manualshive.com logo in svg

NETGEAR ProSafe GSM7228PS, Cli Manual, Page: 252 / 569

Share
Download
NETGEAR ProSafe GSM7228PS Cli Manual Download Page 252

ProSafe 7200 Managed Switches CLI Manual, Software Version 8.0.3

Routing Commands

4-15

v1.0, May 2010

The following shows example CLI display output for the command.

(switch)#show ip interface 1/0/2

Routing Interface Status....................... Down

Primary IP Address............................. 1.2.3.4/255.255.255.0

Secondary IP Address(es)....................... 21.2.3.4/255.255.255.0

............................................... 22.2.3.4/255.255.255.0

Helper IP Address.............................. 1.2.3.4

............................................... 1.2.3.5

Term

Definition

Routing 
Interface Status

Determine the operational status of IPv4 routing Interface. The possible values are Up or 
Down.

Primary IP 
Address

The primary IP address and subnet masks for the interface. This value appears only if you 
configure it.

Secondary IP 
Address

One or more secondary IP addresses and subnet masks for the interface. This value 
appears only if you configure it.

Helper IP 
Address

The helper IP addresses configured by the 

“ip helper-address (Global Config)

command.

Routing Mode

The administrative mode of router interface participation. The possible values are enable 
or disable. This value is configurable.

Administrative 
Mode

The administrative mode of the specified interface. The possible values of this field are 
enable or disable. This value is configurable.

Forward Net 
Directed 
Broadcasts

Displays whether forwarding of network-directed broadcasts is enabled or disabled. This 
value is configurable.

Proxy ARP

Displays whether Proxy ARP is enabled or disabled on the system.

Local Proxy ARP

Displays whether Local Proxy ARP is enabled or disabled on the interface.

Active State

Displays whether the interface is active or inactive. An interface is considered active if its 
link is up and it is in forwarding state.

Link Speed Data 
Rate

An integer representing the physical link data rate of the specified interface. This is 
measured in Megabits per second (Mbps).

MAC Address

The burned in physical address of the specified interface. The format is 6 two-digit 
hexadecimal numbers that are separated by colons.

Encapsulation 
Type

The encapsulation type for the specified interface. The types are: Ethernet or SNAP.

IP MTU

The maximum transmission unit (MTU) size of a frame, in bytes.

Bandwidth

Shows the bandwidth of the interface.

Destination 
Unreachables

Displays whether ICMP Destination Unreachables may be sent (enabled or disabled).

ICMP Redirects

Displays whether ICMP Redirects may be sent (enabled or disabled).

Summary of Contents for ProSafe GSM7228PS

Page 1: ...202 10530 03 May 2010 NETGEAR Inc 350 Plumeria Dr San Jose CA 95124 USA ProSafe 7200 Managed Switches CLI Manual Software Version 8 0 3...

Page 2: ...e operation of some equipment for example test transmitters in accordance with the regulations may however be subject to certain restrictions Please refer to the notes in the operating instructions Th...

Page 3: ...er GSM7228PS and GSM752PS Publication Date May 2010 Product Family managed switch Product Name ProSafe 7200 Series Stackable Managed Switches Home or Business Product Business Language English Publica...

Page 4: ...v1 0 May 2010 iv...

Page 5: ...and Syntax 1 1 Command Conventions 1 2 Common Parameter Values 1 3 Unit Slot Port Naming Convention 1 3 Using the No Form of a Command 1 4 Managed Switch Modules 1 5 Command Modes 1 5 Command Completi...

Page 6: ...53 GARP Commands 3 55 GVRP Commands 3 58 GMRP Commands 3 60 Port Based Network Access Control Commands 3 63 Storm Control Commands 3 77 Port Channel LAG 802 3ad Commands 3 89 Port Mirroring 3 112 Sta...

Page 7: ...4 30 Chapter 5 Power Over Ethernet PoE Commands Power Over Ethernet PoE Commands 5 2 Chapter 6 Quality of Service QoS Commands Class of Service CoS Commands 6 2 Differentiated Services DiffServ Comman...

Page 8: ...mand 7 83 sFlow Commands 7 83 Software License Commands 7 88 Chapter 8 Management Commands Configuring the Switch Management CPU 8 2 Network Interface Commands 8 4 Console Port Access Commands 8 8 Tel...

Page 9: ...O S Support 9 26 Chapter 10 Captive Portal Commands Capitve Portal Global Commands 10 1 Captive Portal Configuration Commands 10 5 Captive Portal Status Commands 10 14 Captive Portal Client Connectio...

Page 10: ...ProSafe 7200 Managed Switches CLI Manual Software Version 8 0 3 x v1 0 May 2010...

Page 11: ...that the reader has an understanding of the software base and has read the appropriate specification for the relevant networking device platform It also assumes that the reader has a basic knowledge...

Page 12: ...ecline while performance and feature sets continue to improve Devices that are capable of switching Layers 2 3 and 4 are increasingly in demand The software provides a flexible solution to these ever...

Page 13: ...t Fixed Command prompt CLI text code italic URL links Note This format is used to highlight information of importance or special interest Tip This format is used to highlight a procedure that will sav...

Page 14: ...manual your computer must have the free Adobe Acrobat reader installed in order to view and print PDF files The Acrobat reader is available on the Adobe Web site at http www adobe com Revision History...

Page 15: ...tch Modules on page 1 5 Command Modes on page 1 5 Command Completion and Abbreviation on page 1 9 CLI Error Messages on page 1 9 CLI Line Editing Conventions on page 1 10 Using CLI Help on page 1 11 A...

Page 16: ...description of the information that the command shows Command Conventions In this document the command name is in bold font Parameters are in italic font You must replace the parameter name with an ap...

Page 17: ...he IP address in the following formats a 32 bits a b 8 24 bits a b c 8 8 16 bits a b c d 8 8 8 8 In addition to these formats the CLI accepts decimal hexadecimal and octal formats through the followin...

Page 18: ...allocated up to the maximum number of physical slots Logical slot numbers Logical slots immediately follow physical slots and identify port channel LAG or router interfaces CPU slot numbers The CPU sl...

Page 19: ...gement Allows management of the device through an IPv6 through an IPv6 address without requiring the IPv6 Routing package in the system The management address can be associated with the network port f...

Page 20: ...witch line Contains commands to configure outbound telnet settings and console interface settings Policy Map Config Switch Config policy map Contains the QoS Policy Map configuration commands Policy C...

Page 21: ...ter enable To exit to the User EXEC mode enter exit or press Ctrl Z Global Config From the Privileged EXEC mode enter configure To exit to the Privileged EXEC mode enter exit or press Ctrl Z VLAN Conf...

Page 22: ...ter ospf To exit to the Global Config mode enter exit To return to the Privileged EXEC mode enter Ctrl Z Router RIP Config From the Global Config mode enter router rip To exit to the Global Config mod...

Page 23: ...essages DHCPv6 Pool Config From the Global Config mode enter ip dhcpv6 pool pool name To exit to the Global Config mode enter exit To return to the Privileged EXEC mode enter Ctrl Z Stack Global Confi...

Page 24: ...ely identify the command Table 8 CLI Editing Conventions Key Sequence Description DEL or Backspace Delete previous character Ctrl A Go to beginning of line Ctrl E Go to end of line Ctrl F Go forward o...

Page 25: ...javamode Enable Disable mgmt_vlan Configure the Management VLAN ID of the switch parms Configure Network Parameters of the router protocol Select DHCP BootP or None as the network config protocol If...

Page 26: ...telnet or SSH connection from a remote management host For the initial connection you must use a direct connection to the console port You cannot access the system remotely until the system has an IP...

Page 27: ...ort stacking stack This command sets the mode to Stack Global Config Note The commands in this chapter are in one of two functional groups Note Show commands display switch settings statistics and oth...

Page 28: ...configures the ability of a switch to become the Primary Management Unit The unit is the switch identifier The value is the preference parameter that allows the user to specify priority of one backup...

Page 29: ...ent Unit The tounit is the switch identifier on the new Primary Management Unit Upon execution the entire stack including all interfaces in the stack is unconfigured and reconfigured with the configur...

Page 30: ...ill be deleted and the slot will be re configured with default information for the card no slot This command removes configured information from an existing slot in the system set slot disable This co...

Page 31: ...e mode removes the configuration from the contents of the slot If the slot is empty this administrative mode removes the configuration from any module inserted into the slot If a card is disabled all...

Page 32: ...d Stack This command resets the entire stack or the identified unit The unit is the switch identifier The system prompts you to confirm that you want to reset the switch show slot This command display...

Page 33: ...dentifier of the card inserted in the slot Model Identifier is a 32 character field used to identify a card This field is displayed only if the slot is full Inserted Card Description The card descript...

Page 34: ...n Model Identifier The model identifier of the switch in the stack Model Identifier is a 32 character field assigned by the device manufacturer to identify the device Switch Status The switch status P...

Page 35: ...ta is from pre configuration then the code version is None Detected Code in Flash The version of code that is currently stored in FLASH memory on the switch This code executes after the switch is rese...

Page 36: ...rnet mode This command is not supported on the FSM7226RS or FSM7250RS show stack port This command displays summary stack port information for all interfaces Model Identifier The model identifier for...

Page 37: ...d Speed Gbps of the stack port link Format show stack port counters Mode Privileged EXEC Term Definition Unit The unit number Interface The slot and port numbers Tx Data Rate Trashing data rate in meg...

Page 38: ...lication Engineers FAEs and developers An FAE will advise on the necessity to run this command and capture this information Format show stack port diag Mode Privileged EXEC Term Definition Unit The un...

Page 39: ...3 50 Protected Ports Commands on page 3 51 Private Group Commands on page 3 53 GVRP Commands on page 3 58 GMRP Commands on page 3 60 Port Based Network Access Control Commands on page 3 63 Storm Contr...

Page 40: ...f an interface port interface range This command gives you access to a range of port interfaces allowing the same port configuration to be applied to a set of ports Warning The commands in this chapte...

Page 41: ...access to the LAG link aggregation or port channel virtual interface which allows certain port configurations to be applied to the LAG interface Type a question mark after entering the interface confi...

Page 42: ...ts no auto negotiate all This command disables automatic negotiation on all ports description Use this command to create an alpha numeric description of the port Note Automatic sensing is disabled whe...

Page 43: ...ets and a valid integer between 1518 9216 for untagged packets no mtu This command sets the default MTU size in bytes for the interface shutdown This command disables a port Note To receive and proces...

Page 44: ...d disables all ports no shutdown all This command enables all ports Format shutdown Mode Interface Config Format no shutdown Mode Interface Config Note You can use the shutdown all command on physical...

Page 45: ...ays port information Format speed 100 10 half duplex full duplex Mode Interface Config Acceptable Values Definition 100h 100BASE T half duplex 100f 100BASE T full duplex 10h 10BASE T half duplex 10f 1...

Page 46: ...Mode The desired port speed and duplex mode If auto negotiation support is selected then the duplex mode and speed is set from the auto negotiation process Note that the maximum capability of the por...

Page 47: ...er separated by forward slashes Description Shows the port description configured via the description command Format show port status unit slot port all Mode Privileged EXEC Term Definition Interface...

Page 48: ...enabled no spanning tree This command sets the spanning tree operational mode to disabled While disabled the spanning tree configuration is retained and can be changed but is not activated spanning tr...

Page 49: ...d on the interface spanning tree bpduguard Use this command to enable BPDU Guard on the switch no spanning tree bpduguard Use this command to disable BPDU Guard on the switch Default enabled Format no...

Page 50: ...hange the system configuration or have a no version spanning tree configuration name This command sets the Configuration Identifier Name for use in identifying the configuration that this switch is cu...

Page 51: ...entifying the configuration that this switch is currently using to the default value spanning tree edgeport This command specifies that this port is an Edge Port within the common and internal spannin...

Page 52: ...s RST BPDUs rather than MST BPDUs IEEE 802 1w functionality supported no spanning tree forceversion This command sets the Force Protocol Version parameter to the default value spanning tree forward ti...

Page 53: ...ltiple spanning tree protocol no spanning tree guard This command disables loop guard or root guard on the interface spanning tree max age This command sets the Bridge Max Age parameter to a new value...

Page 54: ...n and internal spanning tree to the default value spanning tree mst This command sets the Path Cost or Port Priority for this port within the multiple spanning tree instance or in the common and inter...

Page 55: ...r Port Priority for this port within the multiple spanning tree instance or in the common and internal spanning tree to the respective default values If you specify an mstid parameter that corresponds...

Page 56: ...ted to the deleted instance to the common and internal spanning tree The parameter mstid is a number that corresponds to the desired existing multiple spanning tree instance to be removed spanning tre...

Page 57: ...f 0 defined as the default CIST ID is passed as the mstid this command sets the Bridge Priority parameter for the common and internal spanning tree to the default value spanning tree mst vlan This com...

Page 58: ...d sets the Administrative Switch Port State for this port to enabled no spanning tree port mode This command sets the Administrative Switch Port State for this port to disabled spanning tree port mode...

Page 59: ...ee edgeport all This command disables Edge Port mode for all ports within the common and internal spanning tree spanning tree bpduforwarding Normally a switch will not forward Spanning Tree Protocol S...

Page 60: ...es between 0 and 61440 It is displayed in multiples of 4096 Bridge Identifier The bridge identifier for the CST It is made up using the bridge priority and the base MAC address of the bridge Time Sinc...

Page 61: ...MAC address of the bridge Regional Root Path Cost Path Cost to the CST Regional Root Associated FIDs List of forwarding database identifiers currently associated with this instance Associated VLANs Li...

Page 62: ...ge notifications and topology changes to other ports BPDU Filter Mode Enabled or disabled BPDU Flood Mode Enabled or disabled Auto Edge To enable or disable the feature that causes a port that has not...

Page 63: ...Current spanning tree state of this port Port Role Each enabled MST Bridge Port receives a Port Role for each spanning tree The port role is one of the following values Root Port Designated Port Alter...

Page 64: ...n the CST PortForwarding State The forwarding state of the port within the CST Port Role The role of the specified interface within the CST Auto Calculate Port Path Cost Indicates whether auto calcula...

Page 65: ...Port Status The derived value of the edge port status True if operating as an edge port false otherwise Point To Point MAC Status Derived value indicating if this port is part of a point to point link...

Page 66: ...enabled or disabled on the port Type Currently not used STP State The forwarding state of the port in the specified spanning tree instance Port Role The role of the specified port within the spanning...

Page 67: ...Tree Version Version of 802 1 currently supported IEEE 802 1s IEEE 802 1w or IEEE 802 1d based upon the Force Protocol Version parameter BPDU Guard Mode Enabled or disabled BPDU Filter Mode Enabled o...

Page 68: ...mt_vlan This command configures the Management VLAN ID no network mgmt_vlan This command sets the Management VLAN ID to the default Term Definition VLAN Identifier The VLANs associated with the select...

Page 69: ...an list contains VlanId s in range 1 4093 Separate non consecutive IDs with and no spaces and no zeros in between the range Use for range vlan acceptframe This command sets the frame acceptance mode p...

Page 70: ...This command disables ingress filtering If ingress filtering is disabled frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to po...

Page 71: ...face is a valid interface number Participation options are Default VLAN ID 1 default other VLANS blank string Format vlan name 1 4093 name Mode VLAN Config Format no vlan name 1 4093 Mode VLAN Config...

Page 72: ...Global Config Participation Options Definition include The interface is always a member of this VLAN This is equivalent to registration fixed exclude The interface is never a member of this VLAN This...

Page 73: ...g is disabled frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN no vlan port ingressfilte...

Page 74: ...ll This command configures the tagging behavior for all interfaces in a VLAN to disabled If tagging is disabled traffic is transmitted as untagged frames The ID is a valid VLAN identification number v...

Page 75: ...l are ip arp and ipx no vlan protocol group add protocol This command removes the protocol from this protocol based VLAN group that is identified by this groupid The possible values for protocol are i...

Page 76: ...each interface and protocol combination with one group If adding an interface to a group causes any conflicts with protocols currently associated with the group this command fails and the interface s...

Page 77: ...ith protocols currently associated with the group this command will fail and the interface s will not be added to the group no protocol vlan group all This command removes all interfaces from this pro...

Page 78: ...configures the tagging behavior for a specific interface in a VLAN to disabled If tagging is disabled traffic is transmitted as untagged frames The vlan list contains VlanId s in range 1 4093 Separat...

Page 79: ...n number Format vlan association mac macaddr 1 4093 Mode VLAN database Format no vlan association mac macaddr Mode VLAN database Format show vlan Mode Privileged EXEC User EXEC Term Definition VLAN ID...

Page 80: ...of this VLAN This is equivalent to registration fixed in the IEEE 802 1Q standard Exclude This port is never a member of this VLAN This is equivalent to registration forbidden in the IEEE 802 1Q stan...

Page 81: ...selectors on the top line Port VLAN ID The VLAN ID that this port will assign to untagged frames or priority tagged frames received on this port The value must be for an existing VLAN The factory defa...

Page 82: ...e enabled or disabled Default Priority The 802 1p priority assigned to tagged packets arriving on the port Format show vlan association subnet ipaddr netmask Mode Privileged EXEC Term Definition IP Su...

Page 83: ...2 1Q domain dvlan tunnel ethertype This command configures the ether type for all interfaces The ether type may have the values of 802 1Q vMAN or custom If the ether type has a value of custom the opt...

Page 84: ...s to display detailed information about Double VLAN Tunneling for the specified interface or all interfaces Note When you use the mode dvlan tunnel command on an interface it becomes a service provide...

Page 85: ...LAN tunnel There are three different EtherType tags The first is 802 1Q which represents the commonly used value of 0x8100 The second is vMAN which represents the commonly used value of 0x88A8 If Ethe...

Page 86: ...e data flow voice vlan Global Config Use this command to enable the Voice VLAN capability on the switch no voice vlan Global Config Use this command to disable the Voice VLAN capability on the switch...

Page 87: ...interface parameter is not specified only the global mode of the Voice VLAN is displayed When the interface is specified none Allow the IP phone to use its own configuration to send untagged voice tra...

Page 88: ...ng vlan priority This command configures the default 802 1p port priority assigned for untagged packets for a specific interface The range for the priority is 0 7 Term Definition Voice VLAN Interface...

Page 89: ...the interface remains unchanged Once the interface is no longer a member of a LAG the current configuration for that interface automatically becomes effective switchport protected Global Config Use t...

Page 90: ...the set of protected ports to which this interface is assigned show switchport protected This command displays the status of all the interfaces including protected and unprotected interfaces Note Por...

Page 91: ...from a port in private group can be forwarded to other ports either in the same private group or anyone in the same VLAN that are not in a private group Name An optional name of the protected port gro...

Page 92: ...total number of private groups is 192 such that the valid range for the ID is 1 192 The private group id field is optional If not specified a group id not used will be assigned automatically The mode...

Page 93: ...ulticast Registration Protocol GMRP GARP is a protocol that allows client stations to register with the switch for membership in VLANS by using GVMP or multicast groups by using GVMP Format private gr...

Page 94: ...o the default and only has an effect when GVRP is enabled set garp timer leave This command sets the GVRP leave time for one port Interface Config mode or all ports Global Config mode and only has an...

Page 95: ...per port and per GARP participation The time may range from 200 to 6000 centiseconds The value 1000 centiseconds is 10 seconds You can use this command on all ports Global Config mode or a single port...

Page 96: ...n on trunk ports and automatic VLAN pruning set gvrp adminmode This command enables GVRP on the system no set gvrp adminmode This command disables GVRP Format show garp Mode Privileged EXEC User EXEC...

Page 97: ...isabled Join Time Leave Time and Leave All Time have no effect show gvrp configuration This command displays Generic Attributes Registration Protocol GARP information for one or all interfaces Format...

Page 98: ...econd 0 01 seconds Leave Timer The period of time to wait after receiving an unregister request for an attribute before deleting the attribute Current attributes are a VLAN or multicast group This may...

Page 99: ...subsequently re enabled if routing is disabled and port channel LAG membership is removed from an interface that has GARP enabled no set gmrp interfacemode This command disables GARP Multicast Registr...

Page 100: ...ceiving an unregister request for an attribute before deleting the attribute Current attributes are a VLAN or multicast group This may be considered a buffer time for another station to assert registr...

Page 101: ...r radius statistics This command is used to clear all RADIUS statistics Format show mac address table gmrp Mode Privileged EXEC Term Definition Mac Address A unicast MAC address for which the switch h...

Page 102: ...mand disables Guest VLAN on the interface dot1x initialize This command begins the initialization sequence on the specified port This command is only valid if the control mode for the specified port i...

Page 103: ...nsmit an EAPOL EAP Request Identity frame before timing out the supplicant dot1x max users Use this command to set the maximum number of clients supported on the port when MAC based dot1x authenticati...

Page 104: ...the 802 1x port control mode on the specified port to the default value dot1x port control all This command sets the authentication mode to use on all ports Select force unauthorized to specify that t...

Page 105: ...ified port is auto or mac based If the control mode is not auto or mac based an error will be returned dot1x re authentication This command enables re authentication of the supplicant for the specifie...

Page 106: ...efinition guest vlan period The time in seconds for which the authenticator waits to see if any EAPOL packets are received on a port before authorizing the port and placing the port in the guest vlan...

Page 107: ...and not operational supp timeout The value in seconds of the timer used by the authenticator state machine on this port to timeout the supplicant The supp timeout must be a value in the range 1 65535...

Page 108: ...list of users with access to the specified port or all ports The user parameter must be a configured user no dot1x user This command removes the user from the list of users with access to the specifie...

Page 109: ..._Default Console_Default Telnet Network_Default Network_Default SSH Network_Default Network_Default http Local https Local dot1x show dot1x This command is used to show a summary of the global dot1x c...

Page 110: ...he control mode under which this port is operating Possible values are authorized unauthorized Reauthenticatio n Enabled Indicates whether re authentication is enabled on this port Port Status Indicat...

Page 111: ...out The timer used by the authenticator on this port to timeout the authentication server The value is expressed in seconds and will be in the range of 1 and 65535 Maximum Requests The maximum number...

Page 112: ...is valid The time period in seconds is returned by the RADIUS server on authentication of the port This value is valid for the port only when the port control mode is not MAC based Session Terminatio...

Page 113: ...cently received EAPOL frame Last EAPOL Frame Source The source MAC address carried in the most recently received EAPOL frame EAP Response Id Frames Received The number of EAP response identity frames...

Page 114: ...LAN Assigned The reason the VLAN identified in the VLAN ID field has been assigned to the port Possible values are RADIUS Unauthenticated VLAN or Default When the VLAN Assigned reason is Default it me...

Page 115: ...a per port per type basis Configuring a storm control level also enables that form of storm control Disabling a storm control level using the no version of the command sets the storm control level ba...

Page 116: ...active and if the rate of L2 broadcast traffic ingressing on an interface increases beyond the configured threshold the traffic is dropped Therefore the rate of broadcast traffic is limited to the con...

Page 117: ...ecovery threshold to the default value for an interface and disables broadcast storm recovery storm control broadcast Global This command enables broadcast storm recovery mode for all interfaces If th...

Page 118: ...recovery mode for all interfaces no storm control broadcast level This command sets the broadcast storm recovery threshold to the default value for all interfaces and disables broadcast storm recovery...

Page 119: ...storm recovery is active and if the rate of L2 multicast traffic ingressing on an interface increases beyond the configured threshold the traffic will be dropped Therefore the rate of multicast traff...

Page 120: ...default value for an interface and disables multicast storm recovery storm control multicast rate Use this command to configure the multicast storm recovery threshold for an interface in packets per s...

Page 121: ...very mode for all interfaces storm control multicast level Global This command configures the multicast storm recovery threshold for all interfaces as a percentage of link speed and enables multicast...

Page 122: ...of multicast traffic is limited to the configured threshold no storm control broadcast rate This command sets the broadcast storm recovery threshold to the default value for all interfaces and disabl...

Page 123: ...re traffic ingressing on an interface increases beyond the configured threshold the traffic will be dropped Therefore the rate of unknown unicast traffic will be limited to the configured threshold Th...

Page 124: ...d to the default value for an interface and disables unicast storm recovery storm control unicast Global This command enables unicast storm recovery mode for all interfaces If the mode is enabled unic...

Page 125: ...ntrol unicast level This command sets the unicast storm recovery threshold to the default value and disables unicast storm recovery for all interfaces storm control unicast rate Global Use this comman...

Page 126: ...plex mode ports no storm control flowcontrol This command disables 802 3x flow control for the switch Format no storm control unicast rate Mode Global Config Note 802 3x flow control works by pausing...

Page 127: ...ay the per port configuration parameters for all interfaces or specify the unit slot port to display information about a specific interface Port Channel LAG 802 3ad Commands This section describes the...

Page 128: ...o aggregate its member ports port channel This command configures a new port channel LAG and generates a logical unit slot port number for the port channel The name field is a character string which a...

Page 129: ...D of a configured port channel deleteport Global Config This command deletes all configured ports from the port channel LAG The interface is a logical unit slot port number of a configured port channe...

Page 130: ...ult administrative value of the key for the port channel lacp collector max delay Use this command to configure the port channel collector max delay The valid range of delay is 0 65535 Default 0x8000...

Page 131: ...key Use this command to configure the administrative value of the LACP actor admin key The valid range for key is 0 65535 no lacp actor admin key Use this command to configure the default administrat...

Page 132: ...et the LACP actor admin state to aggregation lacp actor admin state longtimeout Use this command to set LACP actor admin state to longtimeout Format lacp actor admin state individual Mode Interface Co...

Page 133: ...nd to set the LACP actor admin state to passive no lacp actor admin state passive Use this command to set the LACP actor admin state to active Format no lacp actor admin state longtimeout Mode Interfa...

Page 134: ...y value assigned to the Aggregation Port lacp actor system priority Use this command to configure the priority value associated with the LACP Actor s SystemID The range for priority is 0 to 65535 Defa...

Page 135: ...e for key is 0 to 65535 no lacp partner admin key Use this command to configure the administrative value of the Key for the protocol partner lacp partner admin state individual Use this command to set...

Page 136: ...gtimeout no lacp partner admin state longtimeout Use this command to set the LACP partner admin state to short timeout Note This command is only applicable to physical interfaces Format no lacp partne...

Page 137: ...P partner admin state to active lacp partner port id Use this command to configure the LACP partner port id The valid range for port id is 0 to 65535 Format lacp partner admin state passive Mode Inter...

Page 138: ...d to configure the LACP partner port priority The valid range for priority is 0 to 255 no lacp partner port priority Use this command to configure the default LACP partner port priority Format no lacp...

Page 139: ...to configure the default value representing the administrative value of the Aggregation Port s protocol Partner s System ID lacp partner system priority Use this command to configure the administrativ...

Page 140: ...imum number of allowable dynamic port channels are already present in the system the static mode for a new port channel enabled which means the port channel is static You can only use this command on...

Page 141: ...Control Protocol LACP on a port port lacpmode enable all This command enables Link Aggregation Control Protocol LACP on all ports no port lacpmode enable all This command disables Link Aggregation Co...

Page 142: ...partner port lacptimeout Global Config This command sets the timeout for all interfaces of a particular device type actor or partner to either long or short timeout no port lacptimeout This command se...

Page 143: ...hannel LAG The interface is a logical unit slot port for a configured port channel The option all enables link trap notifications for all the configured port channels no port channel linktrap This com...

Page 144: ...ype and port 6 Source Destination IP and source destination TCP UDP port no hashing mode This command sets the hashing algorithm on Trunk ports to default 3 The command is available in the interface c...

Page 145: ...packet 3 Source Destination MAC VLAN EtherType and incoming port associated with the packet 4 Source IP and Source TCP UDP fields of the packet 5 Destination IP and Destination TCP UDP Port fields of...

Page 146: ...priority is 0 65535 no port channel system priority Use this command to configure the default port channel system priority value show lacp actor Use this command to display LACP actor attributes The...

Page 147: ...the actor state as transmitted by the Actor in LACPDUs Format show lacp partner unit slot port all Mode Privileged EXEC Parameter Description System Priority The administrative value of priority asso...

Page 148: ...the link is up or down Trap Flag Shows whether trap flags are enabled or disabled Type Shows whether the port channel is statically or dynamically maintained Mbr Ports The members of this port channel...

Page 149: ...y be enabled or disabled The factory default is enabled Type The status designating whether a particular port channel LAG is statically or dynamically maintained Static The port channel is statically...

Page 150: ...to enabled the administrative mode of the session If enabled the probe port monitors all the traffic received and transmitted on the physical monitored port no monitor session Use this command withou...

Page 151: ...source interface unit slot port destination interface unit slot port mode Mode Global Config Note This is a stand alone no command This command does not have a normal form Default enabled Format no m...

Page 152: ...red For unicast MAC address filters and multicast MAC address filters with source port lists the maximum number of static MAC filters supported is 20 For multicast MAC address filters with destination...

Page 153: ...5 b6 The vlanid parameter must identify a valid VLAN macfilter adddest Use this command to add the interface to the destination filter set for the MAC filter with the given macaddr and VLAN of vlanid...

Page 154: ...lanid The macaddr parameter must be specified as a 6 byte hexadecimal number in the format of b1 b2 b3 b4 b5 b6 The vlanid parameter must identify a valid VLAN no macfilter adddest all This command re...

Page 155: ...the format of b1 b2 b3 b4 b5 b6 The vlanid parameter must identify a valid VLAN macfilter addsrc all This command adds all interfaces to the source filter set for the MAC filter with the MAC address o...

Page 156: ...ter information only for that MAC address and VLAN show mac address table staticfiltering This command displays the Static Filtering entries in the Multicast Forwarding Database MFDB table Format no m...

Page 157: ...forwarding and or filtering information As the data is gleaned from the MFDB the address will be a multicast address The format is 6 or 8 two digit hexadecimal numbers that are separated by colons fo...

Page 158: ...erify mac address Use this command to disable verification of the source MAC address with the client hardware address ip dhcp snooping database Use this command to configure the persistent location of...

Page 159: ...the default value ip dhcp snooping binding Use this command to configure static DHCP Snooping binding no ip dhcp snooping binding mac address Use this command to remove the DHCP static entry from the...

Page 160: ...30 pps The default burst level is 1 second with a range of 1 to 15 seconds no ip dhcp snooping limit Use this command to set the rate at which the DHCP Snooping messages come and the burst level to th...

Page 161: ...able the logging DHCP messages filtration by the DHCP Snooping application ip dhcp snooping trust Use this command to configure the port as trusted no ip dhcp snooping trust Use this command to config...

Page 162: ...a traffic will be filtered based on the IP and MAC addresses no ip verify source Use this command to disable the IPSG configuration in the hardware You cannot disable port security alone if it is conf...

Page 163: ...y the DHCP Snooping binding entries To restrict the output use the following options Dynamic Restrict the output based on DCHP snooping Interface Restrict the output based on a specific interface Stat...

Page 164: ...ng shows example CLI display output for the command switch show ip dhcp snooping database Term Definition MAC Address Displays the MAC address for the binding that was added The MAC address is the key...

Page 165: ...0 0 0 1 0 4 0 0 0 1 0 5 0 0 0 1 0 6 0 0 0 1 0 7 0 0 0 1 0 8 0 0 0 1 0 9 0 0 0 1 0 10 0 0 0 1 0 11 0 0 0 1 0 12 0 0 0 1 0 13 0 0 0 Format show ip dhcp snooping statistics Mode Privileged EXEC User EXE...

Page 166: ...r on a specific interface clear ip dhcp snooping statistics Use this command to clear all DHCP Snooping statistics show ip verify source Use this command to display the IPSG configurations on all port...

Page 167: ...filtering on this interface IP Address IP address of the interface MAC Address If MAC address filtering is not configured on the interface the MAC Address field is empty If port security is disabled...

Page 168: ...ng the ARP caches of its unsuspecting neighbors The miscreant sends ARP requests or responses mapping another station s IP address to its own MAC address DAI relies on DHCP snooping DHCP snooping list...

Page 169: ...validation only the src mac and dst mac validations are disabled as a result of the second command no ip arp inspection validate Use this command to disable the additional validation checks on the rec...

Page 170: ...ace as untrusted for Dynamic ARP Inspection ip arp inspection limit Use this command to configure the rate limit and burst interval values for an interface Configuring none for the limit means the int...

Page 171: ...hat do not match a permit statement are dropped without consulting the DHCP snooping bindings no ip arp inspection filter Use this command to unconfigure the ARP ACL used to filter invalid ARP packets...

Page 172: ...to configure a rule for a valid IP address and MAC address combination used in ARP packet validation no permit ip host mac host Use this command to delete a rule for a valid IP and MAC combination For...

Page 173: ...led Destination Mac Validation Disabled IP Address Validation Disabled Vlan Configuration Log Invalid ACL Name Static flag 10 Enabled Enabled H2 Enabled 11 Disabled Enabled 12 Enabled Disabled Format...

Page 174: ...output for the command show ip arp inspection statistics vlan vlan list VLAN DHCP ACL DHCP ACL Bad Src Bad Dest Invalid Drops Drops Permits Permits MAC MAC IP Format show ip arp inspection statistics...

Page 175: ...interface argument the command displays the values for that interface whether the interface is enabled for DAI or not Example The following shows example CLI display output for the command Switch sho...

Page 176: ...ost 2 1 1 2 mac host 00 03 04 05 06 08 IGMP Snooping Configuration Commands This section describes the commands you use to configure IGMP snooping The software supports IGMP Versions 1 2 and 3 The IGM...

Page 177: ...abled The IGMP application supports the following activities Validation of the IP header checksum as well as the IGMP header checksum and discarding of the frame upon checksum error Maintenance of the...

Page 178: ...on a selected interface or VLAN Enabling fast leave allows the switch to immediately remove the layer 2 LAN interface from its forwarding table entry upon receiving an IGMP leave message for that mul...

Page 179: ...fore deleting the interface from the entry This value must be greater than the IGMPv3 Maximum Response time value The range is 2 to 3600 seconds no set igmp groupmembership interval This command sets...

Page 180: ...se time on the interface or VLAN to the default value set igmp mcrtrexpiretime This command sets the Multicast Router Present Expiration time The time is set for the system on a particular interface o...

Page 181: ...Id that has the multicast router mode enabled no set igmp mrouter This command disables multicast router mode for a particular VLAN ID vlan_id Format set igmp mcrtrexpiretime 0 3600 Mode Global Config...

Page 182: ...d enables the filtering of unknown multicast packets to the VLAN Packets with an unknown mulicast address in the destination field will be dropped This command is mainly used when IGMP snooping is ena...

Page 183: ...s on which IGMP Snooping is enabled VLANS Enabled for IGMP Snooping The list of VLANS on which IGMP Snooping is enabled Term Definition IGMP Snooping Admin Mode Indicates whether IGMP Snooping is acti...

Page 184: ...s participating in the VLAN before deleting the interface from the entry This value may be configured Maximum Response Time The amount of time the switch waits after it sends a query on an interface p...

Page 185: ...s located Format show igmpsnooping mrouter vlan unit slot port Mode Privileged EXEC Term Definition Interface The port on which multicast router information is being displayed VLAN ID The list of VLAN...

Page 186: ...nabled and IGMP Snooping is operationally disabled on it IGMP Snooping Querier functionality is disabled on that VLAN IGMP Snooping functionality is re enabled if IGMP Snooping is operational on the V...

Page 187: ...er timer expiry Use this command to set the IGMP Querier timer expiration period It is the time period that the switch remains in Non Querier mode once it has discovered that there is a Multicast Quer...

Page 188: ...is enabled if the Snooping Querier finds that the other Querier s source address is better less than the Snooping Querier s address it stops sending periodic queries If the Snooping Querier wins the e...

Page 189: ...out The amount of time to wait in the Non Querier operational state before moving to a Querier state Field Description VLAN Admin Mode Indicates whether iGMP Snooping Querier is active on the VLAN VLA...

Page 190: ...P version of the most recent Querier from which a Query was received on this VLAN Default disabled Format set mld Mode Global Config Interface Config Format no set mld vlanid Mode VLAN Mode Default di...

Page 191: ...ith a matching source MAC address are forwarded normally and all other packets are discarded Format no set mld maxresponse Mode Global Config Interface Config Default 0 Format set mld mcrtexpiretime 0...

Page 192: ...max dynamic This command sets the maximum number of dynamically locked MAC addresses allowed on a specific port no port security max dynamic This command resets the maximum number of dynamically lock...

Page 193: ...lt value port security mac address This command adds a MAC address to the list of statically locked MAC addresses The vid is the VLAN ID no port security mac address This command removes a MAC address...

Page 194: ...erface you specify the following information appears show port security dynamic This command displays the dynamically locked MAC addresses for the port Format port security mac address move Mode Inter...

Page 195: ...covery Protocol LLDP which is defined in the IEEE 802 1AB specification LLDP allows stations on an 802 LAN to advertise major capabilities and physical descriptions The advertisements allow a network...

Page 196: ...eive Use this command to return the reception of LLDPDUs to the default value lldp timers Use this command to set the timing parameters for local data transmission on ports enabled for LLDP The interv...

Page 197: ...n the 802 1AB basic management set are transmitted in the LLDPDUs Use sys name to transmit the system name TLV To configure the system name see snmp server on page 8 41 Use sys descto transmit the sys...

Page 198: ...tion in the LLDPDUs no lldp transmit mgmt Use this command to include transmission of the local system management address information in the LLDPDUs Use this command to cancel inclusion of the managem...

Page 199: ...s to wait between sending notifications The valid interval range is 5 3600 seconds no lldp notification interval Use this command to return the notification interval to the default value clear lldp st...

Page 200: ...nterfaces Format clear lldp remote data Mode Global Config Format show lldp Mode Privileged Exec Term Definition Transmit Interval How frequently the system transmits local data LLDPDUs in seconds Tra...

Page 201: ...system management address information in the LLDPDUs Format show lldp statistics unit slot port all Mode Privileged Exec Term Definition Last Update The amount of time since the last update to the rem...

Page 202: ...discarded TLV Unknowns Total number of LLDP TLVs received on the port where the type value is in the reserved range and not recognized TLV MED Total number of LLDP MED TLVs received on the local ports...

Page 203: ...3 90 01 0F 00 FC E3 90 04 11 0 8 0 9 0 10 0 11 0 12 More or q uit show lldp remote device detail Use this command to display detailed information about remote devices that transmit current LLDP data t...

Page 204: ...he remote device System Description Describes the remote system by identifying the system name and versions of hardware operating system and networking software supported in the device Port Descriptio...

Page 205: ...interface Port Description The port description associated with the interface Format show lldp local device detail unit slot port Mode Privileged EXEC Term Definition Interface The interface that sen...

Page 206: ...Ethernet PoE management and inventory management lldp med Use this command to enable MED By enabling MED you will be effectively enabling the transmit and receive function of LLDP no lldp med Use thi...

Page 207: ...Discovery Protocol Data Units LLDPDUs Default enabled Format lldp med confignotification Mode Interface Config Format no lldp med confignotification Mode Interface Config Default By default the capabi...

Page 208: ...all Use this command to configure all the ports to send the topology change notification no lldp med confignotification all Use this command to disable all the ports to send the topology change notif...

Page 209: ...the LLDP MED set will be transmitted in the Link Layer Discovery Protocol Data Units LLDPDUs Default 3 Format lldp med faststartrepeatcount count Mode Global Config Format no lldp med faststartrepeat...

Page 210: ...p med transmit tlv all capabilities network policy ex pse ex pd location inventory Mode Global Config Format show lldp med Mode Privileged Exec Term Definition Fast Start Repeat Count The number of LL...

Page 211: ...1 0 7 Down Disabled Disabled Disabled 0 1 1 0 8 Down Disabled Disabled Disabled 0 1 1 0 9 Down Disabled Disabled Disabled 0 1 1 0 10 Down Disabled Disabled Disabled 0 1 1 0 11 Down Disabled Disabled D...

Page 212: ...Privileged EXEC Term Definition Media Application Type Shows the application type Types are unknown voice voicesignaling guestvoice guestvoicesignaling sfotphonevoice videoconferencing streamingvideo...

Page 213: ...voice Vlan ID 10 Priority 5 DSCP 1 Unknown False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firm...

Page 214: ...y Local Interface Remote ID Device Class 1 0 8 1 Class I 1 0 9 2 Not Defined 1 0 10 3 Class II 1 0 11 4 Class III 1 0 12 5 Network Con Format show lldp med remote device unit slot port all Mode Privil...

Page 215: ...ype Shows the application type Types of applications are unknown voice voicesignaling guestvoice guestvoicesignaling sfotphonevoice videoconferencing streamingvideo videosignaling VLAN Id Shows the VL...

Page 216: ...P 1 Unknown False Tagged True Media Policy Application Type streamingvideo Vlan ID 20 Priority 1 DSCP 2 Unknown False Tagged True Inventory Hardware Rev xxx xxx xxx Firmware Rev xxx xxx xxx Sub Type S...

Page 217: ...es the commands you use to configure Denial of Service DoS Control The software provides support for classifying and blocking specific types of Denial of Service attacks You can configure your system...

Page 218: ...ress SIP DIP Denial of Service protection If the mode is enabled Denial of Service prevention is active for this type of attack If packets ingress with SIP DIP the packets will be dropped if the mode...

Page 219: ...lue to 20 no dos control firstfrag This command sets Minimum TCP Header Size Denial of Service protection to the default value of disabled dos control tcpfrag This command enables TCP Fragment Denial...

Page 220: ...ntrol tcpflag This command sets disables TCP Flag Denial of Service protections dos control l4port This command enables L4 Port Denial of Service protections If the mode is enabled Denial of Service p...

Page 221: ...mode is enabled no dos control icmp This command disables Maximum ICMP Packet Size Denial of Service protections dos control smacdmac This command enables Source MAC address Destination MAC address SM...

Page 222: ...nabled This command is only available on FSM72xxRS switches no dos control tcpport This command disables TCP L4 source destination port number Source TCP Port Destination TCP Port Denial of Service pr...

Page 223: ...g SYN set and a source port less than 1024 or having TCP Control Flags set to 0 and TCP Sequence Number set to 0 or having TCP Flags FIN URG and PSH set and TCP Sequence Number set to 0 or having TCP...

Page 224: ...ly available on FSM72xxRS switches dos control tcpsyn This command enables TCP SYN and L4 source 0 1023 Denial of Service protection If the mode is enabled Denial of Service prevention is active for t...

Page 225: ...sables TCP SYN FIN Denial of Service protection This command is only available on FSM72xxRS switches dos control tcpfinurgpsh This command enables TCP FIN and URG and PSH and SEQ 0 checking Denial of...

Page 226: ...of Service prevention is active for this type of attack If ICMPv4 Echo Request PING packets ingress having a size greater than the configured value the packets will be dropped if the mode is enabled T...

Page 227: ...et Size Denial of Service protections This command is only available on FSM72xxRS switches dos control icmpfrag This command enables ICMP Fragment Denial of Service protection If the mode is enabled D...

Page 228: ...de May be enabled or disabled The factory default is disabled Max ICMPv4 Pkt Size The range is 0 1023 The factory default is 512 Max ICMPv6 Pkt Size The range is 0 16384 The factory default is 512 ICM...

Page 229: ...ing database address aging timeout to the default value TCP FIN URG PSH Mode May be enabled or disabled The factory default is disabled TCP Flag Sequence Mode May be enabled or disabled The factory de...

Page 230: ...ticast MAC address for which the switch has forwarding and or filtering information The format is two digit hexadecimal numbers separated by colons for example 01 23 45 67 89 AB In an IVL system the M...

Page 231: ...o isdp run This command disables ISDP on the switch Format show mac address table stats Mode Privileged EXEC Term Definition Max MFDB Table Entries The total number of entries that can possibly be in...

Page 232: ...econds isdp timer This command sets the period of time between sending new ISDP packets The range is given in seconds isdp advertise v2 This command enables the sending of ISDP version 2 packets from...

Page 233: ...terface clear isdp counters This command clears ISDP counters clear isdp table This command clears entries in the ISDP table show isdp This command displays global ISDP settings Default Enabled Format...

Page 234: ...e ID format capability of the device serialNumber indicates that the device uses a serial number as the format for its Device ID macAddress indicates that the device uses a Layer 2 MAC address as the...

Page 235: ...ghbor s advertisement was received Port ID The port ID of the interface from which the neighbor sent the advertisement Hold Time The hold time advertised by the neighbor Version The software version t...

Page 236: ...D of the interface from which the neighbor sent the advertisement Hold Time The hold time advertised by the neighbor Advertisement Version The version of the advertisement packet received from the nei...

Page 237: ...l number of ISDPv2 packets transmitted ISDP Bad Header Number of packets received with a bad header ISDP Checksum Error Number of packets received with a checksum error ISDP Transmission Failure Numbe...

Page 238: ...P and to view ARP information on the switch ARP associates IP addresses with MAC addresses and stores the information as ARP entries in the ARP cache arp This command creates an ARP entry The value fo...

Page 239: ...d enables proxy ARP on a router interface Without proxy ARP a device only responds to an ARP request if the target IP address is an address configured on the interface where the ARP request arrived Wi...

Page 240: ...e This command configures the default ARP cache size arp dynamicrenew This command enables the ARP component to automatically renew dynamic ARP entries when they age out no arp dynamicrenew This comma...

Page 241: ...P ARP entry response timeout time in seconds The range for seconds is between 1 10 seconds no arp resptime This command configures the default ARP request response timeout arp retries This command con...

Page 242: ...ry ageout time in seconds The range for seconds is between 15 21600 seconds no arp timeout This command configures the default ARP entry ageout time clear arp cache This command causes all ARP entries...

Page 243: ...ode Privileged EXEC Format show arp Mode Privileged EXEC Term Definition Age Time seconds The time it takes for an ARP entry to age out This is configurable Age time is measured in seconds Response Ti...

Page 244: ...inition Age Time seconds The time it takes for an ARP entry to age out This value is configurable Age time is measured in seconds Response Time seconds The time it takes for an ARP request timeout Thi...

Page 245: ...routing This command disables routing for an interface You can view the current value for this function with the show ip brief command The value is labeled as Routing Mode ip routing This command ena...

Page 246: ...d format where the range for a b c and d is 1 255 The value for subnetmask is a 4 digit dotted decimal number which represents the Subnet Mask of the interface To remove all of the IP addresses primar...

Page 247: ...e interface Confirm that the associated link is also up no ip route This command deletes a single next hop to a destination static route If you use the nexthopip parameter the next hop is deleted If y...

Page 248: ...l static route The default distance is used when no distance is specified in these commands Changing the default distance does not update the distance of existing static routes even if they were assig...

Page 249: ...OSPF packets may be fragmented by the IP stack The IP stack uses its default IP MTU and ignores the value set using the ip mtu command OSPF advertises the IP MTU in the Database Description packets it...

Page 250: ...e network show ip brief This command displays all the summary information of the IP including the ICMP rate limit configuration and the global ICMP Redirect configuration Format no ip mtu mtu Mode Int...

Page 251: ...uter to the final destination Routing Mode Shows whether the routing mode is enabled or disabled Maximum Next Hops The maximum number of next hops the packet can travel Maximum Routes The maximum numb...

Page 252: ...the specified interface The possible values of this field are enable or disable This value is configurable Forward Net Directed Broadcasts Displays whether forwarding of network directed broadcasts i...

Page 253: ...le The ip address specifies the network for which the route is to be displayed and displays the best matching best route for the address The mask specifies the subnet mask for the given ip address Whe...

Page 254: ...best connected routes Format show ip route ip address protocol ip address mask longer prefixes protocol protocol all all Modes Privileged EXEC User EXEC Term Definition Route Codes The key for the ro...

Page 255: ...PF External Type 1 E2 OSPF External Type 2 N1 OSPF NSSA External Type 1 N2 OSPF NSSA External Type 2 C 1 1 1 0 24 0 1 directly connected 0 11 C 2 2 2 0 24 0 1 directly connected 0 1 C 5 5 5 0 24 0 1 d...

Page 256: ...references are used in determining the best route Lower router preference values are preferred over higher router preference values A route with a preference of 255 cannot be used to forward traffic R...

Page 257: ...uting and to view VLAN routing status information vlan routing This command creates routing on a VLAN The vlanid value has a range from 1 to 4093 no vlan routing This command deletes routing on a VLAN...

Page 258: ...ay cidoptmode This command disables the circuit ID option mode for BootP DHCP Relay on the system Term Definition MAC Address used by Routing VLANs The MAC Address associated with the internal bridge...

Page 259: ...it time in seconds for BootP DHCP Relay on the system When the BOOTP relay agent receives a BOOTREQUEST message it MAY use the seconds since client began booting field of the request as a factor in de...

Page 260: ...different interfaces on the relay agent Format show bootpdhcprelay Modes Privileged EXEC User EXEC Term Definition Maximum Hop Count The maximum allowable relay agent hops Minimum Wait Time Seconds Th...

Page 261: ...s use the DHCP relay commands Ip address Destination broadcast or host address to be used when forwarding UDP broadcasts You can specify 0 0 0 0 to indicate not to forward the UDP packet to any host a...

Page 262: ...out an ip address argument removes the entire list of helper addresses on that interface ip helper address discard Use this command to drop matching packets no ip helper address discard Use this comma...

Page 263: ...scribes the commands you use to configure options for the transmission of various types of ICMP messages ip unreachables Use this command to enable the generation of ICMP Destination Unreachable messa...

Page 264: ...edirect messages is enabled no ip redirects Use this command to prevent the generation of ICMP Redirect messages by the router ip icmp echo reply Use this command to enable the generation of ICMP Echo...

Page 265: ...e token bucket is initialized with burst size tokens burst interval is from 0 to 2147483647 milliseconds msec The burst size is the number of ICMP error messages that can be sent during one burst inte...

Page 266: ...N access points and other Ethernet devices that use existing Cat5 cables Power over Ethernet when used in conjunction with an uninterrupted power supply UPS ensures continuous operation during power f...

Page 267: ...ume 3 5 to 10 watts Power is carried on two wire pairs to comply with safety standards and existing cable limitations Management may also be added to monitor and control the PSE This management functi...

Page 268: ...r interface This command is used to configure which types of PD s will be detected and powered by the switch 2ptdot3af IEEE 802 3af 2 Point Only 2ptdot3af legacy IEEE 802 3af 2 Point followed by Legac...

Page 269: ...s mode if the device can power up more than 12 95 Watts with higher current and it cannot identify itself as Class 4 device Note Only ports 1 8 support this high power pre dot3at Use this mode if the...

Page 270: ...mmand will set the power limit type to default It will also set the maximum power limit to default if the power limit type is user defined The default power limit type will be none The default user de...

Page 271: ...ic Power Management Available Power 300 Watts 15 Watts 285 Watts Dynamic Power Management Available Power 300 Watts 3 Watts 297 Watts no poe power management This command sets the power management mod...

Page 272: ...delivering ports poe reset auto This command is used to set the Autoreset mode When Autoreset mode is enabled the PoE port will be automatically reset if we detect an error on the port like Overload...

Page 273: ...draw more power than the switch can provide When usage threshold is set we bring down all the PD s and bring them back up If the consumed power is less than threshold power in the above case 270 Watts...

Page 274: ...mand will disable logging the PoE traps show poe This command gives global information regarding PoE status Switch show poe Unit 1 Firmware Version 3 9 PSE Main Operational Status ON Total Power 364 T...

Page 275: ...delivering power OFF This indicates that the PoE controller is not delivering power FAULTY This indicates that the PoE controller is not functioning properly Total Power This indicates the total amoun...

Page 276: ...vice according to the IEEE802 3af and IEEE802 3at definition Class Usage Max Power watts 0 Default 0 44 12 95 1 Optional 0 44 3 84 2 Optional 3 84 6 49 3 Optional 6 49 12 95 4 Optional 12 95 25 5 Powe...

Page 277: ...6 19 DiffServ Service Commands on page 6 25 DiffServ Show Commands on page 6 26 MAC Access Control List ACL Commands on page 6 32 IP Access Control List ACL Commands on page 6 37 IPv6 Access Control...

Page 278: ...ormation about 802 1p priority see Voice VLAN Commands on page 3 47 no classofservice dot1p mapping This command maps each 802 1p priority to its default internal traffic class value classofservice ip...

Page 279: ...untrusted If you configure an interface to use Dot1p the mode does not appear in the output of the show running config command because Dot1p is the default no classofservice trust This command sets th...

Page 280: ...must not exceed 100 no cos queue min bandwidth This command restores the default for each queue s minimum bandwidth value cos queue strict This command activates the strict priority scheduler mode for...

Page 281: ...asses for a specific interface The unit slot port parameter is optional and is only valid on platforms that support independent per port class of service mappings If specified the 802 1p mapping table...

Page 282: ...are displayed The following information is repeated for each user priority show classofservice ip dscp mapping This command displays the current IP DSCP mapping to internal traffic classes for the glo...

Page 283: ...nt global configuration settings are displayed Format show classofservice trust unit slot port Mode Privileged EXEC Term Definition Non IP Traffic Class The traffic class used for non IP traffic This...

Page 284: ...ltering criteria The attributes of a DiffServ policy define the way the switch processes packets You can define policy attributes on a per class instance basis The switch applies these attributes when...

Page 285: ...from an existing class definition is to delete the class and re create it diffserv This command sets the DiffServ operational mode to active While disabled the DiffServ configuration is retained and...

Page 286: ...out any match condition this command enters the class map mode The class map name is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying an existing DiffServ class The cl...

Page 287: ...fails class map rename This command changes the name of a DiffServ class The class map name is the name of an existing DiffServ class The new class map name parameter is a case sensitive alphanumeric...

Page 288: ...ny This command adds to the specified class definition a match condition whereby all packets are considered to belong to the class match class map This command adds to the specified class definition t...

Page 289: ...me can not be the same Only one other class may be referenced by a class Any attempts to delete the refclassname class while the class is still referenced by any class map name fails The combined matc...

Page 290: ...g 00 11 22 dd ee ff The macmask parameter is a layer 2 MAC address bit mask which need not be contiguous and is formatted as six two digit hexadecimal numbers separated by colons e g ff 07 23 ff fe d...

Page 291: ...port number is required The port number is an integer from 0 to 65535 match ip dscp This command adds to the specified class definition a match condition based on the value of the IP DiffServ Code Po...

Page 292: ...to ff The value of tosmask is a two digit hexadecimal number from 00 to ff The tosmask denotes the bit positions in tosbits that are used for comparison against the IP TOS field in a packet For examp...

Page 293: ...icmp igmp ip tcp udp A value of ip matches all protocol number values To specify the match condition using a numeric value notation the protocol number is a standard value assigned by IANA and is int...

Page 294: ...ce IP address of a packet The ipaddr parameter specifies an IP address The ipmask parameter specifies an IP address bit mask and must consist of a contiguous set of leading 1 bits match srcip6 This co...

Page 295: ...the class policy association to an interface to form a service Specify the policy name when you create the policy Each traffic class defines a particular treatment for packets that match the class de...

Page 296: ...he associated traffic stream are to be dropped at ingress mirror This command specifies that all incoming packets for the associated traffic stream are copied to a specific egress interface physical p...

Page 297: ...s the name of an existing DiffServ class map class This command creates an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic class through...

Page 298: ...e first or outer 802 1Q tag of a double VLAN tagged packet If the packet does not already contain this header one is inserted The CoS value is an integer from 0 to 7 mark ip dscp mark ip dscp This com...

Page 299: ...4294967295 The conforming burst size is specified in kilobytes KB and is an integer from 1 to 128 For each outcome the only possible actions are drop set cos transmit set dscp transmit set prec transm...

Page 300: ...xisting DiffServ policy The policyname parameter is the name of an existing DiffServ policy This command may be issued at any time If the policy is currently referenced by one or more interface servic...

Page 301: ...rection DiffServ is not used in the outbound direction This set of commands consists of service addition removal The CLI command root is service policy service policy This command attaches a policy to...

Page 302: ...only shown when the DiffServ administrative mode is enabled show class map This command displays all configuration information for the specified class The class name is the name of an existing DiffSer...

Page 303: ...nd IPv6 Match Criteria The Match Criteria fields are only displayed if they have been configured Not all platforms support all match criteria values They are displayed in the order entered by the user...

Page 304: ...the Class Rule Table Policy Table Size Current Max The current number of entries rows and the maximum allowed entries rows in the Policy Table Policy Instance Table Size Current Max Current number of...

Page 305: ...ot displayed if mark ip description is not specified Mark IP Precedence The mark re mark value used as the IP Precedence for traffic matching this class This is not displayed if mark ip precedence is...

Page 306: ...same order in which they were created Policy Type The policy type Only inbound is supported Class Members List of all class names associated with this policy Format show diffserv service unit slot po...

Page 307: ...while DiffServ is in an enabled mode Term Definition Interface Valid slot and port number separated by forward slashes Direction The traffic direction of this interface service OperStatus The current...

Page 308: ...es The following rules apply to MAC ACLs The maximum number of ACLs you can create is hardware dependent The limit applies to all ACLs regardless of type The system supports only Ethernet II frame typ...

Page 309: ...sting MAC ACL no mac access list extended This command deletes a MAC ACL identified by name from the system mac access list extended rename This command changes the name of a MAC Access Control List A...

Page 310: ...pear in the same relative order as shown in the command format The Ethertype may be specified as either a keyword or a four digit hexadecimal value from 0x0600 0xFFFF The currently supported ethertype...

Page 311: ...e and direction A lower number indicates higher precedence order If a sequence number is already in use for this interface and direction the specified mac access list replaces the currently attached m...

Page 312: ...Modes Global Config Interface Config Format show mac access lists name Mode Privileged EXEC Term Definition Rule Number The ordered rule number identifier defined within the MAC ACL Action The action...

Page 313: ...an interface you cannot configure an IP ACL on the same interface Wildcard masking for ACLs operates differently from a subnet mask A wildcard mask is in essence the inverse of a subnet mask With a su...

Page 314: ...urce layer 4 port match condition for the IP ACL rule You can use the port number which ranges from 0 65535 or you specify the portkey which can be one of the following keywords domain echo ftp ftpdat...

Page 315: ...cation fields defined for the IP header of an IPv4 frame The name parameter is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IP access list If an IP ACL by this...

Page 316: ...he every keyword or the protocol source address and destination address values must be specified The source and destination IP address fields may be specified using the Format ip access list rename na...

Page 317: ...al sequence number may be specified to indicate the order of this IP access list relative to other IP access lists already assigned to this interface and direction A lower number indicates higher prec...

Page 318: ...sables the ACL trap mode show ip access lists This command displays an IP ACL accesslistnumber is the number used to identify the IP ACL Default none Format no ip access group accesslistnumber vlan vl...

Page 319: ...IP Mask The source IP Mask for this rule Source L4 Port Keyword The source port for this rule Destination IP Address The destination IP address for this rule Destination IP Mask The destination IP Mas...

Page 320: ...Pv6 frame The name parameter is a case sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IPv6 access list ACL ID Access List name for a MAC or IPv6 access list or the nume...

Page 321: ...from 1 to 31 characters uniquely identifying the IPv6 access list This command fails is an IPv6 ACL by the name newname already exists deny permit IPv6 This command creates a new rule for the current...

Page 322: ...ot port while the redirect parameter allows the traffic matching this rule to be forwarded to the specified unit slot port The assign queue and redirect parameters are only valid for a permit rule ipv...

Page 323: ...a given direction show ipv6 access lists This command displays an IPv6 access list and all of the rules that are defined for the IPv6 ACL Use the name parameter to identify a specific IPv6 ACL to dis...

Page 324: ...ly used for time sensitive traffic auto voip all Use this command to enable VoIP Profile on the interfaces of the switch Match All Indicates whether this access list applies to every packet Possible v...

Page 325: ...erface no auto voip Use this command to disable VoIP Profile on the interface show auto voip Use this command to display the VoIP Profile settings on the interface or interfaces of the switch Default...

Page 326: ...S Commands 6 50 v1 0 May 2010 Field Description AutoVoIP Mode The Auto VoIP mode on the interface Traffic Class The CoS Queue or Traffic Class to which all VoIP traffic is mapped to This is not config...

Page 327: ...P Server Commands on page 7 39 DNS Client Commands on page 7 54 Packet Capture Commands on page 7 60 Cable Test Command on page 7 82 sFlow Commands on page 7 83 Note The commands in this chapter are i...

Page 328: ...TFTP server and if necessary a DNS server There are three stepss to Auto Install 1 Configuration or assignment of an IP address for the device 2 Assignment of a TFTP server 3 Obtain a configuration fi...

Page 329: ...nfig file from a TFTP server boot autoinstall stop The command is used to A user may terminate the Auto Install process at any time prior to the downloading of the config file This is most optimally d...

Page 330: ...s feature allows reduced down time when you upgrade or downgrade the software delete This command deletes the supplied image file from the permanent storage The image to be deleted must be a backup im...

Page 331: ...active and backup images on the supplied unit node of the Stack If you do not specify a unit number the command displays image details for all nodes on the Stack The command also displays any text des...

Page 332: ...mmands This section describes the commands you use to view information about system features components and configurations show arp switch This command displays the contents of the IP stack s Address...

Page 333: ...Privileged EXEC Term Definition File The file in which the event originated Line The line number of the event Task Id The task ID of the event Code The event code Time The time this event occurred Uni...

Page 334: ...inition Switch Description Text used to identify the product name of this switch Machine Type The machine model as defined by the Vital Product Data Machine Model The machine model as defined by the V...

Page 335: ...cause of errors Collisions Frames The best estimate of the total number of collisions on this Ethernet segment Time Since Counters Last Cleared The elapsed time in days hours minutes and seconds since...

Page 336: ...on Total Packets Received Octets The total number of octets of data received by the processor excluding framing bits but including FCS octets Packets Received Without Error The total number of packets...

Page 337: ...ets Discarded The number of outbound packets which were chosen to be discarded even though no errors had been detected to prevent their being deliverable to a higher layer protocol A possible reason f...

Page 338: ...t hexadecimal numbers that are separated by colons for example 01 23 45 67 89 AB In an IVL system the MAC address will be displayed as 8 bytes Interface The port through which this address was learned...

Page 339: ...emory Utilization Report status bytes Term Definition VLAN ID The VLAN on which the MAC address was learned Term Definition Dynamic Address count Number of MAC addresses in the forwarding database tha...

Page 340: ...buffer pools status The following shows an example of CLI display output for the command switch show mbuf total mbufSize 9284 0x2444 Current Time 0x1897fa MbufsFree 150 MbufsRxUsed 0 Total Rx Norm Al...

Page 341: ...ys trapflags group name all If some but not all of the flags in that group are enabled the command displays trapflags groupname flag name Note Show running config does not display the User Password ev...

Page 342: ...ysinfo Format show running config interface unit slot port VLAN id LAG id Mode Interface Config Format show sysinfo Mode Privileged EXEC Term Definition Switch Description Text used to identify this s...

Page 343: ...ro or a number in the range of 5 to 48 After the user configured number of lines is displayed in one page the system prompts the user More or q uit Press q or Q to quit or press any key to display the...

Page 344: ...command enables logging to an in memory log that keeps up to 128 logs no logging buffered This command disables logging to in memory log logging buffered wrap This command enables wrapping of in memor...

Page 345: ...no logging cli command This command disables the CLI command Logging feature logging console This command enables logging to the console You can specify the severitylevel value as either an integer f...

Page 346: ...ither an integer from 0 to 7 or symbolically through one of the following keywords emergency 0 alert 1 critical 2 error 3 warning 4 notice 5 info 6 or debug 7 logging host remove This command disables...

Page 347: ...CLI Command Logging Shows whether CLI Command logging is enabled Console Logging Shows whether console logging is enabled ConsoleLogging Severity Filter The minimum severity to log to the console log...

Page 348: ...with a log full situation Buffered Log Count The count of valid entries in the buffered log Format show logging hosts unit Mode Privileged EXEC Term Definition Host Index Used for deleting hosts IP A...

Page 349: ...nd Clear Commands This section describes the commands you use to help troubleshoot connectivity issues and to restore various configurations to their factory defaults Term Definition Number of Traps S...

Page 350: ...Mode Privileged EXEC Parameter Description ipaddr hostname The ipaddr value should be a valid IP address The hostname value should be a valid hostname initTtl Use initTtl to specify the initial time t...

Page 351: ...10 240 1 252 0 msec 0 msec 1 msec 3 172 31 0 9 277 msec 276 msec 277 msec 4 10 254 1 1 289 msec 327 msec 282 msec 5 10 254 21 2 287 msec 293 msec 296 msec 6 192 168 76 2 290 msec 291 msec 289 msec 7...

Page 352: ...the default values It does not reset the switch clear mac addr table This command clears the dynamically learned MAC addresses of the switch clear logging buffered This command clears the messages mai...

Page 353: ...actory defaults without powering off the switch You are prompted to confirm that the password reset should proceed clear port channel This command clears all port channels LAGs clear traplog This comm...

Page 354: ...ly 128 hexadecimal characters logout This command closes the current telnet connection or resets the current serial connection ping Use this command to determine whether another computer is on the net...

Page 355: ...8 254 222 count 3 interval 1 size 255 Pinging 192 168 254 222 with 255 bytes of data Received Response Unreachable Destination Received Response Unreachable Destination Received Response Unreachable D...

Page 356: ...ing reload This command resets the switch without powering it off Reset means that all network connections are terminated and the boot code executes The switch uses the stored configuration to initial...

Page 357: ...is the path to the file and filename is the name of the file you want to upload or download For SFTP and SCP the username parameter is the username for logging into the remote server via SSH For platf...

Page 358: ...e of any error the command lists all the lines at the end of the validation process and prompts you to confirm before copying the script file url nvram script destfilename noval When you use this opti...

Page 359: ...e url image1 image2 Download an image from the remote server to either image In a stacking environment the downloaded image is distributed to the stack nodes image1 image2 url Upload either image to t...

Page 360: ...mmand disables Simple Network Time Protocol SNTP client mode sntp client port This command sets the SNTP client port id to a value from 1 65535 no sntp client port This command resets the SNTP client...

Page 361: ...command will set the poll timeout for SNTP unicast clients in seconds to a value from 1 30 no sntp unicast client poll timeout This command will reset the poll timeout for SNTP unicast clients to its...

Page 362: ...a received from the server is based on Coordinated Universal Time UTC which is the same as Greenwich Mean Time GMT This may not be the time zone in which the switch is located Use the clock timezone c...

Page 363: ...Format no clock timezone Mode Global Config Format show sntp Mode Privileged EXEC Term Definition Last Update Time Time of last clock update Last Unicast Attempt Time Time of last transmit query in u...

Page 364: ...IP address or hostname of configured SNTP Server Server Type Address Type of Server Server Stratum Claimed stratum of the server for the last received valid packet Server Reference ID Reference clock...

Page 365: ...inistration address allocations Last Attempt Time Last server attempt time for the specified server Last Update Status Last server attempt status for the server Total Unicast Requests Number of reques...

Page 366: ...client identifier is required instead of hardware addresses The unique identifier is a concatenation of the media type and the MAC address For example the Microsoft client identifier for Ethernet add...

Page 367: ...ommand specifies the default router list for a DHCP client address1 address2 address8 are valid IP addresses each made up of four decimal bytes ranging from 0 to 255 IP address 0 0 0 0 is invalid no d...

Page 368: ...the hardware address of a DHCP client Hardware address is the MAC address of the hardware platform of the client consisting of 6 bytes in dotted hexadecimal format Type indicates the protocol of the h...

Page 369: ...ures the duration of the lease for an IP address that is assigned from a DHCP server to a DHCP client The overall lease time should be between 1 86400 minutes If you specify infinite the lease is set...

Page 370: ...s the IP subnet mask for the specified address pool The prefix length is an integer from 0 to 32 no network This command removes the subnet number and mask bootfile The command specifies the name of t...

Page 371: ...that are available to DHCP clients One IP address is required although one can specify up to eight addresses in one command line Servers are listed in order of preference address1 is the most preferr...

Page 372: ...s node type This command removes the NetBIOS node Type next server This command configures the next server in the boot process of a DHCP client The address parameter is the IP address of the next serv...

Page 373: ...y a period for example a3 4f 22 0c colon for example a3 4f 22 0c or white space for example a3 4f 22 0c no option This command removes the DHCP Server options The code parameter specifies the DHCP opt...

Page 374: ...a pool address as part of a ping operation By default the number of packets sent to a pool address is 2 which is the smallest allowed number when sending packets Setting the number of packets to 0 dis...

Page 375: ...automatic address pool no ip dhcp bootp automatic This command disables the allocation of the addresses to the bootp client The address are from the automatic address pool ip dhcp conflict logging Thi...

Page 376: ...s ranging from 0 to 255 IP address 0 0 0 0 is invalid clear ip dhcp server statistics This command clears DHCP server statistics counters clear ip dhcp conflict The command is used to clear an address...

Page 377: ...ding address Modes Privileged EXEC User EXEC Term Definition IP address The IP address of the client Hardware Address The MAC Address or the client identifier Lease expiration The lease expiration tim...

Page 378: ...Pool Name The name of the configured pool Pool Type The pool type Lease Time The lease expiration time of the IP address assigned to the client DNS Servers The list of DNS servers available to the DH...

Page 379: ...eases Malformed Bindings The number of truncated or corrupted messages that were received by the DHCP server Message Definition DHCP DISCOVER The number of DHCPDISCOVER messages the server has receive...

Page 380: ...sses When enabled the DNS client provides a hostname lookup service to other components ip domain lookup Use this command to enable the DNS client no ip domain lookup Use this command to disable the D...

Page 381: ...ult domain name For an unqualified hostname xxx a DNS query is made to find the IP address corresponding to xxx yahoo com no ip domain name Use this command to remove the default domain name configure...

Page 382: ...ss of the server The preference of the servers is determined by the order they were entered no ip name server Use this command to remove a name server ip host Use this command to define static host na...

Page 383: ...this command to remove the static host name to IPv6 address mapping in the host cache ip domain retry Use this command to specify the number of times to retry sending Domain Name System DNS queries T...

Page 384: ...timeout Use this command to return to the default setting clear host Use this command to delete entries from the host name to address cache This command clears the entries from the DNS cache maintaine...

Page 385: ...t yahoo com Stanford edu rediff com Domain Name lookup Enabled Number of retries 5 Retry timeout period 1500 Name servers Preference order 176 16 1 18 176 16 1 19 Configured host name to address mappi...

Page 386: ...s like Ethereal can be used to decode and review the packets in detail Capturing can be performed in a variety of modes either transmit side only receive side only or both The number of packets captur...

Page 387: ...buffer is full writes to the buffer will wrap around to allow continuous packet caputure show capture packets This command displays packets being captured from the buffer The output of the show comma...

Page 388: ...ssages no debug arp Use this command to disable ARP debug protocol messages debug auto voip Use this command to enable Auto VOIP debug messages Use the optional parameters to trace H323 SCCP or SIP pa...

Page 389: ...o view any trace output The output of debug trace commands will appear on all login sessions for which debug console has been enabled The configuration of this command remains in effect for the life o...

Page 390: ...g trace debug igmpsnooping packet This command enables tracing of IGMP Snooping packets received and transmitted by the switch no debug igmpsnooping packet This command disables tracing of IGMP Snoopi...

Page 391: ...age Default disabled Format debug igmpsnooping packet transmit Mode Privileged EXEC Parameter Definition TX A packet transmitted by the device Intf The interface that the packet went out on Format use...

Page 392: ...parameters are displayed in the trace message Format no debug igmpsnooping transmit Mode Privileged EXEC Default disabled Format debug igmpsnooping packet receive Mode Privileged EXEC Parameter Defini...

Page 393: ...s only received DVMRP packets and transmit traces only transmitted DVMRP packets When neither keyword is used in the command then all DVMRP packet traces are dumped Vital information such as source ad...

Page 394: ...ransmitted is displayed on the console no debug ip igmp packet Use this command to disable debug tracing of IGMP packet reception and transmission debug ip mcache packet Use this command for tracing M...

Page 395: ...nd then all PIMDM packet traces are dumped Vital information such as source address destination address control packet type packet length and the interface on which the packet is received or transmitt...

Page 396: ...l packet type packet length and the interface on which the packet is received or transmitted is displayed on the console no debug ip pimsm packet Use this command to disable debug tracing of PIMSM pac...

Page 397: ...ption and transmission debug ipv6 mld packet Use this command to trace MLDv6 packet reception and transmission receive traces only received MLDv6 packets and transmit traces only transmitted MLDv6 pac...

Page 398: ...t reception and transmission debug ipv6 pimsm packet Use this command to trace PIMSMv6 packet reception and transmission receive traces only received PIMSMv6 packets and transmit traces only transmitt...

Page 399: ...trace MLD snooping packet reception and transmission receive traces only received MLD snooping packets and transmit traces only transmitted MLD snooping packets When neither keyword is used in the com...

Page 400: ...Intf 2 0 48 Src Ip 10 50 50 1 DestIp 192 168 50 2 AreaId 0 0 0 0 Type DB_DSCR Mtu 1500 Options E Flags I M MS Seq 126166 15 JAN 02 11 03 36 10 50 50 1 2 OSPF 46300472 ospf_debug c 297 25434 Pkt RX In...

Page 401: ...he packet DestIp The destination IP address in the IP header of the packet AreaId The area ID in the OSPF header of the packet Type Could be one of the following HELLO Hello packet DB_DSCR Database de...

Page 402: ...of OSPF packets debug ospfv3 packet Use this command to enable OSPFv3 packet debug trace no debug ospfv3 packet Use this command to disable tracing of OSPFv3 packets Field Definition Length Length of...

Page 403: ...C_IP 10 50 50 1 DEST_IP 10 50 50 2 Type ECHO_REPLY The following parameters are displayed in the trace message no debug ping packet This command disables tracing of ICMP echo requests and responses De...

Page 404: ...t disabled Format debug rip packet Mode Privileged EXEC Parameter Definition TX RX TX refers to a packet transmitted by the device RX refers to packets received by the device Intf The interface that t...

Page 405: ...packet trace no debug sflow packet Use this command to disable sFlow debug packet trace debug spanning tree bpdu This command enables tracing of spanning tree BPDUs received and transmitted by the sw...

Page 406: ...88 4e c2 00 Root Priority 0x8000 Path Cost 0 The following parameters are displayed in the trace message Format no debug spanning tree bpdu Mode Privileged EXEC Default disabled Format debug spanning...

Page 407: ...0 11 88 4e c2 00 Root_Priority 0x8000 Path_Cost 0 The following parameters are displayed in the trace message Format no debug spanning tree bpdu receive Mode Privileged EXEC Default disabled Format de...

Page 408: ...u transmit Mode Privileged EXEC Note The cable test feature is supported only for copper cable It is not supported for optical fiber cable If the port has an active link while the cable test is run th...

Page 409: ...ded Unknown is displayed if the cable length could not be determined Format sflow receiver rcvr_idx owner owner string timeout rcvr_timeout max datagram size ip ipv6 ip port port Mode Global Config Fi...

Page 410: ...ult is 0 0 0 0 Receiver Port The destination Layer4 UDP port for sFlow datagrams The range is 1 65535 The default is 6343 Format no sflow receiver indx ip ip address maxdatagram size owner string time...

Page 411: ...ables sampling A value of N means that out of N incoming packets 1 packet will be sampled The range is 1024 65536 and 0 The default is 0 Format no sflow sampler rcvr indx rate sampling rate maxheaders...

Page 412: ...gear 1 0 IP Address 10 131 12 66 show sflow pollers Use this command to display the sFlow polling instances created on the switch Use for range Format no sflow poller rcvr indx interval poll interval...

Page 413: ...s between successive samples of the counters associated with this data source Format show sflow receivers index Mode Privileged EXEC Field Description Receiver Index The sFlow Receiver associated with...

Page 414: ...er unit if GSM72xxPS or GSM73xxSv1 is the Master of the stack It will not be available in case GSM73xxSv2 is the Master of a Stack Format show sflow samplers Mode Privileged EXEC Field Description Sam...

Page 415: ...licence file through the GUI show license This command displays the license status License Date indicates the date of the license License Status indicates whether license is active or inactive Exampl...

Page 416: ...ProSafe 7200 Managed Switches CLI Manual Software Version 8 0 3 Utility Commands 7 90 v1 0 May 2010 OSPFV3 IPV6...

Page 417: ...page 8 20 Access Commands on page 8 28 User Account Commands on page 8 29 SNMP Commands on page 8 40 RADIUS Commands on page 8 52 TACACS Commands on page 8 67 Configuration Scripting Commands on page...

Page 418: ...administrator enable password 2 Management CPU IP address and network mask 3 System name and location information The tool is interactive and uses questions to guide you through the steps required to...

Page 419: ...ange the password Y N Q y Enter new password Confirm new password Password Changed The enable password required for switch configuration via the command line interface is currently not configured Do y...

Page 420: ...to the Privileged EXEC mode From the Privileged EXEC mode you can configure the network interface network parms This command sets the IP address subnet mask and gateway of the device The IP address an...

Page 421: ...nd sets locally administered MAC addresses The following rules apply Bit 6 of byte 0 called the U L bit indicates whether the address is universally administered b 0 or locally administered b 1 Bit 7...

Page 422: ...view the Java applet show network This command displays configuration settings associated with the switch s network interface The network interface is the logical interface used for in band connectiv...

Page 423: ...factory default value is 0 0 0 0 IPv6 Administrative Mode Whether enabled or disabled IPv6 Address Length The IPv6 address and length IPv6 Default Router The IPv6 default router address Burned In MAC...

Page 424: ...you can configure a variety of system settings including user accounts From the Global Config mode you can enter other command modes including Line Config mode line This command gives you access to t...

Page 425: ...This command sets the maximum connect time in minutes without console activity login authentication To specify login authentication method list for remote telnet or console use the login authenticatio...

Page 426: ...eged EXEC User EXEC Term Definition Serial Port Login Timeout minutes The time in minutes of inactivity on a Serial port connection after which the Switch will close the connection Any numeric value b...

Page 427: ...nd closes the Telnet listening port and disconnects all open Telnet sessions telnet This command establishes a new outbound Telnet connection to a remote host The host value must be a valid IP address...

Page 428: ...ransport output telnet This command regulates new outbound Telnet connections If enabled new outbound Telnet sessions can be established until the system reaches the maximum number of simultaneous out...

Page 429: ...ions A value of 0 indicates that no outbound Telnet session can be established no session limit This command sets the maximum number of simultaneous outbound Telnet sessions to the default value sessi...

Page 430: ...onnection sessions that can be established to the default value telnetcon timeout This command sets the Telnet connection session timeout value in minutes A session is active as long as the session ha...

Page 431: ...imeout value for active sessions does not become effective until the session is reaccessed Also any keystroke activates the new timeout duration Format no telnetcon timeout Mode Privileged EXEC Format...

Page 432: ...mmand is the short form of the ip ssh server enable command Format show telnetcon Modes Privileged EXEC User EXEC Term Definition Remote Connection Login Timeout minutes This object indicates the numb...

Page 433: ...erver enable This command disables the IP secure shell server sshcon maxsessions This command specifies the maximum number of SSH connection sessions that can be established A value of 0 indicates tha...

Page 434: ...ue for active sessions does not become effective until the session is re accessed Also any keystroke activates the new timeout duration no sshcon timeout This command sets the SSH connection session t...

Page 435: ...files from the device regardless of whether they are self signed or downloaded from an outside source Term Definition Administrative Mode This field indicates whether the administrative mode of SSH is...

Page 436: ...overwrite any existing generated or downloaded DSA key files no crypto key generate dsa Use this command to delete the DSA key files from the device Hypertext Transfer Protocol HTTP Commands This sect...

Page 437: ...terfaces are affected no ip http server This command disables access to the switch through the Web interface When access is disabled the user cannot login to the switch s Web server ip http secure ser...

Page 438: ...ure HTTP sessions in hours Configuring this value to zero will give an infinite hard timeout When this timeout expires the user will be forced to re authenticate This timer begins on initiation of the...

Page 439: ...us no authentication is used if the radius server is down no ip http authentication This command restores the authentication methods to the default ip http session maxsessions This command limits the...

Page 440: ...be forced to re authenticate This timer begins on initiation of the Web session and is re started with each access to the switch no ip http session soft timeout This command resets the soft timeout fo...

Page 441: ...t can not be set to zero infinite no ip http secure session soft timeout This command restores the soft timeout for secure HTTP sessions to the default value ip http secure session hard timeout This c...

Page 442: ...specified as an authentication method after radius no authentication is used if the radius server is down no ip https authentication This command restores the authentication methods to the default for...

Page 443: ...ort Mode Privileged EXEC Default SSL3 and TLS1 Format ip http secure protocol SSL3 TLS1 Mode Privileged EXEC Format show ip http Mode Privileged EXEC Term Definition HTTP Mode Unsecure The unsecure HT...

Page 444: ...lnet and serial port connections to the switch Secure Protocol Level s The protocol level may have the values of SSL3 TSL1 or both SSL3 and TSL1 Maximum Allowable HTTPS Sessions The number of allowabl...

Page 445: ...for the serial port connection Idle Time Time this session has been idle Session Time Total time this session has been connected Session Type Shows the type of session which can be HTTP HTTPS telnet...

Page 446: ...ivileges for the specified login user The valid accessmode values are readonly or readwrite The username is the login user name for which the specified access mode applies The default is readwrite for...

Page 447: ...password and therefore must be at least eight characters in length The username is the user name associated with the authentication protocol You must enter the username in the same case you used when...

Page 448: ...in user name associated with the specified encryption You must enter the username in the same case you used when you added the user To see the case of the username enter the show users command no user...

Page 449: ...ReadWrite the SNMPv3 user is able to set and retrieve parameters on the system If the value is set to ReadOnly the SNMPv3 user is only able to retrieve parameter information The SNMPv3 access mode ma...

Page 450: ...d The valid range is 0 64 no passwords min length Use this command to set the minimum password length to the default value Term Definition User Name The full name of the user Format show users login h...

Page 451: ...is 0 10 no passwords history Use this command to set the password history to the default value passwords aging Use this command to implement aging on passwords for local users When a user s password e...

Page 452: ...the serial console The valid range is 1 5 The default is 0 or no lockout count enforced no passwords lock out Use this command to set the password lock out count to the default value show passwords c...

Page 453: ...the final method in the command line For example if none is specified as an authentication method after radius no authentication is used if the radius server is down where Default Uses the listed auth...

Page 454: ...method returns an error not if it fails To ensure that the authentication succeeds even if all methods return an error specify none as the final method in the command line For example if none is speci...

Page 455: ...thentication is used if the radius server is down line Uses the line password for authentication none Uses no authentication radius Uses the list of all RADIUS servers for authentication Uses username...

Page 456: ...command is the same as copy system running config nvram startup config SNMP Commands This section describes the commands you use to configure Simple Network Management Protocol SNMP on the switch You...

Page 457: ...level The length of name can be up to 16 case sensitive characters no snmp server community This command removes this community name from the table The name is the community name to be deleted Default...

Page 458: ...ient IP address for an SNMP community to 0 0 0 0 The name is the applicable community name snmp server community ipmask This command sets a client IP mask for an SNMP community The address is the asso...

Page 459: ...ociated with this community cannot manage the switch until the Status is changed back to Enable no snmp server community mode This command deactivates an SNMP community If the community is disabled no...

Page 460: ...wed MAC address is received on a locked port no snmp server enable traps violation This command disables the sending of new violation traps snmp server enable traps This command enables the Authentica...

Page 461: ...nkmode This command disables Link Up Down traps for the entire switch snmp server enable traps multiusers This command enables Multiple User traps When the traps are enabled a Multiple User Trap is se...

Page 462: ...on traps snmptrap This command adds an SNMP trap receiver The maximum length of name is 16 case sensitive alphanumeric characters The snmpversion is the version of SNMP The version parameter options a...

Page 463: ...e name and ipaddr pair must be unique Multiple entries can exist with the same name as long as they are associated with a different ipaddr The reverse scenario is also acceptable The name is the commu...

Page 464: ...This command deactivates an SNMP trap Disabled trap receivers are unable to receive traps snmp trap link status This command enables link status traps by interface Note IP addresses in the SNMP trap...

Page 465: ...all interfaces Format snmp trap link status Mode Interface Config Note This command is valid only when the Link Up Down Flag is enabled Format no snmp trap link status Mode Interface Config Note This...

Page 466: ...mmunity Name The community string to which this entry grants access A valid entry is a case sensitive alphanumeric string of up to 16 characters Each row of this table must contain a unique community...

Page 467: ...ger The string is case sensitive and can be up to 16 alphanumeric characters IP Address The IPv4 address to receive SNMP traps from this device IPv6 Address The IPv6 address to receive SNMP traps from...

Page 468: ...dicates whether DVMRP traps are sent OSPFv2 Traps Can be enabled or disabled The factory default is disabled Indicates whether OSPF traps are sent If any of the OSPF trap flags are not enabled then th...

Page 469: ...address is configured while enabling this attribute the RADIUS client uses that IP address while sending NAS IP Address attribute in RADIUS communication no radius server attribute The no version of...

Page 470: ...the auth parameter the command configures the IP address or hostname to use to connect to a RADIUS authentication server You can configure up to 3 servers per RADIUS client If the maximum number of co...

Page 471: ...r is removed from the configuration Similarly if the acct token is used the previously configured RADIUS accounting server is removed from the configuration The ipaddr dnsname parameter must match the...

Page 472: ...hen this command is executed the secret is prompted Text based configuration supports Radius server s secrets in encrypted and non encrypted format When you save the configuration these secret keys ar...

Page 473: ...rimary servers can be configured for each number of servers that have the same name When the RADIUS client has to perform transactions with an authenticating RADIUS server of specified name the client...

Page 474: ...server no radius server retransmit The no version of this command sets the value of this global parameter to the default value radius server timeout This command configures the global parameter for t...

Page 475: ...cription retries Maximum number of transmission attempts in the range 1 30 Format no radius server timeout Mode Global Config Format show radius Mode Privileged EXEC Term Definition Number of Configur...

Page 476: ...number of times a request packet is retransmitted Time Duration The configured timeout value in seconds for request re transmissions RADIUS Accounting Mode A global parameter to indicate whether the a...

Page 477: ...er Port The port used for communication with the authenticating server Type Specifies whether this server is a primary or secondary type Current Host Address The IP address of the currently active aut...

Page 478: ...uthenticator Enable Number of Retransmits 4 Time Duration 10 RADIUS Accounting Mode Disable RADIUS Attribute 4 Mode Enable RADIUS Attribute 4 Value 192 168 37 60 show radius accounting This command di...

Page 479: ...Name Default_RADIUS_Server Host Address 192 168 37 200 RADIUS Accounting Mode Disable Port 1813 Secret Configured Yes show radius accounting statistics This command displays a summary of statistics fo...

Page 480: ...missions Retransmission The number of RADIUS Accounting Request packets retransmitted to this RADIUS accounting server Responses The number of RADIUS packets received on the accounting port from this...

Page 481: ...the server dnsname The DNS name of the server servername The alias name to identify the server RADIUS Server Name The name of the authenticating server Server Host Address The IP address of the host...

Page 482: ...d Access Responses 0 Bad Authenticators 0 Pending Requests 0 Malformed Access Responses The number of malformed RADIUS Access Response packets received from this server Malformed packets include packe...

Page 483: ...ssed in clear text over the network TACACS uses TCP to ensure reliable delivery and a shared key configured on the client and daemon server to encrypt all messages tacacs server host Use the tacacs se...

Page 484: ...key in encrypted format enter the key along with the encrypted keyword In the show running config command s display these secret keys are displayed in encrypted format You cannot show these keys in p...

Page 485: ...0 128 characters Text based configuration supports TACACS server s secrets in encrypted and non encrypted format When you save the configuration these secret keys are stored in encrypted format only I...

Page 486: ...global value is used The timeout parameter has a range of 1 30 and is the timeout value in seconds show tacacs Use the show tacacs command to display the configuration and statistics of a TACACS serv...

Page 487: ...lt configurations Scripts must conform to the following rules Script files are not distributed across the stack and only live in the unit that is the master unit at the time of the file download The f...

Page 488: ...t on the switch script list This command lists all scripts present on the switch as well as the remaining available space Note To specify a blank password for a user in the configuration script you mu...

Page 489: ...with a given script on any given device Pre login Banner and System Prompt Commands This section describes the commands you use to configure the pre login banner and the system prompt The pre login ba...

Page 490: ...he prompt The length of name may be up to 64 alphanumeric characters Default none Format copy Code Sample Variable tftp ipaddr filepath filename Code Sample Variable nvram clibanner copy nvram clibann...

Page 491: ...erstanding of the system configuration and details of the problem will assist NETGEAR Inc in determining the root cause of such a problem The Log Messages chapter includes the following sections Core...

Page 492: ...port x Interface creation out of order NIM NIM event x intf x component x in wrong phase An event was issued to NIM during the wrong configuration phase probably Phase 1 2 or WMU NIM NIM Failed to not...

Page 493: ...sion num but the sizes version size expected version size differ The configuration file which was loaded was of a different size than expected for the version number This message indicates the configu...

Page 494: ...functions DHCP Filtering Error on call to sysapiCfgFileWrite file Error on trying to save configuration Table 9 6 NVStore Log Messages Component Message Cause NVStore Building defaults for file XXX A...

Page 495: ...rror while attempting to read data from the RADIUS server RADIUS RADIUS Accounting Response failed to validate id xxx The RADIUS Client received an invalid message from the server RADIUS RADIUS User x...

Page 496: ...server TACACS TACACS received invalid packet type from server Received packet type that is not supported TACACS TACACS invalid major version in received packet Major version mismatch TACACS TACACS inv...

Page 497: ...lure for the specified connection type EmWeb ewsNetHTTPReceive failure in NetReceiveLoop closing connection Socket receive failure EmWeb EmWeb connection allocation failed Memory allocation failure fo...

Page 498: ...code from tftp upload result Unknown error returned while uploading file using TFTP from web interface WEB Web UI Screen with unspecified access attempted to be brought up Failed to get application sp...

Page 499: ...he error code SSLT SSLT Msg Queue is full event XXXX Failed to send the received message to the SSLT message queue as message queue is full XXXX indicates the event to be sent SSLT SSLT Unknown UI eve...

Page 500: ...rotected port configuration cannot be saved Protected Ports protectedPortCnfgrInitPhase1Process Unable to create r w lock for protectedPort This appears when protectedPortCfgRWLock Fails Protected Por...

Page 501: ...try from the table IPsubnet vlans vlanIpSubnetVlanChangeCallback Failed to add an Entry This appears when a dtl fails to add an entry for a vlan add notify event IPsubnet vlans vlanIpSubnetVlanChangeC...

Page 502: ...equestSend failed Failed sending message to RADIUS server 802 1X dot1xRadiusAcceptProcess error calling radiusAccountingStart ifIndex xxx Failed sending accounting start to RADIUS server 802 1X functi...

Page 503: ...UEUE SEND FAILURE The garpPduQueue is full logs specific of the GPDU internal interface number vlan id buffer handle etc GARP GVRP GMRP garpMapIntfIsConfigurable gmrpMapIntfIsConfigurable Error access...

Page 504: ...Vlan Tag dvlantagIntfIsConfigurable Error accessing dvlantag config data for interface d A default configuration does not exist for this interface Typically a case when a new interface is created and...

Page 505: ...Q dot1qVlanMemberSetModify dot1qVlanTaggedMemberSetModify Dynamic entry d can only be modified after it is converted to static If this vlan is a learnt via GVRP then we cannot modify it s member set v...

Page 506: ...CL Log Messages Component Message Cause ACL Total number of ACL rules x exceeds max y on intf i The combination of all ACLs applied to an interface has resulted in requiring more rules than the platfo...

Page 507: ...sed DiffServ Policy invalid for service intf policy name intIfNum x direction y The DiffServ policy definition is not compatible with the capabilities of the interface specified Check the platform rel...

Page 508: ...includes the current size of the database OSPFv2 The number of LSAs 25165 in the OSPF LSDB has exceeded the LSDB memory allocation When the OSPFv2 LSDB becomes full OSPFv2 logs this message OSPFv2 re...

Page 509: ...ed OSPFv3 periodically verifies the checksum of each LSA in memory OSPFv3 logs this Table 9 40 Routing Table Manager Log Messages Component Message Cause Routing Table Manager RTO is full Routing tabl...

Page 510: ...nvalid TTL VRRP ignored an incoming message whose time to live TTL in the IP header was not 255 Table 9 42 ARP Log Message Component Message Cause ARP ARP received mapping for IP address xxx to MAC ad...

Page 511: ...Error creating IGMP data pipe Error opening IGMP data pipe When we fail to create open IGMP data pipe for Mcast data messages IGMP Error getting memory for source record When we are unable to allocate...

Page 512: ...add an mroute entry into cache PIM_SM Config error Trying to add static RP Dynamic RP with same ip addr exists Router learns RP group mapping through Bootstrap messages received This message pops whe...

Page 513: ...hile registering a neighbor DVMRP dvmrp_recv_prune failed getting memory for prune Failed to allocate memory while receiving a prune DVMRP dvmrp_new_route failed getting memory for route Failed to get...

Page 514: ...table OS In hapiBroadQosCosQueueConfig Failed to configure minimum bandwidth Available bandwidth x Attempting to configure the bandwidth beyond it s capabilities OS USL failed to put sync response on...

Page 515: ...ize unit x due to a transport failure or API issue on remote unit A synchronization retry will be issued OS Invalid LAG id x Possible synchronization issue between the BCM driver and HAPI OS Invalid u...

Page 516: ...o this msg indicates the file system may be corrupted OSAPI ftruncate failed File is open for reading only ftruncate is called to correctly set the file s size in the file system after a write The fil...

Page 517: ...During the call to remove the interface from the route table the attempt to get the ipv4 interface mask from the stack failed OSAPI osapiCleanupIf NetIpDel During the call to remove the interface from...

Page 518: ...dition Captive Portal can be configured to use an optional HTTP port in support of HTTP Proxy networks If configured this additional port is then used exclusively by Captive Portal Note that this opti...

Page 519: ...35 no http port Use this command to reset the HTTP port to the default number 80 https port Use this command to configure an additional HTTPS port for captive portal to monitor The valid range is from...

Page 520: ...ion page needs to be served again in order for the client to gain access to the network no authentication timeout Use this command to reset the authentication timeout to the default show captive porta...

Page 521: ...This field shows the reason why the operational is disabled CP IP Address It is the captive portal server IP address Format show captive portal status Mode Privileged EXEC mode Term Definition Additio...

Page 522: ...n Commands The commands in this section are related to captive portal configurations configuration Captive Portal Use this command to enter the captive portal instance mode The captive portal configur...

Page 523: ...disable a configuration name Use this command to configure the name for a captive portal configuration The cp name can be up to 32 alphanumeric characters in length Format no configuration 1 10 Mode...

Page 524: ...configured to allow access for guest users users that do not have assigned user names and passwords User verification can also be configured to allow access for authenticated users Authenticated user...

Page 525: ...an use the command user group 1 10 to create a group ID The default group ID is 1 for a captive portal configuration no group Use this command to reset the group number to the default redirect Captive...

Page 526: ...he network The rate is in bits per seconds 0 indicates limit not enforced no max bandwidth down Use this command to reset the maximum rate to the default max bandwidth up Use this command to configure...

Page 527: ...nsmit After this limit has been reached the user will be disconnected The number of octets is in bytes 0 indicates limit not enforced no max input octets Use this command to reset the limit to the def...

Page 528: ...Use this command to configure the maximum number of octets the user is allowed to transfer i e the sum of octets transmitted and received After this limit has been reached the user will be disconnecte...

Page 529: ...the session timeout to the default idle timeout Use this command to configure the idle timeout for a captive portal configuration 0 indicates timeout not enforced After an idle session has been reach...

Page 530: ...re configurations using a text based format no locale This command is intended to delete a locale The default locale cannot be deleted interface Captive Portal Use this command to associate an interfa...

Page 531: ...tion Blocking a captive portal instance is a temporary command executed by the administrator and not saved in the configuration no block Use this command to unblock traffic Captive Portal Status Comma...

Page 532: ...e 1 10 is the captive portal ID If you do not specify an interface number all the interfaces assigned to the captive portal configuration will be displayed Format show captive portal configuration 1 1...

Page 533: ...ace 1 0 1 Interface Description Unit 1 Slot 0 Port 1 Gigab Operational Status Disabled Disable Reason Interface Not Attached Block Status Not Blocked Authenticated Users 0 Term Definition CP ID The ca...

Page 534: ...efinition Group Name The name of the group associated with this captive portal instance Redirect URL Mode The redirect mode for this captive portal instance Redirect URL The redirect URL is up to 512...

Page 535: ...ation Mode Guest Group Name group123 Redirect URL Mode Enabled Redirect URL www cnn com Session Timeout seconds 86400 Idle Timeout seconds 600 Max Bandwidth Up bytes sec 0 Max Bandwidth Down bytes sec...

Page 536: ...show captive portal client status Use this command to display client connection details or a connection summary for connected captive portal users macaddr is Client MAC address If no macaddr is enter...

Page 537: ...90 Client IP Address 10 254 96 47 Protocol Mode https Verification Mode Local CP ID 1 CP Name cp1 Interface 1 0 1 Interface Description Unit 1 Slot 0 Port 1 Gigabit Level User Name user123 Session Tim...

Page 538: ...client Bytes Received The number of bytes received from the client Bytes Transmitted The number of bytes transmitted to the client Packets Received The number of packets received from the client Pack...

Page 539: ...CP Name Protocol Verification 0002 BC00 1290 10 254 96 47 1 cp1 http local 0002 BC00 1291 10 254 96 48 2 cp2 http local show captive portal configuration client status Use this command to display the...

Page 540: ...scription 0002 BC00 1290 10 254 96 47 1 0 1 Unit 1 Slot 0 Port 1 Gigabit 0002 BC00 1291 10 254 96 48 1 0 2 Unit 1 Slot 0 Port 2 Gigabit captive portal client deauthenticate Use this command to deauthe...

Page 541: ...l User Commands The following section describes captive portal local user commands user password Use this command to create a local user or change the password for an existing user The user id is user...

Page 542: ...be exist before execute this command You can create the local user using user password first user group Use this command to associate a group with a captive portal user A user must be associated with...

Page 543: ...ation t no user session timeout Use this command to reset the session timeout to the default user idle timeout Use this command to set the session idle timeout value for a captive portal user 1 128 is...

Page 544: ...ax bandwidth down Use this command to reset the limit to the default user max bandwidth up Use this command to configure the bandwidth at which the client can send data into the Network 1 128 is the u...

Page 545: ...octets Use this command to reset the limit to the default user max output octets Use this command to limit the number of octets the user is allowed to receive After this limit has been reached the use...

Page 546: ...cted 1 128 is the user ID The range of octets is 0 4294967295 0 indicates to use the global limit Use the no form of this command to reset the limit to the default no user max total octets Use this co...

Page 547: ...at which the client can send data into the network If the value is 0 then use the value configured for the captive portal Max Bandwidth Down bytes sec Maximum client receive rate b s Limits the bandwi...

Page 548: ...0 Max Bandwidth Up bytes sec 0 Max Bandwidth Down bytes sec 0 Max Input Octets bytes 0 Max Output Octets bytes 0 Max Total Octets bytes 0 Group ID Group Name 1 Default 2 group2 clear captive portal u...

Page 549: ...roup name 1 10 is the user group ID The name can be a string up to 32 characters user group rename Use this command to change a group s ID to a different group ID Default 1 Format user group 1 10 Mode...

Page 550: ...esize 4 3 arp dynamicrenew 4 3 arp purge 4 4 arp resptime 4 4 arp retries 4 4 arp timeout 4 5 assign queue 6 20 authentication timeout 10 3 authorization network radius 8 52 auto negotiate 3 3 auto ne...

Page 551: ...27 clear counters 7 27 clear dot1x statistics 3 63 clear host 7 59 clear igmpsnooping 7 28 clear ip arp inspection statistics 3 137 clear ip dhcp binding 7 51 clear ip dhcp conflict 7 51 clear ip dhcp...

Page 552: ...5 debug igmpsnooping packet receive 7 67 debug igmpsnooping packet transmit 7 66 debug ip acl 7 68 debug ip dvmrp packet 7 68 debug ip igmp packet 7 69 debug ip mcache packet 7 69 debug ip pimdm packe...

Page 553: ...s control l4port 3 182 dos control sipdip 3 180 dos control smacdmac 3 183 dos control tcpfinurgpsh 3 187 dos control tcpflag 3 182 dos control tcpflagseq 3 185 dos control tcpfrag 3 181 dos control t...

Page 554: ...ace Captive Portal 10 13 interface lag 3 3 interface range 3 2 interface vlan 3 3 ip access group 6 41 ip access list 6 39 ip access list rename 6 40 ip address 4 9 ip arp inspection filter 3 133 ip a...

Page 555: ...57 ip http authentication 8 23 ip http java 8 22 ip http secure port 8 26 ip http secure protocol 8 27 ip http secure server 8 21 ip http secure session hard timeout 8 25 ip http secure session maxses...

Page 556: ...n key 3 93 lacp actor admin state individual 3 94 lacp actor admin state longtimeout 3 94 lacp actor admin state passive 3 95 lacp actor port priority 3 96 lacp actor system priority 3 96 lacp admin k...

Page 557: ...7 19 logging console 7 20 logging host 7 20 logging host remove 7 21 logging persistent 7 24 logging syslog 7 21 login authentication 8 9 logout 7 29 mac access group 6 35 mac access list extended 6 3...

Page 558: ...ts 10 11 member 2 2 mirror 6 20 mode dot1q tunnel 3 45 mode dvlan tunnel 3 46 monitor session 3 112 movemanagement 2 3 mtu 3 5 name 10 6 netbios name server 7 46 netbios node type 7 47 network DHCP Po...

Page 559: ...ace Config 3 104 port channel 3 90 port channel adminmode 3 105 port channel linktrap 3 105 port channel load balance 3 106 port channel name 3 108 port channel static 3 102 port channel system priori...

Page 560: ...rvice dhcp 7 49 service policy 6 25 session limit 8 13 session timeout 8 13 session timeout Captive Portal 10 12 set garp timer join 3 56 set garp timer leave 3 56 set garp timer leaveall 3 57 set gmr...

Page 561: ...10 20 show captive portal client status 10 19 show captive portal configuration client status 10 22 show captive portal configuration interface 10 15 show captive portal configuration locales 10 18 s...

Page 562: ...6 show igmpsnooping mrouter vlan 3 146 show igmpsnooping querier 3 151 show interface 7 9 show interface ethernet 7 10 show interfaces cos queue 6 7 show interfaces switchport 3 53 show ip access list...

Page 563: ...ow lacp actor 3 108 show lacp partner 3 109 show license 7 89 show license features 7 89 show lldp 3 162 show lldp interface 3 162 show lldp local device 3 167 show lldp local device detail 3 167 show...

Page 564: ...e 6 31 show port 3 7 show port description 3 9 show port protocol 3 8 show port status 3 9 show port channel 3 111 show port channel brief 3 109 show port channel 3 110 show port channel system priori...

Page 565: ...28 show spanning tree summary 3 29 show spanning tree vlan 3 29 show stack port 2 10 show stack port counters 2 11 show stack port diag 2 11 show storm control 3 89 show supported cardtype 2 7 show su...

Page 566: ...le traps multiusers 8 45 snmp server enable traps stpmode 8 46 snmp server enable traps violation 8 44 snmptrap 8 46 snmptrap ipaddr 8 48 snmptrap mode 8 48 snmptrap snmpversion 8 47 sntp broadcast cl...

Page 567: ...orm control broadcast 3 77 storm control broadcast 3 79 storm control broadcast level 3 78 storm control broadcast level 3 80 storm control broadcast rate 3 79 storm control broadcast rate 3 80 storm...

Page 568: ...te bootcode 7 6 user group name 10 32 user group rename 10 32 user group 10 25 user group Create 10 31 user idle timeout 10 26 user max bandwidth down 10 27 user max bandwidth up 10 27 user max input...

Page 569: ...port acceptframe all 3 34 vlan port ingressfilter all 3 35 vlan port priority all 3 50 vlan port pvid all 3 35 vlan port tagging all 3 36 vlan priority 3 50 vlan protocol group 3 36 vlan protocol grou...

Reviews:

No comments