reference Guide Troubleshooting Commands History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i platforms only ...

Page 1195: ...ip message 4 Following is the log output at this level INFO SYST serial admin configure debug trace ipxrip message 4 ipxvlan INFO SYST Log cleared INFO SYST serial admin clear log DBUG KERN 0x0881347d82 00 03 DBUG KERN 0x0881347d72 00 02 00 00 36 12 00 01 00 01 00 00 10 69 00 02 6 i DBUG XRIP Sending Rsp msg to f0001964 ff ff ff ff ff ff len 18 DBUG XRIP Added entry net 1069 hops 2 ticks 3 to rsp ...

Page 1196: ... ff len 18 DBUG XRIP Added entry net 1069 hops 2 ticks 3 to rsp DBUG XRIP Added entry net 3612 hops 1 ticks 1 to rsp INFO EAPS eaps_runtime c 1449 State Change Complete Failed EAPS man1 INFO EAPS eaps_runtime c 1018 Pdu Link Down Pdu EAPS man1 MAC 00 01 30 32 ef 00 INFO EAPS eaps_runtime c 303 Primary Port Change Up Down INFO SYST Port 1 2 link down History This command was first available in Extr...

Page 1197: ...lso record the messages recorded at lower levels Example The following command sets the reporting level for IPX RIP route errors to 2 configure debug trace ipxrip route 2 Following is the log output at this level DBUG XRIP Added route to net f0220666 g w f0001964 00 01 30 32 8d 00 hops 2 tics 2 INFO SYST Log cleared History This command was first available in ExtremeWare 6 1 Platform Availability ...

Page 1198: ...ax Description Default The default level is 0 Usage Guidelines This command is not currently supported Example This command is not currently supported History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i platforms only debug level Specifies a debug level 0 Not currently supported 1 Not currently supported 2 Not currently supported 3 Not c...

Page 1199: ... command sets the reporting level for IPX SAP message errors to 3 configure debug trace ipxsap message 3 Following is the log output at this level INFO USER admin logged in through console DBUG XSAP Generating SAP query opcode 0001 svc type ffff INFO SYST Port 2 1 link active 100Mbs FULL duplex INFO SYST Port 2 1 link down INFO SYST User admin logged out from console INFO SYST Log cleared INFO SYS...

Page 1200: ...1200 ExtremeWare 7 7 Command Reference Guide Troubleshooting Commands Platform Availability This command is available on i platforms only ...

Page 1201: ...uidelines The debug level range is 0 to 5 Higher levels record more verbose messages Higher levels also record the messages recorded at lower levels History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available only on the i series platforms debug level Specifies a debug level F...

Page 1202: ... 0 Usage Guidelines The debug level range is 0 to 5 Higher levels record more verbose messages Higher levels also record the messages recorded at lower levels History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on i platforms only debug level Specifies a debug level Fo...

Page 1203: ...ault The default is 0 Usage Guidelines The debug level range is 0 to 5 Higher levels record more verbose messages Higher levels also record the messages recorded at lower levels History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on i platforms only debug level Specifi...

Page 1204: ...ault The default is 0 Usage Guidelines The debug level range is 0 to 5 Higher levels record more verbose messages Higher levels also record the messages recorded at lower levels History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on i platforms only debug level Specifi...

Page 1205: ...tion Default The default is 0 Usage Guidelines The debug level range is 0 to 5 Higher levels record more verbose messages Higher levels also record the messages recorded at lower levels History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on i platforms only debug level...

Page 1206: ...age Guidelines The debug level range is 0 to 5 Higher levels record more verbose messages Higher levels also record the messages recorded at lower levels History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on i platforms only debug level Specifies a debug level Followi...

Page 1207: ...HS Skipping FDB refresh for 10 3 1 1 due to LSP DBUG IPHS last message repeated 3 times DBUG IPHS Skipping FDB refresh for 10 3 1 1 due to LSP debug level Specifies a debug level 0 None 1 Records error and warning messages such as session up state machine errors Initialization errors label allocation errors patricia tree failures invalid message type or format memory allocation errors NVRAM parse ...

Page 1208: ... 32 nhop 0 0 0 0 LSPID 9046 DBUG MPLS mpls_lsp_bind c 466 Unbinded LSP to 10 3 1 1 32 Label 0x00000003 DBUG MPLS mpls_lsp_endpt c 765 MPLS Initiating SPF caculation for unbinded LSP to 10 3 1 1 DBUG MPLS mpls_lsp_endpt c 759 Cannot unbind LSP to 10 3 1 1 32 Type 1 nhop 10 0 1 2 without route entry DBUG MPLS mpls_rdb c 2689 RDB REQ not able to find 10 3 1 1 32 nhop 10 0 1 2 DBUG MPLS mpls_lsp_endpt...

Page 1209: ...0 du_recognize_new_fec ifIndex 3 destIp 192 168 100 12 32 nHop 10 0 2 2 DBUG MPLS mpls_rdb c 578 mpls_rdb_callback add route to 192 168 100 12 32 nhop 10 0 2 2 watch 0 orig 33 INFO MPLS mpls_gpp c 1617 Create ILM for FecIp 10 3 1 1 NhlfeIx 1324 EndptIx 1332 InLabel 0x11 OutLabel DBUG MPLS mpls_gpp c 763 MPLS Add ILM DBUG MPLS mpls_lpe c 1302 Bind LSP Req Label 0x00000011 to endpt 10 3 1 1 32 Type ...

Page 1210: ...st message repeated 3 times DBUG IPHS Skipping FDB refresh for 10 3 1 1 due to LSP DBUG IPHS last message repeated 3 times DBUG IPHS Skipping FDB refresh for 10 3 1 1 due to LSP DBUG IPHS last message repeated 3 times DBUG IPHS Skipping FDB refresh for 10 3 1 1 due to LSP DBUG IPHS last message repeated 3 times DBUG IPHS Skipping FDB refresh for 10 3 1 1 due to LSP DBUG IPHS last message repeated ...

Page 1211: ...REQ DBUG MSIG NH 10 0 1 2 4 SESS 10 0 2 1 0 Peer 100 100 61 1 0 DBUG MSIG UP_FSM FEC 10 3 1 1 32 DBUG MSIG NewSt UPS_RLS_AWT OldSt ESTABLISHED EV RTE_RECOMP_REQ DBUG MSIG NH 10 0 1 2 4 SESS 10 0 2 1 0 Peer 100 100 61 1 0 DBUG MSIG UP_FSM FEC 10 3 1 1 32 DBUG MSIG NH 10 0 1 2 4 NewNH_NoRouteToDestination 0x2 SESS 10 0 2 1 0 Peer 100 100 61 1 0 DBUG MSIG UP_FSM FEC 10 3 1 1 32 DBUG MSIG NH 10 0 1 2 ...

Page 1212: ...level for module errors to 3 configure debug trace npcard 3 History This command was first available in an ExtremeWare IP Technology Services Release based on ExtremeWare v6 1 8b12 Platform Availability This command is available on the MPLS PoS ARM and ATM modules debug level Specifies a debug level 0 Indicates that a severe event has occurred that most likely will result in the termination or imp...

Page 1213: ...ng command displays the cache entries show ipmc cache detail IP multicast group The trace is based on the ingress VLAN of a cache Use this tool if the egress list of a cache is incorrect if there are missing cache entries or if any multicast stream jitters Example The following command sets the reporting level for PIM cache errors to 3 configure debug trace pim cache 3 Following is the log output ...

Page 1214: ...set DBUG PIM PIM 142 168 100 101 235 48 13 0 pimSendRegStop dst 15 1 6 3 DBUG PIM PIM ProcRegister sptree flow exists DBUG PIM PIM 142 168 100 101 235 48 13 0 entry timer starting for 210 DBUG PIM PIM 142 168 100 101 235 48 13 0 fwd extending entry s life DBUG PIM PIM ProcRegister NoBorder rp 15 2 1 1 src 15 1 6 3 DBUG PIM PIM ProcRegister 142 168 100 101 235 48 13 0 DBUG PIM PIM ProcRegister null...

Page 1215: ...al neighbor relationships Example The following command sets the reporting level for PIM hello errors to 3 configure debug trace pim hello 3 Following is the log output at this level INFO SYST msm a console admin configure debug trace pim hello 3 vlan all INFO SYST Log cleared INFO SYST msm a console admin clear log static DBUG PIM PIM Receiving Hello pkt of len 18 from src 15 2 1 2 thro 15 2 1 1 ...

Page 1216: ... 15 1 6 1 to 224 0 0 13 DBUG PIM PIM Receiving Hello pkt of len 18 from src 15 2 1 2 thro 15 2 1 1 DBUG PIM PIM Receiving Hello pkt of len 18 from src 15 1 4 2 thro 15 1 4 1 DBUG PIM PIM Xmitting Hello pkt of len 18 from src 15 2 1 1 to 224 0 0 13 DBUG PIM PIM Xmitting Hello pkt of len 18 from src 15 1 4 1 to 224 0 0 13 DBUG PIM PIM Receiving Hello pkt of len 18 from src 15 1 6 3 thro 15 1 6 1 DBU...

Page 1217: ... to the receiver after the IGMP snooping entry is verified or if the CPU load is unexpectedly high Example The following command sets the reporting level for PIM message errors to 3 configure debug trace pim message 3 Following is the log output at this level INFO SYST msm a console admin configure debug trace pim message 3 vlan all DBUG PIM PIM Xmitting RP Adv 8 pkt of len 22 from src 15 2 1 1 to...

Page 1218: ...5 255 255 255 DBUG PIM PIM ProcJoin src 0 0 0 0 rp 15 1 6 1 type g DBUG PIM PIM ProcJoinPrune joins 1 prunes 0 DBUG PIM PIM ProcJPG handling 227 37 32 5 255 255 255 255 DBUG PIM PIM ProcJoin src 0 0 0 0 rp 15 1 6 1 type g DBUG PIM PIM ProcJoinPrune joins 1 prunes 0 DBUG PIM PIM ProcJPG handling 227 37 32 4 255 255 255 255 DBUG PIM PIM ProcJoin src 0 0 0 0 rp 15 2 1 1 type g DBUG PIM PIM ProcJoinPr...

Page 1219: ...tor if when or how frequently a neighbor is added or deleted Example The following command sets the reporting level for PIM neighbor errors to 3 configure debug trace pim neighbor 3 Following is the log output at this level INFO SYST msm a console admin configure debug trace pim neighbor 3 vlan all INFO SYST Log cleared INFO SYST msm a console admin clear log static INFO SYST Port 8 1 link down IN...

Page 1220: ...ting Commands INFO SYST Port 8 4 link down INFO SYST Port 8 3 link down INFO SYST Port 8 2 link down INFO SYST Port 8 1 link down History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i platforms only ...

Page 1221: ... command is for sparse mode only Example The following command sets the reporting level for PIM RP management errors to 3 configure debug trace pim rp mgmt 3 Following is the log output at this level INFO SYST msm a console admin configure debug trace pim rp mgmt 3 INFO SYST Log cleared INFO SYST msm a console admin clear log static DBUG PIM PIM ProcBootstrap Wrong iif for BSR 15 1 6 3 DBUG PIM PI...

Page 1222: ...cBootstrap from 15 1 6 3 in 15 1 6 1 len 56 DBUG PIM PIM ProcBootstrap rp 15 1 4 2 no longer listed DBUG PIM PIM rpDelEntry 15 1 8 2 Bootstrap DBUG PIM PIM ProcBootstrap rp 15 1 8 2 no longer listed DBUG PIM PIM rpDelEntry 15 2 1 1 Bootstrap DBUG PIM PIM ProcBootstrap rp 15 2 1 1 no longer listed DBUG PIM PIM rpDelEntry 15 1 6 1 Bootstrap DBUG PIM PIM ProcBootstrap rp 15 1 6 1 no longer listed DBU...

Page 1223: ...e rip message 3 Following is the log output at this level DBUG RIP Sending Rsp to 224 0 0 9 at 1012569160 950000 INFO SYST msm a console admin configure debug trace rip message 3 vlan all History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms debug lev...

Page 1224: ... currently supported Example This command is not currently supported History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms debug level Specifies a debug level 0 Not currently supported 1 Not currently supported 2 Not currently supported 3 Not currentl...

Page 1225: ... level for RIP triggered update errors to 3 configure debug trace rip triggered update 3 Following is the log output at this level DBUG RIP Suppressing triggered updates for 1 secs INFO SYST msm a console admin enable rip INFO SYST msm a console admin disable rip History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 2...

Page 1226: ...ace slb 3dns 3 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i platforms only debug level Specifies a debug level 0 Records serious errors that can cause 3DNS support to fail This includes problems associated with system resources invalid iQuery messages and internal SLB and 3DNS table maintenance 1 Records task and or socket layer e...

Page 1227: ...e 6 1 Platform Availability This command is available on i platforms only debug level Specifies a debug level 0 Records critical failures such as insufficient memory unexpected internal state 1 Records unaccepted or dropped connections as well as physical ports removed from a GoGo mode group since a failed health check and physical ports added to a GoGo mode group since a passed health check 2 Rec...

Page 1228: ... recorded at lower levels Example The following command sets the reporting level for SLB failover errors to 3 configure debug trace slb failover 3 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i platforms only debug level Specifies a debug level 0 Records possible software errors such as unexpected function call failures and bad func...

Page 1229: ...ry This command was first available in ExtremeWare 7 4 debug level Specifies a debug level 1 Enables initialization logs 2 Enables state event machine logs 4 Enables ATP module logs 8 Enables RPC module logs 16 Enables event pre processor module logs 32 Enables timer module logs 128 Enables layer 2 module logs 256 Enables detailed logging including errors 1024 Enables topology module logs 2048 Ena...

Page 1230: ...1230 ExtremeWare 7 7 Command Reference Guide Troubleshooting Commands Platform Availability This command is available on Summit 200 Summit 300 24 and Summit 400 switches ...

Page 1231: ... 2003 15 09 14 02 Info TRXDIAG trxdiag EXT MAC test on slot 4 returns pass 07 09 2003 15 09 14 02 Info TRXDIAG trxdiag CPU SRAM test on BPLNE returns pass 07 09 2003 15 09 14 02 Info TRXDIAG trxdiag CPU FLASH test on BPLNE returns pass 07 09 2003 15 09 14 02 Info TRXDIAG trxdiag CPU NVRAM test on BPLNE returns pass 07 09 2003 15 09 14 03 Info TRXDIAG trxdiag TWISTER test on BPLNE returns pass 07 0...

Page 1232: ...urns pass 07 09 2003 15 09 15 00 Info TRXDIAG trxdiag TWISTER test on BPLNE returns pass 07 09 2003 15 09 15 00 Info TRXDIAG trxdiag QUAKE test on BPLNE returns pass The following command disables debug trace for transceiver testing configure debug trace transceiver test 0 History This command was first available in ExtremeWare 6 2 2b108 This command was not supported in ExtremeWare 7 0 This comma...

Page 1233: ...command is not currently supported Example This command is not currently supported History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms debug level Specifies a debug level 0 Not currently supported 1 Not currently supported 2 Not currently supported ...

Page 1234: ... the reporting level for VRRP to 5 configure debug trace vrrp 5 Following is the log output at this level DBUG SYS Vlan Vrid vlan1 1 Putting virtualMac 00 00 5e 00 01 01 into arpcom DBUG SYS Vlan Vrid vlan1 1 Putting systemMac 00 01 30 04 c8 00 into arpcom History This command was first available in ExtremeWare 6 2 1 Platform Availability This command is available on i platforms debug level Specif...

Page 1235: ...ansmit vrid 1 pri 255 cnt_ip_addr 1 auth_type 0 advert 1 ipaddr 10 45 208 10 DBUG SYS Vlan Default vrrpTransmit vrid 1 pri 255 cnt_ip_addr 1 auth_type 0 advert 1 ipaddr 10 45 208 10 DBUG SYS Sending vrrp pkt 0x8313d630 len 40 to 224 0 0 18 if rif0 mac 00 00 5e 00 01 01 DBUG KERN Start of chain 84859200 DBUG KERN m0 0x84859200 Length 40 m_off 20 m_data 0x84859214 DBUG KERN 0x0884859214 00 00 00 28 ...

Page 1236: ...BUG KERN 0x0884859224 e0 00 00 12 21 01 ff 01 00 01 05 c4 0a 2d d0 0a DBUG KERN 0x0884859234 00 00 00 00 00 00 00 00 DBUG KERN End of chain 84859200 History This command was first available in ExtremeWare 6 2 1 Platform Availability This command is available on i platforms ...

Page 1237: ...be one or more port numbers May be in the form 1 2 1 2 3 5 2 2 5 2 6 2 8 all Specifies all ports dot1x Configures debug tracing level for the 802 1x activity radius Configures debug tracing level for the RADIUS activity mac Configures debug tracing level for the MAC layer activity snmp Configures debug tracing level for the SNMP activity wlan driver Configures debug tracing level for the WLAN driv...

Page 1238: ...1238 ExtremeWare 7 7 Command Reference Guide Troubleshooting Commands Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine 3800 switches ...

Page 1239: ...ics at boot up configure diagnostics fastpost extended Selects an extended diagnostic routine to run at boot up Takes the switch fabric and ports offline and performs extensive ASIC ASIC memory packet switch and packet loopback tests This parameter is not supported in ExtremeWare 6 1 9 or 6 2 fastpost Selects fastpost diagnostic routine to run at boot up Takes the switch fabric offline and perform...

Page 1240: ...xtremeWare 7 7 Command Reference Guide Troubleshooting Commands History This command was first available in ExtremeWare 6 1 9 Platform Availability This command is available on i series BlackDiamond switches ...

Page 1241: ... If you reboot the switch manually or use the run msm failover or run diagnostics commands the time interval and count are both reset to 0 Example The following command configures the time interval to 5 minutes and the count to 4 configure reboot loop protection threshold 5 4 History This command was first available in ExtremeWare 6 2 2 This command was added to the Summit e series of switches in ...

Page 1242: ...t To view the current settings use the show switch or show configuration commands If you reboot the switch manually or use the run msm failover or run diagnostics commands the time interval and count are both reset to 0 Example The following command configures the time interval to 5 minutes and the count to 4 configure reboot loop protection backup msm threshold 5 4 History This command was first ...

Page 1243: ...ent settings use the show switch or show configuration commands If you reboot the switch manually or use the run msm failover or run diagnostics commands the time interval and count are both reset to 0 Example The following command configures the slave MSM to use the global reboot loop protection configuration configure reboot loop protection backup msm threshold use master config History This com...

Page 1244: ...efault is 0 or no IP Usage Guidelines The IP address specified is also used if no address is provided in the upload system dump command The IP address must be reachable through the VLAN mgmt Example The following command configures the IP address to transfer a system dump to 10 10 10 1 configure system dump server 10 10 10 1 3 History This command was first available in ExtremeWare 6 2 2 Platform ...

Page 1245: ...x Description Default The default is 0 Usage Guidelines The minimum non zero value is 120 seconds The minimum recommended value is 480 seconds Example The following command configures the system dump timeout to 600 seconds configure system dump timeout 600 History This command was first available in ExtremeWare 6 2 2 Platform Availability This command is available on platforms with an Ethernet man...

Page 1246: ...bug mode should remain disabled the default setting Debug mode should only be enabled when advised by technical support or when advanced diagnosis is required The debug mode setting is saved to FLASH The following configuration options require that debug mode be enabled including a severity of debug summary debug verbose or debug data when configuring filters target format options process name pro...

Page 1247: ...de should remain disabled the default setting Debug mode should only be enabled when advised by technical support or when advanced diagnosis is required The debug mode setting is saved to FLASH The following configuration options require that debug mode be enabled including a severity of debug summary debug verbose or debug data when configuring filters target format options process name process i...

Page 1248: ...age Guidelines None Example The following command looks up the IP address of a computer with the name of bigserver xyz_inc com nslookup bigserver xyz_inc com History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms hostname Specifies a hostname ...

Page 1249: ... key to interrupt a ping request For ExtremeWare 6 1 You must configure DNS in order to use the hostname option udp Specifies that the ping request should use UDP instead of ICMP continuous Specifies that UDP or ICMP echo messages to be sent continuously This option can be interrupted by pressing any key start_size i series switches size number e series switches Specifies the size in bytes of the ...

Page 1250: ...ages to be sent to a remote host ping continuous 123 45 67 8 History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 6 1 to support the hostname from and with record route parameters and incremental packets This command was modified in ExtremeWare 6 2 to support UDP This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform A...

Page 1251: ...ctions The management module is taken off line while the diagnostic test is performed It is reset and operational once the test is completed extended Runs an extended diagnostic routine Takes the switch fabric and ports offline and performs extensive ASIC ASIC memory packet memory and packet loopback tests normal Runs a normal diagnostic routine Takes the switch fabric and ports offline and perfor...

Page 1252: ...configure diagnostics extended fastpost normal off Example The following command runs extended diagnostics on the module in slot 3 of a BlackDiamond chassis run diagnostics extended slot 3 A warning is displayed about the impact of this test and you have the opportunity to continue or cancel the test Running extended diagnostics will disrupt network traffic on the system Extended diagnostic will a...

Page 1253: ...modified to support Alpine and Summit switches in ExtremeWare 6 2 The command was modified to support stacking on the Summit 400 switches in ExtremeWare 7 4 Platform Availability This command is available on all platforms The stack port option is only available on the Summit 400 ...

Page 1254: ...orded If a defect was found during the scan process the module is reset the defective buffer is mapped out from further use and the I O module is returned to the operational state If more than eight defects are detected or if the defects cannot be mapped out the module is treated as a failed module and left offline unless sys health check is configured for online The module should then be returned...

Page 1255: ...nostic will also execute Packet Memory Scan WARNING Device may be taken offline To prevent this first configure sys health check alarm level auto recovery online Are you sure you want to continue yes no y To display the diagnostics results use the show diagnostics command History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on Alpine and Summi...

Page 1256: ...t cable diagnostics command to see the results of the test By reviewing the output of the show command you can determine The length of the cable Whether there is a successful termination or whether there is an open or short Examples The following example tests the Ethernet cable inserted into port 1 The four copper pairs do not all have the same length which might indicate a kink in the cable or a...

Page 1257: ...completed to view results enter show port port list cable diagnostics Summit400 48t 30 show port 1 cable diagnostics Port Pair Length Status 1 Pair A 0 meters Open or Short Pair B 0 meters Open or Short Pair C 0 meters Open or Short Pair D 0 meters Open or Short History This command was introduced in ExtremeWare 7 3S Platform Availability This command is available only on the Summit 400 series swi...

Page 1258: ...ified module to detect single bit related memory defects and their associated buffer locations If packet memory defects are detected their locations are recorded in the module EEPROM Up to eight occurrences can be recorded If a defect was found during the scan process the module is reset the defective buffer is mapped out from further use and the module is returned to the operational state If more...

Page 1259: ...iagPM 1 INFO entering packet memory scanning for card 2 Checking Struct has 0 entries Received Packet 00 34 26 49 80 64 50 14 1f 60 54 1d a3 27 ee 5c 44 10 01 fd 1b 2a 15 0c 4e 79 71 c5 3c 19 1e 6b 36 83 20 40 39 35 79 67 2e 25 6c 7e ae 01 06 49 10 61 0e 30 3d da 55 9d 02 67 40 62 2a 2f 3a 64 47 dc 00 86 Transmit Packet 00 34 26 49 80 64 50 14 1f 60 54 1d a3 27 ee 5c 44 10 01 fd 1b 2a 15 0c 4e 79 ...

Page 1260: ...1260 ExtremeWare 7 7 Command Reference Guide Troubleshooting Commands Platform Availability This command is available on i series switches ...

Page 1261: ... iproute netlogin npcard npdiag pppauth ppphexdump radius rip message rip route change rip triggered update snmp trace stp in pdu stp out pdu stp system vrrp vrrp hello wireless ports all portlist wireless debug trace vlan vlan name Description Displays the configured debug trace levels Syntax Description accounting Specifies accounting level bootprelay Specifies BOOTP relay level card state chang...

Page 1262: ...n the i series switches ipxsap entry Specifies IPX SAP entry level NOTE This option is available only on the i series switches ipxsap message Specifies IPX SAP message level NOTE This option is available only on the i series switches isis cli Specifies ISIS CLI level NOTE This option is available only on the i series switches isis event Specifies ISIS event level NOTE This option is available only...

Page 1263: ...ies switches ppphexdump Specifies the level of the PPP hex dump NOTE This option is available only on the i series switches radius Specifies RADIUS level rip message Specifies RIP message level rip route change Specifies RIP route level rip triggered update Specifies RIP triggered update level slave msm Specifies slave MSM level NOTE This option is available only on the i series switches slb 3dns ...

Page 1264: ...s 3 Vlan Debug Level v49 DVMRP route 3 Port Number Debug Level No port based debug tracing configured History This command was first available in ExtremeWare 6 1 Beginning in ExtremeWare 7 1 0 many debug trace facilities were moved to EMS This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms udp forwarding Spe...

Page 1265: ...examples in this section to see how some of this information is presented slot number Specifies the slot number of an I O module NOTE This option is available only on the i series switches slot id list Specifies that the command applies to one or more switches in a stack The slot ID is the number of the switch in the stack msm a msm b msm c msm d Specifies the MSM slot NOTE This option is availabl...

Page 1266: ...wing command displays the results of module diagnostics for the MSM in slot B show diagnostics slot msm b The results are similar to the following Diagnostic Test Result run on Mon Feb 14 03 24 22 2005 Slot B SN 0015F10930 CPU System Passed Registers Test Passed Memory Test Passed System Test Passed Packet memory defect info for card msm a Num of defects 0 num of recoverable defects 0 The followin...

Page 1267: ... and in ExtremeWare 6 1 5 The command was modified to include MSM modules in ExtremeWare 6 1 9 The command was modified to support Alpine and Summit switches in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1268: ... If the active parameter is specified the port mapping display is limited to active external I O ports only Used in conjunction with the show diagnostics backplane utilization command these commands are helpful for diagnosing over subscription problems related to backplane I O port switch mappings Example The following command displays diagnostic information related to the ARM module internal back...

Page 1269: ...rt based If the active parameter is specified the port mapping display is limited to active external I O ports only Used in conjunction with the show diagnostics backplane utilization command these commands are helpful for diagnosing over subscription problems related to backplane I O port switch mappings Example The following command displays diagnostic information related to the MPLS module inte...

Page 1270: ...lization on configured backplane links between active modules and MSM modules The number of packets transmitted and received The percentage of bandwidth used on the link Backplane utilization statistics can be reset by pressing 0 while the information is being displayed Example The following command displays backplane link utilization information show diagnostics backplane utilization History This...

Page 1271: ...h The length of the cable All pairs should have the same length An uneven length can indicate a kink in the cable or a broken connection Status The result of the test The status of Terminated indicates a successful completion The status of Open or Short indicates a failure in the cable Examples The following example tests the Ethernet cable inserted into port 1 run diagnostics cable ports 1 Cable ...

Page 1272: ...ults enter show port port list cable diagnostics show port 1 cable diagnostics Port Pair Length Status 1 Pair A 0 meters Open or Short Pair B 0 meters Open or Short Pair C 0 meters Open or Short Pair D 0 meters Open or Short History This command was introduced in ExtremeWare 7 3 Platform Availability This command is available on all platforms ...

Page 1273: ...able If packet memory defects were found it displays information about each defect In ExtremeWare 6 2 1 this applies only to the G8Xi G8Ti G12SXi and F48Ti MSMs are not supported in this release In ExtremeWare 6 2 2 this apples to all i series modules and switches Example The following command displays the results of a PM scan for slot 2 where a single defect was found show diagnostics packet memo...

Page 1274: ...ect info for card 2 Num of defects 1 num of recoverable defects 1 Defect information Defect entry 1 recoverable 0 mem ID 9 bit position 0 address 0x18baa History This command was first available in ExtremeWare 6 2 1 Platform Availability This command is available on all i series switches ...

Page 1275: ...pecifying the VLAN displays all MAC cache entries learned on the VLAN Specifying the TLS tunnel displays all MAC cache entries learned on the TLS tunnel The MAC address VLAN name and TLS tunnel name are displayed for each MAC cache entry Example The following command displays the MAC cache entries learned on the VLAN test_1 for the MPLS module in slot 2 show diagnostics slot 2 fdb vlan test_1 Hist...

Page 1276: ...ul link two of the four cables must have a status of Terminated and even lengths The pairs are labeled A through D The output shows the test results of each pair Length The length of the cable All pairs should have the same length An uneven length can indicate a kink in the cable or a broken connection Status The result of the test The status of Terminated indicates a successful completion The sta...

Page 1277: ... port 1 Summit400 48t 29 run diagnostics cable ports 1 Cable Diagnostics has completed to view results enter show port port list cable diagnostics Summit400 48t 30 show port 1 cable diagnostics Port Pair Length Status 1 Pair A 0 meters Open or Short Pair B 0 meters Open or Short Pair C 0 meters Open or Short Pair D 0 meters Open or Short History This command was introduced in ExtremeWare 7 2e Plat...

Page 1278: ...lists the fields displayed by this command To specify the IP address to which a system dump is sent use the following command configure system dump server To specify the timeout use the following command configure system dump timeout Example The following command displays the system dump server IP and dump timeout show system dump Following is the output from this command with nothing configured S...

Page 1279: ...erver ip 10 5 2 82 ok Dump timeout 300 seconds Following is the output from this command with an unreachable IP address Server ip 1 2 3 4 currently unreachable via Mgmt vlan Dump timeout 300 seconds History This command was first available in ExtremeWare 6 2 2 Platform Availability This command is available on platforms with an Ethernet management port ...

Page 1280: ...il use the brief keyword if your system supports it Use the show tech support all form of the command to display all output for the following show commands show version show switch show configuration show diag show slot Supported only on i series switches show fdb show iparp show ipfdb show ipstats show iproute show ipmc cache detail show ipmc fdb show igmp snooping detail show memory detail show ...

Page 1281: ...layed Use the show tech support wireless form of the command to display output related to wireless only Example The following command displays all the show command output on the switch show tech support all History This command was first available in ExtremeWare 6 1 9 This command was modified to capture the show ipmc fdb command output in ExtremeWare 6 22 This command was modified to provide the ...

Page 1282: ...owing consistent or periodic high CPU utilization You can change the display by typing a character while the display is active These single character commands are as follows Table 22 defines the tasks Depending on your switch model and the functions it is executing you will see only a subset of these tasks Table 21 TOP command display options u Go up one screen d Go down one screen c Clear max uti...

Page 1283: ...ble only on the i series switches tBgQosMon The background Quality of Service monitor task tBgQosMon is a background version of the QoS monitoring task that monitors transmit count and kill count of ports and cycles as long as the monitor is enabled tBGTask The background task tBGTask is the core task switching process It receives packets from the hardware ASICs and switches them to the appropriat...

Page 1284: ...ocessing task It handles hardware interrupts for link events tMACPoll The media access controller poll task tMACPoll polls the various MAC PHY chips on the switch to pull up MAC Layer control messages for the CPU to process tmt32LinkPoll F32F module link poll task tmuTelnetd The telnet daemon task tNetTask The network stack task tNetTask handles all the software based processing of packets includi...

Page 1285: ...itches This is the secondary slave CPU inter CPU receive task tServAlive The server load balancing SLB health check server task NOTE This option is available only on the i series switches tShell The core operating system internal shell process tShell is spawned whenever the internal shell is accessed tSlbFailover The server load balancing failover task tSlowTimer The slow timer task tSlowTimer mai...

Page 1286: ...0 8075ab2c PEND T 0 0 tledPollTa 81390ef0 8075ab2c PEND 0 0 tAsyncSave 814feb10 8075ab2c PEND 0 0 tpifstate 81a85590 8075ab2c PEND 0 0 tbgpTask 81eaacd0 807169f4 PEND T 0 0 tbgpTimerT 81eaecd0 80749164 DELAY 0 0 tBgQosMon 81eb6be0 8075ab2c PEND 0 0 tEapsTask 82bd2a00 8075ab2c PEND 0 0 tSwFault 82c75530 8075ab2c PEND 0 0 tFdbAgeTas 82c85530 8075ab2c PEND 0 0 tFdbSyncTa 82c89530 807489a0 SUSPEND 0 0...

Page 1287: ...series switches Syntax Description This command has no arguments or variables Default N A Usage Guidelines Returns the system dump configuration to the defaults Example The following command unconfigures the system dump unconfigure system dump History This command was first available in ExtremeWare 6 2 2 Platform Availability This command is available only on platforms with an Ethernet management ...

Page 1288: ...cription Default N A Usage Guidelines If you do not specify an IP address the configured system dump server IP address is used Example The following command transfers a system dump to 10 10 10 1 upload system dump 10 10 10 1 3 History This command was first available in ExtremeWare 6 2 2 Platform Availability This command is available only on platforms with an Ethernet management port ip address S...

Page 1289: ...le Authentication Protocol Transport Layer Security EAP TLS Wi Fi Protected Access WPA using Temporal Key Integrity Protocol TKIP and Advanced Encryption Standard AES Per user VLAN classification AccessAdapt management Remote troubleshooting Easy upgrading of wireless ports Detailed reports and logging Wireless Devices You configure ports on the Summit or Alpine switch with the personality of the ...

Page 1290: ...emote Connect feature see Chapter 26 Virtual port numbers can range from 1 to 48 however a maximum of 24 virtual ports can be configured at one time on a Summit 300 48 switch Virtual ports are accommodated in the ExtremeWare CLI using the following convention for the port variable where n is the port number port value Description Example 1 n Physical port Summit 300 48 Alpine 3800 series configure...

Page 1291: ...nning on the specified virtual port Syntax Description Default N A Usage Guidelines N A Example clear APmgmt port virtual 21 history History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on Summit 300 48 Summit 300 24 Summit 400 24p and Alpine 3800 switches vport Specifies a virtual port on the switch in the format virtual n where n is the virt...

Page 1292: ... ports or for a port list Example The following example clears all the counters for wireless ports clear wireless ports all counters History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and port...

Page 1293: ...age for the specified wireless ports Upon execution of this command the AP resets and replaces the flash image with the specified image on the TFTP server This command may be useful for support personnel in certain circumstances during troubleshooting Example The following example force upgrades the runtime image for wireless port 1 1 clear wireless ports 1 1 flash image AP s for which runtime ima...

Page 1294: ...r 2 Examples The following command clears the AP scan result table for port 1 18 on interface 1 clear wireless port 1 18 interface 1 ap scan results History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports o...

Page 1295: ...ved from the client information database Example The following example clears the client history counters on all ports and interface 1 clear wireless ports all interface 1 client history all History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switc...

Page 1296: ...ll client scan statistics clear wireless ports 15 interface 1 client scan counters all History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be one or more port numbers May be in th...

Page 1297: ...rts 15 and interface 1 of all client scan results clear wireless ports 15 interface 1 client scan results all History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be one or more po...

Page 1298: ... for a port list Example The following example clears the counters for wireless port 1 1 clear wireless ports 1 1 counters History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be o...

Page 1299: ...le The following command configures the antenna profile antenna1 for antenna gain of 6 dBi in the 2 4 GHz band and 2 dBi in the 5 GHz band configure antenna profile antenna1 2 4ghz gain 6 5ghz gain 2 History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on Summit 300 48 Summit 300 24 Summit 400 24p and Alpine 3800 switches antenna_profile_name ...

Page 1300: ...ize the wireless network The beacon interval is the time in milliseconds between beacons Examples The following command sets the beacon interval to 100 ms configure rf profile rfprof1 beacon interval 100 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and...

Page 1301: ... hear the beacons and awaken to receive the broadcast and multicast messages Clients achieve greater power savings with larger DTM intervals However a larger DTM interval will increase the delay before multicast frames are delivered to all stations Examples The following command sets the DTIM interval to every 5 beacons configure rf profile rfprof1 dtim interval 5 History This command was first av...

Page 1302: ...y slightly increase the fragmentation threshold Setting the fragmentation threshold too low may result in poor network performance Only minor modifications of this value are recommended Examples The following command sets the fragment size to the default setting configure rf profile rfprof1 frag length 2345 History This command was first available in ExtremeWare 6 2a and added to the e series in 7...

Page 1303: ... applies to frames longer than the RTS threshold and it is set to 7 by default A frame requiring RTS CTS clearing is retransmitted seven times before being discarded To specify a the number of transmission attempts of a frame smaller than the RTS threshold use the following command configure rf profile name rts threshold value Examples The following command sets the transmission attempts to 10 con...

Page 1304: ...ng packet preamble Configure the RF profile for 802 11a and 802 11g using the short packet preamble Examples The following command sets the preamble to long configure rf profile rfprof1 preamble long History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alp...

Page 1305: ...d The wireless port sends RTS frames to a particular receiving station and negotiates the sending of a data frame After receiving an RTS the wireless station responds with a CTS frame to acknowledge the right to begin transmission Examples The following command sets the RTS threshold to the default setting configure rf profile rfprof1 rts threshold 2330 History This command was first available in ...

Page 1306: ...pplies to frames shorter than the RTS threshold and it is set to 4 by default A frame requiring RTS CTS clearing is retransmitted four times before being discarded To specify a the number of transmission attempts of a frame larger than the RTS threshold use the following command configure rf profile name long retry value Examples The following command sets the transmission attempts to 3 configure ...

Page 1307: ...rogrammed then the extreme_default country code is used You must program the country code on the Summit 300 to enable the remaining channels for the desired country The Altitude 300 wireless port is shipped with a pre programmed code for the following countries North America United States Canada Hong Kong Japan European Union and the Rest of the World If you do not program the country code in the ...

Page 1308: ...onfigures the switch level property for Spain configure wireless country code Spain History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1309: ... This address is used by all wireless client traffic whose destination is upstream switches Example The following example configures the switch level property for the default gateway configure wireless default gateway 192 168 1 1 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit...

Page 1310: ... can work This VLAN can be the default VLAN and it can either have a public or private IP address This VLAN is an untagged VLAN on which all the Altitude 300 devices are connected Example The following example configures the switch level property for the default gateway configure wireless management vlan Default History This command was first available in ExtremeWare 6 2a and added to the e series...

Page 1311: ...escription Default detachable_extr_15901 Usage Guidelines N A Example The following command binds antenna profile antenna1 to port 1 2 on the switch configure wireless ports 1 2 antenna profile antenna1 History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on Summit 300 48 Summit 300 24 Summit 400 24p and Alpine 3800 switches port Identifies a ...

Page 1312: ... and to comply with regulatory requirements Example The following example configures all ports on the Altitude 300 for indoor use configure wireless ports all antenna location indoor History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches port...

Page 1313: ...ted from such events as client station failures station idle timeouts or a client abruptly leaving the wireless network without notifying the associated Altitude 300 The timeout value is configured for each port and affects both interfaces 1 and 2 Example The following command configures ports 13 24 to time out the client current state table at 120 seconds configure wireless ports 13 24 detected s...

Page 1314: ...authentication based on time of day Example The following command configures ports 1 18 to force disassociate all clients every day at noon configure wireless ports 1 18 force disassociation all clients every 12 0 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 4...

Page 1315: ...300 48 to use the health check facility configure wireless ports 1 18 health check on History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be one or more port numbers May be in the...

Page 1316: ...scan to send an SNMP trap when new stations are added to the results table configure wireless ports 18 interface 2 ap scan added trap on History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ...

Page 1317: ...channel History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be one or more port numbers May be in the form 1 2 1 2 3 5 2 2 5 2 6 2 8 all Specifies all ports interface Specifies an...

Page 1318: ... the off channel scan for wireless port 1 5 using interface 2 configure wireless ports 1 5 interface 2 ap scan off channel continuous off History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and...

Page 1319: ...ould wait on a particular channel Example The following command sets the wait time at 5 milliseconds configure wireless ports 1 5 interface 2 ap scan off channel max wait 5 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Speci...

Page 1320: ... channel Example The following command sets the wait time at 5 milliseconds configure wireless ports 1 5 interface 2 ap scan off channel min wait 5 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or...

Page 1321: ...n Example The following example configures the interval between probe request packets to be 10 ms for port 1 9 on interface 2 configure wireless ports 1 9 interface 2 ap scan probe interval 10 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine swi...

Page 1322: ... an SNMP trap when new stations are removed from the results table configure wireless ports 18 interface 2 ap scan removed trap on History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports ...

Page 1323: ...nd configures port 1 7 and interface 1 to store 100 elements configure wireless ports 1 7 interface 1 ap scan results size 100 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can ...

Page 1324: ...figures port 1 7 and interface 1 to have a timeout threshold of 5 seconds configure wireless ports 1 7 interface 1 ap scan results timeout 5 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots ...

Page 1325: ...fies passive scanning Example The following example enables the port range 1 15 1 24 using interface 1 to enable probes configure wireless ports 1 15 1 24 interface 1 ap scan send probe on History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switche...

Page 1326: ...sing interface 1 to send an SNMP trap when an AP has changed configure wireless ports 20 interface 1 ap scan updated trap on History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be...

Page 1327: ...down Valid channel values are shown in Table 23 Example The following command configures a channel for interface 2 on port 5 on a Summit 300 24 configure wireless port 5 interface 2 channel auto The following example shows command output if RADAR interference is detected on the specified channel config wireless ports 15 interface 1 channel 44 Error Interface 15 1 failed please see log for details ...

Page 1328: ...RADAR channel on the interface Error Channel belongs to DFS channel range in mode A Valid values are 36 40 44 48 for auto mode History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1329: ...he client history table for ports 1 1 1 20 and interface 2 to 100 entries configure wireless ports 1 1 1 30 interface 2 client history size 100 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slo...

Page 1330: ...l for the client history table for ports 1 1 1 20 and interface 2 to 100 seconds configure wireless ports 1 1 1 20 interface 2 client history timeout 100 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more po...

Page 1331: ...ly populated Example The following command enables traps for port 1 5 and interface 2 configure wireless port 1 5 interface 2 client scan added trap on History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more port...

Page 1332: ...e following command disables traps for port 1 9 and interface 1 configure wireless port 1 9 interface 1 client scan removed trap off History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and port...

Page 1333: ...nd configures the maximum number of entries in the client scan table as 1000 for port 1 5 and interface 2 configure wireless port 1 5 interface 2 client scan results size 1000 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Sp...

Page 1334: ...and sets the timeout period to 150 seconds for entries in the client scan information table configure wireless ports 1 5 1 20 interface 2 client scan results timeout 150 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifie...

Page 1335: ...ple sets the maximum client level to 72 for port 15 and interface 1 configure wireless ports 15 interface 1 max clients 72 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be o...

Page 1336: ...gure one of the two individual interfaces 1 2 on a port or ports All ports in the port list must have the same wireless port version Example The following command attaches the RF profile radio1 to interface 1 on port 1 7 on a Summit 300 48 configure wireless port 1 7 interface 1 security profile radio1 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e P...

Page 1337: ...onfigure one of the two individual interfaces 1 2 on a port or ports All ports in the port list must have the same wireless port version Example The following command attaches the security profile secure wep to interface 1 on port 1 7 on a Summit 300 48 configure wireless port 1 7 interface 1 security profile secure wep History This command was first available in ExtremeWare 6 2a and added to the ...

Page 1338: ...vel to an appropriate level below full power Example The following command configures the power level to half power for interface 1 on ports 5 to 16 on a Summit 300 24 configure wireless port 5 16 interface 1 transmit power half History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e In 7 4 the command syntax was changed from configure wireless ports interfac...

Page 1339: ...n rate values are shown in Table 24 Example The following command configures the port 14 on a Summit 300 24 to transmit at 54 Mbps for both interface 1 and 2 A and G configure wireless port 14 interface 1 transmit rate 54Mbps configure wireless port 14 interface 2 transmit rate 54Mbps History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e portlist Specifies ...

Page 1340: ...1340 ExtremeWare 7 7 Command Reference Guide Wireless Commands Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1341: ...wired and wireless MAC addresses in the same VLAN or between remote wireless stations associated with a remote Altitude 300 wireless port Example The following command disables bridging interface 2 on port 1 15 on a Summit 300 48 configure wireless port 1 15 interface 2 wireless bridging off History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Ava...

Page 1342: ... C Each port requires a unique IP address Example The following command configures the default IP address for port 1 18 on the Summit 300 48 configure wireless ports 1 18 192 168 0 100 18 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches...

Page 1343: ...d designate a physical location as follows bldg 1 pole 14 cube 7 Funk Radius can use this attribute for authentication Example The following command configures the location cube_a7 on port 18 on the Summit 300 24 configure wireless ports 18 location cube_a7 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available...

Page 1344: ...ng the AP Use the show wireless ports configuration command to display the wireless port mode Example The following example changes the mode of wireless port 1 4 to SummitWM configure wireless ports 1 14 mode SummitWM The following example changes the mode of wireless port 1 4 to ExtremeWare configure wireless ports 1 14 mode ExtremeWare History This command was first available in ExtremeWare 7 6 ...

Page 1345: ... Antenna profiles can be assigned any name except the default antenna profile name detachable_extr_15901 Example The following command creates an antenna profile with the name antenna1 create antenna profile antenna1 History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches anten...

Page 1346: ...owing command creates a new RF profile called rfprof_alpha from an existing profile called wireless_prof create rf profile rfprof_alpha copy wireless_prof The following command can be used to validate that you created the new RF profile as entered show rf profile rfprof_alpha or show rf profile The latter command shows all RF profiles History This command was first available in ExtremeWare 6 2a an...

Page 1347: ...rofile rfprof_alpha mode g The following command can be used to validate that you created the new RF profile as entered show rf profile rfprof_alpha or show rf profile The latter command shows all RF profiles History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24...

Page 1348: ... Antenna profiles can be assigned any name except the default name detachable_extr_15901 Example The following command deletes the antenna profile with the name antenna1 deletes antenna profile antenna1 History This command is introduced in ExtremeWare 7 4 Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches antenna_profile_name Iden...

Page 1349: ... example deletes the RF profile named rfprof_alpha delete rf profile rfprof_alpha The following command can be used to validate that you deleted the RF profile as entered show rf profile rfprof_alpha or show rf profile The latter command shows all RF profiles History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is availab...

Page 1350: ...ble one or more wireless ports Example The following command disables port 1 17 disable wireless ports 1 17 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be one or more port...

Page 1351: ...force disassociation scheduler to cancel a force disassociation schedule Example The following command cancels all scheduled enable or disable commands disable wireless ports all cancel scheduler History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine ...

Page 1352: ...rts will be disabled each day on the specified hour Example The following command disables port 1 17 every day at 7 a m disable wireless ports every 1 17 7 History This command was first available in ExtremeWare 6 2a It was added to the i series in 7 3 0 and to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches...

Page 1353: ...are disabled it s the same as using the command disable wireless ports x x Example The following command disables port 1 35 and interface 1 disable wireless ports 1 35 interface 1 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlis...

Page 1354: ...is empty If the scan is restarted the table values from the previous scan will be kept Example The following command disables interface 2 on ports 1 18 to 1 28 on a Summit 300 48 disable wireless ports 1 18 1 28 interface 2 ap scan History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summ...

Page 1355: ...les port 23 using interface 1 on the Summit 300 24 disable wireless ports 23 interface 1 ap scan off channel at 18 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be one or mo...

Page 1356: ...fied wireless interface Example The following example sets port 1 23 and interface 1 to disable logging of historical information disable wireless ports 1 23 interface 1 client history History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches po...

Page 1357: ...abling the feature can improve performance if the network is heavily populated and beginning to show degradation Example The following command disables port 1 31 and interface 2 disable wireless ports 1 31 interface 2 client scan History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit...

Page 1358: ...he selected ports and interface Example The following example disables port 1 15 and interface 1 for IAPP disable wireless ports 1 15 interface 1 iapp History This command was first available in ExtremeWare 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be one or ...

Page 1359: ...tolerance for error recovery than data Although voice traffic can tolerate some degree of error recovery it can be noticeable to users This command allows you to enable QoS for VoIP on the port and interface level Example The following example disables SVP on port 17 and interface 1 disable wireless ports 17 interface 1 svp History This command was first available in ExtremeWare 7 3e Platform Avai...

Page 1360: ...following command disables port 1 18 on June 29 2005 at 3 p m disable wireless ports 1 18 time 6 29 2005 15 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be one or more port...

Page 1361: ... to enable wireless ports Example The following command enables port 1 17 enable wireless ports 1 17 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be one or more port number...

Page 1362: ...mand to cancel the scheduler Example The following command cancels all scheduled enable or disable commands enable wireless ports all cancel scheduler History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports...

Page 1363: ...elected port or ports will be enabled each day on the specified hour Example The following command enables port 1 17 every day at 7 a m enable wireless ports every 1 17 7 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifi...

Page 1364: ...mple The following command enables port 1 35 and interface 1 enable wireless ports 1 35 interface 1 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be one or more port numbers...

Page 1365: ...titude 300 The Altitude 300 continues to carry user traffic during scans operating on the current channel on channel scans Example The following command enables interface 2 on ports 1 18 to 1 28 on a Summit 300 48 enable wireless ports 1 18 1 28 interface 2 ap scan History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is a...

Page 1366: ... following command enables port 23 using interface 1 on the Summit 300 24 enable wireless ports 23 interface 1 ap scan off channel at 18 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ...

Page 1367: ...ach associated client Example The following example sets port 1 23 and interface 1 to keep historical information enable wireless ports 1 23 interface 1 client history History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies ...

Page 1368: ... specified wireless interface Example The following command enables port 1 31 and interface 2 enable wireless ports 1 31 interface 2 client scan History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or sl...

Page 1369: ...APP for the selected ports and interface Example The following example enables port 1 15 and interface 1 for IAPP enable wireless ports 1 15 interface 1 iapp History This command was first available in ExtremeWare 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be ...

Page 1370: ... for error recovery than data Although voice traffic can tolerate some degree of error recovery it can be noticeable to users This command allows you to enable QoS for VoIP on the port and interface level Example The following example turns on SVP on port 17 and interface 1 enable wireless ports 17 interface 1 svp History This command was first available in ExtremeWare 7 3e Platform Availability T...

Page 1371: ...e following command enables port 1 18 on June 29 2005 at 3 p m enable wireless ports 1 18 time 6 29 2005 15 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can be one or more port...

Page 1372: ... the wireless ports to the default values reset wireless ports The following example resets all the Remote Connect wireless ports on a Summit 300 48t switch to the default values reset wireless ports v History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and A...

Page 1373: ...en ports Example The following example resets all of interface 1 ports to the default values reset wireless ports interface 1 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and ports Can b...

Page 1374: ...enna profiles can be assigned any name except the default name detachable_extr_15901 Example The following command displays information regarding the antenna profile with the name antenna1 show antenna profile antenna1 History This command is introduced in ExtremeWare 7 4 Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches antenna_p...

Page 1375: ... port state timeout enable mac ann tftp xmt rcv v 2 RUNNING 20 1 00 04 96 0d 9e f0 1 1 48 468 hardware ID Altitude 300 2i hardware Version 1 1 1 hardware serial 04078 00211 hardware status 0x00f363e7 OK 0x00f363e7 bootrom version 2 4 build 0 filename sent AR 7_3 Z Virtual Port v 2 info Current BINDING AP MAC 2 Cached MAC 00 04 96 0d 9e f0 show APmgmt port virtual 2 history port state machine log f...

Page 1376: ...NTX_OPENED 16 11 2004 15 29 57 AGENTX_OPENED received AGENTX_CONFIG_OK 16 11 2004 15 29 58 RUNNING Show APmgmt port 1 6 history port state machine log for 1 6 16 11 2004 13 57 11 ANNOUNCE_RCVD nAnn 1 limit 300 mac 00 04 96 0D 9E F0 hw id Altitude 300 2i hw ver 1 1 1 s erial 04078 00211 status 0xf363e7 OK 0xf363e7 bootrom ver 2 4 0 16 11 2004 13 57 11 ANNOUNCE_REPLY_SENT received EDP_ANNOUNCE 16 11...

Page 1377: ...med rfprof_alpha show rf profile rfprof_alpha The output from this command is similar to Profile Name rfprof_alpha Mode G Beacon Interval 1000 DTIM 100 Fragmentation Length 2345 RTS Threshold 2330 Preamble Long Short Retry 4 Long Retry 7 No interfaces bound to this RF profile The following command displays configuration information about all RF profiles show rf profile The output from this command...

Page 1378: ... Mode B_G Beacon Interval 40 DTIM 2 Fragmentation Length 2345 RTS Threshold 2330 Preamble Long Short Retry 4 Long Retry 7 Interfaces 63 1 1 2 1 2 2 1 3 2 1 4 2 1 5 2 1 6 2 1 7 2 1 8 2 1 9 2 1 10 2 1 11 2 1 12 2 1 13 2 1 14 2 1 15 2 1 16 2 1 17 2 1 18 2 1 19 2 1 20 2 1 21 2 1 22 2 1 23 2 1 24 2 1 25 2 1 26 2 1 27 2 1 28 2 1 29 2 1 30 2 1 31 2 1 32 2 2 2 2 2 3 2 2 4 2 2 5 2 2 6 2 2 7 2 2 8 2 2 9 2 2...

Page 1379: ...Retry 1 No interfaces bound to this RF profile Profile Name MinSetting_B Mode B Beacon Interval 20 DTIM 1 Fragmentation Length 256 RTS Threshold 0 Preamble Long Short Retry 1 Long Retry 1 No interfaces bound to this RF profile Profile Name MinSetting_G Mode G Beacon Interval 20 DTIM 1 Fragmentation Length 256 RTS Threshold 0 Preamble Long Short Retry 1 Long Retry 1 No interfaces bound to this RF p...

Page 1380: ...2345 RTS Threshold 2330 Preamble Long Short Retry 255 Long Retry 255 No interfaces bound to this RF profile Profile Name MaxSetting_BG Mode B_G Beacon Interval 1000 DTIM 100 Fragmentation Length 2345 RTS Threshold 2330 Preamble Long Short Retry 255 Long Retry 255 No interfaces bound to this RF profile Profile Name MaxBeacon_BG Mode B_G Beacon Interval 1000 DTIM 100 Fragmentation Length 2345 RTS Th...

Page 1381: ...con_G Mode G Beacon Interval 1000 DTIM 100 Fragmentation Length 2345 RTS Threshold 2330 Preamble Long Short Retry 4 Long Retry 7 No interfaces bound to this RF profile History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1382: ...e in depth information Table 25 AP Scan Results Alphabetized Data Value Description APMAC MAC address of the discovered AP Capability Capability field from a received information packet in detail output only Channel The channel on which this AP was discovered ESS Name String ESS ID I E Last Update Time value at which this entry was updated Min Max Avg RSS Received Signal Strength statistics Networ...

Page 1383: ... 5 2 DEFAULT_ESS 3 bss 3 N 01 36 18 00 04 96 0C 23 60 5 2 DEFAULT_ESS 3 bss 11 N 01 36 18 00 04 96 0C 23 B0 5 2 TFZ 0 bss 7 Y 01 36 18 00 04 96 0C 30 A0 5 2 DEFAULT_ESS 0 bss 4 N 01 36 18 00 04 96 0C 31 30 5 2 DEFAULT_ESS 0 bss 10 N 01 36 16 00 04 96 0C 36 30 5 2 DEFAULT_ESS 1 bss 10 N 01 35 58 00 04 96 0C 3C 70 5 2 fz open wep 64 4 bss 7 Y 01 36 18 00 04 96 0C 5F F0 5 2 DEFAULT_ESS 2 bss 11 N 01 ...

Page 1384: ...owing command displays information about the AP 00 04 96 0C 23 70 show wireless ap scan results 00 04 96 0C 23 70 The results of the command are similar to AP Mac Address Intf ESS Name AvgRSS Type Chan WEP WPA Last 00 04 96 0C 23 70 1 23 2 DEFAULT_ESS 27 bss 6 N02 18 51 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command...

Page 1385: ...on to get further details of the client scan Examples The following example displays information about the wireless configuration show wireless client scan results The output of the command is similar to Source 00 04 23 90 03 91 Intf Probe ProbeResp FirstSeen LastChange 1 25 2 100337 0 21 46 47 23 41 43 LastRSS LastRate LastChan 12 0 6 Source 00 05 4E 48 45 F8 Intf Probe ProbeResp FirstSeen LastCh...

Page 1386: ...esults table Source Intf Probes ProbeResp LastRSS LastChan 00 04 23 90 03 91 1 25 2 100445 0 15 6 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1387: ...xamples The following example displays information about the wireless configuration show wireless configuration The output of the command is similar to Summit300 48 24 show wireless configuration Country Code USA Canada Hong_Kong Management VLAN wlan Gateway 172 16 4 210 num of RedirectDB entry 1 Global Binding Type AP MAC Bootstrap Server 172 16 4 225 Bootstrap Path ABS 1_8_0 bin Bootloader Serve...

Page 1388: ...1388 ExtremeWare 7 7 Command Reference Guide Wireless Commands Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1389: ...p 9 02 25 16 2003 1 6 DIS Tue Sep 9 02 25 16 2003 1 7 DIS Tue Sep 9 02 25 16 2003 1 8 01010001 00 04 96 0C 22 00 03418 00410 ON Mon Sep 13 11 03 16 2004 1 9 DIS Tue Sep 9 02 25 16 2003 1 10 DIS Tue Sep 9 02 25 16 2003 1 11 DIS Tue Sep 9 02 25 16 2003 1 12 DIS Tue Sep 9 02 25 16 2003 1 13 DIS Tue Sep 9 02 25 16 2003 1 14 DIS Tue Sep 9 02 25 16 2003 1 15 DIS Tue Sep 9 02 25 16 2003 1 16 DIS Tue Sep ...

Page 1390: ...e Guide Wireless Commands History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1391: ... 1 5 0 0 0 0 Unknown Location indoor 600 None on DIS SummitWM 1 6 0 0 0 0 Unknown Location indoor 600 None on DIS SummitWM 1 7 0 0 0 0 Unknown Location indoor 600 None on DIS SummitWM 1 8 0 0 0 0 Unknown Location indoor 600 None on DIS SummitWM 1 9 0 0 0 0 Unknown Location indoor 600 None on DIS SummitWM 1 10 0 0 0 0 Unknown Location indoor 600 None on DIS SummitWM 1 11 0 0 0 0 Unknown Location in...

Page 1392: ...s command was first available in ExtremeWare 6 2a and added to the e series in 7 3e This command was modified to include wireless port mode in ExtremeWare 7 6 Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1393: ...o Wireless Port 1 8 Messages Sent 0 Total Bytes Sent 0 Messages Suppressed 278409 Other Errors 0 Trace Description CUR MSGS BYTES SUPP dot1x 802 1x Processing 0 0 0 69058 radius Radius Backend 0 0 0 0 mac Wireless MAC 0 0 0 34 snmp SNMP Subagent 0 0 0 1980 wlan driver WLAN Driver 0 0 0 0 eth driver ETH Driver 0 0 0 0 ap scan AP Scan 0 0 0 46 client diag Client Diag 0 0 0 6 mac radius MAC Radius 0 ...

Page 1394: ...agent 0 0 0 45947 wlan driver WLAN Driver 0 0 0 0 eth driver ETH Driver 0 0 0 0 ap scan AP Scan 0 0 0 35736423 client diag Client Diag 0 0 0 15 mac radius MAC Radius 0 0 0 0 wpa wpa2 WPA or WPA2 State Machine 0 0 207188 iapp IAPP 0 0 0 187 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300...

Page 1395: ... image configuration of one or more wireless ports Example The following example displays a report of the runtime image for the configured wireless ports show wireless ports all image configuration The output of the command is similar to Port 1 11 Runtime Server 10 255 52 2 Runtime Path apimages ART 7_6_3 bin Port 1 47 Runtime Server 10 255 52 2 Runtime Path v760b10 ART 7_6_4 bin History This comm...

Page 1396: ...show wireless ports 1 5 interface 1 ap scan configuration The output of the command is similar to Intf En Add Rem Update Probe ProbeInt OCS Cont Size Timeout Channels 1 5 1 N off off off off 100 N N 128 300 The following example shows the extra details shown when the keyword detail is added to the command show wireless ports 1 5 interface 1 ap scan configuration detail The output of the command is...

Page 1397: ...hedule 1 Currently disabled Schedule 2 Currently disabled Schedule 3 Currently disabled Schedule 4 Currently disabled Schedule 5 Currently disabled Schedule 6 Currently disabled Schedule 7 Currently disabled Schedule 8 Currently disabled History This command was first available in ExtremeWare 6 2a Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and...

Page 1398: ...all active ports interface Specifies an interface 1 or 2 detail Optional Specifies to display the information in detailed format Table 26 AP Scan Results Alphabetized Data Value Description APMAC MAC address of the discovered AP Capability Capability field from a received information packet in detail output only Channel The channel on which this AP was discovered ESS Name String ESS ID I E Last Up...

Page 1399: ... web unsecure 2 bss 64 N 19 05 34 1 2 1 00 04 96 0C 5F F0 md 5 9 bss 161 Y Y 19 05 34 1 2 1 00 D0 4D 96 D0 CD Atheros 12 bss 48 Y Y 19 05 33 1 2 1 00 04 96 0C D8 40 fz wpa dyn tkip 54 bss 52 Y Y 19 05 34 1 2 1 00 04 96 0D B4 20 QADS300 2410 bss 149 N 1 1 2 1 00 04 96 0D 9E C0 wpapsk 13 bss 161 Y Y 19 05 34 1 2 1 00 04 96 0D 77 90 Extreme_a 3 bss 161 Y Y 19 05 34 1 2 1 00 30 F1 92 44 39 fz wpa psk ...

Page 1400: ... Set Number of Beacons 1 Number of Probes 0 RSS Min 14 Max 14 Avg 7 WPA Information Version 1 Unicast Ciphers TKIP Multicast Ciphers WEP104 WPA Auth Suite DOT1X Capability Information Y G Short Slot N Channel Agility N PBCC N CF Poll REQ N CF Pollable Y WEP Required bss Network Type L Preamble History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform A...

Page 1401: ...address show wireless ports 1 8 interface 2 ap scan results 00 04 96 5 80 B0 The output of the command is similar to AP Mac Address Intf ESS Name AvgRSS Type Chan WEP WPA Last 00 04 96 05 80 B0 1 8 2 Extreme_g 8 bss 11 Y 23 53 34 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit...

Page 1402: ...an for the port and interface show wireless port 1 5 interface 1 ap scan status The output of the command is similar to the following Intf Enabled Num Probes Num APs WaterMark TimeOuts Overflows OCS 1 1 N 0 0 0 0 0 N History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summi...

Page 1403: ...le displays MAC statistic information for port 1 8 on interface 1 show wireless ports 1 8 interface 1 client 00 0D 54 98 AC 35 mac statistics The output of the command is similar to Intf 1 8 1 AP Mac Address 00 0D 54 98 AC 35 RSS Min 0 Max 0 Avg 0 Total PROBE REQ 0 Total AUTH REQ 1 Total ASSOC REQ 2 Total REASSOC REQ 0 Total DEASSOC REQ 0 Total DEAUTH REQ 0 Total PS POLL 0 Total Data Frames 0 NAV ...

Page 1404: ...e Guide Wireless Commands History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1405: ...nd interface Example The following example displays the client history and diagnostic features on port 1 25 and interface 1 show wireless ports 1 25 interface 1 client history configuration The output of the command is similar to Intf Enabled TableSize Timeout 1 25 1 Y 128 600 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This ...

Page 1406: ...ormation for port 1 25 and interface 1 based on the MAC address of the client show wireless ports 1 25 interface 1 client history diagnostics 00 0D 54 98 AC 35 The output of the command is similar to Interface 1 25 1 AP Mac Address 00 0D 54 98 AC 35 State Watermark FORWARDING Events In Detected Enters 1 Errors 0 AUTH REQ 0 Other 1 MGMT Action 0 Time Outs 0 Events In Authenticated Enters 1 Errors 0...

Page 1407: ...rs 1 Errors 0 MGMT Action 0 Time Outs 0 Events In Forwarding Enters 1 MGMT Action 0 Time Outs 1 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1408: ...s 1 25 interface 1 client history mac layer 00 0D 54 98 AC 35 The output of the command is similar to Intf 1 25 1 AP Mac address 00 0D 54 98 AC 35 Authentication Information Authenticated Y Total AUTH REQ 1 Total AUTH RESP 1 Total AUTH OK 1 Total AUTH Failed 0 Total AUTH open 0 Total AUTH shared 1 Last AUTH REQ 19 40 06 Last Auth Type OPEN Authentication Error Information Last Error Time 00 00 00 ...

Page 1409: ...ssociation Error Information Last Error Time 00 00 00 Last Error Type NONE Errors by Type Rate Mismatch 0 Capability 0 Counter Measure 0 Cipher Suite 0 Max Associations 0 RSN Required 0 RSN Mismatch 0 Other 0 Rate Set 6 9 12 18 24 36 48 54 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300...

Page 1410: ... 128 600 0 0 0 0 portlist Specifies one or more ports or slots and ports Can be one or more port numbers May be in the form 1 2 1 2 3 5 2 2 5 2 6 2 8 all Specifies all active ports interface Specifies an interface 1 or 2 Field Description Enable This value indicates if historical information is being collected on this interface or not TableSize This is the number of entries allowed in each of the ...

Page 1411: ...tremeWare 7 7 Command Reference Guide 1411 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1412: ...imeout Parameter specified for scan timeouts Max Size Parameter specified for the number of entries for the table Examples The following example displays the current configuration of the client scan feature on port 1 5 and interface 1 show wireless ports 1 5 interface 1 client scan configuration It produces output similar to the following Summit300 48 15 show wireless ports all interface 1 client ...

Page 1413: ...ExtremeWare 7 7 Command Reference Guide 1413 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1414: ... 4C 40 69 8005 52 1 19 37 36 N 1 25 2 00 09 5B 92 43 63 262 34 1 19 37 37 N 1 25 2 00 09 5B 68 27 A6 482 43 1 19 37 37 N 1 25 2 00 09 5B 66 ED F3 390 47 1 19 37 35 N 1 25 2 00 09 5B 66 E4 C9 314 12 1 19 37 30 N portlist Specifies one or more ports or slots and ports Can be one or more port numbers May be in the form 1 2 1 2 3 5 2 2 5 2 6 2 8 all Specifies all active ports interface Specifies an in...

Page 1415: ...0 24 1 19 37 13 N 1 25 2 00 0D 88 65 75 E0 196 21 1 19 37 35 N 1 25 2 00 0D 54 99 16 C3 89 12 1 19 37 36 N 1 25 2 00 09 5B A2 75 37 251 24 1 19 37 32 N 1 25 2 00 0D 54 98 AC 35 126 30 1 19 37 36 N 1 25 2 00 0C 41 FA 62 FE 9 7 1 19 36 44 N 1 25 2 00 09 5B A2 75 3B 17 11 1 19 36 36 N 1 25 2 00 0C 41 60 D0 73 81 20 1 19 36 58 N 1 25 2 00 0D 54 A7 0C 89 475 29 1 19 37 36 N History This command was fir...

Page 1416: ...9D show wireless port 5 interface 1 client scan results 00 03 7F BE FE 9D It produces output similar to the following Intf Source Probe REQs Last RSS Channel Last SeenClient 5 1 00 03 7F BE FE 9D 17 4 161 01 39 48 N History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit...

Page 1417: ...0 24 FZ 28 show wireless ports 1 interface 1 client scan status Intf Table Size WaterMark Overflows Timeouts LastElement Total Probes 1 1 0 0 0 0 0 0 S300 24 FZ 29 portlist Specifies one or more ports or slots and ports Can be one or more port numbers May be in the form 1 2 1 2 3 5 2 2 5 2 6 2 8 all Specifies all active ports interface Specifies an interface 1 or 2 Variable Description CurrentTabl...

Page 1418: ...e Guide Wireless Commands History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1419: ...he client list detail Optional Specifies to display the information in detailed format Fields Description Client MAC MAC address of the client adapter Current State DETECTED AUTHED ASSOC or FORWARD Indicates which part of the state machine the client is currently in Last state change The system time when the client last changed states Encryption Type Type of MAC level encryption the client is usin...

Page 1420: ...rt 1 1 Current State FORWARD Last State Change 4 42 39 Authentication Type PSK Encryption Type AES ESS ID fz wpa psk aes Client VLAN SKSPVlan Client Priority 0 Received Signal Strength 195 TX Frames 17067 RX Frames 34228 TX Bytes 1712753 RX Bytes 3857802 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on...

Page 1421: ...orts 1 26 1 30 interface 1 configuration Output of the command is similar to Port Intf State RF Prof Sec Prof TxRate Power Chan Max Cl Bridging 1 26 1 EN rf_26 Unsecure 54 FULL 0 100 EN 1 27 1 EN rf_27 Unsecure 54 FULL 0 100 EN 1 28 1 EN rf_28 Unsecure 54 FULL 0 100 EN 1 29 1 EN DEFAULT_A Unsecure 54 FULL 0 100 EN 1 30 1 EN DEFAULT_A Unsecure 54 FULL 0 100 EN EN Enabled DIS Disabled The following ...

Page 1422: ...curity Profile Unsecure Transmit Rate 54 Power FULL Channel 0 Max Clients 100 Wireless Bridging Enabled Wireless Interface 1 28 1 State Enabled RF Profile rf_28 Security Profile Unsecure Transmit Rate 54 Power FULL Channel 0 Max Clients 100 Wireless Bridging Enabled Wireless Interface 1 29 1 State Enabled RF Profile DEFAULT_A Security Profile Unsecure Transmit Rate 54 Power FULL Channel 0 Max Clie...

Page 1423: ...7 Command Reference Guide 1423 Summit300 48 21 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1424: ...1 on interface 2 show wireless ports 1 11 interface 2 pae diagnostics The output of the command is similar to PAE Diagnostic Statistics CLIENT MAC Port Intf Failures Timeouts Success Logoffs ReAuth 00 0D 54 98 AC 35 1 11 2 0 0 2 0 0 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Sum...

Page 1425: ...sts the output of the PAE statistics for ports 1 11 on interface 2 show wireless ports 1 11 interface 2 pae statistics The output of the command is similar to PAE Statistics CLIENT MAC Port Intf STATE TX RX ERRORS CLIENT ID 00 0D 54 98 AC 35 1 11 2 AUTHED 16 17 0 sqalab labu History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This co...

Page 1426: ...erfaces 1 2 on a port or ports Examples The following example displays RF status of all active ports of the switch show wireless ports all interface 1 rf status Port Intf Tx Rate Channel Noise Floor 1 37 1 54 64 85 1 38 1 54 64 84 The following command shows detailed RF status The output includes a list of channels recorded in the no occupancy list NOL due to RADAR interference for the DFS feature...

Page 1427: ...ise Floor dBm 82 Supported Rates 6 9 12 18 24 36 48 54 Supported Modes A Channels with RADAR interface 52 56 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches ...

Page 1428: ...ports Examples The following example displays the security setting of all active wireless ports of the switch show wireless ports all interface 2 security status The output of the command is similar to Port Intf Dot11 Auth Network Auth ESS 1 37 2 shared none TFZ 1 38 2 open none fz open wep 64 The following example shows the detailed security setting of all active wireless ports of the switch show...

Page 1429: ...twork Authentication none ESS Name fz open wep 64 Encryption wep64 Specified WEP Keys 0 Default WEP Key 0 SSID in Beacon on User VLAN SKSPVlan Use Dynamic Vlan Yes Noise Floor dBm 85 Supported Rates 6 9 12 18 24 36 48 54 Supported Modes A History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 ...

Page 1430: ...erface 1 show wireless ports 1 5 1 34 interface 1 stats The output of the command is similar to 802 11 Interface Statistics Port Intf Frames TX Frag TX Frag RX MC Frag TX MC Frag RX WEP Error Errors 2 1 9277 8763 0 92 0 0 1137 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is available on the Summit 300 48 Summit 30...

Page 1431: ...ing example displays the status for wireless ports 3 on interface 1 show wireless ports 3 interface 1 status The output of the command is similar to Intf St Tx Rate Power Ch ESS Max Cl Last State Change 3 1 EN 54 FULL 52 fz wpa psk aes 100 Mon Jul 26 17 15 11 2004 History This command was first available in ExtremeWare 6 2a and added to the e series in 7 3e Platform Availability This command is av...

Page 1432: ...ervers 3 Jul 26 17 40 26 Failed with primary radius server Trying secondary 3 Jul 26 17 40 00 2 DOT1X 00 0C 41 2B E4 27 Exhausted retries on RADIUS servers 3 Jul 26 17 39 54 Failed with primary radius server Trying secondary 3 Jul 26 17 20 41 2 Client 00 0D 88 C2 4D AC Auth Failed name 802 1x unknown 3 Jul 26 17 19 10 2 Client 00 0D 88 C2 4D AC Auth Failed name 802 1x unknown 3 Jul 26 17 17 36 2 C...

Page 1433: ...ated to 7 3 Jan 01 00 00 11 1 Long Retry Limit updated to 7 3 Jan 01 00 00 11 2 Short Retry Limit updated to 4 3 Jan 01 00 00 11 1 Short Retry Limit updated to 4 3 Jan 01 00 00 11 1 Preamble mode set to SHORT 3 Jan 01 00 00 10 2 RTS Length updated to 2330 3 Jan 01 00 00 10 1 RTS Length updated to 200 3 Jan 01 00 00 10 2 Fragmentation Threshold updated to 2345 3 Jan 01 00 00 10 1 Fragmentation Thre...

Page 1434: ...is command to delete the ipaddress for a wireless port Examples The following command deletes the IP address for port 1 18 on the Summit 300 48 unconfigure wireless ports 1 18 ipaddress History This command is introduced in EW 7 4 Platform Availability This command is available on the Summit 300 48 Summit 300 24 Summit 400 24p and Alpine switches portlist Specifies one or more ports or slots and p...

Page 1435: ... version or an earlier version than the image on the AP Examples The following command initiates the bootloader upgrade for port 1 18 upgrade wireless port 1 18 bootloader The following command initiates the bootloader upgrade for all ports upgrade wireless port all bootloader History This command was first introduced in ExtremeWare 7 7 Platform Availability This command is available on Summit 300...

Page 1436: ...1436 ExtremeWare 7 7 Command Reference Guide Wireless Commands ...

Page 1437: ...ace stacking download image hostname filename run diagnostics save configuration show slot NOTE When stacking is enabled the above commands support the stacking slot number Otherwise the slot number is not recognized in the commands Introducing Stacking Stacking allows users to physically connect up to eight individual Summit switches together as a single logical unit This logical unit behaves as ...

Page 1438: ...r example the stack manager can respond to a request for SNMP information from all ports within the stack Stack Discovery and Manager Election The order in which ExtremeWare assigns the stack manager and the stack members is called stack discovery The process of determining the stack manager for the stack is referred to as the election of the manager If stacking is enabled at switch startup the sw...

Page 1439: ...e storage users can individually specify the fall back IP address for each slot For Summit 200 and Summit 300 24 systems the fall back IP is configured on the given VLAN ID If the VLAN ID is not configured then the IP Address is configured for the default VLAN For Summit 400 systems operating as a slot the VLAN option is not applicable In Summit 400 systems the fall back IP address protects the IP...

Page 1440: ...e 7 7 Command Reference Guide Stacking Commands History This command was first available in ExtremeWare 7 4 Platform Availability This command is only available on the Summit 200 Summit 300 24 and Summit 400 switches ...

Page 1441: ...amples slot 2 is the stack manager of a stack containing four switches This example assigns the stack manager the highest priority in the stack configure stacking priority 15 slot 2 In this example stacking priority is also given to slot 1 configure stacking priority 14 slot 1 The result is that slot 1 has priority over slots 3 and 4 but not over slot 2 History This command was first available in ...

Page 1442: ... unavailable the stack manager can assign any available slot number Example The following command requests a slot ID of 2 for the switch currently with the slot ID of 5 configure stacking requested slot 2 current slot 5 History This command was first available in ExtremeWare 7 4 Platform Availability This command is only available on the Summit 200 Summit 300 24 and Summit 400 switches requested s...

Page 1443: ...command should not be used through CLI This command can also be helpful for pre staging where multiple stacks exist that have identical configurations In this case the uploaded configuration can be modified with the proper MAC address for the specific stack and downloaded Example The following example binds MAC address 00 04 96 1F 88 21 to slot 3 a Summit 300 24 configure stacking slot binding 3 0...

Page 1444: ...used by the earlier switch If the configuration of a stack is to be downloaded to a different but similar stack then 1 Configure the slot binding to be loose 2 Configure the requested slot of all the switches in the remote stack 3 Download the configuration file to the new stack 4 Reboot the stack Configure the slot binding to be strict if you do not want to replace the switch Example To configure...

Page 1445: ...configure stacking slot binding loose or strict ExtremeWare 7 7 Command Reference Guide 1445 Platform Availability This command is only available on the Summit 200 Summit 300 24 and Summit 400 switches ...

Page 1446: ...switch NOTE In Summit 400 48 systems the two stacking ports on the rear side of the switch are represented by port numbers 52 53 respectively Example The following command disables all stacking disable stacking all All switches will reboot The following command disables the third switch in the stack disable stacking slot 3 The stack member reboots immediately The following command disables ports 5...

Page 1447: ...ng ExtremeWare 7 7 Command Reference Guide 1447 History This command was first available in ExtremeWare 7 4 Platform Availability This command is only available on the Summit 200 Summit 300 24 and Summit 400 switches ...

Page 1448: ... the current switch Example The following command enables stacking using the default ports enable stacking The following command enable stacking using unique ports enable stacking ports 5 6 History This command was first available in ExtremeWare 7 4 Platform Availability This command is only available on the Summit 200 Summit 300 24 and Summit 400 switches port_list Specifies to enable stacking on...

Page 1449: ...evious run but has not be able to detect the slot in the current run Master RPC Occurs when the stack manager has not completed initialization for the member The manager is attempting to obtain information from the member Up Master The switch elected as stack manager is fully operational Up Slave Member switches are operational and can be verified with the show slot command Stacking Indicates whet...

Page 1450: ...C 00 04 96 1F 88 5A Binding Active Cpu Pri 0 Platform S300 24 Slot Mac Loose Cfg Pri 0 Cfg Slot None Stacking Ports 2 Port 1 3 25 Port 2 3 26 Slot 4 State SLAVE Status Enabled Master No MAC 00 04 96 05 7D 06 Binding Active Cpu Pri 0 Platform S200 24 Slot Mac Loose Cfg Pri 0 Cfg Slot None Stacking Ports 2 Port 1 4 25 Binding Indicates the slot binding and whether it is active or inactive Slot bindi...

Page 1451: ...ng Ports 1 Port 1 6 25 Slot 7 State SLAVE Status Enabled Master No MAC 00 04 96 1F 89 D2 Binding Active Cpu Pri 0 Platform S300 24 Slot Mac Loose Cfg Pri 0 Cfg Slot None Stacking Ports 1 Port 1 7 25 Slot 8 State SLAVE Status Enabled Master No MAC 00 04 96 26 61 77 Binding Active Cpu Pri 0 Platform S200 24fx Slot Mac Loose Cfg Pri 0 Cfg Slot None Stacking Ports 2 Port 1 8 25 Port 2 8 26 History Thi...

Page 1452: ...48t show stacking port 1 53 utilization History This command was first available in ExtremeWare 7 4 Platform Availability This command is only available on the Summit 200 Summit 300 24 and Summit 400 switches stacking port no Specifies the stacking port number of the current switch For a list of stacking port numbers by switch model see Table 27 on page 1448 stats Specifies to display port statist...

Page 1453: ... Description Default NA Usage Guidelines Use this command to remove the fall back IP address configured for the given slot If the slot number is not given the fall back IP address is un configured for the local switch Example unconfigure stacking fallback ip slot 5 History This command was first available in ExtremeWare 7 4 Platform Availability This command is only available on the Summit 200 Sum...

Page 1454: ...configuration marks the slot ID as invalid The next time the member joins the stack the stack manager assigns a new slot number Example The following command removes previous requests for a specific slot ID unconfigure stacking requested slot current slot 5 History This command was first available in ExtremeWare 7 4 Platform Availability This command is only available on the Summit 200 Summit 300 ...

Page 1455: ...er node s primary port P to the ring another port is designated as the master node s secondary port S to the ring In normal operation the master node blocks the secondary port for all non control traffic belonging to this EAPS domain If the master node detects a break in the ring it unblocks its secondary port and allows data traffic to be transmitted and received through it EAPS fault detection o...

Page 1456: ...l VLAN The ring ports of the control VLAN must be tagged This ensures that EAPS control VLAN traffic is serviced before any other traffic and that control VLAN messages reach their intended destinations The control VLAN must be assigned a QoS profile of QP8 with the QoS profile priority setting HighHi A control VLAN cannot belong to more than one EAPS domain Example The following command adds the ...

Page 1457: ... as a protected VLAN the ring ports of the protected VLAN must be tagged except in the case of the default VLAN As long as the ring is complete the master node blocks the protected VLANs on its secondary port Example The following command adds the protected VLAN orchid to the EAPS domain eaps_1 configure eaps eaps_1 add protect vlan orchid History This command was first available in ExtremeWare 6 ...

Page 1458: ...A Usage Guidelines None Example The following command deletes the control VLAN keys from the EAPS domain eaps_1 configure eaps eaps_1 delete control vlan keys History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms name Specifies the name of an EAPS dom...

Page 1459: ...fault N A Usage Guidelines None Example The following command deletes the protected VLAN orchid from the EAPS domain eaps_1 configure eaps eaps_1 delete protect vlan orchid History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms name Specifies the name ...

Page 1460: ...dary port on the Master node would open when the failtimer expired In ExtremeWare 7 1 the default behavior has been modified to not open the secondary port You can configure the action taken when the failtimer expires by using the configure eaps failtime expiry action command Example The following command configures the failtimer value for the EAPS domain eaps_1 to 15 seconds configure eaps eaps_1...

Page 1461: ...he failtimer expires By default the action is to send an alert if the failtimer expires Instead of going into a Failed state the master node remains in a Complete or Init state maintains the secondary port blocking and writes a critical error message to syslog warning the user that there is a fault in the ring An SNMP trap is also sent To use the failtimer expiry action of earlier releases use the...

Page 1462: ...timer expiry action for EAPS domain eaps_1 configure eaps eaps_1 failtime expiry action open secondary port History This command was first available in ExtremeWare 7 1 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 1463: ...Yes EAPS Fast Convergence On Number of EAPS instances 2 EAPSD Bridge links 4 NOTE If fast convergence is turned on the link filters on all EAPS ring ports are turned off This could result in a problem if the port s hardware had a problem and started flapping between link up link down states Example The following command configures fast convergence for EAPS domain eaps_1 configure eaps eaps_1 fast ...

Page 1464: ...convergence time because transit nodes are already sending link down notifications This command applies only to the master node If you configure the polling timers for a transit node they will be ignored If you later reconfigure that transit node as the master node the polling timer values will be used as the current values Example The following command configures the hellotime value for the EAPS ...

Page 1465: ...d eaps_1 configure eaps eaps_1 mode master The following command identifies this switch as a transit node for the domain named eaps_1 configure eaps eaps_1 mode transit History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms name Specifies the name of a...

Page 1466: ...one Example The following command renames EAPS domain eaps 1 to eaps 5 configure eaps eaps 1 name eaps 5 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms old_name Specifies the current name of an EAPS domain new_name Specifies a new name for the ...

Page 1467: ...ondary port Example The following command adds port 1 of the module installed in slot 8 of a BlackDiamond switch to the EAPS domain eaps_1 as the primary port configure eaps eaps_1 primary port 8 1 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms...

Page 1468: ...ntroller and partner shared ports belonging to the same common link must have matching link IDs No other instance in the network should have that link ID Example The following command configures the EAPS shared port 1 1 to have a link ID of 1 configure eaps shared port 1 1 link id 1 History This command was first available in ExtremeWare 7 1 Platform Availability This command is available on the i...

Page 1469: ... common link must be configured to be the partner This end does not participate in any form of blocking It is responsible for only sending and receiving health check messages Example The following command configures the shared port 1 1 to be the controller configure eaps shared port 1 1 mode controller History This command was first available in ExtremeWare 7 1 Platform Availability This command i...

Page 1470: ... in the ring that does not understand EAPS protocol or if you have switches that does not run EAPS Example The following command configures the segment timeout expiry action of EAPS shared port 1 1 to segment down config eaps shared port 1 1 segment timeout expiry action segment down History This command was first available in ExtremeWare 7 4 x Platform Availability This command is available on th...

Page 1471: ...use the same name string to identify both an EAPS domain and a VLAN On e Series of Switches Only four EAPS domains per switch are supported and these domains must share a common ring port Example The following command creates EAPS domain eaps_1 create eaps eaps 1 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1...

Page 1472: ... Usage Guidelines To configure a common link you must create a shared port on each switch of the common link Example The following command creates a shared port on the EAPS domain create eaps shared port 1 2 History This command was first available in ExtremeWare 7 1 Platform Availability This command is available on the i series of switches port Specifies the port number of the common link port ...

Page 1473: ...t be disabled first before it can be deleted See the disable eaps name command Example The following command deletes EAPS domain eaps_1 delete eaps eaps 1 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms name Specifies the name of an EAPS domain ...

Page 1474: ...ed port on a switch Syntax Description Default N A Usage Guidelines None Example The following command deletes shared port 1 1 delete eaps shared port 1 1 History This command was first available in ExtremeWare 7 1 Platform Availability This command is available on the i series of switches port Specifies the port number of the Common Link port ...

Page 1475: ... switch it automatically disables all EAPS domains Example The following command disables the EAPS function for entire switch disable eaps The following command disables the EAPS function for the domain eaps 1 disable eaps eaps 1 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This comma...

Page 1476: ...an enable it for a domain If you enable EAPS on the switch after you ve created and configured domains you must still enable the domains individually Example The following command enables the EAPS function for entire switch enable eaps The following command disables the EAPS function for the domain eaps 1 enable eaps eaps 1 History This command was first available in ExtremeWare 6 2 This command w...

Page 1477: ...te values are different on a transit node than on a master node The fields displayed are as follows name Specifies the name of an EAPS domain detail Specifies all available detail for each domain EAPS Enabled Current state of EAPS on this switch Yes EAPS is enabled on the switch No EAPS is not enabled EAPS Fast Convergence Displays only when Fast Convergence is on Number of EAPS instances Number o...

Page 1478: ...condary port blocking Running Yes This EAPS domain is running No This EAPS domain is not running Enabled Indicates whether EAPS is enabled on this domain Y EAPS is enabled on this domain N EAPS is not enabled Mode The configured EAPS mode for this switch transit T or master M Primary Secondary port The port numbers assigned as the EAPS primary and secondary ports On the master node the port distin...

Page 1479: ...instance 0 State Links Up Running Yes Enabled Yes Mode Transit Primary port 13 Port status Up Tag status Tagged Secondary port 14 Port status Up Tag status Tagged Failtimer expiry action Displays the action taken when the failtimer expires Send alert Sends a critical message to the syslog when the failtimer expires Open secondary port Opens the secondary port when the failtimer expires Displays on...

Page 1480: ...status Tagged Hello Timer interval 1 sec Fail Timer interval 3 sec Preforwarding Timer interval 6 sec Last update From Master Id 00 01 30 B9 4B E0 at Tue May 6 12 49 25 2003 EAPS Domain has following Controller Vlan Vlan Name VID QosProfile cv2 4002 QP8 Number of Protected Vlans 2 The following command displays summary EAPS information show eaps summary The results for this command are as follows ...

Page 1481: ...show eaps ExtremeWare 7 7 Command Reference Guide 1481 Platform Availability This command is available on all platforms ...

Page 1482: ...ther the switch on either end of the common link is a controller or partner The mode is configured by the user Link ID The link ID configured by the user Up Displays one of the following Yes indicates that the link ID and the mode are configured No indicates that the link ID or the mode is not configured State Displays one of the following states Idle Shared port instance is not running Ready The ...

Page 1483: ...on the other end of the common link is configured with a matching link ID but the modes are configured the same For example both modes are configured as controller or both modes are configured as partner No The neighbor on the other end of the common link cannot be reached Indicates one or more of the following The switch on the other end of the common link is not running The shared port has not b...

Page 1484: ...1484 ExtremeWare 7 7 Command Reference Guide EAPS Commands Platform Availability This command is available on all platforms ...

Page 1485: ...ful when viewing the status info for large numbers of EAPS domains quickly Example The following command displays summary EAPS information on a transit node show eaps summary The results for this command are as follows EAPS Enabled Yes Number of EAPS instances 3 EAPSD Bridge links 6 Pri Sec Vlan Domain State Mo En Port Port Control Vlan VID count eaps4 Links Up T Y 1 1 1 4 cv4 1004 1 eaps3 Links U...

Page 1486: ...ilable in ExtremeWare 6 2 The summary option was added in ExtremeWare 6 2 2 This command was modified in ExtremeWare 7 1 to show shared port statistics This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 1487: ...f Unknown when you use the show eaps detail command to display the status information about the port Example The following command unconfigures this node s EAPS primary ring port on the domain eaps_1 unconfig eaps eaps_1 primary port History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This c...

Page 1488: ... shared port on the switch Syntax Description Default N A Usage Guidelines None Example The following command unconfigures the link ID on shared port 1 1 unconfigure eaps shared port 1 1 link id History This command was first available in ExtremeWare 7 1 Platform Availability This command is available on the i series of switches port Specifies the port number of the Common Link port ...

Page 1489: ...e EAPS shared port mode Syntax Description Default N A Usage Guidelines None Example The following command unconfigures the shared port mode on port 1 1 unconfigure eaps shared port 1 1 mode History This command was first available in ExtremeWare 7 1 Platform Availability This command is available on the i series of switches port Specifies the port number of the Common Link port ...

Page 1490: ...1490 ExtremeWare 7 7 Command Reference Guide EAPS Commands ...

Page 1491: ...ol STP or Virtual Router Redundancy Protocol VRRP Extreme switches that are not running ESRP but are connected on a network that has other Extreme switches running ESRP are ESRP aware This means that when Extreme switches are attached to the ESRP enabled switches the non ESRP switches reliably perform fail over and fail back scenarios in the prescribed recovery times No configuration of this featu...

Page 1492: ...Extreme Loop Recovery Protocol ELRP is a feature of ExtremeWare that allows you to prevent detect and recover from layer 2 loops in the network You can use ELRP with other protocols such as ESRP With ELRP each switch except for the sender treats the ELRP PDU as a layer 2 multicast packet The sender uses the source and destination MAC addresses to identify the packet it sends and receives When the ...

Page 1493: ...ional vlan name parameter you clear the counters for a specific VLAN Example The following command clears the ELRP system counters clear elrp stats The following command clears the VLAN counters on VLAN elrp1 clear elrp stats elrp1 History This command was first available in ExtremeWare 6 2 2 b134 This command was not supported in ExtremeWare 7 0 This command was not supported in Ex re me Ware 7 1...

Page 1494: ... reboot the switch it goes through the process twice After it is done with the cycle or cycles the port enters the Down Stuck state To enable automatic restart use the following command enable elsm auto restart ports portlist To disable automatic restart use the following command enable elsm auto restart ports portlist To get out of the Down Stuck state and enter the Down state you can use one of ...

Page 1495: ...clear elsm auto restart ports ExtremeWare 7 7 Command Reference Guide 1495 Platform Availability This command is available on i series platforms only ...

Page 1496: ...ELSM use the following command clear elsm counters ports portlist Example The following command clears the statistics gathered by Extreme Link Status Monitoring ELSM for ports 1 6 on the switch clear elsm counters ports 1 6 History This command was first available in ExtremeWare 6 2 2b134 Platform Availability This command is available on i series platforms only portlist Specifies the ports or slo...

Page 1497: ...d To disable debug tracing set the level to 0 To configure ELSM debug tracing for the entire system use the following command configure debug elsm system level Example The following command configures debug tracing of code execution Level 2 for ELSM port 3 on the switch configure debug elsm port 2 3 History This command was first available in ExtremeWare 6 2 2b134 level Specifies the level of debu...

Page 1498: ...1498 ExtremeWare 7 7 Command Reference Guide ESRP Commands Platform Availability This command is available on i series platforms only ...

Page 1499: ...d is used to trace the path of code execution Levels 3 and above are not used To disable debug tracing set the level to 0 To configure debug tracing for ELSM ports use the following command configure debug elsm port level port number Example The following command configures ELSM debug tracing of code execution Level 2 for the entire system configure debug elsm system 2 History This command was fir...

Page 1500: ...1500 ExtremeWare 7 7 Command Reference Guide ESRP Commands Platform Availability This command is available on i series platforms only ...

Page 1501: ... the enable elrp client command to globally enable the ELRP client The ELRP client can be disabled globally so that none of the ELRP VLAN configurations take effect Use the disable elrp client command to globally disable the ELRP client vlan name Specifies a VLAN name timeout interval Specifies the interval in seconds between consecutive packet transmissions The valid range for the time out is fro...

Page 1502: ...client on VLAN v1 with a timeout interval of 2 seconds and a retry every 2 seconds It also prints a log message to the console configure elrp client one shot v1 timeout 2 retry 2 ports 1 5 print History This command was first available in ExtremeWare 7 3 0 Platform Availability This command is available on all platforms ...

Page 1503: ... can be disabled globally so that none of the ELRP VLAN configurations take effect Use the disable elrp client command to globally disable the ELRP client Example The following example configures a periodic request on VLAN v1 writes to the log file and sends a trap to the SNMP manager vlan name Specifies a VLAN name interval seconds Specifies the interval in seconds between consecutive packet tran...

Page 1504: ...and Reference Guide ESRP Commands configure elrp client periodic v1 interval 10 ports 5 log and trap History This command was first available in ExtremeWare 7 3 0 Platform Availability This command is available on all platforms ...

Page 1505: ...y configure ELSM on the ports that connect to other devices within the network but you must configure ELSM on both sides of the peer connections ELSM ports use hello packets to communicate information about the health of the network to peer ports The hello packets are received and transmitted by an ELSM enabled port The port expects a response from its neighbor after it sends a hello packet When y...

Page 1506: ...problem is detected Hello The device does not receive a hello from the neighbor device or the device has experienced a critical event Example The following command specifies 5 seconds between consecutive ELSM hellos for ports 1 7 on the switch configure elsm hellotime 5 ports 1 7 History This command was first available in ExtremeWare 6 2 2b134 Platform Availability This command is available on th...

Page 1507: ...orts that connect to other devices within the network but you must configure ELSM on both sides of the peer connections ELSM ports use hello packets to communicate information about the health of the network to peer ports The hello packets are received and transmitted by an ELSM enabled port The port expects a response from its neighbor after it sends a hello packet When you enable ELSM on the spe...

Page 1508: ...threshold the port returns to the Down state and begins the process again Up Beginning state port is up If ELSM is enabled and the port enters the Up state the Up timer begins Each time the port receives a Hello packet the timer restarts and remains in the Up state If the port no longer receives hello packets for Up timer seconds or receives a hello packet the port transitions to either the Down o...

Page 1509: ... HelloRx state During the HelloRx state the port waits to receive neighbor hello messages Depending on what happens to the port the following occurs Hello packet received The port actively receives hello messages from its neighbor and the network is healthy The port transitions to the Hello Rx state Hello packet received The neighbor has not received the Hello packet sent by this switch The switch...

Page 1510: ...1510 ExtremeWare 7 7 Command Reference Guide ESRP Commands History This command was first available in ExtremeWare 6 2 2b134 Platform Availability This command is available on i series platforms only ...

Page 1511: ...e all ports in the same load sharing groups as host attach ports don t count has the effect of not counting the host ports and normal ports as active ports This has the convenience of minimal ESRP state changes due to frequent client activities like reboots and unplugging laptops If you use load sharing with the don t count feature configure all ports in the same load sharing group as don t count ...

Page 1512: ...1512 ExtremeWare 7 7 Command Reference Guide ESRP Commands This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1513: ...on BlackDiamond switches only none Specifies that ESRP does not participate in hitless failover The master switch blocks its ports during a failover and performs a full initialization of ESRP This is the default rapid reelection Specifies that ESRP behaves as if none was selected In addition if a failover occurs when the switch is the master in an ESRP domain the switch sends a notification that t...

Page 1514: ... not need to have all the ports as the domain members Domain master VLANs can have their own set of ports and the members can have different ports Example The following command adds the domain member VLAN sub_esrp1 to ESRP enabled domain master VLAN esrp super configure vlan esrp super add domain member vlan sub_esrp1 History This command was first available in ExtremeWare 6 0 This command was add...

Page 1515: ... need to send ELRP packets to host ports Example The following command enables ELRP packet transmission for ports 3 5 on VLAN esrp1 configure vlan esrp1 add elrp poll ports 3 5 History This command was first available in ExtremeWare 6 2 2b134 This command was not supported in ExtremeWare 7 0 This command is supported in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in...

Page 1516: ...Example The following command disables port restart for ports 7 9 on VLAN esrp1 configure vlan esrp1 add ports 7 9 no restart History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms vlan name Specifies an ESRP enabled VLAN name portlist Specifies one or...

Page 1517: ...rts re establish connection with the ESRP enabled device This feature allows you to use ESRP in networks that include equipment from other vendors Example The following command enables port restart for ports 7 9 on VLAN esrp1 configure vlan esrp1 add ports 7 9 restart History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWar...

Page 1518: ...ing the priority to 255 configures the switch to slave mode and makes it ineligible to become the master The switch will remain in slave mode even when the VLAN fails over from the current master To make effective use of this feature the normal priority of the ESRP enabled VLANs must be higher than the failover priority of this command Example The following command enables BGP failure tracking and...

Page 1519: ...he priority to 255 configures the switch to slave mode and makes it ineligible to become the master The switch will remain in slave mode even when the VLAN fails over from the current master To make effective use of this feature the normal priority of the ESRP enabled VLANs must be higher than the failover priority of this command Example The following command enables diagnostic failure tracking a...

Page 1520: ...is 0 to 254 Setting the priority to 255 configures the switch to slave mode and to be ineligible to become the master The switch will remain in slave mode even when the VLAN fails over from the current master To make effective use of this feature the normal priority of the ESRP enabled VLANs must be higher than the failover priority of this command Example The following command enables diagnostic ...

Page 1521: ...es master status and remains in slave mode for ESRP or backup mode for VRRP This command can be used with both ESRP enabled VLANs and VRRP VLANs Example The following command enables IP route failure tracking for routes to the specified subnet configure vlan esrp 1 add track iproute 192 168 46 0 24 History This command was first available in ExtremeWare 6 0 This command was added to the Summit e s...

Page 1522: ...Setting the priority to 255 configures the switch to slave mode and to be ineligible to become the master The switch will remain in slave mode even when the VLAN fails over from the current master To make effective use of this feature the normal priority of the ESRP enabled VLANs must be higher than the failover priority of this command Example The following command enables OSPF route failure trac...

Page 1523: ...with both ESRP enabled VLANs and VRRP VLANs Example The following command enables ping tracking for the external gateway at 10 207 29 17 pinging every 10 seconds and considering the gateway to be unreachable if no response is received to 5 consecutive pings configure vlan esrp 1 add track ping 10 207 29 17 frequency 10 miss 5 History This command was first available in ExtremeWare 6 0 This command...

Page 1524: ...remain in slave mode even when the VLAN fails over from the current master To make effective use of this feature the following should be true The priority field should be given precedence over the other election factors by assigning the priority ports track mac election algorithm to the VLAN The normal priority of the ESRP enabled VLANs must be higher than the failover priority of this command Exa...

Page 1525: ...emains in slave mode for ESRP or backup mode for VRRP An ESRP or VRRP VLAN can track one VLAN This command can be used with both ESRP enabled VLANs and VRRP VLANs Example The following command enables ESRP enabled VLAN esrp 1 to track port connectivity to VLAN engineering configure vlan esrp 1 add track vlan engineering History This command was first available in ExtremeWare 4 1 This command was a...

Page 1526: ...Ns can have their own set of ports and the members can have different ports Example The following command deletes the domain member VLAN sub_esrp1 from ESRP enabled domain master VLAN esrp super configure vlan esrp super delete domain member vlan sub_esrp1 History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platf...

Page 1527: ...h you can disable ELRP transmission on that port Example The following command disables ELRP packet transmission for ports 3 5 on VLAN esrp1 configure vlan esrp1 delete elrp poll ports 3 5 History This command was first available in ExtremeWare 6 2 2b134 This command was not supported ExtremeWare 7 0 This command is supported in ExtremeWare 7 1 0 This command was added to the Summit e series of sw...

Page 1528: ...king for an ESRP enabled VLAN Syntax Description Default N A Usage Guidelines None Example The following command disables BGP tracking for VLAN esrp 1 configure vlan esrp 1 delete track bgp History This command was first available in ExtremeWare 6 2 Platform Availability This command is available on i series platforms only vlan name Specifies an ESRP enabled VLAN name ...

Page 1529: ...P enabled VLAN Syntax Description Default N A Usage Guidelines None Example The following command disables diagnostic failure tracking for VLAN esrp 1 configure vlan esrp 1 delete track diagnostic History This command was first available in ExtremeWare 6 1 5 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platform...

Page 1530: ...cription Default N A Usage Guidelines None Example The following command disables environmental failure tracking for VLAN esrp 1 configure vlan esrp 1 delete track environment History This command was first available in ExtremeWare 6 1 5 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms vlan name Specifies...

Page 1531: ...an be used with both ESRP enabled VLANs and VRRP VLANs Example The following command disables tacking of routes to the specified subnet for VLAN esrp 1 configure vlan esrp 1 delete track iproute 192 168 46 0 24 History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on ...

Page 1532: ...Description Default N A Usage Guidelines None Example The following command disables OSPF route tracking for VLAN esrp 1 configure vlan esrp 1 delete track ospf History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms vlan name Specifies an ESRP enabled ...

Page 1533: ...with both ESRP enabled VLANs and VRRP VLANs Example The following command disables ping tracking for the external gateway at 10 207 29 17 configure vlan esrp 1 delete track ping 10 207 29 17 History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms vlan n...

Page 1534: ...efault No RIP route tracking Usage Guidelines None Example The following command disables RIP route failure tracking for VLAN esrp 1 configure vlan esrp 1 delete track rip History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms vlan name Specifies an ES...

Page 1535: ... can be used with both ESRP enabled VLANs and VRRP VLANs Example The following command disables the tracking of port connectivity to VLAN engineering configure vlan esrp 1 delete track vlan engineering History This command was first available in ExtremeWare 4 1 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platf...

Page 1536: ...RP master switch no longer transmits ELRP PDUs to detect network loops Example The following command disables the use of ELRP in the master state on the ESRP enabled VLAN elrp1 configure vlan elrp1 esrp elrp master poll disable History This command was first available in ExtremeWare 6 2 2b134 This command was not supported in ExtremeWare 7 0 This command is supported in ExtremeWare 7 1 0 This comm...

Page 1537: ...witch then transitions to the slave state to break the network loop Specify the interval parameter to configure how often successive ELRP PDUs are sent while in the master state If you do not specify an interval value the default value is used Example The following command enables the use of ELRP in the master state on the ESRP enabled VLAN elrp1 configure vlan elrp1 esrp elrp master poll enable T...

Page 1538: ...1538 ExtremeWare 7 7 Command Reference Guide ESRP Commands Platform Availability This command is available on all platforms ...

Page 1539: ...tate the ESRP pre master switch no longer transmits ELRP PDUs to detect network loops prior to changing to the master state Example The following command disables the use of ELRP in the pre master state on the ESRP enabled VLAN elrp1 configure vlan elrp1 esrp elrp premaster poll disable History This command was first available in ExtremeWare 6 2 2b134 This command was not supported in ExtremeWare ...

Page 1540: ...el for a specified number of times If there is a loop in the network the transmitted PDUs are received by the switch If this happens the ESRP pre master switch does not transition to the master state rather the switch transitions to the slave state If you do not specify the optional count or interval parameters the default values are used If no packets are received by the sender there is no loop i...

Page 1541: ...srp elrp premaster poll enable ExtremeWare 7 7 Command Reference Guide 1541 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1542: ...ster MAC address mac the switch MAC address A higher number address has priority The election algorithm must be the same on all switches for a particular VLAN vlan name Specifies a VLAN name ports track priority Specifies that this VLAN should consider election factors in the following order Active ports tracking information ESRP priority ports track priority mac Specifies that this VLAN should co...

Page 1543: ... is in slave mode it exchanges ESRP packets with other switches on that same VLAN When a switch is in slave mode it does not perform layer 3 routing or layer 2 switching services for the VLAN Example The following command configures the election algorithm to use tracking information as the first criteria for determining the ESRP master switch for VLAN esrp 1 configure vlan esrp 1 esrp esrp electio...

Page 1544: ...state timeout only with guidance from Extreme Networks personnel Misconfiguration can severely degrade the performance of ESRP and your switch Example The following command configures the pre master timeout to 10 seconds for the VLAN esrp 1 configure vlan esrp 1 esrp esrp premaster timeout 10 History This command was first available in ExtremeWare 7 1 0 and replaced the configure vlan esrp esrp ne...

Page 1545: ...f 32 ESRP groups in a network The most typical application for multiple ESRP groups is when two or more sets of ESRP switches are providing fast failover protection within a common subnet for two or more groups of users An additional use for ESRP groups is ESRP Host Attach ESRP VLANs that share ESRP HA ports must be members of different ESRP groups Example The following command configures VLAN esr...

Page 1546: ...The ESRP group number must be the same as the ESRP aware VLAN number If you specify the all or portlist options the ports must be connected to switches running ESRP and the ports must connect to the ESRP master and slave switches When an ESRP aware switch receives an ESRP PDU the software will lookup the group to which the PDU belongs and will forward the ESRP PDU to the group s portlist and the C...

Page 1547: ...configure vlan esrp group add esrp aware ports ExtremeWare 7 7 Command Reference Guide 1547 Platform Availability This command is available on all platforms ...

Page 1548: ...rtlist for the ESRP groups associated with an ESRP aware VLAN and that portlist is used for forwarding ESRP PDUs on the relevant ports only If all ports are removed from the esrp aware ports list selective forwarding is disabled Example The following command disables selective forwarding for ESRP aware VLAN purple configure vlan purple esrp group 1 delete esrp aware ports 1 4 History This command ...

Page 1549: ...s which switch will act as master for a particular VLAN Setting the priority to 255 configures the switch to slave mode and to be ineligible to become the master The switch will remain in slave mode even when the VLAN fails over from the current master This feature is typically used to ensure a switch cannot become the ESRP master while it is offline for servicing Example The following command con...

Page 1550: ... ESRP waits before considering the neighbor down The timeout value must be at least 3 times but not more than 30 times the timervalue Entering a value outside of that range generates an error message In a large ESRP configuration the slave ESRP VLAN might inadvertently become the master ESRP VLAN This can occur when FDB entries are flushed during a master slave transition To avoid this we recommen...

Page 1551: ...This command was first available in ExtremeWare 4 0 This command was modified to include the esrp nbr timeout option in ExtremeWare 6 2 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1552: ...Usage Guidelines This command disables the ELRP globally so that none of the ELRP VLAN configurations take effect The ELRP client must be enabled globally in order for it to work on any VLANs Use the enable elrp client command to globally enable the ELRP client Example The following command globally disables the ELRP client disable elrp client History This command was first available in ExtremeWar...

Page 1553: ...ter it is done with the cycle or cycles the port enters the Down Stuck state To enable automatic restart use the following command enable elsm auto restart ports portlist To disable automatic restart use the following command disable elsm auto restart ports portlist To get out of the Down Stuck state and enter the Down state you can use one of the following commands clear elsm auto restart ports p...

Page 1554: ...ection to the neighbor ELSM operates on a point to point basis you only configure ELSM on the ports that connect to other devices within the network but you must configure ELSM on both sides of the peer connections ELSM ports use hello packets to communicate information about the health of the network to peer ports The hello packets are received and transmitted by an ELSM enabled port The port exp...

Page 1555: ...disable elsm ports ExtremeWare 7 7 Command Reference Guide 1555 Platform Availability This command is available on i series platforms only ...

Page 1556: ...abled Usage Guidelines None Example The following command disables ESRP on the VLAN accounting disable esrp vlan accounting History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms vlan name Specifies an ESRP enabled VLAN name ...

Page 1557: ... Usage Guidelines The ELRP client must be enabled globally in order for it to work on any VLANs The ELRP client can be disabled globally so that none of the ELRP VLAN configurations take effect Use the disable elrp client command to globally disable the ELRP client Example The following command globally enables the ELRP client enable elrp client History This command was first available in ExtremeW...

Page 1558: ... is done with the cycle or cycles the port enters the Down Stuck state To enable automatic restart use the following command enable elsm auto restart ports portlist To disable automatic restart use the following command enable elsm auto restart ports portlist To get out of the Down Stuck state and enter the Down state you can use one of the following commands clear elsm auto restart ports portlist...

Page 1559: ...ighbor it brings down the connection to the neighbor ELSM operates on a point to point basis you only configure ELSM on the ports that connect to other devices within the network but you must configure ELSM on both sides of the peer connections ELSM ports use hello packets to communicate information about the health of the network to peer ports The hello packets are received and transmitted by an ...

Page 1560: ...1560 ExtremeWare 7 7 Command Reference Guide ESRP Commands History This command was first available in ExtremeWare 6 2 2b134 Platform Availability This command is available on i series platforms only ...

Page 1561: ... enabled on all ports participating in ESRP ESRP cannot be enabled on the VLAN default Example The following command enables ESRP on the VLAN esrp 1 enable esrp vlan esrp 1 History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms vlan name Specifies a VL...

Page 1562: ...P VLAN Client name Displays the name of the ELRP client VLAN Displays the name of the VLAN with ELRP enabled Interval Displays the configured interval An interval of 3 indicates that ELRP PDUs are transmitted every 3 seconds Count Lists the configured number of ELRP PDUs that are transmitted The PDUs are transmitted at the configured interval This method of ELRP PDU transmission is used by ESRP in...

Page 1563: ...sk uj mas62 3 0 Yes 1095 0 tEsrpTask uj mas61 3 0 Yes 1095 0 tEsrpTask uj mas60 3 0 Yes 1095 0 tEsrpTask uj mas59 3 0 Yes 1095 0 tEsrpTask uj mas58 3 0 Yes 1095 0 tEsrpTask uj mas57 3 0 Yes 1095 0 tEsrpTask uj mas56 3 0 Yes 1095 0 tEsrpTask uj mas55 3 0 Yes 1095 0 tEsrpTask uj mas54 3 0 Yes 1095 0 tEsrpTask uj mas53 3 0 Yes 1095 0 tEsrpTask uj mas52 3 0 Yes 1095 0 tEsrpTask uj mas51 3 0 Yes 1095 0...

Page 1564: ...1564 ExtremeWare 7 7 Command Reference Guide ESRP Commands This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1565: ...ch listed port Hello time for each listed port Use the following command to display ELSM data for selected ports on the switch show elsm ports portlist To clear the statistics gathered by ELSM use the following command clear elsm counters ports portlist Example The following command displays the operational state of the Extreme Link Status Monitoring ELSM for all ports on the switch show elsm Foll...

Page 1566: ...nit Hello time Hold threshold Auto restart Receive Hello and Transmit Hello packet counters ELSM up down count Use the following command to display ELSM data for all ports on the switch show elsm If ELSM is disabled only the admin enabled disabled information is displayed To clear the statistics gathered by ELSM use the following command clear elsm counters ports portlist Example The following com...

Page 1567: ...atus Down Rx State Down Tx State HelloRx Hello Time 1 second Hold Threshold 2 Auto Restart Enabled Rx Hello 0 Rx Hello 0 Tx Hello 0 Tx Hello 0 ELSM Up Down Count Up 0 Down 0 History This command was first available in ExtremeWare 6 2 2b134 Platform Availability This command is available on i series platform only ...

Page 1568: ...formation about the impending failover and the timeout is displayed none Information about not participating in hitless failover is displayed The following output applies only to i series platforms Layer 3 tracking in use and the failover mode is remain esrp master in l2 domain Information about rapid reelection and layer 3 tracking is displayed Layer 3 tracking is not in use and the failover mode...

Page 1569: ...Enabled 1 Election Algorithm ports track priority mac Group 0 Hello Timer 2 Esrp Nbr Timeout 6 Premaster Timeout 6 State Enabled Slave on Mon Jun 2 10 09 48 2003 State Trans Counters ToMaster 1 ToPremaster 1 ToSlave 2 Host Direct Attach ports None No count ports None Restart Ports None Tracked VLANs None Tracked Ip Routes None Tracked Pings Freq N_miss 192 12 1 1 5 2 Neighbours 1 Nbr Active Ports ...

Page 1570: ...1570 ExtremeWare 7 7 Command Reference Guide ESRP Commands This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1571: ...following VLAN Interface Layer 2 demo_esrp Priority 0 Priority In Use 0 Active Ports 2 Internal Ports 0 Tracked Rt Ping LSP 0 Tracked Ports 0 Tracked Diag Tracked Env Tracked RIP Tracked OSPF Tracked BGP Tracked LSP None ELRP in Premaster Int Cnt Enabled 1 3 ELRP in Master Int Enabled 1 Election Algorithm ports track priority mac Group 0 Hello Timer 2 Esrp Nbr Timeout 6 Premaster Timeout 6 State E...

Page 1572: ...s for ESRP enabled VLAN demo esrp show esrp vlan demo esrp counters It produces output similar to the following VLAN demo_esrp Current time Mon Jun 2 08 40 15 2003 Rx Esrp Pkts 0 Tx Esrp Pkts 0 Rx Aware Esrp Pkts 0 Rx Elrp Pkts 0 History This command was first available in ExtremeWare 6 0 This command was updated to support ELRP data in ExtremeWare 6 2 2b134 and ExtremeWare 7 1 0 ELRP data is not ...

Page 1573: ...tatus information for ESRP aware VLAN demo esrp aware show esrp aware vlan demo esrp aware On an ESRP aware switch it produces output similar to the following Summit48i 24 sh esrp aware VLAN Interface demo esrp aware1 DisableLearnTimeout 0 secs Total Fdb Flushes 6 Last EsrpAware Fdb Flush on Mon Nov 18 05 22 26 2002 Esrp Group 0 Esrp Master Mac 00 01 30 08 36 00 Age 1 secs History This command was...

Page 1574: ...ist of the ESRP groups associated with an ESRP aware VLAN and that portlist is used for forwarding ESRP PDUs on the relevant ports only Use the show esrp aware ports command to view the ESRP group portlist that forwards ESRP PDUs Example The following command displays selective forwarding statistics show esrp aware ports The show esrp aware ports command produces output similar to the following VL...

Page 1575: ... configure elrp client periodic command to configure periodic transmission of ELRP packets The ELRP client must be enabled globally in order for it to work on any VLANs Use the enable elrp client command to globally enable the ELRP client The ELRP client can be disabled globally so that none of the ELRP VLAN configurations take effect Use the disable elrp client command to globally disable the ELR...

Page 1576: ...1576 ExtremeWare 7 7 Command Reference Guide ESRP Commands ...

Page 1577: ...n the network and actively confirms that a port can safely transition to the forwarding state without relying on any timer configurations If a network topology change or failure occurs RSTP rapidly recovers network connectivity by confirming the change locally before propagating that change to other devices across the network For broadcast links there is no difference in convergence time between S...

Page 1578: ...tches using IEEE standard 802 1d When an STPD is configured in this mode all rapid configuration mechanisms are disabled 802 1w mode Use this mode for compatibility with Rapid Spanning Tree RSTP When an STPD is configured in this mode all rapid configuration mechanisms are enabled This mode is available for point to point links only RSTP is enabled or disabled on a per STPD basis only You do not e...

Page 1579: ...P that allows a physical port to belong to multiple STPDs by assigning the port to multiple VLANs EMISTP adds significant flexibility to STP network design BPDUs are sent with an 802 1Q tag having an STPD instance Identifier StpdID in the VLANid field This encapsulation mode supports the following STPD modes of operation 802 1D and 802 1w PVST mode This mode implements PVST in compatibility with t...

Page 1580: ... 0 Revision Level This identifier is reserved for future use however the switch uses and displays a default of 3 You can configure only one MSTP region on the switch at any given time The switches inside a region exchange BPDUs that contain information for MSTIs The switches connected outside of the region exchange CIST information By having devices look at the region identifiers MSTP discovers th...

Page 1581: ...and Reference Guide 1581 Example The following command creates an MSTP region named purple configure mstp region purple History This command was first available in ExtremeWare 7 6 Platform Availability This command is available on all platforms ...

Page 1582: ...t have the same MSTP configuration attributes also known as MSTP region identifiers These identifiers consist of the following Region Name The name of the MSTP region Format Selector The number used to identify the format of MSTP BPDUs The default is 0 Revision Level This identifier is reserved for future use however the switch uses and displays a default of 3 Example The following command returns...

Page 1583: ...ach domain s protocol You must create a VLAN to add a VLAN to the STPD To create a VLAN use the create vlan command You can create STP domains using the create stpd command Use the keywords dot1d emistp and pvst plus to specify STP port modes in version 6 2 or later dot1d This mode is reserved for backward compatibility with previous STP versions BPDUs are sent untagged in 802 1d mode Because of t...

Page 1584: ...which it belongs When the switch boots it automatically creates a VLAN named default with a tag value of 1 and STPD s0 with an StpdID of 1 The switch associates VLAN default to STPD s0 By default all ports that belong to this VLAN and STPD are in 802 1d mode Example Create a VLAN named marketing and an STPD named STPD1 as follows create vlan marketing create stpd stpd1 The following command adds t...

Page 1585: ...scription Default N A Usage Guidelines N A Example The following command deletes a VLAN named Marketing from the STPD STPD1 configure stpd stpd1 delete vlan marketing History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 6 2a and ExtremeWare 7 1e The default mode was changed from dot1d to emistp in ExtremeWare 7 3e Plat...

Page 1586: ... considerable knowledge and experience with STP The default STP parameters are adequate for most networks The range for the seconds parameter is 4 30 seconds Example The following command sets the forward delay from STPD1 to 20 seconds configure stpd stpd1 forwarddelay 20 History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in Extrem...

Page 1587: ...ess you have considerable knowledge and experience with STP The default STP parameters are adequate for most networks The range for the seconds parameter is 1 10 seconds Example The following command sets the time delay from STPD1 to 10 seconds configure stpd stpd1 hellotime 10 History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ...

Page 1588: ... keyword stpd is optional You should not configure any STP parameters unless you have considerable knowledge and experience with STP The default STP parameters are adequate for most networks The range for the hopcount parameter is 6 through 40 hops In an MSTP environment the hop count has the same purpose as the maxage timer for 802 1D and 802 1w environments Example The following command sets the...

Page 1589: ... for most networks The range for the seconds parameter is 6 40 seconds Note that the time must be greater than or equal to 2 Hello Time 1 and less than or equal to 2 Forward Delay 1 Example The following command sets the maximum age of STPD1 to 30 seconds configure stpd stpd1 maxage 30 History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of swit...

Page 1590: ...STPDs You must first configure a common instance spanning tree CIST before configuring any multiple spanning tree instances MSTIs in the region You cannot delete or disable a CIST if any of the MSTIs are active in the system Example The following command configures STPD s1 to enable the rapid reconfiguration mechanism and operate in 802 1w mode configure stpd s1 mode dot1w The following command co...

Page 1591: ...e 7 1 This command was added to the Summit e series of switches in ExtremeWare 7 2e The mstp parameter was added in ExtremeWare 7 6 The mstp parameter was modified in ExtremeWare 7 7 The mist tag has been changed to msti to make it similar to EXOS command Platform Availability This command is available on all platforms ...

Page 1592: ...rt specification see Modular Switch Numerical Ranges or Stand alone Switch Numerical Ranges in Chapter 1 The range for the cost parameter is 1 through 65 535 The switch automatically assigns a default path cost based on the speed of the port Example The following command configures a cost of 100 to ports 1 through 5 in STPD s0 on a stand alone switch configure stpd s0 ports cost 100 1 5 The follow...

Page 1593: ...stpd ports cost ExtremeWare 7 7 Command Reference Guide 1593 This command was added to the Summit e series of switches in ExtremeWare 6 2a and 7 1e Platform Availability This command is available on all platforms ...

Page 1594: ... negotiate full duplex even though the broadcast domain extends over several STP devices In this situation an 802 1w port may advance to the forwarding state more quickly than desired If the switch operates in 802 1d mode any configured port link type will behave the same as the broadcast link type spanning tree name Specifies an STPD name on the switch auto Specifies the switch to automatically d...

Page 1595: ...ink type point to point 1 4 The following command configures slot 2 ports 1 through 4 to be point to point links in STPD s1 on a modular switch configure stpd s1 ports link type point to point 2 1 2 4 History This command was first available in ExtremeWare 7 1 This command was added to the Summit e series of switches in ExtremeWare 6 2a and ExtremeWare 7 1e Platform Availability This command is av...

Page 1596: ...he show stpd command displays information about the STPD configuration on the switch including the enable disable state for edge safeguard To enable or re enable edge safeguard use the configure stpd spanning tree name ports link type edge portlist edge safeguard enable command Example The following command disables RSTP on edge port 4 in STPD s1 on a stand alone switch configure stpd s1 ports lin...

Page 1597: ...ts portlist detail command The show stpd command displays information about the STPD configuration on the switch including the enable disable state for edge safeguard To disable edge safeguard use the configure stpd spanning tree name ports link type edge portlist edge safeguard disable command Example The following command enables RSTP on edge port 4 in STPD s1 on a stand alone switch configure s...

Page 1598: ...in must be in enabled state but STP can be enabled or disabled on the edge port Example The following command enables STP BPDU filter on edge port 4 in STPD s1 on a stand alone switch configure stpd s1 ports link type edge 4 bpdu filter enable The following command enables STP BPDU filter on slot 2 edge port 1 in STPD s1 on a modular switch configure stpd s1 ports link type edge 2 1 bpdu filter en...

Page 1599: ...mand disables STP BPDU filter on edge port 4 in STPD s1 on a stand alone switch configure stpd s1 ports link type edge 4 bpdu filter disable The following command disables STP BPDU filter on slot 2 edge port 1 in STPD s1 on a modular switch configure stpd s1 ports link type edge 2 1 bpdu filter disable History This command was first available in ExtremeWare 7 7 Platform Availability This command i...

Page 1600: ...acket formatting for slot 2 port 1 on a modular switch configure stpd s1 ports mode pvst plus 2 1 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms spanning tree name Specifies an STPD name on the switch dot1d Specifies IEEE 802 1d compliant packe...

Page 1601: ...riority On a modular switch portlist can be a list of slots and ports On a stand alone switch the portlist can be one or more port numbers For a detailed explanation of port specification see Modular Switch Numerical Ranges or Stand alone Switch Numerical Ranges in Chapter 1 The range for the priority parameter is 0 through 31 For version 6 0 and later The range for the priority parameter is 0 thr...

Page 1602: ...iority 1 2 1 2 5 History This command was first available in ExtremeWare 2 0 This command was modified in ExtremeWare 4 0 to support modular switches This command was modified in ExtremeWare 6 1 to update the priority parameter This command was added to the Summit e series of switches in ExtremeWare 6 2a and ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1603: ...the priority of the STPD you can make it more or less likely to become the root bridge The range for the priority parameter is 0 through 65 535 A setting of 0 indicates the highest priority Example The following command sets the bridge priority of STPD1 to 16 384 configure stpd stpd1 priority 16384 History This command was first available in ExtremeWare 2 0 This command was added to the Summit e s...

Page 1604: ... are running in 802 1d mode an STPD must be configured with an StpdID You must create and configure the VLAN along with the tag before you can configure the STPD tag To create a VLAN use the create vlan command To configure the VLAN use the configure vlan command In addition to the VLAN attributes that you will use in the STPD you must first create an STPD To create an STPD use the delete stpd com...

Page 1605: ... also be used for backward compatibility with previous STP versions emistp This mode sends BPDUs with an 802 1Q tag having an STPD instance identifier StpdID in the VLANid field This is an Extreme proprietary mode and cannot be used with non Extreme devices pvst plus This mode implements PVST in compatibility with third party switches running this version of STP The STPDs running in this mode have...

Page 1606: ...Reference Guide STP Commands History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 1607: ...orts in user created STPDs are in emistp mode Usage Guidelines Each STPD name must be unique and cannot duplicate any other named elements on the switch such as VLANs QoS profiles Access profiles or route maps If you are uncertain about the VLAN profile names on the switch use the show vlan command to view the VLAN profiles If you are uncertain about QoS profile names on the switch use the show qo...

Page 1608: ...meWare 7 7 Command Reference Guide STP Commands This command was added to the Summit e series of switches in ExtremeWare 6 2a and ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1609: ...ted An STPD can only be removed if all VLANs have been deleted from it The default STPD s0 cannot be deleted Example The following command deletes an STPD named purple_st delete stpd purple_st History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches ExtremeWare 6 2a and ExtremeWare 7 1e Platform Availability This command is available on ...

Page 1610: ...to allow a BPDU to traverse a VLAN without being processed by STP even if STP is enabled on the port If you have a known topology and have switches outside of your network within your STPD use this feature to keep the root bridge within your network Example The following command disables the ignore bpdu option on the VLAN accounting disable ignore bpdu accounting History This command was first ava...

Page 1611: ...to ignore the STP protocol and not block traffic for the VLAN s see the following command enable ignore stp vlan vlan name Example The following command disables the ignore stp option on the VLAN accounting disable ignore stp accounting History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches ExtremeWare 6 2a and ExtremeWare 7 1e Platfor...

Page 1612: ...ree name keyword is optional You do not need to indicate an STPD name if you disable STP for all STPDs To enable or re enable STP on a particular STPD or on all STPDs use the enable stpd spanning tree name command Example The following command disables an STPD named purple_st disable stpd purple_st History This command was first available in ExtremeWare 2 0 This command was added to the Summit e s...

Page 1613: ...h Numerical Ranges in Chapter 1 You must create one or more STP domains configure and enable an STPD before you can use the disable stpd ports command To enable STP on one or more ports for a given STPD use the enable stpd ports command Example The following command disables port 4 on an STPD named Backbone_st on a stand alone switch disable stpd backbone_st ports 4 The following command disables ...

Page 1614: ...1614 ExtremeWare 7 7 Command Reference Guide STP Commands Platform Availability This command is available on all platforms ...

Page 1615: ... the status of rapid root failover on the switch use the show stpd command The show stpd command displays information about the STPD configuration on the switch including the enable disable state for rapid root failover To enable or re enable rapid root failover for STP recovery times use the enable stpd spanning tree name rapid root failover command Example The following command disables rapid ro...

Page 1616: ...Disables the bpdu filter on all ports on the switch Syntax Description Default Disabled Usage Guidelines Example The following command disable STP BPDU filter on the switch disable stpd bpdu filter History This command was first available in ExtremeWare 7 7 Platform Availability This command is available on all platforms ...

Page 1617: ...without being processed by STP even if STP is enabled on the port If you have a known topology and have switches outside your network that are within your STPD use this feature to keep the root bridge within your network Use the disable ignore bpdu vlan vlan name command to allow the switch to recognize STP BPDUs Example The following command configures the switch to ignore STP BPDUs on the VLAN a...

Page 1618: ...ame physical ports but only some of the VLANs require STP protection To allow a VLAN to use STP port information use the disable ignore stp vlan command Example The following command enables the ignore stp option on the VLAN accounting enable ignore stp accounting History This command was first available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 6 ...

Page 1619: ...u enable the STP protocol for all STPDs To disable the STP protocol on a particular STPD or on all STPDs use the disable stpd command The default port mode is emistp which requires an StpdID When using 802 1d mode configure the mode of all the ports to dot1d before enabling the domain Example The following command enables an STPD named Backbone_st enable stpd backbone_st History This command was f...

Page 1620: ...witch portlist can be one or more port numbers For a detailed explanation of port specification see Modular Switch Numerical Ranges or Stand alone Switch Numerical Ranges in Chapter 1 Example The following command enables port 4 on an STPD named Backbone_st on a stand alone switch enable stpd backbone_st ports 4 The following command enables slot 2 port 4 on an STPD named Backbone_st on a modular ...

Page 1621: ...enable stpd ports ExtremeWare 7 7 Command Reference Guide 1621 Platform Availability This command is available on all platforms ...

Page 1622: ...kly and this command is used for that purpose To view the status of rapid root failover on the switch use the show stpd command The show stpd command displays information about the STPD configuration on the switch including the enable disable state for rapid root failover Example The following command enables rapid root failover on the STPD called Backbone_st enable stpd backbone_st rapid root fai...

Page 1623: ... filter on all ports on the switch Syntax Description This command has no arguments or variables Default Disabled Usage Guidelines Example The following command enables STP BPDU filter on the switch enable stpd bpdu filter History This command was first available in ExtremeWare 7 7 Platform Availability This command is available on all platforms ...

Page 1624: ... the show stpd command to display STP configurations Use the create stpd command to create an STP domain Use the enable stpd command to enable an STPD If you have considerable knowledge and experience with STP you can configure the STPD using the configure stpd commands However the default STP parameters are adequate for most networks Examples The following command displays global STPD settings fo...

Page 1625: ...0 Rapid Root Failover Disabled Operational Mode 802 1W 802 1Q Tag none Ports 2 5 2 6 3 1 3 2 3 3 3 4 3 5 3 6 3 7 3 8 4 1 4 2 4 3 4 4 Active Vlans Default Bridge Priority 32768 BridgeID 80 00 00 01 30 23 c1 00 Designated root 80 00 00 01 30 23 c1 00 RootPathCost 0 Root Port MaxAge 20s HelloTime 2s ForwardDelay 15s CfgBrMaxAge 20s CfgBrHelloTime 2s CfgBrForwardDelay 15s Topology Change Time 35s Hold...

Page 1626: ...e as follows Domain Configuration Stpd cist_stp Stp ENABLED Number of Ports 2 Rapid Root Failover Disabled Operational Mode MSTP Default Binding Mode 802 1d MSTI instance CIST CIST cist_stp 802 1Q Tag none Ports 23 24 Participating Vlan Count 1 Bridge Information Bridge Priority 32768 BridgeID 80 00 00 04 96 1f 88 28 Bridge Role CIST Root 80 00 00 04 96 1f 88 28 CIST Regional Root 80 00 00 04 96 1...

Page 1627: ...keyword was introduced in ExtremeWare 6 2 Support for displaying RSTP data was introduced in ExtremeWare 7 1 This command was added to the Summit e series of switches in ExtremeWare 6 2a and ExtremeWare 7 1e Support for displaying MSTP data was introduced in ExtremeWare 7 6 Platform Availability This command is available on all platforms ...

Page 1628: ...witch portlist can be one or more port numbers For a detailed explanation of port specification see Modular Switch Numerical Ranges or Stand alone Switch Numerical Ranges in Chapter 1 Examples The following command displays the state of port 4 on an STPD named Backbone_st on a stand alone switch show stpd Backbone_st ports 4 spanning tree name Specifies an STPD name portlist Specifies one or more ...

Page 1629: ...displays the state of port 20 on an STPD named rstp_domain on a standalone switch show stpd rstp_domain port 20 detail The results for this command are as follows Partner STP version Dot1w Stpd rstp_domain Port 20 PortId 4014 Stp ENABLED Path Cost 19 Port Mode EMISTP Port State BLOCKING Topology Change Ack FALSE Port Priority 16 Loopback Port FALSE Designated Root 80 00 00 04 96 05 00 30 Designate...

Page 1630: ...ated Bridge 00 00 00 00 00 00 00 00 Designated Port Id 0 maxAge 0 MsgAge 0 fwdDelay 0 HelloTime 0 maxHops 0 In this command output the items specific to MSTP are Partner STP version and maxHops History This command was first available in ExtremeWare 2 0 Support for modular switches was introduced in ExtremeWare 4 0 Support for the all keyword was introduced in ExtremeWare 4 0 Support for the detai...

Page 1631: ...d so on Port role root bridge edge port and so on STPD port state forwarding blocking and so on Configured port link type Operational port link type Example The following command displays the spanning tree configurations for the vlan Default show vlan default stpd The results for this command are as follows Summit1iTx 30 show vlan Default stpd s0 enabled Tag none Ports 8 Root P C 80 00 00 01 30 1d...

Page 1632: ...mmit400 48t 4 show stpd s0 ports detail Stpd s0 Port 13 PortId 400d Stp ENABLED Path Cost 4 Port Mode 802 1D Port State FORWARDING Topology Change Ack FALSE Port Priority 16 Loopback Port FALSE Designated Root 00 00 00 00 00 00 00 00 Designated Cost 0 Designated Bridge 00 00 00 00 00 00 00 00 Designated Port Id 0 Partner STP version Dot1d Stpd s0 Port 14 PortId 400e Stp ENABLED Path Cost 4 Port Mo...

Page 1633: ...below Region Name The name of the MSTP region In the Extreme Networks implementation the maximum length of the name is 32 characters and can be a combination of alphanumeric characters and underscores _ Format Selector A number to identify the format of MSTP BPDUs The default is 0 Revision Level This identifier is reserved for future use however the switch uses and displays a default of 3 Example ...

Page 1634: ...fy a spanning tree name For version 2 0 on i series switches You can use the all parameter to specify all STPDs Example The following command restores default values to an STPD named Backbone_st unconfigure stpd backbone_st History This command was first available in ExtremeWare 2 0 Support for the all parameter was discontinued in ExtremeWare 7 0 This command was added to the Summit e series of s...

Page 1635: ...8 Virtual Router Redundancy Protocol The following points pertain to VRRP VRRP packets are encapsulated IP packets The VRRP multicast address is 224 0 0 18 The virtual router MAC address is 00 00 5E 00 01 vrid An interconnect link between VRRP routers should not be used except when VRRP routers have hosts directly attached A maximum of 64 VRID instances are supported on the e series switches and a...

Page 1636: ...uter Communication is lost between master and backup router s The master router sends periodic advertisements to the backup routers to indicate that it is alive VRRP also supports the following tracking options VRRP VLAN tracking VRRP route table tracking VRRP ping tracking If a tracking option is enabled and the object being tracked becomes unreachable the master device will fail over These track...

Page 1637: ...AN Syntax Description Default N A Usage Guidelines None Example The following enables VRRP on VLAN vrrp 1 configure vrrp add vlan vrrp 1 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms vlan name Specifies a VLAN name ...

Page 1638: ...ple The following command disables VRRP on VLAN vrrp 1 configure vrrp delete vlan vrrp 1 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms vlan name Specifies the name of a VLAN on which to disable VRRP all Specifies that VRRP should be disabled o...

Page 1639: ...nctional Example The following command sets up this device as the master router for VLAN vrrp 1 using IP address 192 168 1 3 as the virtual router IP address configure vrrp vlan vrrp 1 add master vrid 1 192 168 1 3 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available...

Page 1640: ... protect against accidental misconfiguration of routers in a local area network LAN Example The following command configures authentication for VRRP VLAN vrrp 1 with the password newvrrp configure vrrp vlan vrrp 1 authentication simple password newvrrp History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform ...

Page 1641: ... the virtual router identified by VRID 2 configure vrrp vlan vrrp 1 delete vrid 2 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms vlan name Specifies the name of a VRRP VLAN number Specifies a Virtual Router ID VRID Value can be in the range of ...

Page 1642: ...uter is down If you have an extremely busy CPU a short dual master situation can occur To avoid this increase the advertisement interval The preempt mode controls whether a higher priority backup router preempts a lower priority master preempt allows preemption dont_preempt prohibits preemption The default setting is preempt The router that owns the virtual router IP address always preempts indepe...

Page 1643: ... 200 configure vrrp vlan vrrp 1 vrid 2 advertisement interval 15 configure vrrp vlan vrrp 1 vrid 2 dont_preempt History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1644: ...the device All virtual routers defined on this device will also be disabled If you enable VRRP again it is not necessary to enable virtual routers again individually Example The following command disables VRRP on the device disable vrrp History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability Thi...

Page 1645: ...ines IGMP snooping must be enabled for VRRP to operate correctly Use the following command to enable IGMP snooping enable igmp snooping Example The following command enables VRRP on this device enable vrrp History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all p...

Page 1646: ...d Ds Disabled Pri Priority T Advert Timer M Preempt Prt Active Ports TR Tracked Routes Pings TPr Tracked Ports W TrackWinner The following command displays detail status information for VRRP show vrrp detail It produces output similar to the following VRRP Router Enabled Vlan demo_vrrp IpAddress Owner 192 168 1 2 Vrrp ENABLED Router ENABLED Authentication None Tracked VLANs Tracked Ip Routes Track...

Page 1647: ...mmand Reference Guide 1647 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on all platforms ...

Page 1648: ...isplays statistics for VLAN v1 show vrrp vlan v1 stats It produces output similar to the following VLAN v1 Chksum Err 0 Ver Err 0 VRID Err 0 Auth Mismatch 0 Pkt len Err 0 Become Master 2 Adv recv 0 Adv Err 0 Auth Fail 0 TTL Err 0 Pri 0 recv 0 Pri 0 snt 1 Addr List Err 0 Invalid Auth Err 0 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of s...

Page 1649: ...nfigure the same IP subnet on different VLANs The Extreme Networks switch maintains an IP routing table for network routes and host routes The table is populated from the following sources Dynamically by way of routing protocol packets or by ICMP redirects exchanged with other routers Statically by way of routes entered by the administrator Default routes configured by the administrator Locally by...

Page 1650: ...ubnets being service by the switch and going to hosts on different subnets This feature can be used in various applications including DHCP services between Windows NT servers and clients running Windows 95 UDP forwarding is a flexible and generalized routing utility for handling the directed forwarding of broadcast UDP packets UDP forwarding allows applications such as multiple DHCP relay services...

Page 1651: ...ons are satisfied The valid IP ARP Request is received on a router interface The target IP address matches the IP address configured in the proxy ARP table The proxy ARP table entry indicates that the system should always answer this ARP Request regardless of the ingress VLAN the always parameter must be applied After all the proxy ARP conditions have been met the switch formulates an ARP Response...

Page 1652: ...lines Permanent IP ARP entries are not affected Example The following command removes a dynamically created entry from the IPARP table clear iparp 10 1 1 5 24 History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ip address Specifies an IP address vlan name Specif...

Page 1653: ...e specified all IP FDB entries are removed Example The following command removes dynamically created entries in the IP forwarding database clear ipfdb 10 1 2 1 24 History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ip address Specifies an IP address netmask Spec...

Page 1654: ...fferent subnets To configure the relay function follow these steps 1 Configure VLANs and IP unicast routing 2 Enable the DHCP or BOOTP relay function using the following command enable bootprelay 3 Configure the addresses to which DHCP or BOOTP requests should be directed using the following command configure bootprelay add ip address Example The following command configures BOOTP requests to be d...

Page 1655: ... different subnets To configure the relay function follow these steps 1 Configure VLANs and IP unicast routing 2 Enable the DHCP or BOOTP relay function using the following command enable bootprelay 3 Configure the addresses to which DHCP or BOOTP requests should be directed using the following command configure bootprelay add ip address Example The following command removes the destination addres...

Page 1656: ...g in the DHCP reply packet follow these steps 1 Configure VLANs and IP unicast routing 2 Enable the DHCP or BOOTP relay function using the following command enable bootprelay 3 Configure the addresses to which DHCP or BOOTP requests should be directed using the following command configure bootprelay add ip address 4 Configure the DHCP relay agent option option 82 using the following command config...

Page 1657: ...prelay dhcp agent information check ExtremeWare 7 7 Command Reference Guide 1657 This command was added to the e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 1658: ...ion follow these steps 1 Configure VLANs and IP unicast routing 2 Enable the DHCP or BOOTP relay function using the following command enable bootprelay 3 Configure the addresses to which DHCP or BOOTP requests should be directed using the following command configure bootprelay add ip address 4 Configure the DHCP relay agent option option 82 using the following command configure bootprelay dhcp age...

Page 1659: ...configure bootprelay dhcp agent information option ExtremeWare 7 7 Command Reference Guide 1659 Platform Availability This command is available on all platforms ...

Page 1660: ...uld be directed using the following command configure bootprelay add ip address 4 Configure the DHCP relay agent option option 82 using the following command configure bootprelay dhcp agent information option 5 Configure the DHCP relay agent reforwarding policy using the following command configure bootprelay dhcp agent information policy policy To disable the DHCP relay agent reforwarding policy ...

Page 1661: ...n policy ExtremeWare 7 7 Command Reference Guide 1661 History This command was available in ExtremeWare 7 2 This command was added to the e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 1662: ...e Guidelines None Example The following command configures the forwarding functionality destined to nonworking IP interfaces configure ip down vlan action forward History This command was first available in ExtremeWare 6 2 This command was added to the e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms consume Specifies the consume function dr...

Page 1663: ...y to the system The ip address is used to match the IP interface address to locate a suitable interface Example The following command adds a permanent IP ARP entry to the switch for IP address 10 1 2 5 configure iparp add 10 1 2 5 00 11 22 33 44 55 History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 2e Platform Availability This...

Page 1664: ...s to ARP Requests on behalf of the device as long as the following conditions are satisfied The valid IP ARP Request is received on a router interface The target IP address matches the IP address configured in the proxy ARP table The proxy ARP table entry indicates that the system should always answer this ARP Request regardless of the ingress VLAN the always parameter must be applied After all th...

Page 1665: ...configure iparp add proxy ExtremeWare 7 7 Command Reference Guide 1665 Platform Availability This command is available on all platforms ...

Page 1666: ...P ARP entry dynamic or permanent from the table The ip address is used to match the IP interface address to locate a suitable interface Example The following command deletes an IP address entry from the ARP table configure iparp delete 10 1 2 5 History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This com...

Page 1667: ...er host on another subnet the switch answers the ARP Request and all subsequent traffic will be sent directly to the router You can configure up to 64 proxy ARP entries When the mask is not specified then software will assume a host address that is a 32 bit mask When the MAC address is not specified then the software uses the switch s MAC address as the proxy host Always should be specified for ty...

Page 1668: ...20480 The maximum IP ARP entries include dynamic static and incomplete IP ARP entries Example The following command sets the maximum IP ARP entries to 2000 entries configure iparp max entries 2000 History This command was first available in ExtremeWare 6 2 This command was added to the e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms number ...

Page 1669: ...Usage Guidelines Range 1 20480 but cannot be greater than the configured IP ARP max entries value Example The following command sets the maximum IP ARP entries to 500 entries configure iparp max pending entries 500 History This command was first available in ExtremeWare 6 2 This command was added to the e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all...

Page 1670: ...t 20 minutes Usage Guidelines A setting of 0 disables ARP aging Example The following command sets the IP ARP timeout period to 10 minutes configure iparp timeout 10 History This command was first available in ExtremeWare 4 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms minutes Specifies a time in minutes ...

Page 1671: ...show ipconfig command Example The following command clears only the IPFDB entries associated with the new route s subnet configure ipfdb route add clear subnet History This command was first available in ExtremeWare 7 0 This command was added to the e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms clear all Clears all IPFDB entries associate...

Page 1672: ...5 for mask to indicate a host entry Example The following command adds a static address to the routing table configure iproute add 10 1 1 1 24 123 45 67 1 5 History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ip address Specifies an IP address mask Specifies a s...

Page 1673: ... are useful as a security measure or in special circumstances where a specific destination address must be discarded Blackhole entries are treated like permanent entries in the event of a switch reset or power off on cycle Blackhole entries are never aged out of the forwarding database FDB Example The following command adds a blackhole address to the routing table for packets with a destination ad...

Page 1674: ...ult blackhole route is for discarding traffic to the unknown IP destination Using this command all traffic with an unknown destination is discarded If there is another static default route existing in the routing table the blackhole default route takes higher route priority The default blackhole route is treated like a permanent entry in the event of a switch reset or power off on cycle The defaul...

Page 1675: ...teway must be located on a configured IP interface Use the unicast only or multicast only options to specify a particular traffic type If not specified both unicast and multicast traffic uses the default route Example The following command configures a default route for the switch configure iproute add default 123 45 67 1 History This command was available in ExtremeWare 2 0 This command was added...

Page 1676: ...e of 255 255 255 255 for mask to indicate a host entry Example The following command deletes an address from the gateway configure iproute delete 10 101 0 250 24 10 101 0 1 History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ip address Specifies an IP address ma...

Page 1677: ...tax Description Default N A Usage Guidelines None Example The following command removes a blackhole address from the routing table configure iproute delete blackhole 100 101 145 4 History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ip address Specifies an IP add...

Page 1678: ...yntax Description This command has no arguments or variables Default N A Usage Guidelines None Example The following command deletes a blackhole default route from the routing table configure iproute delete blackhole default History This command was first available in ExtremeWare 6 2 2 This command was added to the e series of switches in ExtremeWare 7 2e Platform Availability This command is avai...

Page 1679: ...are used when the router has no other dynamic or static route to the requested destination A default gateway must be located on a configured IP interface Example The following command deletes a default gateway configure iproute delete default 123 45 67 1 History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availabilit...

Page 1680: ...rities can be changed do not attempt any manipulation unless you are expertly familiar with the possible consequences rip Specifies RIP bootp Specifies BOOTP icmp Specifies ICMP static Specifies static routes ospf intra Specifies OSPFIntra routing ospf inter Specifies OSPFInter routing ospf as external Specifies OSPF as External routing ospf extern1 Specifies OSPF External 1 routing ospf extern2 S...

Page 1681: ...g command sets IP route priority for static routing to 1200 configure iproute priority static 1200 History This command was first available in ExtremeWare 4 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1682: ...can be dynamically changed In the case of direct and static route origins the changes are reflected immediately In the case of routes that are sourced from other origin the changes are reflected within 30 seconds MPLS uses route map based filters for controlling label advertisement and label propagation The implementation of the delete route map route map command has been augmented to support the ...

Page 1683: ...3 History This command was first available in ExtremeWare 6 1 5 This command was modified in an ExtremeWare IP Technology Services Release based on ExtremeWare v6 1 8b12 to support MPLS modules Platform Availability This command is available on the i series platforms only ...

Page 1684: ...t setting is 0 Example The following command configures the router advertisement message timers configure irdp 30 40 300 1 History This command was first available in ExtremeWare 4 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms mininterval Specifies the minimum amount of time between router advertisements in...

Page 1685: ...cast 224 0 0 1 Usage Guidelines None Example The following command sets the address of the router advertiser messages to multicast configure irdp multicast History This command was first available in ExtremeWare 4 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms multicast Specifies multicast setting broadcast ...

Page 1686: ...dress or VLAN A VLAN can make use of a single UDP forwarding profile UDP packets directed toward a VLAN use an all ones broadcast on that VLAN Example The following command adds port 34 to UDP profile port_34_to_server configure udp profile port_34_to_server add 34 ip address 10 1 1 1 History This command was first available in ExtremeWare 6 1 This command was added to the e series of switches in ...

Page 1687: ...elines None Example The following command removes port 34 from UDP profile port_34_to_server configure udp profile port_34_to_server delete 34 ip address 10 1 1 1 History This command was first available in ExtremeWare 6 1 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms profile_name Specifies a UDP profile name...

Page 1688: ...router set to the IP address or the super VLAN All traffic IP unicast and IP multicast between sub VLANs is routed through the super VLAN For example no ICMP redirects are generated for traffic between sub VLANs because the super VLAN is responsible for sub VLAN routing Unicast IP traffic across the sub VLANs is facilitated by the automatic addition of an ARP entry similar to a proxy ARP entry whe...

Page 1689: ...configure vlan secondary ip ExtremeWare 7 7 Command Reference Guide 1689 Platform Availability This command is available on the i series platforms only ...

Page 1690: ...N All traffic IP unicast and IP multicast between sub VLANs is routed through the super VLAN For example no ICMP redirects are generated for traffic between sub VLANs because the super VLAN is responsible for sub VLAN routing Unicast IP traffic across the sub VLANs is facilitated by the automatic addition of an ARP entry similar to a proxy ARP entry when a sub VLAN is added to a super VLAN This fe...

Page 1691: ...on of overlapping sub VLAN address ranges between multiple sub VLANs Doing so can result in unexpected behavior of ARP within the super VLAN and associated sub VLANs Example The following command configures the sub VLAN vsuper to prohibit the entry of IP addresses from hosts outside of the configured range of IP addresses configure vlan vsuper subvlan address range 10 1 1 1 10 1 1 255 History This...

Page 1692: ...onfigured UDP port number and forwards those packets to the user defined destination If the UDP port is the DHCP BOOTP port number appropriate BOOTP DHCP proxy functions are invoked Example The following command assigns a UDP profile to VLAN accounting configure vlan accounting udp profile port_34_to_server History This command was first available in ExtremeWare 4 0 This command was added to the e...

Page 1693: ...e Guidelines You must give the profile a unique name in the same manner as a VLAN protocol filter or Spanning Tree Domain STD A maximum of 10 UDP forwarding profiles can be defined Example The following command creates a UPD profile named backbone create udp profile backbone History This command was first available in ExtremeWare 4 0 This command was added to the e series of switches in ExtremeWar...

Page 1694: ...ription Default N A Usage Guidelines None Example The following command deletes a UPD profile named backbone delete udp profile backbone History This command was first available in ExtremeWare 4 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms profile_name Specifies a UDP profile name ...

Page 1695: ...tax Description Default Enabled for all VLANs Usage Guidelines None Example The following command disables the generation and processing of BOOTP packets on a VLAN named accounting disable bootp vlan accounting History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms...

Page 1696: ...sed in various applications including DHCP services between Windows NT servers and clients running Windows 95 To configure the relay function follow these steps 1 Configure VLANs and IP unicast routing 2 Enable the DHCP or BOOTP relay function using the following command enable bootprelay 3 Configure the addresses to which DHCP or BOOTP requests should be directed using the following command confi...

Page 1697: ...CMP hardware forwarding is used ICMP access lists are not permitted and ICMP no longer uses ICMP filter rules When modules are mixed in the same chassis the module continues to follow the configuration for the slot That is those slots that are incapable of hardware forwarding continue to forward packets by the CPU slots capable and configured for hardware forwarding no longer use the CPU and handl...

Page 1698: ...abled If a VLAN is not specified the command applies to all IP interfaces This command only affects the generation of certain ICMP packets Filtering of ICMP packets usually forwarded by the switch is controlled by the access list commands Example The following command disables the generation of an ICMP address mask reply on VLAN accounting disable icmp address mask vlan accounting History This com...

Page 1699: ...on information If a VLAN is not specified the command applies to all IP interfaces This command only affects the generation of certain ICMP packets Filtering of ICMP packets usually forwarded by the switch is controlled by the access list commands Example The following command disables the generation of an ICMP parameter problem message on VLAN accounting disable icmp parameter problem vlan accoun...

Page 1700: ...e request or access policy denies the request If a VLAN is not specified the command applies to all IP interfaces This command only affects the generation of certain ICMP packets Filtering of ICMP packets usually forwarded by the switch is controlled by the access list commands Example The following command disables ICMP port unreachable messages on VLAN accounting disable icmp port unreachables v...

Page 1701: ...en the switch is not in routing mode Example The following command disables ICMP redirects from VLAN accounting disable icmp redirects vlan accounting History This command was available in ExtremeWare 2 0 This command was modified in an ExtremeWare IP Technology Services Release based on ExtremeWare v6 1 8b12 to support MPLS modules This command was added to the e series of switches in ExtremeWare...

Page 1702: ...es to all IP interfaces This command only affects the generation of certain ICMP packets Filtering of ICMP packets usually forwarded by the switch is controlled by the access list commands Example The following command disables the generation of ICMP time exceeded messages on VLAN accounting disable icmp time exceeded vlan accounting History This command was first available in ExtremeWare 6 1 This...

Page 1703: ...s not specified the command applies to all IP interfaces This command only affects the generation of certain ICMP packets Filtering of ICMP packets usually forwarded by the switch is controlled by the access list commands Example The following command disables the generation of an ICMP timestamp response on VLAN accounting disable icmp timestamp vlan accounting History This command was first avail...

Page 1704: ... Example The following command disables the generation of ICMP unreachable messages on all VLANs disable icmp unreachables History This command was available in ExtremeWare 2 0 This command was modified in an ExtremeWare IP Technology Services Release based on ExtremeWare v6 1 8b12 to support MPLS modules This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability ...

Page 1705: ...This command has no arguments or variables Default Disabled Usage Guidelines This option only applies to the switch when the switch is not in routing mode Example The following command disables the changing of routing table information disable icmp useredirects History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Avai...

Page 1706: ...x Description This command has no arguments or variables Default Enabled Usage Guidelines None Example The following command disables the loose source route IP option disable ip option loose source route History This command was first available in ExtremeWare 6 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1707: ...ntax Description This command has no arguments or variables Default Enabled Usage Guidelines None Example The following command disables the record route IP option disable ip option record route History This command was first available in ExtremeWare 6 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1708: ... Description This command has no arguments or variables Default Enabled Usage Guidelines None Example The following command disables the record timestamp IP option disable ip option record timestamp History This command was first available in ExtremeWare 6 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1709: ...tion Syntax Description This command has no arguments or variables Default Enabled Usage Guidelines None Example The following command disables the strict source route IP option disable ip option strict source route History This command was first available in ExtremeWare 6 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on al...

Page 1710: ...ax Description This command has no arguments or variables Default Enabled Usage Guidelines None Example The following command disables generation of the router alert IP option disable ip option use router alert History This command was first available in ExtremeWare 6 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all pla...

Page 1711: ...e local interface or VLAN domain Syntax Description This command has no arguments or variables Default Enabled Usage Guidelines None Example The following command disables IP ARP checking disable iparp checking History This command was first available in ExtremeWare 6 2 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all pla...

Page 1712: ...ge Guidelines IP ARP refresh can only be disabled if IP forwarding is disabled The purpose of disabling ARP refresh is to reduce ARP traffic in a high node count layer 2 switching only environment Example The following command disables IP ARP refresh disable iparp refresh History This command was first available in ExtremeWare 6 2 This command was added to the e series of switches in ExtremeWare 7...

Page 1713: ...nd IP broadcast forwarding is disabled by default Other IP related configuration is not affected Example The following command disables forwarding of IP broadcast traffic for a VLAN named accounting disable ipforwarding broadcast vlan accounting History This command was available in ExtremeWare 2 0 This command was modified in an ExtremeWare IP Technology Services Release based on ExtremeWare v6 1...

Page 1714: ...1714 ExtremeWare 7 7 Command Reference Guide IP Unicast Commands Platform Availability This command is available on all platforms ...

Page 1715: ... Syntax Description Default Disabled Usage Guidelines Disabling LPM routing does not disable IP forwarding Example The following command disables LPM routing for all configured VLANs disable ipforwarding lpm routing The following command disables LPM routing for a VLAN named accounting disable ipforwarding lpm routing accounting History This command was first available in ExtremeWare 7 0 0 Platfor...

Page 1716: ...sable ip route sharing By default ECMP can load balance on up to four next hops irrespective of the route sharing configuration Configure static routes and or OSPF as you would normally ExtremeWare supports unlimited route sharing across static routes and up to 12 ECMP routes for OSPF Route sharing is useful only in instances where you are constrained for bandwidth This is typically not the case u...

Page 1717: ...fault Enabled Usage Guidelines If no optional argument is specified all the IP interfaces are affected Example The following command disables IRDP on VLAN accounting disable irdp vlan accounting History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vlan name Speci...

Page 1718: ...pecify a stable interface as a source interface for routing protocols This decreases the possibility of route flapping which can disrupt connectivity Example The following command disallows the VLAN accounting to be placed in the UP state without an external active port disable loopback mode vlan accounting History This command was first available in ExtremeWare 6 1 This command was added to the e...

Page 1719: ...bles standard multinetting in the switch disable multinetting standard History This command was first available in ExtremeWare 2 0 The proprietary and standard options were made available for this command in ExtremeWare 7 3 0 Platform Availability This command is available on the i series platforms only proprietary Specifies that proprietary multinetting is to be disabled The proprietary keyword i...

Page 1720: ...This allows clients on one sub VLAN to communicate with clients on another sub VLAN In certain circumstances intra sub VLAN communication may not be desired for isolation reasons NOTE The isolation option works for normal dynamic ARP based client communication Example The following command disables the automatic entry of sub VLAN information in the proxy ARP table of the super VLAN vsuper disable ...

Page 1721: ...les Default Disabled Usage Guidelines UDP Echo packets are used to measure the transit time for data between the transmitting and receiving end Example The following command disables UDP echo server support disable udp echo server History This command was available in ExtremeWare 6 2 1 This command was added to the e series of switches in ExtremeWare 7 2e Platform Availability This command is avai...

Page 1722: ...tax Description Default Enabled for all VLANs Usage Guidelines None Example The following command enables the generation and processing of BOOTP packets on a VLAN named accounting enable bootp vlan accounting History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms v...

Page 1723: ...d in various applications including DHCP services between Windows NT servers and clients running Windows 95 To configure the relay function follow these steps 1 Configure VLANs and IP unicast routing 2 Enable the DHCP or BOOTP relay function using the following command enable bootprelay 3 Configure the addresses to which DHCP or BOOTP requests should be directed using the following command configu...

Page 1724: ...itch Syntax Description Default Disabled Usage Guidelines Example The following command enables the gratuitous arp on VLAN test enable ip security arp gratuitous protection vlan test The following command enables the gratuitous arp on all VLANs enable ip security arp gratuitous protection vlan all History This command is available in ExtremeWare 7 7 Platform Availability This command is available ...

Page 1725: ...pecific models and ASIC part numbers see the Release Notes Use this command to re enable software forwarding and to disable hardware forwarding of ICMP packets When ICMP hardware forwarding is used ICMP access lists are not permitted and ICMP no longer uses ICMP filter rules Example The following command enables software forwarding of ICMP packets enable icmp access list slot 5 History This comman...

Page 1726: ...bled If a VLAN is not specified the command applies to all IP interfaces This command only affects the generation of certain ICMP packets Filtering of ICMP packets usually forwarded by the switch is controlled by the access list commands Example The following command enables the generation of an ICMP address mask reply on VLAN accounting enable icmp address mask vlan accounting History This comman...

Page 1727: ...n information If a VLAN is not specified the command applies to all IP interfaces This command only affects the generation of certain ICMP packets Filtering of ICMP packets usually forwarded by the switch is controlled by the access list commands Example The following command enables the generation of an ICMP parameter problem message on VLAN accounting enable icmp parameter problem vlan accountin...

Page 1728: ... request or access policy denies the request If a VLAN is not specified the command applies to all IP interfaces This command only affects the generation of certain ICMP packets Filtering of ICMP packets usually forwarded by the switch is controlled by the access list commands Example The following command enables ICMP port unreachable messages on VLAN accounting enable icmp port unreachables vlan...

Page 1729: ... the switch is not in routing mode Example The following command enables the generation of ICMP redirect messages on all VLANs enable icmp redirects History This command was available in ExtremeWare 2 0 This command was modified in an ExtremeWare IP Technology Services Release based on ExtremeWare v6 1 8b12 to support MPLS modules This command was added to the e series of switches in ExtremeWare 7...

Page 1730: ...s to all IP interfaces This command only affects the generation of certain ICMP packets Filtering of ICMP packets usually forwarded by the switch is controlled by the access list commands Example The following command enables the generation of ICMP time exceeded messages on VLAN accounting enable icmp time exceeded vlan accounting History This command was first available in ExtremeWare 6 1 This co...

Page 1731: ... not specified the command applies to all IP interfaces This command only affects the generation of certain ICMP packets Filtering of ICMP packets usually forwarded by the switch is controlled by the access list commands Example The following command enables the generation of an ICMP timestamp response on VLAN accounting enable icmp timestamp vlan accounting History This command was first availabl...

Page 1732: ... Example The following command enables the generation of ICMP unreachable messages on all VLANs enable icmp unreachables History This command was available in ExtremeWare 2 0 This command was modified in an ExtremeWare IP Technology Services Release based on ExtremeWare v6 1 8b12 to support MPLS modules This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability Th...

Page 1733: ...is command has no arguments or variables Default Disabled Usage Guidelines This option only applies to the switch when the switch is not in routing mode Example The following command enables the modification of route table information enable icmp useredirects History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availa...

Page 1734: ...x Description This command has no arguments or variables Default Enabled Usage Guidelines None Example The following command enables the loose source route IP option enable ip option loose source route History This command was first available in ExtremeWare 6 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1735: ...tax Description This command has no arguments or variables Default Enabled Usage Guidelines None Example The following command enables the record route IP option enable ip option record route History This command was first available in ExtremeWare 6 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1736: ... Description This command has no arguments or variables Default Enabled Usage Guidelines None Example The following command enables the record timestamp IP option enable ip option record timestamp History This command was first available in ExtremeWare 6 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1737: ...ion Syntax Description This command has no arguments or variables Default Enabled Usage Guidelines None Example The following command enables the strict source route IP option enable ip option strict source route History This command was first available in ExtremeWare 6 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all p...

Page 1738: ...ax Description This command has no arguments or variables Default Enabled Usage Guidelines None Example The following command enables generation of the router alert IP option enable ip option use router alert History This command was first available in ExtremeWare 6 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platf...

Page 1739: ...e local interface or VLAN domain Syntax Description This command has no arguments or variables Default Enabled Usage Guidelines None Example The following command enables IP ARP checking enable iparp checking History This command was first available in ExtremeWare 6 2 This command was added to the e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platf...

Page 1740: ...e Guidelines IP ARP refresh can only be disabled if IP forwarding is disabled The purpose of disabling ARP refresh is to reduce ARP traffic in a high node count layer 2 switching only environment Example The following command enables IP ARP refresh enable iparp refresh History This command was first available in ExtremeWare 6 2 This command was added to the e series of switches in ExtremeWare 7 2e...

Page 1741: ...r IP related configuration is not affected Example The following command enables forwarding of IP traffic for all VLANs with IP addresses enable ipforwarding The following command enables forwarding of IP broadcast traffic for a VLAN named accounting enable ipforwarding broadcast vlan accounting History This command was available in ExtremeWare 2 0 This command was modified in an ExtremeWare IP Te...

Page 1742: ...1742 ExtremeWare 7 7 Command Reference Guide IP Unicast Commands Platform Availability This command is available on all platforms ...

Page 1743: ...en either an ARM or MPLS module is installed in a BlackDiamond switch the module can be configured to forward IP packets for specified VLANs using LPM routing If no VLAN is specified LPM routing is enabled for all configured VLANs except the management VLAN Example The following command enables LPM routing for all configured VLANs enable ipforwarding lpm routing The following command enables LPM r...

Page 1744: ...eferred to as equal cost multipath ECMP routing Configure static routes and or OSPF as you would normally ExtremeWare supports unlimited route sharing across static routes and up to 12 ECMP routes for OSPF Route sharing is useful only in instances where you are constrained for bandwidth This is typically not the case using Extreme switches Using route sharing makes router troubleshooting more diff...

Page 1745: ...ault Enabled Usage Guidelines If no optional argument is specified all the IP interfaces are affected Example The following command enables IRDP on VLAN accounting enable irdp vlan accounting History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vlan name Specifie...

Page 1746: ...ecify a stable interface as a source interface for routing protocols This decreases the possibility of route flapping which can disrupt connectivity Example The following command allows the VLAN accounting1 to be placed in the UP state without an external active port enable loopback mode vlan accounting1 History This command was first available in ExtremeWare 6 1 This command was added to the e se...

Page 1747: ...etting Example The following command enables proprietary multinetting in the switch enable multinetting proprietary History This command was first available in ExtremeWare 2 0 The proprietary and standard options were made available for this command in ExtremeWare 7 3 0 Platform Availability This command is available on the i series platforms only proprietary Specifies that proprietary multinettin...

Page 1748: ...his allows clients on one sub VLAN to communicate with clients on another sub VLAN In certain circumstances intra sub VLAN communication may not be desired for isolation reasons NOTE The isolation option works for normal dynamic ARP based client communication Example The following command enables the automatic entry of sub VLAN information in the proxy ARP table of the super VLAN vsuper enable sub...

Page 1749: ...es Default Disabled Usage Guidelines UDP Echo packets are used to measure the transit time for data between the transmitting and receiving end Example The following command enables UDP echo server support enable udp echo server History This command was available in ExtremeWare 6 2 1 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is availab...

Page 1750: ...tch Syntax Description Default Disabled Usage Guidelines Example The following command disables the gratuitous arp on VLAN test disable ip security arp gratuitous protection vlan test The following command disables the gratuitous arp on all VLANs disable ip security arp gratuitous protection vlan all History This command is available in ExtremeWare 7 7 Platform Availability This command is availab...

Page 1751: ...word is specified the information displayed is modified some of the information normally displayed is omitted and the LSP endpoint and outgoing MPLS label are displayed instead The LSP endpoint is the IP address prefix of the FEC associated with the LSP The LSP endpoint matches the destination for direct LSPs and is a 32 bit prefix address of a proxy router for indirect LSPs Example The following ...

Page 1752: ... IP address 10 20 30 55 run ipfdb check 10 20 30 55 History This command was first available in ExtremeWare 6 1 9 Platform Availability This command is available on all platforms The extended option is available on the BlackDiamond switch only bucket Specifies the bucket portion of the FDB hash index entry Specifies the entry portion of the FDB hash index ip address Specifies an IP address FDB ent...

Page 1753: ...of the VLANs Syntax Description Default N A Usage Guidelines Example A typical output of the this command will be similar to this Gratuitous ARP SNMP Notification Disabled Vlan Gratuitous Arp Default Disabled MacVlanDiscover Disabled uplink Disabled mcast Disabled v2 Disabled ixia Disabled History This command is available in ExtremeWare 7 7 Platform Availability This command is available on all p...

Page 1754: ...lue VLAN name VLAN ID and port number Flags Example The following command displays the IP ARP table show iparp 10 1 1 5 24 History This command was available in ExtremeWare 2 0 This command was modified in ExtremeWare 6 2 1 to provide the MAC address option This command was added to the e series of switches in ExtremeWare 7 1e This command was modified in ExtremeWare 7 2 e to provide the MAC addre...

Page 1755: ...o argument is specified then all proxy ARP entries are displayed Example The following command displays the proxy ARP table show iparp proxy 10 1 1 5 24 History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ip address Specifies an IP address mask Specifies a subne...

Page 1756: ... VLANID ICMP configuration global IGMP configuration global IRDP configuration global Using the detail option of his command displays secondary IP addresses which are displayed in the line following the primary IP address output Example The following example shows the secondary IP address configuration for the VLAN named vlantest1 show ipconfig vlantest1 Following is sample output from this comman...

Page 1757: ...ng NO MPLS NO NAT Inside NO NAT Outside NO OSPF NO PIM NO RIP NO RSVP NO SendParam YES SendPortUn YES Send Redir YES SendTimxceed YES SendUnreach YES SLB Cli NO SLB Srv NO SubVLAN Prxy YES TimeStampRly NO VRRP NO History This command was first available in ExtremeWare 2 0 This command was modified in an ExtremeWare IP Technology Services Release based on ExtremeWare v6 1 8b12 to support MPLS modul...

Page 1758: ...E0 2B 04 DA 00 4000 1 10 205 4 200 01C3 0 9C32 0 0000 00 E0 2B 04 DA 00 4000 1 10 205 4 203 02C3 0 9C32 0 0000 00 E0 2B 04 DA 00 4000 1 10 205 4 202 03C3 0 9C32 0 0000 00 E0 2B 04 DA 00 4000 1 10 205 4 205 04C3 0 9C32 0 0000 00 E0 2B 04 DA 00 4000 1 10 0 5 0 050F 0 9C32 0 0000 00 E0 2B 04 DA 00 4000 1 10 205 4 204 05C3 0 9C32 0 0000 00 E0 2B 04 DA 00 4000 1 10 205 4 207 06C3 0 9C32 0 0000 00 E0 2B...

Page 1759: ...000 1 10 205 4 193 08C3 0 9C32 0 0000 00 E0 2B 04 DA 00 4000 1 10 205 4 192 09C3 0 9C32 0 0000 00 E0 2B 04 DA 00 4000 1 History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1760: ...d using the route maps The characteristics that can be matched and modified are dependent on the origin of the route Route maps for IP routing can be dynamically changed In the case of direct and static route origins the changes are reflected immediately In the case of routes that are sourced from other origin the changes are reflected within 30 seconds The output of the show iproute command has b...

Page 1761: ... display by an If there are multiple routes to the same destination network the will indicate which route is the most preferable route The Use and M Use fields indicate the number of times the route table entry is being used for packet forwarding decisions The Use field indicates a count for unicast routing while the M Use field indicates a count for multicast routing If the use count is going up ...

Page 1762: ...ence Guide IP Unicast Commands This command was modified to include a timestamp in ExtremeWare 6 2 2 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1763: ...ts with an IP Header Error forwarded to the CPU Bad vers Total number of packets with a version other than IP v4 in the IP version field Bad chksum Total number of packets with a bad IP checksum forwarded to the CPU Short pkt IP packets that are too short Short hdr IP packets with a header that is too short Bad hdrlen IP packets with a header length that is less than the length specified Bad lengt...

Page 1764: ...n Incoming ICMP packets with length errors echo reply In Out ICMP echo reply packets that are received and transmitted destination unreachable In Out ICMP packets with destination unreachable that are received and transmitted port unreachable In Out ICMP packets with port unreachable that are received and transmitted echo In Out ICMP echo packets that are received and transmitted Table 33 Global I...

Page 1765: ...ages DHCP Decline Number of DHCP Decline responses DHCP Ack Number of DHCP Ack responses DHCP NAck Number of DHCP NAck responses DHCP Release Number of DHCP Release instances DHCP Inform Not used Table 35 Router Interface Statistics Field Definitions Field Definition Packets IN OUT Total number of IP packets received or transmitted on a VLAN router interface Octets IN OUT Total number of octets re...

Page 1766: ...ut rules of UDP port destination IP address or VLAN Source VLANs to which the profile is applied Example The following command displays the UDP profile information for the UPD profile named backbone show udp profile backbone History This command was first available in ExtremeWare 4 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is availa...

Page 1767: ...elines The following command configures DHCP relay agent option check configure bootprelay dhcp agent information check To disable the DHCP relay agent information check in the DHCP reply packet use the following command unconfigure bootprelay dhcp agent information check Example The following command disables DHCP relay agent information checking in the DHCP reply packet unconfigure bootprelay dh...

Page 1768: ...s The following command configures the DHCP relay agent option configure bootprelay dhcp agent information option To disable the DHCP relay agent option option 82 use the following command unconfigure bootprelay dhcp agent information option Example The following command disables the DHCP relay agent option option 82 unconfigure bootprelay dhcp agent information option History This command was ava...

Page 1769: ...n with its own information Usage Guidelines The following command configures the DHCP relay agent reforwarding policy configure bootprelay dhcp agent information policy policy To disable the DHCP relay agent reforwarding policy use the following command unconfigure bootprelay dhcp agent information policy Example The following command disables the DHCP relay agent reforwarding policy unconfigure b...

Page 1770: ...sage Guidelines None Example The following command resets all ICMP settings to the default values unconfigure icmp History This command was available in ExtremeWare 2 0 This command was modified in an ExtremeWare IP Technology Services Release based on ExtremeWare v6 1 8b12 to support MPLS modules This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This com...

Page 1771: ...alues Syntax Description This command has no arguments or variables Default N A Usage Guidelines None Example The following command resets all IP ARP related settings to the default values unconfigure iparp History This command was first available in ExtremeWare 6 2 This command was added to the e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platfor...

Page 1772: ...cription This command has no arguments or variables Default N A Usage Guidelines None Example The following command resets all router advertisement settings to the default values unconfigure irdp History This command was available in ExtremeWare 2 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1773: ...iption Default N A Usage Guidelines None Example The following command removes the UDP profile configuration from the VLAN accounting unconfigure udp profile vlan accounting History This command was first available in ExtremeWare 4 0 This command was added to the e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vlan name Specifies a VLAN nam...

Page 1774: ...1774 ExtremeWare 7 7 Command Reference Guide IP Unicast Commands ...

Page 1775: ...together into areas The topology within an area is hidden from the rest of the autonomous system Hiding this information enables a significant reduction in LSA traffic and reduces the computations needed to maintain the LSDB Routing within the area is determined only by the topology of the area The three types of routers defined by OSPF are as follows Internal Router IR An internal router has all ...

Page 1776: ... called triggered updates If a router does not receive an update message from its neighbor within the route timeout period 180 seconds by default the router assumes the connection between it and its neighbor is no longer available A new version of RIP called RIP version 2 RIPv2 expands the functionality of RIP version 1 to include Variable Length Subnet Masks VLSMs Next hop addresses Support for n...

Page 1777: ...fied all adjacencies for all VLANs are cleared Example The following command clears the level 1 adjacencies for VLAN v1 clear isis adjacency level 1 vlan v1 History This command was first available in ExtremeWare 7 0 0 Platform Availability This command is available on the i series platforms level 1 Specifies IS IS level 1 adjacencies level 2 Specifies IS IS level 2 adjacencies level 1 2 Specifies...

Page 1778: ...ers are specified all entries are cleared Example The following command clears all non pseudonode LSDB clear isis lsdb type non pseudonode History This command was first available in ExtremeWare 7 0 0 Platform Availability This command is available on the i series platforms level 2 Specifies the level 2 subdomain isis area identifier Specifies a level 1 area identifier system identifier Specifies ...

Page 1779: ...ul when multiple areas are merged or when one area is split into multiple areas Multiple area addresses enable you to remember an area individually as needed If no area address is configured the IS IS process will not start Example The following command adds an IS IS area address for level 2 subdomains configure isis level 2 add 02 History This command was first available in ExtremeWare v6 1 8 IS ...

Page 1780: ... 1 area in which the interface is present is specified with this option level 1 2 Both level 1 and level 2 adjacency is established if the neighbor s interface is also configured as level 1 2 and there is at least one area in common If there is no area in common a level 2 adjacency is established The area identifier of the level 1 area in which the interface is present is specified with this optio...

Page 1781: ...oadvert option filters out the summary Example The following command adds the domain summary address 10 0 0 0 8 to the level 1 area a1 advertises the address and sets the cost to 15 configure isis area a1 add domain summary 10 0 0 0 8 advertise cost 15 History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Ava...

Page 1782: ... the summary address is deleted the summarized IP reachability information must not be included in the level 2 LSP Example The following command deletes one summary address 10 0 0 0 8 from the level 1 area a1 configure isis area a1 delete domain summary 10 0 0 0 8 History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 ...

Page 1783: ... profile is not configured none of the information is filtered By default no access profile is present on a level 1 area Example The following command configures access profile ap1 as the domain filter for the area a1 configure isis area a1 domain filter ap1 History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platfo...

Page 1784: ...n HMAC on the data present in the packet The no check option prevents the system from dropping received packets that cannot be authenticated Example The following command configures authentication using the simple password extreme with no checking for the level 2 subdomain configure isis level 2 authentication simple password extreme no check History This command was first available in ExtremeWare...

Page 1785: ...ly useful when multiple areas are merged or when one area is split into multiple areas Multiple area addresses enable you to remember an area individually as needed If no area address is configured the IS IS process will not start Example The following command deletes an IS IS area address 00 0001 for the level 2 subdomain configure isis level 2 delete 00 0001 History This command was first availa...

Page 1786: ...t IS IS is not enabled on an interface Usage Guidelines None Example The following command disables IS IS on all VLANs configure isis delete vlan all History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the i series platforms vlan name Specifies the name of a VLAN al...

Page 1787: ...es The filter is applied on the routes from all the non IS IS origins When an access profile is not configured none of the routes are filtered Example The following command configures an external filter for a level 1 area with the access profile ap configure isis area a1 external filter ap History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporat...

Page 1788: ...cription Default 10 seconds Usage Guidelines The LSP hold down interval range is from 3 to 120 seconds Example The following command configures the LSP hold down interval configure isis lsp holddown interval 20 History This command was first available in ExtremeWare 7 0 0 Platform Availability This command is available on the i series platforms seconds Specifies the LSP hold down interval in secon...

Page 1789: ...nly use this command when IS IS is disabled The LSP lifetime range is from 400 to 65 535 seconds Example The following command sets the LSP lifetime to 1000 configure isis lsp lifetime 1000 History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the i series platforms s...

Page 1790: ...is command when IS IS is disabled The LSP refresh interval range is from 100 to 65 235 seconds Example The following command configures the LSP refresh interval configure isis lsp refresh interval 120 History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the i series ...

Page 1791: ...c specifications The wide option indicates that the metric can have a maximum value of 4 261 412 864 as specified in the traffic engineering draft The both option indicates that the metric should be described in both formats You can only use this command when IS IS is disabled Example The following command configures the metric size as both for the level 2 subdomain confit isis level 2 metric size...

Page 1792: ...uidelines The SPF hold time range is from 1 to 300 seconds Example The following command configures the IS IS shortest path first hold time configure isis spf hold time 7 History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the i series platforms seconds Specifies th...

Page 1793: ... that default Usage Guidelines The system identifier can only be configured when IS IS processing is disabled Example The following command sets the system identifier configure isis system identifier 0000 0000 001a History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on...

Page 1794: ...rresponding Hello packets are not sent or received on that interface Any packet that is received is ignored As result of this no adjacency is established Example The following command configures vlan v1 as a level 2 passive interface configure isis vlan v1 level 2 passive History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWar...

Page 1795: ... The no check option prevents the system from dropping received packets that cannot be authenticated The level 1 level 2 and level 1 2 options specify the levels on which the authentication is to be configured Example The following command configures authentication for level 1 and level 2 to use the simple password extreme for vlan v1 and to drop non authenticated packets configure isis vlan v1 le...

Page 1796: ... where 16 777 215 is the maximum value allowed with wide metrics If cost is greater than 63 a value of 63 is advertised as the regular metric of the interface The default is 10 The level 1 level 2 and level 1 2 options specify the levels to which the metric is applied Example The following command configures the level 1 vlan v1 cost as 25 configure isis vlan v1 level 1 cost 25 History This command...

Page 1797: ...ed hold time in the IS IS hellos is the hello multiplier times the hello interval The hello multiplier range is 3 to 1000 and the default is 3 The level 1 level 2 and level 1 2 options specify the levels to which the timers are applied Example The following command configures the hello multiplier on level 1 of all VLANs to be 100 configure isis vlan all level 1 hello multiplier 100 History This co...

Page 1798: ...ignated IS for that level on that interface The range of priority is 0 to 127 and the default is 64 The level 1 level 2 and level 1 2 options specify the levels for which the priority is applied Example The following command configures an IS IS priority of 100 to level 1 of all VLANs configure isis vlan all level 1 priority 100 History This command was first available in ExtremeWare v6 1 8 IS IS t...

Page 1799: ... the default is 10 The hellotime interval is the time in seconds between transmission of Hello PDUS on the interface The range is 3 to 3600 and the default is 10 The level 1 level 2 and level 1 2 options specify the levels to which the timers are applied Example The following command configures the level 1 hellotime interval to 60 seconds for all VLANs configure isis vlan all level 1 timer helloti...

Page 1800: ...1800 ExtremeWare 7 7 Command Reference Guide IGP Commands Platform Availability This command is available on the i series platforms ...

Page 1801: ...ne ABR connected to the backbone Specify the following routerid Far end router identifier number area identifier Transit area used for connecting the two end points The transit area cannot have the IP address 0 0 0 0 the transit area cannot be a stub area or an NSSA Example The following command configures a virtual link between the two interfaces configure ospf add virtual link 10 1 2 1 10 1 0 0 ...

Page 1802: ...ummit e series of switches allow up to two non passive interfaces If a user attempts to configure more than two non passive interfaces the Summit switch displays the following warning message Cannot enable OSPF on vlan name Non passive interface limit reached Using OSPF and MPLS The following detailed information pertains to using OSPF in conjunction with MPLS When the peer LSR is also an Extreme ...

Page 1803: ...de can provide redundancy by enabling TLS traffic to continue even when the physical interfaces associated with the tunnel endpoint IP address VLAN fail Example The following command enables OSPF on a VLAN named accounting configure ospf add vlan accounting area 0 0 0 1 History This command was first available in ExtremeWare 2 0 This command was modified in an ExtremeWare IP Technology Services Re...

Page 1804: ...ounting area 0 0 0 1 link type auto History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e This command was modified in ExtremeWare 7 2e to support the all keyword Platform Availability This command is available on all platforms vlan name Specifies a VLAN name all Specifies all VLANs area identifier Specifies the ar...

Page 1805: ...nge of IP addresses within an area and export them out as a single address configure ospf area 1 2 3 4 add range 10 1 2 0 24 advertise type 3 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms area identifier Specifies an OSPF area ipaddress Specifies an...

Page 1806: ...ult N A Usage Guidelines None Example The following command deletes an aggregated IP address range configure ospf area 1 2 3 4 delete range 10 1 2 0 24 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms area identifier Specifies an OSPF area ipaddress Sp...

Page 1807: ... the external routes specified in the filter have already been advertised those routes will remain until the associated LSAs in that area time out Using the none mode specifies that no external filter is applied Example The following command configures an external filter policy from the access profile nosales configure ospf area 1 2 3 4 external filter nosales History This command was first availa...

Page 1808: ...PF area that filters a set of OSPF inter area routes from being sourced from any other areas Example The following command configures an inter area filter policy from the access profile nosales configure ospf area 0 0 0 6 interarea filter nosales History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availa...

Page 1809: ...any of the following Stub area NSSA Virtual links can be configured through normal areas External routes can be distributed into normal areas Example The following command configures an OSPF area as a normal area configure ospf area 10 1 0 0 normal History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availabili...

Page 1810: ... routers where translation is to be enforced If translate is not used on any NSSA border router in a NSSA one of the ABRs for that NSSA is elected to perform translation as indicated in the NSSA specification The option should not be used on NSSA internal routers Doing so inhibits correct operation of the election algorithm Example The following command configures an OSPF area as an NSSA configure...

Page 1811: ...ion is not distributed into stub areas Stub areas are used to reduce memory and computation requirements on OSPF routers Example The following command configures an OSPF area as a stub area configure ospf area 0 0 0 6 stub nosummary stub default cost 10 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Avail...

Page 1812: ...as a whole For e series switches For switches configured to support RIP and static route re distribution into OSPF an access profile can be used to limit the routes that are advertised into OSPF for the switch as a whole Example The following command configures a route filter for all routes OSPF exports from RIP or other sources configure ospf asbr filter subnet25 filter History This command was f...

Page 1813: ... stays there until OSPF is disabled and then re enabled Usage Guidelines None Example The following command configures the AS external LSA limit and overflow duration configure ospf ase limit 50000 timeout 1800 History This command was available in ExtremeWare 6 1 5 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all ...

Page 1814: ...lid on an ASBR Example The following command summarizes AS external routes configure ospf ase summary add 175 1 0 0 16 cost 10 History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ipaddress Specifies an IP address mask Specifies a subnet mask cost Sp...

Page 1815: ... N A Usage Guidelines This command is only valid on an ASBR Example The following command deletes the aggregated AS external route configure ospf ase summary delete 175 1 0 0 16 History This command was first available in ExtremeWare 6 1 5 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ipaddress Specifi...

Page 1816: ... Guidelines None Example The following command configures the cost metric of the VLAN accounting configure ospf vlan accounting cost 10 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms area identifier Specifies an OSPF area vlan name Specifies a VLAN n...

Page 1817: ...tion Default N A Usage Guidelines None Example The following command deletes a virtual link configure ospf delete virtual link 10 1 2 1 10 1 0 0 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms routerid Specifies a router interface number area identifi...

Page 1818: ...Description Default N A Usage Guidelines None Example The following command disables OSPF on VLAN accounting configure ospf delete vlan accounting History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vlan name Specifies a VLAN name all Specifies all VLANs ...

Page 1819: ...6 0 and above you must configure ExtremeWare to export these direct routes to OSPF You can use an access profile to filter unnecessary direct routes For switches configured to support direct route re distribution into OSPF an access profile can be used to limit the routes that are advertised into OSPF for the switch as a whole Example The following command configures a route filter for direct rout...

Page 1820: ...600 seconds using multiples of 5 seconds The LSAs added to the LSDB during the interval are batched together for refresh or timeout Example The following command configures the OSPF LSA batch interval to a value of 100 seconds configure ospf lsa batch interval 100 History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 ...

Page 1821: ...bps The default cost is 5 1 Gbps The default cost is 4 10 Gbps The default cost is 2 Usage Guidelines None Example The following command configures the automatic interface costs for 10 Mbps 100 Mbps and 1 Gbps interfaces configure ospf metric table 10m 20 100m 10 1g 2 History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWar...

Page 1822: ...ault setting is 1 Setting the value to 0 ensures that the router is never selected as the designated router or backup designated router Example The following command sets the switch to not be selected as the designated router configure ospf area 1 2 3 4 priority 0 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Pla...

Page 1823: ...Do not set the router ID to 0 0 0 0 The implementation of the configure ospf routerid command has been augmented to support automatic advertisement of a label mapping for the OSPF router ID A label is advertised for the OSPF router ID regardless of whether OSPF distributes a route for the router ID IP address in its router LSA To support the use of indirect LSPs Extreme LSRs automatically advertis...

Page 1824: ...1824 ExtremeWare 7 7 Command Reference Guide IGP Commands Platform Availability This command is available on all platforms ...

Page 1825: ...ntax Description Default 3 seconds Usage Guidelines None Example The following command configures the minimum number of seconds between Shortest Path First SPF recalculations configure ospf spf hold time 6 History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all p...

Page 1826: ...le The following command sets the timers on the virtual link in area 0 0 0 2 configure ospf virtual link 6 6 6 6 0 0 0 2 timer 10 1 20 200 History This command was available in ExtremeWare 2 0 vlan name Specifies a VLAN name area identifier Specifies an OSPF area routerid Specifies a router number retransmit interval Specifies the length of time that the router waits before retransmitting an LSA t...

Page 1827: ... The syntax was modified in ExtremeWare 6 2 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e The syntax was modified in ExtremeWare 7 2e to support the wait timer interval Platform Availability This command is available on all platforms ...

Page 1828: ...ange 0 to 65 536 or alphanumeric When the OSPF area is specified authentication information is applied to all OSPF interfaces within the area Example The following command configures MD5 authentication on the VLAN subnet_26 configure ospf vlan subnet_26 authentication md5 32 test History This command was available in ExtremeWare 7 2e Platform Availability This command is available on the e series ...

Page 1829: ...h area 0 and then expand into other areas The backbone allows summary information to be exchanged between ABRs Every ABR hears the area summaries from all other ABRs The ABR then forms a picture of the distance to all networks outside of its area by examining the collected advertisements and adding in the backbone distance to each advertising router When a VLAN is configured to run OSPF by default...

Page 1830: ...ult N A Usage Guidelines None Example The following command configures the IP address of a point to point neighbor configure ospf vlan accounting neighbor add 10 0 0 1 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vlan name Specifies a VLAN na...

Page 1831: ...cription Default N A Usage Guidelines None Example The following command deletes the IP address of a point to point neighbor configure ospf vlan accounting neighbor delete 10 0 0 1 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vlan name Specif...

Page 1832: ...qual to the router dead interval Under some circumstances setting the wait interval to smaller values can help OSPF routers on a broadcast network to synchronize more quickly at the expense of possibly electing an incorrect DR or BDR This value should not be set to less than the hello interval The default value is equal to the router dead interval Example The following command configures the OSPF ...

Page 1833: ...y This command was first available in ExtremeWare 6 2 This command was modified in ExtremeWare 6 22 This command was added to the Summit e series of switches in ExtremeWare 7 1e This command was modified in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 1834: ...RIP configuration is disabled on the interface by default When the RIP interface is disabled the parameters are not reset to default automatically Example The following command configures RIP on the VLAN finance configure rip add finance History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This com...

Page 1835: ...eated RIP configuration is disabled on the interface by default When the RIP interface is disabled the parameters are not reset to default automatically Example The following command deletes RIP on a VLAN named finance configure rip delete finance History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availabilit...

Page 1836: ...ult 120 seconds Usage Guidelines None Example The following command configures the RIP garbage time to have a 60 second delay configure rip garbagetime 60 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms seconds Specifies a time in seconds ...

Page 1837: ...its neighbor within the route timeout period 180 seconds by default the router assumes the connection between it and its neighbor is no longer available Example The following example sets the route timeout period to 120 seconds configure rip routetimeout 120 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform ...

Page 1838: ...ackets configure rip rxmode v1only finance History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e This command was modified in ExtremeWare 7 2e to support the all keyword Platform Availability This command is available on all platforms none Specifies to drop all received RIP packets v1only Specifies to accept only RIP ver...

Page 1839: ...xmode v1comp finance History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e This command was modified in ExtremeWare 7 2e to support the all keyword Platform Availability This command is available on all platforms none Specifies to not transmit any packets on this interface v1only Specifies to transmit RIP version 1 forma...

Page 1840: ...e with each neighbor every 30 seconds default value or if there is a change to the overall routed topology also called triggered updates The timer granularity is 10 seconds Example The following command sets the update timer to 60 seconds configure rip updatetime 60 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e P...

Page 1841: ...g is 1 Usage Guidelines None Example The following command configures the cost for the VLAN finance to a metric of 3 configure rip vlan finance cost 3 History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vlan name Specifies a VLAN name all Specifies ...

Page 1842: ...ed with each entry in the list When a match is found the operation is either permitted or denied depending on the configuration of the matched entry If no match is found the operation is implicitly denied Example The following command uses the access profile nosales to determine which RIP routes are advertised into the VLAN backbone configure rip vlan backbone export filter nosales History This co...

Page 1843: ...ny entries Each entry must have a permit or deny attribute The operation is compared with each entry in the list When a match is found the operation is either permitted or denied depending on the configuration of the matched entry If no match is found the operation is implicitly denied Example The following command configures the VLAN backbone to accept selected routes from the access profile nosa...

Page 1844: ...atch is found the operation is either permitted or denied depending on the configuration of the matched entry If no match is found the operation is implicitly denied Example The following command configures RIP to use the access profile nointernet to determine from which RIP neighbor to receive or reject the routes to the VLAN backbone configure rip vlan backbone trusted gateway nointernet History...

Page 1845: ...ea identifier is 32 characters The identifier must begin with one alphabetic character followed by up to 31 alphabetic or numeric characters Example The following command creates an IS IS level 1 area create isis area a1000 History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is ava...

Page 1846: ...e Guidelines Area 0 0 0 0 does not need to be created It exists by default Example The following command creates an OSPF area create ospf area 1 2 3 4 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms area identifier Specifies an OSPF area ...

Page 1847: ...e alphabetic character followed by up to 31 alphabetic or numeric characters The all option deletes all of the level 1 areas simultaneously The level 1 area can only be deleted when no interface attaches to it Example The following command deletes an IS IS level 1 area delete isis area a1000 History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorpor...

Page 1848: ...OSPF area cannot be deleted if it has an associated interface Example The following command deletes an OSPF area delete ospf area 1 2 3 4 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms area identifier Specifies an OSPF area all Specifies all areas ...

Page 1849: ...ables Default Disabled Usage Guidelines To enable IS IS routing use the following command enable isis Example The following command disables IS IS routing disable isis History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the i series platforms ...

Page 1850: ...e following command disables redistribution of OSPF routes for a level 2 subdomain disable isis level 2 export ospf History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 level 2 Specifies a level 2 subdomain isis area identifier Specifies an IS IS level 1 area bgp Specifies BGP routes i bgp Specifies I BGP routes e bg...

Page 1851: ...disable isis export ExtremeWare 7 7 Command Reference Guide 1851 Platform Availability This command is available on the i series platforms ...

Page 1852: ...T bit from level 1 2 switches This command has the effect of enabling the feature described in the ExtremeWare Software User Guide Software Version 7 0 0 in the chapter Interior Gateway Protocols in the section Default Routes to Nearest Level 1 2 Switch for Level 1 Only Switches See the user guide for more information Example The following command disables ignoring the attached bit disable isis ig...

Page 1853: ...n Default The default setting is disabled Usage Guidelines None Example The following command disables the origination of an IS IS default route for the level 2 subdomain disable isis level 2 originate default History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the ...

Page 1854: ...t startup option disables setting the overload bit at system startup time Example The following command disables setting the overload bit for the level 1 area a1 disable isis area a1 overload History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the i series platforms...

Page 1855: ...This command has no arguments or variables Default N A Usage Guidelines None Example The following command disables the OSPF process for the router disable ospf History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1856: ...ers that do not support opaque LSAs do not store or flood them At minimum a well interconnected subsection of your OSPF network needs to support opaque LSAs to maintain reliability of their transmission On an OSPF broadcast network the designated router DR must support opaque LSAs or none of the other routers on that broadcast network will reliably receive them You can use the OSPF priority featur...

Page 1857: ... bgp Specifies I BGP routes NOTE This option is only available on i series switches e bgp Specifies E BGP routes NOTE This option is only available on i series switches isis Specifies IS IS routes NOTE This option is only available on i series switches isis level 1 Specifies IS IS level 1 routes NOTE This option is only available on i series switches isis level 1 external Specifies IS IS level 1 e...

Page 1858: ...PF to export BGP related routes to other OSPF routers on i series switches disable ospf export bgp History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1859: ... OSPF includes a link with the router ID IP address and a mask of 255 255 255 255 in the router LSA The link type is stub and the metric is 0 When disabled OSPF does not include a link with the router ID IP address in the router LSA Example The following command disables the distribution of a route for the OSPF router ID in the router LSA disable ospf originate router id History This command was a...

Page 1860: ...n the source and destination networks A large amount of bandwidth taken up by periodic broadcasts of the entire routing table Slow convergence Routing decisions based on hop count no concept of link costs or delay Flat networks no concept of areas or boundaries Example The following command disables RIP for the whole router disable rip History This command was available in ExtremeWare 2 0 This com...

Page 1861: ...ion on a switch configured to send RIPv2 compatible traffic The switch summarizes subnet routes to the nearest class network route The following rules apply when using RIP aggregation Within a class boundary no routes are aggregated If aggregation is disabled subnet routes are never aggregated even when crossing a class boundary Example The following command disables RIP aggregation on the interfa...

Page 1862: ...ce routes only interfaces that have IP forwarding enabled are exported isis Specifies IS IS routes NOTE This option is only available on i series switches isis level 1 Specifies IS IS level 1 routes NOTE This option is only available on i series switches isis level 1 external Specifies IS IS level 1 external routes NOTE This option is only available on i series switches isis level 2 Specifies IS I...

Page 1863: ...and disables RIP from redistributing any routes learned from OSPF disable rip export ospf History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1864: ...s to control which routes you want advertised by the router You can decide if you want all static routes to be advertised Static routes are never aged out of the routing table A static route must be associated with a valid IP subnet An IP subnet is associated with a single VLAN by its IP address and subnet mask If the VLAN is subsequently deleted the static route entries using that subnet must be ...

Page 1865: ...s no arguments or variables Default Disabled Usage Guidelines None Example The following command unconfigures a default route to be advertised by RIP if no other default route is advertised disable rip originate default cost 0 History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command ...

Page 1866: ...g the possibility of loops in the routed topology In this case a router advertises a route over the same interface that supplied the route but the route uses a hop count of 16 defining it as unreachable Example The following command disables the split horizon with poison reverse algorithm for RIP disable rip poisonreverse History This command was available in ExtremeWare 2 0 This command was added...

Page 1867: ...eme for avoiding problems caused by including routes in updates sent to the router from which the route was learned Split horizon omits routes learned from a neighbor in updates sent to that neighbor Example The following command disables the split horizon algorithm for RIP disable rip splithorizon History This command was available in ExtremeWare 2 0 This command was added to the Summit e series ...

Page 1868: ...delines Triggered updates occur whenever a router changes the metric for a route and it is required to send an update message immediately even if it is not yet time for a regular update message to be sent This will generally result in faster convergence but may also result in more RIP related traffic Example The following command disables the trigger update mechanism disable rip triggerupdate Hist...

Page 1869: ...bles Default Disabled Usage Guidelines To enable IS IS routing use the following command enable isis Example The following command enables IS IS routing enable isis History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the i series platforms ...

Page 1870: ...cified If a route map is specified routes can be assigned different metric and metric types Routes maps can also filter out routes level 2 Specifies a level 2 subdomain isis area identifier Specifies an IS IS level 1 area bgp Specifies BGP routes i bgp Specifies I BGP routes e bgp Specifies E BGP routes direct Specifies direct routes rip Specifies RIP routes static Specifies static routes vip Spec...

Page 1871: ...on of direct routes to the level 1 area a1 with the route map rm enable isis area a1 export direct rm History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the i series platforms only ...

Page 1872: ...ched bit ATT bit from level 1 2 switches This command has the effect of disabling the feature described in the ExtremeWare User Guide in the chapter Interior Gateway Protocols in the section Default Routes to Nearest Level 1 2 Switch for Level 1 Only Switches See the user guide for more information Example The following command enables ignoring the attached bit enable isis ignore attached bit Hist...

Page 1873: ... only if the default route is available in the kernel route table Example The following command enables the origination of an IS IS default route that uses the internal metric type and a cost of 15 for the level 2 subdomain enable isis level 2 originate default cost 15 type internal History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into...

Page 1874: ...he overload bit If the duration is not specified the bit is set until it is disabled The range is 1 to 186 400 seconds Example The following command enables IS IS overload for the level 1 area a1 with a duration of 100 seconds enable isis area a1 overload 100 History This command was first available in ExtremeWare v6 1 8 IS IS tech release and subsequently incorporated into ExtremeWare 7 0 0 Platf...

Page 1875: ...his command has no arguments or variables Default N A Usage Guidelines None Example The following command enables the OSPF process for the router enable ospf History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1876: ...ers that do not support opaque LSAs do not store or flood them At minimum a well interconnected subsection of your OSPF network needs to support opaque LSAs to maintain reliability of their transmission On an OSPF broadcast network the designated router DR must support opaque LSAs or none of the other routers on that broadcast network will reliably receive them You can use the OSPF priority featur...

Page 1877: ... is only available on i series switches direct Specifies direct routes rip Specifies RIP routes static Specifies static routes vip Specifies VIP routes NOTE This option is only available on i series switches isis Specifies IS IS routes NOTE This option is only available on i series switches isis level 1 Specifies IS IS level 1 routes NOTE This option is only available on i series switches isis lev...

Page 1878: ...t metric is set to 0 the cost is inserted from the route The tag value is used only by special routing applications Use 0 if you do not have specific requirements for using a tag The tag value in this instance has no relationship with 802 1Q VLAN tagging The same cost type and tag values can be inserted for all the export routes or route maps can be used for selective insertion When a route map is...

Page 1879: ...F to RIP and the routes to export from RIP to OSPF The cost metric is inserted for all BGP VIP RIP learned static and direct routes injected into OSPF If the cost metric is set to 0 the cost is inserted from the route The tag value is used only by special routing applications Use 0 if you do not have specific requirements for using a tag The tag value in this instance has no relationship with 802 ...

Page 1880: ...able in ExtremeWare 6 1 This command was modified in an ExtremeWare IP Technology Services Release based on ExtremeWare v6 1 8b12 to support MPLS modules This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1881: ...pecial routing applications Use 0 if you do not have specific requirements for using a tag The tag value in this instance has no relationship with 802 1Q VLAN tagging When re distributing RIP routes you should turn off RIP aggregation unless you are expertly familiar with the possible consequences and impact By default new configurations of RIP using ExtremeWare 4 0 and above disable RIP aggregati...

Page 1882: ...Reference Guide IGP Commands History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1883: ... type 1 or type 2 routes The cost metric is inserted for all BGP VIP RIP learned static and direct routes injected into OSPF The tag value is used only by special routing applications Use 0 if you do not have specific requirements for using a tag The tag value in this instance has no relationship with 802 1Q VLAN tagging Example The following command enables the exporting of static routes to OSPF ...

Page 1884: ...1884 ExtremeWare 7 7 Command Reference Guide IGP Commands Platform Availability This command is available on all platforms ...

Page 1885: ...outes The default setting is disabled The cost metric is inserted for all BGP VIP RIP learned static and direct routes injected into OSPF If the cost metric is set to 0 the cost is inserted from the route The tag value is used only by special routing applications Use 0 if you do not have specific requirements for using a tag The tag value in this instance has no relationship with 802 1Q VLAN taggi...

Page 1886: ...1886 ExtremeWare 7 7 Command Reference Guide IGP Commands Platform Availability This command is available on the i series platforms only ...

Page 1887: ... route If always is not specified OSPF adds the default LSA if a reachable default route is in the route table Example The following command generates a default external type 1 LSA enable ospf originate default cost 1 ase type 1 tag 0 History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This ...

Page 1888: ...s a link with the router ID IP address and a mask of 255 255 255 255 in the router LSA The link type is stub and the metric is 0 When disabled OSPF does not include a link with the router ID IP address in the router LSA Example The following command enables the distribution of a route for the OSPF router ID in the router LSA enable ospf originate router id History This command was first available ...

Page 1889: ... the source and destination networks A large amount of bandwidth taken up by periodic broadcasts of the entire routing table Slow convergence Routing decisions based on hop count no concept of link costs or delay Flat networks no concept of areas or boundaries Example The following command enables RIP for the whole router enable rip History This command was available in ExtremeWare 2 0 This comman...

Page 1890: ...net routes to the nearest class network route The following rules apply when using RIP aggregation Subnet routes are aggregated to the nearest class network route when crossing a class boundary Within a class boundary no routes are aggregated If aggregation is enabled the behavior is the same as in RIPv1 If aggregation is disabled subnet routes are never aggregated even when crossing a class bound...

Page 1891: ...s isis level 1 Specifies IS IS level 1 routes NOTE This option is only available on i series switches isis level 1 external Specifies IS IS level 1 external routes NOTE This option is only available on i series switches isis level 2 Specifies IS IS level 2 routes NOTE This option is only available on i series switches isis level 2 external Specifies IS IS level 2 external routes NOTE This option i...

Page 1892: ...ted for all RIP learned static and direct routes injected into OSPF If the cost metric is set to 0 the cost is inserted from the route The tag value is used only by special routing applications Use 0 if you do not have specific requirements for using a tag Example The following command enables RIP to redistribute routes from all OSPF routes enable rip export ospf cost 0 History This command was fi...

Page 1893: ...ich routes you want advertised by the router You can decide if you want all static routes to be advertised Static routes are never aged out of the routing table A static route must be associated with a valid IP subnet An IP subnet is associated with a single VLAN by its IP address and subnet mask If the VLAN is subsequently deleted the static route entries using that subnet must be deleted manuall...

Page 1894: ...ch routes you want advertised by the router You can decide if you want all static routes to be advertised Static routes are never aged out of the routing table A static route must be associated with a valid IP subnet An IP subnet is associated with a single VLAN by its IP address and subnet mask If the VLAN is subsequently deleted the static route entries using that subnet must be deleted manually...

Page 1895: ...ted for all RIP learned static and direct routes injected into OSPF If the cost metric is set to 0 the cost is inserted from the route The tag value is used only by special routing applications Use 0 if you do not have specific requirements for using a tag Example The following command configures a default route to be advertised by RIP if no other default route is advertised enable rip originate d...

Page 1896: ...g the possibility of loops in the routed topology In this case a router advertises a route over the same interface that supplied the route but the route uses a hop count of 16 defining it as unreachable Example The following command enables the split horizon with poison reverse algorithm for RIP enable rip poisonreverse History This command was available in ExtremeWare 2 0 This command was added t...

Page 1897: ...me for avoiding problems caused by including routes in updates sent to the router from which the route was learned Split horizon omits routes learned from a neighbor in updates sent to that neighbor Example The following command enables the split horizon algorithm for RIP enable rip splithorizon History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of ...

Page 1898: ...delines Triggered updates occur whenever a router changes the metric for a route and it is required to send an update message immediately even if it is not yet time for a regular update message to be sent This will generally result in faster convergence but may also result in more RIP related traffic Example The following command enables the trigger update mechanism enable rip triggerupdate Histor...

Page 1899: ...s command has no arguments or variables Default N A Usage Guidelines None Example The following command displays global OSPF information show ospf History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1900: ...scription Default N A Usage Guidelines None Example The following command displays information about OSPF area 1 2 3 4 show ospf area 1 2 3 4 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms area identifier Specifies an OSPF area ...

Page 1901: ...ult N A Usage Guidelines None Example The following command displays information about all OSPF areas show ospf area detail History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms detail Specifies to display the information in detailed format ...

Page 1902: ...n This command has no arguments or variables Default N A Usage Guidelines None Example The following command displays the OSPF external route aggregation configuration show ospf ase summary History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1903: ...all OSPF interfaces are displayed Usage Guidelines None Example The following command displays information about one or all OSPF interfaces on the VLAN accounting show ospf interfaces vlan accounting History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vla...

Page 1904: ...efault N A Usage Guidelines None Example The following command displays information about all OSPF interfaces show ospf interfaces detail History This command was first available in ExtremeWare 6 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms detail Specifies to display the information in detailed for...

Page 1905: ...his command is to omit all optional parameters resulting in the following shortened form show ospf lsdb The shortened form displays all areas and all types in a summary format You can filter the display using either the area ID the remote router ID or the link state ID The default setting is all with no detail If detail is specified each entry includes complete LSA information Example The followin...

Page 1906: ...nd Reference Guide IGP Commands History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 1907: ...a used for connecting the two end points The transit area cannot have the IP address 0 0 0 0 Example The following command displays virtual link information about a particular router show ospf virtual link routerid 1 2 3 4 10 1 6 1 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command i...

Page 1908: ...N A Usage Guidelines None Example The following command displays RIP specific configuration and statistics for all VLANs show rip History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms detail Specifies to display the information in detailed format ...

Page 1909: ...s transmitted Packets received Bad packets received Bad routes received Number of RIP peers Peer information Example The following command displays RIP specific statistics for all VLANs show rip stat History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms det...

Page 1910: ...n Default N A Usage Guidelines None Example The following command displays RIP specific statistics for the VLAN accounting show rip stat accounting History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vlan name Specifies a VLAN name ...

Page 1911: ...ault All Usage Guidelines None Example The following command displays RIP configuration and statistics for the VLAN accounting show rip vlan accounting History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vlan name Specifies a VLAN name ...

Page 1912: ...A Usage Guidelines None Example The following command resets the OSPF interface to the default settings on the VLAN accounting unconfigure ospf accounting History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vlan name Specifies a VLAN name area ident...

Page 1913: ... Guidelines Does not change the enable disable state of the RIP settings Example The following command deletes RIP configuration from the VLAN finance unconfigure rip finance History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms vlan name Specifies a VLAN n...

Page 1914: ...1914 ExtremeWare 7 7 Command Reference Guide IGP Commands ...

Page 1915: ...ay protocol I BGP BGP Attributes The following well known BGP attributes are supported by the switch Origin Defines the origin of the route Possible values are IGP EGP and incomplete AS_Path The list of ASs that are traversed for this route Next_hop The IP address of the next hop BGP router to reach the destination listed in the NLRI field Multi_Exit_Discriminator Used to select a particular borde...

Page 1916: ...ts the following well known BGP community attributes no export no advertise no export subconfed BGP Features This section lists BGP features supported by ExtremeWare Route Reflectors Route Confederations Route Aggregation IGP Synchronization Using the Loopback Interface BGP Peer Groups BGP Route Flap Dampening Route Redistribution Policy Filtering Maximum Prefix Limit MD5 TCP Authentication ...

Page 1917: ...ut total msgs In updates Out updates Last error FsmTransitions Example The following command resets the counters for the BGP neighbor at 10 20 30 55 clear bgp neighbor 10 20 30 55 counters History This command was first available in ExtremeWare 6 2 1 This command was modified in ExtremeWare 6 2 2 to add the FsmTransitions counter Platform Availability This command is available on i series of switc...

Page 1918: ...mand clears the flap statistics for a specified neighbor clear bgp neighbor 10 10 10 10 flap statistics History This command was introduced in ExtremeWare 7 0 0 ip address Specifies an IP address that identifies a BGP neighbor access profile Specifies an access profile used as a community attribute no advertise Specifies the no advertise community attribute no export Specifies the no export commun...

Page 1919: ...clear bgp neighbor flap statistics ExtremeWare 7 7 Command Reference Guide 1919 Platform Availability This command is available on i series of switches ...

Page 1920: ...e steps 1 Enable aggregation using the following command enable bgp aggregation 2 Create an aggregate route using the following commands configure bgp add aggregate address ip address mask length as set as match summary only advertise route map route map attribute route map route map Example The following command configures a BGP aggregate route configure bgp add aggregate address 192 1 1 4 30 His...

Page 1921: ... scale well especially when BGP is used as an interior gateway protocol One way to reduce the size of a fully meshed AS is to divide the AS into multiple sub autonomous systems and group them into a routing confederation Within the confederation all BGP speakers in each sub AS must be fully meshed The confederation is advertised to other networks as a single AS Example The following command adds o...

Page 1922: ...and adds the route to BGP only if the route is present in the routing table The enable bgp export command redistributes an individual route from the routing table to BGP If you use both commands to redistribute routes the routes redistributed using the network command take precedence over routes redistributed using the export command Example The following command adds a network to be originated fr...

Page 1923: ...GP Syntax Description Default N A Usage Guidelines BGP must be disabled before the as number can be changed Example The following command changes the local AS number used by BGP configure bgp AS number 65001 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series of switches number Specifies a local AS number ...

Page 1924: ... the same cluster of clients Extreme Networks recommends disabling BGP before configuring the cluster ID Example The following command appends a BGP route reflector cluster ID to the cluster list of a route configure bgp cluster id 40000 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series of switches bgp cluster id Specifies a 4 b...

Page 1925: ...duce the size of a fully meshed AS is to divide the AS into multiple sub autonomous systems and group them into a routing confederation Within the confederation each sub AS must be fully meshed The confederation is advertised to other networks as a single AS Use a confederation ID of 0 to indicate no confederation Example The following command specifies the BGP routing confederation ID as 200 conf...

Page 1926: ...e advertised as a single route Aggregation reduces the amount of information that a BGP speaker must store and exchange with other BGP speakers Reducing the information that is stored and exchanged also reduces the size of the routing table Example The following command deletes a BGP aggregate route configure bgp delete aggregate address 192 1 1 4 30 History This command was first available in Ext...

Page 1927: ...le well especially when BGP is used as an interior gateway protocol One way to reduce the size of a fully meshed AS is to divide the AS into multiple sub autonomous systems and group them into a routing confederation Within the confederation each sub AS must be fully meshed The confederation is advertised to other networks as a single AS Example The following command deletes a sub AS from a confed...

Page 1928: ... this router Syntax Description Default N A Usage Guidelines None Example The following command deletes a network to be originated from this router configure bgp delete network 192 1 1 12 30 History This command was first available in ExtremeWare 6 2 Platform Availability This command is available on i series of switches all Specifies all networks ip address mask length Specifies an IP address and...

Page 1929: ...highest to lowest higher weight higher local preference shortest length shortest AS path lowest origin code lowest MED route from external peer lowest cost to Next Hop lowest routerID Example The following command changes the default local preference attribute to 500 configure bgp local preference 500 History This command was first available in ExtremeWare 6 1 Platform Availability This command is...

Page 1930: ...following precedence from highest to lowest higher weight higher local preference shortest length shortest AS path lowest origin code lowest MED route from external peer lowest cost to Next Hop lowest routerID Example The following command configures the metric to be included in the MED path attribute configure bgp med 3 History This command was first available in ExtremeWare 6 1 Platform Availabi...

Page 1931: ...nput side and or the output side of the router Example The following command configures the AS path filter for a neighbor based on the access profile nosales configure bgp neighbor 192 1 1 22 as path filter in nosales History This command was available in ExtremeWare 6 1 Platform Availability This command is available on i series of switches ip address Specifies an IP address all Specifies all nei...

Page 1932: ...enalty value above which a route will be suppressed The range is 1 20 000 and the default is 2 000 The maximum hold down time is the maximum time a route can be suppressed no matter how unstable it has been as long as it no longer flaps The range is 1 255 minutes and the default is 4 the half life Use the following command to disable route flap dampening for BGP neighbors configure bgp neighbor ip...

Page 1933: ...configure bgp neighbor dampening ExtremeWare 7 7 Command Reference Guide 1933 Platform Availability This command is available on i series of switches ...

Page 1934: ...sets the threshold for warning messages to 60 and specifies SNMP traps configure bgp neighbor all maximum prefix 5000 threshold 60 send traps History This command was introduced in ExtremeWare 6 2 2 ip address Specifies an IP address all Specifies all neighbors number Specifies the maximum number of prefixes accepted The range is 0 to 4294967294 A value of 0 disables prefix limit feature percent S...

Page 1935: ...configure bgp neighbor maximum prefix ExtremeWare 7 7 Command Reference Guide 1935 Platform Availability This command is available on i series of switches ...

Page 1936: ...lowing command configures the next hop address used in the updates to be the address of the BGP connection originating it configure bgp neighbor 172 16 5 25 next hop self History This command was available in ExtremeWare 6 1 5 Platform Availability This command is available on i series of switches ip address Specifies an IP address all Specifies all neighbors next hop self Specifies that the next ...

Page 1937: ...and or the output side of the router Example The following command configures the NLRI filter for a neighbor based on the access profile nosales configure bgp neighbor 192 1 1 22 nlri filter in nosales History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series of switches ip address Specifies a BGP neighbor IP address all Specifies all n...

Page 1938: ... flap dampening for BGP neighbors configure bgp neighbor ip address all dampening half life reuse suppress max suppress route map route map Example The following command disables route flap dampening to the BGP neighbor at 192 168 1 22 configure bgp neighbor 192 168 1 22 no dampening The following command disables route flap dampening for all neighbors configure bgp neighbor all no dampening Histo...

Page 1939: ...rd Changing a route reflector client will automatically disable and enable the peer session NOTE Do not select the encrypted option in the CLI The encrypted option is used by the switch when generating an ASCII configuration file using the upload configuration command and parsing a switch generated configuration file using the download configuration command Do not select the encrypted option in th...

Page 1940: ...ference Guide BGP Commands i Series Switches Only configure bgp neighbor 192 168 1 5 password extreme History This command was first available in ExtremeWare 6 2 Platform Availability This command is available on i series of switches ...

Page 1941: ...t to those the neighbor had before it inherited the peer group values To create a new neighbor and add it to a BGP peer group use the following command create bgp neighbor ip address peer group peer group multi hop The new neighbor is created as part of the peer group and inherits all of the existing parameters of the peer group The peer group must have remote AS configured Example The following c...

Page 1942: ... and the path attributes associated with it when exchanging updates with the neighbor Example The following command configures the filter called route map filter for a neighbor based on the access profile nosales configure bgp neighbor 192 168 1 22 route map filter in nosales History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series of ...

Page 1943: ...uter When changing the route reflector status of a peer the peer will automatically be disabled and re enabled and a warning message will appear on the console and in the log A cluster is formed by the route reflector and its client routers Peer routers that are not part of the cluster must be fully meshed according to the rules of BGP Example The following command configures a BGP neighbor to be ...

Page 1944: ...re common handling ExtremeWare supports the following well known BGP community attributes no export no advertise no export subconfed Example The following command includes the community path attribute associated with a BGP NLRI in the route updates sent to all BGP neighbors configure bgp neighbor all send community History This command was first available in ExtremeWare 6 1 Platform Availability T...

Page 1945: ...nd the route map configured for the neighbor on the input and or output side of the router This command does not affect the switch configuration Example The following command applies the current input routing policy to the routing information already exchanged with the neighbor configure bgp neighbor 192 168 1 5 soft reset in History This command was first available in ExtremeWare 6 1 Platform Ava...

Page 1946: ... Default Any Usage Guidelines None Example The following command changes the BGP source interface on the VLAN accounting configure bgp neighbor 192 168 1 5 source interface vlan accounting History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series of switches ip address Specifies an IP address all Specifies all neighbors any Specifies an...

Page 1947: ...sage Guidelines None Example The following command configures the BGP neighbor timers configure bgp neighbor 192 168 1 5 timer keep alive 120 hold time 360 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series of switches ip address Specifies an IP address all Specifies all neighbors keepalive Specifies a BGP neighbor timer keepaliv...

Page 1948: ... to the same network The range is 0 to 4294967295 BGP selects routes based on the following precedence from highest to lowest higher weight higher local preference shortest length shortest AS path lowest origin code lowest MED route from external peer lowest cost to Next Hop lowest routerID Example The following command assigns a locally used weight of 10 to a neighbor connection configure bgp nei...

Page 1949: ... None Example The following command configures the as path filters for the peer group outer and its neighbors using the access profile nosales configure bgp peer group outer as path filter in nosales History This command was available in ExtremeWare 6 1 5 Platform Availability This command is available on i series of switches peer group Specifies a peer group in Specifies to install the filter on ...

Page 1950: ...uppress limit is the penalty value above which a route will be suppressed The range is 1 20 000 and the default is 2 000 The maximum hold down time is the maximum time a route can be suppressed no matter how unstable it has been as long as it no longer flaps The range is 1 255 minutes and the default is 4 the half life Use the following command to disable route flap dampening for a BGP peer group ...

Page 1951: ...configure bgp peer group dampening ExtremeWare 7 7 Command Reference Guide 1951 Platform Availability This command is available on i series of switches ...

Page 1952: ... the peer group outer to 5000 sets the threshold for warning messages to 60 and specifies SNMP traps configure bgp peer group outer maximum prefix 5000 threshold 60 send traps History This command was introduced in ExtremeWare 6 2 2 name Specifies a peer group number Specifies the maximum number of prefixes accepted The range is 0 to 4294967294 A value of 0 disables prefix limit feature percent Sp...

Page 1953: ...configure bgp peer group maximum prefix ExtremeWare 7 7 Command Reference Guide 1953 Platform Availability This command is available on i series of switches ...

Page 1954: ...ors of the peer group Example The following command configures the next hop address used in the updates to be the address of the BGP connection originating it configure bgp peer group outer next hop self History This command was available in ExtremeWare 6 1 5 Platform Availability This command is available on i series of switches peer group Specifies a peer group next hop self Specifies that the n...

Page 1955: ...None Example The following command configures the NLRI filter for the peer group outer and its neighbors using the access profile nosales configure bgp peer group outer nlri filter in nosales History This command was available in ExtremeWare 6 1 5 Platform Availability This command is available on i series of switches peer group Specifies a peer group in Specifies to install the filter on the inpu...

Page 1956: ...disabled by default Usage Guidelines Use the following command to enable route flap dampening for a BGP peer group configure bgp peer group name dampening half life reuse suppress max suppress route map route map Example The following command disables route flap dampening to the BGP peer group outer configure bgp peer group no dampening History This command was first available in ExtremeWare 7 0 0...

Page 1957: ...uter to be a route reflector The peer group must be in the same AS of this router Example The following command configures the peer group outer as a route reflector client configure bgp peer group outer route reflector client History This command was available in ExtremeWare 6 1 5 Platform Availability This command is available on i series of switches peer group Specifies a peer group route reflec...

Page 1958: ...ply to the peer group and all neighbors of the peer group Example The following command configures communities to be sent to neighbors as part of route updates configure bgp peer group outer send community History This command was available in ExtremeWare 6 1 5 Platform Availability This command is available on i series of switches peer group Specifies a peer group send community Specifies that co...

Page 1959: ... the peer group Modifying the following parameters automatically disables and enables the neighbors before changes take effect remote as timer source interface soft in reset password Example The following command configures the password as Extreme for the peer group outer and its neighbors configure bgp peer group outer password extreme History This command was available in ExtremeWare 6 1 5 Platf...

Page 1960: ...roup are applied to all neighbors in the peer group Modifying the following parameters automatically disables and enables the neighbors before changes take effect remote as timer source interface soft in reset password Example The following command configures the remote AS number for the peer group outer and its neighbors configure bgp peer group outer remote AS number 65001 History This command w...

Page 1961: ...nes None Example The following command configures the route map filter for the peer group outer and its neighbors using the access profile nosales configure bgp peer group outer route map filter in nosales History This command was available in ExtremeWare 6 1 5 Platform Availability This command is available on i series of switches peer group Specifies a peer group in Specifies to install the filt...

Page 1962: ...s not affect configuration of the switch Changes made to the parameters of a peer group are applied to all neighbors in the peer group Modifying the following parameters automatically disables and enables the neighbors before changes take effect remote as timer source interface soft in reset password Example The following command applies the current input routing policy to the neighbors in the pee...

Page 1963: ...o all neighbors in the peer group Modifying the following parameters automatically disables and enables the neighbors before changes take effect remote as timer source interface soft in reset password Example The following command configures the source interface for the peer group outer and its neighbors on the VLAN accounting configure bgp peer group outer source interface accounting History This...

Page 1964: ...the peer group Modifying the following parameters automatically disables and enables the neighbors before changes take effect remote as timer source interface soft in reset password Example The following command configures the keepalive timer and hold timer values for the peer group outer and its neighbors configure bgp peer group outer timer keep alive 30 hold time 90 History This command was ava...

Page 1965: ...ng precedence from highest to lowest higher weight higher local preference shortest length shortest AS path lowest origin code lowest MED route from external peer lowest cost to Next Hop lowest routerID Example The following command configures the weight for the peer group outer and its neighbors configure bgp peer group outer weight 5 History This command was available in ExtremeWare 6 1 5 Platfo...

Page 1966: ... routes based on the following precedence from highest to lowest higher weight higher local preference shortest length shortest AS path lowest origin code lowest MED route from external peer lowest cost to Next Hop lowest router ID Example The following command changes the router ID configure bgp router id 192 1 1 13 History This command was first available in ExtremeWare 6 1 Platform Availability...

Page 1967: ...d redistribution Syntax Description This command has no arguments or variables Default N A Usage Guidelines This command does not affect the switch configuration Example The following command applies the route map associated with the network command aggregation and redistribution configure bgp soft reconfiguration History This command was first available in ExtremeWare 6 1 Platform Availability Th...

Page 1968: ...ess all peer group peer group acquire all If you do not specify acquire all only the mandatory parameters are inherited from the peer group If you specify acquire all all of the parameters of the peer group are inherited This command disables the neighbor before adding it to the peer group Example The following command creates a new neighbor and makes it part of the peer group outer create bgp nei...

Page 1969: ...peer is consider an IBGP peer otherwise the neighbor is an EBGP peer The BGP session to a newly created peer is not started until the enable bgp neighbor command is issued Example The following command creates a new BGP peer create bgp neighbor 192 168 1 17 remote AS number 65001 History This command was available in ExtremeWare 6 2 Platform Availability This command is available on i series of sw...

Page 1970: ...ters of the BGP peer group The following mandatory parameters are shared by all neighbors in a peer group remote AS source interface out nlri filter out aspath filter out route map send community next hop self Each BGP peer group is assigned a unique name when the peer group is created Example The following command creates a new peer group named external create bgp peer group outer History This co...

Page 1971: ... Usage Guidelines Use this command to delete one or all BGP neighbors Example The following command deletes the specified BGP neighbor delete bgp neighbor 192 168 1 17 History This command was first available in ExtremeWare 6 2 Platform Availability This command is available on i series of switches ip address Specifies the IP address of the BGP neighbor to be deleted all Specifies all neighbors ...

Page 1972: ...group Syntax Description Default N A Usage Guidelines Use this command to delete a specific BGP peer group Example The following command deletes the peer group named external delete bgp peer group outer History This command was available in ExtremeWare 6 1 5 Platform Availability This command is available on i series of switches peer group Specifies a peer group ...

Page 1973: ...cription This command has no arguments or variables Default Disabled Usage Guidelines Use this command to disable BGP on the router Example The following command disables BGP disable bgp History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series of switches ...

Page 1974: ... several routes so that they are advertised as a single route Aggregation reduces the amount of information that a BGP speaker must store and exchange with other BGP speakers Reducing the information that is stored and exchanged also reduces the size of the routing table Use this command to disable BGP route aggregation Example The following command disables BGP route aggregation disable bgp aggre...

Page 1975: ...is command has no arguments or variables Default Disabled Usage Guidelines MED is only used when comparing paths from the same AS Use this command to disable the MED from being used when selecting a route Example The following command disables MED from being used in the route selection algorithm disable bgp always compare med History This command was first available in ExtremeWare 6 1 Platform Ava...

Page 1976: ...nd upload commands Syntax Description This command has no arguments or variables Default Disabled Usage Guidelines Using this command communities are displayed as a single decimal value Example The following command disables the AS number number format of display for communities disable bgp community format AS number number History This command was first available in ExtremeWare 6 2 Platform Avail...

Page 1977: ...gin and Local Preference with the routes Route maps can also be used to filter out exported routes Using the export command to redistribute routes complements the redistribution of routes using the configure bgp add network command The configure bgp add network command adds the route to BGP only if the route is present in the routing table The enable bgp export command redistributes an individual ...

Page 1978: ...following command disables BGP from exporting routes from the OSPF protocol to BGP peers disable bgp export ospf History This command was first available in ExtremeWare 6 1 The IS IS options were added in ExtremeWare 7 0 0 Platform Availability This command is available on i series of switches ...

Page 1979: ...delines After the session has been disabled all the information in the route information base RIB for the neighbor is flushed Example The following command disables the BGP session disable bgp neighbor 192 1 1 17 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series of switches ip address Specifies an IP address all Specifies all ne...

Page 1980: ...AS does not have officially allocated AS numbers You want to conserve AS numbers if you are multi homed to the local AS Private AS numbers should not be advertised on the Internet Private AS numbers can only be used locally within an administrative domain Therefore when routes are advertised out to the Internet the private AS number can be stripped out from the AS paths of the advertised routes us...

Page 1981: ... Disabled Usage Guidelines Disabling the soft input reset feature can potentially limit the amount of system memory consumed by the RIB in Example The following command disables the soft input reset feature disable bgp neighbor 192 168 1 17 soft in reset History This command was available in ExtremeWare 6 2 Platform Availability This command is available on i series of switches all Specifies all n...

Page 1982: ...rit the parameters of the BGP peer group The following mandatory parameters are shared by all neighbors in a peer group remote AS source interface out nlri filter out aspath filter out route map send community next hop self Example The following command disables the BGP peer group outer and all of its neighbors disable bgp peer group outer History This command was available in ExtremeWare 6 1 5 Pl...

Page 1983: ...s Default Enabled Usage Guidelines When enabled BGP waits for IGP to provide the exact same IP route before installing the route into the local forwarding database and advertising the route to an external neighbor Example The following command disables the synchronization between BGP and IGP disable bgp synchronization History This command was first available in ExtremeWare 6 2 Platform Availabili...

Page 1984: ...variables Default Disabled Usage Guidelines This command enables the Border Gateway Protocol BGP on the router Before invoking this command the local AS number and BGP router ID must be configured Example The following command enables BGP enable bgp History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series of switches ...

Page 1985: ...change with other BGP speakers Reducing the information that is stored and exchanged also reduces the size of the routing table To use BGP route aggregation follow these steps 1 Enable aggregation using the following command enable bgp aggregation 2 Create an aggregate route using the following command configure bgp add aggregate address ip address mask length as set as match summary only advertis...

Page 1986: ...no arguments or variables Default Disabled Usage Guidelines MED is only used when comparing paths from the same AS A MED value of zero is treated as the lowest MED and therefore the most preferred route Example The following command enables BGP to use the Multi Exit Discriminator MED from neighbors in different autonomous systems in the route selection algorithm enable bgp always compare med Histo...

Page 1987: ...upload commands Syntax Description This command has no arguments or variables Default Disabled Usage Guidelines If not enabled the communities are displayed as a single decimal value Example The following command enables the AS number number format of display for communities enable bgp community format AS number number History This command was first available in ExtremeWare 6 2 Platform Availabili...

Page 1988: ...d Local Preference with the routes Route maps can also be used to filter out exported routes Using the export command to redistribute routes complements the redistribution of routes using the configure bgp add network command The configure bgp add network command adds the route to BGP only if the route is present in the routing table The enable bgp export command redistributes an individual route ...

Page 1989: ...wing command enables BGP to export routes from the OSPF protocol to BGP peers enable bgp export ospf History This command was first available in ExtremeWare 6 1 The IS IS options were added in ExtremeWare 7 0 0 Platform Availability This command is available on i series of switches ...

Page 1990: ...on Default Disabled Usage Guidelines To create a new neighbor and add it to a BGP peer group use the following command create bgp neighbor ip address peer group peer group multi hop Example The following command enables the BGP neighbor session enable bgp neighbor 192 168 1 17 History This command was available in ExtremeWare 6 1 Platform Availability This command is available on i series of switc...

Page 1991: ...he remote AS does not have officially allocated AS numbers You want to conserve AS numbers if you are multi homed to the local AS Private AS numbers should not be advertised on the Internet Private AS numbers can only be used locally within an administrative domain Therefore when routes are advertised out to the Internet the routes can be stripped out from the AS paths of the advertised routes usi...

Page 1992: ... Disabled Usage Guidelines Disabling the soft input reset feature can potentially limit the amount of system memory consumed by the RIB in Example The following command enables the soft recognition feature enable bgp neighbor 192 168 1 17 soft in reset History This command was available in ExtremeWare 6 2 Platform Availability This command is available on i series of switches all Specifies all nei...

Page 1993: ...arameters of the BGP peer group The following mandatory parameters are shared by all neighbors in a peer group remote AS source interface out nlri filter out aspath filter out route map send community next hop self Example The following command enables the BGP peer group outer and all its neighbors enable bgp peer group outer History This command was available in ExtremeWare 6 1 5 Platform Availab...

Page 1994: ...mand has no arguments or variables Default Enabled Usage Guidelines When enabled BGP waits for IGP to provide the exact same route before advertising the BGP route to an external neighbor Example The following command enables synchronization between BGP and IGP enable bgp synchronization History This command was first available in ExtremeWare 6 2 Platform Availability This command is available on ...

Page 1995: ...efault N A Usage Guidelines Displays information such as AS number router ID local preference sync flag route reflection cluster ID confederation ID and AS redistributed networks Example The following command displays BGP configuration information show bgp History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series of switches ...

Page 1996: ...ies that only flap statistics should be displayed for route flap dampening enabled routes received routes Specifies that only received routes should be displayed rejected routes Specifies that only rejected routes should be displayed suppressed routes Specifies that only suppressed routes should be displayed for route flap dampening enabled routes transmitted routes Specifies that only transmitted...

Page 1997: ...N AS Path Filter None OUT AS Path Filter None IN ROUTE MAP None OUT ROUTE MAP None State IDLE Reached maximum prefix limit RemoteAddr 10 10 10 10 179 LocalAddr 10 10 10 51 1024 PeerRtrId 0 0 0 0 InUpdates 26549 OutUpdates InQ 0 0 InTotalMsgs 26559 OutTotalMsgs 9 InUpdateElapsedTime 0 0 00 20 InMsgElapsedTime 0 0 00 20 InPrefix 0 HoldTime 180 KeepAlive 60 FsmTransitions 1 RestartAfter 0 04 43 FSM D...

Page 1998: ...ferent from the ones that are configured in the peer group will be displayed If no peer group name is specified all the peer group information will be displayed Example The following command displays the peer groups configured in the system show bgp peer group detail History This command was first available in ExtremeWare 6 1 5 Platform Availability This command is available on i series of switche...

Page 1999: ...and displays the BGP route information base RIB show bgp routes all History This command was available in ExtremeWare 6 1 Platform Availability This command is available on i series of switches all Specifies all routes as path expression Specifies an AS path number Specifies a community number detail Specifies to display the information in detailed format ip address Specifies an IP address mask Sp...

Page 2000: ...2000 ExtremeWare 7 7 Command Reference Guide BGP Commands i Series Switches Only ...

Page 2001: ... the multicast group to see if the group is still in use If the group is still active a single IP host responds to the query and group registration is maintained IGMP is enabled by default on the switch However the switch can be configured to disable the generation of period IGMP query packets IGMP query should be enabled when the switch is configured to perform IP unicast or IP multicast routing ...

Page 2002: ...er that is responsible for receiving and distributing multicast packets By default the RP is selected dynamically but not automatically You can also define a static RP in your network using the following command configure pim crp static rp address none access profile priority 0 254 When a router has a multicast packet to distribute it encapsulates the packet in a unicast message and sends it to th...

Page 2003: ... designed to support distributing multicast streams for IPTV to subscribers over a layer 2 network In a standard layer 2 network a multicast stream received on a VLAN is not forwarded to another VLAN The streams are confined to the layer 2 broadcast domain In an IGMP snooping environment streams are forwarded only to interested hosts on a VLAN For inter VLAN forwarding routing a multicast routing ...

Page 2004: ...instantly It deletes the layer 3 IGMP group entries while leaving IGMP entries at layer 2 unaffected that is IGMP snooping entries will still be present in the switch Example The following command clears IGMP groups from VLAN accounting clear igmp group accounting History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Pla...

Page 2005: ...ooping entry can disrupt the normal forwarding of multicast traffic The static IGMP snooping entries will not be removed The dynamic IGMP snooping entries will be removed then re created upon the next general queries Example The following command clears IGMP snooping from VLAN accounting clear igmp snooping accounting History This command was available in ExtremeWare 2 0 This command was added to ...

Page 2006: ...ing cache entries instantly If the source is available caches will be re created otherwise caches are removed permanently This command can disrupt the normal forwarding of multicast traffic Example The following command resets the IP multicast table for group 224 1 2 3 clear ipmc cache 224 1 2 3 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of ...

Page 2007: ...red This command has an effect similar to the command clear ipmc cache except that the targets are the forwarding database entries Example The following command resets the IP multicast forwarding database entry clear ipmc fdb group 224 1 2 3 sender 10 0 0 2 24 History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 2e P...

Page 2008: ...ge Guidelines If all is specified DVMRP is enabled on all IP interfaces When an IP interface is created DVMRP is disabled by default Example The following command enables DVMRP on the VLAN accounting configure dvmrp add vlan accounting History This command was available in ExtremeWare 2 0 Platform Availability This command is available on the i series of switches only vlan name Specifies a VLAN na...

Page 2009: ...x Description Default Disabled Usage Guidelines If all is specified DVMRP is disabled on all IP interfaces Example The following command disables DVMRP on the VLAN accounting configure dvmrp delete vlan accounting History This command was available in ExtremeWare 2 0 Platform Availability This command is available on the i series of switches only vlan name Specifies a VLAN name all Specifies all V...

Page 2010: ...ion of the route report interval route replacement time The route expiration time commonly called route timeout Initially it is 2 x route report interval 20 2 x 60 20 140 It is the time for a particular DVMRP route to expire while the route hold down time is initially 2 x route report interval 2 x 60 120 which is the time before a route gets removed from advertisement after it has been expired The...

Page 2011: ...lt The default setting is 1 Usage Guidelines The cost range is 1 32 Example The following command configures the cost metric of the interface on the VLAN accounting configure dvmrp vlan accounting cost 5 History This command was available in ExtremeWare 4 0 Platform Availability This command is available on the i series of switches only vlan name Specifies a VLAN name all Specifies all VLANs cost ...

Page 2012: ...certain routes when performing the route advertisement The filtered routes are specified in an access profile Example The following command configures DVMRP to filter out routes according to the nosales access profile configure dvmrp vlan accounting export filter nosales History This command was first available in ExtremeWare 4 0 Platform Availability This command is available on the i series of s...

Page 2013: ... Use this command to filter out certain routes when accepting routes from its neighbors The filtered routes are specified in an access profile Example The following command configures DVMRP to use the nosales access profile to determine which DVMRP routes are to accept configure dvmrp vlan accounting import filter nosales History This command was first available in ExtremeWare 4 0 Platform Availab...

Page 2014: ...47 483 647 seconds 68 years The default setting is 10 seconds neighbor timeout The amount of time before a DVMRP neighbor router is declared to be down The range is 1 to 2 147 483 647 seconds 68 years The default setting is 35 seconds 3 5 probe interval Example The following command configures the DVMRP timers configure dvmrp vlan accounting timer 3000 9000 History This command was first available...

Page 2015: ...command to specify trusted versus non trusted neighbors Example The following command configures DVMRP to use the nosales access profile to determine which DVMRP neighbor is trusted and to receive routes from configure dvmrp vlan accounting trusted gateway nosales History This command was first available in ExtremeWare 4 0 Platform Availability This command is available on the i series of switches...

Page 2016: ...ity to create more than 512 copies up to a maximum of 1023 copies for a multicast stream When this feature is not enabled only 512 copies are possible for any multicast stream Example The following command configures an internal VLAN on port 4 configure ext mcast loopback port 4 vlan 1 History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on th...

Page 2017: ...l The maximum response time inserted into the periodic general queries The range is 1 to 25 seconds last member query interval The maximum response time inserted into a group specific query sent in response to a leave group message The range is 1 to 25 seconds Example The following command configures the IGMP timers configure igmp 100 5 1 History This command was available in ExtremeWare 2 0 This ...

Page 2018: ...e VLAN has no IP address assigned the proxy IGMP message will use 0 0 0 0 as the source IP address The multicast group should be in the class D multicast address space but should not be in the multicast control subnet range 224 0 0 x 24 If the ports also have an IGMP filter configured the filter entries take precedence IGMP filters are configured using the command configure igmp snooping vlan vlan...

Page 2019: ...p snooping add static group ExtremeWare 7 7 Command Reference Guide 2019 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 2020: ...onfigured with the static entry all available multicast traffic will be forwarded to those ports Example The following command configures a static IGMP entry so all multicast groups will be forwarded to VLAN marketing on ports 2 1 2 4 configure igmp snooping vlan marketing ports 2 1 2 4 add static router History This command was first available in ExtremeWare 7 1 0 This command was added to the Su...

Page 2021: ...p address Example The following command removes a static IGMP entry that forwards the multicast group 224 34 15 37 to the VLAN marketing on ports 2 1 2 4 configure igmp snooping vlan marketing ports 2 1 2 4 delete static group 224 34 15 37 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availabilit...

Page 2022: ... vlan vlan name ports portlist add static router Example The following command removes the static IGMP entry that caused all multicast groups to be forwarded to VLAN marketing on ports 2 1 2 4 configure igmp snooping vlan marketing ports 2 1 2 4 delete static router History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWar...

Page 2023: ...snooping filtering from a port use the none keyword version of the command Example The following command configures the access profile ap_multicast to filter multicast packets forwarded to VLAN marketing on ports 2 1 2 4 configure igmp snooping vlan marketing ports 2 1 2 4 filter ap_multicast History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e serie...

Page 2024: ...o the access profile a 32 bit host address is recommended This feature is meant to solve the multicast connectivity problem for unknown destination addresses within system reserved ranges Specifically this feature was introduced to solve the problem of recognizing certain stream as control packets NOTE The switch will not validate any IP address in the access profile used in this command Therefore...

Page 2025: ...es the multicast data stream specified in access1 for slow path flooding configure igmp snooping flood list access1 The following command specifies that no access profile is to be used this effectively disabling slow path flooding configure igmp snooping flood list none History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeW...

Page 2026: ...unded off to multiple of 1000 milliseconds The specified time is the maximum leave timeout value The switch could leave sooner if an IGMP leave message is received before the timeout occurs Example The following command configures the IGMP snooping leave timeout configure igmp snooping leave timeout 10000 History This command was first available in ExtremeWare 6 2 This command was added to the Sum...

Page 2027: ...work bandwidth and prevents multicast traffic from being flooded to parts of the network that do not need it The switch does not reduce any IP multicast traffic in the local multicast domain 224 0 0 x IGMP snooping is enabled by default on the switch If you are using multicast routing IGMP snooping can be enabled or disabled in versions of ExtremeWare previous to 7 0 0 IGMP snooping must have been...

Page 2028: ...ference Guide IP Multicast Commands History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 2029: ...s feature is useful in high bandwidth multicast stream video deployments where multiple streams are converging on a single egress port By using multiple queues per port the queues are load balanced Example The following command configures eight queues per port for multicast queue management configure mcast queue mgmt start queue 0 end queue 7 History This command was available in ExtremeWare 7 4 P...

Page 2030: ...ticast source or RP mask Specifies the mask of the IP address of the multicast source or RP protocol Optional Specifies the unicast routing protocol that will be used The source address will be compared with only those routes that have been learned from the specified unicast routing protocol rpf address Specifies the next hop address through which the source can be reached distance Optional Specif...

Page 2031: ...k Specifies the mask of the IP address of the multicast source or RP protocol Optional Specifies the unicast routing protocol that will be used The source address will be compared with only those routes that have been learned from the specified unicast routing protocol rpf address Specifies the next hop address through which the source can be reached distance Optional Specifies the distance metric...

Page 2032: ...itches The switch supports edge mode operation You can configure spare mode on a per interface basis If you specify passive the interface does not act as a neighbor with another PIM router or switch Typically all non passive interfaces align with USPF non passive interfaces A maximum of 2 non passive PIM interfaces is allowed on the e series Example The following command enables PIM DM multicast r...

Page 2033: ... 7 7 Command Reference Guide 2033 History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ...

Page 2034: ...or the candidate BSR must have IPMC forwarding enabled for PIM sparse mode On the e series of switches an error message is displayed if you attempt to configure a VLAN as a candidate BSR Example The following command configures a candidate bootstrap router on the VLAN accounting configure pim cbsr vlan accounting 30 History This command was first available in ExtremeWare 6 1 Platform Availability ...

Page 2035: ...ed with the same RP address for the same group range The access profile contains a list of multicast group accesses served by this RP On the e Series of Switches The RP address cannot be any locally configured IP interface The series e switches are not eligible to be RPs Example The following command statically configures an RP and its associated groups defined in access profile rp list configure ...

Page 2036: ...cription Default The default is 60 seconds Usage Guidelines None Example The following command configures the candidate rendezvous point advertising interval to 120 seconds configure pim crp timer 120 History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on all platforms crp advertisement interval Specifies a candidate rendezvous point advertis...

Page 2037: ...rviced by this RP To delete a CRP use the keyword none as the access policy The VLAN specified for CRP must have IPMC forwarding enabled for PIM sparse mode Example The following command configures the candidate rendezvous point for PIM sparse mode operation on the VLAN HQ_10_0_3 with the access profile rp list and priority set to 30 configure pim crp HQ_10_0_3 rp list 30 History This command was ...

Page 2038: ...e Example The following command would disable PIM SM on an e series switch or PIM DM or PIM SM for an i series switch for the VLAN accounting configure pim delete vlan accounting History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms vlan name Specifie...

Page 2039: ...on in the register message Syntax Description Default Include data Usage Guidelines None Example The following command configures the checksum mode to include data for compatibility with Cisco Systems products configure pim register checksum to include data History This command was first available in ExtremeWare 6 1 This command was added to the Summit e series of switches in ExtremeWare 7 1e Plat...

Page 2040: ...uld send register messages only at time second intervals The default value is zero which sends continuos register messages This command takes effect only until the register stop message is not received in other words when the register suppression timer is not running Example The following command configures the initial PIM register rate limit interval configure pim register rate limit interval 2 H...

Page 2041: ...o the null register is expected within register probe interval By specifying a larger interval a CPU peak load can be avoided because the null registers are generated less frequently The register probe time should be less than half of the register suppress time for best results Example The following command configures the register suppress interval and register probe time configure pim register su...

Page 2042: ...formance leveraged by hardware forwarding use default value 0 0 or small values below 16 From release 6 2 2 onwards since the RP learns the source address from the register message the RP threshold has no effect Example The following command sets the threshold for switching to SPT configure pim spt threshold 4 16 History This command was first available in ExtremeWare 6 1 This command was added to...

Page 2043: ...ied the configuration is applied to all the VLANs on which PIM is enabled Example The following command configures the global PIM timers on the VLAN accounting configure pim timer 150 300 vlan accounting History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all pla...

Page 2044: ...he current BSM fragment received and will not wait for any further BSM Example The following command configures the PIM BSM wait time to 30 seconds configure pim timer bsm wait time 30 History This command is available from ExtremeWare 7 7 Platform Availability This command is available on all platforms seconds Specifies the time in seconds to wait for more BSM fragments after a BSM fragment is re...

Page 2045: ...onfigured to use an access profile to determine trusted PIM router neighbors for the VLAN on the switch running PIM You can use this feature to select or exclude routers as peers PIM control packets from non trusted sources are not processed Example The following command configures a trusted neighbor policy on the VLAN backbone configure pim vlan backbone trusted gateway nointernet History This co...

Page 2046: ...ault None Usage Guidelines You can configure and enable MVR only on a single VLAN Example The following command configures the VLAN accounting as an MVR VLAN configure mvr add vlan accounting History This command was first available in ExtremeWare 7 7 Platform Availability This command is available on e series platforms only vlan name Specifies a VLAN name on which the MVR has to configured ...

Page 2047: ...on the system Syntax Description This command has no arguments or variables Default Disabled Usage Guidelines None Example The following command disables DVMRP on the system disable dvmrp History This command was available in ExtremeWare 2 0 Platform Availability This command is available on i series platforms only ...

Page 2048: ...e or all VLANs Syntax Description Default Enabled Usage Guidelines None Example The following command disables the receive capability of DVMRP packets on the VLAN accounting disable dvmrp rxmode vlan accounting History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series platforms only vlan name Specifies a VLAN name all Specifies all VLAN...

Page 2049: ...n one or all VLANs Syntax Description Default Enabled Usage Guidelines None Example The following command disables the transmit capability of DVMRP packets on the VLAN accounting disable dvmrp txmode vlan accounting History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series platforms only vlan name Specifies a VLAN name all Specifies all...

Page 2050: ...bled Usage Guidelines Use this command to disable the multicast copy count extension feature When this feature is disabled the switch can generate a maximum of 512 copies for a multicast stream Example The following example resets multicast copy count extension to a single FDB entry disable ext mcast History This command was first available in ExtremeWare 7 4 Platform Availability This command is ...

Page 2051: ...e hosts respond to the query and group registration is maintained IGMP is enabled by default on the switch However the switch can be configured to disable the generation and processing of IGMP packets IGMP should be enabled when the switch is configured to perform IP unicast or IP multicast routing IGMP must be enabled if the switch is configured for DVMRP Example The following command disables IG...

Page 2052: ...e sent using slow path forwarding and are flooded using slow path forwarding This can load the CPU with heavy multicast traffic To operate the switch in Layer 2 mode and disable IGMP snooping it is best to flood multicast IP traffic in hardware using the hardware flooding keyword When IGMP snooping is disabled with hardware flooding if you enable IGMP snooping for one or more VLANs the hardware fl...

Page 2053: ...ble igmp snooping ExtremeWare 7 7 Command Reference Guide 2053 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 2054: ...r normal network operation Enabling the proxy allows the switch to suppress the duplicate join requests on a group to forward to the connected layer 3 switch The proxy also suppresses unnecessary IGMP leave messages so that they are forwarded only when the last member leaves the group Example The following command disables the IGMP snooping proxy disable igmp snooping with proxy History This comma...

Page 2055: ...orwarding must be enabled before enabling IP multicast forwarding and IP multicast forwarding must be disabled before disabling IP forwarding Disabling IP multicast forwarding disables any layer 3 forwarding for the streams coming to the interface Example The following command disables IP multicast forwarding on the VLAN accounting disable ipmcforwarding vlan accounting History This command was av...

Page 2056: ...the queues configured for multicast forwarding using the configure mcast queue mgmt command This command causes the switch to use a single queue per port for multicast forwarding However this change does not take effect while multicast forwarding entries exist for the stream Example The following example disables multiple queues for multicast stream forwarding disable mcast queue mgmt History This...

Page 2057: ...ommand has no arguments or variables Default Disabled Usage Guidelines None Example The following command disables PIM on the system disable pim History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 2058: ... PIM snooping on a single VLAN specify the VLAN name If no VLAN name is specified PIM snooping is disabled on all VLANs Example The following command disables PIM snooping on the VLAN demo pim disable pim snooping vlan demo pim History This command was first available in ExtremeWare 7 3 0 Platform Availability This command is available on i series platforms only vlan name Specifies the name of the...

Page 2059: ...This command has no arguments or variables Default Disabled Usage Guidelines MVR can not be disabled when a VLAN is added as an MVR vlan Example The following command disables MVR on the switch disable mvr History This command was first available in ExtremeWare 7 7 Platform Availability This command is available on e series platforms only ...

Page 2060: ...RP on the system Syntax Description This command has no arguments or variables Default Disabled Usage Guidelines None Example The following command enables DVMRP on the system enable dvmrp History This command was available in ExtremeWare 2 0 Platform Availability This command is available on i series platforms only ...

Page 2061: ...ne or all VLANs Syntax Description Default Enabled Usage Guidelines None Example The following command enables the receive capability of DVMRP packets on the VLAN accounting enable dvmrp rxmode vlan accounting History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series platforms only vlan name Specifies a VLAN name all Specifies all VLANs...

Page 2062: ...one or all VLANs Syntax Description Default Enabled Usage Guidelines None Example The following command enables the transmit capability of DVMRP packets on the VLAN accounting enable dvmrp txmode vlan accounting History This command was first available in ExtremeWare 6 1 Platform Availability This command is available on i series platforms only vlan name Specifies a VLAN name all Specifies all VLA...

Page 2063: ...nds the layer 3 multicast function to allow more than 512 copies and up to 1023 copies for a multicast stream When this feature is not enabled only 512 copies are possible for every multicast stream Before enabling the user must configure this feature using the configure ext mcast loopback port command Example The following example enables the multicast copy count extension feature enable ext mcas...

Page 2064: ...se If the group is still active IP hosts respond to the query and group registration is maintained IGMP is enabled by default on the switch However the switch can be configured to disable the generation and processing of IGMP packets IGMP should be enabled when the switch is configured to perform IP unicast or IP multicast routing Example The following command enables IGMP on the VLAN accounting e...

Page 2065: ...snooping mode you must disable IP multicast forwarding To disable IP multicast forwarding use the command disable ipmcforwarding To change the IGMP snooping mode from the forward mcrouter only mode to the non forward mcrouter only mode use the command disable igmp snooping forward mcrouter only The snooping mode is not changed from the non forward mcrouter only mode to the forward mcrouter only mo...

Page 2066: ...ference Guide IP Multicast Commands History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 2067: ... multicast forwarding should be disabled globally for this command Enabling the proxy allows the switch to suppress the duplicate join requests on a group to forward to the connected layer 3 switch The proxy also suppresses unnecessary IGMP leave messages so that they are forwarded only when the last member leaves the group Example The following command enables the IGMP snooping proxy enable igmp ...

Page 2068: ...rfaces are added IPMC forwarding is disabled by default IP forwarding must be enabled before enabling IPMC forwarding and IPMC forwarding must be disabled before disabling IP forwarding Example The following command enables IPMC forwarding on the VLAN accounting enable ipmcforwarding vlan accounting History This command was available in ExtremeWare 2 0 This command was added to the Summit e series...

Page 2069: ...r parameters Default Disabled Usage Guidelines Use this command to enable multiple queues for multicast stream forwarding This command enables the queues configured using the configure mcast queue mgmt command Example The following example enables multiple queues for multicast stream forwarding enable mcast queue mgmt History This command was available in ExtremeWare 7 4 Platform Availability This...

Page 2070: ...is command has no arguments or variables Default Disabled Usage Guidelines None Example The following command enables PIM on the system enable pim History This command was first available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all platforms ...

Page 2071: ...IM snooping on a single VLAN specify the VLAN name If no VLAN name is specified PIM snooping is enabled on all VLANs Example The following command enables PIM snooping on the VLAN demo pim enable pim snooping vlan demo pim History This command was first available in ExtremeWare 7 3 0 Platform Availability This command is available on i series platforms only vlan name Specifies the name of the VLAN...

Page 2072: ... Usage Guidelines You can enable MVR only on a single VLAN MVR can be enabled only after MVR vlan is added using the command configure mvr add vlan vlan name Example The following commands enables an MVR on the VLAN accounting configure mvr add vlan accounting enable mvr History This command was first available in ExtremeWare 7 7 Platform Availability This command is available on e series platform...

Page 2073: ...ddress interface multicast capabilities metric configured on the interface threshold configured on the interface count and IP address of the neighbors discovered on the interface Example The following command queries the router at 10 10 34 14 mrinfo 10 10 34 14 History This command was first available in ExtremeWare 7 1 0 This command was added to the Summit e series of switches in ExtremeWare 7 2...

Page 2074: ...2074 ExtremeWare 7 7 Command Reference Guide IP Multicast Commands Platform Availability This command is available on all platforms ...

Page 2075: ...urn adds its own report to the trace response When the request reaches the first hop router the filled in request is sent back to the system requesting the trace The request will also be returned if the maximum hop limit is reached If a router does not support the mtrace functionality it will silently drop the request packet and no information will be returned For this situation you would send the...

Page 2076: ...teway 172 16 255 1 mtrace source 3 3 3 200 group 225 1 1 1 gateway 22 22 22 9 Output from the command is similar to Mtrace from 10 10 34 14 to 172 16 255 2 via group 227 160 14 23 mtrace_send_query Src 10 10 34 14 Grp 227 160 14 23 Dst 172 16 255 2 Resp 172 16 255 2 to 172 16 255 1 from 172 16 255 2 mtrace_proc_resp Src 10 10 34 14 Dst 172 16 255 2 0 172 16 255 2 1 172 16 255 1 PIM thresh 1 10 10 ...

Page 2077: ...192 2 4 run ipmcfdb check 168 192 2 4 195 1 1 100 vlan lab1 extended detail History This command was first available in ExtremeWare 6 1 9 Platform Availability This command is available on i series platforms only bucket Specifies the bucket portion of the FDB hash index entry Specifies the entry portion of the FDB hash index IP multicast group Specifies a multicast group FDB entries with this grou...

Page 2078: ...iption Default All Usage Guidelines None Example The following command displays the DVMRP configuration and statistics for the VLAN accounting show dvmrp vlan accounting History This command was available in ExtremeWare 2 0 Platform Availability This command is available on i series platforms only vlan name Specifies a VLAN name route Specifies a route detail Specifies to display the information i...

Page 2079: ... displayed You can also filter the display by group address and by multicast stream sender address Example The following command lists the IGMP group membership for the VLAN accounting show igmp group 10 0 0 1 sender 10 0 0 2 accounting History This command was first available in ExtremeWare 7 2e Platform Availability This command is available on all platforms group ip address Specifies a group IP...

Page 2080: ... The following information is displayed in a per interface format Group membership information Router entry Timeout information Example The following command displays IGMP snooping registration information on the VLAN accounting show igmp snooping vlan accounting History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Plat...

Page 2081: ...filters will be displayed Example To display the IGMP snooping filter configured on VLAN vlan101 use the following command show igmp snooping vlan101 filter The output of the command will be similar to the following VLAN vlan101 4094 Filter Port ap5 31 Total number of configured static filters 1 Flags a Active History This command was first available in ExtremeWare 7 1 0 This command was added to ...

Page 2082: ...ay the IGMP snooping static groups configured on VLAN vlan101 use the following command show igmp snooping vlan101 static group The output of the command will be similar to the following VLAN vlan101 4094 Group Port Flags 239 1 1 2 29 s 239 1 1 2 30 s 239 1 1 2 31 sa 239 1 1 2 32 s 239 1 1 2 34 s Total number of configured static IGMP groups 5 Flags s Static a Active History This command was first...

Page 2083: ...me Routing protocol When the detail option is specified the switch displays the egress VLAN list and the pruned VLAN list Example The following command displays the IP multicast table for group 224 1 2 3 show ipmc cache 224 1 2 3 History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is ...

Page 2084: ... address is specified only the IP multicast FDB entries corresponding to the group address are displayed Example The following command displays the IP multicast forwarding database show ipmc fdb History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms ip...

Page 2085: ... N A Usage Guidelines None Example The following command displays the counters for the number of packets bridged switched and snooped for the VLAN accounting show l2stats accounting History This command was first available in ExtremeWare 6 2 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms vlan name Speci...

Page 2086: ...e current configuration being used for multicast data load balancing This feature is configured using the configure mcast queue mgmt command Example The following command displays the current configuration for the multicast queue management show mcast queue mgmt Output from this command is similar to show mcast queue mgmt Muticast Queue management Enabled Start Queue 0 End Queue 7 History This com...

Page 2087: ...output U Indicates that the interface through which the RPF neighbor could be reached is active m Indicates that multicast is enabled on the interface through which the RPF neighbor could be reached G Indicates that the RPF neighbor is the gateway for this route Metric Metric for the route If the metric was not specified during configuration of this route using the configure mroute add command the...

Page 2088: ...way Active routes Given the following configuration configure mroute add 90 90 90 0 24 ospf 2 2 2 2 The following command displays mroute information for this configuration show mroute Output for the command is similar to SrcAddr SrcMask rpfNbr flags metric Proto 90 90 90 0 255 255 255 0 2 2 2 2 UmG 0 OSPF Flags U Up m Multicast G Gateway Active routes History This command was first available in E...

Page 2089: ...e detail version of this command displays the global statistics for PIM register and register stop packets Example The following command displays the PIM configuration and statistics for the VLAN accounting show pim accounting History This command was first available in ExtremeWare 4 0 The rp set option was added in ExtremeWare 6 1 This command was added to the Summit e series of switches in Extre...

Page 2090: ...ted VLAN To display PIM snooping for a single VLAN specify the VLAN name If no VLAN name is specified PIM snooping information is displayed for all VLANs Example The following command displays PIM snooping on the VLAN demo pim show pim snooping vlan demo pim History This command was first available in ExtremeWare 7 3 0 Platform Availability This command is available on i series platforms only vlan...

Page 2091: ...ns or parameters Default N A Usage Guidelines MVR is enabled only on one VLAN Example The following command displays MVR enable status and the MVR VLAN name show mvr Output from this command is similar to MVR Enabled No MVR Multicast VLAN None History This command was first available in ExtremeWare 7 7 Platform Availability This command is available on e series platforms only ...

Page 2092: ...ettings Syntax Description Default If no VLAN is specified all interfaces are reset Usage Guidelines None Example The following command resets all DVMRP timers on VLAN accounting unconfigure dvmrp vlan accounting History This command was available in ExtremeWare 2 0 Platform Availability This command is available on i series platforms only vlan name Specifies a VLAN name ...

Page 2093: ...e Guidelines Use this command to disable the multicast copy count extension feature and to destroy the internal VLAN and all the FDBs that are associated with this internal VLAN It also disassociates the port ID from the loopback port Example In this example the feature is disabled and the configuration is removed unconfigure ext mcast History This command was available in ExtremeWare 7 4 Platform...

Page 2094: ...iption This command has no arguments or variables Default N A Usage Guidelines None Example The following command resets all IGMP settings to their default values and clears the IGMP group table unconfigure igmp History This command was available in ExtremeWare 2 0 This command was added to the Summit e series of switches in ExtremeWare 7 1e Platform Availability This command is available on all p...

Page 2095: ...ault N A Usage Guidelines Use this command to return to using a single queue for multicast stream forwarding It does not disable the multicast queue management feature that was configured using the configure mcast queue mgmt command Example The following example removes multiple queue configuration for multicast stream forwarding unconfigure mcast queue mgmt History This command was available in E...

Page 2096: ... VLAN is specified the configuration is reset for all PIM interfaces Usage Guidelines None Example The following command resets all PIM settings on the VLAN accounting unconfigure pim vlan accounting History This command was available in ExtremeWare 4 0 This command was added to the Summit e series of switches in ExtremeWare 7 2e Platform Availability This command is available on all platforms vla...

Page 2097: ...routes IPX traffic between IPX router interfaces A router interface is simply a VLAN that has an IPX network identifier NetID and IPX encapsulation type assigned to it As you create VLANs with different IPX NetIDs the switch automatically routes between them Both the VLAN switching and the IPX routing function occur within the switch NOTE A VLAN can be configured with either an IPX NetID or an IP ...

Page 2098: ...iption Default The default setting is 16 Usage Guidelines Change the default number only if NetWare Link Services Protocol NLSP is running in the IPX network Example The following command configures a maximum IPX hop count of 24 configure ipxmaxhops 24 History This command was first available in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms number Specif...

Page 2099: ...abled by default when you configure the IPX VLAN Usage Guidelines IPX RIP is automatically enabled when a NetID is assigned to the VLAN Example The following command configures the IPX VLAN named backbone to run IPX RP configure ipxrip add vlan backbone History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan name Specifi...

Page 2100: ...yntax Description Default N A Usage Guidelines IPX RIP is automatically enabled when a NetID is assigned to the VLAN Example The following command disables IPX RIP on the VLAN named backbone configure ipxrip delete vlan backbone History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series systems vlan name Specifies a VLAN name all Specifie...

Page 2101: ...e default setting is 55 milliseconds Usage Guidelines IPX RIP is automatically enabled when a NetID is assigned to the VLAN Example The following command configures a delay of 80 milliseconds configure ipxrip vlan accounting delay 80 History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan name Specifies a VLAN name all S...

Page 2102: ...ing the export filter will be added to the IPX route table Example The following command assigns an export route filter to the ingress VLAN named accounting configure ipxrip vlan accounting export filter my profile History This command was introduced in ExtremeWare 4 0 access profiles modified in version 6 1 5b20 Platform Availability This command is available on all i series platforms vlan name S...

Page 2103: ...ng the import filter will be added to the IPX route table Example The following command assigns an import route filter to the ingress VLAN named accounting configure ipxrip vlan accounting import filter my profile History This command was introduced in ExtremeWare 4 0 access profiles modified in version 6 1 5b20 Platform Availability This command is available on all i series platforms vlan name Sp...

Page 2104: ... The default setting is 432 bytes Usage Guidelines IPX RIP is automatically enabled when a NetID is assigned to the VLAN Example The following command configures an MTU size of 128 for the IPX RIP packet configure ipxrip vlan accounting max packet size 128 History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan name Spec...

Page 2105: ...the trusted gateway are advertised on the egress VLAN Example The following command assigns export route filter named smith to the VLAN named accounting configure ipxrip vlan accounting trusted gateway access_profile History This command was introduced in ExtremeWare 4 0 access profiles modified in version 6 1 5b20 Platform Availability This command is available on all i series platforms vlan name...

Page 2106: ...RIP and the aging interval of learned routes The aging period is calculated using the formula update interval multiplier Example The following command configures the IPX RIP updates for an update interval of 30 seconds and a hold multiplier of 2 for the VLAN named accounting configure ipxrip vlan accounting update interval 30 hold multiplier 30 History This command was introduced in ExtremeWare 4 ...

Page 2107: ...ic routes are never aged out of the routing table Static routes are advertised to the network using IPX RIP Example The following command adds a static IPX route entry to the IPX route table configure ipxroute add default 0011 00 eb 2a 0b 1e 0a History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms dest_netid Specifies the d...

Page 2108: ...endent of whether the VLAN or VLAN IP address that used them remains You should manually delete these routes if no VLAN IP address is capable of using them Example The following command deletes a static IPX route entry to the IPX route table configure ipxroute delete default 0011 00 eb 2a 0b 1e 0a History This command was introduced in ExtremeWare 4 0 Platform Availability This command is availabl...

Page 2109: ...VLAN is specified all VLANs are configured to run IPX SAP routing IPX SAP routing is enabled by default when the IPX VLAN is configured Example The following command configures the IPX VLAN named accounting to run IPX SAP routing configure ipxsap add vlan accounting History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan...

Page 2110: ...es If no VLAN is specified all VLANs are configured to run IPX SAP routing IPX SAP routing is enabled by default when the IPX VLAN is configured Example The following command disables IPX SAP on the VLAN named accounting configure ipxsap delete vlan accounting History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan name ...

Page 2111: ... VLAN is specified all VLANs are configured to run IPX SAP routing IPX SAP routing is enabled by default when the IPX VLAN is configured Example The following command sets the time between each SAP packet to 40 milliseconds for the VLAN named accounting configure ipxsap vlan accounting delay 40 History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available o...

Page 2112: ...tching the export filter will be added to the IPX route table Example The following command assigns an export route filter to the ingress VLAN named accounting configure ipxsap vlan accounting export filter none History This command was introduced in ExtremeWare 4 0 access profiles modified in version 6 1 5b20 Platform Availability This command is available on all i series platforms vlan name Spec...

Page 2113: ...he import filter will be added to the IPX route table Example The following command assigns an import route filter to the ingress VLAN named accounting configure ipxsap vlan accounting import filter none History This command was introduced in ExtremeWare 4 0 the access profile keyword was modified in version 6 1 5b20 Platform Availability This command is available on all i series platforms vlan na...

Page 2114: ...all VLANs are configured to run IPX SAP routing IPX SAP routing is enabled by default when the IPX VLAN is configured Example The following command configures an MTU size of 356 bytes for the IPX SAP packets on the VLAN named accounting configure ipxsap vlan accounting max packet size 356 History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all ...

Page 2115: ...hing the trusted gateway are advertised on the egress VLAN Example The following command assigns an export SAP service filter named smith to the VLAN named accounting configure ipxsap vlan accounting trusted gateway smith History This command was introduced in ExtremeWare 4 0 access profiles modified in version 6 1 5b20 Platform Availability This command is available on all i series platforms vlan...

Page 2116: ...The aging period is calculated using the formula update interval multiplier The default multiplier is 3 Triggered update is always enabled therefore new information is processed and propagated immediately Example The following command configures an update interval of 30 seconds and a hold multiplier of 2 for the IPX SAP updates for the VLAN named accounting configure ipxsap vlan accounting update ...

Page 2117: ...n as possible 0 milliseconds Usage Guidelines If no VLAN is specified all VLANs are configured to run IPX SAP routing IPX SAP routing is enabled by default when the IPX VLAN is configured Example The following command sets a GNS delay time of 20 milliseconds on the VLAN named accounting configure ipxsap vlan accounting gns delay 20 History This command was introduced in ExtremeWare 4 0 Platform Av...

Page 2118: ...advertising server named chalk to the IPX service table with 0004 as SAP for a file server 00 AO C9 17 22 F5 as the MAC address 0451 as the socket number for a connection request and 3 as the number of hops to the server configure ipxservice add chalk 0004 00 AO C9 17 22 F5 0451 3 History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series...

Page 2119: ...nction on the server Example The following command deletes the non advertising server named chalk from the IPX service table with 0004 as SAP for a file server 00 AO C9 17 22 F5 as the MAC address 0451 as the socket number for a connection request and 3 as the number of hops to the server configure ipxservice delete chalk 0004 00 AO C9 17 22 F5 0451 History This command was introduced in ExtremeWa...

Page 2120: ...latforms vlan name Specifies a VLAN name netid Specifies the IPX network identifier of the server enet_ii Specifies an Ethernet 2 header enet_8023 Specifies the IEEE 802 3 length field enet_8022 Specifies and IEEE format and includes the IEEE 802 2 LLC header enet_snap Specifies to add SNAP header to the IEEE 802 2 LLC header Table 36 IPX Encapsulation Types Name Description ENET_II The frame uses...

Page 2121: ...ription This command has no arguments or variables Default N A Usage Guidelines IPX RIP is automatically enabled when a NetID is assigned to the VLAN Example The following disables IPX RIP on the router disable ipxrip History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms ...

Page 2122: ...no arguments or variables Default N A Usage Guidelines If no VLAN is specified all VLANs are configured to run IPX SAP routing IPX SAP routing is enabled by default when the IPX VLAN is configured Example The following disables IPX SAP on the router disable ipxsap History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms ...

Page 2123: ...the GNS reply service is automatically enabled When a station requests a particular service on the network for example locating a print server the station sends a GNS request and the switch responds to the request If GNS reply is disabled the switch drops the request Example The following command disables GNS reply on the IPX VLAN named accounting disable ipxsap gns reply vlan accounting History T...

Page 2124: ...kets Syntax Description Default Enabled Usage Guidelines Type 20 packets are NetBIOS inside IPX Example The following command disables the forwarding of IPX type 20 packets for the VLAN named accounting disable type20 forwarding vlan accounting History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan name Specifies a VLAN...

Page 2125: ...on This command has no arguments or variables Default N A Usage Guidelines IPX RIP is automatically enabled when a NetID is assigned to the VLAN Example The following command enables IPX RIP on the router enable ipxrip History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms ...

Page 2126: ...guments or variables Default N A Usage Guidelines If no VLAN is specified all VLANs are configured to run IPX SAP routing IPX SAP routing is enabled by default when the IPX VLAN is configured Example The following command enables IPX SAP on the router enable ipxsap History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms ...

Page 2127: ... Description Default The default setting is enabled Usage Guidelines If no VLAN is specified GNS reply is enabled on all IPX interfaces Example The following command enables GNS reply for the IPX VLAN named accounting enable ipxsap gns reply vlan accounting History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan name Spe...

Page 2128: ...ets Syntax Description Default Enabled Usage Guidelines Type 20 packets are NetBIOS inside IPX Example The following command enables the forwarding of IPX type 20 packets for the VLAN named accounting enable type20 forwarding vlan accounting History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan name Specifies a VLAN na...

Page 2129: ...ol It displays summary global IPX configuration information followed by per VLAN information Information includes enable disable status for IPX RIP IPX SAP IPX route sharing IPX service sharing and so on Example The following command displays the IPX configuration information for the VLAN named accounting show ipxconfig vlan accounting History This command was introduced in ExtremeWare 4 0 Platfor...

Page 2130: ...a access control MAC addresses received on all of its ports It uses the information in the FDB to decide whether a frame should be forwarded or filtered Example The following command displays the hardware IPX FDB information for the VLAN named accounting show ipxfdb vlan accounting History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i serie...

Page 2131: ...includes operational and administrative status It also lists any identified IPX RIP neighbors RIP packet statistics and several other timer settings Example The following command displays the IPX RIP configuration information and statistics for the VLAN named accounting show ipxrip vlan accounting History This command was introduced in ExtremeWare 4 0 Platform Availability This command is availabl...

Page 2132: ...oute add command IPX RIP is automatically enabled when a NetID is assigned to the VLAN To remove the advertisement of an IPX VLAN use the configure ipxroute delete command Example The following command displays the IPX routes in the route table for the VLAN named accounting show ipxroute vlan accounting History This command was introduced in ExtremeWare 4 0 Platform Availability This command is av...

Page 2133: ...nal and administrative status including the GNS reply service It also lists any identified IPX SAP neighbors SAP packet statistics and several other timer settings Syntax Description Default N A Usage Guidelines None History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan name Specifies a VLAN name ...

Page 2134: ...formation is entered into the IPX Service Table in one of the following two ways Dynamically by way of SAP Statically using the configure ipxservice add command Example The following command displays IPX SAP service information for the VLAN named accounting show ipxservice vlan accounting History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all ...

Page 2135: ...ANs Syntax Description Default All VLANs Usage Guidelines Displays both RIP and SAP packet statistics Example The following command displays IPX packet statistics for the VLAN named accounting show ipxstats vlan accounting History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan name Specifies a VLAN name ...

Page 2136: ...cription Default N A Usage Guidelines Removes import and export filters and resets the MTU size update interval and inter packet delay Example The following command returns the VLAN named backbone to its IPX RIP default settings unconfigure ipxrip vlan backbone History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan name...

Page 2137: ...ult N A Usage Guidelines Removes import and export filters and resets the MTU size update interval and inter packet delay Example The following command resets the IPX SAP settings on the VLAN named backbone to the defaults unconfigure ipxsap vlan backbone History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan name Speci...

Page 2138: ...ax Description Default N A Usage Guidelines IPX RIP is automatically enabled when a NetID is assigned to the VLAN Example The following command removes the IPX NetID of the VLAN named accounting unconfigure vlan accounting xnetid History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms vlan name Specifies a VLAN name ...

Page 2139: ... 256 data bytes The size range is between 1 and 1 484 bytes Example The following command pings IPX node 0010460 with a node address of 00 2b 2a 00 1c 0a xping 0010460 00 2b 2a 00 1c 0a History This command was introduced in ExtremeWare 4 0 Platform Availability This command is available on all i series platforms continuous Specifies that pings are to be sent continuously size n Specifies the ping...

Page 2140: ...2140 ExtremeWare 7 7 Command Reference Guide IPX Commands i Series Platforms Only ...

Page 2141: ... for some routes and the ARM s longest prefix match for others This feature is called Selective LPM The second feature destination sensitive accounting collects statistics that are maintained for forwarded IP traffic to support billing on a destination basis To configure destination sensitive accounting a bin number can be assigned to one or more IP route entries using the ExtremeWare route map co...

Page 2142: ...ination sensitive accounting configuration process as a general context for the detailed command description sections that follow In the most basic terms to enable the accounting function you must enable the accounting feature create a customer VLAN ID enable IP forwarding and configure the accounting bin using the route map feature You use a special set of commands to configure the ARM module to ...

Page 2143: ... no arguments or variables Default N A Usage Guidelines None Example The following command clears zeroes out all of the accounting statistics clear accounting counters History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Bl...

Page 2144: ...ng parameter is an accounting bin number The bin_number parameter is an integer between 0 7 and allows you to define the accounting bin number Example The following command configures the accounting bin number to be associated with the specified route map entry configure route map rt40 11 add set accounting index 1 value 5 History This command was first available in an ExtremeWare IP Technology Se...

Page 2145: ... set accounting index 1 value ExtremeWare 7 7 Command Reference Guide 2145 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2146: ...es If the iphost routing property is added to a route map packets are forwarded to the IP prefixes next hop using the hardware host based IP FDB The iphost routing keyword is only significant for routes learned on VLANs that are lpm routing enabled Example This command enables Selective LPM and specifies IP host routing on the route map lpm_map configure lpm_map 20 add set iphost routing History T...

Page 2147: ...If the lpm routing property is added to a route map packets are forwarded to the IP prefixes next hop by the ARM MPLS module using LPM routing The lpm routing keyword is only significant for routes learned on VLANs that are not lpm routing enabled Example This command enables Selective LPM and specifies lpm routing on the route map lpm_map configure lpm_map 10 add set lpm routing History This comm...

Page 2148: ...rded IP traffic to support billing on a destination basis To configure destination sensitive accounting a bin number can be assigned to one or more IP route entries using the ExtremeWare route map command Example The following command disables the destination sensitive accounting function disable accounting History This command was first available in an ExtremeWare IP Technology Services Release b...

Page 2149: ...r all configured VLANs except the management VLAN Specifying the lpm routing keyword for the disable command only disables LPM routing it does not disable IP forwarding By default lpm routing is not enabled on the VLAN when IP forwarding is enabled for example all VLANs perform host based IP routing by default Example This command configures LPM and IP host routing for the hop1 VLAN disable ipforw...

Page 2150: ...r variables Default Default is disabled Usage Guidelines None Example The following command disables the Selective LPM feature disable lpm History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2151: ...re destination sensitive accounting a bin number can be assigned to one or more IP route entries using the ExtremeWare route map command Destination sensitive accounting LPM and SLB are mutually exclusive functions and cannot be simultaneously enabled Example The following command enables the destination sensitive accounting function enable accounting History This command was first available in an...

Page 2152: ...uting If the vlan name parameter is omitted lpm routing is enabled for all configured VLANs except the management VLAN By default lpm routing is not enabled on the VLAN when IP forwarding is enabled for example all VLANs perform host based IP routing by default Example This command configures LPM and IP host routing for the hop2 VLAN enable ipforwarding lpm routing hop2 History This command was fi...

Page 2153: ...CPU is used for slow path traffic When LPM is enabled slow path traffic is forwarded by the MPLS ARM module at a faster rate Also if LPM is enabled fast path traffic to specified vlans or route maps can be forwarded using longest prefix match on the module without installing IP FDB entries Example The following command enables the Selective LPM feature enable lpm History This command was first ava...

Page 2154: ...how accounting vlan name command The show accounting vlan name command lists the packet and octet counts for each bin number per VLAN Omitting the VLAN name displays the accounting statistics for all the VLANs Example The following command displays accounting statistics for the vlan1 VLAN show accounting vlan1 History This command was first available in an ExtremeWare IP Technology Services Releas...

Page 2155: ...on This command has no arguments or variables Default N A Usage Guidelines Example History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2156: ...2156 ExtremeWare 7 7 Command Reference Guide ARM Commands BlackDiamond Switch Only ...

Page 2157: ...able on a physical wireless port are also configurable on all virtual ports The only exception is the ipaddress parameter On a physical wireless port the IP address is manually configured On a virtual port the IP address is not configurable because a remote A300 assigned to a virtual port is required to obtain an IP address from the DHCP Server Virtual port numbers can range from 1 to 48 however a...

Page 2158: ...ory Description Delete the redirect database history log on this switch Syntax Description N A Default N A Usage Guidelines N A Example clear APmgmt redirect db history History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on the Summit 300 48 switch with Advanced Edge licensing ...

Page 2159: ...Pmgmt unknown ap history Description Delete the unknown AP history log on this switch Syntax Description N A Default N A Usage Guidelines N A Example clear APmgmt unknown ap history History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on the Summit 300 48 switch ...

Page 2160: ...fault ap mac Usage Guidelines N A Example The following command specifies that MAC address will be used to identify A300s to the Discovery switch configure wireless bind ap mac History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on the Summit 300 48 switch ap mac Specifies the MAC address as the binding method ap serial Specifies the serial n...

Page 2161: ... switch to the Attachment switch with IP address 10 211 32 202 This command will result in adding an entry for the A300 in the redirect db table with binding type specified as ap mac configure wireless device db 1 bind ap mac attach switch 10 211 32 202 The following example binds the A300 that corresponds to the device db table entry 2 to the virtual port virtual 1 on the same switch with the bin...

Page 2162: ...e wireless bind ap mac ap serial ap ipaddr Example The following command assigns the A300 with IP address 10 211 32 96 to virtual port 1 on the switch config wireless ports virtual 1 bind ap ipaddr 10 211 32 96 History This command was first available in an ExtremeWare7 4 Platform Availability This command is available on the Summit 300 48 switch vport Specifies a virtual port on the switch in the...

Page 2163: ... serial number SN 4567890 to the Attachment switch with IP address 10 21 32 200 configure wireless redirect db add ap serial SN 4567890 attach switch 10 211 32 200 History This command was first available in an ExtremeWare7 4 Platform Availability This command is available on the Summit 300 48 switch add Adds the specified A300 to the redirect database assigning it to the Attachment switch indicat...

Page 2164: ... information for the redirect database show APmgmt redirect db history redirect state machine log 11 11 2004 16 09 11 hello ip 10 211 37 87 1031 mac 00 04 96 05 81 20 hw id Altitude 300 2i hw ver 1 0 1 serial 03208 00019 status 0xf363e7 OK 0xf363e7 bootrom ver 2 2 0 11 11 2004 16 09 11 hello reply redirecting AP 10 211 37 87 to ip 10 211 37 74 redirect db index 0 History This command was first ava...

Page 2165: ...he following command lists history information regarding detected A300s that are not in the redirect database show APmgmt unknown ap history unknown ap state machine log 11 11 2004 16 22 52 hello ip 10 211 37 86 1026 mac 00 04 96 0D 9E F0 hw id Altitude 300 2i hw ver 1 1 1 serial 04078 00211 status 0xf363e7 OK 0xf363e7 bootrom ver 2 4 0 11 11 2004 16 22 52 hello reply use EDP AP 10 211 37 86 Histo...

Page 2166: ...n Default N A Usage Guidelines Example show wireless device db ID Device name MAC addr IP port Serial num Last seen Altitude 300 00 01 30 F9 AD 70 10 211 32 201 1028 213132 12 seconds show wireless device db detail History This command was first available in an ExtremeWare7 4 Platform Availability This command is available on the Summit 300 48 switch detail Displays additional information ...

Page 2167: ...scription N A Default N A Usage Guidelines Example show wireless redirect db Redirect database entry 1 idx Key Type Key value Att_SW ipaddr 1 AP MacAddr 00 04 96 1C 01 30 10 211 32 200 2 AP IPaddr 10 211 32 230 10 211 32 200 3 AP Serial SN 4567890 10 211 32 200 History This command was first available in an ExtremeWare7 4 Platform Availability This command is available on the Summit 300 48 switch ...

Page 2168: ...2168 ExtremeWare 7 7 Command Reference Guide Remote Connect Commands ...

Page 2169: ... sites in various cities then use ATM modules in a BlackDiamond 6800 series switch to connect those cities to a carrier s ATM infrastructure In the second application operators of server co location networks can use ATM modules in BlackDiamond 6800 series switches to create an ATM based connection between server co location sites The result is that their network is simpler to manage and problems c...

Page 2170: ...parameters are defined in RFC 2648 1483 The encap parameter indicates the type of encapsulation that is to be used on the PVC for traffic from the associated VLAN The l2 keyword is an abbreviation for Layer 2 and indicates the LLC Encapsulation for Bridged Protocols defined in RFC 2684 The ip keyword indicates that the VLAN will carry only routed IP traffic and that the LLC Encapsulation for Route...

Page 2171: ...e 2171 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available only on the BlackDiamond switch ...

Page 2172: ...information for the PVC identified via the vpi and vci parameters for all PVCs defined for the specified VLAN s or port s The all keyword may be used as either a portlist parameter to indicate that the command should be applied to all ATM ports or all PVCs A PVC is completely deleted when there are no longer any VLANs configured for the PVC on a given ATM port NOTE All associated PVCs must be dele...

Page 2173: ...ide 2173 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available only on the BlackDiamond switch ...

Page 2174: ...n or off Scrambling is enabled by default Example The following command example turns off the scrambling function for port 1 of the ATM module installed in slot 8 of a BlackDiamond switch configure atm scrambling off ports 8 1 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 ...

Page 2175: ...cs Table 38 describes the ATM receive statistics and Table 39 describes the ATM transmit statistics portlist Specifies list of ports or slots and ports May be in the form 1 2 3 5 2 5 2 6 2 8 Table 38 Summary of ATM Receive Statistics Receive Statistics Description Cells Received Number of cells received Cells OAM Number of Operations Administration and Maintenance OAM cells received Cells Dropped ...

Page 2176: ... fail bit error rate events SD BER event counter Signal fail bit error rate events Table 39 Summary of ATM Transmit Statistics Receive Statistics Description Cells Transmitted Number of cells transmitted Cells Dropped Congestion Number of cells dropped due to insufficient buffers PDUs Transmitted Number of PDUs transmitted Section parity errors Number of parity errors at the section level Line par...

Page 2177: ... ATM port status for all ports show atm History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available only on the BlackDiamond switch ...

Page 2178: ...parameter to narrow the range of status information the command displays otherwise the command displays the status information for all PVCs associated with all ATM ports By default the command displays a summary of status information for the specified PVC The summary of status information includes the following information for each PVC Port number VPI VCI VLAN IDs on this PVC Type of PVC L2 or IP ...

Page 2179: ...or a PVC configured on an ATM port in a BlackDiamond switch show atm pvc 5 101 port 1 1 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available only on the BlackDiamond switch ...

Page 2180: ...2180 ExtremeWare 7 7 Command Reference Guide ATM Commands BlackDiamond 6800 Series Platforms Only ...

Page 2181: ...xtreme Networks WAN modules allow you to pass Ethernet traffic over technologies originally developed for telecommunications T1 E1 and T3 links have all been used to pass voice traffic over telecommunications networks for many years Now you can pass data traffic with these modules developed specifically for the Extreme Networks Alpine 3800 family of switches To pass data traffic over these modules...

Page 2182: ...nk group will inherit the configuration of the first port Any other ports added to the link will be configured to match the multilink configuration Only T1 or E1 ports can be added to multilink groups Example The following command add ports the previously created multilink group example_1 configure multilink example_1 add ports 2 1 2 4 History This command was first available in ExtremeWare v6 1 5...

Page 2183: ...sly created multilink group Example The following command deletes a port from the multilink group example_1 configure example_1 delete ports 2 3 History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform when a WAN modul...

Page 2184: ... the clock source is configured as line but the clock cannot be recovered from the signal on the line the hardware will use the internal clock instead Example The following command sets the clock source to internal configure ports 4 2 t1 clock source internal History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release E1 support was added in ExtremeWare v6 1 8w3 0 1b5...

Page 2185: ...determine when each packet starts and ends The two choices for E1 framing are CRC4 and No CRC4 Example The following command sets framing to CRC4 for the E1 ports configure ports 3 1 3 4 e1 framing crc4 History This command was first available in ExtremeWare v6 1 8w3 0 1b56 WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command i...

Page 2186: ...al or to reduce crosstalk Receiver gain is only configurable for E1 links For T1 links see configure multilink add on page 2182 and for T3 links see configure ports t1 framing on page 2191 Example The following command configures the receiver gain configure ports 2 2 e1 receivergain 43 db History This command was first available in ExtremeWare v6 1 8w3 0 1b56 WAN technology release This command wa...

Page 2187: ...t need to configure which timeslots are used For installations that do not use the total E1 bandwidth your E1 provider will tell you which timeslots to use A timeslot list uses a dash to represent a range of numbers and a comma to separate single numbers or ranges Valid timeslots range from 1 to 31 Example The following command specifies timeslots 1 through 15 and 17 through 31 for the E1 port 1 o...

Page 2188: ...e to any SNMP trap receivers that have been configured To configure SNMP trap receivers and for more information about configuring SNMP in ExtremeWare see the ExtremeWare Software User Guide The module can also be configured not to send an SNMP alert to the SMMi Any red yellow or blue alarms will not be reported to the SNMP trap receivers Example The following command disables snmp alerts from a p...

Page 2189: ...6000 feet T1 equipment uses more sensitive receivers and crosstalk is more likely to occur Under these conditions the transmitter level is set by selecting a transmitter attenuation level in dB from the following values 22 5 15 7 5 or 0 From lowest to highest transmitter level use the following values for the configure port t1 cablelength command 22 5 db 15 db 7 5 db 0 db 133 feet 266 feet 399 fee...

Page 2190: ...aming FDL settings are ignored when a port is configured for SF framing The two T1 standards supported for FDL are ATT described by the ATT 54016 specification and ANSI described by the T1 403 standard Example The following command enables ATT FDL on four T1 links configure ports 4 1 4 4 t1 fdl att History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This comma...

Page 2191: ...nabled by default To choose the T1 framing scheme use the following command If you choose to use SF framing you should disable yellow alarm detection for the T1 line SF framing may generate false yellow alarms See the command configure ports snmp alert on page 2188 to disable yellow alarms Example The following command sets framing to SF for the T1 ports configure ports 3 1 3 4 t1 framing sf Histo...

Page 2192: ...ine loopback mode and send any received signal back to the remote end Inband loopback detection is only possible if facility data link FDL is enabled and configured as ATT See the command configure ports t1 fdl on page 2190 for more information Example The following command enables inband loopback detection configure ports 4 1 4 2 t1 lbdetect inband History This command was first available in Extr...

Page 2193: ...rds are bipolar eight zero suppression B8ZS or alternate mark inversion AMI Example The following command sets the linecoding to AMI configure ports 2 3 2 4 t1 linecoding ami History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 se...

Page 2194: ...nd generation of yellow alarms for a T1 port When SF framing is used yellow alarm detection and generation should be set to off because detection of yellow alarms is not reliable when data traffic is transmitted with SF framing data traffic often contains bit combinations that do not occur for encoded voice traffic Example The following command enables only the detection of yellow alarms configure...

Page 2195: ...e provider does not match one of these values For example choose 349 for a 50 foot cable and 900 for a 450 foot cable The default value is 349 which corresponds to cables in the range of 0 349 feet Example The following command sets the cablelength for the T3 port configure ports 2 1 t3 cablelength 900 feet History This command was first available in ExtremeWare v6 1 8w3 0 1b61 WAN technology rele...

Page 2196: ...lows the hardware to determine when each packet starts and ends The two choices for T3 framing are C Bit and M13 Example The following command sets framing to M13 for the T3 port configure ports 3 1 t3 framing m13 History This command was first available in ExtremeWare v6 1 8w3 0 1b61 WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability Thi...

Page 2197: ...t headers so cannot preserve VLAN tags However the WAN ports still must be added as tagged ports to the VLAN that contains them The module uses the tags internally and strips them off before the packets are transmitted The IP addresses used for the PPP MLPPP link are taken from the IP address assigned to the VLAN at each end of the link The VLAN that contains the IPCP encapsulated PPP MLPPP ports ...

Page 2198: ...o Legacy BCP specific configuration and the display for the command show ppp info is identical for BCP and Legacy BCP To determine if the link is using Legacy BCP use the following command show log warning and look for the message BCP Legacy BCP UP Only a single VLAN over BCP is supported Example The following command example configures IPCP on a PPP port and applies to a WAN module installed in s...

Page 2199: ...AP if CHAP fails to authenticate the peer Example The following command example turns on CHAP authentication for the multilink group m1_remote configure ppp authentication chap multilink m1_remote History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available...

Page 2200: ...ord is provided on the command line then you are prompted to enter the password twice with the second time serving as a confirmation You should not enter the encrypted parameter option it is used by the switch when generating an ASCII configuration Example The following command example sets the name to titus and sets the password to 1Afortune for the multilink group m_link1 configure ppp user titu...

Page 2201: ... bandwidth is ignored for this queue Throughput is policed based on the maximum bandwidth value Policing prevents packets from entering a queue that is receiving traffic from the backplane too fast The remaining bandwidth is shared by all other queues based on the minimum bandwidth setting of each queue In other words the high priority queue takes up all the bandwidth up to its max bps setting whi...

Page 2202: ...lowing command configures the QoS profile parameters of QoS profile qp5 for specific ports on a T1 or E1 module configure qosprofile qp5 min bps 64 k max bps 512 k priority high ports 2 1 2 3 History This command was available in ExtremeWare 7 1 0 Platform Availability This command is available for T1 and E1 modules ...

Page 2203: ...0 bytes The buffers are shared among the eight queues Use a small number for low latency Use a large number for best effort on bursty traffic Example The following command configures the QoS maximum buffer of QoS profile qp5 to 128 for ports 2 1 and 2 3 configure qosprofile qp5 wanqos maxbuf 128 ports 2 1 2 3 History This command was available in ExtremeWare 7 1 0 Platform Availability This comman...

Page 2204: ...psulation can transport more than one VLAN s traffic see configure ppp user on page 2200 for details Example The following command adds the multilink group marmots to the VLAN corporate configure corporate add ml_remote History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability Th...

Page 2205: ... VLAN s traffic across the link Example The following command deletes the multilink group ml_remote from the VLAN corporate configure corporate delete ml_remote History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform ...

Page 2206: ...e This can simplify configuration two to three classes of service instead of eight and improve egress burst tolerance because each queue can have a larger number of buffers Set the maximum buffer size to one for unused queues To set the maximum buffer size on queues use the following command configure qosprofile qosprofile wanqos maxbuf count ports portlist multilink multilink name Example The fol...

Page 2207: ...t is used by the switch when generating an ASCII configuration Example The following command example adds an entry to the authentication database A username stretch with password baserunner is added to the database create account pppuser stretch baserunner History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into Extre...

Page 2208: ...nce the group is created ExtremeWare recognizes the group name as a multilink group so the multilink keyword is not needed in other commands that manipulate multilink groups Example The following command creates the multilink group ml_remote create multilink ml_remote History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporate...

Page 2209: ...ffected by this command Example The following command example removes the entry for stretch from the authentication database delete account pppuser stretch History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform when ...

Page 2210: ... command to delete a multilink group Example The following command deletes the multilink group ml_remote delete multilink ml_remote History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform when a WAN module is installe...

Page 2211: ...group will stop transporting traffic across the link Example The following command disables the multilink group ml_remote disable multilink ml_remote History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform when a WAN ...

Page 2212: ... T3 port to normal mode from loopback mode enable ports portlist t1 t3 loopback remote loopdown If you add a 10 100 port as a loopback port and delete it autonegotiation is set to off Example The following command blah disable ports 2 1 2 4 t1 loopback History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release E1 support was added in ExtremeWare v6 1 8w3 0 1b56 WAN t...

Page 2213: ...e Guidelines This command disables WAN QoS for T1 and E1 links There is no equivalent command for T3 links Example The following command disables WAN QoS on ports 1 1 and 1 3 disable wanqos ports 1 1 1 3 History This command was first available in ExtremeWare 7 1 0 Platform Availability This command is available on the Alpine 3800 series platform when a WAN module is installed portlist A list of p...

Page 2214: ... command to enable a multilink group Example The following command enables the multilink group ml_remote enable multilink ml_remote History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform when a WAN module is installe...

Page 2215: ...ad For remote loopback modes use the command enable ports portlist t1 t3 loopback remote line payload loopdown Example The following command enables network line loopback mode on all the ports of an E1 module enable ports 4 1 4 4 e1 loopback network line History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release E1 support was added in ExtremeWare v6 1 8w3 0 1b56 WAN...

Page 2216: ...here is no equivalent command for E1 links The loopdown keyword is used to disable loopback at the remote end Example The following command causes the remote end of a T3 link to enter payload loopback mode enable ports 3 1 t3 loopback remote payload History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release T3 support was added in ExtremeWare v6 1 8w3 0 1b61 WAN tech...

Page 2217: ...dditional modes local and network line loopback Use the following command for these modes enable ports portlist t1 e1 t3 loopback local network line For remote loopback modes use the command enable ports portlist t1 t3 loopback remote line payload loopdown Example The following command enables network payload loopback mode on a T1 link enable ports 4 3 t1 loopback network payload History This comm...

Page 2218: ... disabled by default Usage Guidelines This command enables VMAN termination for T1 and E1 links There is no equivalent command for T3 links Example The following command enables VMAN termination on ports 1 1 and 1 3 enable vman termination ports 1 1 1 3 History This command was first available in ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform w...

Page 2219: ...E1 links There is no equivalent command for T3 links When WAN QoS is enabled egress traffic is sorted into eight software egress queues for each T1 or E1 port Example The following command enables WAN QoS on ports 1 1 and 1 3 enable wanqos ports 1 1 1 3 History This command was first available in ExtremeWare 7 1 0 Platform Availability This command is available on the Alpine 3800 series platform w...

Page 2220: ...if you have changed any configuration parameters of the MLPPP group The changed configuration does not take effect until you disable then enable the link or until you restart the link Example The following command restarts the multilink group ml_remote restart multilink ml_remote History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently...

Page 2221: ...amine the entries in the PPP user accounts database used for authentication when a link is initiated from a remote peer Example The following command displays the PPP accounts database show accounts pppuser History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is...

Page 2222: ...ultilink group and the PPP configuration of the group Example The following command displays the configuration for the multilink group m_remote1 show multilink m_remote1 History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series ...

Page 2223: ...se the command show ports portlist t3 alarms Example The following command displays the alarms for T1 ports in the multilink group ml_example show multilink ml_example t1 alarms History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release E1 support was added in ExtremeWare v6 1 8w3 0 1b56 WAN technology release This command was subsequently incorporated into ExtremeWa...

Page 2224: ...in the current interval For T1 multilink group errors use the following command show multilink groupname t1 errors near end far end totals intervals current Example The following command displays the E1 multilink group errors detected on the near end during the current interval for the multilink group m_example1 show multilink m_example1 e1 errors near end current History This command was first av...

Page 2225: ...Example The following command displays the detailed statistics for the multilink group m_remote1 show multilink m_remote1 stats detail History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform when a WAN module is insta...

Page 2226: ...cted in the current interval For errors on E1 multilink groups use the following command show multilink groupname e1 errors near end totals intervals current Example The following command displays the T1 errors detected on the near end during the current interval show ports t1 errors near end current History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release T3 suppo...

Page 2227: ... 5w2 01WAN technology release E1 support was added in ExtremeWare v6 1 8w3 0 1b56 WAN technology release T3 support was added in ExtremeWare v6 1 8w3 0 1b61 WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform when a WAN module is installed mgmt Specifies the management port Suppo...

Page 2228: ...his command was first available in ExtremeWare v6 1 5w2 01WAN technology release E1 support was added in ExtremeWare v6 1 8w3 0 1b56 WAN technology release T3 support was added in ExtremeWare v6 1 8w3 0 1b61 WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform when a WAN module is...

Page 2229: ... e1 errors near end totals intervals current Example The following command displays the T1 errors detected on the near end during the current interval show ports t1 errors near end current History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release T3 support was added in ExtremeWare v6 1 8w3 0 1b61 WAN technology release This command was subsequently incorporated int...

Page 2230: ...lowing command show ports portlist t1 t3 errors near end far end totals intervals current Example The following command displays the E1 errors detected on the near end during the current interval show ports e1 errors near end current History This command was first available in ExtremeWare v6 1 8w3 0 1b56 WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platf...

Page 2231: ...are v6 1 5w2 01WAN technology release E1 support was added in ExtremeWare v6 1 8w3 0 1b56 WAN technology release T3 support was added in ExtremeWare v6 1 8w3 0 1b61 WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform when a WAN module is installed mgmt Specifies the management po...

Page 2232: ...available in ExtremeWare v6 1 5w2 01WAN technology release E1 support was added in ExtremeWare v6 1 8w3 0 1b56 WAN technology release T3 support was added in ExtremeWare v6 1 8w3 0 1b61 WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform when a WAN module is installed mgmt Specif...

Page 2233: ...rts Example The following command displays status information for all PPP ports show ppp History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform when a WAN module is installed A similar command is available on the Bla...

Page 2234: ...meters to obtain PPP connection status for all WAN ports Example The following command displays PPP connection status for all WAN ports show ppp info History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platform when a WAN ...

Page 2235: ...ple The following command example resets the PPP parameters of all the ports in the multilink group m_remote1 to BCP and no authentication unconfigure ppp m_remote1 History This command was first available in ExtremeWare v6 1 5w2 01WAN technology release This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Alpine 3800 series platf...

Page 2236: ...2236 ExtremeWare 7 7 Command Reference Guide T1 E1 and T3 WAN Commands Alpine 3800 Series Platforms ...

Page 2237: ...tched network from one individual network port The 3 series modules are designed for metro service providers and enterprise environments In a service provider environment service providers can control the flow of data on a per customer basis In an enterprise environment businesses can use these modules to control user access or where desktop or server interfaces require high density Gigabit Ethern...

Page 2238: ...ble auto diagnostics collection for selected ports use the enable diagnostics cable command To disable auto diagnostics collection for selected ports use the disable diagnostics cable command To set the starting time for auto diagnostics collection for selected ports use the configure diagnostics cable command To manually run cable diagnostics use the run diagnostics cable command To view cable di...

Page 2239: ...gh 2 8 configure application examination TCP20 add ports 2 6 2 8 The following command also adds an application examination rule to ports 2 6 through 2 8 The keywords application examination are optional configure TCP20 add ports 2 6 2 8 History This command was first available in ExtremeWare 7 2 Platform Availability This command is available on 3 series I O modules only application name Specifie...

Page 2240: ... disabled prior to running diagnostics will be left disabled after the diagnostics run has completed As a result the status LED associated with the failed port will continue to blink To stop the blinking of the status LED you must explicitly enable the port You cannot issue this command while the cable diagnostics process is in progress To view cable diagnostics data use the show diagnostics cable...

Page 2241: ...configure diagnostics cable ExtremeWare 7 7 Command Reference Guide 2241 Platform Availability This command is available on 3 series I O modules only ...

Page 2242: ...frames Frames that are IPX LLC or SNAP encapsulated are passed through with no DiffServ code point alterations You must enable low priority and high priority DiffServ ingress replacement on the specified ports before you can overwrite low priority or high priority traffic To enable low priority and high priority DiffServ ingress replacement use the command enable diffserv ingress replacement low p...

Page 2243: ... the low priority to 5 and the high priority to 10 on all ports for all ingress QoS profiles configure diffserv ingress replacement low priority code point 5 high priority code point 10 ports all History This command was first available in ExtremeWare 7 1 Platform Availability This command is available on 3 series I O modules only ...

Page 2244: ...u have on the switch and is applied to the aggregate bandwidth after the i series per queue egress rate limiting Example The following command sets the maximum egress rate limit on slot 1 port 1 to 100 mbps configure ports 1 1 egress rate limit rate 100 m History This command was first available in ExtremeWare 7 1 Platform Availability This command is available on 3 series I O modules only portlis...

Page 2245: ...width percentage for this queue The default setting is 0 The range is 0 to 100 maxbw Specifies the maximum bandwidth percentage for this queue The default setting is 100 The range is 0 to 100 committed rate Specifies the minimum bandwidth for this queue in either kilobits per second kbps or megabits per second mbps k kbps the range is 0 1000000 m mbps the range is 0 1000 peak rate Specifies the ma...

Page 2246: ...ng command configures the ingress QoS profile parameters of ingress QoS profile IQP1 for slot 1 port 1 configure qosprofile ingress iqp1 committed rate 250 m peak rate 1000 m red threshold 100 maxbuf 100 ports 1 1 History This command was first available in ExtremeWare 7 1 Platform Availability This command is available on 3 series I O modules only ...

Page 2247: ... modules Ingress QoS allows received traffic with different VLAN priority values different DiffServ code points IP TOS or from different VLANS to be classified to up to eight different ingress queues This allows for specified traffic types to be queued separately so they remain unaffected by congestion in other ingress queues To configure which DiffServ code points map to which ingress QoS profile...

Page 2248: ...iority for dot1p above any other classification method will effectively disable that classification Untagged packets get their dot1p vlan priority bits set to the value configured by configure vlan vlan qosprofile QoS Profile Name and configure port port qosprofile QoS Profile Name Example The following command forces dot1p QoS to take a higher precedence over VLAN QoS with a default priority of 2...

Page 2249: ...t discarded during ingress port congestion All VLANs are set to the default ingress QoS profile none To display the ingress QoS profile mapping for a VLAN use the command show vlan The 3 series I O modules support eight ingress QoS profiles IQP1 IQP8 Example The following command configures the VLAN sales to use ingress QoS profile iqp2 configure vlan sales qosprofile ingress iqp2 History This com...

Page 2250: ... with a destination port number of 20 to the ingress qosprofile IQP3 with a precedence value of 100 create application examination TCP20 tcp port 20 match dest only iqp3 precedence 100 application name Specifies the name string to associate with this rule ip protocol Specifies that a match will be attempted on the IP protocol number in the received packets tcp port Specifies that a match will be a...

Page 2251: ...e application examination ExtremeWare 7 7 Command Reference Guide 2251 History This command was first available in ExtremeWare 7 2 Platform Availability This command is available on 3 series I O modules only ...

Page 2252: ...ation examination rule Syntax Description Default N A Usage Guidelines This command deletes a previously configured application examination rule Example The following command deletes the application examination rule delete application examination TCP20 History This command was first available in ExtremeWare 7 2 Platform Availability This command is available on 3 series I O modules only applicatio...

Page 2253: ... Usage Guidelines This command disables application examination rules on specified ports Example The following command disables application examination rules on ports 2 6 through 2 8 disable application examination ports 2 6 2 8 History This command was first available in ExtremeWare 7 2 Platform Availability This command is available on 3 series I O modules only portlist Specifies one or more slo...

Page 2254: ...selected ports use the enable diagnostics cable command To set the starting time for auto diagnostics collection for selected ports use the configure diagnostics cable command To manually run cable diagnostics use the run diagnostics cable command To abort cable diagnostics current in progress use the abort diagnostics cable command You cannot issue this command while the cable diagnostics process...

Page 2255: ... The following command disables low priority DiffServ replacement for all 3 series ports in all ingress QoS profiles disable diffserv ingress replacement low priority ports all History This command was first available in ExtremeWare 7 1 Platform Availability This command is available on 3 series I O modules only high priority Specifies DiffServ replacement for high priority traffic traffic receive...

Page 2256: ...up of 3 series ports all to specify all 3 series ports If you disable flow control on a 3 series port the port does not advertise flow control support during auto negotiation Flow control is auto negotiated and is disabled if both ports do not support it Example The following command disables flow control on slot 2 ports 1 through 4 disable flow control ports 2 1 2 4 History This command was first...

Page 2257: ... Usage Guidelines This command enables application examination rules on specified ports Example The following command enables application examination rules on ports 2 6 through 2 8 enable application examination ports 2 6 2 8 History This command was first available in ExtremeWare 7 2 Platform Availability This command is available on 3 series I O modules only portlist Specifies one or more slots ...

Page 2258: ...gnostics cable command To disable auto diagnostics collection for selected ports use the disable diagnostics cable command To manually run cable diagnostics use the run diagnostics cable command To abort cable diagnostics current in progress use the abort diagnostics cable command You cannot issue this command while the cable diagnostics process is in progress To view cable diagnostics data use th...

Page 2259: ... QoS profile on the specified ports Either high priority or low priority traffic for all ingress QoS profiles on the specified ports or a selected ingress QoS profile on the specified ports The 3 series I O modules support eight ingress QoS profiles IQP1 IQP8 Example The following command enables low priority DiffServ replacement for all 3 series ports in all ingress QoS profiles enable diffserv i...

Page 2260: ...60 ExtremeWare 7 7 Command Reference Guide High Density Gigabit Ethernet Commands Alpine 3800 and BlackDiamond 6800 Series Only Platform Availability This command is available on 3 series I O modules only ...

Page 2261: ... a specific queue The PAUSE frame is sent before the queue overflows so throughput is slightly reduced when flow control is enabled Flow control is auto negotiated and is disabled if both ports do not support it If you enable flow control use the following keywords portlist to specify an individual port or a group of ports all to specify all 3 series ports Example The following command enables flo...

Page 2262: ...ngth Pair status Pair skew Pair swap Fault len Polarity Speed To view cable diagnostics data use the show diagnostics cable command To enable auto diagnostics collection for selected ports use the enable diagnostics cable command To set the starting time for auto diagnostics collection for selected ports use the configure diagnostics cable command To disable auto diagnostics collection for selecte...

Page 2263: ...Guide 2263 run diagnostics cable port 2 4 2 7 History This command was first available in ExtremeWare 7 3 Platform Availability This command is available only on the G24T3 modules in the BlackDiamond 6800 series switches and on the Summit 400 series switches ...

Page 2264: ...tion examination rule is not specified all created rules will be displayed Example The following command displays all configured application examination rules show application examination TCP20 Following is sample output from this command IP TCP UDP Name Typ Prt Port Match Q Prec Ports TCP20 tcp 6 20 dst IQP3 100 4 1 4 2 4 3 4 4 4 5 4 6 4 7 4 8 4 9 4 10 4 11 4 12 4 13 4 14 4 15 4 16 4 17 4 18 4 19...

Page 2265: ...peed Mbps You can configure the CDM to obtain diagnostics information automatically through the configure diagnostics cable command or you can manually obtain cable diagnostics at any time by issuing the run diagnostics cable command You can use the show diagnostics cable command to view cable diagnostics data captured from either the latest CDM manual run or automatic run or you can view data cap...

Page 2266: ... 29 02 48 29 2004 Port Speed Avg Len Pair Fault Loc Skew Polarity Cable Pair Swap Diagnostic Mode Mbps meters meters ns Status Chan AB Chan CD 6 1 1000 10 1 2 No Fault 8 ns Unknown Ok No Swap Unknown Manual 3 6 No Fault 0 ns Unknown Ok 4 5 No Fault 8 ns Unknown Ok 7 8 No Fault 8 ns Unknown Ok 6 2 1000 5 1 2 6 Unknown Positive Open Swap Unknown Manual 3 6 6 Unknown Negative Open 4 5 6 Unknown Posit...

Page 2267: ...show diagnostics cable ExtremeWare 7 7 Command Reference Guide 2267 Platform Availability This command is available on 3 series I O modules only ...

Page 2268: ...mbps or the percentage rate This command applies only to 3 series I O modules the rate you configure is applicable to the aggregate of all outgoing traffic on a port This display is independent of any i series egress rate limiting configurations that you have on the switch Example The following command displays the maximum egress rate limit show ports egress rate limit Following is sample output f...

Page 2269: ... ports egress rate limit ExtremeWare 7 7 Command Reference Guide 2269 History This command was first available in ExtremeWare 7 1 Platform Availability This command is available on 3 series I O modules only ...

Page 2270: ...ed at this port Not Present NP The link is not present at this port High Priority Bytes Sum per port of the bytes forwarded for received high priority packets traffic received below the committed rate configured for the ingress QoS profile Low Priority Bytes Sum per port of the bytes forwarded for received low priority packets traffic received above the committed rate configured for the ingress Qo...

Page 2271: ...e Dropped Percentage Percentage of receive bytes dropped by this queue relative to the total number of bytes input to this queue Example The following command displays real time ingress statistics for slot 1 port 1 show ports 1 1 ingress stats Following is sample output from this command Port Statistics Thu Jul 10 08 24 50 2003 Port Link High Pri Low Pri Rx Total Rx Drop Tx Status Bytes Bytes Byte...

Page 2272: ...rence Guide High Density Gigabit Ethernet Commands Alpine 3800 and BlackDiamond 6800 Series Only History This command was first available in ExtremeWare 7 0 1 Platform Availability This command is available on 3 series I O modules only ...

Page 2273: ...s QoS profile information for all ingress QoS profiles on slot 1 show qosprofile ingress 1 Following is sample output from this command MinBw MaxBw Port Queue Committed Rate Peak Rate RED MaxBuf 1 1 IQP1 1000 k 1000 m 100 100 IQP2 0 100 100 100 IQP3 0 100 100 100 IQP4 0 100 100 100 IQP5 0 100 100 100 IQP6 0 100 100 100 IQP7 0 100 100 100 IQP8 0 100 100 100 1 2 IQP1 0 100 100 100 IQP2 0 100 100 100...

Page 2274: ...74 ExtremeWare 7 7 Command Reference Guide High Density Gigabit Ethernet Commands Alpine 3800 and BlackDiamond 6800 Series Only Platform Availability This command is available on 3 series I O modules only ...

Page 2275: ... None Example The following command displays the ingress QoS traffic grouping priority settings for this switch show qostype ingress priority Following is sample output from this command Ingress QoS Type Priority Application 5 Diffserv 3 Vlan 2 Dot1p 1 History This command was first available in ExtremeWare 7 0 1 This command was modified in ExtremeWare 7 2 to include the application criteria Plat...

Page 2276: ...defaults Syntax Description Default N A Usage Guidelines Use this command to reset the low priority and high priority code point values to 0 and to disable DiffServ ingress replacement Example The following command resets the DiffServ code points to their defaults unconfigure diffserv ingress replacement ports all History This command was first available in ExtremeWare 7 1 Platform Availability Th...

Page 2277: ...r values Default N A Usage Guidelines Resets the ingress traffic groupings to the following application 5 diffserv 3 dot1p 1 vlan 2 Example The following command resets the Ingress QoS traffic grouping priorities unconfigure qostype ingress priority History This command was first available in ExtremeWare 7 0 1 This command was modified in ExtremeWare 7 2 to include the application criteria Platfor...

Page 2278: ...2278 ExtremeWare 7 7 Command Reference Guide High Density Gigabit Ethernet Commands Alpine 3800 and BlackDiamond 6800 Series Only ...

Page 2279: ... infrastructure and interconnecting server co location network sites directly using SONET links In the first application the metropolitan area network service provider can build service network sites in various cities then use PoS modules in a BlackDiamond switch to connect those cities to a carrier s SONET infrastructure In the second application operators of server co location networks can use P...

Page 2280: ...rking line service is restored only if no errors are detected on the working line during the WTR period The minutes parameter is an integer in the range 0 12 Conversely in nonrevertive mode traffic will remain on the protection line until either manual intervention or a failure on the protection line forces a switch back to the working line This parameter is only applicable to SONET ports performi...

Page 2281: ... of network outages on APS functionality It is important that the network connecting working and protection switches always has sufficient bandwidth to support APS control transfers In routing configurations the working line and the protection line should represent the same IP address from a neighboring PPP router s perspective When the working line and protection line reside in the same BlackDiam...

Page 2282: ...nce Guide PoS Commands BlackDiamond Switch Only History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2283: ... an APS group reside in different BlackDiamond switches then the same string must be configured at both BlackDiamond switches for authentication to work properly The authentication string is used to validate APS control frames received over an Ethernet link If authentication fails the associated APS control frame is discarded Example The following command example enables APS authentication for gro...

Page 2284: ...deleted from the APS group If you delete the working line from a group it causes a switch to the protection line however if you delete an active protection line from a group it does not initiate a switch to the working line Example The following command example deletes port 1 of the module installed in slot 8 of the BlackDiamond switch from APS group 1001 config aps 1001 delete 8 1 History This co...

Page 2285: ...forced switch request 1 a force off command 2 a lockout on command that was either in effect before the force command or issued after the force command or 3 a signal fail condition on the protection line This command is only applicable to SONET ports performing the protection line function Additionally the effects of this command are not preserved across a switch reboot Example The following comma...

Page 2286: ... is lockout off This command is only applicable to SONET ports performing the protection line function Additionally the effects of this command are not preserved across a switch reboot Example The following command example turns on lockout mode for APS group 1001 config aps 1001 lockout on History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 ...

Page 2287: ...store period to elapse A manual switch is a lower priority request than a forced switch events that can override a manual switch include 1 a manual off command 2 a force working or a force protection command 3 a lockout on command or 4 a signal fail or signal degrade line condition This command is only applicable to SONET ports performing the protection line function Additionally the effects of th...

Page 2288: ...cutive_misses parameter is an integer in the range 1 100 that controls the time interval the protection switch will wait before assuming that the working switch has failed If the working switch does not respond within consecutive_misses hello intervals or consecutive_misses seconds seconds then the protection switch assumes that the working switch has failed and initiates a line switch Example The...

Page 2289: ...CP of a packet received from the SONET link is replaced with an output DSCP before the packet is forwarded The replacement is straightforward the input DSCP is used as an index into a 64 entry table that contains the output DSCPs associated with each of the input DSCP values The operation is similar in the egress direction with the DSCP mapping occurring before the packet is transmitted onto the S...

Page 2290: ...ssumed to apply to the egress direction and a symmetrical mapping with the input_codepoint and output_codepoint reversed is automatically configured in the ingress direction Example The following command example configures the congested state mappings for DSCPs 10 AF11 configure diffserv dscp mapping 10 12 egress congestion History This command was first available in an ExtremeWare IP Technology S...

Page 2291: ...tes that the mapping is to be applied to input frames received from the PoS link The mappings are applied following classification to a QoS profile Frames containing the specified input_vlanid are altered such that the VLAN ID is set to the specified output_vlanid before the frame is forwarded The tables also allow the option of preserving the 802 1p priority or overwriting the priority field with...

Page 2292: ...t VLAN ID 30 and output VLAN ID 130 for port 1 of the module installed in slot 8 for the input frames from the PPP link configure dot1q tagmapping 30 130 port 8 1 ingress History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2293: ...the specified vlanid or one of the VLAN IDs in the specified vlanid_range The syntax of the vlanid_range parameter is start_vlanid end_vlanid Omission of the vlanid vlanid_range parameter indicates that the command settings should be applied to all VLAN IDs For push operations the new tag added to frames contains the specified new_vlanid The pop keyword indicates that the top level tag is to be re...

Page 2294: ...t contain a VLAN tag The tag nesting operations are applied after classification to a QoS profile The default PPP MRU is sufficient for a single level of tag nesting where the frame contains two VLAN tags between two Extreme switches jumbo frame support must be enabled if higher levels of VLAN tag nesting are needed The DiffServ RED functions are not performed by PoS ports when frames contain nest...

Page 2295: ...ted NetFlow datagrams are distributed across the available destinations This NetFlow distribution feature enables a scalable collection architecture that is able to accommodate high volumes of exported data The distribution algorithm ensures that all the records for a given flow are exported to the same collector The algorithm also ensures that flow records for both the ingress and egress directio...

Page 2296: ...2296 ExtremeWare 7 7 Command Reference Guide PoS Commands BlackDiamond Switch Only Platform Availability This command is available on the BlackDiamond switch only ...

Page 2297: ...tagrams are distributed across the available destinations This NetFlow distribution feature enables a scalable collection architecture that is able to accommodate high volumes of exported data The distribution algorithm ensures that all the records for a given flow are exported to the same collector The algorithm also ensures that flow records for both the ingress and egress directions of a TCP or...

Page 2298: ...2298 ExtremeWare 7 7 Command Reference Guide PoS Commands BlackDiamond Switch Only Platform Availability This command is available on the BlackDiamond switch only ...

Page 2299: ...Use this keyword to specify that the filter being defined in the command is one of the eight filters to be applied to ingress flows egress Use this keyword to specify that the filter being defined in the command is one of the eight filters to be applied to egress flows filterspec Each filter is defined using a value filtermask pair for each of the five components in the following sequence destinat...

Page 2300: ...tuple components can be configured with a single command The filterspec parameter also supports the match all flows and match no flows keywords The match all flows keyword adjusts the settings such that the filter matches any flow that is the value filtermask pairs are set to 0 0 for all the 5 tuple components while the match no flows keyword adjusts the settings such that the filter does not matc...

Page 2301: ...ow datagrams to identify the switch that sent the information It is recommended that the configured ip address be associated with a VLAN that has loopback mode enabled Example The following command example specifies that the IP address 192 168 100 1 is to be used as the source IP address for exported NetFlow datagrams configure flowstats source ipaddress 192 168 100 1 History This command was firs...

Page 2302: ... not be configured on the port BCP and IPCP should be off Furthermore the port should be the only port in a VLAN and a MPLS TLS tunnel should be configured for this VLAN The payload inside HDLC could be PPP or some other HDLC encapsulated protocol SONET APS automatic protection switching is supported between tunneled PoS ports on the same module or different modules in the same switch APS for tunn...

Page 2303: ... address configuration option for example Juniper routers If the peer router does advertise an IP address via IPCP the configured peer ipaddress is ignored BCP enables Ethernet MAC frames to be transported across a PPP link Thus any protocol can be transported across a BCP connection Essentially BCP enables the PPP link to appear as an Ethernet LAN segment to the rest of the switch Therefore the p...

Page 2304: ...The following command example configures BCP on the PPP port and applies to a PoS module installed in slot 1 of a BlackDiamond switch configure ppp bcp off port 1 4 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This command is available on the BlackDiamond switch only A similar command is available on the Alpine s...

Page 2305: ...pap indicates that either CHAP or PAP may be used to authenticate the peer Example The following command example turns on CHAP authentication for port 1 of the PoS module installed in slot 8 of the BlackDiamond switch config ppp authentication chap ports 8 1 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This comma...

Page 2306: ...ay be able to recover from the link failure fast enough that there is no need to perturb the logical connection with the peer PPP entity which minimizes network down time A non zero value is desirable when APS is configured at either end of the link The delayed down time parameter is configured in seconds with a valid range of 0 20 Example The following command example sets the delayed down time i...

Page 2307: ... 100 that controls the amount of time that PPP waits for a reply If an echo reply is not received within an interval of duration consecutive_misses seconds seconds the link is brought down The link maintenance protocol may be disabled using the off keyword Example The following example enables link maintenance on port 1 of a PoS module in slot 8 and sets seconds to 3 and consecutive misses to 10 c...

Page 2308: ... are a 32 bit FCS or a 16 bit FCS RFC 2615 recommends that a 32 bit FCS be used Example The following command example sets the FCS to 16 for port 1 of the PoS module installed in slot 8 of the BlackDiamond switch config ppp pos checksum 16 ports 8 1 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This command is ava...

Page 2309: ...leted PoS standard specified in RFC 1619 Scrambling was introduced in RFC 2615 to alleviate potential security problems where malicious users might generate packets with bit patterns that create SONET synchronization problems Example The following command example turns off the scrambling function for port 1 of the PoS module installed in slot 8 of the BlackDiamond switch config ppp pos scrambling ...

Page 2310: ...rameter is an integer in the range 1 300 that determines how often quality reports are to be received from the peer LQM entity that is the reporting interval Specifying the seconds parameter is optional It can take up to seven reporting intervals for LCP to bring a link down If the link quality subsequently improves LCP will automatically bring the link back up this type of service restoration wil...

Page 2311: ...m length of 32 characters If no password is provided on the command line then you are prompted to enter the password twice with the second time serving as a confirmation You should not enter the encrypted parameter option it is used by the switch when generating an ASCII configuration Example The following command example sets the name to titus and sets the password to 1Afortune for port 1 of the ...

Page 2312: ...e minimum percentage of the bandwidth that must be available for transmissions from the profile The sum of the minbw parameters across all eight profiles cannot exceed 90 The maxbw parameter is also an integer in the range 1 100 that specifies the maximum percentage of the bandwidth that can be used for transmissions from the profile The priority level may be set to low lowHi normal normalHi mediu...

Page 2313: ... the QoS profile in the egress direction with a minimum bandwidth of 10 percent and a maximum of 20 percent config qosprofile qp8 minbw 10 maxbw 20 2 1 2 2 egress History This command was modified in an ExtremeWare IP Technology Services Release based on v6 1 5b20 to support the PoS module Platform Availability This command is available on the BlackDiamond switch only ...

Page 2314: ... if WRED is active WRED is only applied to IP packets and the configure diffserv examination code point command supports complete flexibility in assigning DSCPs to the two different drop probability levels The configured mapping of DSCPs to drop probability levels is used by WRED even if diffserv examination is disabled on the port The drop probability keyword indicates that the specified percenta...

Page 2315: ...ommand Reference Guide 2315 History This command was modified in an ExtremeWare IP Technology Services Release based on v6 1 5b20 to support PoS modules Platform Availability This command is available on the BlackDiamond switch only ...

Page 2316: ...n integer in the range 1 100 For PoS ports the minimum threshold is a percentage of 1000 packet buffers and the maximum threshold is set to minimum 3 minimum threshold buffers maximum available buffers The settings for both the minimum and maximum thresholds in terms of number of buffers are displayed by the show ports info command Example The following command configures minimum queue length thre...

Page 2317: ...ved bitstream when line clocking is configured Example The following command example selects line clocking for port 1 of the PoS module installed in slot 8 of the BlackDiamond switch config sonet clocking line ports 8 1 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This command is available on the BlackDiamond swi...

Page 2318: ...e SONET standard or the SDH standard SONET is primarily an American standard SDH is the international version Example The following command example selects SDH framing for port 1 of the PoS module installed in slot 8 of the BlackDiamond switch config sonet framing sdh ports 8 1 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Ava...

Page 2319: ... signal is looped back onto the receive interface When line loopback is configured the received signal is looped back onto the transmit interface Example The following command configures loopback on SONET port 1 of the PoS module installed in slot 8 of the BlackDiamond switch config sonet loop internal ports 8 1 History This command was first available in ExtremeWare 7 0 0 Platform Availability Th...

Page 2320: ...fault may be overridden by specifying a particular hex octet that is to be used instead where hex octet is a hexadecimal integer in the range 0 xFF It may be necessary to specify a particular hex octet in order to interoperate with implementations that do not follow the standard conventions for the signal label field Example The following command example sets the Signal Label to the hexadecimal va...

Page 2321: ...D event will initiate a line switch The error_rate parameter is an integer in the range 5 9 where the SD BER is 10 error_rate The default value of the error_rate parameter is 6 which equates to a SD BER of 10 6 or 1 per million Example The following command example sets the Signal Degrade threshold value to 8 for port 1 of the PoS module installed in slot 8 of the BlackDiamond switch config sonet ...

Page 2322: ...he port a SF event will initiate a line switch The error_rate parameter is an integer in the range 3 5 where the SF BER is 10 error_rate The default value of the error_rate parameter is 5 which equates to a SF BER of 10 5 or 1 per hundred thousand Example The following command example sets the signal fail threshold value to 3 for port 1 of the PoS module installed in slot 8 of the BlackDiamond swi...

Page 2323: ... decimal notation If no IP address is assigned to the port s VLAN id_string defaults to a string of 64 NULL characters When SONET framing is configured a 64 character string is repetitively transmitted one character per frame If the configured string is less than 64 characters it is padded with NULL characters Operation is similar when SDH framing is configured except that the maximum string lengt...

Page 2324: ...meter is only applicable when SONET framing is configured In this case the configured id_byte value is transmitted in each SONET frame Analogously the id_string parameter is only applicable when SDH framing is configured SDH framing repetitively cycles through a 15 character string sending one character per frame If the configured string is less than 15 characters it is padded with NULL characters...

Page 2325: ...ng with a maximum length of 32 characters If no password is provided on the command line then you are prompted to enter the password twice with the second time serving as a confirmation You should not enter the encrypted parameter option it is used by the switch when generating an ASCII configuration Example The following command example sets the authentication database name to stretch and sets th...

Page 2326: ... The group numbers must also be used in a consistent manner across BlackDiamond switches For example if the working line is assigned to group 1 on BlackDiamond 1 and the associated protection line resides on BlackDiamond 2 then the protection line must also be assigned to group 1 on BlackDiamond 2 The group is used to identify the partner in other words working or protection line in Ethernet messa...

Page 2327: ...sting links already authenticated are not affected by this command Example The following command example removes the entry for stretch from the authentication database delete account pppuser stretch History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This command is available on the on the BlackDiamond switch A similar ...

Page 2328: ...up parameter which is an integer in the range 1 65535 The group identifies the APS group to delete Example The following command example deletes APS group 1001 delete aps 1001 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This command is available on the BlackDiamond switch only group Specifies the APS group to wh...

Page 2329: ...S is disabled by default Usage Guidelines If APS is disabled interfaces configured as protection lines will not carry any traffic Example To disable the APS function for the entire switch use the following command disable aps History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This command is available on the BlackDiamo...

Page 2330: ...rd is omitted then the command applies to all egress queue numbers for the PoS port s RED is not supported on the ingress queues Example The following command disables RED for all PHBs except the EF PHB disable red ports 2 1 2 2 queue 8 History This command was modified in an ExtremeWare IP Technology Services Release based on v6 1 5b20 to support PoS modules Platform Availability The general form...

Page 2331: ...t APS is disabled by default Usage Guidelines If APS is enabled interfaces configured as protection lines can carry traffic Example To enable the APS function for the entire switch use the following command enable aps History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This command is available on the BlackDiamond switc...

Page 2332: ...parameter is an integer in the range 0 7 If the queue keyword is omitted then the command applies to all egress queue numbers for the PoS port s RED is not supported on the ingress queues Example The following command enables RED for all PHBs except the EF PHB enable red ports 2 1 2 2 History This command was modified in an ExtremeWare IP Technology Services Release based on v6 1 5b20 to support P...

Page 2333: ...in the PPP user accounts database used for authentication when a link is initiated from a remote peer Example The following command displays the PPP accounts database show accounts pppuser History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command i...

Page 2334: ...ther a signal fail SF or signal degrade SD event due to an excessive bit error rate BER currently exists on the line associated with each configured port along with a timestamp indicating when the last such error occurred Note that the BER thresholds that cause SF and SD events may be specified as part of configuring a SONET port Counts of the number of SF and SD events initiated by each configure...

Page 2335: ...tection line failures occurs when a signal fail request code is received on the protection line Additional detailed status information reported for each protection line port includes Current contents of received K1 and K2 bytes Contents of K1 and K2 bytes that are currently being transmitted An indication of whether an APS mode mismatch failure is currently active An indication of whether a protec...

Page 2336: ...llowing information Values of all flow statistics configuration parameters Count of flow records that have been exported Counts of the number of packets bytes for which flow statistics were not maintained due to insufficient resources Summary status for an export group port includes the following information Values of all configuration parameters State of each export destination device Detailed st...

Page 2337: ...owing command displays status information for the flow statistics function show flowstats History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2338: ...ort s by specifying the detail parameter Summary status includes the following information for each PPP port Values of all PPP configuration parameters Physical link status operational down LCP state IPCP BCP state EDPCP state MPLSCP state OSINLCP state link packet and octet counters Detailed status includes the information reported in the summary status along with the following additional status ...

Page 2339: ...ved LQR Link Quality Report time since last received LQR LQR packet counters number of link down events due to LQM MPLSCP OSINLCP Example The following command displays status information for the PPP ports show ppp History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This command is available on the BlackDiamond switch o...

Page 2340: ... ports More detailed status information can be obtained for the port s by specifying the detail parameter Summary status includes the following information for each port Values of all port configuration parameters State of the port Identification of all currently active events Example The following command displays the SONET port status show sonet History This command was first available in an Ext...

Page 2341: ...and applies to The command does not affect the ports that have been added to the APS group The command does cancel any outstanding lockout force or manual switch requests Example The following command example resets the configuration parameters of APS group 1001 to their default values unconfig aps 1001 History This command was first available in an ExtremeWare IP Technology Services Release based...

Page 2342: ...nt is straightforward the input DSCP is used as an index into a 64 entry table that contains the output DSCPs associated with each of the input DSCP values The operation is similar in the egress direction with the DSCP mapping occurring before the packet is transmitted onto the SONET link s The mapping operation is performed after the packet has been assigned to a QoS profile One potential use of ...

Page 2343: ...unconfigure diffserv dscp mapping ports ExtremeWare 7 7 Command Reference Guide 2343 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2344: ... of OC 3c modules are not members of any VLANs by default all other ports are members of the default VLAN by default Example The following command resets the PPP configuration parameters for port 1 slot 8 of a BlackDiamond switch to the default values unconfigure ppp ports 8 1 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Avai...

Page 2345: ... 1 slot 8 of a BlackDiamond switch to the default values unconfigure sonet ports 8 1 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 5b20 Platform Availability This command is available on the BlackDiamond switch only portlist Specifies the port number s clock setting internal Framing sonet signal label auto where the value of the signal Labe...

Page 2346: ...2346 ExtremeWare 7 7 Command Reference Guide PoS Commands BlackDiamond Switch Only ...

Page 2347: ... the Summit 300 series switches the Summit 400 24p switch and the Alpine FM 32Pi PoE Module Summary of PoE Software Features The Alpine FM 32Pi PoE Module Summit 300 series switches and Summit 400 24p switch support the following PoE software features Configuration and control of the power distribution for PoE at the system slot level Alpine FM 32Pi module only Configuration and control of the pow...

Page 2348: ...the power limit Enforcing class limits by denying power to a device that exceeds the class limit Reporting and tracking port power faults Managing power budgets and allocation In addition the Summit 300 24 and Summit 400 24p switches also support legacy devices that are not 802 3AF compliant For more conceptual information about configuring and managing PoE see the ExtremeWare Software User Guide ...

Page 2349: ...he Summit 300 48 switches Syntax Description Default N A Usage Guidelines None Example The following command clears the port connection history for slot 2 clear inline power connection history slot 2 History This command was first available in ExtremeWare 7 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available only on the Al...

Page 2350: ...s the fault condition for port 3 clear inline power fault ports 3 History This command was first available in ExtremeWare 7 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on the Alpine FM 32Pi PoE Module the Summit 300 series switches and the Summit 400 24p switch portlist Specifies one or more ports or slots and port...

Page 2351: ...rts 1 8 on slot 1 clear inline power stats ports 1 1 1 8 On a Summit 300 switch the equivalent command is clear inline power stats 1 8 The following command displays cleared inline power configuration information for ports 1 8 in slot 1 show inline power stats ports 1 1 1 8 Following is sample output from this command Port State Class Absent InvSig Denied OverCurrent Short 1 1 searching 0 0 0 0 0 ...

Page 2352: ...es and Alpine PoE Module History This command was first available in ExtremeWare 7 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available on the Alpine FM 32Pi PoE Module the Summit 300 series switches and the Summit 400 24p switch ...

Page 2353: ...other power supply is brought up if the external 48V loses power In that case the ports will not be able to provide power Example The following command sets the internal power supply as the backup power supply to the external 48V power supply for slot 1 config inline power backup source internal slot 1 History This command was first available in ExtremeWare 7 2 Platform Availability This command i...

Page 2354: ...s Before issuing this command disable the slot using the disable inline power slots slot_id command The device is allowed to draw about 10 more power than the configured amount before power is shut off to the device Example The following example configures slot 1 at 10 watts disable inline power slot 1 configure inline power budget 10 slot 1 History This command was first available in ExtremeWare ...

Page 2355: ...es that power will be supplied to detected PDs for ports 4 6 on slot 3 configure inline power detection auto ports 3 4 3 6 History This command was first available in ExtremeWare 7 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available only on Alpine FM32 Pi PoE Modules and the Summit 300 48 switch auto Forces automatic power...

Page 2356: ...r supply The disconnect function occurs when the power drain exceeds the available power budget because of a rise in power consumption after power is allocated to the ports Example The following example configures the disconnect precedence to disconnect the lowest priority port when the next port attempts to connect configure inline power disconnect precedence lowest priority History This command ...

Page 2357: ...he display string is shown under the Label column show inline power configuration port 1 1 1 7 Following is sample output from this command Port Config Detect Rsvd Pwr Oper Lmt Viol Prec Label 1 1 enabled auto 0 0 15 4 max class operator 1 2 enabled auto 10 0 15 4 advertised limit test_port2 1 3 enabled auto 0 0 15 4 max class operator 1 4 enabled auto 0 0 15 4 max class operator 1 5 enabled auto ...

Page 2358: ...ing command assigns the name alpha test_1 to port 1 on slot 1 configure inline power label alpha test_1 ports 1 1 History This command was first available in ExtremeWare 7 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available only on Alpine FM32 Pi PoE Modules and the Summit 300 48 switch ...

Page 2359: ...n a per port basis If this is done the operator limit rather than the discovered class limit will be used for power budgeting It is also necessary for the violation precedence to be set to operator limit Regardless of how the port power limit is derived through automatic classification or operator limit the port power limit is used to determine whether the overall system limit has been exceeded On...

Page 2360: ...ower violation precedence advertised class operator limit max class operator none ports portlist Example The following command sets the limit to 10000 mW on ports 3 6 of slot 5 config inline power operator limit 10000 ports 5 3 5 6 History This command was first available in ExtremeWare 7 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This com...

Page 2361: ...e two power supplies fail be removed or powered off Load sharing mode allows both power supplies to provide power to the PoE system providing greater PoE power capacity For load sharing operation the amount of power provided to the PoE system is the sum of the power supplied by the power supplies With load sharing all PoE devices may experience a power hit if a power supply fails Example The follo...

Page 2362: ...ets port 5 as a critical power port configure inline power priority critical ports 5 History This command was first available in ExtremeWare 7 3e Platform Availability This command is available only on the Summit 300 48 switch low Specifies that the port is to have low priority which is the default value Ports with this priority level are given power only after all critical and high priority ports...

Page 2363: ...3000 20000 mW The default reserved power range value is 0 mW Total power reserved may be up to but not greater than the total power for the module If all the power available to the module is reserved the common power pool is empty Example The following command sets the reserved power for all the ports on slot 4 to 15000 mW config inline power reserved budget 15000 ports 4 History This command was ...

Page 2364: ...splay the inline power type for a selected port Examples The following command specifies the type of powered device connected to port 3 on slot 4 as a wireless device on an Alpine switch configure inline power type wireless ports 4 3 The following command specifies the type of powered device connected to port 3 as a wireless device on a Summit 300 48 switch configure inline power type wireless por...

Page 2365: ...configure inline power type ExtremeWare 7 7 Command Reference Guide 2365 Platform Availability This command is available only on Alpine FM32 Pi PoE Modules and the Summit 300 48 switch ...

Page 2366: ...tween the system level utilization and the allocated power budget per slot If either measurement exceeds the threshold level an alarm will be initiated On the Summit 400 24p switch the usage threshold is not shared with the system usage rather it is power used by the PDs only Example The following command sets the inline power usage alarm threshold at 75 configure inline power usage threshold 75 H...

Page 2367: ...reater The operator limit is configured with the following command configure inline power operator limit milliwatts ports portlist Example The following command sets the violation precedence for port 3 on slot 5 to the configured operator limit configure inline power violation precedence operator limit ports 5 3 History This command was first available in ExtremeWare 7 2 This command was added to ...

Page 2368: ...7 Command Reference Guide Power Over Ethernet Commands Summit 300 and 400 24p Switches and Alpine PoE Module Platform Availability This command is available only on Alpine FM32 Pi PoE Modules and the Summit 300 48 switch ...

Page 2369: ...vided to the system by using the disable inline power command and the enable inline power command Using the disable inline power command shuts down power currently provided on all ports on all slots By default inline power provided to the system is enabled Example The following command shuts down power currently provided on all ports on all slots disable inline power History This command was first...

Page 2370: ...s connected to the switch are 802 3af standards compliant it is advisable to keep the default setting of disabled for legacy device support You can determine whether a device connected to the switch is standards compliant or not by using the show inline power info port portlist detail port portlist command The detailed status line shows if the device is 802 3af standards compliant Sample output fr...

Page 2371: ...e Guide 2371 Example The following command disables 802 3af compliant devices disable inline power legacy History This command was first available in ExtremeWare 7 3e Platform Availability This command is available on the Summit 300 24 and 400 24p switches only ...

Page 2372: ...list commands Using the disable inline power ports all portlist command shuts down power currently provided by all system ports or specified ports The system defaults to enabling power on all 10 100 ports To power any port the following conditions must exist The system must be enabled for power The slot must be enabled for power The ports must be enabled for power Disabling a port providing power ...

Page 2373: ...remeWare 7 7 Command Reference Guide 2373 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available only on Alpine FM32 Pi PoE Modules and the Summit 300 48 switch ...

Page 2374: ...t_id command and the enable inline power slots slot_id command Using the disable inline power slots slot_id command shuts down power currently provided to the selected slot The system defaults to enabling power on all slots To power any port the following conditions must exist The system must be enabled for power The slot must be enabled for power The ports must be enabled for power Disabling a sl...

Page 2375: ...disable inline power slots ExtremeWare 7 7 Command Reference Guide 2375 Platform Availability This command is available only on Alpine FM32 Pi PoE Modules and the Summit 300 48 switch ...

Page 2376: ...case there is some corruption in the current firmware A clean copy can be retrieved ExtremeWare will log a message in syslog prompting for a firmware upgrade This command is used to download the firmware This command is available only if the board is present in the slot This same command will be used for any other products that have firmware built into ExtremeWare Example The following command dow...

Page 2377: ...er command Using the enable inline power command makes power available on all ports on all slots Using the disable inline power command shuts down power currently provided on all ports on all slots By default inline power provided to the system is enabled To shut down power to a specific port use the disable inline power ports command Example The following command enables power currently provided ...

Page 2378: ...standards compliant it is advised to keep the default setting of disabled for legacy device support You can determine whether a device connected to the switch is standards compliant or not by using the show inline power info port portlist detail port portlist command The detailed status line shows if the device is 802 3af standards compliant Sample output from the show inline power info detail por...

Page 2379: ...e Guide 2379 Example The following command enables 802 3af compliant devices enable inline power legacy History This command was first available in ExtremeWare 7 3e Platform Availability This command is available only on the Summit 300 24 and 400 24p switch es ...

Page 2380: ...ports all portlist command Using the enable inline power ports all portlist command makes power available to all system ports or specified ports Using the disable inline power ports all portlist command shuts down power currently provided by all system ports or specified ports The system defaults to enabling power on all 10 100 ports To power any port the following conditions must exist The system...

Page 2381: ... Guide 2381 History This command was first available in ExtremeWare 7 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available only on Alpine FM32 Pi PoE Modules and the Summit 300 48 switch ...

Page 2382: ...ine power slots slot_id command Using the enable inline power slots slot_id command makes power available to the selected slot Using the disable inline power slots slot_id command shuts down power currently provided to the selected slot The system defaults to enabling power on all slots To power any port the following conditions must exist The system must be enabled for power The slot must be enab...

Page 2383: ...enable inline power slots ExtremeWare 7 7 Command Reference Guide 2383 Platform Availability This command is available only on Alpine FM32 Pi PoE Modules and the Summit 300 48 switch ...

Page 2384: ... immediately de powered and re powered maintaining current power allocations Example The following command resets power for port 4 reset inline power ports 4 History This command was first available in ExtremeWare 7 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available only on Alpine FM32 Pi PoE Modules and the Summit 300 48...

Page 2385: ...escription Default N A Usage Guidelines This command resets the specified slots Slots are immediately de powered and re powered maintaining current power allocations Example The following command resets power for slot 1 reset inline power slot 1 History This command was first available in ExtremeWare 7 3e Platform Availability This command is available on the Summit 300 48 only slot Specifies that...

Page 2386: ... the system shown in watts and as a percentage of available power The output indicates the following inline power status information for each slot Main PSU Status The operational status of the main power supply unit The status conditions are ON Power is being provided to the PoE controller OFF Power is not being provided to the PoE controller FAULT An error has occurred Backup PSU Status The condi...

Page 2387: ...e was corrupted Repeat the firmware download Example The following command displays inline power status for the system show inline power Following is sample output from this command Inline Power System Information System maximum inline power 32 watts Power Usage 70 22 watts Slot Main PSU Status Backup PSU Status Firmware Status 1 OFF Present ACTIVATED Operational History This command was first ava...

Page 2388: ...de to determine whether the port can be discovered Rsvd Pwr Displays the amount of configured reserved power in watts Oper Lmt Displays the configured operator limit in watts The operator limit is used only with violation precedence Viol Prec Displays the violation precedence settings ADVERTISED LIMIT Removes or denies power if an IEEE 802 3af compliant powered device PD consumes power beyond its ...

Page 2389: ...x class operator 1 2 enabled auto 10 0 15 4 advertised limit test_port2 1 3 enabled auto 0 0 15 4 max class operator 1 4 enabled auto 0 0 15 4 max class operator 1 5 enabled auto 0 0 15 4 max class operator 1 6 enabled auto 0 0 15 4 max class operator test_port6 1 7 enabled auto 0 0 15 4 max class operator History This command was first available in ExtremeWare 7 2 This command was added to the Su...

Page 2390: ...r status Enabled The slot is available to provide power Disabled The slot is not available to provide power Cfg PSU Backup Indicates the current setting of power source precedence Internal None PSU Active Indicates the power source currently supplying power Internal External Usage Threshold Displays the configured alarm threshold as a percentage Connection Order Displays the list of ports 1 32 by ...

Page 2391: ...rence Guide 2391 History This command was first available in ExtremeWare 7 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e Platform Availability This command is available only on Alpine FM32 Pi PoE Modules and the Summit 300 48 switch ...

Page 2392: ...2Pi PoE Module and the Summit 300 48 switch Syntax Description Default N A Usage Guidelines You can use this command to generate a summary report or a detailed report Summary output displays the following inline power information for the specified ports State Displays the port power state Disabled Searching Discovered Delivering Faulted Disconnected Other Denied Class Displays the class type disab...

Page 2393: ... Displays the measure current in milli Amps mA Res Displays the measured resistance in kilo Ohms Kohms A value greater than 100 Kohms indicates an empty port Power Displays the measured power in watts Fault Displays the fault value 0 No fault 1 Over voltage 2 Over voltage spike 3 Peak over current 4 Overload 8 Discovery resistance failed 9 Class violation 10 Disconnect 11 Discovery resistance A2D ...

Page 2394: ... 0 The following command displays detail inline power information for port 1 show inline info detail port 1 1 Following is sample output from this command Configured Admin State Enabled Inline Power State searching MIB Detect SStatus searching Lable Violation Precedence max class operator Operator Limit 15400 milliwatts Detection auto Reserved Power 0 milliwatts Inline Type other Connect Order non...

Page 2395: ...w inline power info show inline power info port ExtremeWare 7 7 Command Reference Guide 2395 Platform Availability This command is available only on Alpine FM32 Pi PoE Modules and the Summit 300 48 switch ...

Page 2396: ...ount of configured power minus the amount of configured reserved power Allocated Displays in watts the amount of common power allocated Reserved Power Configured Displays in watts the amount of power configured as reserved Allocated Displays in watts the amount of reserved power utilized Measured Usage Displays measured power in watts Example The following command displays inline power information...

Page 2397: ...show inline power slot ExtremeWare 7 7 Command Reference Guide 2397 Platform Availability This command is available only on Alpine FM32 Pi PoE Modules and the Summit 300 48 switch ...

Page 2398: ...ics for the specified ports State Displays the inline power state Disabled Searching Discovered Delivering Faulted Disconnected Other Denied Class Displays the class type disabled or searching class0 class 0 device class1 class 1 device class2 class 2 device class3 class 3 device class4 class 4 device Absent Displays the number of times the port was disconnected InvSig Displays the number of times...

Page 2399: ...s command Port State Class Absent InvSig Denied OverCurrent Short 1 1 searching 0 0 0 0 0 1 2 delivering class0 0 0 0 0 0 1 3 searching 0 0 0 0 0 1 4 searching 0 0 0 0 0 1 5 searching 1 0 0 0 0 1 6 delivering class3 0 0 0 0 0 1 7 searching 0 0 0 0 0 1 8 searching 0 0 0 0 0 History This command was first available in ExtremeWare 7 2 This command was added to the Summit e series of switches in Extre...

Page 2400: ...ted powered and waiting for power for the selected slots Example The following command displays inline power statistics information for slot 1 show inline power stats slot 1 Following is sample output from this command PoE firmware status Operational PoE firmware revision 1 6 Connection Order 3 15 Total ports powered 1 Total ports waiting for power 0 Total ports faulted 0 Total ports disabled 1 Hi...

Page 2401: ...his command resets the backup power source that was configured with the following command configure inline power backup source internal none slot slot_number Resetting the backup power source to its default for the specified slot does not take effect until the power is cycled on the slot Example The following command resets the backup power source to its default for slot 1 unconfig inline power ba...

Page 2402: ...elines This command resets the power detection scheme that was configured with the following command configure inline power detection auto discovery test only ports portlist Example The following command resets the power detection scheme to its default for port 1 on slot 1 unconfig inline power detection ports 1 1 History This command was first available in ExtremeWare 7 2 This command was added t...

Page 2403: ...ult Deny port Usage Guidelines The PoE controller disconnects one of the ports to prevent an overload on the power supply The disconnect function occurs when the power drain exceeds the available power budget because of a rise in power consumption after power is allocated to the ports Example The following example configures the disconnect precedence to disconnect the next port regardless of prior...

Page 2404: ...er operator limit milliwatts ports portlist The Summit 300 24 or 400 24p switch has an operator limit range of 300 to 15400 milliwatts The Summit 300 48 switch has an operator limit range of 300 to 20000 milliwatts Example The following command resets the operator limit to its default for port 2 on slot 1 unconfig inline power operator limit ports 1 2 History This command was first available in Ex...

Page 2405: ...t or load sharing modes Redundant mode is the default and provides hitless PoE should one of the two power supplies fail be removed or powered off Load sharing mode allows both power supplies to provide power to the PoE system providing greater PoE power capacity For load sharing operation the amount of power provided to the PoE system is the sum of the power supplied by the power supplies Example...

Page 2406: ...nly for the Summit 300 48 switch Syntax Description Default Low priority Usage Guidelines Power is allocated to ports by their designated priority Power allocation is first provided to the higher priority ports Example The following example resets port 1 5 to low priority unconfigure inline power priority ports 1 5 History This command was first available in ExtremeWare 7 3e Platform Availability ...

Page 2407: ...was configured with one of the following commands configure inline power reserved budget milliwatts ports portlist Example The following command resets the reserved power budget to its default for port 3 on slot 1 unconfig inline power reserved budget ports 1 3 History This command was first available in ExtremeWare 7 2 This command was added to the Summit e series of switches in ExtremeWare 7 3e ...

Page 2408: ...r variables Default The default value for the inline power usage threshold is 70 percent Usage Guidelines This command resets to default the inline power usage threshold that was configured with the following command configure inline power usage threshold Example The following command resets the inline power usage threshold to its default value unconfig inline power usage threshold History This co...

Page 2409: ...nes This command resets the violation precedence that was configured with the following command configure inline power violation precedence advertised class operator limit max class operator none ports portlist Example The following command resets the violation precedence to its default value for port 3 on slot 1 unconfig inline power violation precedence ports 1 3 History This command was first a...

Page 2410: ...2410 ExtremeWare 7 7 Command Reference Guide Power Over Ethernet Commands Summit 300 and 400 24p Switches and Alpine PoE Module ...

Page 2411: ...used to determine the port capabilities of devices such as repeaters bridges access points routers and wireless stations The ExtremeWare 7 5 support for LLDP enables devices to advertise their capabilities and media specific configuration information and to learn the same information from the devices connected to it The information is represented in Type Length Value TLV format for each data item ...

Page 2412: ... advertise Usage Guidelines N A Example The following command advertises address information for port 1 5 configure lldp ports 1 5 advertise management address History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches all Applies to all ports on the switch portlist Specifies a list of switch ports in the form i i n or i n i ...

Page 2413: ...Usage Guidelines N A Example The following command configures port 1 7 to not advertise the port description information to neighbors configure lldp ports 1 7 no advertise port description History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches all Applies to all ports on the switch portlist Specifies a list of switch port...

Page 2414: ...uidelines N A Example The following command configures all ports to advertise system capability information to neighbors configure lldp ports all advertise system capabilities History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches all Applies to all ports on the switch portlist Specifies a list of switch ports in the form...

Page 2415: ...lines N A Example The following command configures port 1 4 through port 1 8 to not advertise the system description information to neighbors configure lldp ports 1 4 1 8 no advertise system description History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches all Applies to all ports on the switch portlist Specifies a list ...

Page 2416: ...lines N A Example The following command configures port 1 6 to advertise the system name to neighbors configure lldp ports 1 4 1 8 no advertise system name History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches all Applies to all ports on the switch portlist Specifies a list of switch ports in the form i i n or i n i m ad...

Page 2417: ...ng command configures all ports to advertise port VLAN information to neighbors configure lldp ports all advertise vendor specific dot1 port protocol vlan id The following command configures port 1 5 to advertise information about VLAN vlannew to neighbors configure lldp ports 1 5 advertise vendor specific dot1 port protocol vlan id vlan vlannew History This command was first available in ExtremeW...

Page 2418: ...on there may not be support for this from the neighbor Syntax Description Default The default is not to advertise Usage Guidelines N A Example The following command configures all ports to advertise port vlan ID information to neighbors configure lldp ports all advertise vendor specific dot1 port vlan ID History This command was first available in ExtremeWare 7 4 Platform Availability This command...

Page 2419: ...fic option there may not be support for this from the neighbor Syntax Description Default The default is not to advertise Usage Guidelines N A Example The following command configures all ports to not advertise protocol identity information to neighbors configure lldp ports all no advertise vendor specific dot1 protocol identity History This command was first available in ExtremeWare 7 4 Platform ...

Page 2420: ...may not be support for this from the neighbor Syntax Description Default The default is not to advertise Usage Guidelines N A Example The following command configures all ports to not advertise VLAN name information to neighbors configure lldp ports all no advertise vendor specific dot1 vlan name History This command was first available in ExtremeWare 7 4 Platform Availability This command is avai...

Page 2421: ...neighbor Syntax Description Default The default is not to advertise Usage Guidelines N A Example The following command configures port 1 12 to not advertise link aggregation capabilities to neighbors configure lldp ports 1 12 no advertise vendor specific dot3 link aggregation History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme ...

Page 2422: ...om the neighbor Syntax Description Default The default is not to advertise Usage Guidelines N A Example The following command configures all ports to advertise MAC PHY capabilities to neighbors configure lldp ports all advertise vendor specific dot3 mac phy History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches all Applie...

Page 2423: ...r Syntax Description Default The default is not to advertise Usage Guidelines N A Example The following command configures ports 1 12 1 13 to advertise the maximum frame size to neighbors configure lldp ports 1 12 1 13 no advertise vendor specific dot3 max framesize History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches a...

Page 2424: ...ghbor Syntax Description Default The default is not to advertise Usage Guidelines N A Example The following command configures all ports to advertise MDI capabilities to neighbors configure lldp ports all advertise vendor specific dot3 power via mdi History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches all Applies to all...

Page 2425: ...t down Syntax Description Default The default is 2 seconds Usage Guidelines N A Example The following command configures a re initialization delay of 10 seconds after LLDP ports were disabled or the link is lost configure lldp reinitialize delay 10 History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches seconds Specifies t...

Page 2426: ...es occur after the sent notification no additional notifications are sent Syntax Description Default The default is 5 seconds Usage Guidelines N A Example The following command configures an interval of 60 seconds for SNMP notifications configure lldp snmp notification interval 60 History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Ext...

Page 2427: ...0 25 transmit interval to calculate the number of seconds Syntax Description Default The default is 2 seconds Usage Guidelines N A Example The following command configures the automatic delay between LLDP frame transmissions configure lldp transmit delay auto History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches auto Use...

Page 2428: ...l transmit hold by default this value is 30 4 120 seconds Syntax Description Default The default is 4 Usage Guidelines N A Example The following command configures a transmit hold value of 5 for the LLDP PDU packets configure lldp transmit hold 5 History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches value Specifies the T...

Page 2429: ...ta units PDUs Syntax Description Default The default is 30 seconds Usage Guidelines N A Example The following command configures a transmit interval of 20 seconds for LLDP PDUs configure lldp transmit interval 20 History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches seconds Specifies the time duration between LLDP transm...

Page 2430: ...eive mode on ports 1 2 1 6 disables lldp ports 1 2 1 6 receive only History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches all Applies to all ports on the switch portlist Specifies a list of switch ports in the form i i n or i n i m transmit only Specifies that only the transmit mode is disabled receive only Specifies tha...

Page 2431: ...Description Default By default sending of SNMP traps is disabled Usage Guidelines N A Example The following example disables sending of LLDP SNMP traps on all switch ports disable snmp traps lldp port all History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches all Applies to all ports on the switch portlist Specifies a lis...

Page 2432: ...age Guidelines N A Example The following example enables LLDP transmit and receive mode on port 1 4 enable lldp ports 1 4 all History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches all Applies to all ports on the switch portlist Specifies a list of switch ports in the form i i n or i n i m transmit only Specifies that onl...

Page 2433: ...cription Default By default notification sending is disabled Usage Guidelines N A Example The following command enables LLDP SNMP traps for all ports enable snmp traps lldp port all History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches all Applies to all ports on the switch portlist Specifies a list of switch ports in th...

Page 2434: ...nterval 5 seconds Re init Delay 2 seconds Port Tx Rx SNMP Optional enabled transmit TLVs State State Notification LLDP 802 1 802 3 5 18 ENABLED ENABLED DISABLED 5 19 ENABLED ENABLED DISABLED 5 20 ENABLED ENABLED DISABLED 5 21 ENABLED ENABLED DISABLED 5 22 ENABLED ENABLED DISABLED 5 23 ENABLED ENABLED DISABLED PNDCM NPp 5 24 ENABLED ENABLED DISABLED NDCM NPp 5 25 ENABLED ENABLED DISABLED 5 26 ENABL...

Page 2435: ...ion C System Capabilities M Mgmt Addr 802 1 Flags P Port VLAN ID p Port Porocotol VLAN ID N VLAN Name I Protocol Identity 802 3 Flags M MAC PHY Configuration Status P Power via MDI L Link Aggregation F Frame Size History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches ...

Page 2436: ... 5 24 Total neighbors 1 Neighbor Chassis ID subtype 4 00 04 96 1F A4 06 Port ID subtype 5 23 TTL 120 seconds Port Description System Name SummitX450 24t System Description ExtremeWare X0S version 11 2 0 9 v1120b9 by release manager on Thu Feb 24 13 04 06 PST 2005 System Capabilities Supported Router Bridge System Capabilities Enabled Bridge Management Address 10 210 51 3 Interface subtype ifIndex ...

Page 2437: ...apable not in aggregation Port ID 0 Maximum Frame Size Frame Size 1522 Extended TLV Info 802 1 OUI hex value 00 80 c2 Port VLAN ID ID 1 Port Protocol VLAN ID Capability Status capable disabled Reference number 0 VLAN Name ID Name 1 Default History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches ...

Page 2438: ...sources Number of table age outs The number of times the complete set of information advertised by a particular neighbor has been deleted from tables because the information timeliness interval has expired Tx Total The number of LLDP frames transmitted by this switch on the indicated port Rx Total The number of valid LLDP frames received by this switch on the indicated port while this LLDP agent i...

Page 2439: ...table change time Fri Dec 17 10 42 33 2004 Number of Table Inserts 3 Number of Table Deletes 0 Number of Table Drops 0 Number of Table Age Outs 0 Port Tx Rx Rx Rx TLVs TLVs Total Total Discarded Errors Disacrded Unrecogn 1 1 189 5654 0 0 0 0 2 2 188 565 0 0 0 0 History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches ...

Page 2440: ...p ports 5 23 LLDP Configuration Advertised Interval 30 seconds Hold Value 4 Transmit Delay 2 seconds Notification Interval 5 seconds Re init Delay 2 seconds Port Tx Rx SNMP Optional enabled transmit TLVs State State Notification LLDP 802 1 802 3 5 23 ENABLED ENABLED DISABLED PNDCM NPp U page up D page down ESC exit Flags P Port Description N System Name D System Description C System Capabilities M...

Page 2441: ...uide 2441 I Protocol Identity 802 3 Flags M MAC PHY Configuration Status P Power via MDI L Link Aggregation F Frame Size History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches ...

Page 2442: ...4 96 1F A4 06 Port ID subtype 5 23 TTL 120 seconds Port Description System Name SummitX450 24t System Description ExtremeWare X0S version 11 2 0 9 v1120b9 by release manager on Thu Feb 24 13 04 06 PST 2005 System Capabilities Supported Router Bridge System Capabilities Enabled Bridge Management Address 10 210 51 3 Interface subtype ifIndex Interface Number 1000006 Extended TLV Info 802 3 OUI hex v...

Page 2443: ...regation Status capable not in aggregation Port ID 0 Maximum Frame Size Frame Size 1522 Extended TLV Info 802 1 OUI hex value 00 80 c2 Port VLAN ID ID 1 Port Protocol VLAN ID Capability Status capable disabled Reference number 0 VLAN Name ID Name 1 Default History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches ...

Page 2444: ...m wide LLDP configuration values to factory defaults Syntax Description N A Default N A Usage Guidelines N A Example The following command restores system wide factory defaults unconfigure lldp History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches ...

Page 2445: ... Syntax Description Default N A Usage Guidelines N A Example The following command restores LLDP factory default values for ports 1 4 1 8 unconfigure lldp port 1 4 1 8 History This command was first available in ExtremeWare 7 4 Platform Availability This command is available on all Extreme switches all Applies to all ports on the switch portlist Specifies a list of switch ports in the form i i n o...

Page 2446: ...2446 ExtremeWare 7 7 Command Reference Guide LLDP Commands ...

Page 2447: ... over a service provider MPLS network Unlike VPLS which requires a full mesh of Virtual Circuits VCs H VPLS specifies a hierarchical architecture to extend spoke VCs to the service provider s network edge The H VPLS bridging model is based on standard 802 1D bridging concepts By implementing standard bridging technology a protocol agnostic L2 VPN architecture can be implemented independent of the ...

Page 2448: ...ls counters Description Resets all VPLS counters and statistics Syntax Description N A Default N A Usage Guidelines This command resets all VPLS counters and statistics Example N A History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2449: ...session to the targeted LDP peer VPLS peer prior to exchanging vpn parameters the VPLS peer must be capable of accepting LDP Hello messages By default the local_endpoint_ipaddress is the configured OSPF ISIS Router ID The from keyword must be specified when VPLS peers are configured in conjunction with ESRP The local_endpoint_ipaddress should be configured to match the local VPLS egress VLAN inter...

Page 2450: ...re 7 7 Command Reference Guide H VPLS Commands BlackDiamond Switch Only History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2451: ...eletes the VPLS with the specified vpls_name All VC LSPs established to VPLS peers are terminated The all keyword may be used to indicate that all VPLS instances are to be deleted Example config mpls delete vpls myvpls History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only vpls_name Identifies the VPLS within...

Page 2452: ... in different modes cannot send traffic between them without the use of the MPLS module That is traffic received on a port that is configured in vlan mode cannot switch traffic directly to a port on a module that is configured in port mode and vice versa Thus ports configured in different modes cannot be members of the same VLAN or VPLS VPLS ingress traffic can be received on a port that is in por...

Page 2453: ...east one LDP ACL peer has been configured The disabled keyword specifies that the ACL be disabled No authentication procedures are enforced LDP ACLs must be disabled before all LDP ACL peers can be deleted Changing the ACL enabled configuration may result in the termination of sessions or services with peers that cannot be validated The LDP ACL status is displayed using the show mpls command Examp...

Page 2454: ...ress parameter identifies the peer from which targeted and non targeted LDP sessions are accepted If the peer is specified using the host_name parameter the DNS client must be configured so that the host_name can first be resolved to an IP address LDP Hellos from IP addresses that are not included in the acl list are ignored Example None History This command was first available in an ExtremeWare 7...

Page 2455: ...d LDP peer from the ACL The ipaddress and host_name parameter identify the peer to be deleted from the ACL When the keyword all is specified all configured LDP peers are removed Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ipaddress Identifies the peer for deletion host_name Identifies ...

Page 2456: ... has been configured for a VPLS the VLAN is added to the VPLS as specified by the vpls_name The VLAN ID is locally significant to each VPLS Thus each VLAN VPLS interface within the H VPLS network may have a different VLAN ID This greatly simplifies VLAN ID coordination between metro network access points Traffic may be switched locally between VLAN ports if more than one port is configured for the...

Page 2457: ...configure mpls vpls add ExtremeWare 7 7 Command Reference Guide 2457 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2458: ...h VPLS must be configured The peer relationships are defined as either a core to core core to spoke or spoke to core This relationship implicitly defines the packet flooding behavior for the VC LSP set up to the configured peer A VPLS peer relationship defined as core to core indicates that the peer is a member of a fully meshed VPLS core peer group Flood traffic received from a core node by the c...

Page 2459: ...lished to a tls configured spoke are signaled using the martini draft VLAN FEC Martini tls VC LSPs carry traffic for a single VLAN Thus tls core to spoke VC LSPs are incompatible with local egress VPLS port interfaces i e tls VC LSPs and local egress ports can not be configured for the same vpls VC LSPs established to an tps configured spoke are signaled using the martini draft Ethernet FEC Martin...

Page 2460: ...re 7 7 Command Reference Guide H VPLS Commands BlackDiamond Switch Only History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2461: ...deletes the VPLS with the specified vpls_name All VC LSPs established to VPLS peers are terminated The all keyword may be used to indicate that all VPLS instances are to be deleted Example config mpls delete vpls myvpls History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only vpls_name Identifies the VPLS withi...

Page 2462: ...rval time Ping packets may be dropped due to spurious network conditions In order to minimize service disconnect false alerts when an echo request has not been received within trap send holdtime 3 seconds echo requests are sent in rapid succession at a rate of one per second This operation continues until an echo response is received or the trap send holdtime expires If an echo response is receive...

Page 2463: ... check add mplsping ExtremeWare 7 7 Command Reference Guide 2463 Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2464: ...h check as specified by the ipaddress or host_name parameter or the prefix or lsp keyword terminates and deletes the configured mplsping If the all keyword is specified all mplsping health checks are deleted Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ipaddress Option for specifying th...

Page 2465: ...packets may be dropped due to spurious network conditions In order to minimize service disconnect false alerts when an echo request has not been received within trap send holdtime 3 seconds echo requests are sent in rapid succession at a rate of one per second This operation continues until an echo response is received or the trap send holdtime expires If an echo response is received before the tr...

Page 2466: ...Command Reference Guide H VPLS Commands BlackDiamond Switch Only Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2467: ...Deleting a VC LSP health check as specified by the peer or mac address keyword terminates and deletes the configured vplsping If the all keyword is specified all vplsping health checks for the specified vpls_name are deleted Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only vpls_name Identif...

Page 2468: ...eleting a VC LSP health check as specified by the peer or mac address keyword terminates and deletes the configured vplsping If the all keyword is specified all vplsping health checks for the specified vpls_name are deleted Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only vpls_name Identifi...

Page 2469: ...h the same mtu value If the mtu values do not match VC LSPs cannot be established between VPLS peers By default the VPLS mtu is set to 1500 The configurable mtu range is 1492 through 9216 Changing the mtu setting will cause established VC LSPs to terminate VPLS payload packets may be dropped if the VPLS MTU setting is greater than the MPLS MTU setting for the VC LSP interface The vplsping command ...

Page 2470: ... the same mtu value If the mtu values do not match VC LSPs cannot be established between VPLS peers By default the VPLS mtu is set to 1500 The configurable mtu range is 1492 through 9216 Changing the mtu setting will cause established VC LSPs to terminate VPLS payload packets may be dropped if the VPLS MTU setting is greater than the MPLS MTU setting for the VC LSP interface The vplsping command m...

Page 2471: ...LSPs LSP traffic aggregation is described in Equal cost Multipath LSP Support on page 3 The delete keyword will remove the LSP specified by the lsp_name parameter from the VC LSP aggregation list If all the LSPs are deleted the VC LSP will attempt to use the best routed path LSP if one exists If no LSPs exist to the TLS tunnel endpoint TLS tunnel connectivity to the endpoint IP address is lost Exa...

Page 2472: ...N ID The mtu keyword optionally specifies the MTU value of the VPLS transport payload packet customer packet The mtu value is exchanged with vpls configured peer nodes All VPLS peer nodes must be configured with the same mtu value If the mtu values do not match VC LSPs cannot be established between VPLS peers By default the VPLS mtu is set to 1500 The configurable mtu range is 1492 through 9216 Ch...

Page 2473: ...configure mpls vpls ExtremeWare 7 7 Command Reference Guide 2473 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2474: ...ict with any other configured VLAN ID The mtu keyword optionally specifies the MTU value of the VPLS transport payload packet customer packet The mtu value is exchanged with vpls configured peer nodes All VPLS peer nodes must be configured with the same mtu value If the mtu values do not match VC LSPs cannot be established between VPLS peers By default the VPLS mtu is set to 1500 The configurable ...

Page 2475: ...configure mpls vpls add ExtremeWare 7 7 Command Reference Guide 2475 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2476: ...ore to spoke or spoke to core This relationship implicitly defines the packet flooding behavior for the VC LSP set up to the configured peer A VPLS peer relationship defined as core to core indicates that the peer is a member of a fully meshed VPLS core peer group Flood traffic received from a core node by the core node is forwarded to spoke nodes only A VPLS peer relationship defined as spoke to ...

Page 2477: ... tls core to spoke VC LSPs are incompatible with local egress VPLS port interfaces i e tls VC LSPs and local egress ports can not be configured for the same vpls The vcid of the martini VC LSP can be optionally specified as tls If the vcid is not specified the configured VPLS VPN ID is used to signal the vcid VC LSPs established to a vpls configured spoke are signaled using the VPLS FEC The spoke ...

Page 2478: ...2478 ExtremeWare 7 7 Command Reference Guide H VPLS Commands BlackDiamond Switch Only Platform Availability This command is available on the BlackDiamond switch only ...

Page 2479: ...erminated The optional vcid keyword may be specified to fully qualify a specific core to spoke Martini VC LSP The all keyword may be used to indicate that all VPLS peers be deleted Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only vpls_name Identifies the VPLS within the switch character str...

Page 2480: ...e VPLS peer is terminated The optional vcid keyword may be specified to fully qualify a specific core to spoke Martini VC LSP The all keyword may be used to indicate that all VPLS peers be deleted Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only vpls_name Identifies the VPLS within the swit...

Page 2481: ...e LSP specified by the lsp_name parameter from the VC LSP aggregation list If all the LSPs are deleted the VC LSP will attempt to use the best routed path LSP if one exists If no LSPs exist to the VPLS peer VPN connectivity to the VPLS peer is lost Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switc...

Page 2482: ...be sent on each LSP in round robin fashion For RSVP TE LSPs the FEC is implied from the LSP configuration The lsp keyword may be used to specify the tunnel LSP on which to send the MPLS echo request The tunnel LSP on which the MPLS echo request is sent is specified by the lsp_name parameter The TTL value in the MPLS Echo Request is set to 255 ipaddress Specifies the FEC ipaddress masklength Specif...

Page 2483: ...ot exceed the configured jumbo packet size if jumbo frames are enabled or 1518 if jumbo frames are disabled If the end_size parameter is specified the size of the packet will increment by one byte for each new MPLS echo request sent The next MPLS echo request is not sent until the MPLS echo response for the previous packet is received This is useful for detecting interface MTU mismatch configurati...

Page 2484: ...d to an IP address The resolved host name IP address is assumed to be a 32 prefix The lsp keyword may be used to specify the LSP to trace The selected LSP is specified by the lsp_name parameter The from keyword is used to specify the source IP address used in the MPLS echo request This is the IP address used by the target LSR will use to send the MPLS echo reply If not specified the OSPF ISIS rout...

Page 2485: ...es zero the packet is not forwarded but is redirected to the control plane for additional processing When the TTL value specified by the max_ttl_value parameter is exceeded the mplstrace command ends The valid max_ttl_value range is one to 30 with a default value of 30 Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on t...

Page 2486: ...S name egress VLAN if applicable VC LSP peer Age and Port List Optionally specifying the vpls_name displays FDB information for the specified vpls only If a VPLS peer qualifies the command only FDB information learned from the specified peer is displayed The peer is specified using the ipaddress or host_name parameter Example None History This command was first available in an ExtremeWare 7 3 0 Pl...

Page 2487: ... displayed in a comprehensive detail format The detail format includes total state transition count from up to down and down to up time of last failure total up time and total down time and error code if applicable Optionally an ipaddress ipaddress masklength host_name or lsp_name parameter can be specified to display specific mplsping information This information is always displayed in the detail...

Page 2488: ...parameters If the optional detail keyword is specified the health check information is displayed in a comprehensive detail format The detail format includes total state transition count from up to down and down to up time of last failure total up time and total down time and error code if applicable The optional peer and mac address keywords may be specified to further restrict the vplsping inform...

Page 2489: ...mand displays the list of configured LDP ACL entries Optionally a specific LDP ACL can be displayed by specifying the ipaddress or host_name for the configured ACL Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ipaddress Specifies the IP address for a specific LDP ACL host_name Specifies ...

Page 2490: ...format additionally displays transmit and receive packet and byte counts Optionally specifying the peer keyword qualified by the ipaddress or host_name displays VPLS information for the specified peer in detailed format If the peer keyword is specified and is unqualified by a vpls_name all VPLS instances that the peer is a member of are displayed The summary keyword displays a set of summary count...

Page 2491: ...t are members of the VPN as specified by vpls_name are displayed If vpls_name is omitted information pertaining to all VPLS nodes is displayed Information displayed includes IP address of each node MAC address of each node VPN ID and immediate or remote node indication Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on t...

Page 2492: ... specified using the ipaddress parameter When the ipaddress parameter is specified the IP address is used to look up the corresponding VPLS node s MAC address If the MAC address has not been learned the vplsping command will fail with a No MAC address learned for IP address error The mac address keyword specifies the MAC address that is being pinged The mac address may represent the MAC address of...

Page 2493: ...exceed the configured jumbo packet size if jumbo frames are enabled or 1518 if jumbo frames are disabled If the end_size parameter is specified the size of the packet will increment by one byte for each new VPLS echo request sent The next VPLS echo request is not sent until the VPLS echo response for the previous packet is received This is useful for detecting interface MTU mismatch configurations...

Page 2494: ...ing the ipaddress parameter When the ipaddress parameter is specified the IP address is used to look up the corresponding VPLS node s MAC address If the MAC address has not been learned the vplstrace command will fail with a No MAC address learned for IP address error The mac address keyword specifies the MAC address that is being pinged The mac address may represent the MAC address of a VPLS node...

Page 2495: ... the reply mode is not specified the vpls reply mode is used The ttl keyword optionally specifies the maximum TTL value in the VPLS echo request packet The TTL value in the VC FEC label is decremented along the path at each VPLS node When the TTL value in the VC FEC label reaches zero the packet not forwarded but is redirected to the control plane for additional processing When the TTL value speci...

Page 2496: ...2496 ExtremeWare 7 7 Command Reference Guide H VPLS Commands BlackDiamond Switch Only ...

Page 2497: ...base entries indicate the outgoing port and any label s to be applied to forwarded frames Thus forwarding may consist of a simple lookup and replacement of the incoming label with the appropriate outgoing label known as label swapping The MPLS module includes the following features MultiProtocol label switching MPLS This forwarding algorithm uses short fixed length labels to make next hop forwardi...

Page 2498: ...S counters and statistics Syntax Description N A Default N A Usage Guidelines This command resets all VPLS counters and statistics Example This example resets all VPLS counters and statistics clear mpls vpls counters History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2499: ... LSR within the specified hello hold_time the hello adjacency is not maintained with that neighboring LSR The session keep alive hold_time interval_time parameter specifies the time in seconds during which an LDP message must be received for the LDP session with a particular peer LSR to be ldp Specifies an LDP session targeted ldp Specifies a targeted LDP session hello hold_time interval_time The ...

Page 2500: ...hold_time interval_time are 6 and 65 534 respectively This command can only be executed when MPLS is disabled Example The following command configures LDP session hello hold time to 30 seconds and the interval time to 5 seconds configure mpls ldp hello 30 5 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently inc...

Page 2501: ...ession to the targeted LDP peer VPLS peer prior to exchanging vpn parameters the VPLS peer must be capable of accepting LDP Hello messages By default the local_endpoint_ipaddress is the configured OSPF ISIS Router ID The from keyword must be specified when VPLS peers are configured in conjunction with ESRP The local_endpoint_ipaddress should be configured to match the local VPLS egress VLAN interf...

Page 2502: ...eWare 7 7 Command Reference Guide MPLS Commands BlackDiamond Switch Only History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch ...

Page 2503: ...ss an MPLS network The Layer 2 traffic is transported across an MPLS LSP using a two level label stack The ipaddress parameter identifies the peer LSR that is the endpoint of the tunnel This IP address should be configured with a 32 bit prefix on the peer LSR When the peer LSR is also an Extreme switch then either OSPF must also be enabled on the VLAN that the ipaddress is assigned to using the co...

Page 2504: ...d parameter values If a vcid and groupid match is found the TLS tunnel is bound to the local_vlan_name by correlating the advertised egress TLS tunnel label with the local VLAN ID Once the TLS tunnel label and the local VLAN ID are dynamically bound all traffic received from the tunnel LSP that contains the egress TLS tunnel label is forwarded to the local VLAN identified by the local_vlan_name pa...

Page 2505: ... The tunnel_name parameter is a character string that is to be used to identify the TLS tunnel within the switch It must begin with an alphabetic character and can contain up to 31 additional alphanumeric characters History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform ...

Page 2506: ...st also be enabled on the switch If all VLANs are selected MPLS is enabled on all VLANs that have an IP address and IP forwarding enabled If you have enabled MPLS on an OSPF interface that is used to reach a particular destination make sure that you enable MPLS on all additional OSPF interfaces that can reach that same destination for example enable MPLS on all VLANs that are connected to the back...

Page 2507: ...configure mpls add vlan ExtremeWare 7 7 Command Reference Guide 2507 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2508: ... command deletes the VPLS with the specified vpls_name All VC LSPs established to VPLS peers are terminated The all keyword may be used to indicate that all VPLS instances are to be deleted Example config mpls delete vpls myvpls History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch vpls_name Identifies the VPLS w...

Page 2509: ...cific group Specify the groupid if you want to delete all TLS tunnels belonging to a specific group Use the all keyword to delete all TLS tunnels Example The following command deletes the TLS tunnel rt40 configure mpls delete tls tunnel rt40 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into E...

Page 2510: ...Ns If not specified both are disabled for the specified VLAN Example The following command disables RSVP TE on vlan1 configure mpls delete vlan vlan1 rsvp te History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the BlackDiamond...

Page 2511: ...letes the VPLS with the specified vpls_name All VC LSPs established to VPLS peers are terminated The all keyword may be used to indicate that all VPLS instances are to be deleted Example config mpls delete vpls myvpls History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only vpls_name Identifies the VPLS within ...

Page 2512: ... service mode is vlan Ports configured in different modes cannot send traffic between them without the use of the MPLS module That is traffic received on a port that is configured in vlan mode cannot switch traffic directly to a port on a module that is configured in port mode and vice versa Thus ports configured in different modes cannot be members of the same VLAN or VPLS VPLS ingress traffic ca...

Page 2513: ...configure mpls edge service mode ExtremeWare 7 7 Command Reference Guide 2513 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2514: ...l time Ping packets may be dropped due to spurious network conditions In order to minimize service disconnect false alerts when an echo request has not been received within trap send holdtime 3 seconds echo requests are sent in rapid succession at a rate of one per second This operation continues until an echo response is received or the trap send holdtime expires If an echo response is received b...

Page 2515: ... check add mplsping ExtremeWare 7 7 Command Reference Guide 2515 Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2516: ...heck as specified by the ipaddress or host_name parameter or the prefix or lsp keyword terminates and deletes the configured mplsping If the all keyword is specified all mplsping health checks are deleted Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ipaddress Option for specifying the f...

Page 2517: ...ckets may be dropped due to spurious network conditions In order to minimize service disconnect false alerts when an echo request has not been received within trap send holdtime 3 seconds echo requests are sent in rapid succession at a rate of one per second This operation continues until an echo response is received or the trap send holdtime expires If an echo response is received before the trap...

Page 2518: ... Command Reference Guide MPLS Commands BlackDiamond Switch Only Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2519: ...eleting a VC LSP health check as specified by the peer or mac address keyword terminates and deletes the configured vplsping If the all keyword is specified all vplsping health checks for the specified vpls_name are deleted Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only vpls_name Identifi...

Page 2520: ...ting a VC LSP health check as specified by the peer or mac address keyword terminates and deletes the configured vplsping If the all keyword is specified all vplsping health checks for the specified vpls_name are deleted Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only vpls_name Identifies ...

Page 2521: ...east one LDP ACL peer has been configured The disabled keyword specifies that the ACL be disabled No authentication procedures are enforced LDP ACLs must be disabled before all LDP ACL peers can be deleted Changing the ACL enabled configuration may result in the termination of sessions or services with peers that cannot be validated The LDP ACL status is displayed using the show mpls command Examp...

Page 2522: ...ss parameter identifies the peer from which targeted and non targeted LDP sessions are accepted If the peer is specified using the host_name parameter the DNS client must be configured so that the host_name can first be resolved to an IP address LDP Hellos from IP addresses that are not included in the acl list are ignored Example None History This command was first available in an ExtremeWare 7 3...

Page 2523: ...LDP peer from the ACL The ipaddress and host_name parameter identify the peer to be deleted from the ACL When the keyword all is specified all configured LDP peers are removed Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ipaddress Identifies the peer for deletion host_name Identifies th...

Page 2524: ...t filter is applied to the FECs associated with static routes You can configure the advertisement filter as follows all All unsolicited label mappings are originated for all routes of the specified type direct RIP or static This is the default setting for direct routes none No unsolicited label mappings are originated for all routes of the specified type This is the default setting for RIP and sta...

Page 2525: ...label and direct routes are advertised with an MPLS label unless PHP is enabled Advertising labels for a large number of routes may increase the required number of labels that must be allocated by LSRs Take care to ensure that the number of labels advertised by LERs does not overwhelm the label capacity of the LSRs Example The following command configures a filter to be used by LDP when originatin...

Page 2526: ...The LDP label origination configuration for directly attached routing interfaces can also be set using the configure mpls ldp advertise direct command Example The following command configures LDP to advertise a label for the direct route configured for VLAN vlan1 configure mpls advertise add vlan vlan1 History This command was first available in an ExtremeWare IP Technology Services Release based ...

Page 2527: ...R PHP is requested by assigning the Implicit Null Label in an advertised mapping PHP is always performed when requested by an egress LSR for example when the switch is acting as an intermediate LSR The Implicit Null Label is always used in conjunction with routes exported by OSPF regardless of the PHP configuration This command can only be executed when MPLS is disabled Example The following comma...

Page 2528: ...vertently introduced When propagate ip ttl is disabled the LSP is viewed as a point to point link between the ingress LSR and the egress LSR Intermediate LSRs in the MPLS network are not viewed as router hops from an IP TTL perspective In this case the IP TTL is decremented once by the ingress LSR and once by the egress LSR When disabled the MPLS TTL is set to 255 by the ingress LSR and is indepen...

Page 2529: ...mpls propagate ip ttl ExtremeWare 7 7 Command Reference Guide 2529 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2530: ...ured ExtremeWare QoS policies There is a one to one mapping between the hardware queue and the 802 1p priority values that are inserted into frames forwarded to the MPLS module For example the 802 1p priority value is set to 0 for frames forwarded from hardware queue 0 set to 1 for frames forwarded from hardware queue 1 and so on The dot1p to exp table maps 802 1 priority values to MPLS EXP values...

Page 2531: ...n classifying MPLS encapsulated packets received from the SONET link When a PoS port receives an MPLS encapsulated packet from the SONET link the packet is classified based on the EXP value in the MPLS shim header The EXP value from the received frame is used as an index into the exp to dot1p mapping table to retrieve and 802 1p priority value The frame is then assigned to a QoS profile based on t...

Page 2532: ...rofile is applied to the LSP If no explicitly specified the path_name defaults to the primary path The LSP is immediately signaled as soon as it is configured The maximum number of configurable LSPs is 1024 Example The following command adds a primary RSVP TE LSP that takes the routed path named paththroughdenver configure mpls rsvp te add lsp lsptonyc path paththroughdenver History This command w...

Page 2533: ...stination may be configured by adding additional path_names and specifying the same ipaddress or host_name as the path endpoint The RSVP TE path is not signaled until an LSP is added with the specified path_name If no explicit route objects are configured the path will follow the best routed path to the configured ipaddress or IP address obtained from DNS name resolution Optionally the from keywor...

Page 2534: ...2534 ExtremeWare 7 7 Command Reference Guide MPLS Commands BlackDiamond Switch Only Platform Availability This command is available on the BlackDiamond switch only ...

Page 2535: ...dicates that the QoS for the LSP is best effort ExtremeWare does not support bandwidth reservation The setup priority and hold priority are optional parameters indicating the LSP priority During path set up if the requested bandwidth cannot be reserved through the LSR the setup priority parameter is compared to the hold priority of existing LSPs to determine if any of the existing LSPs need to be ...

Page 2536: ...ing the tunnel LSP endpoint IP address Traffic is distributed across up to four equal cost LSPs The valid metric values range from 1 to 65535 Specifying the igp tracking keyword forces the route metric to track the underlying IGP metrics If no IGP metric exists for the LSP for example the LSP traverses a RIP network the metric is ignored Tracking IGP metrics is the default behavior The record keyw...

Page 2537: ...ce Guide 2537 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2538: ...eleted LSPs cannot be deleted if the specified lsp_name has been configured as the LSP for a TLS tunnel If you specify the all keyword all LSPs not associated with a TLS tunnel are deleted Example The following command deletes all RSVP TE LSPs configure mpls rsvp te delete lsp all History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This comm...

Page 2539: ...on for path_name is deleted A path cannot be deleted as long as the path_name is associated with an LSP If the all keyword is specified all paths not associated with an LSP are deleted Example The following command deletes all RSVP TE paths configure mpls rsvp te delete path all History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This comman...

Page 2540: ...profile is associated with a configured LSP the profile cannot be deleted If you specify the all keyword all profiles not associated with an LSP are deleted except for the default profile Example The following command deletes all RSVP TE path profiles configure mpls rsvp te delete profile all History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b...

Page 2541: ...rough the network to the same LSP endpoint Adding a secondary path_name designates a path as a hot standby redundant path used in the event that the primary or secondary path cannot be established or fails Provided the path_name has not already been established all path names are signaled as soon as they are associated with an lsp_name If the primary path_name fails is not configured or cannot be ...

Page 2542: ...ond Switch Only History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2543: ...on for path_name is deleted A path cannot be deleted as long as the path_name is associated with an LSP If the all keyword is specified all paths not associated with an LSP are deleted Example The following command deletes all RSVP TE paths configure mpls rsvp te delete path all History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This comman...

Page 2544: ...ect matches a direct router interface or a directly attached subnet the switch verifies that the path message is received on the matching router interface If the LSR specified matches the OSPF router ID or a configured loopback IP address the router interface on which the packet is received is ignored If the IP address is specified as strict the strict subobject must be topologically1 adjacent to ...

Page 2545: ...ubobject must be deleted and re added using a different order If a subobject is added to or deleted from the ERO while the associated LSP is established the path is torn down and is signaled again using the new ERO Duplicate ERO subobjects are not allowed Defining an ERO for the path is optional If you do not configure an ERO the path is signaled along the best routed path and the ERO is not inclu...

Page 2546: ... is no longer required to take an explicit routed path The path is then signaled along the best routed path and no ERO is included in the path message Example The following command deletes all configured ERO subobjects from the specified path configure mpls rsvp te path paththroughdc delete ero all History This command was first available in an ExtremeWare IP Technology Services Release based on v...

Page 2547: ...figured peer nodes All VPLS peer nodes must be configured with the same mtu value If the mtu values do not match VC LSPs cannot be established between VPLS peers By default the VPLS mtu is set to 1500 The configurable mtu range is 1492 through 9216 Changing the mtu setting will cause established VC LSPs to terminate VPLS payload packets may be dropped if the VPLS MTU setting is greater than the MP...

Page 2548: ...s for the specified profile configure mpls rsvp te profile customer1 ping interval 2 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2549: ...onger active RSVP sessions are torn down if an RSVP refresh message is not received from a neighbor within keep multiplier 0 5 1 5 refresh time seconds The default refresh time is 30 seconds and the default keep multiplier value is three The minimum and maximum refresh time values are one and 36 000 seconds or one hour respectively The minimum and maximum keep multiplier values are one and 255 res...

Page 2550: ...nt to RSVP TE peers supporting RSVP refresh reduction Example The following command configures the rsvp te interface parameters for VLAN vlan1 configure mpls rsvp te vlan vlan1 hello interval 2 refresh time 5 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availab...

Page 2551: ...SPs LSP traffic aggregation is described in Equal cost Multipath LSP Support on page 3 The delete keyword will remove the LSP specified by the lsp_name parameter from the VC LSP aggregation list If all the LSPs are deleted the VC LSP will attempt to use the best routed path LSP if one exists If no LSPs exist to the TLS tunnel endpoint TLS tunnel connectivity to the endpoint IP address is lost Exam...

Page 2552: ... the packet the packet is fragmented before it is forwarded onto an MPLS LSP If the DF bit is set in the packet header Path MTU Discovery starts Fragmentation is based on either the minimum value of the configured MPLS IP MTU size or the configured IP MTU size for the egress VLAN The IP MTU size is configured using the configure ip mtu number vlan vlan name command Configure the MPLS IP MTU so tha...

Page 2553: ...configure mpls vlan ip mtu ExtremeWare 7 7 Command Reference Guide 2553 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2554: ...s of this command apply to all MPLS enabled VLANs Example The following command configures a filter to be used by LDP when propagating unsolicited label mappings to vlan1 configure mpls vlan vlan1 ldp propagate route map bgp_out History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 ...

Page 2555: ...main for which there is one non TLS VLAN configured to track the state of the LSP When ESRP detects that the LSP has failed all of the VLANs in the configured ESRP domain transition to neutral state and the backup LSR becomes the master switch for all of the TLS VLANs The add track lsp command configures ESRP to track up to eight LSPs Fail over to the slave switch is based on the total number of e...

Page 2556: ...re 7 7 Command Reference Guide MPLS Commands BlackDiamond Switch Only This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2557: ...word all configured LSPs are removed from ESRP tracking for the specified VLAN Example The following command disables diagnostic failure tracking for VLAN esrp 1 configure vlan esrp 1 delete track lsp History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability Th...

Page 2558: ...D The mtu keyword optionally specifies the MTU value of the VPLS transport payload packet customer packet The mtu value is exchanged with vpls configured peer nodes All VPLS peer nodes must be configured with the same mtu value If the mtu values do not match VC LSPs cannot be established between VPLS peers By default the VPLS mtu is set to 1500 The configurable mtu range is 1492 through 9216 Chang...

Page 2559: ...configure mpls vpls ExtremeWare 7 7 Command Reference Guide 2559 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2560: ...as been configured for a VPLS the VLAN is added to the VPLS as specified by the vpls_name The VLAN ID is locally significant to each VPLS Thus each VLAN VPLS interface within the H VPLS network may have a different VLAN ID This greatly simplifies VLAN ID coordination between metro network access points Traffic may be switched locally between VLAN ports if more than one port is configured for the V...

Page 2561: ...configure mpls vpls add ExtremeWare 7 7 Command Reference Guide 2561 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2562: ...ionship for each VPLS must be configured The peer relationships are defined as either a core to core core to spoke or spoke to core This relationship implicitly defines the packet flooding behavior for the VC LSP set up to the configured peer A VPLS peer relationship defined as core to core indicates that the peer is a member of a fully meshed VPLS core peer group Flood traffic received from a cor...

Page 2563: ...lished to a tls configured spoke are signaled using the martini draft VLAN FEC Martini tls VC LSPs carry traffic for a single VLAN Thus tls core to spoke VC LSPs are incompatible with local egress VPLS port interfaces i e tls VC LSPs and local egress ports can not be configured for the same vpls VC LSPs established to an tps configured spoke are signaled using the martini draft Ethernet FEC Martin...

Page 2564: ...Ware 7 7 Command Reference Guide MPLS Commands BlackDiamond Switch Only History This command was first available in an ExtremeWare 7 3 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2565: ...minated The optional vcid keyword may be specified to fully qualify a specific core to spoke Martini VC LSP The all keyword may be used to indicate that all VPLS peers be deleted Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only vpls_name Identifies the VPLS within the switch character strin...

Page 2566: ...VPLS peer is terminated The optional vcid keyword may be specified to fully qualify a specific core to spoke Martini VC LSP The all keyword may be used to indicate that all VPLS peers be deleted Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only vpls_name Identifies the VPLS within the switch...

Page 2567: ... LSP specified by the lsp_name parameter from the VC LSP aggregation list If all the LSPs are deleted the VC LSP will attempt to use the best routed path LSP if one exists If no LSPs exist to the VPLS peer VPN connectivity to the VPLS peer is lost Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch...

Page 2568: ...uidelines Disabling MPLS causes all LSPs to be released and all LDP neighbor sessions to be terminated Example The following command globally disables MPLS on the switch disable mpls History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is avai...

Page 2569: ...bling MPLS causes all LSPs to be released and all LDP neighbor sessions to be terminated Example The following command globally enables MPLS on the switch enable mpls History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the Bla...

Page 2570: ...sp keyword may be used to specify the tunnel LSP on which to send the MPLS echo request The tunnel LSP on which the MPLS echo request is sent is specified by the lsp_name parameter The TTL value in the MPLS Echo Request is set to 255 The from keyword is used to specify the source IP address used in the MPLS echo request This is the IP address used by the target LSR will use to send the MPLS echo r...

Page 2571: ... the end_size parameter is specified the size of the packet will increment by one byte for each new MPLS echo request sent The next MPLS echo request is not sent until the MPLS echo response for the previous packet is received This is useful for detecting interface MTU mismatch configurations between LSRs The switch ceases sending MPLS echo requests when the specified end_size value is reached the...

Page 2572: ... to an IP address The resolved host name IP address is assumed to be a 32 prefix The lsp keyword may be used to specify the LSP to trace The selected LSP is specified by the lsp_name parameter The from keyword is used to specify the source IP address used in the MPLS echo request This is the IP address used by the target LSR will use to send the MPLS echo reply If not specified the OSPF ISIS route...

Page 2573: ...es zero the packet is not forwarded but is redirected to the control plane for additional processing When the TTL value specified by the max_ttl_value parameter is exceeded the mplstrace command ends The valid max_ttl_value range is one to 30 with a default value of 30 Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on t...

Page 2574: ... name egress VLAN if applicable VC LSP peer Age and Port List Optionally specifying the vpls_name displays FDB information for the specified vpls only If a VPLS peer qualifies the command only FDB information learned from the specified peer is displayed The peer is specified using the ipaddress or host_name parameter Example None History This command was first available in an ExtremeWare 7 3 0 Pla...

Page 2575: ... displayed in a comprehensive detail format The detail format includes total state transition count from up to down and down to up time of last failure total up time and total down time and error code if applicable Optionally an ipaddress ipaddress masklength host_name or lsp_name parameter can be specified to display specific mplsping information This information is always displayed in the detail...

Page 2576: ...arameters If the optional detail keyword is specified the health check information is displayed in a comprehensive detail format The detail format includes total state transition count from up to down and down to up time of last failure total up time and total down time and error code if applicable The optional peer and mac address keywords may be specified to further restrict the vplsping informa...

Page 2577: ...mand displays the list of configured LDP ACL entries Optionally a specific LDP ACL can be displayed by specifying the ipaddress or host_name for the configured ACL Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on the BlackDiamond switch only ipaddress Specifies the IP address for a specific LDP ACL host_name Specifies ...

Page 2578: ...s enabled When the vlan parameter is specified this command displays the current values of the MPLS configuration parameters that are specific to the VLAN If the optional detail keyword is specified additional detailed VLAN information is displayed Example The following command displays MPLS configuration information for the VLAN accounting show mpls vlan accounting History This command was first ...

Page 2579: ...hop IP address Outgoing label Interface number of the outgoing VLAN If the detail keyword is specified the following additional information is displayed Outgoing port number Counts of packets and bytes that have been transmitted using the database entry By default information is displayed for active mappings To display information for liberally retained inactive mappings use the inactive keyword A...

Page 2580: ...mation from the FEC to NHLFE database show mpls forwarding prefix 10 1 1 1 History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2581: ...he keyword ldp targeted ldp or rsvp te limits the information displayed to only those interface types Example The following command displays interface information for RSVP TE interfaces show mpls interface rsvp te History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Av...

Page 2582: ...mmary information is displayed for the label Use the fec keyword to display the label associated with an FEC You can specify both host and prefix FEC types The summary keyword displays the number of labels allocated from each label range partition By default the information displayed includes Next hop IP address Outgoing and incoming labels Interface number of the outgoing VLAN FEC associated with...

Page 2583: ...ing Label Map ILM for RSVP TE LSPs Example The following command displays the summary information from the Incoming Label Map show mpls label summary History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is available on the BlackDiamond switch ...

Page 2584: ... peer is displayed To display additional information in the comprehensive detailed format use the detail keyword Displayed summary information includes Peer type targeted or not targeted Peer status Peer sessions Peer session state If you specify the detail keyword the following additional information is displayed LDP error counts LDP status timers Maximum PDU length Example The following command ...

Page 2585: ...show mpls ldp ExtremeWare 7 7 Command Reference Guide 2585 Platform Availability This command is available on the BlackDiamond switch only ...

Page 2586: ... or variables Default N A Usage Guidelines Configured mappings for both dot1p to exp and exp to dot1p are displayed Example The following command displays MPLS QoS mapping information show mpls qos mappings History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availabil...

Page 2587: ...d Additional information is displayed in the detailed format if you specify the optional detail keyword The more detailed RSVP TE information includes the number and type of RSVP messages transmitted through the local RSVP TE interface Example The following displays detailed information about all configured RSVP TE LSPs show mpls rsvp te detail History This command was first available in an Extrem...

Page 2588: ...fy the optional detail keyword additional information is displayed for each LSP The detailed information includes a list of all configured paths including the path state error codes for the LSP associated with each path up time for each LSP the bound profile name and a list of TLS tunnels configured to use the LSP Example The following displays the configuration and status information for all conf...

Page 2589: ...isplayed If a specific path name is specified only information for the specified path is displayed If you specify the optional detail keyword the list of subobjects specified for the explicit route object and any LSPs that are configured to use the path are displayed Example The following displays information about all RSVP TE routed paths in detailed format show mpls rsvp te path detail History T...

Page 2590: ...e If the profile name is omitted the profile parameter values for all configured LSP profiles are displayed Example The following command displays the profile parameter values for all configured LSP profiles show mpls rsvp te profile History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWa...

Page 2591: ...S tunnel information is displayed using the comprehensive detail format If the optional summary keyword is specified summary TLS tunnel counts are displayed The summary counters displayed include the total number of active static and dynamic TLS tunnels Example The following command displays configuration and status information for the TLS tunnel rt40 show mpls tls tunnel rt40 History This command...

Page 2592: ... format additionally displays transmit and receive packet and byte counts Optionally specifying the peer keyword qualified by the ipaddress or host_name displays VPLS information for the specified peer in detailed format If the peer keyword is specified and is unqualified by a vpls_name all VPLS instances that the peer is a member of are displayed The summary keyword displays a set of summary coun...

Page 2593: ...hat are members of the VPN as specified by vpls_name are displayed If vpls_name is omitted information pertaining to all VPLS nodes is displayed Information displayed includes IP address of each node MAC address of each node VPN ID and immediate or remote node indication Example None History This command was first available in an ExtremeWare 7 3 0 Platform Availability This command is available on...

Page 2594: ...agation filter settings on all VLANs LDP advertisement filter settings LDP session timers RSVP TE interface parameters RSVP TE profile parameters Settings for propagate ip ttl QoS mapping tables Example The following command resets MPLS configuration parameters to the default settings unconfigure mpls History This command was first available in an ExtremeWare IP Technology Services Release based o...

Page 2595: ...he LDP peer has failed or no longer wishes to label switch using the previously advertised label space The session keep alive time specifies the minimum amount of time in seconds that an LSR must receive an LDP PDU from an LDP peer to which it has an established LDP session If an LDP PDU is not received within the specified session keep alive time since the reception of the last LDP PDU the LDP se...

Page 2596: ... input value of n to an output value of n Example The following command restores the default values for the dot1p to exp QoS mapping table unconfigure mpls qos mapping dot1p to exp History This command was first available in an ExtremeWare IP Technology Services Release based on v6 1 8b12 This command was subsequently incorporated into ExtremeWare 7 0 0 Platform Availability This command is availa...

Page 2597: ...e MAC address has not been learned the vplsping command will fail with a No MAC address learned for IP address error The mac address keyword specifies the MAC address that is being pinged The mac address may represent the MAC address of a VPLS node or a customer MAC address The macaddress parameter must be a unicast MAC address and is specified as a colon separated list of six bytes in hex format ...

Page 2598: ... specified the size of the packet will increment by one byte for each new VPLS echo request sent The next VPLS echo request is not sent until the VPLS echo response for the previous packet is received This is useful for detecting interface MTU mismatch configurations between VPLS nodes The node ceases sending VPLS echo requests when the specified end_size value is reached the VPLS ping is interrup...

Page 2599: ...nding VPLS node s MAC address If the MAC address has not been learned the vplstrace command will fail with a No MAC address learned for IP address error The mac address keyword specifies the MAC address that is being pinged The mac address may represent the MAC address of a VPLS node or a customer MAC address The macaddress parameter must be a unicast MAC address and is specified as a colon separa...

Page 2600: ...y specifies the maximum TTL value in the VPLS echo request packet The TTL value in the VC FEC label is decremented along the path at each VPLS node When the TTL value in the VC FEC label reaches zero the packet not forwarded but is redirected to the control plane for additional processing When the TTL value specified by the max_ttl_value parameter is exceeded the vplstrace command ends The valid m...

Page 2601: ...r ipmc cache 2006 clear ipmc fdb 2007 clear isis adjacency 1777 clear isis lsdb 1778 clear log 666 clear log counters 668 clear log diag error 670 clear log diag remap 671 clear mpls vpls counters 2498 clear nat 474 clear netlogin state 849 clear netlogin state mac address 850 clear session 75 clear slb connections 494 clear slb persistence 495 clear slot 255 clear transceiver test 672 clear wirel...

Page 2602: ...bgp peer group password 1959 configure bgp peer group remote AS number 1960 configure bgp peer group route map filter 1961 configure bgp peer group route reflector client 1957 configure bgp peer group send community 1958 configure bgp peer group soft reset 1962 configure bgp peer group source interface 1963 configure bgp peer group weight 1965 configure bgp routerid 1966 configure bgp soft reconfi...

Page 2603: ... configure elsm hellotime 1505 configure elsm hold threshold 1507 configure enhanced dos protect ipfdb agingtime 876 configure enhanced dos protect ipfdb cache size 877 configure enhanced dos protect ipfdb learn limit 878 configure enhanced dos protect ipfdb learn window 879 configure enhanced dos protect ports 880 configure enhanced dos protect rate limit 881 configure esrp port mode ports 1511 c...

Page 2604: ...ress 1779 1785 configure isis add vlan 1780 configure isis area add domain summary 1781 configure isis area delete domain summary 1782 configure isis area domain filter 1783 configure isis authentication 1784 configure isis delete vlan 1786 configure isis external filter 1787 configure isis holddown interval 1788 configure isis lsp lifetime 1789 configure isis lsp refresh interval 1790 configure i...

Page 2605: ...ailover slave config 267 configure msm failover timeout 268 configure mstp format 1582 configure mstpd region 1580 configure multilink add 2182 configure multilink delete 2183 configure nat add vlan map 475 configure nat delete 479 configure nat finrst timeout 481 configure nat icmp timeout 482 configure nat syn timeout 483 configure nat tcp timeout 484 configure nat timeout 485 configure nat udp ...

Page 2606: ...sum ports 2308 configure ppp pos scrambling ports 2309 configure ppp quality ports 2310 configure ppp user 2200 configure ppp user multilink 2200 configure ppp user ports 2200 2311 configure protocol add 373 configure protocol delete 375 configure qosprofile 441 2201 2312 configure qosprofile ingress 2245 configure qosprofile min bps 2201 configure qosprofile wanqos maxbuf 2203 configure qostype i...

Page 2607: ... 541 configure slb gogo mode service check timer 542 configure slb gogo mode tcp port check add 544 configure slb gogo mode tcp port check delete 546 configure slb gogo mode tcp port check timer 548 configure slb L4 port 550 configure slb node max connections 552 configure slb node ping check 554 configure slb node tcp port check 555 configure slb pool add 557 configure slb pool delete 559 configu...

Page 2608: ...t 948 configure time 95 configure timezone 96 configure transceiver test failure action 729 configure transceiver test period 731 configure transceiver test threshold 732 configure transceiver test window 733 configure udp profile add 1686 configure udp profile delete 1687 configure vlan access profile 949 configure vlan add domain member vlan 1514 configure vlan add elrp poll ports 1515 1527 conf...

Page 2609: ...face ap scan re moved trap 1322 configure wireless ports interface ap scan results size 1323 configure wireless ports interface ap scan results time out 1324 configure wireless ports interface ap scan send probe 1325 configure wireless ports interface ap scan updated trap 1326 configure wireless ports interface channel 1327 configure wireless ports interface client history size 1329 configure wire...

Page 2610: ... vlan 991 disable arp learning vlan ports 992 disable bgp 1973 disable bgp aggregation 1974 disable bgp always compare med 1975 disable bgp community format 1976 disable bgp export 1977 disable bgp neighbor 1979 disable bgp neighbor remove private AS numbers 1980 disable bgp neighbor soft in reset 1981 disable bgp peer group 1982 disable bgp peer group remove private AS numbers 1982 disable bgp sy...

Page 2611: ... disable log display 744 disable log target 745 disable log temperature 754 disable loopback mode vlan 1718 disable lpm 2150 disable mac lockdown timeout ports 997 disable mac vlan port 395 disable mcast queue mgmt 2056 disable mirroring 300 disable mpls 2568 disable multilink 2211 disable multinetting 1719 disable nat 488 disable netlogin 998 disable netlogin dot1x guest vlan ports 1000 disable n...

Page 2612: ...reless ports interface 1353 disable wireless ports interface ap scan 1354 disable wireless ports interface ap scan off channel 1355 disable wireless ports interface client history 1356 disable wireless ports interface iapp 1358 disable wireless ports interface svp 1359 disable wireless ports time 1360 download bootrom 1139 download configuration 1141 download configuration cancel 1143 download con...

Page 2613: ...rp vlan ports 1023 enable ip security source ip lockdown ports 1041 enable ip subnet lookup 1028 enable ipxrip 2125 enable ipxsap 2126 enable ipxsap gns reply 2127 enable irdp 1745 enable isis 1869 enable isis export 1870 enable isis ignore attached bit 1872 enable isis originate default 1873 enable isis overload 1874 enable jumbo frame ports 312 enable lbdetect port 313 enable learning ports 314 ...

Page 2614: ...uitous arp protection 208 enable snmp traps lldp port 2433 enable snmp traps port up down 210 enable sntp client 211 enable source ip lockdown ports 1041 enable ssh2 1042 enable stacking 1448 enable stpd 1619 enable stpd bpdu filter 1623 enable stpd ports 1620 enable stpd rapid root failover 1622 enable subvlan proxy arp vlan 1748 enable sys hardware recovery polling 776 enable syslog 779 enable s...

Page 2615: ...117 show bgp 1995 show bgp neighbor 1996 show bgp peer group 1998 show configuration 274 1152 show cpu dos protect 1069 show debug trace 1261 show diagnostics 1265 show diagnostics backplane arm mapping 1268 show diagnostics backplane mpls mapping 1269 show diagnostics backplane utilization 1270 show diagnostics cable 2265 show diagnostics packet memory slot 1273 show diagnostics slot fdb 1275 sho...

Page 2616: ...show multilink 2222 show multilink alarms 2223 show multilink e1 alarms 2223 show multilink e1 errors 2224 show multilink errors 2224 2226 show multilink stats 2225 show multilink t1 alarms 2223 show multilink t1 errors 2226 show mvr 2091 show nat 490 show netlogin 1077 show netlogin guest vlan 1080 show netlogin mac 1081 show odometer 222 show ospf 1899 show ospf area 1900 show ospf area detail 1...

Page 2617: ...ort 1280 show trusted mac address 1101 show udp profile 1766 show version 824 show vlan 399 show vlan dhcp address allocation 247 show vlan dhcp config 248 show vlan security 1102 show vlan stpd 1631 show vrrp 1646 show vrrp vlan stats 1648 show wireless ap scan results 1382 show wireless ap scan results mac_address 1384 show wireless client scan results 1385 show wireless configuration 1387 show ...

Page 2618: ...2136 unconfigure ipxsap 2137 unconfigure irdp 1772 unconfigure lldp 2444 unconfigure lldp port 2445 unconfigure log filter 829 unconfigure log target format 830 unconfigure management 252 unconfigure mcast queue mgmt 2095 unconfigure mpls 2594 unconfigure mpls hello hold time 2595 unconfigure mpls qos mapping 2596 unconfigure msm failover 362 unconfigure mstp region 1633 unconfigure netlogin aging...

Page 2619: ...paddress 403 unconfigure vlan xnetid 2138 unconfigure wireless image configuration 1157 unconfigure wireless ports image configuration 1158 unconfigure wireless ports ipaddress 1434 unonfigure netlogin mac addr reauth period 1121 upgrade wireless port portlist all bootloader 1435 upload configuration 1159 upload configuration cancel 1161 upload log 843 upload system dump 1288 use configuration 116...

Page 2620: ...2620 ExtremeWare 7 7 Command Reference Guide Index of Commands ...

Reviews:

No comments

Related manuals for ExtremeWare 7.7

eTrex H - Hiking GPS Receiver

Brand: Garmin Pages: 100

Brand: M-Audio Pages: 4

Brand: M-Audio Pages: 4

DRUM AND BASS RIG

Brand: M-Audio Pages: 3

IFOLDER 3 - ADMINISTRATION

Brand: Novell Pages: 148

Brand: ROUTE 66 Pages: 28

ANTI-VIRUS - FOR FREEBSD-OPENBSD-BSDI MAIL SERVER

Brand: KAPERSKY Pages: 295

SMART Notebook SE

Brand: SMART Pages: 20

Brand: ASCOM Pages: 28

GZ-MG77 - Camcorder - 2.2 MP

Brand: JVC Pages: 72

Brand: Nokia Pages: 84

Brand: Sony Pages: 1

Walkman D-NE319

Brand: Sony Pages: 2

Brand: Sony Pages: 2

VAIO VGN-TXN17P/T

Brand: Sony Pages: 2

VAIO VGN-TXN19P

Brand: Sony Pages: 2

VAIO VGN-TXN17P/B

Brand: Sony Pages: 2

VAIO VGN-TXN15P/W

Brand: Sony Pages: 2

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands