NETGEAR FSM726v3 - ProSafe Fast Ethernet L2 Managed Switch Cli Manual Download Page 286 | Manualshive

Page: 286 / 558

background image

Managed Switch CLI Manual, Release 8.0

Quality of Service (QoS) Commands

5-19

v1.0, July 2009

(listed below). The currently supported

<portkey>

values are: domain, echo, ftp, ftpdata, http,

smtp, snmp, telnet, tftp, www. Each of these translates into its equivalent port number, which is
used as both the start and end of a port range.

To specify the match condition as a numeric value, one layer 4 port number is required. The port
number is an integer from 0 to 65535.

DiffServ Policy Commands

Use the DiffServ policy commands to specify traffic conditioning actions, such as policing and
marking, to apply to traffic classes

Use the policy commands to associate a traffic class that you define by using the class command
set with one or more QoS policy attributes. Assign the class/policy association to an interface to
form a service. Specify the policy name when you create the policy.

Each traffic class defines a particular treatment for packets that match the class definition. You can
associate multiple traffic classes with a single policy. When a packet satisfies the conditions of
more than one class, preference is based on the order in which you add the classes to the policy.
The first class you add has the highest precedence.

This set of commands consists of policy creation/deletion, class addition/removal, and individual
policy attributes.

The CLI command root is

policy-map

.

Default

none

Format

match srcl4port {<portkey> | <0-65535>}

Mode

Class-Map Config
Ipv6-Class-Map Config

Note:

The only way to remove an individual policy attribute from a class instance within

a policy is to remove the class instance and re-add it to the policy. The values
associated with an existing policy attribute can be changed without removing the
class instance.

«
...
284
285
286
287
288
...
»

Summary of Contents for FSM726v3 - ProSafe Fast Ethernet L2 Managed Switch

Page 1: ...202 10530 01 July 2009 NETGEAR Inc 350 Plumeria Dr San Jose CA 95124 USA ProSafe 7200 Managed Switches CLI Manual Software Version 8 0...

Page 2: ...1992 The operation of some equipment for example test transmitters in accordance with the regulations may however be subject to certain restrictions Please refer to the notes in the operating instruct...

Page 3: ...umber FSM72xx GSM72xx Publication Date July 2009 Product Family managed switch Product Name ProSafe 7200 Series Stackable Managed Switches Home or Business Product Business Language English Publicatio...

Page 4: ...v1 0 July 2009 iv...

Page 5: ...ng Convention 1 3 Using the No Form of a Command 1 4 Managed Switch Modules 1 5 Command Modes 1 5 Command Completion and Abbreviation 1 9 CLI Error Messages 1 9 CLI Line Editing Conventions 1 10 Using...

Page 6: ...P Inspection Commands 3 130 IGMP Snooping Configuration Commands 3 138 IGMP Snooping Querier Commands 3 147 Port Security Commands 3 153 LLDP 802 1AB Commands 3 157 LLDP MED Commands 3 168 Denial of S...

Page 7: ...ommands 6 6 Logging Commands 6 18 System Utility and Clear Commands 6 24 Simple Network Time Protocol SNTP Commands 6 34 DHCP Server Commands 6 40 DNS Client Commands 6 55 Packet Capture Commands 6 61...

Page 8: ...10 QoS 8 16 Routing IPv6 Routing 8 17 Multicast 8 21 Stacking 8 23 Technologies 8 23 O S Support 8 26 Chapter 9 Captive Portal Commands Capitve Portal Global Commands 9 1 Captive Portal Configuration...

Page 9: ...hat the reader has an understanding of the software base and has read the appropriate specification for the relevant networking device platform It also assumes that the reader has a basic knowledge of...

Page 10: ...erformance and feature sets continue to improve Devices that are capable of switching Layers 2 3 and 4 are increasingly in demand The software provides a flexible solution to these ever increasing nee...

Page 11: ...ommand prompt CLI text code italic URL links Note This format is used to highlight information of importance or special interest Tip This format is used to highlight a procedure that will save time or...

Page 12: ...omputer must have the free Adobe Acrobat reader installed in order to view and print PDF files The Acrobat reader is available on the Adobe Web site at http www adobe com Revision History Part Number...

Page 13: ...Switch Modules on page 1 5 Command Modes on page 1 5 Command Completion and Abbreviation on page 1 9 CLI Error Messages on page 1 9 CLI Line Editing Conventions on page 1 10 Using CLI Help on page 1 1...

Page 14: ...f the information that the command shows Command Conventions In this document the command name is in bold font Parameters are in italic font You must replace the parameter name with an appropriate val...

Page 15: ...s in the following formats a 32 bits a b 8 24 bits a b c 8 8 16 bits a b c d 8 8 8 8 In addition to these formats the CLI accepts decimal hexadecimal and octal formats through the following input form...

Page 16: ...to the maximum number of physical slots Logical slot numbers Logical slots immediately follow physical slots and identify port channel LAG or router interfaces CPU slot numbers The CPU slots immediat...

Page 17: ...management of the device through an IPv6 through an IPv6 address without requiring the IPv6 Routing package in the system The management address can be associated with the network port front panel sw...

Page 18: ...ntains commands to configure outbound telnet settings and console interface settings Policy Map Config Switch Config policy map Contains the QoS Policy Map configuration commands Policy Class Config S...

Page 19: ...o exit to the User EXEC mode enter exit or press Ctrl Z Global Config From the Privileged EXEC mode enter configure To exit to the Privileged EXEC mode enter exit or press Ctrl Z VLAN Config From the...

Page 20: ...exit to the Global Config mode enter exit To return to the Privileged EXEC mode enter Ctrl Z Router RIP Config From the Global Config mode enter router rip To exit to the Global Config mode enter exit...

Page 21: ...v6 Pool Config From the Global Config mode enter ip dhcpv6 pool pool name To exit to the Global Config mode enter exit To return to the Privileged EXEC mode enter Ctrl Z Stack Global Config Mode From...

Page 22: ...the command Table 8 CLI Editing Conventions Key Sequence Description DEL or Backspace Delete previous character Ctrl A Go to beginning of line Ctrl E Go to end of line Ctrl F Go forward one character...

Page 23: ...ble Disable mgmt_vlan Configure the Management VLAN ID of the switch parms Configure Network Parameters of the router protocol Select DHCP BootP or None as the network config protocol If the help outp...

Page 24: ...connection from a remote management host For the initial connection you must use a direct connection to the console port You cannot access the system remotely until the system has an IP address subne...

Page 25: ...ort stacking stack This command sets the mode to Stack Global Config Note The commands in this chapter are in one of two functional groups Note Show commands display switch settings statistics and oth...

Page 26: ...he ability of a switch to become the Primary Management Unit The unit is the switch identifier The value is the preference parameter that allows the user to specify priority of one backup switch over...

Page 27: ...tounit is the switch identifier on the new Primary Management Unit Upon execution the entire stack including all interfaces in the stack is unconfigured and reconfigured with the configuration on the...

Page 28: ...d and the slot will be re configured with default information for the card no slot This command removes configured information from an existing slot in the system set slot disable This command configu...

Page 29: ...es the configuration from the contents of the slot If the slot is empty this administrative mode removes the configuration from any module inserted into the slot If a card is disabled all the ports on...

Page 30: ...command resets the entire stack or the identified unit The unit is the switch identifier The system prompts you to confirm that you want to reset the switch show slot This command displays informatio...

Page 31: ...the card inserted in the slot Model Identifier is a 32 character field used to identify a card This field is displayed only if the slot is full Inserted Card Description The card description This fiel...

Page 32: ...tifier The model identifier of the switch in the stack Model Identifier is a 32 character field assigned by the device manufacturer to identify the device Switch Status The switch status Possible valu...

Page 33: ...e configuration then the code version is None Detected Code in Flash The version of code that is currently stored in FLASH memory on the switch This code executes after the switch is reset If the swit...

Page 34: ...is command is not supported on the FSM7226RS or FSM7250RS show stack port This command displays summary stack port information for all interfaces Model Identifier The model identifier for the supporte...

Page 35: ...of the stack port link Format show stack port counters Mode Privileged EXEC Term Definition Unit The unit number Interface The slot and port numbers Tx Data Rate Trashing data rate in megabits per sec...

Page 36: ...neers FAEs and developers An FAE will advise on the necessity to run this command and capture this information Format show stack port diag Mode Privileged EXEC Term Definition Unit The unit number Int...

Page 37: ...3 50 Protected Ports Commands on page 3 51 Private Group Commands on page 3 53 GVRP Commands on page 3 58 GMRP Commands on page 3 60 Port Based Network Access Control Commands on page 3 63 Storm Cont...

Page 38: ...ce port interface range This command gives you access to a range of port interfaces allowing the same port configuration to be applied to a set of ports Warning The commands in this chapter are in one...

Page 39: ...e LAG link aggregation or port channel virtual interface which allows certain port configurations to be applied to the LAG interface Type a question mark after entering the interface configuration mod...

Page 40: ...egotiate all This command disables automatic negotiation on all ports description Use this command to create an alpha numeric description of the port Note Automatic sensing is disabled when automatic...

Page 41: ...lid integer between 1518 9216 for untagged packets no mtu This command sets the default MTU size in bytes for the interface shutdown This command disables a port Note To receive and process packets th...

Page 42: ...ll ports no shutdown all This command enables all ports Format shutdown Mode Interface Config Format no shutdown Mode Interface Config Note You can use the shutdown all command on physical and port ch...

Page 43: ...rmation Format speed 100 10 half duplex full duplex Mode Interface Config Acceptable Values Definition 100h 100BASE T half duplex 100f 100BASE T full duplex 10h 10BASE T half duplex 10f 10BASE T full...

Page 44: ...desired port speed and duplex mode If auto negotiation support is selected then the duplex mode and speed is set from the auto negotiation process Note that the maximum capability of the port full dup...

Page 45: ...by forward slashes Description Shows the port description configured via the description command Format show port status unit slot port all Mode Privileged EXEC Term Definition Interface Valid slot a...

Page 46: ...anning tree This command sets the spanning tree operational mode to disabled While disabled the spanning tree configuration is retained and can be changed but is not activated spanning tree bpdufilter...

Page 47: ...rface spanning tree bpduguard Use this command to enable BPDU Guard on the switch no spanning tree bpduguard Use this command to disable BPDU Guard on the switch Default enabled Format no spanning tre...

Page 48: ...stem configuration or have a no version spanning tree configuration name This command sets the Configuration Identifier Name for use in identifying the configuration that this switch is currently usin...

Page 49: ...e configuration that this switch is currently using to the default value spanning tree edgeport This command specifies that this port is an Edge Port within the common and internal spanning tree This...

Page 50: ...ather than MST BPDUs IEEE 802 1w functionality supported no spanning tree forceversion This command sets the Force Protocol Version parameter to the default value spanning tree forward time This comma...

Page 51: ...ng tree protocol no spanning tree guard This command disables loop guard or root guard on the interface spanning tree max age This command sets the Bridge Max Age parameter to a new value for the comm...

Page 52: ...l spanning tree to the default value spanning tree mst This command sets the Path Cost or Port Priority for this port within the multiple spanning tree instance or in the common and internal spanning...

Page 53: ...ity for this port within the multiple spanning tree instance or in the common and internal spanning tree to the respective default values If you specify an mstid parameter that corresponds to an exist...

Page 54: ...eleted instance to the common and internal spanning tree The parameter mstid is a number that corresponds to the desired existing multiple spanning tree instance to be removed spanning tree mst priori...

Page 55: ...s the default CIST ID is passed as the mstid this command sets the Bridge Priority parameter for the common and internal spanning tree to the default value spanning tree mst vlan This command adds an...

Page 56: ...ministrative Switch Port State for this port to enabled no spanning tree port mode This command sets the Administrative Switch Port State for this port to disabled spanning tree port mode all This com...

Page 57: ...all This command disables Edge Port mode for all ports within the common and internal spanning tree spanning tree bpduforwarding Normally a switch will not forward Spanning Tree Protocol STP BPDU pack...

Page 58: ...and 61440 It is displayed in multiples of 4096 Bridge Identifier The bridge identifier for the CST It is made up using the bridge priority and the base MAC address of the bridge Time Since Topology C...

Page 59: ...of the bridge Regional Root Path Cost Path Cost to the CST Regional Root Associated FIDs List of forwarding database identifiers currently associated with this instance Associated VLANs List of VLAN I...

Page 60: ...ions and topology changes to other ports BPDU Filter Mode Enabled or disabled BPDU Flood Mode Enabled or disabled Auto Edge To enable or disable the feature that causes a port that has not seen a BPDU...

Page 61: ...ning tree state of this port Port Role Each enabled MST Bridge Port receives a Port Role for each spanning tree The port role is one of the following values Root Port Designated Port Alternate Port Ba...

Page 62: ...tForwarding State The forwarding state of the port within the CST Port Role The role of the specified interface within the CST Auto Calculate Port Path Cost Indicates whether auto calculation for port...

Page 63: ...The derived value of the edge port status True if operating as an edge port false otherwise Point To Point MAC Status Derived value indicating if this port is part of a point to point link CST Regiona...

Page 64: ...r disabled on the port Type Currently not used STP State The forwarding state of the port in the specified spanning tree instance Port Role The role of the specified port within the spanning tree Desc...

Page 65: ...Version of 802 1 currently supported IEEE 802 1s IEEE 802 1w or IEEE 802 1d based upon the Force Protocol Version parameter BPDU Guard Mode Enabled or disabled BPDU Filter Mode Enabled or disabled Co...

Page 66: ...command configures the Management VLAN ID no network mgmt_vlan This command sets the Management VLAN ID to the default Term Definition VLAN Identifier The VLANs associated with the selected MST insta...

Page 67: ...ains VlanId s in range 1 4093 Separate non consecutive IDs with and no spaces and no zeros in between the range Use for range vlan acceptframe This command sets the frame acceptance mode per interface...

Page 68: ...disables ingress filtering If ingress filtering is disabled frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are...

Page 69: ...lid interface number Participation options are Default VLAN ID 1 default other VLANS blank string Format vlan name 1 4093 name Mode VLAN Config Format no vlan name 1 4093 Mode VLAN Config Format vlan...

Page 70: ...ig Participation Options Definition include The interface is always a member of this VLAN This is equivalent to registration fixed exclude The interface is never a member of this VLAN This is equivale...

Page 71: ...d frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN no vlan port ingressfilter all This c...

Page 72: ...nd configures the tagging behavior for all interfaces in a VLAN to disabled If tagging is disabled traffic is transmitted as untagged frames The ID is a valid VLAN identification number vlan protocol...

Page 73: ...and ipx no vlan protocol group add protocol This command removes the protocol from this protocol based VLAN group that is identified by this groupid The possible values for protocol are ip arp and ip...

Page 74: ...ce and protocol combination with one group If adding an interface to a group causes any conflicts with protocols currently associated with the group this command fails and the interface s are not adde...

Page 75: ...currently associated with the group this command will fail and the interface s will not be added to the group no protocol vlan group all This command removes all interfaces from this protocol based V...

Page 76: ...the tagging behavior for a specific interface in a VLAN to disabled If tagging is disabled traffic is transmitted as untagged frames The vlan list contains VlanId s in range 1 4093 Separate non consec...

Page 77: ...mat vlan association mac macaddr 1 4093 Mode VLAN database Format no vlan association mac macaddr Mode VLAN database Format show vlan Mode Privileged EXEC User EXEC Term Definition VLAN ID There is a...

Page 78: ...LAN This is equivalent to registration fixed in the IEEE 802 1Q standard Exclude This port is never a member of this VLAN This is equivalent to registration forbidden in the IEEE 802 1Q standard Autod...

Page 79: ...on the top line Port VLAN ID The VLAN ID that this port will assign to untagged frames or priority tagged frames received on this port The value must be for an existing VLAN The factory default is 1 A...

Page 80: ...disabled Default Priority The 802 1p priority assigned to tagged packets arriving on the port Format show vlan association subnet ipaddr netmask Mode Privileged EXEC Term Definition IP Subnet The IP a...

Page 81: ...vlan tunnel ethertype This command configures the ether type for all interfaces The ether type may have the values of 802 1Q vMAN or custom If the ether type has a value of custom the optional value o...

Page 82: ...tailed information about Double VLAN Tunneling for the specified interface or all interfaces Note When you use the mode dvlan tunnel command on an interface it becomes a service provider port Ports th...

Page 83: ...e are three different EtherType tags The first is 802 1Q which represents the commonly used value of 0x8100 The second is vMAN which represents the commonly used value of 0x88A8 If EtherType is not on...

Page 84: ...voice vlan Global Config Use this command to enable the Voice VLAN capability on the switch no voice vlan Global Config Use this command to disable the Voice VLAN capability on the switch voice vlan I...

Page 85: ...ameter is not specified only the global mode of the Voice VLAN is displayed When the interface is specified none Allow the IP phone to use its own configuration to send untagged voice traffic untagged...

Page 86: ...rity This command configures the default 802 1p port priority assigned for untagged packets for a specific interface The range for the priority is 0 7 Term Definition Voice VLAN Interface Mode The adm...

Page 87: ...ce remains unchanged Once the interface is no longer a member of a LAG the current configuration for that interface automatically becomes effective switchport protected Global Config Use this command...

Page 88: ...protected ports to which this interface is assigned show switchport protected This command displays the status of all the interfaces including protected and unprotected interfaces Note Port protection...

Page 89: ...in private group can be forwarded to other ports either in the same private group or anyone in the same VLAN that are not in a private group Name An optional name of the protected port group The name...

Page 90: ...r of private groups is 192 such that the valid range for the ID is 1 192 The private group id field is optional If not specified a group id not used will be assigned automatically The mode can be eith...

Page 91: ...istration Protocol GMRP GARP is a protocol that allows client stations to register with the switch for membership in VLANS by using GVMP or multicast groups by using GVMP Format private group name pri...

Page 92: ...t and only has an effect when GVRP is enabled set garp timer leave This command sets the GVRP leave time for one port Interface Config mode or all ports Global Config mode and only has an effect when...

Page 93: ...per GARP participation The time may range from 200 to 6000 centiseconds The value 1000 centiseconds is 10 seconds You can use this command on all ports Global Config mode or a single port Interface C...

Page 94: ...orts and automatic VLAN pruning set gvrp adminmode This command enables GVRP on the system no set gvrp adminmode This command disables GVRP Format show garp Mode Privileged EXEC User EXEC Term Definit...

Page 95: ...me Leave Time and Leave All Time have no effect show gvrp configuration This command displays Generic Attributes Registration Protocol GARP information for one or all interfaces Format no set gvrp adm...

Page 96: ...conds Leave Timer The period of time to wait after receiving an unregister request for an attribute before deleting the attribute Current attributes are a VLAN or multicast group This may be considere...

Page 97: ...re enabled if routing is disabled and port channel LAG membership is removed from an interface that has GARP enabled no set gmrp interfacemode This command disables GARP Multicast Registration Protoc...

Page 98: ...register request for an attribute before deleting the attribute Current attributes are a VLAN or multicast group This may be considered a buffer time for another station to assert registration for the...

Page 99: ...tistics This command is used to clear all RADIUS statistics Format show mac address table gmrp Mode Privileged EXEC Term Definition Mac Address A unicast MAC address for which the switch has forwardin...

Page 100: ...Guest VLAN on the interface dot1x initialize This command begins the initialization sequence on the specified port This command is only valid if the control mode for the specified port is auto or mac...

Page 101: ...OL EAP Request Identity frame before timing out the supplicant dot1x max users Use this command to set the maximum number of clients supported on the port when MAC based dot1x authentication is enable...

Page 102: ...rt control mode on the specified port to the default value dot1x port control all This command sets the authentication mode to use on all ports Select force unauthorized to specify that the authentica...

Page 103: ...s auto or mac based If the control mode is not auto or mac based an error will be returned dot1x re authentication This command enables re authentication of the supplicant for the specified port no do...

Page 104: ...st vlan period The time in seconds for which the authenticator waits to see if any EAPOL packets are received on a port before authorizing the port and placing the port in the guest vlan if configured...

Page 105: ...rational supp timeout The value in seconds of the timer used by the authenticator state machine on this port to timeout the supplicant The supp timeout must be a value in the range 1 65535 server time...

Page 106: ...s with access to the specified port or all ports The user parameter must be a configured user no dot1x user This command removes the user from the list of users with access to the specified port or al...

Page 107: ...sole_Default Telnet Network_Default Network_Default SSH Network_Default Network_Default http Local https Local dot1x show dot1x This command is used to show a summary of the global dot1x configuration...

Page 108: ...de under which this port is operating Possible values are authorized unauthorized Reauthenticatio n Enabled Indicates whether re authentication is enabled on this port Port Status Indicates whether th...

Page 109: ...r used by the authenticator on this port to timeout the authentication server The value is expressed in seconds and will be in the range of 1 and 65535 Maximum Requests The maximum number of times the...

Page 110: ...time period in seconds is returned by the RADIUS server on authentication of the port This value is valid for the port only when the port control mode is not MAC based Session Termination Action This...

Page 111: ...ed EAPOL frame Last EAPOL Frame Source The source MAC address carried in the most recently received EAPOL frame EAP Response Id Frames Received The number of EAP response identity frames that have bee...

Page 112: ...The reason the VLAN identified in the VLAN ID field has been assigned to the port Possible values are RADIUS Unauthenticated VLAN or Default When the VLAN Assigned reason is Default it means that the...

Page 113: ...per type basis Configuring a storm control level also enables that form of storm control Disabling a storm control level using the no version of the command sets the storm control level back to the de...

Page 114: ...the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold the traffic is dropped Therefore the rate of broadcast traffic is limited to the configured thres...

Page 115: ...shold to the default value for an interface and disables broadcast storm recovery storm control broadcast Global This command enables broadcast storm recovery mode for all interfaces If the mode is en...

Page 116: ...for all interfaces no storm control broadcast level This command sets the broadcast storm recovery threshold to the default value for all interfaces and disables broadcast storm recovery storm contro...

Page 117: ...ery is active and if the rate of L2 multicast traffic ingressing on an interface increases beyond the configured threshold the traffic will be dropped Therefore the rate of multicast traffic will be l...

Page 118: ...for an interface and disables multicast storm recovery storm control multicast rate Use this command to configure the multicast storm recovery threshold for an interface in packets per second If the...

Page 119: ...all interfaces storm control multicast level Global This command configures the multicast storm recovery threshold for all interfaces as a percentage of link speed and enables multicast storm recover...

Page 120: ...traffic is limited to the configured threshold no storm control broadcast rate This command sets the broadcast storm recovery threshold to the default value for all interfaces and disables broadcast...

Page 121: ...gressing on an interface increases beyond the configured threshold the traffic will be dropped Therefore the rate of unknown unicast traffic will be limited to the configured threshold This command al...

Page 122: ...ult value for an interface and disables unicast storm recovery storm control unicast Global This command enables unicast storm recovery mode for all interfaces If the mode is enabled unicast storm rec...

Page 123: ...level This command sets the unicast storm recovery threshold to the default value and disables unicast storm recovery for all interfaces storm control unicast rate Global Use this command to configur...

Page 124: ...rts no storm control flowcontrol This command disables 802 3x flow control for the switch Format no storm control unicast rate Mode Global Config Note 802 3x flow control works by pausing a port when...

Page 125: ...ort configuration parameters for all interfaces or specify the unit slot port to display information about a specific interface Port Channel LAG 802 3ad Commands This section describes the commands yo...

Page 126: ...its member ports port channel This command configures a new port channel LAG and generates a logical unit slot port number for the port channel The name field is a character string which allows the da...

Page 127: ...ured port channel deleteport Global Config This command deletes all configured ports from the port channel LAG The interface is a logical unit slot port number of a configured port channel To clear th...

Page 128: ...ative value of the key for the port channel lacp collector max delay Use this command to configure the port channel collector max delay The valid range of delay is 0 65535 Default 0x8000 Format lacp a...

Page 129: ...command to configure the administrative value of the LACP actor admin key The valid range for key is 0 65535 no lacp actor admin key Use this command to configure the default administrative value of...

Page 130: ...actor admin state to aggregation lacp actor admin state longtimeout Use this command to set LACP actor admin state to longtimeout Format lacp actor admin state individual Mode Interface Config Note Th...

Page 131: ...e LACP actor admin state to passive no lacp actor admin state passive Use this command to set the LACP actor admin state to active Format no lacp actor admin state longtimeout Mode Interface Config No...

Page 132: ...ned to the Aggregation Port lacp actor system priority Use this command to configure the priority value associated with the LACP Actor s SystemID The range for priority is 0 to 65535 Default 0x80 Form...

Page 133: ...0 to 65535 no lacp partner admin key Use this command to configure the administrative value of the Key for the protocol partner lacp partner admin state individual Use this command to set LACP partner...

Page 134: ...acp partner admin state longtimeout Use this command to set the LACP partner admin state to short timeout Note This command is only applicable to physical interfaces Format no lacp partner admin state...

Page 135: ...in state to active lacp partner port id Use this command to configure the LACP partner port id The valid range for port id is 0 to 65535 Format lacp partner admin state passive Mode Interface Config N...

Page 136: ...e the LACP partner port priority The valid range for priority is 0 to 255 no lacp partner port priority Use this command to configure the default LACP partner port priority Format no lacp partner port...

Page 137: ...the default value representing the administrative value of the Aggregation Port s protocol Partner s System ID lacp partner system priority Use this command to configure the administrative value of t...

Page 138: ...of allowable dynamic port channels are already present in the system the static mode for a new port channel enabled which means the port channel is static You can only use this command on port channel...

Page 139: ...ocol LACP on a port port lacpmode enable all This command enables Link Aggregation Control Protocol LACP on all ports no port lacpmode enable all This command disables Link Aggregation Control Protoco...

Page 140: ...lacptimeout Global Config This command sets the timeout for all interfaces of a particular device type actor or partner to either long or short timeout no port lacptimeout This command sets the timeo...

Page 141: ...e interface is a logical unit slot port for a configured port channel The option all enables link trap notifications for all the configured port channels no port channel linktrap This command disables...

Page 142: ...6 Source Destination IP and source destination TCP UDP port no hashing mode This command sets the hashing algorithm on Trunk ports to default 3 The command is available in the interface configuration...

Page 143: ...urce Destination MAC VLAN EtherType and incoming port associated with the packet 4 Source IP and Source TCP UDP fields of the packet 5 Destination IP and Destination TCP UDP Port fields of the packet...

Page 144: ...0 65535 no port channel system priority Use this command to configure the default port channel system priority value show lacp actor Use this command to display LACP actor attributes The following ou...

Page 145: ...tate as transmitted by the Actor in LACPDUs Format show lacp actor unit slot port all Mode Privileged EXEC Parameter Description System Priority The administrative value of priority associated with th...

Page 146: ...p or down Trap Flag Shows whether trap flags are enabled or disabled Type Shows whether the port channel is statically or dynamically maintained Mbr Ports The members of this port channel Active Ports...

Page 147: ...ed or disabled The factory default is enabled Type The status designating whether a particular port channel LAG is statically or dynamically maintained Static The port channel is statically maintained...

Page 148: ...he administrative mode of the session If enabled the probe port monitors all the traffic received and transmitted on the physical monitored port no monitor session Use this command without optional pa...

Page 149: ...rface unit slot port destination interface unit slot port mode Mode Global Config Note This is a stand alone no command This command does not have a normal form Default enabled Format no monitor Mode...

Page 150: ...ast MAC address filters and multicast MAC address filters with source port lists the maximum number of static MAC filters supported is 20 For multicast MAC address filters with destination ports confi...

Page 151: ...nid parameter must identify a valid VLAN macfilter adddest Use this command to add the interface to the destination filter set for the MAC filter with the given macaddr and VLAN of vlanid The macaddr...

Page 152: ...addr parameter must be specified as a 6 byte hexadecimal number in the format of b1 b2 b3 b4 b5 b6 The vlanid parameter must identify a valid VLAN no macfilter adddest all This command removes all por...

Page 153: ...b1 b2 b3 b4 b5 b6 The vlanid parameter must identify a valid VLAN macfilter addsrc all This command adds all interfaces to the source filter set for the MAC filter with the MAC address of macaddr and...

Page 154: ...on only for that MAC address and VLAN show mac address table staticfiltering This command displays the Static Filtering entries in the Multicast Forwarding Database MFDB table Format no macfilter adds...

Page 155: ...and or filtering information As the data is gleaned from the MFDB the address will be a multicast address The format is 6 or 8 two digit hexadecimal numbers that are separated by colons for example 01...

Page 156: ...dress Use this command to disable verification of the source MAC address with the client hardware address ip dhcp snooping database Use this command to configure the persistent location of the DHCP Sn...

Page 157: ...value ip dhcp snooping binding Use this command to configure static DHCP Snooping binding no ip dhcp snooping binding mac address Use this command to remove the DHCP static entry from the DHCP Snoopi...

Page 158: ...fault burst level is 1 second with a range of 1 to 15 seconds no ip dhcp snooping limit Use this command to set the rate at which the DHCP Snooping messages come and the burst level to the defaults Fo...

Page 159: ...ing DHCP messages filtration by the DHCP Snooping application ip dhcp snooping trust Use this command to configure the port as trusted no ip dhcp snooping trust Use this command to configure the port...

Page 160: ...l be filtered based on the IP and MAC addresses no ip verify source Use this command to disable the IPSG configuration in the hardware You cannot disable port security alone if it is configured show i...

Page 161: ...nooping binding entries To restrict the output use the following options Dynamic Restrict the output based on DCHP snooping Interface Restrict the output based on a specific interface Static Restrict...

Page 162: ...ple CLI display output for the command switch show ip dhcp snooping database Term Definition MAC Address Displays the MAC address for the binding that was added The MAC address is the key to the bindi...

Page 163: ...0 0 0 1 0 5 0 0 0 1 0 6 0 0 0 1 0 7 0 0 0 1 0 8 0 0 0 1 0 9 0 0 0 1 0 10 0 0 0 1 0 11 0 0 0 1 0 12 0 0 0 1 0 13 0 0 0 Format show ip dhcp snooping statistics Mode Privileged EXEC User EXEC Term Defin...

Page 164: ...fic interface clear ip dhcp snooping statistics Use this command to clear all DHCP Snooping statistics show ip verify source Use this command to display the IPSG configurations on all ports Format cle...

Page 165: ...this interface IP Address IP address of the interface MAC Address If MAC address filtering is not configured on the interface the MAC Address field is empty If port security is disabled on the interf...

Page 166: ...aches of its unsuspecting neighbors The miscreant sends ARP requests or responses mapping another station s IP address to its own MAC address DAI relies on DHCP snooping DHCP snooping listens to DHCP...

Page 167: ...ly the src mac and dst mac validations are disabled as a result of the second command no ip arp inspection validate Use this command to disable the additional validation checks on the received ARP pac...

Page 168: ...ted for Dynamic ARP Inspection ip arp inspection limit Use this command to configure the rate limit and burst interval values for an interface Configuring none for the limit means the interface is not...

Page 169: ...tch a permit statement are dropped without consulting the DHCP snooping bindings no ip arp inspection filter Use this command to unconfigure the ARP ACL used to filter invalid ARP packets on a list of...

Page 170: ...a rule for a valid IP address and MAC address combination used in ARP packet validation no permit ip host mac host Use this command to delete a rule for a valid IP and MAC combination Format arp acce...

Page 171: ...ion Mac Validation Disabled IP Address Validation Disabled Vlan Configuration Log Invalid ACL Name Static flag 10 Enabled Enabled H2 Enabled 11 Disabled Enabled 12 Enabled Disabled Format show ip arp...

Page 172: ...he command show ip arp inspection statistics vlan vlan list VLAN DHCP ACL DHCP ACL Bad Src Bad Dest Invalid Drops Drops Permits Permits MAC MAC IP Format show ip arp inspection statistics vlan vlan li...

Page 173: ...rgument the command displays the values for that interface whether the interface is enabled for DAI or not Example The following shows example CLI display output for the command Switch show ip arp ins...

Page 174: ...mac host 00 03 04 05 06 08 IGMP Snooping Configuration Commands This section describes the commands you use to configure IGMP snooping The software supports IGMP Versions 1 2 and 3 The IGMP snooping f...

Page 175: ...MP application supports the following activities Validation of the IP header checksum as well as the IGMP header checksum and discarding of the frame upon checksum error Maintenance of the forwarding...

Page 176: ...ed interface or VLAN Enabling fast leave allows the switch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an IGMP leave message for that multicast group...

Page 177: ...the interface from the entry This value must be greater than the IGMPv3 Maximum Response time value The range is 2 to 3600 seconds no set igmp groupmembership interval This command sets the IGMPv3 Gr...

Page 178: ...he interface or VLAN to the default value set igmp mcrtrexpiretime This command sets the Multicast Router Present Expiration time The time is set for the system on a particular interface or VLAN This...

Page 179: ...he multicast router mode enabled no set igmp mrouter This command disables multicast router mode for a particular VLAN ID vlan_id Format set igmp mcrtrexpiretime 0 3600 Mode Global Config Interface Co...

Page 180: ...filtering of unknown multicast packets to the VLAN Packets with an unknown mulicast address in the destination field will be dropped This command is mainly used when IGMP snooping is enabled to preve...

Page 181: ...MP Snooping is enabled VLANS Enabled for IGMP Snooping The list of VLANS on which IGMP Snooping is enabled Term Definition IGMP Snooping Admin Mode Indicates whether IGMP Snooping is active on the int...

Page 182: ...ing in the VLAN before deleting the interface from the entry This value may be configured Maximum Response Time The amount of time the switch waits after it sends a query on an interface participating...

Page 183: ...rmat show igmpsnooping mrouter vlan unit slot port Mode Privileged EXEC Term Definition Interface The port on which multicast router information is being displayed VLAN ID The list of VLANs of which t...

Page 184: ...GMP Snooping is operationally disabled on it IGMP Snooping Querier functionality is disabled on that VLAN IGMP Snooping functionality is re enabled if IGMP Snooping is operational on the VLAN The IGMP...

Page 185: ...ry Use this command to set the IGMP Querier timer expiration period It is the time period that the switch remains in Non Querier mode once it has discovered that there is a Multicast Querier in the ne...

Page 186: ...f the Snooping Querier finds that the other Querier s source address is better less than the Snooping Querier s address it stops sending periodic queries If the Snooping Querier wins the election then...

Page 187: ...nt of time to wait in the Non Querier operational state before moving to a Querier state Field Description VLAN Admin Mode Indicates whether iGMP Snooping Querier is active on the VLAN VLAN Operationa...

Page 188: ...the most recent Querier from which a Query was received on this VLAN Default disabled Format set mld Mode Global Config Interface Config Format no set mld vlanid Mode VLAN Mode Default disabled Forma...

Page 189: ...ng source MAC address are forwarded normally and all other packets are discarded Format no set mld maxresponse Mode Global Config Interface Config Default 0 Format set mld mcrtexpiretime 0 3600 Mode G...

Page 190: ...This command sets the maximum number of dynamically locked MAC addresses allowed on a specific port no port security max dynamic This command resets the maximum number of dynamically locked MAC addre...

Page 191: ...t security mac address This command adds a MAC address to the list of statically locked MAC addresses The vid is the VLAN ID no port security mac address This command removes a MAC address from the li...

Page 192: ...pecify the following information appears show port security dynamic This command displays the dynamically locked MAC addresses for the port Format port security mac address move Mode Interface Config...

Page 193: ...col LLDP which is defined in the IEEE 802 1AB specification LLDP allows stations on an 802 LAN to advertise major capabilities and physical descriptions The advertisements allow a network management s...

Page 194: ...s command to return the reception of LLDPDUs to the default value lldp timers Use this command to set the timing parameters for local data transmission on ports enabled for LLDP The interval seconds d...

Page 195: ...B basic management set are transmitted in the LLDPDUs Use sys name to transmit the system name TLV To configure the system name see snmp server on page 7 41 Use sys descto transmit the system descript...

Page 196: ...LDPDUs no lldp transmit mgmt Use this command to include transmission of the local system management address information in the LLDPDUs Use this command to cancel inclusion of the management informati...

Page 197: ...tween sending notifications The valid interval range is 5 3600 seconds no lldp notification interval Use this command to return the notification interval to the default value clear lldp statistics Use...

Page 198: ...rmat clear lldp remote data Mode Global Config Format show lldp Mode Privileged Exec Term Definition Transmit Interval How frequently the system transmits local data LLDPDUs in seconds Transmit Hold M...

Page 199: ...ment address information in the LLDPDUs Format show lldp statistics unit slot port all Mode Privileged Exec Term Definition Last Update The amount of time since the last update to the remote table in...

Page 200: ...V Unknowns Total number of LLDP TLVs received on the port where the type value is in the reserved range and not recognized TLV MED Total number of LLDP MED TLVs received on the local ports TVL802 1 To...

Page 201: ...FC E3 90 04 11 0 8 0 9 0 10 0 11 0 12 More or q uit show lldp remote device detail Use this command to display detailed information about remote devices that transmit current LLDP data to an interfac...

Page 202: ...vice System Description Describes the remote system by identifying the system name and versions of hardware operating system and networking software supported in the device Port Description Describes...

Page 203: ...ort Description The port description associated with the interface Format show lldp local device detail unit slot port Mode Privileged EXEC Term Definition Interface The interface that sends the LLDPD...

Page 204: ...E management and inventory management lldp med Use this command to enable MED By enabling MED you will be effectively enabling the transmit and receive function of LLDP no lldp med Use this command to...

Page 205: ...otocol Data Units LLDPDUs Default enabled Format lldp med confignotification Mode Interface Config Format no lldp med confignotification Mode Interface Config Default By default the capabilities and n...

Page 206: ...command to configure all the ports to send the topology change notification no lldp med confignotification all Use this command to disable all the ports to send the topology change notification Forma...

Page 207: ...set will be transmitted in the Link Layer Discovery Protocol Data Units LLDPDUs Default 3 Format lldp med faststartrepeatcount count Mode Global Config Format no lldp med faststartrepeatcount Mode Gl...

Page 208: ...t tlv all capabilities network policy ex pse ex pd location inventory Mode Global Config Format show lldp med Mode Privileged Exec Term Definition Fast Start Repeat Count The number of LLDP PDUs that...

Page 209: ...sabled Disabled Disabled 0 1 1 0 8 Down Disabled Disabled Disabled 0 1 1 0 9 Down Disabled Disabled Disabled 0 1 1 0 10 Down Disabled Disabled Disabled 0 1 1 0 11 Down Disabled Disabled Disabled 0 1 1...

Page 210: ...XEC Term Definition Media Application Type Shows the application type Types are unknown voice voicesignaling guestvoice guestvoicesignaling sfotphonevoice videoconferencing streamingvideo videosignali...

Page 211: ...D 10 Priority 5 DSCP 1 Unknown False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firmware Rev xxx...

Page 212: ...rface Remote ID Device Class 1 0 8 1 Class I 1 0 9 2 Not Defined 1 0 10 3 Class II 1 0 11 4 Class III 1 0 12 5 Network Con Format show lldp med remote device unit slot port all Mode Privileged EXEC Te...

Page 213: ...application type Types of applications are unknown voice voicesignaling guestvoice guestvoicesignaling sfotphonevoice videoconferencing streamingvideo videosignaling VLAN Id Shows the VLAN id associa...

Page 214: ...False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firmware Rev xxx xxx xxx Sub Type Shows the typ...

Page 215: ...ds you use to configure Denial of Service DoS Control The software provides support for classifying and blocking specific types of Denial of Service attacks You can configure your system to monitor an...

Page 216: ...Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress with SIP DIP the packets will be dropped if the mode is enabled n...

Page 217: ...dos control firstfrag This command sets Minimum TCP Header Size Denial of Service protection to the default value of disabled dos control tcpfrag This command enables TCP Fragment Denial of Service pr...

Page 218: ...g This command sets disables TCP Flag Denial of Service protections dos control l4port This command enables L4 Port Denial of Service protections If the mode is enabled Denial of Service prevention is...

Page 219: ...ed no dos control icmp This command disables Maximum ICMP Packet Size Denial of Service protections dos control smacdmac This command enables Source MAC address Destination MAC address SMAC DMAC Denia...

Page 220: ...ommand is only available on FSM72xxRS switches no dos control tcpport This command disables TCP L4 source destination port number Source TCP Port Destination TCP Port Denial of Service protection This...

Page 221: ...d a source port less than 1024 or having TCP Control Flags set to 0 and TCP Sequence Number set to 0 or having TCP Flags FIN URG and PSH set and TCP Sequence Number set to 0 or having TCP Flags SYN an...

Page 222: ...on FSM72xxRS switches dos control tcpsyn This command enables TCP SYN and L4 source 0 1023 Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of a...

Page 223: ...YN FIN Denial of Service protection This command is only available on FSM72xxRS switches dos control tcpfinurgpsh This command enables TCP FIN and URG and PSH and SEQ 0 checking Denial of Service prot...

Page 224: ...evention is active for this type of attack If ICMPv4 Echo Request PING packets ingress having a size greater than the configured value the packets will be dropped if the mode is enabled This command i...

Page 225: ...l of Service protections This command is only available on FSM72xxRS switches dos control icmpfrag This command enables ICMP Fragment Denial of Service protection If the mode is enabled Denial of Serv...

Page 226: ...bled or disabled The factory default is disabled Max ICMPv4 Pkt Size The range is 0 1023 The factory default is 512 Max ICMPv6 Pkt Size The range is 0 16384 The factory default is 512 ICMP Fragment Mo...

Page 227: ...address aging timeout to the default value TCP FIN URG PSH Mode May be enabled or disabled The factory default is disabled TCP Flag Sequence Mode May be enabled or disabled The factory default is dis...

Page 228: ...dress for which the switch has forwarding and or filtering information The format is two digit hexadecimal numbers separated by colons for example 01 23 45 67 89 AB In an IVL system the MAC address wi...

Page 229: ...his command disables ISDP on the switch Format show mac address table stats Mode Privileged EXEC Term Definition Max MFDB Table Entries The total number of entries that can possibly be in the Multicas...

Page 230: ...imer This command sets the period of time between sending new ISDP packets The range is given in seconds isdp advertise v2 This command enables the sending of ISDP version 2 packets from the device no...

Page 231: ...isdp counters This command clears ISDP counters clear isdp table This command clears entries in the ISDP table show isdp This command displays global ISDP settings Default Enabled Format isdp enable...

Page 232: ...apability of the device serialNumber indicates that the device uses a serial number as the format for its Device ID macAddress indicates that the device uses a Layer 2 MAC address as the format for it...

Page 233: ...tisement was received Port ID The port ID of the interface from which the neighbor sent the advertisement Hold Time The hold time advertised by the neighbor Version The software version that the neigh...

Page 234: ...rface from which the neighbor sent the advertisement Hold Time The hold time advertised by the neighbor Advertisement Version The version of the advertisement packet received from the neighbor Entry L...

Page 235: ...ISDPv2 packets transmitted ISDP Bad Header Number of packets received with a bad header ISDP Checksum Error Number of packets received with a checksum error ISDP Transmission Failure Number of packets...

Page 236: ...Commands on page 4 30 Address Resolution Protocol ARP Commands This section describes the commands you use to configure ARP and to view ARP information on the switch ARP associates IP addresses with M...

Page 237: ...ess of a device on a subnet attached to an existing routing interface macaddr is a unicast MAC address for that device ip proxy arp This command enables proxy ARP on a router interface Without proxy A...

Page 238: ...e This command configures the default ARP cache size arp dynamicrenew This command enables the ARP component to automatically renew dynamic ARP entries when they age out no arp dynamicrenew This comma...

Page 239: ...esponse timeout time in seconds The range for seconds is between 1 10 seconds no arp resptime This command configures the default ARP request response timeout arp retries This command configures the A...

Page 240: ...e in seconds The range for seconds is between 15 21600 seconds no arp timeout This command configures the default ARP entry ageout time clear arp cache This command causes all ARP entries of type dyna...

Page 241: ...d EXEC Format show arp Mode Privileged EXEC Term Definition Age Time seconds The time it takes for an ARP entry to age out This is configurable Age time is measured in seconds Response Time seconds Th...

Page 242: ...ime seconds The time it takes for an ARP entry to age out This value is configurable Age time is measured in seconds Response Time seconds The time it takes for an ARP request timeout This value is co...

Page 243: ...command disables routing for an interface You can view the current value for this function with the show ip brief command The value is labeled as Routing Mode ip routing This command enables the IP R...

Page 244: ...re the range for a b c and d is 1 255 The value for subnetmask is a 4 digit dotted decimal number which represents the Subnet Mask of the interface To remove all of the IP addresses primary and second...

Page 245: ...Confirm that the associated link is also up no ip route This command deletes a single next hop to a destination static route If you use the nexthopip parameter the next hop is deleted If you use the p...

Page 246: ...te The default distance is used when no distance is specified in these commands Changing the default distance does not update the distance of existing static routes even if they were assigned the orig...

Page 247: ...may be fragmented by the IP stack The IP stack uses its default IP MTU and ignores the value set using the ip mtu command OSPF advertises the IP MTU in the Database Description packets it sends to it...

Page 248: ...ow ip brief This command displays all the summary information of the IP including the ICMP rate limit configuration and the global ICMP Redirect configuration Format no ip mtu mtu Mode Interface Confi...

Page 249: ...inal destination Routing Mode Shows whether the routing mode is enabled or disabled Maximum Next Hops The maximum number of next hops the packet can travel Maximum Routes The maximum number of routes...

Page 250: ...d interface The possible values of this field are enable or disable This value is configurable Forward Net Directed Broadcasts Displays whether forwarding of network directed broadcasts is enabled or...

Page 251: ...ss specifies the network for which the route is to be displayed and displays the best matching best route for the address The mask specifies the subnet mask for the given ip address When you use the l...

Page 252: ...ed routes Format show ip route ip address protocol ip address mask longer prefixes protocol protocol all all Modes Privileged EXEC User EXEC Term Definition Route Codes The key for the routing protoco...

Page 253: ...Type 1 E2 OSPF External Type 2 N1 OSPF NSSA External Type 1 N2 OSPF NSSA External Type 2 C 1 1 1 0 24 0 1 directly connected 0 11 C 2 2 2 0 24 0 1 directly connected 0 1 C 5 5 5 0 24 0 1 directly conn...

Page 254: ...re used in determining the best route Lower router preference values are preferred over higher router preference values A route with a preference of 255 cannot be used to forward traffic Reject Routes...

Page 255: ...bes the commands you use to view and configure Router Discovery Protocol settings on the switch The Router Discovery Protocol enables a host to discover the IP address of routers on the subnet ip irdp...

Page 256: ...for the interface ip irdp holdtime This command configures the value in seconds of the holdtime field of the router advertisement sent from this interface The holdtime range is the value of maxadvert...

Page 257: ...erval This command configures the minimum time in seconds allowed between sending router advertisements from the interface The range for minadvertinterval is three to the value of maxadvertinterval no...

Page 258: ...rmat no ip irdp preference Mode Interface Config Format show ip irdp unit slot port all Modes Privileged EXEC User EXEC Term Definition Interface The unit slot port that matches the rest of the inform...

Page 259: ...93 show ip vlan This command displays the VLAN routing information for all VLANs with routing enabled Preference The preference of the address as a default router address relative to other router addr...

Page 260: ...ommand disables the circuit ID option mode for BootP DHCP Relay on the system bootpdhcprelay maxhopcount This command configures the maximum allowable relay agent hops for BootP DHCP Relay on the syst...

Page 261: ...conds since client began booting field of the request as a factor in deciding whether to relay the request or not The parameter has a range of 0 to 100 seconds no bootpdhcprelay minwaittime This comma...

Page 262: ...another You can define many helper addresses but the total number of address port pairs is limited to 128 for the whole device The setting of a helper address for a specific interface has precedence o...

Page 263: ...entire list of helper addresses on that interface ip helper address Use this command to add a unicast helper address to the list of helper addresses on an interface This is the address of a DHCP serv...

Page 264: ...nfigured helper addresses on the given interface The following shows example CLI display output for the command Format no ip helper address ip address 1 65535 dhcp domain isakmp mobile ip nameserver n...

Page 265: ...MP Destination Unreachable messages By default the generation of ICMP Destination Unreachable messages is enabled no ip unreachables Use this command to prevent the generation of ICMP Destination Unre...

Page 266: ...mand to limit the rate at which IPv4 ICMP error messages are sent The rate limit is configured as a token bucket with two configurable parameters burst size and burst interval The burst interval speci...

Page 267: ...nterval Use the no form of the command to return burst interval and burst size to their default values Default burst interval of 1000 msec burst size of 100 messages Format ip icmp error interval burs...

Page 268: ...e 5 19 DiffServ Service Commands on page 5 25 DiffServ Show Commands on page 5 26 MAC Access Control List ACL Commands on page 5 32 IP Access Control List ACL Commands on page 5 37 IPv6 Access Control...

Page 269: ...ut 802 1p priority see Voice VLAN Commands on page 3 47 no classofservice dot1p mapping This command maps each 802 1p priority to its default internal traffic class value classofservice ip dscp mappin...

Page 270: ...you configure an interface to use Dot1p the mode does not appear in the output of the show running config command because Dot1p is the default no classofservice trust This command sets the interface...

Page 271: ...ed 100 no cos queue min bandwidth This command restores the default for each queue s minimum bandwidth value cos queue strict This command activates the strict priority scheduler mode for each specifi...

Page 272: ...specific interface The unit slot port parameter is optional and is only valid on platforms that support independent per port class of service mappings If specified the 802 1p mapping table of the inte...

Page 273: ...d The following information is repeated for each user priority show classofservice ip dscp mapping This command displays the current IP DSCP mapping to internal traffic classes for the global configur...

Page 274: ...figuration settings are displayed Format show classofservice trust unit slot port Mode Privileged EXEC Term Definition Non IP Traffic Class The traffic class used for non IP traffic This is only displ...

Page 275: ...ria The attributes of a DiffServ policy define the way the switch processes packets You can define policy attributes on a per class instance basis The switch applies these attributes when a match occu...

Page 276: ...ting class definition is to delete the class and re create it diffserv This command sets the DiffServ operational mode to active While disabled the DiffServ configuration is retained and can be change...

Page 277: ...h condition this command enters the class map mode The class map name is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying an existing DiffServ class The class type of...

Page 278: ...map rename This command changes the name of a DiffServ class The class map name is the name of an existing DiffServ class The new class map name parameter is a case sensitive alphanumeric string from...

Page 279: ...nd adds to the specified class definition a match condition whereby all packets are considered to belong to the class match class map This command adds to the specified class definition the set of mat...

Page 280: ...the same Only one other class may be referenced by a class Any attempts to delete the refclassname class while the class is still referenced by any class map name fails The combined match criteria of...

Page 281: ...dd ee ff The macmask parameter is a layer 2 MAC address bit mask which need not be contiguous and is formatted as six two digit hexadecimal numbers separated by colons e g ff 07 23 ff fe dc match dsti...

Page 282: ...is required The port number is an integer from 0 to 65535 match ip dscp This command adds to the specified class definition a match condition based on the value of the IP DiffServ Code Point DSCP fiel...

Page 283: ...lue of tosmask is a two digit hexadecimal number from 00 to ff The tosmask denotes the bit positions in tosbits that are used for comparison against the IP TOS field in a packet For example to check f...

Page 284: ...p tcp udp A value of ip matches all protocol number values To specify the match condition using a numeric value notation the protocol number is a standard value assigned by IANA and is interpreted as...

Page 285: ...s of a packet The ipaddr parameter specifies an IP address The ipmask parameter specifies an IP address bit mask and must consist of a contiguous set of leading 1 bits match srcip6 This command adds t...

Page 286: ...olicy association to an interface to form a service Specify the policy name when you create the policy Each traffic class defines a particular treatment for packets that match the class definition You...

Page 287: ...d traffic stream are to be dropped at ingress mirror This command specifies that all incoming packets for the associated traffic stream are copied to a specific egress interface physical port or LAG F...

Page 288: ...f an existing DiffServ class map class This command creates an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic class through subsequent...

Page 289: ...ter 802 1Q tag of a double VLAN tagged packet If the packet does not already contain this header one is inserted The CoS value is an integer from 0 to 7 mark ip dscp mark ip dscp This command marks al...

Page 290: ...e conforming burst size is specified in kilobytes KB and is an integer from 1 to 128 For each outcome the only possible actions are drop set cos transmit set dscp transmit set prec transmit or transmi...

Page 291: ...erv policy The policyname parameter is the name of an existing DiffServ policy This command may be issued at any time If the policy is currently referenced by one or more interface service attachments...

Page 292: ...Serv is not used in the outbound direction This set of commands consists of service addition removal The CLI command root is service policy service policy This command attaches a policy to an interfac...

Page 293: ...en the DiffServ administrative mode is enabled show class map This command displays all configuration information for the specified class The class name is the name of an existing DiffServ class Forma...

Page 294: ...Criteria The Match Criteria fields are only displayed if they have been configured Not all platforms support all match criteria values They are displayed in the order entered by the user The fields a...

Page 295: ...le Table Policy Table Size Current Max The current number of entries rows and the maximum allowed entries rows in the Policy Table Policy Instance Table Size Current Max Current number of entries rows...

Page 296: ...if mark ip description is not specified Mark IP Precedence The mark re mark value used as the IP Precedence for traffic matching this class This is not displayed if mark ip precedence is not specified...

Page 297: ...which they were created Policy Type The policy type Only inbound is supported Class Members List of all class names associated with this policy Format show diffserv service unit slot port in Mode Priv...

Page 298: ...s in an enabled mode Term Definition Interface Valid unit slot and port number separated by forward slashes Direction The traffic direction of this interface service OperStatus The current operational...

Page 299: ...g rules apply to MAC ACLs The maximum number of ACLs you can create is hardware dependent The limit applies to all ACLs regardless of type The system supports only Ethernet II frame types The maximum...

Page 300: ...no mac access list extended This command deletes a MAC ACL identified by name from the system mac access list extended rename This command changes the name of a MAC Access Control List ACL The name p...

Page 301: ...same relative order as shown in the command format The Ethertype may be specified as either a keyword or a four digit hexadecimal value from 0x0600 0xFFFF The currently supported ethertypekey values a...

Page 302: ...on A lower number indicates higher precedence order If a sequence number is already in use for this interface and direction the specified mac access list replaces the currently attached mac access lis...

Page 303: ...Config Interface Config Format show mac access lists name Mode Privileged EXEC Term Definition Rule Number The ordered rule number identifier defined within the MAC ACL Action The action associated w...

Page 304: ...you cannot configure an IP ACL on the same interface Wildcard masking for ACLs operates differently from a subnet mask A wildcard mask is in essence the inverse of a subnet mask With a subnet mask th...

Page 305: ...port match condition for the IP ACL rule You can use the port number which ranges from 0 65535 or you specify the portkey which can be one of the following keywords domain echo ftp ftpdata http smtp s...

Page 306: ...defined for the IP header of an IPv4 frame The name parameter is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IP access list If an IP ACL by this name already...

Page 307: ...ord or the protocol source address and destination address values must be specified The source and destination IP address fields may be specified using the Format ip access list rename name newname Mo...

Page 308: ...number may be specified to indicate the order of this IP access list relative to other IP access lists already assigned to this interface and direction A lower number indicates higher precedence order...

Page 309: ...CL trap mode show ip access lists This command displays an IP ACL accesslistnumber is the number used to identify the IP ACL Default none Format no ip access group accesslistnumber vlan vlan id in Mod...

Page 310: ...source IP Mask for this rule Source L4 Port Keyword The source port for this rule Destination IP Address The destination IP address for this rule Destination IP Mask The destination IP Mask for this r...

Page 311: ...name parameter is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IPv6 access list ACL ID Access List name for a MAC or IPv6 access list or the numeric identifie...

Page 312: ...characters uniquely identifying the IPv6 access list This command fails is an IPv6 ACL by the name newname already exists deny permit IPv6 This command creates a new rule for the current IPv6 access...

Page 313: ...e the redirect parameter allows the traffic matching this rule to be forwarded to the specified unit slot port The assign queue and redirect parameters are only valid for a permit rule ipv6 traffic fi...

Page 314: ...ction show ipv6 access lists This command displays an IPv6 access list and all of the rules that are defined for the IPv6 ACL Use the name parameter to identify a specific IPv6 ACL to display Note You...

Page 315: ...ime sensitive traffic auto voip all Use this command to enable VoIP Profile on the interfaces of the switch Match All Indicates whether this access list applies to every packet Possible values are Tru...

Page 316: ...o voip Use this command to disable VoIP Profile on the interface show auto voip Use this command to display the VoIP Profile settings on the interface or interfaces of the switch Default disabled Form...

Page 317: ...0 v1 0 July 2009 Field Description AutoVoIP Mode The Auto VoIP mode on the interface Traffic Class The CoS Queue or Traffic Class to which all VoIP traffic is mapped to This is not configurable and de...

Page 318: ...CP Server Commands on page 6 39 DNS Client Commands on page 6 54 Packet Capture Commands on page 6 60 Cable Test Command on page 6 82 sFlow Commands on page 6 83 Note The commands in this chapter are...

Page 319: ...and if necessary a DNS server There are three stepss to Auto Install 1 Configuration or assignment of an IP address for the device 2 Assignment of a TFTP server 3 Obtain a configuration file for the d...

Page 320: ...om a TFTP server boot autoinstall stop The command is used to A user may terminate the Auto Install process at any time prior to the downloading of the config file This is most optimally done when the...

Page 321: ...lows reduced down time when you upgrade or downgrade the software delete This command deletes the supplied image file from the permanent storage The image to be deleted must be a backup image If this...

Page 322: ...ckup images on the supplied unit node of the Stack If you do not specify a unit number the command displays image details for all nodes on the Stack The command also displays any text description asso...

Page 323: ...section describes the commands you use to view information about system features components and configurations show arp switch This command displays the contents of the IP stack s Address Resolution P...

Page 324: ...EC Term Definition File The file in which the event originated Line The line number of the event Task Id The task ID of the event Code The event code Time The time this event occurred Unit The unit fo...

Page 325: ...ch Description Text used to identify the product name of this switch Machine Type The machine model as defined by the Vital Product Data Machine Model The machine model as defined by the Vital Product...

Page 326: ...rs Collisions Frames The best estimate of the total number of collisions on this Ethernet segment Time Since Counters Last Cleared The elapsed time in days hours minutes and seconds since the statisti...

Page 327: ...kets Received Octets The total number of octets of data received by the processor excluding framing bits but including FCS octets Packets Received Without Error The total number of packets including b...

Page 328: ...d The number of outbound packets which were chosen to be discarded even though no errors had been detected to prevent their being deliverable to a higher layer protocol A possible reason for discardin...

Page 329: ...numbers that are separated by colons for example 01 23 45 67 89 AB In an IVL system the MAC address will be displayed as 8 bytes Interface The port through which this address was learned Interface In...

Page 330: ...tion Report status bytes Term Definition VLAN ID The VLAN on which the MAC address was learned Term Definition Dynamic Address count Number of MAC addresses in the forwarding database that were automa...

Page 331: ...status The following shows an example of CLI display output for the command switch show mbuf total mbufSize 9284 0x2444 Current Time 0x1897fa MbufsFree 150 MbufsRxUsed 0 Total Rx Norm Alloc Attempts...

Page 332: ...group name all If some but not all of the flags in that group are enabled the command displays trapflags groupname flag name Note Show running config does not display the User Password even if you se...

Page 333: ...t show running config interface unit slot port VLAN id LAG id Mode Interface Config Format show sysinfo Mode Privileged EXEC Term Definition Switch Description Text used to identify this switch System...

Page 334: ...er in the range of 5 to 48 After the user configured number of lines is displayed in one page the system prompts the user More or q uit Press q or Q to quit or press any key to display the next set of...

Page 335: ...es logging to an in memory log that keeps up to 128 logs no logging buffered This command disables logging to in memory log logging buffered wrap This command enables wrapping of in memory logging whe...

Page 336: ...li command This command disables the CLI command Logging feature logging console This command enables logging to the console You can specify the severitylevel value as either an integer from 0 to 7 or...

Page 337: ...eger from 0 to 7 or symbolically through one of the following keywords emergency 0 alert 1 critical 2 error 3 warning 4 notice 5 info 6 or debug 7 logging host remove This command disables logging to...

Page 338: ...ogging Shows whether CLI Command logging is enabled Console Logging Shows whether console logging is enabled ConsoleLogging Severity Filter The minimum severity to log to the console log Messages with...

Page 339: ...full situation Buffered Log Count The count of valid entries in the buffered log Format show logging hosts unit Mode Privileged EXEC Term Definition Host Index Used for deleting hosts IP Address Hostn...

Page 340: ...ands This section describes the commands you use to help troubleshoot connectivity issues and to restore various configurations to their factory defaults Term Definition Number of Traps Since Last Res...

Page 341: ...ed EXEC Parameter Description ipaddr hostname The ipaddr value should be a valid IP address The hostname value should be a valid hostname initTtl Use initTtl to specify the initial time to live TTL th...

Page 342: ...2 0 msec 0 msec 1 msec 3 172 31 0 9 277 msec 276 msec 277 msec 4 10 254 1 1 289 msec 327 msec 282 msec 5 10 254 21 2 287 msec 293 msec 296 msec 6 192 168 76 2 290 msec 291 msec 289 msec 7 0 0 0 0 0 ms...

Page 343: ...values It does not reset the switch clear mac addr table This command clears the dynamically learned MAC addresses of the switch clear logging buffered This command clears the messages maintained in t...

Page 344: ...ts without powering off the switch You are prompted to confirm that the password reset should proceed clear port channel This command clears all port channels LAGs clear traplog This command clears th...

Page 345: ...ecimal characters logout This command closes the current telnet connection or resets the current serial connection ping Use this command to determine whether another computer is on the network Ping pr...

Page 346: ...unt 3 interval 1 size 255 Pinging 192 168 254 222 with 255 bytes of data Received Response Unreachable Destination Received Response Unreachable Destination Received Response Unreachable Destination 1...

Page 347: ...is command resets the switch without powering it off Reset means that all network connections are terminated and the boot code executes The switch uses the stored configuration to initialize the switc...

Page 348: ...to the file and filename is the name of the file you want to upload or download For SFTP and SCP the username parameter is the username for logging into the remote server via SSH For platforms that su...

Page 349: ...e script In case of any error the command lists all the lines at the end of the validation process and prompts you to confirm before copying the script file url nvram script destfilename noval When yo...

Page 350: ...image2 Download an image from the remote server to either image In a stacking environment the downloaded image is distributed to the stack nodes image1 image2 url Upload either image to the remote ser...

Page 351: ...es Simple Network Time Protocol SNTP client mode sntp client port This command sets the SNTP client port id to a value from 1 65535 no sntp client port This command resets the SNTP client port back to...

Page 352: ...set the poll timeout for SNTP unicast clients in seconds to a value from 1 30 no sntp unicast client poll timeout This command will reset the poll timeout for SNTP unicast clients to its default value...

Page 353: ...rom the server is based on Coordinated Universal Time UTC which is the same as Greenwich Mean Time GMT This may not be the time zone in which the switch is located Use the clock timezone command to co...

Page 354: ...lock timezone Mode Global Config Format show sntp Mode Privileged EXEC Term Definition Last Update Time Time of last clock update Last Unicast Attempt Time Time of last transmit query in unicast mode...

Page 355: ...hostname of configured SNTP Server Server Type Address Type of Server Server Stratum Claimed stratum of the server for the last received valid packet Server Reference ID Reference clock identifier of...

Page 356: ...address allocations Last Attempt Time Last server attempt time for the specified server Last Update Status Last server attempt status for the server Total Unicast Requests Number of requests to the se...

Page 357: ...ifier is required instead of hardware addresses The unique identifier is a concatenation of the media type and the MAC address For example the Microsoft client identifier for Ethernet address c819 248...

Page 358: ...ies the default router list for a DHCP client address1 address2 address8 are valid IP addresses each made up of four decimal bytes ranging from 0 to 255 IP address 0 0 0 0 is invalid no default router...

Page 359: ...address of a DHCP client Hardware address is the MAC address of the hardware platform of the client consisting of 6 bytes in dotted hexadecimal format Type indicates the protocol of the hardware plat...

Page 360: ...tion of the lease for an IP address that is assigned from a DHCP server to a DHCP client The overall lease time should be between 1 86400 minutes If you specify infinite the lease is set for 60 days Y...

Page 361: ...et mask for the specified address pool The prefix length is an integer from 0 to 32 no network This command removes the subnet number and mask bootfile The command specifies the name of the default bo...

Page 362: ...ilable to DHCP clients One IP address is required although one can specify up to eight addresses in one command line Servers are listed in order of preference address1 is the most preferred server add...

Page 363: ...This command removes the NetBIOS node Type next server This command configures the next server in the boot process of a DHCP client The address parameter is the IP address of the next server in the bo...

Page 364: ...or example a3 4f 22 0c colon for example a3 4f 22 0c or white space for example a3 4f 22 0c no option This command removes the DHCP Server options The code parameter specifies the DHCP option code ip...

Page 365: ...ss as part of a ping operation By default the number of packets sent to a pool address is 2 which is the smallest allowed number when sending packets Setting the number of packets to 0 disables this c...

Page 366: ...ress pool no ip dhcp bootp automatic This command disables the allocation of the addresses to the bootp client The address are from the automatic address pool ip dhcp conflict logging This command ena...

Page 367: ...om 0 to 255 IP address 0 0 0 0 is invalid clear ip dhcp server statistics This command clears DHCP server statistics counters clear ip dhcp conflict The command is used to clear an address conflict fr...

Page 368: ...Modes Privileged EXEC User EXEC Term Definition IP address The IP address of the client Hardware Address The MAC Address or the client identifier Lease expiration The lease expiration time of the IP...

Page 369: ...e name of the configured pool Pool Type The pool type Lease Time The lease expiration time of the IP address assigned to the client DNS Servers The list of DNS servers available to the DHCP client Def...

Page 370: ...med Bindings The number of truncated or corrupted messages that were received by the DHCP server Message Definition DHCP DISCOVER The number of DHCPDISCOVER messages the server has received DHCP REQUE...

Page 371: ...bled the DNS client provides a hostname lookup service to other components ip domain lookup Use this command to enable the DNS client no ip domain lookup Use this command to disable the DNS client For...

Page 372: ...ame For an unqualified hostname xxx a DNS query is made to find the IP address corresponding to xxx yahoo com no ip domain name Use this command to remove the default domain name configured using the...

Page 373: ...ver The preference of the servers is determined by the order they were entered no ip name server Use this command to remove a name server ip host Use this command to define static host name to address...

Page 374: ...to remove the static host name to IPv6 address mapping in the host cache ip domain retry Use this command to specify the number of times to retry sending Domain Name System DNS queries The parameter...

Page 375: ...this command to return to the default setting clear host Use this command to delete entries from the host name to address cache This command clears the entries from the DNS cache maintained by the sof...

Page 376: ...Stanford edu rediff com Domain Name lookup Enabled Number of retries 5 Retry timeout period 1500 Name servers Preference order 176 16 1 18 176 16 1 19 Configured host name to address mapping Host Addr...

Page 377: ...al can be used to decode and review the packets in detail Capturing can be performed in a variety of modes either transmit side only receive side only or both The number of packets captured will depen...

Page 378: ...ll writes to the buffer will wrap around to allow continuous packet caputure show capture packets This command displays packets being captured from the buffer The output of the show command can be red...

Page 379: ...bug arp Use this command to disable ARP debug protocol messages debug auto voip Use this command to enable Auto VOIP debug messages Use the optional parameters to trace H323 SCCP or SIP packets respec...

Page 380: ...ace output The output of debug trace commands will appear on all login sessions for which debug console has been enabled The configuration of this command remains in effect for the life of the login s...

Page 381: ...igmpsnooping packet This command enables tracing of IGMP Snooping packets received and transmitted by the switch no debug igmpsnooping packet This command disables tracing of IGMP Snooping packets De...

Page 382: ...isabled Format debug igmpsnooping packet transmit Mode Privileged EXEC Parameter Definition TX A packet transmitted by the device Intf The interface that the packet went out on Format used is unit slo...

Page 383: ...re displayed in the trace message Format no debug igmpsnooping transmit Mode Privileged EXEC Default disabled Format debug igmpsnooping packet receive Mode Privileged EXEC Parameter Definition RX A pa...

Page 384: ...ved DVMRP packets and transmit traces only transmitted DVMRP packets When neither keyword is used in the command then all DVMRP packet traces are dumped Vital information such as source address destin...

Page 385: ...displayed on the console no debug ip igmp packet Use this command to disable debug tracing of IGMP packet reception and transmission debug ip mcache packet Use this command for tracing MDATA packet r...

Page 386: ...PIMDM packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitted is displa...

Page 387: ...e packet length and the interface on which the packet is received or transmitted is displayed on the console no debug ip pimsm packet Use this command to disable debug tracing of PIMSM packet receptio...

Page 388: ...ansmission debug ipv6 mld packet Use this command to trace MLDv6 packet reception and transmission receive traces only received MLDv6 packets and transmit traces only transmitted MLDv6 packets When ne...

Page 389: ...and transmission debug ipv6 pimsm packet Use this command to trace PIMSMv6 packet reception and transmission receive traces only received PIMSMv6 packets and transmit traces only transmitted PIMSMv6 p...

Page 390: ...ooping packet reception and transmission receive traces only received MLD snooping packets and transmit traces only transmitted MLD snooping packets When neither keyword is used in the command then al...

Page 391: ...Src Ip 10 50 50 1 DestIp 192 168 50 2 AreaId 0 0 0 0 Type DB_DSCR Mtu 1500 Options E Flags I M MS Seq 126166 15 JAN 02 11 03 36 10 50 50 1 2 OSPF 46300472 ospf_debug c 297 25434 Pkt RX Intf 2 0 48 Sr...

Page 392: ...tIp The destination IP address in the IP header of the packet AreaId The area ID in the OSPF header of the packet Type Could be one of the following HELLO Hello packet DB_DSCR Database descriptor LS_R...

Page 393: ...kets debug ospfv3 packet Use this command to enable OSPFv3 packet debug trace no debug ospfv3 packet Use this command to disable tracing of OSPFv3 packets Field Definition Length Length of packet Fiel...

Page 394: ...0 1 DEST_IP 10 50 50 2 Type ECHO_REPLY The following parameters are displayed in the trace message no debug ping packet This command disables tracing of ICMP echo requests and responses Default disabl...

Page 395: ...rmat debug rip packet Mode Privileged EXEC Parameter Definition TX RX TX refers to a packet transmitted by the device RX refers to packets received by the device Intf The interface that the packet cam...

Page 396: ...e no debug sflow packet Use this command to disable sFlow debug packet trace debug spanning tree bpdu This command enables tracing of spanning tree BPDUs received and transmitted by the switch Format...

Page 397: ...Root Priority 0x8000 Path Cost 0 The following parameters are displayed in the trace message Format no debug spanning tree bpdu Mode Privileged EXEC Default disabled Format debug spanning tree bpdu r...

Page 398: ...00 Root_Priority 0x8000 Path_Cost 0 The following parameters are displayed in the trace message Format no debug spanning tree bpdu receive Mode Privileged EXEC Default disabled Format debug spanning...

Page 399: ...de Privileged EXEC Note The cable test feature is supported only for copper cable It is not supported for optical fiber cable If the port has an active link while the cable test is run the link can go...

Page 400: ...ut max datagram size ip ipv6 ip port port Mode Global Config Field Description Receiver Owner The identity string for the receiver the entity making use of this sFlowRcvrTable entry The range is 127 c...

Page 401: ...rate sampling rate maxheadersize size Mode Interface Config Field Description Receiver Index The sFlow Receiver for this sFlow sampler to which flow samples are to be sent A value of zero 0 means that...

Page 402: ...ng rate maxheadersize size Mode Interface Config Format sflow poller rcvr indx interval poll interval Mode Interface Config Field Description Receiver Index Enter the sFlow Receiver associated with th...

Page 403: ...y the sFlow polling instances created on the switch Use for range Format show sflow agent Mode Privileged EXEC Field Description sFlow Version Uniquely identifies the version and implementation of thi...

Page 404: ...rs index Mode Privileged EXEC Field Description Receiver Index The sFlow Receiver associated with the sampler poller Owner String The identity string for receiver the entity making use of this sFlowRc...

Page 405: ...leged EXEC Field Description Sampler Data Source The sFlowDataSource slot port for this sFlow sampler This agent will support Physical ports only Receiver Index The sFlowReceiver configured for this s...

Page 406: ...page 7 20 Access Commands on page 7 28 User Account Commands on page 7 29 SNMP Commands on page 7 40 RADIUS Commands on page 7 52 TACACS Commands on page 7 67 Configuration Scripting Commands on page...

Page 407: ...or enable password 2 Management CPU IP address and network mask 3 System name and location information The tool is interactive and uses questions to guide you through the steps required to perform its...

Page 408: ...sword Y N Q y Enter new password Confirm new password Password Changed The enable password required for switch configuration via the command line interface is currently not configured Do you wish to c...

Page 409: ...leged EXEC mode From the Privileged EXEC mode you can configure the network interface network parms This command sets the IP address subnet mask and gateway of the device The IP address and the gatewa...

Page 410: ...lly administered MAC addresses The following rules apply Bit 6 of byte 0 called the U L bit indicates whether the address is universally administered b 0 or locally administered b 1 Bit 7 of byte 0 ca...

Page 411: ...va applet show network This command displays configuration settings associated with the switch s network interface The network interface is the logical interface used for in band connectivity with the...

Page 412: ...lt value is 0 0 0 0 IPv6 Administrative Mode Whether enabled or disabled IPv6 Address Length The IPv6 address and length IPv6 Default Router The IPv6 default router address Burned In MAC Address The b...

Page 413: ...figure a variety of system settings including user accounts From the Global Config mode you can enter other command modes including Line Config mode line This command gives you access to the Line Conf...

Page 414: ...sets the maximum connect time in minutes without console activity login authentication To specify login authentication method list for remote telnet or console use the login authentication command in...

Page 415: ...r EXEC Term Definition Serial Port Login Timeout minutes The time in minutes of inactivity on a Serial port connection after which the Switch will close the connection Any numeric value between 0 and...

Page 416: ...e Telnet listening port and disconnects all open Telnet sessions telnet This command establishes a new outbound Telnet connection to a remote host The host value must be a valid IP address or host nam...

Page 417: ...put telnet This command regulates new outbound Telnet connections If enabled new outbound Telnet sessions can be established until the system reaches the maximum number of simultaneous outbound Telnet...

Page 418: ...of 0 indicates that no outbound Telnet session can be established no session limit This command sets the maximum number of simultaneous outbound Telnet sessions to the default value session timeout T...

Page 419: ...ssions that can be established to the default value telnetcon timeout This command sets the Telnet connection session timeout value in minutes A session is active as long as the session has not been i...

Page 420: ...for active sessions does not become effective until the session is reaccessed Also any keystroke activates the new timeout duration Format no telnetcon timeout Mode Privileged EXEC Format show telnet...

Page 421: ...short form of the ip ssh server enable command Format show telnetcon Modes Privileged EXEC User EXEC Term Definition Remote Connection Login Timeout minutes This object indicates the number of minute...

Page 422: ...This command disables the IP secure shell server sshcon maxsessions This command specifies the maximum number of SSH connection sessions that can be established A value of 0 indicates that no ssh con...

Page 423: ...sessions does not become effective until the session is re accessed Also any keystroke activates the new timeout duration no sshcon timeout This command sets the SSH connection session timeout value...

Page 424: ...e device regardless of whether they are self signed or downloaded from an outside source Term Definition Administrative Mode This field indicates whether the administrative mode of SSH is enabled or d...

Page 425: ...existing generated or downloaded DSA key files no crypto key generate dsa Use this command to delete the DSA key files from the device Hypertext Transfer Protocol HTTP Commands This section describes...

Page 426: ...affected no ip http server This command disables access to the switch through the Web interface When access is disabled the user cannot login to the switch s Web server ip http secure server This com...

Page 427: ...ions in hours Configuring this value to zero will give an infinite hard timeout When this timeout expires the user will be forced to re authenticate This timer begins on initiation of the web session...

Page 428: ...tication is used if the radius server is down no ip http authentication This command restores the authentication methods to the default ip http session maxsessions This command limits the number of al...

Page 429: ...re authenticate This timer begins on initiation of the Web session and is re started with each access to the switch no ip http session soft timeout This command resets the soft timeout for un secure...

Page 430: ...set to zero infinite no ip http secure session soft timeout This command restores the soft timeout for secure HTTP sessions to the default value ip http secure session hard timeout This command config...

Page 431: ...an authentication method after radius no authentication is used if the radius server is down no ip https authentication This command restores the authentication methods to the default for http server...

Page 432: ...vileged EXEC Default SSL3 and TLS1 Format ip http secure protocol SSL3 TLS1 Mode Privileged EXEC Format show ip http Mode Privileged EXEC Term Definition HTTP Mode Unsecure The unsecure HTTP server ad...

Page 433: ...al port connections to the switch Secure Protocol Level s The protocol level may have the values of SSL3 TSL1 or both SSL3 and TSL1 Maximum Allowable HTTPS Sessions The number of allowable secure http...

Page 434: ...al port connection Idle Time Time this session has been idle Session Time Total time this session has been connected Session Type Shows the type of session which can be HTTP HTTPS telnet serial or SSH...

Page 435: ...the specified login user The valid accessmode values are readonly or readwrite The username is the login user name for which the specified access mode applies The default is readwrite for the admin us...

Page 436: ...therefore must be at least eight characters in length The username is the user name associated with the authentication protocol You must enter the username in the same case you used when you added th...

Page 437: ...associated with the specified encryption You must enter the username in the same case you used when you added the user To see the case of the username enter the show users command no username snmpv3 e...

Page 438: ...he SNMPv3 user is able to set and retrieve parameters on the system If the value is set to ReadOnly the SNMPv3 user is only able to retrieve parameter information The SNMPv3 access mode may be differe...

Page 439: ...range is 0 64 no passwords min length Use this command to set the minimum password length to the default value Term Definition User Name The full name of the user Format show users login history user...

Page 440: ...asswords history Use this command to set the password history to the default value passwords aging Use this command to implement aging on passwords for local users When a user s password expires the u...

Page 441: ...onsole The valid range is 1 5 The default is 0 or no lockout count enforced no passwords lock out Use this command to set the password lock out count to the default value show passwords configuration...

Page 442: ...thod in the command line For example if none is specified as an authentication method after radius no authentication is used if the radius server is down where Default Uses the listed authentication m...

Page 443: ...s an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line For example if none is specified as an au...

Page 444: ...is used if the radius server is down line Uses the line password for authentication none Uses no authentication radius Uses the list of all RADIUS servers for authentication Uses username enabx where...

Page 445: ...the same as copy system running config nvram startup config SNMP Commands This section describes the commands you use to configure Simple Network Management Protocol SNMP on the switch You can configu...

Page 446: ...ngth of name can be up to 16 case sensitive characters no snmp server community This command removes this community name from the table The name is the community name to be deleted Default none Format...

Page 447: ...ss for an SNMP community to 0 0 0 0 The name is the applicable community name snmp server community ipmask This command sets a client IP mask for an SNMP community The address is the associated commun...

Page 448: ...this community cannot manage the switch until the Status is changed back to Enable no snmp server community mode This command deactivates an SNMP community If the community is disabled no SNMP request...

Page 449: ...ess is received on a locked port no snmp server enable traps violation This command disables the sending of new violation traps snmp server enable traps This command enables the Authentication Flag Fo...

Page 450: ...command disables Link Up Down traps for the entire switch snmp server enable traps multiusers This command enables Multiple User traps When the traps are enabled a Multiple User Trap is sent when a us...

Page 451: ...trap This command adds an SNMP trap receiver The maximum length of name is 16 case sensitive alphanumeric characters The snmpversion is the version of SNMP The version parameter options are snmpv1 or...

Page 452: ...addr pair must be unique Multiple entries can exist with the same name as long as they are associated with a different ipaddr The reverse scenario is also acceptable The name is the community name use...

Page 453: ...d deactivates an SNMP trap Disabled trap receivers are unable to receive traps snmp trap link status This command enables link status traps by interface Note IP addresses in the SNMP trap receiver tab...

Page 454: ...s Format snmp trap link status Mode Interface Config Note This command is valid only when the Link Up Down Flag is enabled Format no snmp trap link status Mode Interface Config Note This command is va...

Page 455: ...The community string to which this entry grants access A valid entry is a case sensitive alphanumeric string of up to 16 characters Each row of this table must contain a unique community name Client I...

Page 456: ...g is case sensitive and can be up to 16 alphanumeric characters IP Address The IPv4 address to receive SNMP traps from this device IPv6 Address The IPv6 address to receive SNMP traps from this device...

Page 457: ...her DVMRP traps are sent OSPFv2 Traps Can be enabled or disabled The factory default is disabled Indicates whether OSPF traps are sent If any of the OSPF trap flags are not enabled then the command di...

Page 458: ...onfigured while enabling this attribute the RADIUS client uses that IP address while sending NAS IP Address attribute in RADIUS communication no radius server attribute The no version of this command...

Page 459: ...meter the command configures the IP address or hostname to use to connect to a RADIUS authentication server You can configure up to 3 servers per RADIUS client If the maximum number of configured serv...

Page 460: ...from the configuration Similarly if the acct token is used the previously configured RADIUS accounting server is removed from the configuration The ipaddr dnsname parameter must match the IP address o...

Page 461: ...and is executed the secret is prompted Text based configuration supports Radius server s secrets in encrypted and non encrypted format When you save the configuration these secret keys are stored in e...

Page 462: ...rs can be configured for each number of servers that have the same name When the RADIUS client has to perform transactions with an authenticating RADIUS server of specified name the client uses the pr...

Page 463: ...adius server retransmit The no version of this command sets the value of this global parameter to the default value radius server timeout This command configures the global parameter for the RADIUS cl...

Page 464: ...ries Maximum number of transmission attempts in the range 1 30 Format no radius server timeout Mode Global Config Format show radius Mode Privileged EXEC Term Definition Number of Configured Authentic...

Page 465: ...mes a request packet is retransmitted Time Duration The configured timeout value in seconds for request re transmissions RADIUS Accounting Mode A global parameter to indicate whether the accounting mo...

Page 466: ...port used for communication with the authenticating server Type Specifies whether this server is a primary or secondary type Current Host Address The IP address of the currently active authenticating...

Page 467: ...Enable Number of Retransmits 4 Time Duration 10 RADIUS Accounting Mode Disable RADIUS Attribute 4 Mode Enable RADIUS Attribute 4 Value 192 168 37 60 show radius accounting This command displays a sum...

Page 468: ..._RADIUS_Server Host Address 192 168 37 200 RADIUS Accounting Mode Disable Port 1813 Secret Configured Yes show radius accounting statistics This command displays a summary of statistics for the config...

Page 469: ...ransmission The number of RADIUS Accounting Request packets retransmitted to this RADIUS accounting server Responses The number of RADIUS packets received on the accounting port from this server Malfo...

Page 470: ...dnsname The DNS name of the server servername The alias name to identify the server RADIUS Server Name The name of the authenticating server Server Host Address The IP address of the host Access Reque...

Page 471: ...onses 0 Bad Authenticators 0 Pending Requests 0 Malformed Access Responses The number of malformed RADIUS Access Response packets received from this server Malformed packets include packets with an in...

Page 472: ...r text over the network TACACS uses TCP to ensure reliable delivery and a shared key configured on the client and daemon server to encrypt all messages tacacs server host Use the tacacs server host co...

Page 473: ...ypted format enter the key along with the encrypted keyword In the show running config command s display these secret keys are displayed in encrypted format You cannot show these keys in plain text fo...

Page 474: ...ters Text based configuration supports TACACS server s secrets in encrypted and non encrypted format When you save the configuration these secret keys are stored in encrypted format only If you want t...

Page 475: ...e is used The timeout parameter has a range of 1 30 and is the timeout value in seconds show tacacs Use the show tacacs command to display the configuration and statistics of a TACACS server Default 0...

Page 476: ...tions Scripts must conform to the following rules Script files are not distributed across the stack and only live in the unit that is the master unit at the time of the file download The file extensio...

Page 477: ...tch script list This command lists all scripts present on the switch as well as the remaining available space Note To specify a blank password for a user in the configuration script you must specify i...

Page 478: ...script on any given device Pre login Banner and System Prompt Commands This section describes the commands you use to configure the pre login banner and the system prompt The pre login banner is the...

Page 479: ...length of name may be up to 64 alphanumeric characters Default none Format copy Code Sample Variable tftp ipaddr filepath filename Code Sample Variable nvram clibanner copy nvram clibanner Code Sampl...

Page 480: ...erstanding of the system configuration and details of the problem will assist NETGEAR Inc in determining the root cause of such a problem The Log Messages chapter includes the following sections Core...

Page 481: ...ace creation out of order NIM NIM event x intf x component x in wrong phase An event was issued to NIM during the wrong configuration phase probably Phase 1 2 or WMU NIM NIM Failed to notify users of...

Page 482: ...the sizes version size expected version size differ The configuration file which was loaded was of a different size than expected for the version number This message indicates the configuration file n...

Page 483: ...CP Filtering Error on call to sysapiCfgFileWrite file Error on trying to save configuration Table 8 6 NVStore Log Messages Component Message Cause NVStore Building defaults for file XXX A component s...

Page 484: ...tempting to read data from the RADIUS server RADIUS RADIUS Accounting Response failed to validate id xxx The RADIUS Client received an invalid message from the server RADIUS RADIUS User xxx needs to r...

Page 485: ...S TACACS received invalid packet type from server Received packet type that is not supported TACACS TACACS invalid major version in received packet Major version mismatch TACACS TACACS invalid minor v...

Page 486: ...specified connection type EmWeb ewsNetHTTPReceive failure in NetReceiveLoop closing connection Socket receive failure EmWeb EmWeb connection allocation failed Memory allocation failure for the new con...

Page 487: ...p upload result Unknown error returned while uploading file using TFTP from web interface WEB Web UI Screen with unspecified access attempted to be brought up Failed to get application specific author...

Page 488: ...e SSLT SSLT Msg Queue is full event XXXX Failed to send the received message to the SSLT message queue as message queue is full XXXX indicates the event to be sent SSLT SSLT Unknown UI event in messag...

Page 489: ...configuration cannot be saved Protected Ports protectedPortCnfgrInitPhase1Process Unable to create r w lock for protectedPort This appears when protectedPortCfgRWLock Fails Protected Ports protectedP...

Page 490: ...table IPsubnet vlans vlanIpSubnetVlanChangeCallback Failed to add an Entry This appears when a dtl fails to add an entry for a vlan add notify event IPsubnet vlans vlanIpSubnetVlanChangeCallback Faile...

Page 491: ...ailed Failed sending message to RADIUS server 802 1X dot1xRadiusAcceptProcess error calling radiusAccountingStart ifIndex xxx Failed sending accounting start to RADIUS server 802 1X function failed se...

Page 492: ...ILURE The garpPduQueue is full logs specific of the GPDU internal interface number vlan id buffer handle etc GARP GVRP GMRP garpMapIntfIsConfigurable gmrpMapIntfIsConfigurable Error accessing GARP GMR...

Page 493: ...lantagIntfIsConfigurable Error accessing dvlantag config data for interface d A default configuration does not exist for this interface Typically a case when a new interface is created and has no pre...

Page 494: ...emberSetModify dot1qVlanTaggedMemberSetModify Dynamic entry d can only be modified after it is converted to static If this vlan is a learnt via GVRP then we cannot modify it s member set via managemen...

Page 495: ...ges Component Message Cause ACL Total number of ACL rules x exceeds max y on intf i The combination of all ACLs applied to an interface has resulted in requiring more rules than the platform supports...

Page 496: ...Policy invalid for service intf policy name intIfNum x direction y The DiffServ policy definition is not compatible with the capabilities of the interface specified Check the platform release notes fo...

Page 497: ...e current size of the database OSPFv2 The number of LSAs 25165 in the OSPF LSDB has exceeded the LSDB memory allocation When the OSPFv2 LSDB becomes full OSPFv2 logs this message OSPFv2 reoriginates i...

Page 498: ...iodically verifies the checksum of each LSA in memory OSPFv3 logs this Table 8 40 Routing Table Manager Log Messages Component Message Cause Routing Table Manager RTO is full Routing table contains 80...

Page 499: ...RP ignored an incoming message whose time to live TTL in the IP header was not 255 Table 8 42 ARP Log Message Component Message Cause ARP ARP received mapping for IP address xxx to MAC address yyy Thi...

Page 500: ...g IGMP data pipe Error opening IGMP data pipe When we fail to create open IGMP data pipe for Mcast data messages IGMP Error getting memory for source record When we are unable to allocate memory for a...

Page 501: ...e entry into cache PIM_SM Config error Trying to add static RP Dynamic RP with same ip addr exists Router learns RP group mapping through Bootstrap messages received This message pops when the static...

Page 502: ...ring a neighbor DVMRP dvmrp_recv_prune failed getting memory for prune Failed to allocate memory while receiving a prune DVMRP dvmrp_new_route failed getting memory for route Failed to get memory for...

Page 503: ...apiBroadQosCosQueueConfig Failed to configure minimum bandwidth Available bandwidth x Attempting to configure the bandwidth beyond it s capabilities OS USL failed to put sync response on queue A respo...

Page 504: ...e to a transport failure or API issue on remote unit A synchronization retry will be issued OS Invalid LAG id x Possible synchronization issue between the BCM driver and HAPI OS Invalid uport calculat...

Page 505: ...ndicates the file system may be corrupted OSAPI ftruncate failed File is open for reading only ftruncate is called to correctly set the file s size in the file system after a write The file is opened...

Page 506: ...all to remove the interface from the route table the attempt to get the ipv4 interface mask from the stack failed OSAPI osapiCleanupIf NetIpDel During the call to remove the interface from the route t...

Page 507: ...nd HTTPS web connections In addition Captive Portal can be configured to use an optional HTTP port in support of HTTP Proxy networks If configured this additional port is then used exclusively by Capt...

Page 508: ...rt Use this command to reset the HTTP port to the default number 80 https port Use this command to configure an additional HTTPS port for captive portal to monitor The valid range is from 0 to 65535 D...

Page 509: ...s to be served again in order for the client to gain access to the network no authentication timeout Use this command to reset the authentication timeout to the default show captive portal Use this co...

Page 510: ...ows the reason why the operational is disabled CP IP Address It is the captive portal server IP address Format show captive portal status Mode Privileged EXEC mode Term Definition Additional HTTP Port...

Page 511: ...e commands in this section are related to captive portal configurations configuration Captive Portal Use this command to enter the captive portal instance mode The captive portal configuration identif...

Page 512: ...nfiguration name Use this command to configure the name for a captive portal configuration The cp name can be up to 32 alphanumeric characters in length Format no configuration 1 10 Mode Captive Porta...

Page 513: ...o allow access for guest users users that do not have assigned user names and passwords User verification can also be configured to allow access for authenticated users Authenticated users are require...

Page 514: ...mmand user group 1 10 to create a group ID The default group ID is 1 for a captive portal configuration no group Use this command to reset the group number to the default redirect Captive Portal Use t...

Page 515: ...e rate is in bits per seconds 0 indicates limit not enforced no max bandwidth down Use this command to reset the maximum rate to the default max bandwidth up Use this command to configure the maximum...

Page 516: ...his limit has been reached the user will be disconnected The number of octets is in bytes 0 indicates limit not enforced no max input octets Use this command to reset the limit to the default Default...

Page 517: ...and to configure the maximum number of octets the user is allowed to transfer i e the sum of octets transmitted and received After this limit has been reached the user will be disconnected The number...

Page 518: ...timeout to the default idle timeout Use this command to configure the idle timeout for a captive portal configuration 0 indicates timeout not enforced After an idle session has been reached this the u...

Page 519: ...ions using a text based format no locale This command is intended to delete a locale The default locale cannot be deleted interface Captive Portal Use this command to associate an interface with a cap...

Page 520: ...a captive portal instance is a temporary command executed by the administrator and not saved in the configuration no block Use this command to unblock traffic Captive Portal Status Commands This sect...

Page 521: ...captive portal ID If you do not specify an interface number all the interfaces assigned to the captive portal configuration will be displayed Format show captive portal configuration 1 10 Mode Privil...

Page 522: ...erface Description Unit 1 Slot 0 Port 1 Gigab Operational Status Disabled Disable Reason Interface Not Attached Block Status Not Blocked Authenticated Users 0 Term Definition CP ID The captive portal...

Page 523: ...up Name The name of the group associated with this captive portal instance Redirect URL Mode The redirect mode for this captive portal instance Redirect URL The redirect URL is up to 512 characters Se...

Page 524: ...est Group Name group123 Redirect URL Mode Enabled Redirect URL www cnn com Session Timeout seconds 86400 Idle Timeout seconds 600 Max Bandwidth Up bytes sec 0 Max Bandwidth Down bytes sec 0 Max Input...

Page 525: ...portal client status Use this command to display client connection details or a connection summary for connected captive portal users macaddr is Client MAC address If no macaddr is entered all the cl...

Page 526: ...Address 10 254 96 47 Protocol Mode https Verification Mode Local CP ID 1 CP Name cp1 Interface 1 0 1 Interface Description Unit 1 Slot 0 Port 1 Gigabit Level User Name user123 Session Time 0d 00 00 13...

Page 527: ...Received The number of bytes received from the client Bytes Transmitted The number of bytes transmitted to the client Packets Received The number of packets received from the client Packets Transmitt...

Page 528: ...col Verification 0002 BC00 1290 10 254 96 47 1 cp1 http local 0002 BC00 1291 10 254 96 48 2 cp2 http local show captive portal configuration client status Use this command to display the clients authe...

Page 529: ...2 BC00 1290 10 254 96 47 1 0 1 Unit 1 Slot 0 Port 1 Gigabit 0002 BC00 1291 10 254 96 48 1 0 2 Unit 1 Slot 0 Port 2 Gigabit captive portal client deauthenticate Use this command to deauthenticate a spe...

Page 530: ...ds The following section describes captive portal local user commands user password Use this command to create a local user or change the password for an existing user The user id is user ID in the ra...

Page 531: ...re execute this command You can create the local user using user password first user group Use this command to associate a group with a captive portal user A user must be associated with at least one...

Page 532: ...er session timeout Use this command to reset the session timeout to the default user idle timeout Use this command to set the session idle timeout value for a captive portal user 1 128 is the user ID...

Page 533: ...down Use this command to reset the limit to the default user max bandwidth up Use this command to configure the bandwidth at which the client can send data into the Network 1 128 is the user ID The ra...

Page 534: ...is command to reset the limit to the default user max output octets Use this command to limit the number of octets the user is allowed to receive After this limit has been reached the user will be dis...

Page 535: ...the user ID The range of octets is 0 4294967295 0 indicates to use the global limit Use the no form of this command to reset the limit to the default no user max total octets Use this command to rese...

Page 536: ...client can send data into the network If the value is 0 then use the value configured for the captive portal Max Bandwidth Down bytes sec Maximum client receive rate b s Limits the bandwidth at which...

Page 537: ...dth Up bytes sec 0 Max Bandwidth Down bytes sec 0 Max Input Octets bytes 0 Max Output Octets bytes 0 Max Total Octets bytes 0 Group ID Group Name 1 Default 2 group2 clear captive portal users Use this...

Page 538: ...0 is the user group ID The name can be a string up to 32 characters user group rename Use this command to change a group s ID to a different group ID Default 1 Format user group 1 10 Mode Captive Port...

Page 539: ...chesize 4 3 arp dynamicrenew 4 3 arp purge 4 4 arp resptime 4 4 arp retries 4 4 arp timeout 4 5 assign queue 5 20 authentication timeout 9 3 authorization network radius 7 52 auto negotiate 3 3 auto n...

Page 540: ...ers 6 27 clear dot1x statistics 3 63 clear host 6 59 clear igmpsnooping 6 28 clear ip arp inspection statistics 3 137 clear ip dhcp binding 6 51 clear ip dhcp conflict 6 51 clear ip dhcp server statis...

Page 541: ...nooping packet receive 6 67 debug igmpsnooping packet transmit 6 66 debug ip acl 6 68 debug ip dvmrp packet 6 68 debug ip igmp packet 6 69 debug ip mcache packet 6 69 debug ip pimdm packet 6 70 debug...

Page 542: ...port 3 182 dos control sipdip 3 180 dos control smacdmac 3 183 dos control tcpfinurgpsh 3 187 dos control tcpflag 3 182 dos control tcpflagseq 3 185 dos control tcpfrag 3 181 dos control tcpoffset 3 1...

Page 543: ...tal 9 13 interface lag 3 3 interface range 3 2 interface vlan 3 3 ip access group 5 41 ip access list 5 39 ip access list rename 5 40 ip address 4 9 ip arp inspection filter 3 133 ip arp inspection li...

Page 544: ...p http java 7 22 ip http secure port 7 26 ip http secure protocol 7 27 ip http secure server 7 21 ip http secure session hard timeout 7 25 ip http secure session maxsessions 7 24 ip http secure sessio...

Page 545: ...dp enable 3 195 isdp holdtime 3 194 isdp run 3 193 isdp timer 3 194 key 7 69 lacp actor admin 3 93 lacp actor admin key 3 93 lacp actor admin state individual 3 94 lacp actor admin state longtimeout 3...

Page 546: ...ansmit mgmt 3 160 lldp transmit tlv 3 159 locale 9 13 logging buffered 6 18 logging buffered wrap 6 19 logging cli command 6 19 logging console 6 20 logging host 6 20 logging host remove 6 21 logging...

Page 547: ...8 max bandwidth down 9 9 max bandwidth up 9 9 max input octets 9 10 max output octets 9 11 max total octets 9 11 member 2 2 mirror 5 20 mode dot1q tunnel 3 45 mode dvlan tunnel 3 46 monitor session 3...

Page 548: ...port channel load balance 3 106 port channel name 3 108 port channel static 3 102 port channel system priority 3 108 port security 3 154 port security mac address 3 155 port security mac address move...

Page 549: ...t garp timer join 3 56 set garp timer leave 3 56 set garp timer leaveall 3 57 set gmrp adminmode 3 60 set gmrp interfacemode 3 61 set gvrp adminmode 3 58 set gvrp interfacemode 3 59 set igmp 3 138 set...

Page 550: ...portal configuration interface 9 15 show captive portal configuration locales 9 18 show captive portal configuration status 9 17 show captive portal configuration 9 14 show captive portal interface cl...

Page 551: ...6 10 show interfaces cos queue 5 7 show interfaces switchport 3 53 show ip access lists 5 42 show ip arp inspection 3 135 show ip arp inspection interfaces 3 137 show ip arp inspection statistics 3 13...

Page 552: ...etail 3 167 show lldp med 3 172 show lldp med interface 3 173 show lldp med local device detail 3 174 show lldp med remote device 3 176 show lldp med remote device detail 3 177 show lldp remote device...

Page 553: ...ecurity dynamic 3 156 show port security static 3 157 show port security violation 3 157 show private group 3 55 show process cpu 6 13 show radius 7 59 show radius accounting 7 62 show radius accounti...

Page 554: ...ported switchtype 2 9 show switch 2 8 show switchport protected 3 52 show sysinfo 6 16 show tacacs 7 70 show tech support 6 17 show telnet 7 15 show telnetcon 7 16 show terminal length 6 18 show trapf...

Page 555: ...nt mode 6 35 sntp client port 6 35 sntp server 6 37 sntp unicast client poll interval 6 36 sntp unicast client poll retry 6 36 sntp unicast client poll timeout 6 36 spanning tree 3 10 spanning tree bp...

Page 556: ...3 81 storm control multicast 3 83 storm control multicast level 3 82 storm control multicast level 3 83 storm control multicast rate 3 82 storm control multicast rate 3 84 storm control unicast 3 84 s...

Page 557: ...s 9 28 user max total octets 9 29 user name 9 25 user password 9 24 user session timeout 9 26 username 7 29 username username unlock 7 30 username nopassword 7 30 username snmpv3 accessmode 7 30 usern...

Page 558: ...ng all 3 36 vlan priority 3 50 vlan protocol group 3 36 vlan protocol group add protocol 3 37 vlan protocol group remove 3 37 vlan pvid 3 39 vlan routing 4 24 vlan tagging 3 40 voice vlan Global Confi...

Reviews:

No comments

Related manuals for FSM726v3 - ProSafe Fast Ethernet L2 Managed Switch

Brand: Cambium Networks Pages: 29

SR8800 IM-FW-II

Brand: H3C Pages: 107

Brand: 3Com Pages: 12

Brand: H3C Pages: 16

H3C S3600 Series

Brand: H3C Pages: 10

Brand: H3C Pages: 42

Brand: H3C Pages: 2

H3C S7500E Series

Brand: H3C Pages: 34

Brand: H3C Pages: 33

Brand: H3C Pages: 14

Brand: H3C Pages: 56

H3C S7500E Series

Brand: H3C Pages: 112

Brand: H3C Pages: 15

SR8800 IM-FW-II

Brand: H3C Pages: 5

H3C S7500E Series

Brand: H3C Pages: 50

Brand: H3C Pages: 37

Brand: H3C Pages: 4

Brand: H3C Pages: 5

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands