NEC N8406-023 Command Reference Manual Download Page 86 | Manualshive

Page: 86 / 156

background image

N8406-023 1Gb Intelligent L3 Switch Command Reference Guide (ISCLI) 86

Secure Shell Server configuration

Telnet traffic on the network is not secure. These commands enable Secure Shell (SSH) access from any SSH
client. The SSH program securely logs into another computer over a network and executes commands in a secure
environment. All data using SSH is encrypted.

Secure Shell can be configured on the switch using the console port and Telnet only. The commands are not
available if you access the switch using the Browser-based Interface (BBI).

NOTE: See the

N8406-023 1Gb Intelligent L3 Switch Application Guide

for information on SSH.

The following table describes the SSHD Configuration commands.

Table 79 SSHD Configuration commands

Command

Description

ssh interval

<

0-24

>

Defines interval for auto-generating the RSA server key. The switch will auto-
generate the RSA server key at the interval defined in this command. The range
is 0-24 hours.
The value of zero (0) means the RSA server key auto-generation is disabled. If
the switch has been busy performing any other key generation and the assigned
time of interval expires, the RSA server will skip generating the key.

Command mode

: Global configuration

ssh scp-password

Defines the administrator password that is for Secure Copy (SCP) only. The
username for this SCP administrator is

scpadmin

.

Typically, SCP is used to copy files securely from one machine to another. In the
switch, SCP is used to download and upload the switch configuration using
secure channels.

Command mode

: Global configuration

ssh generate-host-key

Generates the RSA host keys manually. The switch creates this key
automatically while configuring the switch with Secure Shell (SSH). But you can
generate the key manually by using this command if you need to overwrite the
key for security reasons. The command will take effect immediately.

Command mode

: Global configuration

ssh generate-server-key

Generates the RSA server key. The switch creates this key automatically while
configuring the switch with Secure Shell (SSH). You can generate the key
manually by using this command if you need to overwrite the key for security
reasons. The command will take effect immediately.

Command mode

: Global configuration

ssh port

<

TCP port

number

>

Sets the SSH server port number.

Command mode

: Global configuration

ssh scp-enable

Enables the SCP apply and save.

Command mode

: Global configuration

no ssh scp-enable

Disables the SCP apply and save. This is the default for SCP.

Command mode

: Global configuration

ssh enable

Enables the SSH server.

Command mode

: Global configuration

no ssh enable

Disables the SSH server. This is the default for the SSH server.

Command mode

: Global configuration

show ssh

Displays the current SSH server configuration.

Command mode

: All except User EXEC

«
...
84
85
86
87
88
...
»

Summary of Contents for N8406-023

Page 1: ...N8406 023 1Gb Intelligent L3 Switch Command Reference Guide ISCLI Part number 856 126757 304 00 Second edition Oct 2007 456 01772 000 PN 456 01772 000 ...

Page 2: ...trued as constituting an additional warranty NEC shall not be liable for technical or editorial errors or omissions contained herein Microsoft Windows and Windows NT are U S registered trademarks of Microsoft Corporation SunOS and Solaris are trademarks of Sun Microsystems Inc in the U S and other countries Cisco is a registered trademark of Cisco Systems Inc and or its affiliates in the U S and c...

Page 3: ...rmation 20 SNMPv3 Target Address Table information 21 SNMPv3 Target Parameters Table information 21 SNMPv3 Notify Table information 22 SNMPv3 dump 23 System information 24 Show recent syslog messages 25 System user information 25 Layer 2 information 26 FDB information commands 27 Show all FDB information 27 Clearing entries from the forwarding database 27 Link Aggregation Control Protocol informat...

Page 4: ...Link statistics 62 Port RMON statistics 62 Layer 2 statistics 64 FDB statistics 64 LACP statistics 64 Layer 3 statistics 65 IP statistics 66 Route statistics 67 ARP statistics 67 DNS statistics 67 ICMP statistics 68 TCP statistics 69 UDP statistics 70 IGMP Multicast Group statistics 70 OSPF statistics 71 OSPF global statistics 71 VRRP statistics 74 RIP statistics 75 GEA Layer 3 statistics 76 GEA L...

Page 5: ...figuration 107 Bridge Spanning Tree configuration 108 Spanning Tree port configuration 109 Forwarding Database configuration 110 Static FDB configuration 110 Trunk configuration 110 Layer 2 IP Trunk Hash configuration 111 Link Aggregation Control Protocol configuration 111 LACP Port configuration 112 VLAN configuration 112 Layer 3 configuration 113 IP interface configuration 113 Default Gateway co...

Page 6: ...onfiguration 140 RMON history configuration 140 RMON event configuration 140 RMON alarm configuration 141 Port mirroring 142 Port based port mirroring 142 Uplink Failure Detection configuration 143 Failure Detection Pair configuration 143 Link to Monitor configuration 143 Link to Disable configuration 144 Configuration Dump 145 Saving the active switch configuration 145 Restoring the active switch...

Page 7: ...N8406 023 1Gb Intelligent L3 Switch Command Reference Guide ISCLI 7 Panic command 156 Unscheduled system dumps 156 ...

Page 8: ...configuration This chapter explains how to access the ISCLI to the switch Additional references Additional information about installing and configuring the switch is available in the following guides which are attached in this product N8406 023 1Gb Intelligent L3 Switch User s Guide N8406 023 1Gb Intelligent L3 Switch Application Guide N8406 023 1Gb Intelligent L3 Switch Command Reference Guide AO...

Page 9: ...ure the management port with an IP address Establishing a Telnet connection A Telnet connection offers the convenience of accessing the switch from any workstation connected to the network Telnet provides the same options for user operator and administrator access as those available through the console port By default Telnet is enabled on the switch The switch supports four concurrent Telnet conne...

Page 10: ...ch provides different levels or classes of user access Levels of access to the CLI and Web management functions and screens increase as needed to perform various switch management tasks The three levels of access are User Interaction with the switch is completely passive nothing can be changed on this switch Users may display information that has no security or privacy implications such as switch ...

Page 11: ...efault this switch disconnects the console Telnet or SSH session after five minutes of inactivity This function is controlled by the idle timeout parameter which can be set from 1 to 60 minutes To change this parameter see the System configuration section in the Configuration Commands chapter Typographical conventions The following table describes the typographic styles used in this guide Typeface...

Page 12: ...mand syntax descriptions Also indicates new terms and book titles Where a variable is two or more words the words are connected by a hyphen Example If the command syntax is show spanning tree stp 1 32 1 32 represents a number between 1 32 vertical line Separates choices for command keywords and arguments Enter only one of the choices Do not type the vertical line when entering the command Example ...

Page 13: ...ration of the switch If you save the configuration the settings survive a reload of the switch Several submodes are available within the Global Configuration mode the following table for more information Each command mode provides a specific set of commands The command set of each higher privilege mode is a superset of the lower privilege mode s All commands available in lower lower privilege mode...

Page 14: ...g configuration changes To get help about a specific command type the command followed by help The following table describes the global commands Table 4 Global commands Command Action Provides more information about a specific command or lists commands available at the current level exit Go up one level in the command mode structure copy running config startup config Write configuration changes to...

Page 15: ... the following full command Switch config spanning tree stp 1 bridge hello time 2 The command shown above could also be entered as Switch config sp stp 1 br h 2 Tab completion Entering the first letter of a command at any prompt and press the Tab key to display all available commands or options that begin with that letter Entering additional letters further refines the list of commands or options ...

Page 16: ... port including Port number Port speed 10 Mb s 100 Mb s 1000 Mb s or any Duplex mode half full or any Flow control for transmit and receive no yes or any Link status up or down Command mode All show interface information Displays port status information including Port number Whether the port uses VLAN tagging or not Port VLAN ID PVID Port name VLAN membership Command mode All show geaport Displays...

Page 17: ...following a new SNMP message format security for messages access control remote configuration of SNMP parameters For more details on the SNMPv3 architecture see RFC2271 to RFC2276 The following table describes the SNMPv3 Information commands Table 7 SNMPv3 Information commands Command Usage show snmp server v3 user Displays User Security Model USM table information Command mode All show snmp serve...

Page 18: ...ol The following table describes the SNMPv3 User Table information Table 8 User Table parameters Field Description User Name This is a string that represents the name of the user that you can use to access the switch Protocol This indicates whether messages sent on behalf of this user are protected from disclosure using a privacy protocol switch software supports DES algorithm for privacy The soft...

Page 19: ...tion or notification into a MIB view The View based Access Control Model defines a set of services that an application can use for checking access rights of a group This group s access rights are determined by a read view a write view and a notify view The read view represents the set of object instances authorized for the group while reading the objects The write view represents the set of object...

Page 20: ...3 User Name Displays the name for the user Group Name Displays the access name of the group SNMPv3 Community Table information The following command displays SNMPv3 community information show snmp server v3 community Command mode All Index Name User Name Tag trap1 public v1v2only v1v2trap This command displays the community table information stored in the SNMP engine The following table describes ...

Page 21: ...SNMP parameters to be used when generating messages to be sent to this transport address SNMPv3 Target Parameters Table information The following command displays SNMPv3 target parameters information show snmp server v3 target parameters Command mode All Name MP Model User Name Sec Model Sec Level v1v2param snmpv2c v1v2only snmpv1 noAuthNoPriv The following table describes the SNMPv3 Target Parame...

Page 22: ... the SNMPv3 Notify Table information Table 15 SNMPv3 Notify Table information Field Description Name The locally arbitrary but unique identifier associated with this snmpNotifyEntry Tag This represents a single tag value which is used to select entries in the snmpTargetAddrTable Any entry in the snmpTargetAddrTable that contains a tag value equal to the value of this entry is selected If this entr...

Page 23: ...V admin usm noAuthNoPriv org org org v1v2grp snmpv1 noAuthNoPriv org org v1v2only admingrp usm authPriv org org org vacmViewTreeFamily Table View Name Subtree Mask Type org 1 3 included v1v2only 1 3 included v1v2only 1 3 6 1 6 3 15 excluded v1v2only 1 3 6 1 6 3 16 excluded v1v2only 1 3 6 1 6 3 18 excluded vacmSecurityToGroup Table Sec Model User Name Group Name snmpv1 v1v2only v1v2grp usm admin ad...

Page 24: ...fault_Chassis_Name BayNumber 1 Switch is up 0 days 14 hours 56 minutes and 22 seconds Last boot 17 25 38 Mon Jan 8 2006 software reset MAC address 00 10 00 01 00 01 IP If 1 address 10 14 4 16 Revision Switch Serial No Spare Part No Software Version 1 0 0 FLASH image2 active configuration System information includes System date and time Switch model name and number Rack name and location Time of la...

Page 25: ...21 Jul 8 17 25 42 NOTICE system link up on port 4 Jul 8 17 25 42 NOTICE system link up on port 3 Jul 8 17 25 42 NOTICE system link up on port 6 Jul 8 17 25 42 NOTICE system link up on port 5 Jul 8 17 25 42 NOTICE system link up on port 10 Jul 8 17 25 42 NOTICE system link up on port 9 Each message contains a date and time field and has a severity level associated with it One of eight different pre...

Page 26: ... to seeing if STP is enabled or disabled you can view the following STP bridge information Priority Hello interval Maximum age value Forwarding delay Aging time You can also refer to the following port specific STP information Port number and priority Cost State Command mode All show spanning tree mstp cist information Displays Common internal Spanning Tree CIST bridge information including the fo...

Page 27: ...te forward trunk unknown Displays all FDB entries that match a particular state Command mode All show mac address table Displays all entries in the Forwarding Database Command mode All Show all FDB information The following command displays Forwarding Database information show mac address table Command mode All MAC address VLAN Port Trnk State 00 02 01 00 00 00 300 1 TRK 00 02 01 00 00 01 300 23 F...

Page 28: ...ays LACP information show lacp information Command mode All LACP dump port lacp adminkey operkey selected prio attached trunk aggr 1 off 1 1 n 32768 2 off 2 2 n 32768 3 off 3 3 n 32768 4 off 4 4 n 32768 5 off 5 5 n 32768 6 off 6 6 n 32768 7 off 7 7 n 32768 8 off 8 8 n 32768 LACP dump includes the following information for each port in the switch lacp Displays the port s LACP mode active passive or...

Page 29: ... 14 force auth unauthorized initialize initialize 15 force auth unauthorized initialize initialize 16 force auth unauthorized initialize initialize 17 force auth unauthorized initialize initialize 18 force auth unauthorized initialize initialize 19 force auth unauthorized initialize initialize 20 force auth unauthorized initialize initialize 21 force auth unauthorized initialize initialize 22 forc...

Page 30: ...information Command mode All show spanning tree Displays all STP information Command mode All The following command displays Spanning Tree information show spanning tree Command mode All upfast disabled update 40 Spanning Tree Group 1 On STP PVST VLANs 1 Current Root Path Cost Port Hello MaxAge FwdDel 8000 00 02 a5 d1 0f ed 8 20 2 20 15 Parameters Priority Hello MaxAge FwdDel Aging 32768 2 20 15 3...

Page 31: ...efore it reconfigures the STP network If the bridge is not the root bridge it uses the MaxAge value of the root bridge FwdDel The forward delay parameter specifies in seconds the amount of time that a bridge port has to wait before it changes from learning state to forwarding state If the bridge is not the root bridge it uses the FwdDel value of the root bridge Aging The aging time parameter speci...

Page 32: ...DSB 3 0 0 DSB 4 0 0 DSB 5 0 0 DSB 6 0 0 DSB 7 0 0 DSB 8 0 0 DSB 9 0 0 DSB 10 0 0 DISC 11 0 0 FWD DESG 8000 00 00 01 00 19 00 8017 P2P2 Edge 12 0 0 FWD DESG 8000 00 00 01 00 19 00 8018 P2P The switch software can be set to use the IEEE 802 1w Rapid Spanning Tree Protocol RSTP or the IEEE 802 1s Multiple Spanning Tree Protocol MSTP If RSTP MSTP is turned on you can view the following RSTP bridge inf...

Page 33: ... forwarding state If the bridge is not the root bridge it uses the FwdDel value of the root bridge Aging The aging time parameter specifies in seconds the amount of time the bridge waits without receiving a packet from a station before removing the station from the Forwarding Database Priority port The port priority parameter helps determine which bridge port becomes the designated port In a netwo...

Page 34: ... Prio Cost State Role Designated Bridge Des Port Hello Type 1 128 2000 FWD DESG 8000 00 03 42 fa 3b 80 8001 4 P2P Edge 2 128 2000 FWD DESG 8000 00 03 42 fa 3b 80 8002 3 128 2000 DSB 4 128 2000 DSB 5 128 2000 DSB 6 128 2000 DSB 7 128 2000 DSB 8 128 2000 DSB 9 128 2000 DSB 10 128 0 DSB 11 128 2000 FWD DESG 8000 00 03 42 fa 3b 80 12 128 2000 DSB In addition to seeing if Common Internal Spanning Tree ...

Page 35: ... ports connected to a single segment the port with the lowest port priority becomes the designated port for the segment Cost The port path cost parameter is used to help determine the designated port for a segment Generally speaking the faster the port the lower the path cost A setting of zero 0 indicates that the cost will be set to the appropriate default after the link speed has been auto negot...

Page 36: ...5 VLAN information commands Command Usage show vlan Displays VLAN information Command mode All show vlan information Displays VLAN information including spanning tree assignment Command mode All The following command displays VLAN information show vlan information Command mode All VLAN Name Status Ports 1 Default VLAN ena 4 5 2 pc03p ena 2 7 pc07f ena 7 11 pc04u ena 11 14 8600 14 ena 14 15 8600 15...

Page 37: ...ow ip igmp groups Displays IGMP Information Command mode All except User EXEC show ip vrrp information Displays the VRRP Information Command mode All except User EXEC show layer3 Dumps all switch information available from Layer 3 memory 10K or more depending on your configuration If you want to capture dump data to a file set your communication software on your workstation to capture session data...

Page 38: ...addr The following table describes the Type parameter Table 28 IP Routing Type information Field Description indirect The next hop to the host or subnet destination will be forwarded through a router at the Gateway address direct Packets will be delivered to a destination host or subnet attached to the switch local Indicates a route to one of the switch s IP interfaces broadcast Indicates a broadc...

Page 39: ...ed the address empty if no port has routed traffic to the IP address shown Command mode All except User EXEC show ip arp reply Displays the ARP address list IP address IP mask MAC address and VLAN flags Command mode All except User EXEC Show all ARP entry information The following command displays ARP information show ip arp Command mode All except User EXEC IP address Flags MAC address VLAN Port ...

Page 40: ...ace information Command mode All except User EXEC show ip ospf area virtual link information Displays information about all the configured virtual links Command mode All except User EXEC show ip ospf neighbor Displays the status of all the current neighbors Command mode All except User EXEC show ip ospf summary range 0 2 Displays the list of summary ranges belonging to non NSSA areas Command mode ...

Page 41: ...checksum sum 0x0 Total neighbors are 1 of which 2 are INIT state 2 are EXCH state 2 are FULL state Number of areas is 2 of which 3 transit 0 nssa Area Id 0 0 0 0 Authentication none Import ASExtern yes Number of times SPF ran 8 Area Border Router count 2 AS Boundary Router count 0 LSA count 5 LSA Checksum sum 0x2237B Summary noSummary OSPF interface information The following command displays OSPF ...

Page 42: ...mber of LSAs for each area c The total number of LSAs for each LSA type for all areas combined d The total number of LSAs for all LSA types for all areas combined No parameters are required Command mode All except User EXEC show ip ospf database external advertising router router ID link state id A B C D self Displays the AS external type 5 LSAs with detailed information of each field of the LSAs ...

Page 43: ...1 8 32 via 30 1 1 2 Routing Information Protocol information The following table describes the Routing Information Protocol RIP information commands Table 34 RIP information commands Command Usage show ip rip routes Displays RIP routes Command mode All except User EXEC show ip rip interface 1 255 Displays RIP interface information Command mode All except User EXEC show interface ip 1 255 rip Displ...

Page 44: ...ic 1 auth none key none RIP Interface 3 103 1 1 1 enabled version 2 listen enabled supply enabled default none poison disabled trigg enabled mcast enabled metric 1 IP information The following command displays Layer 3 information show layer3 information Command mode All Interface information 1 47 80 23 243 255 255 254 0 47 80 23 255 vlan 1 up Default gateway information metric strict 1 47 80 22 1 ...

Page 45: ...t groups on a single port Command mode All except User EXEC show ip igmp groups PortChannel 1 40 Displays all IGMP multicast groups on a single trunk group Command mode All except User EXEC show ip igmp groups Displays information for all multicast groups Command mode All except User EXEC IGMP multicast router port information The following table describes the commands used to display information ...

Page 46: ...al router using this command VRRP information includes Virtual router number Virtual router ID and IP address Interface number Ownership status owner identifies the preferred master virtual router A virtual router is the owner when the IP address of the virtual router and its IP interface are the same renter identifies virtual routers which are not owned by this device Priority value During the el...

Page 47: ... 1 23 0 0 1 24 0 0 1 The following table describes the IEEE 802 1p priority to COS queue information Table 37 802 1p Priority to COS Queue information Field Description Priority Displays the 802 1p Priority level Cosq Displays the Class of Service queue Weight Displays the scheduling weight of the COS queue The following table describes the IEEE 802 1p port priority information Table 38 802 1p Por...

Page 48: ...rmation show access control Command mode All Current ACL information Filter 1 profile Ethernet VID 1 0xfff Actions Set COS to 0 Filter 2 profile Ethernet VID 1 0xfff Actions Permit No ACL groups configured ACL information provides configuration parameters for each Access Control List It also shows which ACLs are included in each ACL Group RMON Information The following command displays general RMO...

Page 49: ...larm information The following command displays RMON alarm information show rmon alarm Command mode All RMON Alarm group configuration Index Interval Type rLimit fLimit rEvtIdx fEvtIdx last value 1 30 abs 10 0 1 0 0 2 900 abs 0 10 0 2 0 3 300 abs 10 20 0 0 0 4 1800 abs 10 0 1 0 0 5 1800 abs 10 0 1 0 0 8 1800 abs 10 0 1 0 56344540 10 1800 abs 10 0 1 0 0 11 1800 abs 10 0 1 0 0 15 1800 abs 10 0 1 0 0...

Page 50: ...ossed fEvtIdx Displays the falling alarm event index that is triggered when a falling threshold is crossed Last value Displays the last sampled value OID Displays the MIB Object Identifier for each alarm index RMON event information The following command displays RMON event information show rmon event Command mode All RMON Event group configuration Index Type Last Sent Description 1 both 0D 0H 1M ...

Page 51: ...E 1000 full yes yes down 11 GE 1000 any yes yes down 12 GE 1000 any yes yes down 13 GE 1000 any yes yes down 14 GE 1000 any yes yes down 15 GE 1000 any yes yes down 16 GE 1000 any yes yes down 17 GE 1000 full yes yes up 18 GE 1000 full yes yes up 19 GE 100 full yes yes up 20 GE 100 full yes yes down 21 GE 1000 full yes yes down 22 GE 1000 any yes yes down 23 SFP any full no no up 24 SFP any full n...

Page 52: ... 1 Downlink9 1 10 n Auto d 1 Downlink10 1 11 n Auto d 1 Downlink11 1 12 n Auto d 1 Downlink12 1 13 n Auto d 1 Downlink13 1 14 n Auto d 1 Downlink14 1 15 n Auto d 1 Downlink15 1 16 n Auto d 1 Downlink16 1 17 n Auto d 1 Xconnect1 1 18 n Auto d 1 Xconnect2 1 19 n Auto d 4095 Mgmt 4095 20 n Auto d 1 Uplink1 1 21 n Auto d 1 Uplink2 1 22 n Auto d 1 Uplink3 1 23 n Auto d 1 Uplink4 1 24 n Auto d 1 Uplink5...

Page 53: ...8 14 0 9 0 0 10 3 0 11 5 0 12 6 0 13 9 0 14 10 0 15 11 0 16 15 0 17 16 0 18 17 0 19 18 0 20 19 0 21 23 0 22 22 0 23 21 0 24 20 0 This display correlates the logical port number to the GEA unit on which each port resides SFP information The following command displays information about SFP modules show sfp Command mode All Port Device TX Enable RX Signal TX Fault SFP21 FI SFP NOT Installed SFP22 FI ...

Page 54: ...bled Uplink Failure Detection 3 Disabled Uplink Failure Detection 4 Disabled Uplink Failure Detection UFD information includes UFD status either enabled or disabled LtM status and member ports Spanning Tree status for LtM ports LtD status and member ports Information dump The following command dumps switch information show information dump Command mode All Use the dump command to dump all switch i...

Page 55: ...ta to a file set your communication software on your workstation to capture session data prior to issuing the dump command Command mode All Port Statistics The following table describes the Port Statistics commands The following sections provide more detailed information and commands Table 44 Port Statistics commands Command Usage show interface gigabitethernet port number dot1x counters Displays ...

Page 56: ...erRequestsToSupplicant 0 backendNonNakResponsesFromSupplicant 0 backendAuthSuccesses 0 backendAuthFails 0 The following table describes the 802 1x authenticator diagnostics for a selected port Table 45 802 1x statistics for port Statistics Description Authenticator Diagnostics authEntersConnecting Total number of times that the state machine transitions to the CONNECTING state from any other state...

Page 57: ...ate machine transitions from AUTHENTICATED to DISCONNECTED as a result of an EAPOLLogoff message being received from the Supplicant backendResponses Total number of times that the state machine sends an initial Access Request packet to the Authentication server Indicates that the Authenticator attempted communication with the Authentication Server backendAccessChallenges Total number of times that...

Page 58: ...cal bridging function including bridge management frames dot1PortInDiscards Count of valid frames received which were discarded that is filtered by the forwarding process dot1TpLearnedEntryDiscards The total number of Forwarding Database entries which have been or would have been learned but have been discarded due to a lack of space to store them in the Forwarding Database If this counter is incr...

Page 59: ...utUcastPkts ifOutMulticastPkts or ifOutBroadcastPkts and is not counted by the corresponding instance of the dot3StatsMultipleCollisionFrame object dot3StatsMultipleCollisionFrames A count of successfully transmitted frames on a particular interface for which transmission is inhibited by more than one collision A frame that is counted by an instance of this object is also counted by the correspond...

Page 60: ...astPkts 65356399 65385714 BroadcastPkts 0 6516 MulticastPkts 0 0 Discards 0 0 Errors 0 21187 The following table describes the interface IF statistics for a selected port Table 48 Interface statistics for port Statistics Description Octets IfHCIn The total number of octets received on the interface including framing characters UcastPkts IfHCIn The number of packets delivered by this sublayer to a ...

Page 61: ...mitted One possible reason for discarding such a packet could be to free up buffer space Errors IfHCOut For packet oriented interfaces the number of outbound packets that could not be transmitted because of errors For character oriented or fixed length interfaces the number of outbound transmission units that could not be transmitted because of errors Internet Protocol IP statistics Use the follow...

Page 62: ...rStatsPkts1024to1518Octets 0 The following table describes the Remote Monitoring RMON statistics of the selected port Table 51 RMON statistics Statistic Description etherStatsDropEvents The total number of packets received that were dropped because of system resource constraints etherStatsOctets The total number of octets of data including those in bad packets received on the network excluding fra...

Page 63: ...ms and 150 ms etherStatsCollisions The best estimate of the total number of collisions on this Ethernet segment etherStatsPkts64 Octets The total number of packets including bad packets received that were less than or equal to 64 octets in length excluding framing bits but including FCS octets etherStatsPkts65to127 Octets The total number of packets including bad packets received that were greater...

Page 64: ...rrent 91 hiwat 91 These commands enable you to display statistics regarding the use of the forwarding database including the number of current entries and the maximum number of entries ever recorded The following table describes the Forwarding Database FDB statistics Table 53 Forwarding Database statistics Statistic Description current Current number of entries in the Forwarding Database hiwat Hig...

Page 65: ...stics Command mode All except UserEXEC show ip tcp counters Displays Transmission Control Protocol TCP statistics Command mode All except UserEXEC show ip udp counters Displays User Datagram Protocol UDP statistics Add the argument clear to clear UDP statistics Command mode All except UserEXEC show ip igmp counters Displays IGMP statistics Command mode All except UserEXEC clear ip igmp 1 4094 coun...

Page 66: ...tagrams this counter includes datagrams discarded because the destination address was not a local address ipInUnknownProtos The number of locally addressed datagrams received successfully but discarded because of an unknown or unsupported protocol ipInDiscards The number of input IP datagrams for which no problems were encountered to prevent their continued processing but which were discarded for ...

Page 67: ...rs Command mode All except User EXEC ARP statistics arpEntriesCur 2 arpEntriesHighWater 4 The following table describes the Address Resolution Protocol ARP statistics Table 57 ARP statistics Statistic Description arpEntriesCur The total number of outstanding ARP entries in the ARP table arpEntriesHighWater The highest number of ARP entries ever recorded in the ARP table DNS statistics show ip dns ...

Page 68: ...ges received icmpInEchos The number of ICMP Echo request messages received icmpInEchoReps The number of ICMP Echo Reply messages received icmpInTimestamps The number of ICMP Timestamp request messages received icmpInTimestampReps The number of ICMP Timestamp Reply messages received icmpInAddrMasks The number of ICMP Address Mask Request messages received icmpInAddrMaskReps The number of ICMP Addre...

Page 69: ...pMaxConn The limit on the total number of TCP connections the switch can support In entities where the maximum number of connections is dynamic this object should contain the value 1 tcpActiveOpens The number of times TCP connections have made a direct transition to the SYN SENT state from the CLOSED state tcpPassiveOpens The number of times TCP connections have made a direct transition to the SYN...

Page 70: ...the IGMP Multicast Groups show ip igmp counters Command mode All except User EXEC IGMP Snoop vlan 1 statistics rxIgmpValidPkts 0 rxIgmpInvalidPkts 0 rxIgmpGenQueries 0 rxIgmpGrpSpecificQueries 0 rxIgmpLeaves 0 rxIgmpReports 0 txIgmpReports 0 txIgmpGrpSpecificQueries 0 txIgmpLeaves 0 These commands enable you to display statistics regarding the use of the IGMP Multicast Groups The following table d...

Page 71: ...ats Rx Tx Stats Rx Tx Pkts 0 0 hello 23 518 database 4 12 ls requests 3 1 ls acks 7 7 ls updates 9 7 Nbr change stats Intf change Stats hello 2 up 4 start 0 down 2 n2way 2 loop 0 adjoint ok 2 unloop 0 negotiation done 2 wait timer 2 exchange done 2 backup 0 bad requests 0 nbr change 5 bad sequence 0 loading done 2 n1way 0 rst_ad 0 down 1 Timers kickoff hello 514 retransmit 1028 lsa lock 0 lsa ack ...

Page 72: ...ication establishment between this router and other neighboring routers adjoint ok The sum total number of decisions to be made again as to whether an adjacency should be established maintained with the neighbor across all OSPF areas and interfaces negotiation done The sum total number of neighbors in this state wherein the Master slave relationship has been negotiated and sequence numbers have be...

Page 73: ...and interfaces backup The sum total number of Backup Designated Routers on the attached network for all OSPF areas and interfaces nbr change The sum total number of changes in the set of bidirectional neighbors associated with any interface across all OSPF areas Timers Kickoff hello The sum total number of times the Hello timer has been fired which triggers the send of a Hello packet across all OP...

Page 74: ... statistics for the VRRP LAN show ip vrrp counters Command mode All except User EXEC Layer 3 Statistics vrrp VRRP statistics vrrpInAdvers 0 vrrpBadAdvers 0 vrrpOutAdvers 0 vrrpBadVersion 0 vrrpBadVrid 0 vrrpBadAddress 0 vrrpBadData 0 vrrpBadPassword 0 vrrpBadInterval 0 The following table describes the VRRP statistics Table 65 VRRP statistics Field Description vrrpInAdvers The total number of VRRP...

Page 75: ...l number of RIP packets received RIP packets sent The total number of RIP packets transmitted RIP request received The total number of RIP requests received RIP response received The total number of RIP response received RIP request sent The total number of RIP requests transmitted RIP response sent The total number of RIP responses transmitted RIP route timeout The total number of RIP route timeo...

Page 76: ... ip gea bucket IP address Displays GEA statistics for a specific IP address Command mode All except User EXEC show ip gea Displays all GEA statistics Command mode All except User EXEC GEA Layer 3 statistics The following command displays GEA statistics show ip gea Command mode All except User EXEC GEA L3 statistics Max L3 table size 2048 Number of L3 entries used 0 Max LPM table size 256 Number of...

Page 77: ...fic packet statistics Description Example statistic allocs Total number of packet allocations from the packet buffer pool by the TCP IP protocol stack frees Total number of times the packet buffers are freed released to the packet buffer pool by the TCP IP protocol stack mediums Total number of packet allocations with size between 128 to 1536 bytes from the packet buffer pool by the TCP IP protoco...

Page 78: ...d displays UDP statistics show mp udp block Command mode All All UDP allocated control blocks 161 listen The following table describes the User Datagram Protocol UDP control block UCB statistics shown in this example Table 71 UDP statistics Description Example Statistic Control block 161 State listen CPU statistics The following command displays the CPU utilization statistics show mp cpu Command m...

Page 79: ...ages which were delivered to the SNMP protocol entity and were for an unsupported SNMP version snmpInBadC tyNames The total number of SNMP messages delivered to the SNMP entity that used an SNMP community name not known to the switch snmpInBadC tyUses The total number of SNMP messages delivered to the SNMP protocol entity that represented an SNMP operation which was not allowed by the SNMP communi...

Page 80: ...ntity snmpInGetNexts The total number of SNMP Get Next Protocol Data Units PDUs which have been accepted and processed by the SNMP protocol entity snmpInSetRequests The total number of SNMP Set Request Protocol Data Units PDUs which have been accepted and processed by the SNMP protocol entity snmpInGetResponses The total number of SNMP Get Response Protocol Data Units PDUs which have been accepted...

Page 81: ...iming Protocol version 3 to synchronize the switch s internal clock with an atomic time calibrated NTP server With NTP enabled the switch can accurately update its internal clock to be consistent with other devices on the network and generates accurate syslogs The following table describes the NTP statistics Table 74 NTP statistics Statistics Description Primary Server Requests Sent The total numb...

Page 82: ...escribes the Uplink Failure Detection UFD statistics Table 75 Uplink Failure Detection statistics Statistic Description Number of times LtM link failure The total numbers of times that link failures were detected on the uplink ports in the Link to Monitor group Number of times LtM link in Blocking State The total number of times that Spanning Tree Blocking state was detected on the uplink ports in...

Page 83: ...from FTP TFTP server Command mode All except User EXEC Viewing and saving changes As you use the configuration commands to set switch parameters the changes you make take effect immediately You do not need to apply configuration changes when you use the ISCLI Any changes are lost the next time the switch boots unless the changes are explicitly saved Saving the configuration You must save configura...

Page 84: ...lt is 5 minutes This setting affects both the console port and Telnet port Command mode Global configuration no system notice 1 1024 characters multi line to end Displays login notice immediately before the Enter password prompt This notice can contain up to 1024 characters and new lines Command mode Global configuration no banner 1 80 characters Configures a login banner of up to 80 characters Wh...

Page 85: ...cility 1 7 This option sets the facility level of the first or seconds syslog host displayed The default is 0 Command mode Global configuration no logging console Enables or disables delivering syslog messages to the console When necessary disabling console ensures the switch is not affected by syslog messages It is enabled by default Command mode Global configuration no logging log feature Displa...

Page 86: ...he username for this SCP administrator is scpadmin Typically SCP is used to copy files securely from one machine to another In the switch SCP is used to download and upload the switch configuration using secure channels Command mode Global configuration ssh generate host key Generates the RSA host keys manually The switch creates this key automatically while configuring the switch with Secure Shel...

Page 87: ...nd mode Global configuration no radius server telnet backdoor Enables or disables the RADIUS back door for telnet SSH HTTP HTTPS The default is disabled This command does not apply when secure backdoor is enabled Command mode Global configuration no radius server secure backdoor Enables or disables the RADIUS back door using secure password for telnet SSH HTTP HTTPS The default is disabled This co...

Page 88: ...r the number of the TCP port to be configured between 1 65000 The default is 49 Command mode Global configuration tacacs server retransmit 1 3 Sets the number of failed authentication requests before switching to a different TACACS server The range is 1 3 requests The default is 3 requests Command mode Global configuration tacacs server timeout 4 15 Sets the amount of time in seconds before a TACA...

Page 89: ...n is disabled The following table describes the NTP Server Configuration commands Table 82 NTP Server Configuration commands Command Description no ntp primary server IP address Prompts for the IP addresses of the primary NTP server to which you want to synchronize the switch clock For example 100 10 1 1 Command mode Global configuration no ntp secondary server IP address Prompts for the IP addres...

Page 90: ...ion The location can have a maximum of 64 characters Command mode Global configuration no snmp server contact 1 64 characters Configures the name of the system contact The contact can have a maximum of 64 characters Command mode Global configuration snmp server read community 1 32 characters Configures the SNMP read community string The read community string controls SNMP get access to the switch ...

Page 91: ...roup defines the access rights assigned to all names that belong to a particular group The range is 1 16 Command mode Global configuration snmp server community 1 16 Configures a community table entry The community table contains objects for mapping community strings and version independent SNMP message parameters The range is 1 16 Command mode Global configuration snmp server target address 1 16 ...

Page 92: ...or none If you specify des as the privacy protocol then make sure that you have selected one of the authentication protocols MD5 or HMAC SHA 96 If you select none as the authentication protocol you receive an error message You can create or change the privacy password Command mode Global configuration no snmp server user 1 16 Deletes the USM user entries Command mode Global configuration show snmp...

Page 93: ...ows you read access to a particular MIB view If the value is empty or if there is no active MIB view having this value then no access is granted Command mode Global configuration snmp server access 1 32 write view 1 32 characters Defines a 32 character long write view name that allows you write access to the MIB view If the value is empty or if there is no active MIB view having this value then no...

Page 94: ...s the community table entry Command mode Global configuration show snmp server v3 community Displays the community table configuration Command mode All SNMPv3 Target Address Table configuration The following table describes the SNMPv3 Target Address Table Configuration commands Table 90 SNMPv3 Target Address Table Configuration commands Command Description snmp server target address 1 16 address t...

Page 95: ...urity to be used when generating the SNMP messages using this entry The level noAuthNoPriv means that the SNMP message will be sent without authentication and without using a privacy protocol The level authNoPriv means that the SNMP mes sage will be sent with authentication but without using a privacy protocol The authPriv means that the SNMP message will be sent both with authentication and using...

Page 96: ...ccess tftp port TFTP port number Sets an optional telnet server port number for cases where the server listens for TFTP sessions on a non standard port The default is 69 Command mode Global configuration show access Displays the current system access parameters Command mode All except User EXEC Management Networks configuration The following table describes the Management Networks Configuration co...

Page 97: ...128 characters The super user administrator has complete access to all information and configuration commands on the switch including the ability to change both the user and administrator passwords Command mode Global configuration show access user Displays the current user status Command mode All except User EXEC User ID configuration The following table describes the User ID Configuration comman...

Page 98: ...ime The user can create a new certificate defining the information that they want to be used in the various fields For example Country Name 2 letter code JP State or Province Name full name Tokyo Locality Name for example city Fuchu Organization Name for example company NEC Organizational Unit Name for example section SIGMABLADE Common Name for example user s name Taro Email for example email addr...

Page 99: ...mode Interface port no tag pvid Disables or enables VLAN tag persistence When disabled the VLAN tag is removed from packets whose VLAN tag matches the port PVID The default value is enabled Command mode Interface port copper Configures the port s transmission media as copper This command is available only for Ports 21 24 Command mode Interface port fiber Configures the port s transmission media as...

Page 100: ...hanged Command mode Interface port duplex full half any Sets the operating mode Not all options are valid on all ports The choices include Full duplex Half duplex Any for automatic detection default Note Ports 1 16 are set to Any and Ports 17 18 are set to full duplex These ports cannot be changed Command mode Interface port flowcontrol receive send both Sets the flow control The choices include R...

Page 101: ...G 128 and path cost by 3000 for all external STP ports Command mode Global configuration spanning tree uplinkfast max update rate 10 200 Configures the station update rate in packets per second The range is 10 200 The default value is 40 Command mode Global configuration show layer2 Displays current Layer 2 parameters Command mode All 802 1x configuration This feature allows you to configure this ...

Page 102: ... configuration dot1x supplicant timeout 1 65535 Sets the time in seconds the authenticator waits for an EAP Response packet from the supplicant client before retransmitting the EAP Request packet to the authentication server The default value is 30 seconds dot1x server timeout 1 65535 Sets the time in seconds the authenticator waits for a response from the Radius server before declaring an authent...

Page 103: ...e from the supplicant client before retransmitting an EAP Request Identity frame The default value is 30 seconds Command mode Interface port dot1x supplicant timeout 1 65535 Sets the time in seconds the authenticator waits for an EAP Response packet from the supplicant client before retransmitting the EAP Request packet to the authentication server The default value is 30 seconds Command mode Inte...

Page 104: ... mstp maximum hop 4 60 Configures the maximum number of bridge hops a packet may to traverse before it is dropped The range is from 4 to 60 hops The default is 20 Command mode Global configuration spanning tree mode mst rstp pvst Selects either Rapid Spanning Tree mode as follows Rapid Spanning Tree mode rstp Multiple Spanning Tree mode mstp Per VLAN Spanning Tree pvst The default mode is pvst Com...

Page 105: ...ork is the MSTP root bridge To make this switch the root bridge configure the bridge priority lower than all other switches and bridges on your network The lower the value the higher the bridge priority The range is 0 to 65535 and the default is 32768 This command does not apply to RSTP See the Bridge Spanning Tree configuration section for more information Command mode Global configuration spanni...

Page 106: ...e path cost The default is 20000 for Gigabit ports Command mode Interface port spanning tree mstp cist hello 1 10 Configures the CIST port Hello time The Hello time specifies how often the root bridge transmits a configuration bridge protocol data unit BPDU Any bridge that is not the root bridge uses the root bridge Hello value The range is 1 to 10 seconds and the default is 2 seconds Command mode...

Page 107: ...ing tree and requires an external VLAN ID as a parameter Command mode Global configuration no spanning tree stp 1 128 vlan 1 4095 Breaks the association between a VLAN and a spanning tree and requires an external VLAN ID as a parameter Command mode Global configuration no spanning tree stp 1 128 vlan all Removes all VLANs from a spanning tree Command mode Global configuration spanning tree stp 1 1...

Page 108: ...l data unit BPDU Any bridge that is not the root bridge uses the root bridge hello value The range is 1 to 10 seconds and the default is 2 seconds This command does not apply to MSTP See the Common Internal Spanning Tree configuration section for more information Command mode Global configuration spanning tree stp 1 128 bridge maximum age 6 40 Configures the bridge maximum age The maximum age para...

Page 109: ...nge is 0 to 65535 The default is 4 for Gigabit ports except Port 19 A value of 0 indicates that the default cost will be computed for an auto negotiated link speed The default cost is 19 for 100Mb s ports and 4 for Gigabit ports RSTP MSTP The range is 0 200000000 and the default is 20000 for Gigabit ports except Port 19 Command mode Interface port spanning tree stp 1 128 link auto p2p shared Defin...

Page 110: ...er combining their bandwidth to create a single larger port Up to 12 trunk groups can be configured on the switch with the following restrictions Any physical switch port can belong to no more than one trunk group Up to six ports trunks can belong to the same trunk group All ports in a trunk must have the same configuration for speed flow control and auto negotiation Trunking from other devices mu...

Page 111: ...mmand mode Global configuration portchannel hash source destination ip Enable trunk hashing on the source and destination IP Command mode Global configuration portchannel hash source destination mac Enable trunk hashing on the source and destination MAC address Command mode Global configuration show portchannel hash Display current trunk hash configuration Command mode All Link Aggregation Control...

Page 112: ...butes change the status of the VLAN delete the VLAN and change the port membership of the VLAN By default the VLANs are disabled except VLAN 1 and 4095 which is always enabled The switch supports a maximum of 1 000 VLANs VLAN 4095 is reserved for switch management interface NOTE See the N8406 023 1Gb Intelligent L3 Switch Application Guide for information on VLANs The following table describes the...

Page 113: ...ion Command mode All except User EXEC IP interface configuration The switch can be configured with up to 256 IP interfaces Each IP interface represents the switch on an IP subnet on your network The IP Interface option is disabled by default Interface 256 is reserved for switch management The following table describes the IP Interface Configuration commands Table 120 IP Interface Configuration com...

Page 114: ...n no ip gateway 1 4 arp health check Enables or disables Address Resolution Protocol ARP health checks This command is disabled by default Command mode Global configuration ip gateway 1 4 enable Enables the gateway for use Command mode Global configuration no ip gateway 1 4 enable Disables the gateway Command mode Global configuration no ip gateway 1 4 Deletes the gateway from the configuration Co...

Page 115: ...mode All except User EXEC Static ARP configuration The following table describes the Static ARP Configuration commands Table 124 Static ARP Configuration commands Command Description ip arp IP address MAC address VLAN number port number Adds a single ARP entry to switch memory Command mode Global configuration no ip arp IP address Removes a single ARP entry from switch memory Command mode Global c...

Page 116: ...0 0 This command defines the range of IP addresses that will be accepted by the peer when the filter is enabled Command mode Global configuration ip match address 1 256 enable Enables the Network Filter configuration Command mode Global configuration no ip match address 1 256 enable Disables the Network Filter configuration Command mode Global configuration no ip match address 1 256 Deletes the Ne...

Page 117: ... no metric 1 16777214 Sets the metric of the matched route Command mode Route Map no metric type 1 2 Assigns the type of OSPF metric The default is type 1 Type 1 External routes are calculated using both internal and external metrics Type 2 External routes are calculated using only the external metrics no Removes the OSPF metric Command mode Route Map precedence 1 255 Sets the precedence of the ro...

Page 118: ...ts the network filter number Command mode Route Map no access list 1 8 metric 1 1677214 Sets the metric value in the AS External ASE LSA Command mode Route Map access list 1 8 action permit deny Permits or denies action for the access list Command mode Route Map access list 1 8 enable Enables the access list Command mode Route Map no access list 1 8 enable Disables the access list Command mode Rou...

Page 119: ...ses RIP version 2 The following table describes the RIP Interface Configuration commands Table 130 RIP Interface Configuration commands Command Description ip rip version 1 2 both Configures the RIP version used by this interface The default value is version 2 Command mode Interface IP no ip rip supply When enabled the switch supplies routes to other routers This command is enabled by default Comm...

Page 120: ...face IP no ip rip enable Disables this RIP interface This is the default Command mode Interface IP show interface ip 1 256 rip Displays the current RIP configuration Command mode All except User EXEC RIP Route Redistribution configuration The following table describes the RIP Route Redistribute commands Table 131 RIP Redistribute commands Command Description redistribute fixed static ospf eospf 1 ...

Page 121: ...ey key string Assigns a string to MD5 authentication key Command mode Router OSPF host 1 128 Configures an OSPF host route Up to 128 host routes can be configured Host routes are used for advertising network device IP addresses to external networks to perform server load balancing within OSPF It also makes Area Border Route ABR load sharing and ABR failover possible Command mode Router OSPF lsdb l...

Page 122: ...eas The default is transit Command mode Router OSPF area 0 2 stub metric 1 65535 Configures a stub area to send a numeric metric value All routes received via that stub area carry the configured metric to potentially influencing routing decisions Metric value assigns the priority for choosing the switch for default route Metric type determines the method for influencing routing decisions for exter...

Page 123: ... assigned priority value to the OSPF interfaces A priority value of 255 is the highest and 1 is the lowest A priority value of 0 specifies that the interface cannot be used as Designated Router DR or Backup Designated Router BDR The default value is 1 Command mode Interface IP ip ospf cost 1 65535 Configures cost set for the selected path preferred or backup Usually the cost is inversely proportio...

Page 124: ...is one second Command mode Router OSPF area virtual link 1 3 retransmit interval 1 3600 Configures the retransmit interval in seconds Default is five seconds Command mode Router OSPF area virtual link 1 3 neighbor router IP address Configures the router ID of the virtual neighbor Default is 0 0 0 0 Command mode Router OSPF no area virtual link 1 3 key key string Configures the password up to eight...

Page 125: ...redistribution protocol matched by the route maps in the route redistribution list will be redistributed Command mode Router OSPF no redistribute fixed static rip 1 32 Removes the route map from the route redistribution list Removes routing maps from the rmap list Command mode Router OSPF no redistribute fixed static rip export metric 1 16777214 metric type 1 2 Exports the routes of this protocol ...

Page 126: ...conds The default value is 125 Command mode Global configuration ip igmp snoop robust 2 10 Configures the IGMP Robustness variable which allows you to tune the switch for expected packet loss on the subnet If the subnet is expected to be lossy high rate of packet loss then increase the value The default value is 2 Command mode Global configuration no ip igmp snoop aggregate Enables or disables IGM...

Page 127: ... Enables IGMP filtering globally Command mode Global configuration no ip igmp filtering Disables IGMP Filtering globally This is the default Command mode Global configuration show ip igmp filtering Displays the current IGMP Filtering parameters Command mode All except User EXEC IGMP filter definition The following table describes the IGMP Filter Definition commands Table 143 IGMP Filter Definition...

Page 128: ... notation Command mode Global configuration no ip dns secondary server IP address Sets the IP address for your secondary DNS server If the primary DNS server fails the configured secondary will be used instead Enter the IP address using dotted decimal notation Command mode Global configuration no ip dns domain name string Sets the default domain name used by the switch For example mycompany com Co...

Page 129: ...er configuration Virtual Router commands are used for configuring up to 255 virtual routers for this switch A virtual router is defined by its virtual router ID and an IP address On each VRRP capable routing device participating in redundancy for this virtual router a virtual router will be configured to share the same virtual router ID and IP address Virtual routers are disabled by default The fo...

Page 130: ...al router will automatically be set to 255 highest When priority tracking is used this base priority value can be modified according to a number of performance and operational criteria Command mode Router VRRP virtual router 1 255 timers advertise 1 255 Defines the time interval between VRRP master advertisements This can be any integer between 1 and 255 seconds The default value is 1 Command mode...

Page 131: ... this switch An IP interface is considered active when there is at least one active port on the same VLAN This helps elect the virtual routers with the most available routes as the master This command is disabled by default Command mode Router VRRP no virtual router 1 255 track ports When enabled the priority for this virtual router will be increased for each active port on the same VLAN A port is...

Page 132: ...oup enable Enables the virtual router group Command mode Router VRRP no group enable Disables the virtual router group This is the default Command mode Router VRRP no group Deletes the virtual router group from the switch configuration Command mode Router VRRP show ip vrrp group Displays the current configuration information for the virtual router group Command mode All except User EXEC VRRP Virtu...

Page 133: ...ommand mode All except User EXEC VRRP Tracking configuration These commands are used for setting weights for the various criteria used to modify priority levels during the master router election process Each time one of the tracking criteria is met the priority level for the virtual router is increased The following table describes the VRRP Tracking Configuration commands Table 153 VRRP Tracking C...

Page 134: ...th numerically lower priority bits value The following table describes the 802 1p Configuration commands Table 154 802 1p Configuration commands Command Description qos transmit queue mapping priority 0 7 queue 0 1 Maps the 802 1p priority to the Class of Service queue COSq Enter the 802 1p priority value 0 7 followed by the Class of Service queue 0 1 that handles the matching traffic Command mode...

Page 135: ...ult values Command mode Global configuration show access control list ACL number Displays the current ACL parameters Command mode All NOTE ACL number is available from 1 to 762 ACLs are divided into Precedence Groups Each Precedence Group provides a different set of packet classifiers for the ACLs within the Precedence Group See the Quality of Service chapter in the Application Guide ACL Ethernet ...

Page 136: ...ddress in dotted decimal notation Command mode Global configuration no access control list ACL number ipv4 destination ip address IP address IP mask Defines a destination IP address for the ACL If defined traffic with this destination IP address will match this ACL Command mode Global configuration no access control list ACL number ipv4 protocol 0 255 Defines an IP protocol for the ACL If defined ...

Page 137: ...nd mode Global configuration no access control list ACL number tcp udp flags value 0x0 0x3f mask Defines a TCP UDP flag for the ACL Command mode Global configuration default access control list ACL number tcp udp Resets the TCP UDP parameters for the ACL to their default values Command mode Global configuration show access control list ACL number tcp udp Displays the current TCP UDP Filtering para...

Page 138: ...the current ACL metering parameters Command mode All ACL Re mark configuration You can choose to re mark IP header data for the selected ACL You can configure different re mark values based on whether packets fall within the ACL Metering profile or out of the ACL Metering profile The following table describes the ACL Re mark Configuration commands Table 161 ACL Re mark Configuration commands Comma...

Page 139: ...Configuration commands Table 164 ACL Re mark Out of Profile Configuration commands Command Description no access control list ACL number re mark out profile dscp 0 63 Sets the DiffServ Code Point DSCP of Out of Profile packets to the selected value The switch sets the DSCP value on Out of Profile packets Command mode Global configuration default access control list ACL number re mark Resets the up...

Page 140: ... interval over which the data is sampled for each bucket The range is from 1 to 3600 seconds The default value is 1800 seconds Command mode Global configuration no rmon history 1 65535 owner 1 127 characters Enter a text string that identifies the person or entity that uses this history index The owner can have a maximum of 127 characters Command mode Global configuration no rmon history 1 65535 D...

Page 141: ...m 1 65535 alarm type rising falling either Configures the alarm type as rising falling or either rising or falling The default is either Command mode Global configuration rmon alarm 1 65535 rising limit 2147483647 to 2147483647 Configures the rising threshold for the sampled statistic When the current sampled value is greater than or equal to this threshold and the value at the last sampling inter...

Page 142: ...red and monitoring ports Command mode All Port based port mirroring The following table describes the port based Port Mirroring Configuration commands Table 171 Port Mirroring Configuration commands Command Description port mirroring monitor port port number mirroring port port number in out both Adds the port to be mirrored This command also allows you to enter the direction of the traffic It is ...

Page 143: ...hich consists of one Link to Monitor LtM and one Link to Disable LtD When the switch detects a failure on the LtM it automatically disables the ports in the LtD The following table describes the Failure Detection Pair FDP configuration commands Table 173 Failure Detection Pair Configuration commands Command Description enable Enables the FDP Parameters Command mode FDP configuration no enable Disa...

Page 144: ...d mode FDP configuration no ltd port port number Removes a port from the current LtD group Command mode FDP configuration ltd portchannel 1 12 Adds a trunk group to the current LtD group LtD trunk groups can contain only downlink ports 1 16 Command mode FDP configuration no ltd portchannel 1 12 Removes a trunk group from the current LtD group Command mode FDP configuration ltd adminkey 1 65535 Add...

Page 145: ...nning config tftp ftp NOTE The output file is formatted with line breaks but no carriage returns The file cannot be viewed with editors that require carriage returns such as Microsoft Notepad NOTE If the TFTP server is running SunOS or the Solaris operating system the specified file must exist prior to executing the copy running config tftp command and must be writable set with proper permission a...

Page 146: ...ber rmon Enables or disables Remote Monitoring for the port RMON must be enabled for any RMON configurations to function Command mode All no interface gigabitethernet port number shutdown Temporarily enables the port The port will be returned to its configured operation mode when the switch is reloaded Note This command does not enable a port that has been disabled by an ekeying mismatch error Com...

Page 147: ...ter virtual router on this switch into backup mode This is generally used for passing master control back to a preferred switch once the preferred switch has been returned to service after a failure When this command is executed the current master gives up control and initiates a new election by temporarily advertising its own priority level as 0 lowest After the new election the virtual router fo...

Page 148: ...ed image1 and image2 as well as boot software called boot When you download new software you must specify where it should be placed either into image1 image2 or boot For example if your active image is currently loaded into image1 you would probably load the new image software into image2 This lets you test the new software and reload the original active image stored in image1 if needed To downloa...

Page 149: ... 90 seconds Please wait Write complete 1333953 bytes now verifying FLASH Verification of new image2 in FLASH successful image2 now contains Software Version 1 1 0 Switch is currently set to boot software image1 Do you want to change that to the new image2 y n y Next boot will use new software image2 Selecting a software image to run You can select which software image image1 or image2 you want to ...

Page 150: ...ration block There is also a factory configuration block This holds the default configuration set by the factory when the switch was manufactured Under certain circumstances it may be desirable to reset the switch configuration to the default This can be useful when a custom configured switch is moved to a network environment where it will be re configured for a different purpose Use the following...

Page 151: ...switch is the AOS CLI To access the ISCLI enter the following command and reset the switch Main boot mode iscli Users can select the CLI mode upon login if the following command is enabled boot cli mode prompt Only an administrator connected through the console port can view and enable the prompt command When prompt is enabled the first user to log in can select the CLI mode Subsequent users must ...

Page 152: ...ommands Table 180 System Maintenance commands Command Usage debug debug flags Sets the flags that are used for debugging purposes by NEC technical support Command mode All except User EXEC Forwarding Database maintenance The Forwarding Database FDB Manipulation commands can be used to view information and to delete a MAC address from the Forwarding Database or clear the entire Forwarding Database ...

Page 153: ...trace buffer This buffer contains information traced at the time that a reset occurred Command mode All except User EXEC clear flash config Deletes all flash configuration blocks The next time the switch is rebooted it returns to the factory default settings Command mode All except User EXEC ARP cache maintenance The following table describes the Address Resolution Protocol commands Table 183 ARP ...

Page 154: ...nds Table 185 IGMP Multicast Group Maintenance commands Command Usage show ip igmp groups vlan 1 4094 Shows IGMP Multicast groups on a single VLAN Command mode All except User EXEC show ip igmp mrouter Shows all IGMP Multicast routers Command mode All except User EXEC clear ip igmp mrouter Clears IGMP Multicast router data from switch memory Command mode All except User EXEC Technical support dump...

Page 155: ...witch show flash dump uuencode The dump information is displayed on your screen and if you have configured your communication software to do so captured to a file If the dump region is empty the following displays No FLASH dump available TFTP FTP system dump put Use this command to put save the system dump to a TFTP FTP server NOTE If the TFTP server is running SunOS or the Solaris operating syste...

Page 156: ... A list of messages is displayed Starting system dump done Reboot at 11 54 08 Wednesday October 30 2006 Rebooted because of console PANIC command Booting complete Unscheduled system dumps If there is an unscheduled system dump to flash memory the following message is displayed when you log on to the switch Note A system dump exists in FLASH The dump was saved at 13 43 22 Wednesday October 30 2006 ...

Reviews:

No comments

Related manuals for N8406-023

Brand: ifs Pages: 352

Brand: LEGRAND Pages: 2

MyPower S2300-28TC-AC

Brand: Maipu Pages: 31

Brand: Delta Electronics Pages: 1

Brand: Tripp Lite Pages: 80

RoamAbout RBT-4102-BG

Brand: Enterasys Pages: 72

Brand: UniFi Pages: 8

Brand: Fairchild Pages: 19

TurboIron 24X series

Brand: Brocade Communications Systems Pages: 82

Brand: UNICOM Pages: 15

kontron KSwitch D1 UGPD

Brand: S&T Pages: 40

Cutler-Hammer RTHMFDA20100WSU

Brand: Eaton Pages: 28

Brand: KDS Pages: 10

Brand: DVIGear Pages: 11

SMT-8-...-B Series

Brand: Festo Pages: 2

IDAN-LAN25255HR

Brand: rtd Pages: 24

Brand: ATTE Pages: 4

BusStation F5U100, BusStation F5U100-BLU, BusStation FW100-SLV, BusStation F5U100-ORG

Brand: Belkin Pages: 7

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands