Panasonic ZEQUO 2200 Operating Instructions Manual Download Page 107 | Manualshive

Page: 107 / 726

background image

12. BPDU Attack Protection Commands

107

12.BPDU Attack Protection Commands

BPDU (Bridge Protocol Data Unit) is a spanning tree protocol and a

packet to detect loops. In general, it is not received by any other than

specific ports. If BPDU packets were received by an unexpected port, a

loop failure may have occurred or an unauthorized Switching Hub may

have been added, resulting in the path change.

BPDU Attack Protection is a function to protect network by setting

actions, such as discarding packets or shutting down ports, when

receiving unexpected BPDU packets.

Figure 12-1 BPDU Attack Protection overview

The commands are used to configure the Switching Hub to send SNMP trap

notification or log when packets are discarded or ports are shut down because of the

protection function. You can also configure to recover the state automatically after a

specified time or manually by a network administrator.

config bpdu_protection ports [<portlist> | all] {state [enable | disable] | mode [drop | block |

shutdown]}(1)

config bpdu_protection recovery_timer [<sec 60-1000000> | infinite]
config bpdu_protection [trap | log] [none | attack_detected | attack_cleared | both]
enable bpdu_protection
disable bpdu_protection
show bpdu_protection {ports {<portlist>}}

«
...
105
106
107
108
109
...
»

Summary of Contents for ZEQUO 2200

Page 1: ...chasing our product This manual provides important information about safe and proper operations of this Switching Hub Please read Important Safety Instructions on pages 6 to 8 before use Under all circumstances customer disassembling of this Switching Hub voids the warranty ...

Page 2: ...2 The target model for this Operating Instruction is as follows Model name Model number Firmware version ZEQUO 2200 PN26241 ID 1 0 0 20 PN26241 TH PN26241 MY PN26241 SG ...

Page 3: ...3 ...

Page 4: ...lay Commands 170 21 DNS Resolver Commands 176 22 Energy Efficient Ethernet EEE Commands 184 23 FDB Commands 186 24 File System Management Commands 197 25 Filter Commands 209 26 Gratuitous ARP Commands 216 27 IGMP Snooping Commands 223 28 IP Routing Commands 245 29 IP Source Address Verify Commands 250 30 IPv6 NDP Commands 264 31 Jumbo Frame Commands 274 32 LACP Configuration Commands 278 33 Layer ...

Page 5: ... 555 58 Switch Port Commands 563 59 System Severity Commands 569 60 Tech Support Commands 571 61 Time and SNTP Commands 574 62 Traffic Segmentation Commands 582 63 Utility Commands 584 64 Voice VLAN Commands 613 65 VLAN Commands 624 66 VLAN Trunking Commands 642 67 802 1X Commands 647 68 Web based Access Control WAC Commands 681 69 System Log Lists 698 70 Appendix A Specifications 718 71 Appendix ...

Page 6: ...pply other than AC 100 240 V Deviation could lead to fire electric shock and or equipment failure Do not handle the power cord with wet hand Deviation could lead to electric shock and or equipment failure Do not handle this Switching Hub and connection cables during a thunderstorm Deviation could lead to electric shock Do not disassemble and or modify this Switching Hub Deviation could lead to fir...

Page 7: ...d lead to high internal temperature and fire Do not install this Switching Hub at the location with continuous vibration or strong shock or at an unstable location Deviation could lead to injury and or equipment failure Do not install any module other than our optional SFP modules PN54021K PN54023K to SFP exstension slot Deviation could lead to fire electric shock and or equipment fail ure Do not ...

Page 8: ...viation could lead to electric shock malfunction and or equipment failure Connect the power cord firmly to the power port Deviation could lead to electric shock and or malfunction Unplug the power plug if the STATUS LED blinks in orange system fault Deviation such as keeping connected for a long time could lead to fire Handle the Switching Hub carefully so that fingers or hands may not be damaged ...

Page 9: ...ischarge by touching this Switching Hub Do not put a strong shock including dropping to this Switching Hub Deviation could lead to equipment failure Do not store and or use this Switching Hub in the environment with the characteristics listed below Store and or use this Switching Hub in the environment in accordance with the specification High humidity Possible spilled liquid water Dusty Possible ...

Page 10: ...t be caused by failure and or malfunction of this product 2 The contents described in this document may be changed without prior notice The latest version is available on our web site 3 For any questions please contact the shop where you purchased the product Brands and product names in this document are trademarks or registered trademarks of their respective holders ...

Page 11: ...mption to minimum The Energy Efficient Ethernet IEEE802 3az LPI is supported allowing to reduce power consumption at link up ports The auto negotiation function is supported allowing to easily support a heteroge neous environment of 10BASE T 100BASE TX and 1000BASE T The speed and com munication mode can be set at Fixed The Ping command can be used to verify communications The standard MIB MIB II ...

Page 12: ...2 Accessories Please be sure to confirm the contents Please contact your distributor if any of the con tents are insufficient ZEQUO 2200 main unit 1 Installation Guide 1 CD ROM including this Operating Instructions 1 Mounting brackets for 19 inch rack mount 2 Screws for 19 inch rack mount 4 Screws for fixing the main unit and the mounting bracket 8 Rubber foot 4 Dummy SD card 1 Power cord 1 The at...

Page 13: ...kely to be unplugged from the power port Ground terminal Connect the earth terminal screw and grounding surface using the earth wire SD card slot Insert a SD card to change configuration information and change and save firm ware 10BASE T 100BASE TX 1000BASE T port Ports 1 to 28 Connect a 10BASE T 100BASE TX 1000BASE T terminal hub repeater Switching Hub The length of the copper cabling CAT5e or hi...

Page 14: ...x mode Console port Used to connect a VT100 compatible terminal to configure and manage this Switching Hub Transmission mode RS 232C Emulation mode VT100 Transmission speed 9 600 bps Data length 8 bits Stop bit 1 bit Parity control None Flow control None Communication connector RJ45 Use an RJ45 Dsub 9 pin console cable for connection 1 5 LED Behavior 1 5 1 LED Behavior at Starting up When you turn...

Page 15: ...Off Not inserted 10 100 1000BASE T port LED Ports 1 to 28 LED Behavior Description LINK ACT Green Light 1000Mbps link established in full duplex Green Blink Transmitting receiving packets in 1000Mbps full duplex Orange Light 10 100Mbps link established Orange Blink Transmitting receiving packets at 10 100Mbps Off No device connected SFP extension slot LED Ports 25 to 28 LED Behavior Description LI...

Page 16: ...ket to each of the right and left sides of the Switching Hub via four screw holes Then by using four supplied screws for 19 inch rack mount or screws included with the rack firmly mount the Switching Hub in the rack Fig 2 1 Installing in 19 inch Rack The main unit can be placed 20 mm back on the rack by changing the bracket fixing position Fig 2 2 Installing in 19 inch Rack 20 mm backword mounting...

Page 17: ...matically configured to the most appropriate performance mode When a terminal or a device without auto negotiation function is connected to a port this Switching Hub automatically determines and sets the communication speed however the full half duplex configuration is set at half duplex because the full half duplex capability cannot be determined When connecting a terminal or a device without aut...

Page 18: ...nected device and this Switching Hub s RX port to the TX port of the connected device The following SFP modules are optionally available 1000BASE SX SFP module Part number PN54021K 1000BASE LX SFP module Part number PN54023K 3 3 Connecting to Power Connect the supplied power cord to the power port of this Switching Hub and con nect the power plug into an electric outlet The Switching Hub operates ...

Page 19: ... when parameters are omitted Using command autocomplete function and input history Operations when making a typo Syntax rules Available input editing keys and page operation keys 4 1 Accessing the Switching Hub via the Serial Port The Switch s serial port s default settings are as follows 9600 baud no parity 8 data bits 1 stop bit A computer running a terminal emulation program capable of emulatin...

Page 20: ...for the Switching Hub must be set before it can be managed with the Web based manager The Switch IP address can be automatically set using BOOTP or DHCP protocols in which case the actual address assigned to the Switching Hub must be known Starting at the command line prompt enter the commands config ipif System ipaddress xxx xxx xxx xxx yyy yyy yyy yyy Where the x s represent the IP address to be...

Page 21: ... username The CLI will then prompt to enter the username with the message Next possible completions Every command in the CLI has this feature and complex commands have several layers of parameter prompting In addition after typing any given command plus one space users can see all of the next possible sub commands in sequential order by repeatedly pressing the Tab key Zxxx0 admin config ipif Syste...

Page 22: ... parameters or a choice of parameters and brackets indicate required parameters If a command is entered that is unrecognized by the CLI the top level commands will be displayed under the Available commands prompt The top level commands consist of commands such as show or config Most of these commands require one or more parameters to narrow the top level command This is equivalent to show what or ...

Page 23: ...rofile egress_flow_meter environment error fdb filter flow_meter gratuitous_arp gvrp hol_prevention host_name igmp_snooping ip_source_binding ip_verify_source ipif ipif_ipv6_link_local_auto iproute ipv6 ipv6route jumbo_frame l2protocol_tunnel lacp_port limited_multicast_addr link_aggregation lldp lldp_med log log_save_timing log_software_module loopback mac_based_access_control mac_based_access_co...

Page 24: ... username 15 encrypt plain_text sha_1 password users must specify either the admin operator power_user level or user level account when entering the command DO NOT TYPE THE SQUARE BRACKETS vertical bar Separates mutually exclusive items in a list For example in the syntax reset config system force_agree users may choose config or system in the command DO NOT TYPE THE VERTICAL BAR braces Encloses a...

Page 25: ...ogress sequentially forward through the command history list Down Arrow The down arrow will display the next command in the command history entered in the current session This displays each command sequentially as it was entered Use the up arrow to review previous commands Left Arrow Move cursor to left Right Arrow Move cursor to right Tab Help user to select appropriate token Keys Description Spa...

Page 26: ...log files to NV RAM Resetting and rebooting Logging in and logging out create account admin operator power_user user username 15 encrypt plain_text sha_1 password config account username encrypt plain_text sha_1 password show account delete account username show session show switch show environment config temperature trap log state enable disable config temperature threshold high temperature 500 5...

Page 27: ...ator account power_user Specify a power user level account The power user level is lower than the operator level and higher than the user level user Specify the name of the user account username 15 Specify a username of up to 15 characters encrypt Optional Specifies the encryption used plain_text Specify the password in plain text form sha_1Specify the password in SHA 1 encrypted form password The...

Page 28: ... case sensitive new password Enter the new password again for confirmation Success Zxxx0 admin Zxxx0 admin create account operator Sales Command create account operator Sales Enter a case sensitive new password Enter the new password again for confirmation Success Zxxx0 admin Zxxx0 admin create account user System Command create account user System Enter a case sensitive new password Enter the new...

Page 29: ...ryption Parameters None Restrictions Only Administrator level users can issue this command Example To enable password encryption 5 3 disable password encryption Description The user account configuration information will be stored in the configuration file and can be applied to the system later If the password encryption is enabled the password will be in encrypted form when it is stored in the co...

Page 30: ...ands 30 Parameters None Restrictions Only Administrator level users can issue this command Example To disable password encryption Zxxx0 admin disable password encryption Command disable password encryption Success Zxxx0 admin ...

Page 31: ...re the user password of the panasonic account To configure the user password of the administrator account username Specify the name of the account The account must already be defined encrypt Optional Specify the encryption type plain_text or sha_1 plain_text Specify the password in plain text form For the plain text form passwords must have a minimum of 0 and a maximum of 15 characters The passwor...

Page 32: ...ers can issue this command Example To display accounts that have been created Zxxx0 admin config account administrator encrypt sha_1 NWoZK3kTsExUV00Ywo1G5jlUKKv toYg Command config account administrator encrypt sha_1 NWoZK3kTsExUV00Ywo1G5jlUKKv toYg Success Zxxx0 admin Zxxx0 admin show account Command show account Current Accounts Username Access Level System User Sales Operator manager Admin Zxxx...

Page 33: ...s can issue this command One active admin user must exist Example To delete the user account System 5 7 show session Description This command is used to display a list of current users which are logged in to CLI sessions Format show session Parameters None username Specify the name of the user who will be deleted Zxxx0 admin delete account System Command delete account System Success Zxxx0 admin ...

Page 34: ...how switch Description This command is used to display the Switching Hub information Format show switch Parameters None Restrictions None Example To display the Switching Hub information Zxxx0 admin show session Command show session ID Live Time From Level User 8 23 37 42 270 Serial Port admin Anonymous Total Entries 1 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh ...

Page 35: ...Hardware Version xx System Name System Location System Uptime 0 days 0 hours 0 minutes 0 seconds System Contact Spanning Tree Disabled GVRP Disabled IGMP Snooping Disabled MLD Snooping Disabled VLAN Trunk Disabled Telnet Enabled TCP 23 SNMP Disabled SSH Status Disabled 802 1X Disabled Jumbo Frame Off CLI Paging Enabled MAC Notification Disabled Port Mirror Disabled SNTP Disabled HOL Prevention Sta...

Page 36: ...ed to configure the warning trap or log state of the system internal temperature Format config temperature trap log state enable disable Parameters Zxxx0 admin show environment Command show environment Internal Power Active Right Fan Speed Low Current Temperature Celsius 56 High Warning Temperature Threshold Celsius 79 Low Warning Temperature Threshold Celsius 11 CTRL C ESC q Quit SPACE n Next Pag...

Page 37: ...500 500 low temperature 500 500 1 Parameters state Enable or disable either the trap or log state for a warning temperature event The default is enable enable Enable either the trap or log state for a warning temperature event disable Disable either the trap or log state for a warning temperature event Zxxx0 admin config temperature trap state enable Command config temperature trap state enable Su...

Page 38: ...at show serial_port Parameters None Restrictions None Example To display the console port setting low Specify the low threshold value temperature 500 500 Specify the low threshold value This value must be between 500 and 500 Zxxx0 admin config temperature threshold high 80 Command config temperature threshold high 80 Success Zxxx0 admin Zxxx0 admin show serial_port Command show serial_port Baud Ra...

Page 39: ...efault baud rate is 9600 9600 Specify a baud rate of 9600 19200 Specify a baud rate of 19200 38400 Specify a baud rate of 38400 115200 Specify a baud rate of 115200 auto_logout Specify the timeout value The default timeout is 10_minutes never Specify to never timeout 2_minutes Specify when the idle value is over 2 minutes the device will auto logout 5_minutes Specify when the idle value is over 5 ...

Page 40: ...rator level users can issue this command Example Only Administrator and Operator level users can issue this command 5 15 disable clipaging Description This command is used to disable pausing of the screen display when show command output reaches the end of the page The default setting is enabled Format disable clipaging Parameters None Restrictions Only Administrator and Operator level users can i...

Page 41: ...at enable telnet tcp_port_number 1 65535 Parameters Restrictions Only Administrator and Operator level users can issue this command Example To enable Telnet and configure a port number Zxxx0 admin disable clipaging Command disable clipaging Success Zxxx0 admin tcp_port_number 1 65535 Optional Specify the TCP port number TCP ports are numbered between 1 and 65535 The well known TCP port for the Tel...

Page 42: ... 5 18 save Description This command is used to save the current configuration or log in non volatile RAM Format save config pathname log all Parameters Zxxx0 admin disable telnet Command disable telnet Success Zxxx0 admin config Optional Specify to save configuration pathname Specify the path name of the indicated configuration log Optional Specify to save log all Optional Specify to save changes ...

Page 43: ...onfiguration to destination file named 1 To save a log to NV RAM To save all the configurations and logs to NV RAM Zxxx0 admin save Command save Saving all configurations to NV RAM Done Zxxx0 admin Zxxx0 admin save config 1 Command save config 1 Saving all configurations to NV RAM Done Zxxx0 admin Zxxx0 admin save log Command save log Saving all system logs to NV RAM Done Zxxx0 admin Zxxx0 admin s...

Page 44: ...mat reset config system force_agree Parameters force_agree Optional Specify to immediately execute the reboot command without further confirmation Zxxx0 admin reboot Command reboot Are you sure you want to proceed with the system reboot y n Please wait the switch is rebooting config Optional Specify this keyword and all parameters are reset to default settings However the device will neither save ...

Page 45: ...reset all system parameters save and restart the Switching Hub force_agree Optional Specify and the reset command will be executed immediately without further confirmation Zxxx0 admin reset config Command reset config Are you sure to proceed with system reset y n Success Zxxx0 admin Zxxx0 admin reset system Command reset system Are you sure to proceed with system reset save and reboot y n Loading ...

Page 46: ...hing Hub Format login Parameters None Restrictions None Example To login to the Switching Hub 5 22 logout Description This command is used to log out of the Switching Hub Format logout Parameters None Restrictions None Example To logout of the Switching Hub Zxxx0 admin login Command login UserName ...

Page 47: ...ed to clear the terminal screen Format clear Parameters None Restrictions None Example To clear the terminal screan Zxxx0 admin logout Command logout Logout Zxxx0 Gigabit Ethernet Switch Command Line Interface Firmware Build 1 0 x xx UserName Zxxx0 admin clear Command clear ...

Page 48: ...terminal width 5 25 show terminal width Description This command is used to display the configuration of the current terminal width Format show terminal width Parameters None Restrictions None default Specify the default terminal width value value 80 200 Specify a terminal width value between 80 and 200 characters The default value is 80 Zxxx0 admin config terminal width 90 Command config terminal...

Page 49: ...ans work failed such as fan 1 3 there will only display the failed fans in the Left Fan field such as 1 3 Fail In the same way the Right Fan Back Fan is same to Left Fan Because there is only one CPU Fan if it is working failed display Fail otherwise display OK Format show device_status Parameters None Restrictions None Example To show device status Zxxx0 admin show terminal width Command show ter...

Page 50: ... Hub To use the Access Control function you need to create an Access Control List ACL which defines filtering targets conditions and actions and configure target ports and VLANs Figure 6 1 Access Control overview Access List Profile This Switching Hub allows you to create an ACL named as access list profile with IDs 1 to 6 In a profile you can configure filtering targets from the following various...

Page 51: ... settings refer to the sections in 75 Time and SNTP Commands Applicable actions The following actions can be applied to packets that match the rules Permit Start transferring IEEE 802 1p priority DSCP and output packet IP priority can also be changed Deny Discard without transmitting Mirror Copy packets and transfer them to a mirroring port set separately For the mirroring settings refer to the se...

Page 52: ...x 0x0 0xffff protocol_id value 0 255 user_define hex 0x0 0xffffffff mask hex 0x0 0xffffffff 1 packet_content offset_chunk_1 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_2 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_3 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_4 hex 0x0 0xffffffff mask hex 0x0 0xffffffff 1 ipv6 class value 0 255 flowlabel hex 0x0 0xfffff source_i...

Page 53: ...fff dst_port_mask hex 0x0 0xffff protocol_id_mask hex 0x0 0xff user_define_mask hex 0x0 0xffffffff 1 packet_content_mask offset_chunk_1 value 0 31 hex 0x0 0xffffffff offset_chunk_2 value 0 31 hex 0x0 0xffffffff offset_chunk_3 value 0 31 hex 0x0 0xffffffff offset_chunk_4 value 0 31 hex 0x0 0xffffffff 1 ipv6 class flowlabel source_ipv6_mask ipv6mask destination_ipv6_mask ipv6mask tcp src_port_mask h...

Page 54: ...be considered hex 0x0 0x0fff Optional Specify a VLAN mask source_mac Specify the source MAC mask macmask 000000000000 ffffffffffff Specify the source MAC mask destination_mac Specify the destination MAC mask macmask 000000000000 ffffffffffff Specify the destination MAC mask 802 1p Speciy the 802 1p priority tag mask ethernet_type Specify the Ethernet type ...

Page 55: ...t_mask Optional Specify the TCP destination port mask hex 0x0 0xffff Specify the TCP destination port mask flag_mask Optional Specify the TCP flag field mask all Specify to check all paramenters below urg Optional Specify Urgent Pointer field significant ack Optional Specify Acknowledgment field significant psh Optional Specify Push Function rst Optional Specify to reset the connection syn Optiona...

Page 56: ... that allows users to examine the specified offset_chunks within a packet at one time and specifies the frame value 0 31 Enter the offset chunk 2 value here This value must be between 0 and 31 hex 0x0 0xffffffff Enter the offset chunk 2 mask value here offset_chunk_3 Specifies the offset chunk 3 that allows users to examine the specified offset_chunks within a packet at one time and specifies the ...

Page 57: ...that the rule applies to TCP traffic src_port_mask Optional Specify the TCP source port mask hex 0x0 0xffff Specify the TCP source port mask dst_port_mask Optional Specify the TCP destination port mask hex 0x0 0xffff Specify the TCP destination port mask udp Specify that the rule applies to UDP traffic src_port_mask Optional Specify the TCP source port mask hex 0x0 0xffff Specify the TCP source po...

Page 58: ...id 1 profile_name 1 ethernet vlan source_mac FF FF FF FF FF FF destination_mac 00 00 00 FF FF FF 802 1p ethernet_type Success Zxxx0 admin Zxxx0 admin create access_profile profile_id 2 profile_name 2 ip vlan source_ip_mask 255 255 255 255 destination_ip_mask 255 255 255 0 dscp icmp Command create access_profile profile_id 2 profile_name 2 ip vlan source_ip_mask 255 255 255 255 destination_ip_mask ...

Page 59: ...0xffff protocol_id value 0 255 user_define hex 0x0 0xffffffff mask hex 0x0 0xffffffff 1 packet_content offset_chunk_1 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_2 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_3 hex 0x0 0xffffffff mask hex 0x0 0xffffffff offset_chunk_4 hex 0x0 0xffffffff mask hex 0x0 0xffffffff 1 ipv6 class value 0 255 flowlabel hex 0x0 0xfffff source_ipv6 ip...

Page 60: ...e VLAN name vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanidSpecify the VLAN ID vlanid 1 4094 Specify the VLAN ID between 1 and 4094 mask Optional Specify the mask hex 0x0 0x0fff Specify the mask source_mac Specify the source MAC address macaddr Specify the source MAC address mask Optional Specify the mask macmask Specify the mask destination_mac Specify the destinatio...

Page 61: ...pecify an IP destination address ipaddr Specify an IP destination address mask Optional Specify the mask netmask Specify the mask dscp Specify the value of DSCP value 0 63 Specify the value of DSCP The DSCP value ranges from 0 to 63 icmp Specify the ICMP type Optional Specify that the rule will apply to the ICMP Type traffic value value 0 255 Specify the value between 0 and 255 code Optional Speci...

Page 62: ... to synchronize sequence numbers fin Optional No more data from sender udp Specify UDP src_port Optional Specify the UDP source port range value 0 65535 Specify the value between 0 and 65535 mask Optional Specify the mask hex 0x0 0xffff Specify the mask dst_port Optional Specify the UDP destination port range value 0 65535 Specify the value between 0 and 65535 mask Optional Specify the mask hex 0x...

Page 63: ...itored here mask Specifies an additional mask for each field hex 0x0 0xffffffff Enter the additional mask value used here offset_chunk_4 Specifies the contents of the offset trunk 4 to be monitored hex 0x0 0xffffffff Enter the contents of the offset trunk 4 to be monitored here mask Specifies an additional mask for each field hex 0x0 0xffffffff Enter the additional mask value used here ipv6 Specif...

Page 64: ...tination port range value 0 65535 Specify the value between 0 and 65535 mask Specify the mask hex 0x0 0xffff Specify the mask icmp Specifies that the rule applies to the value of ICMP traffic type Specifies that the rule applies to the value of ICMP type traffic value 0 255 Enter the ICMP type value used here This value must be between 0 and 255 code Specifies that the rule applies to the value of...

Page 65: ...n 0 and 63 replace_tos_precedence_with Optional Specify that the IP precedence of the outgoing packet is changed with the new value If used without an action priority the packet is sent to the default TC value 0 7 Specify the value between 0 and 7 counter Optional Specifies whether the ACL counter feature will be enabled or disabled enable Specify whether the ACL counter feature is enabled If the ...

Page 66: ...ctions None Zxxx0 admin config access_profile profile_id 1 add access_id 1 ip vlan default source_ip 20 2 2 3 destination_ip 10 1 1 252 dscp 3 icmp port 1 permit Command config access_profile profile_id 1 add access_id 1 ip vlan default source_ip 20 2 2 3 destination_ip 10 1 1 252 dscp 3 icmp port 1 permit Success Zxxx0 admin profile_id Optional Specify the index of the access list profile value 1...

Page 67: ...MAC FF FF FF FF FF 00 802 1p Available HW Entries 254 Rule ID 1 Ports 1 10 Match on VLAN ID 2 Mask 0xFFF Source MAC 00 01 02 03 04 00 Action Permit Replaced Priority to 2 Replace DSCP to 33 Matched Count 0 packets Rule ID 256 auto assign Ports Match on VLAN ID 8 Source MAC 00 01 02 03 04 00 802 1p Action Deny Profile ID 3 Profile Name 3 Type IPv4 Mask on Source IP 255 255 255 0 TCP Source Port 0x0...

Page 68: ...able hardware entries in the device Profile ID 2 Profile Name IMPBv4 Mask Source MAC FF FF FF FF FF FF Source IP 255 255 255 255 Consumed HW Entries 2 Rule ID 1 Ports 1 Match on Source MAC 00 05 04 03 02 01 Mask FF FF FF FF FF FF Source Ip 10 10 10 1 Mask 255 255 255 255 Action Permit Rule ID 2 Ports 1 Match on Any Action Deny Profile ID 3 Profile Name VLAN Counter Consumed HW Entries 9 Profile ID...

Page 69: ...hernet Mask on VLAN 0xF Source MAC FF FF FF 00 00 00 Destination MAC 00 00 00 FF FF FF Available HW Entries 255 Rule ID 22 Ports 1 7 Match on VLAN ID 8 Mask 0xFFF Source MAC 00 01 02 03 04 05 Mask FF FF FF FF FF FF Destination MAC 00 05 04 03 02 00 Mask FF FF FF FF FF 00 Action Deny Zxxx0 admin Zxxx0 admin show access_profile profile_id 5 Command show access_profile profile_id 5 Access Profile Tab...

Page 70: ...nd Power User level users can issue this command range_name 32 Specify the name of the time range settings hours start_time Specify the starting time in a day 24 hr time For example 19 00 means 7PM 19 is also acceptable The start_time must be smaller than the end_time hh mm ss Specify the time end_time Specify the ending time in a day 24 hr time hh mm ss Specify the time weekdays Specify the list ...

Page 71: ... Restrictions None Example To display current time range setting Zxxx0 admin config time_range testdaily hours start_time 12 0 0 end_time 13 0 0 weekdays mon fri Command config time_range testdaily hours start_time 12 0 0 end_time 13 0 0 weekdays mon fri Success Zxxx0 admin Zxxx0 admin show time_range Command show time_range Time Range Information Range Name testdaily Weekdays Mon Fri Start Time 1...

Page 72: ...vileges Format show current_config access_profile Parameters None Restrictions None Example To display the ACL part of the current configuration Zxxx0 admin show current_config access_profile Command show current_config access_profile ACL create access_profile Ethernet vlan profile_id 1 config access_profile profile_id 1 add access_id 1 ethernet vlan default port 1 permit create access_profile ip ...

Page 73: ...d the red color packet will be treated as the violating action The replace DSCP action can be performed on packets that conform GREEN and packets that do not conform YELLOW and RED If drop YELLOW RED is selected the action to replace the DSCP will not take effect The color mapping for both single rate three color and two rate three color mode follow RFC 2697 and RFC 2698 in the color blind situati...

Page 74: ...wing drop_packet Drop the packet immediately remark_dscp Mark the packet with a specified DSCP The packet is set to drop for packets with a high precedence value 0 63 Specify the value between 0 and 63 tr_tcm Specify the two rate three color mode cir Specify the Committed Information Rate The unit is Kbps CIR should always be equal or less than PIR value 0 1048576 Specify the value between 0 and 1...

Page 75: ...yellow flow replace_dscp Specifies to change the DSCP of the packet value 0 63 Enter the replacement DSCP of the packet here This value must be between 0 and 63 drop Enter this parameter to drop packets that are in the yellow flow counter Optional Use this parameter to enable or disable the packet counter for the specified ACL entry in the green flow enable Enable the packet counter for the specif...

Page 76: ...ritten using this parameter and entering the DSCP value to replace value 0 63 Specify the value between 0 and 63 counter Optional Use this parameter to enable or disable the packet counter for the specified ACL entry in the green flow enable Enable the packet counter for the specified ACL entry in the green flow disable Disable the packet counter for the specified ACL entry in the green flow excee...

Page 77: ...are in the red flow counter Optional Use this parameter to enable or disable the packet counter for the specified ACL entry in the green flow enable Enable the packet counter for the specified ACL entry in the green flow disable Disable the packet counter for the specified ACL entry in the green flow deleteUse this parameter to delete the specified flow meter Zxxx0 admin config flow_meter profile_...

Page 78: ... 1 and 6 profile_name Optional Specify the name of the profile name 1 32 Specify the name of the profile The maximum length is 32 characters access_id Optional Specify the access ID value 1 256 Specify the access ID Enter a value between 1 and 256 Zxxx0 admin show flow_meter Command show flow_meter Flow Meter Information Profile ID 1 Aceess ID 1 Mode trTCM ColorBlind CIR Kbps 1000 CBS Kbyte 200 PI...

Page 79: ...e removed after a specified time aging time without any access while static entries are retained until they are intentionally removed 7 1 create arpentry Description This command is used to enter an IP address and the corresponding MAC address into the Switching Hub s ARP table Format create arpentry ipaddr macaddr Parameters create arpentry ipaddr macaddr delete arpentry ipaddr all config arpentr...

Page 80: ...letes the Switching Hub s ARP table Format delete arpentry ipaddr all Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete an entry of IP address 10 48 74 121 from the ARP table macaddr The MAC address corresponding to the IP address above Zxxx0 admin create arpentry 10 48 74 121 00 50 BA 00 07 36 Command create arpentry 10 48 74 1...

Page 81: ...dress 10 48 74 121 and MAC address 00 50 BA 00 07 36 7 4 config arp_aging time Description This command is used to set the maximum amount of time in minutes that an ARP entry can remain in the Switching Hub s ARP table without being accessed before it is dropped from the table Format config arp_aging time min 0 65535 ipaddr The IP address of the end node or station macaddr The MAC address correspo...

Page 82: ...ands 82 Parameters Restrictions Only Administrator Operator and Power User level users can issue this command min 0 65535 The ARP age out time in minutes The default is 20 minutes The range is 0 to 65535 minutes ...

Page 83: ...ll ARP entries will be displayed Restrictions None Zxxx0 admin config arp_aging time 30 Command config arp_aging time 30 Success Zxxx0 admin ipif The name of the IP interface the end node or station for which the ARP table entry was made resides on ipif_name 12 Specify the IP interface name The maximum length is 12 characters ipaddress The IP address of the end node or station ipaddr Specify the I...

Page 84: ...tor and Power User level users can issue this command Example To remove the dynamic entries from the ARP table Zxxx0 admin show arpentry Command show arpentry ARP Aging Time 20 Interface IP Address MAC Address Type System 10 0 0 0 FF FF FF FF FF FF Local Broadcast System 10 90 90 90 00 01 02 03 04 00 Local System 10 255 255 255 FF FF FF FF FF FF Local Broadcast Total Entries 3 Zxxx0 admin Zxxx0 ad...

Page 85: ...the Switch ip_address Optional Specifies the IP address of the forwarding table ipaddr Enter the IP address to be displayed interface Optional Specifies the interface name of the forwarding table ipif_name 12 Enter the interface name here This name can be up to 12 characters long port Optional Specifies the port to be displayed port Enter the port number to be displayed Zxxx0 admin show ipfdb Comm...

Page 86: ...7 ARP Commands 86 ...

Page 87: ...while blocking communications between VLANs It assigns a specific port to multiple VLANs This is used when tagged VLANs are not available Figure 8 1 Asymmetric VLAN overview In the above example communications between VLAN2 and VLAN3 except for the server are blocked but VLAN2 and VLAN3 terminals can access the server enable asymmetric_vlan disable asymmetric_vlan show asymmetric_vlan ...

Page 88: ... and Power User level users can issue this command Example To enable asymmetric VLAN setting 8 2 disable asymmetric_vlan Description This command is used to disable the asymmetric VLAN function Format disable asymmetric_vlan Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Zxxx0 admin enable asymmetric_vlan Command enable asymmetric_vlan Su...

Page 89: ...used to display the asymmetric VLAN function Format show asymmetric_vlan Parameters None Restrictions None Example To display asymmetric VLAN Zxxx0 admin disable asymmetric_vlan Command disable asymmetric_vlan Success Zxxx0 admin Zxxx0 admin show asymmetric_vlan Command show asymmetric_vlan Asymmetric Vlan Disabled Zxxx0 admin ...

Page 90: ...ot via BOOTP parameters 9 1 show autoconfig Description This command is used to display the status of automatically getting configuration from a TFTP server Format show autoconfig Parameters None Restrictions None Example To display the DHCP auto configuration status show autoconfig enable autoconfig disable autoconfig Zxxx0 admin show autoconfig Command show autoconfig Autoconfig State Disabled Z...

Page 91: ...P server IP address and configuration file name information first Format enable autoconfig Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable DHCP auto configuration status 9 3 disable autoconfig Description This command is used to disable automatically to get configuration from a TFTP server Format disable autoconfig Parameters None Z...

Page 92: ...Commands 92 Restrictions Only Administrator and Operator level users can issue this command Example To disable the DHCP auto configuration status Zxxx0 admin disable autoconfig Command disable autoconfig Success Zxxx0 admin ...

Page 93: ...9 Auto Configuration Commands 93 ...

Page 94: ...IP Setup Interface Our free application ZEQUO assist provides an easy to use user interface to change the IP address config ipif ipif_name 12 ipaddress network_address vlan vlan_name32 state enable disable bootp dhcp ipv6 ipv6address ipv6networkaddr state enable disable ipv4 state enable disable ip_directed_broadcast enable disable dhcpv6_client enable disable delete ipif ipif_name 12 ipv6address ...

Page 95: ...12 Enter the name of the IP interface used here This name can be up to 12 characters long The default interface is System ipaddress Optional The IP address and netmask of the IP interface to be created network_address Specify the address and mask information using the traditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 vlan Optional The name of the VLAN corresponding to ...

Page 96: ...nable the DHCPv6 client disable Disable the DHCPv6 client ipv4 state The state of the IPv4 interface enable Enable the IPv4 state of the IP interface disable Disable the IPv4 state of the IP interface ip_directed_broadcast Specifies the IP directed broadcast state of the interface enable Specifies that the IP directed broadcast state of the interface will be enabled disable Specifies that the IP d...

Page 97: ...6 processing will be started when an IPv6 address is explicitly configured on the IPIF Format enable ipif ipif_name 12 all Parameters Restrictions Only Administrator Operator and Power User level users can issue this command ipif_name 12 The name of the interface ipv6address The IPv6 network address to be deleted ipv6networkaddr The IPv6 network address to be deleted Zxxx0 admin delete ipif System...

Page 98: ..._name 12 all Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the state for an interface Zxxx0 admin enable ipif System Command enable ipif System Success Zxxx0 admin ipif_name 12 The name of the interface all All of the IP interfaces Zxxx0 admin disable ipif System Command disable ipif System Success Zxxx0 admin ...

Page 99: ...ons None Example To display IP interface settings ipif_name 12 Optional The name of the interface Zxxx0 admin show ipif Command show ipif IP Interface System VLAN Name default Interface Admin State Enabled IPv4 Address 10 90 90 90 8 Manual Primary IP Directed Broadcast Disabled IPv4 State Enabled IPv6 State Enabled IP MTU 1500 Total Entries 1 Zxxx0 admin ...

Page 100: ...ration the link local address will be automatically configured and IPv6 processing will be started Format enable ipif_ipv6_link_local_auto ipif_name 12 Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the automatic configuration of link local address for an interface 10 7 disable ipif_ipv6_link_local_auto Description This comma...

Page 101: ...f_ipv6_link_local_auto ipif_name 12 Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To display the link local address automatic configuration state ipif_name 12 The name of the interface Zxxx0 admin disable ipif_ipv6_link_local_auto System Command disable ipif_ipv6_link_local_auto System Success Zxxx0 admin ipif_name 12 Optional The nam...

Page 102: ...figure each IP address For security reason the IP address setting is allowed for 20 minutes from boot up except factory default setting Format enable ip_setup_interface Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the IP setup interface function 10 10 disable ip_setup_interface Description This command is used to disab...

Page 103: ...face Description This command is used to display the IP setup interface status Format show ip_setup_interface Parameters None Restrictions None Example To display the IP setup interface status Zxxx0 admin disable ip_setup_interface Command disable ip_setup_interface Success Zxxx0 admin Zxxx0 admin show ip_setup_interface Command show ip_setup_interface IP Setup Interface Enabled Zxxx0 admin ...

Page 104: ...set by command config configuration pathname boot_up 3 Actual Bootup Firmware Configuration is shown the current actual boot up firmware and configuration 4 If don t input pathname for save command the configuration will be saved to the 2nd Bootup Configuration path and if this path is not exist the save command will be fail and print prompt message Format show boot_file Parameters None Restrictio...

Page 105: ...Firmware Configuration will not be changed until using command to configure it That means it will not clear the 2nd Bootup Firmware Configuration pathname when it is saved in SD card even though the SD card is pushed out or insert SD card no this boot file or system is rebooted 4 For 2nd Bootup Firmware or 2nd Bootup Configuration the factory default boot up file should be c runtime rom c config c...

Page 106: ...11 Bootup Function Commands 106 Restrictions Only Administrator Operator and Power User level users can issue this command Example None ...

Page 107: ...ting down ports when receiving unexpected BPDU packets Figure 12 1 BPDU Attack Protection overview The commands are used to configure the Switching Hub to send SNMP trap notification or log when packets are discarded or ports are shut down because of the protection function You can also configure to recover the state automatically after a specified time or manually by a network administrator confi...

Page 108: ...o set all ports in the system state Specify the BPDU protection state The default state is disabled enable Enable the BPDU protection state disable Disable the BPDU protection state mode Specify the BPDU protection mode The default mode is shutdown drop Specify to drop all received BPDU packets when the port enters the under attack state block Specify to drop all packets include BPDU and normal pa...

Page 109: ...g bpdu_protection recovery_timer sec 60 1000000 infinite Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the BPDU protection recovery timer to 120 seconds for the entire Switching Hub sec 60 1000000 Specify the timer in seconds used by the Auto recovery mechanism to recover the port The valid range is 60 to 1000000 Auto rec...

Page 110: ...tion Description This command is used to enable BPDU protection globally for the entire Switching Hub Format enable bpdu_protection Parameters None trap Specify the trap state log Specify the log state none Specify neither attack_detected nor attack_cleared is trapped or logged attack_detected Specify events will be logged or trapped when the BPDU attacks is detected attack_cleared Specify events ...

Page 111: ...n This command is used to disable BPDU protection globally for the entire Switching Hub Format disable bpdu_protection Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable BPDU protection Zxxx0 admin enable bpdu_protection Command enable bpdu_protection Success Zxxx0 admin Zxxx0 admin disable bpdu_protection Command disable b...

Page 112: ...tatus for ports 1 to 3 ports Optional Specify all ports to be displayed portlist Optional Specify a range of ports to be displayed Zxxx0 admin show bpdu_protection Command show bpdu_protection BPDU Protection Global Settings BPDU Protection Status Disabled BPDU Protection Recover Time 60 seconds BPDU Protection Trap State None BPDU Protection Log State Both Zxxx0 admin Zxxx0 admin show bpdu_protec...

Page 113: ... Crosstalk means that the cable in the error pair has a crosstalk problem at the specified position For Fast Ethernet ports Where the link partner is powered on with no errors and the link is up this command cannot detect the cable length Where the link partner is powered on with errors this command can detect whether the error is open short or crosstalk In this case this command can also detect t...

Page 114: ...nd can detect the cable length When there is no link partner with errors this command can detect whether the error is open short or crosstalk In this case this command can also detect the distance of the error The Cable length range that can be detected is as follows Smaller than 50m 50m Between 50m and 80m 50m 80m Between 80m and 100m 80m 100m Greate than 100m 100m The cable length deviation valu...

Page 115: ...own 1 5 1000BASE T Link Down Unknown 1 6 1000BASE T Link Down Pair 1 Crosstalk at 30M Pair 2 Crosstalk at 30M Pair 3 OK at 110M Pair 4 OK at 110M 1 7 1000BASE T Link Down NO Cable 1 8 1000BASE T Link Down Pair 1 Open at 16M Pair 2 Open at 16M Pair 3 OK at 50M Pair 4 OK at 50M 1 9 1000BASE T Link Down Pair 1 Short at 5M Pair 2 Short at 5M Pair 3 OK at 110M Pair 4 OK at 110M 1 10 1000BASE T Link Dow...

Page 116: ...nds stored in the history is 25 You can set it between 1 and 40 14 1 Description This command is used to display all of the commands available on the current login account level through the Command Line Interface CLI Format Command Parameters If no command is specified the system will display all commands of the corresponding user level Restrictions None Example To display all commands Command sho...

Page 117: ...nding_entry ports clear arptable clear attack_log clear counters clear dhcp binding clear dhcp conflict_ip clear fdb clear historical_counters ports clear igmp_snooping data_driven_group clear igmp_snooping statistic counter clear log clear mac_based_access_control auth_state CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All Zxxx0 admin config account Command config account Command config...

Page 118: ...nd show command_history show traffic_segmentation 1 6 config traffic_segmentation 1 6 forward_list 7 8 config radius delete 1 config radius add 1 10 48 74 121 key manager default config 802 1x reauth port_based ports all config 802 1x init port_based ports all config 802 1x auth_mode port_based config 802 1x auth_parameter ports 1 50 direction both config 802 1x capability ports 1 5 authenticator ...

Page 119: ...nd List History Commands 119 To configure the number of commands the Switching Hub can record to the last 20 commands Zxxx0 admin config command_history 20 Command config command_history 20 Success Zxxx0 admin ...

Page 120: ...ing function When the Switching Hub is under the booting procedure and the procedure of downloading the configuration to execute immediately all configuration commands should not be logged When the user is under AAA authentication the user name should not changed if user uses enable admin command to replace its privilege Format enable command logging Parameters None Restrictions Only Administrator...

Page 121: ...s Only Administrator level users can issue this command Example To disable the command logging 15 3 show command logging Description This command displays the Switching Hub s general command logging configuration status Format show command logging Zxxx0 admin enable command logging Command enable command logging Success Zxxx0 admin Zxxx0 admin disable command logging Command disable command loggin...

Page 122: ... None Restrictions Only Administrator and Operator level users can issue this command Example To show the command logging configuration status Zxxx0 admin show command logging Command show command logging Command Logging State Disabled Zxxx0 admin ...

Page 123: ...st all auth_mode port_based host_based vlanid vid_list state enable disable 1 config authentication ports portlist all auth_mode port_based host_based vlanid vidlist state enable disable 1 config authentication mac_format case lowercase uppercase delimiter hyphen colon dot none number 1 2 5 1 1 show authentication ports portlist enable authorization network attributes disable authorization network...

Page 124: ...hentication VLAN s only for WAC vlanid Optional Specific authentication VLAN s This is useful when different VLANs on the Switch have different authentication requirements vidlist Enter the VLAN ID list here state Optional Specify the VID list s authentication state enable Assign the specified VID list as authentication VLAN s disable Remove the specified VID list from authentication VLAN s If vla...

Page 125: ...uppercase Use uppercase letters e g AABBCCDDEEFF delimiter Optional Specify whether to use delimiter and number of delimiters for MAC address hyphen Optional Use when specifying MAC address e g aa bb cc dd ee ff colon Optional Use when specifying MAC address e g aa bb cc dd ee ff dot Optional Use when specifying MAC address e g aa bb cc dd ee ff none Optional Do not use any delimiter when specifyi...

Page 126: ...and List 126 16 3 show authentication ports Description This command is used to display authentication setting on port s Format show authentication ports portlist Parameters Restrictions None portlist Enter a list of ports to be displayed ...

Page 127: ...uthentication ports Command show authentication ports Port Auth Mode Authentication VLAN s 1 Host based 2 Host based 3 Host based 4 Host based 5 Host based 6 Host based 7 Host based 8 Host based 9 Host based 10 Host based 11 Host based 12 Host based 13 Host based 14 Host based 15 Host based 16 Host based 17 Host based 18 Host based 19 Host based 20 Host based 21 Host based 22 Host based 23 Host ba...

Page 128: ...command is used to disable authorization Format disable authorization attributes Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example This example sets authorization global state disabled Zxxx0 admin enable authorization attributes Command enable authorization attributes Success Zxxx0 admin Zxxx0 admin disable authorization attributes C...

Page 129: ... 16 7 config authentication server failover Description This command is used to configure authentication server failover function Format config authentication server failover local permit block Parameters Zxxx0 admin show authorization Command show authorization Authorization for Attributes Disabled Zxxx0 admin local Use local DB to authenticate the client permit The client is always regarded as a...

Page 130: ...cription This command is used to display authentication global configuration Format show authentication Parameters None Restrictions None Example To show authentication global configuration Zxxx0 admin config authentication server failover local Command config authentication server failover local Success Zxxx0 admin Zxxx0 admin show authentication Command show authentication Authentication Server ...

Page 131: ...o display the authentication MAC format settings Format show authentication mac_format Parameters None Restrictions None Example To display the authentication MAC format settings Zxxx0 admin show authentication mac_format Command show authentication mac_format Case Uppercase Delimiter None Delimiter Number 5 Zxxx0 admin ...

Page 132: ...age low_alarm voltage high_warning voltage low_warning voltage bias_current_threshold high_alarm milliampere low_alarm milliampere high_warning milliampere low_warning milliampere tx_power_threshold high_alarm mw_or_dbm low_alarm mw_or_dbm high_warning mw_or_dbm low_warning mw_or_dbm rx_power_threshold high_alarm mw_or_dbm low_alarm mw_or_dbm high_warning mw_or_dbm low_warning mw_or_dbm state enab...

Page 133: ...7 996 degrees Celsius high_warning degrees Specifies the high threshold value for temperature warning When the operating parameter rises above this value the action associated with the warning is taken The range of this parameter is from 128 to 127 996 degrees Celsius low_warning degrees Specifies the low threshold value for temperature warning When the operating parameter falls below this value t...

Page 134: ...high threshold for the voltage alarm When the operating parameter rises above this value the action associated with the alarm is taken The range of this parameter is from 0 to 6 5535 voltages low_alarm voltage Specifies the low threshold for the voltage alarm When the operating parameter falls below this value the action associated with the alarm is taken The range of this parameter is from 0 to 6...

Page 135: ... number and applied to the configuration database The default precision of a floating point number is 6 digits For example input 12 3456 will get a float value 12 3456 input 12 3456789 will get a float value 12 3457 Restrictions Administrators and operators Example To configure the port 21 s voltage threshold Zxxx0 admin config ddm ports 21 voltage_threshold high_alarm 4 25 low_alarm 2 5 high_warn...

Page 136: ... of the optic module s bias current high_alarm milliampere Specifies the high threshold for the bias current alarm When the operating parameter rises above this value the action associated with the alarm is taken The range of this parameter is from 0 to 131mA low_alarm milliampere Specifies the low threshold for the bias current alarm When the operating parameter falls below this value the action ...

Page 137: ...This command is used to configure the thresholds of the output power of the specified ports The command configures the bias current thresholds of the specified ports The precision of the effective threshold is dependent on the hardware Format config ddm ports portlist all tx_power_threshold high_alarm milliwatts low_alarm milliwatts high_warning milliwatts low_warning milliwatts 1 Parameters Zxxx0...

Page 138: ...e of this parameter is from 0 to 6 5535mW If the unit is dBm the range of this parameter is form 40 to 8 1647dBm low_alarm mw_or_dbm Specifies the low threshold for the transmit power alarm When the operating parameter falls below this value the action associated with the alarm is taken If the unit is mW the range of this parameter is from 0 to 6 5535mW If the unit is dBm the range of this paramet...

Page 139: ...xx0 admin config ddm ports 21 tx_power_threshold high_alarm 0 625 low_alarm 0 006 high_warning 0 55 low_warning 0 008 Command config ddm ports 21 tx_power_threshold high_alarm 0 625 low_alarm 0 006 high_warning 0 55 low_warning 0 008 Success Zxxx0 admin ...

Page 140: ...power high_alarm mw_or_dbm Specifies the high threshold for the transmit power alarm When the operating parameter rises above this value the action associated with alarm is taken If the unit is mW the range of this parameter is from 0 to 6 5535mW If the unit is dBm the range of this parameter is form 40 to 8 1647dBm low_alarm mw_or_dbm Specifies the low threshold for the transmit power alarm When ...

Page 141: ... input 12 3456789 will get a float value 12 3457 Restrictions Administrators and operators Example To configure the port 21 s transmit power threshold low_warning mw_or_dbm Specifies the low threshold for the transmit power warning When the operating parameter falls below this value the action associated with the warning is taken If the unit is mW the range of this parameter is from 0 to 6 5535mW ...

Page 142: ...ts are not optic ports or the ports are link down all thresholds configuration will be clear Format config ddm ports portlist all reload_threshold Parameters Restrictions Administrators and operators Example To reload port 21 s threshold configuration ports portlist Specifies a range of ports to be configured The portlist format UnitID port number all If all parameter is chosen all optic ports ope...

Page 143: ... shutdown action is none by default Restrictions Administrators and operators Example To configure port 21 s actions associate with the alarm ports portlist Specifies a range of ports to be configured The portlist format UnitID port number all If all parameter is chosen all optic ports operating parameters will be configured state Specifies the DDM state to enabled or disabled If the state is disa...

Page 144: ... config ddm log enable disable Parameters Restrictions Administrators and operators Example To configure DDM log state to enable Zxxx0 admin config ddm ports 11 state enable shutdown alarm Command config ddm ports 11 state enable shutdown alarm Success Zxxx0 admin log Specifies whether to send a log when the operating parameter exceeds the corresponding threshold The DDM log is enabled by default ...

Page 145: ...ering an exceeding alarm or warning thresholds event Format config ddm trap enable disable Parameters Restrictions Only Administrator and Operator level users can issue this command Example To configure DDM trap state to enabled trap Specifies whether to send traps when the operating parameter exceeds the corresponding threshold The DDM trap is disabled by default Zxxx0 admin config ddm trap enabl...

Page 146: ...power Format config ddm power_unit mw dbm Parameters Restrictions Administrators and operators Example To configure the unit of DDM TX RX power power_unit Specifies the unit of DDM TX RX power If the unit has been set the display message and configure value of TX RX power use the same unit The default unit is mW Zxxx0 admin config ddm power_unit dbm Command config ddm power_unit dbm Success Zxxx0 ...

Page 147: ...ctions Only Administrator and Operator level users can issue this command Example To show port 21 23 s operating parameters ports portlist Specifies a range of ports to be displayed If the port parameter is not specified all optic ports operating parameters will be displayed Zxxx0 admin show ddm ports 21 23 status Command show ddm ports 21 23 status Port Temperature Voltage Bias Current TX Power R...

Page 148: ... Format show ddm ports portlist configuration Parameters Restrictions None Example To show port 21 s configuration ports portlist Specifies a range of ports to be displayed If the port parameter is not specified all optic ports operating parameters will be displayed Zxxx0 admin show ddm ports 21 configuration Command show ddm ports 21 configuration Port 21 DDM State Enabled Shutdown Alarm Threshol...

Page 149: ...escription This command is used to display the DDM global settings Format show ddm Parameters None Restrictions None Example To display the DDM global settings Zxxx0 admin show ddm Command show ddm DDM Log Enabled DDM Trap Enabled DDM TX RX Power Unit dBm Zxxx0 admin ...

Page 150: ... upload_toTFTP ipaddr path_filename 64 debug output module module_list all buffer console debug config error_reboot enable disable debug config state enable disable debug show error_reboot state debug stp clear counter ports portlist all debug stp config ports portlist all event bpdu state_machine all state disable brief detail debug stp show counter ports portlist all debug stp show flag ports po...

Page 151: ...dministrator level users can issue this command Example To dump the error log dump Display the debug message of the debug log clear Clear the debug log upload_toTFTP Upload the debug log to a TFTP server specified by IP address ipaddr Specifies the IPv4 address of the TFTP server path_filename 64 The pathname specifies the DOS pathname on the TFTP server It can be a relative pathname or an absolut...

Page 152: ... 4 00000000 a1 5 4825B4A8 a2 6 00000001 a3 7 00000001 t0 8 814D7FCC t1 9 0000FC00 t2 10 828100C4 t3 11 00000017 t4 12 828100BC t5 13 4CFEA430 t6 14 82810048 t7 15 00000000 s0 16 4825D94A s1 17 4825D890 s2 18 4825D949 s3 19 4825D946 s4 20 00000000 s5 21 00000008 s6 22 81800000 s7 23 00090000 t8 24 00000000 t9 25 FFFFFFC0 k0 26 00000000 k1 27 00000000 gp 28 8180ADA0 sp 29 4CFEA7A0 fp 30 00000001 ra ...

Page 153: ...the command debug buffer clear to release the system s memory pool resources manually first Format debug buffer utilization dump clear upload_toTFTP ipaddr path_filename 64 Parameters Restrictions Only Administrator level users can issue this command Example To show the debug buffer s state utilization Display the debug buffer s state dump Display the debug message in the debug buffer clear Clear ...

Page 154: ...mory pool resource may fail to execute command such as download and upload firmware or save configuration If you want to execute these commands successfully please use the command debug buffer clear to release the system s memory pool resources manually first Format debug output module module_list all buffer console Zxxx0 admin debug buffer utilization Command debug buffer utilization Allocate fro...

Page 155: ...o NVRAM Format debug config error_reboot enable disable Parameters Restrictions Only Administrator level users can issue this command module Specifies the module list module_list Enter the module list here all Control output method of all modules buffer Direct the debug message of the module output to debug buffer default console Direct the debug message of the module output to local console Zxxx0...

Page 156: ... Only Administrator level users can issue this command Example To set the debug state to disabled 18 6 debug show error_reboot state Description Use the command to show the error reboot status Format Zxxx0 admin debug config error_reboot disable Command debug config error_reboot disable Success Zxxx0 admin enable Enable the debug state disable Disable the debug state Zxxx0 admin debug config state...

Page 157: ... to clear the STP counters Format debug stp clear counter ports portlist all Parameters Restrictions Only Administrator level users can issue this command Example To clear all STP counters on the Switching Hub Zxxx0 admin debug show error_reboot state Command debug show error_reboot state Error Reboot Enabled Zxxx0 admin ports Specifies the port range portlist Enter the list of port used for this ...

Page 158: ...ts all Success Zxxx0 admin ports Specifies the STP port range to debug portlist Enter the list of port used for this configuration here all Specifies to debug all ports on the Switching Hub event Debug the external operation and event processing bpdu Debug the BPDU s that have been received and transmitted state_machine Debug the state change of the STP state machine all Debug all of the above sta...

Page 159: ...ion here all Display all port s counters If no parameter is specified display the global counters Z6400 admin debug stp show counter ports 9 Command debug stp show counter ports 9 STP Counters Port 9 Receive Transmit Total STP Packets 32 Total STP Packets 32 Configuration BPDU 0 Configuration BPDU 0 TCN BPDU 0 TCN BPDU 0 RSTP TC Flag 15 RSTP TC Flag 7 RST BPDU 32 RST BPDU 32 Discard Total Discarde...

Page 160: ...list Optional Enter the list of port used for this configuration here If no parameter is specified all ports on the Switching Hub will be displayed Zxxx0 admin debug stp show flag Command debug stp show flag Global State Enabled Port Index Event flag BPDU Flag State Machine Flag 1 Detail Brief Disable 2 Detail Brief Disable 3 Detail Brief Disable 4 Detail Brief Disable 5 Detail Brief Disable 6 Det...

Page 161: ...scription This command used to display STP detailed information such as the hardware tables the STP state machine etc Format debug stp show information Parameters None Restrictions Only Administrator level users can issue this command Example To show STP debug information ...

Page 162: ...Root Bridge 32768 00 01 02 03 04 00 Internal Root Cost 0 Designated Bridge 32768 00 01 02 03 04 00 Designated Port 0 Message Age 0 Max Age 20 Forward Delay 15 Hello Time 2 Instance 1 Regional Root Bridge 32769 00 01 02 03 04 00 Internal Root Cost 0 Designated Bridge 32769 00 01 02 03 04 00 Designated Port 0 Remaining Hops 20 Designated Priority And Times Instance 0 Port 1 Designated Root Bridge 0 ...

Page 163: ...ate 18 13 debug show status Description Show the debug handler state and the specified module s debug status If the input module list is empty the states of all registered modules which support debug module will be shown Format debug show status module module_list state Specifies the STP debug state enable Enable the STP debug state disable Disable the STP debug state Zxxx0 admin debug stp state e...

Page 164: ...debug state module Optional Specifies the module list module_list Enter the module list here Prompt debug show status module MSTP Command debug show status module MSTP Debug Global State Enable MSTP Enable Prompt Prompt debug show status Command debug show status Debug Global State Enable SYS Enable OS Enable MSTP Enable ACL Disable CLI Enable SNMP Disable IGMP Enable Prompt ...

Page 165: ... only DHCP packets are authenticated first and other packets are discarded The Switching Hub monitors communications with the DHCP server on a trusted port and stores a mapping between assigned IP addresses and MAC addresses in the Binding Table in the Switching Hub Only clients with an IP address and MAC address stored in the Binding Table are authorized for normal communication Figure 19 1 enabl...

Page 166: ...obal control for the DHCP snooping function By default the DHCP snooping function is disabled Format enable dhcp_snoop Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the DHCP snooping function globally Zxxx0 admin enable dhcp_snoop Command enable dhcp_snoop Success Zxxx0 admin ...

Page 167: ...nd disables the DHCP snooping function By default the DHCP snooping function is disabled Format disable dhcp_snoop Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the DHCP snooping function globally Zxxx0 admin disable dhcp_snoop Command disable dhcp_snoop Success Zxxx0 admin ...

Page 168: ...ooping configuration status Format show dhcp_snoop Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To display the DHCP snooping configuration status Zxxx0 admin show dhcp_snoop Command show dhcp_snoop DHCP Snooping Status Enabled Zxxx0 admin ...

Page 169: ... for a specific VLAN vlanid Display the entries for the VLANs indicated by VID list ipaddress Displays the entries for a specific IP address mac_address Displays the entries for a specific MAC address If no parameter is specified system will display the whole DHCP snooping binding table Zxxx0 admin admin show dhcp_snoop binding Command show dhcp_snoop binding Port VID IP Address MAC Address Lease ...

Page 170: ...vailable after sending an inquiry to the DNS server and obtaining an IP address from the domain name name resolution The DNS relay is a function that allows this Switching Hub to receive a name resolution request from the client and transfer it to the original DNS server TCP IP network requires a DNS server specified for each client The DNS relay function allows you to configure this Switching Hub...

Page 171: ...n_name 32 ipaddr enable dnsr cache static disable dnsr cache static show dnsr static primary Specify to indicate that the IP address below is the address of the primary DNS server secondary Specify to indicate that the IP address below is the address of the secondary DNS server nameserver Specify the IP address of the DNS nameserver ipaddr Specify the IP address of the DNS nameserver add Specify t...

Page 172: ...and Power User level users can issue this command Example To enable DNS relay Zxxx0 admin config dnsr add static dns1 10 24 22 5 Command config dnsr add static dns1 10 24 22 5 Success Zxxx0 admin Zxxx0 admin config dnsr delete static dns1 10 24 22 5 Command config dnsr delete static dns1 10 24 22 5 Success Zxxx0 admin cache Specify to enable the cache lookup for the DNS relay on the Switching Hub ...

Page 173: ...or and Power User level users can issue this command Example To disable the status of DNS relay Zxxx0 admin enable dnsr cache Command enable dnsr cache Success Zxxx0 admin Zxxx0 admin enable dnsr static Command enable dnsr static Success Zxxx0 admin cache Optional Specify to disable the cache lookup for the DNS relay on the Switching Hub static Optional Specify to disable the static table lookup f...

Page 174: ...n and static entries Format show dnsr static Parameters Restrictions None Example To display the DNS relay status Zxxx0 admin disable dnsr cache Command disable dnsr cache Success Zxxx0 admin Zxxx0 admin disable dnsr static Command disable dnsr static Success Zxxx0 admin static Optional Specify to display the static entries in the DNS relay table If this parameter is omitted the entire DNS relay t...

Page 175: ... dnsr Command show dnsr DNSR Status Disabled Primary Name Server 0 0 0 0 Secondary Name Server 0 0 0 0 DNSR Cache Status Disabled DNSR Static Table Status Disabled DNS Relay Static Table Domain Name IP Address www 123 com 10 12 12 123 Total Entries 1 Zxxx0 admin ...

Page 176: ...n A resolver is a client that sends a name resolution request to the DNS server In this chapter you will configure a DNS server used when this Switching Hub requires name resolution Figure 21 1 Name resolution of this Switching Hub You can also configure the response waiting time 1 to 60 seconds from the DNS server register a static DNS table and check and delete DNS cache config name_server add i...

Page 177: ...ame_server delete Description This command is used to delete a DNS resolver name server from the Switch Format config name_server delete ipaddr primary Parameters ipaddr Enter the DNS Resolver name server IP address used here primary Optional Specifies that the name server is a primary name server Zxxx0 admin config name_server add 10 10 10 10 primary Command config name_server add 10 10 10 10 pri...

Page 178: ...rs Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure DNS Resolver name server time out to 10 seconds Zxxx0 admin config name_server delete 10 10 10 10 Command config name_server delete 10 10 10 10 Success Zxxx0 admin timeout Specifies the maximum time waiting for a responce from a specified name server second 1 60 Enter the timeout valu...

Page 179: ...me_server Parameters None Restrictions None Example To display the current DNS Resolver name servers and name server time out Zxxx0 admin show name_server Command show name_server Name Server Time Out 3 seconds Static Name Server Table Server IP Address Priority 20 20 20 20 Secondary 10 1 1 1 Primary Dynamic Name Server Table Server IP Address Priority 10 48 74 122 Primary Zxxx0 admin ...

Page 180: ...host_name Description This command is used to delete the static or dynamic host name entries of the Switch Format delete host_name name 255 all Parameters name 255 Enter the hostname used here This name can be up to 255 characters long ipaddr Enter the host IP address used here Zxxx0 admin create host_name www example com 10 10 10 10 Command create host_name www example com 10 10 10 10 Success Zxx...

Page 181: ...is command is used to display the current host name Format show host_name static dynamic Parameters Restrictions None Example To display the static and dynamic host name entries Zxxx0 admin delete host_name www example com Command delete host_name www example com Success Zxxx0 admin static Optional Specifies to display the static host name entries dynamic Optional Specifies to display the dynamic ...

Page 182: ...Example To configure the DNS Resolver state to enabled Zxxx0 admin show host_name Command show host_name Static Host Name Table Host Name IP Address www example com 10 10 10 10 www exampla com 20 20 20 20 Total Static Entries 2 Dynamic Host Name Table Host Name IP Address TTL www examplc com 30 30 30 30 60 minutes www exampld com 40 40 40 40 10 minutes Total Dynamic Entries 2 Zxxx0 admin Zxxx0 adm...

Page 183: ...DNS Resolver state of the Switch Format disable dns_resolver Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the DNS Resolver state to disabled Zxxx0 admin disable dns_resolver Command disable dns_resolver Success Zxxx0 admin ...

Page 184: ...nable disable Parameters Please change to disable the EEE state first if change the port speed mode from auto to other modes Restrictions Only Administrator and Operator level users can issue this command config eee ports portlist all state enable disable show eee ports portlist portlist Specify a range of ports to be configured all Specify that all ports will be configured state Specify the EEE s...

Page 185: ...port settings are displayed if portlist parameter is not specified Restrictions None Example To display the EEE settings on port 1 4 Zxxx0 admin config eee ports 1 3 state disable Command config eee ports 1 3 state disable Success Zxxx0 admin portlist Option Specify a range of ports to be configured Zxxx0 admin show eee ports 1 4 Command show eee ports 1 4 Port State 1 Enabled 2 Enabled 3 Enabled ...

Page 186: ... may be sent even to unnecessary ports if a multicast group does not exist When the multicast filtering function is enabled you can configure not to send data to any port other than router ports even if a multicast group is not created create fdb vlan_name 32 macaddr port port drop create fdb vlanid vidlist macaddr port port drop create multicast_fdb vlan_name 32 macaddr config multicast_fdb vlan_...

Page 187: ... Hub s unicast MAC address forwarding database using the VLAN ID Format create fdb vlanid vidlist macaddr port port drop vlan_name 32 Specify a VLAN name associated with a MAC address The maximum length is 32 characters macaddr Specify the MAC address to be added to the static forwarding table port The Switching Hub will always forward traffic to the specified device through this port port Specify...

Page 188: ...vidlist Enter the VLAN ID used here macaddr Specify the MAC address to be added to the static forwarding table port The Switching Hub will always forward traffic to the specified device through this port port Specify the port number corresponding to the MAC destination address f drop Specify to have the Switching Hub drop traffic Zxxx0 admin create fdb vlanid 1 00 11 22 33 44 55 port 1 5 Command c...

Page 189: ...Zxxx0 admin create multicast_fdb default 01 00 00 00 01 01 Command create multicast_fdb default 01 00 00 00 01 01 Success Zxxx0 admin vlan_name 32 Specify the name of the VLAN on which the MAC address resides The maximum name length is 32 characters macaddr Specify the MAC address that will be added or deleted to the forwarding table add Specify to add ports add Specify to delete ports portlist Sp...

Page 190: ...erator and Power User level users can issue this command Example To configure MAC address aging time sec 10 1000000 Specify the time in seconds that a dynamically learned MAC address will remain in the Switching Hub s MAC address forwarding table without being accessed before being dropped from the database The range of the value is 10 to 1000000 The default value is 300 Zxxx0 admin config fdb agi...

Page 191: ...ng mode for all VLANs vlanid Specify the VLAN ID list to set vidlist Specify the VLAN ID list to set vlan Specify the VLAN to set vlan_name 32 The maximum length is 32 characters all Specify to set all VLANs forward_all_groups Specifies that all multicast groups will be forwarded based on the VLAN forward_unregistered_groups Specify the filtering mode as forward_unregistered_groups This is the def...

Page 192: ...and Power User level users can issue this command Example To delete a permanent FDB entry vlan_name 32 Specify the name of the VLAN on which the MAC address resides The maximum length is 32 characters macaddr Specify the MAC address to be deleted from the static forwarding table Zxxx0 admin delete fdb default 00 00 00 00 01 02 Command delete fdb default 00 00 00 00 01 02 Success Zxxx0 admin ...

Page 193: ...escription This command is used to display the contents of the Switching Hub s multicast forwarding database Format show multicast_fdb vlan vlan_name 32 vlanid vidlist mac_address macaddr vlan Specify the name of the VLAN on which the MAC address resides vlan_name 32 The maximum length is 32 characters port Specify the port number corresponding to the dynamically learned MAC address port Specify t...

Page 194: ...time security vlan Optional Specify the name of the VLAN on which the MAC address resides vlan_name 32 The maximum length is 32 characters vlanid Optional Specifies the VLAN ID on which the MAC address resides vidlist Enter the VLAN ID used here mac_address Optional Specify a MAC address for which FDB entries will be displayed macaddr Specify a MAC address for which FDB entries will be displayed Z...

Page 195: ... to display the entries by VLAN ID list vidlist Specify to display the entries by VLAN ID list mac_address Optional Specify the MAC address macaddr Specify the MAC address static Optional Specify to display all permanent entries aging_time Specify to display the unicast MAC address aging time security Specify to display the security settings Zxxx0 admin show fdb Command show fdb Unicast MAC Addres...

Page 196: ... Example To show multicast filtering mode for ports vlanid Optional Specify to display the entries by VLAN ID list vidlist Specify to display the entries by VLAN ID list vlan Optional Specify to display the entries for a specific VLAN vlan_name 32 The maximum length is 32 characters Zxxx0 admin show multicast vlan_filtering_mode Command show multicast filtering_mode VLAN ID VLAN Name Multicast Fil...

Page 197: ...t unit_id all md unit unit_id drive_id pathname rd unit unit_id drive_id pathname cd pathname dir unit unit_id drive_id pathname rename unit unit_id drive_id pathname filename erase unit unit_id drive_id pathname format unit unit_id drive_id fat16 fat32 label_name del unit unit_id drive_id pathname recursive move unit unit_id drive_id pathname unit unit_id drive_id pathname copy unit unit_id drive...

Page 198: ...ge_media_info Unit Drive Media Type Size Label FS Type 1 c Flash 123 MB FFS Zxxx0 admin unit Specifies the unit ID in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID value here drive_id Specifies the drive ID If not specified it refers to the current drive pathname Specify the directory to be created The path name can be specified either as a full path n...

Page 199: ...ers can issue this command Example To delete an empty directory unit Specifies the unit ID in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID value here drive_id Specifies the drive ID If not specified it refers to the current drive pathname Specify the directory to be removed The path name can be specified either as a full path name or partial name For ...

Page 200: ...l of the files located in a directory of a drive If a path name is not specified then all of the files in the specified drive will be displayed If none of the parameters are specified the files in the current directory will be displayed If a user lists the system directory the used space will be shown Format dir unit unit_id drive_id pathname pathname Optional Specify the directory to be changed T...

Page 201: ...ed either as a full path name or partial name For a partial path name it indicates the file is in the current directory The drive ID also included in this parameter for example d config bootup cfg Zxxx0 admin dir Command dir Directory of c Idx Info Attr Size Update Time Name 1 RUN rw 4796564 2000 01 22 03 52 03 runtime rom 2 CFG rw 24120 2000 01 22 23 22 58 config cfg 3 CFG b rw 24120 2000 01 23 0...

Page 202: ...Format rename unit unit_id drive_id pathname filename Parameters Restrictions Only Administrator and Operator level users can issue this command Example To rename a file or directory unit Specifies the unit ID in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID value here drive_id Specifies the drive ID If not specified it refers to the current drive path...

Page 203: ... users can issue this command Example To delete a file unit Specifies the unit ID in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID value here drive_id Specifies the drive ID If not specified it refers to the current drive pathname Specify the file to be deleted If it is specified in the associated form then it is related to the current directory Zxxx0 ...

Page 204: ...unit Specifies the unit ID in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID value here drive_id Specifies the drive ID fat16 Optional Specifies that the drive will be formatted to support a FAT16 file system fat32 Optional Specifies that the drive will be formatted to support a FAT32 file system label_name Optional Enter the label name used for this dr...

Page 205: ...sive unit Specifies the unit ID in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID value here drive_id Specifies the drive ID If not specified it refers to the current drive pathname Specify the file or directory to be deleted If it is specified in the associated form then it is related to the current directory recursive Optional Used on the directory to...

Page 206: ...the drive ID If not specified it refers to the current drive pathname Specify the file to be moved The path name can be specified either as a full path name or partial name For a partial path name it indicates the file is in the current directory unit Specifies the unit ID in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID value here drive_id Specifies t...

Page 207: ...lue here drive_id Specifies the drive ID If not specified it refers to the current drive pathname Specify the file to be copied If it is specified in the associated form then it is related to the current directory unit Specifies the unit ID in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID value here drive_id Specifies the drive ID If not specified it r...

Page 208: ...rictions None Example To display the storage media s information unit Optional Specifies the unit ID in the stacking system If not specified it refers to the master unit unit_id Enter the unit ID value here drive_id Specifies the drive ID The format of drive_id is c or d Zxxx0 admin change drive unit 3 c Command change drive unit 3 c Current work directory unit3 c Zxxx0 admin ...

Page 209: ...hem to the management server as a SNMP trap Figure 25 1 DHCP server packet filtering config filter dhcp_server add permit server_ip ipaddr client_mac macaddr ports portlist all delete permit server_ip ipaddr client_mac macaddr ports portlist all ports portlist all state enable disable illegal_server_log_suppress_duration 1min 5min 30min trap_log enable disable show filter dhcp_server config filter...

Page 210: ... 67 Filter commands in this file will share the same access profile Addition of a permit DHCP entry will create one access profile and create one access rule Filter commands in this file will share the same access profile Format config filter dhcp_server add permit server_ip ipaddr client_mac macaddr ports portlist all delete permit server_ip ipaddr client_mac macaddr ports portlist all ports port...

Page 211: ...ts to be configured all Specify to configure all ports state Specify the port status enable Enable the state disable Disable the state illegal_server_log_suppress_duration Specify the illegal server log suppression duration 1min Specify an illegal server log suppression duration of 1 minute 5min Specify an illegal server log suppression duration of 5 minutes 30minSpecify an illegal server log supp...

Page 212: ...e To display the DHCP server client filter list created on the Switching Hub Zxxx0 admin config filter dhcp_server ports 1 10 state enable Command config filter dhcp_server ports 1 10 state enable Success Zxxx0 admin Zxxx0 admin show filter dhcp_server Command show filter dhcp_server Enabled Ports 1 28 Trap Log State Enabled Illegal Server Log Suppress Duration 1 minutes Permit DHCP Server Client ...

Page 213: ...can issue this command Example To configure the extensive NetBIOS filter state on ports 1 to 10 25 4 show filter extensive_netbios Description This command is used to display the extensive NetBIOS filter state on the Switching Hub Format show filter extensive_netbios portlist Specify a range of ports to be configured all Specify to configure all ports state Specify the status of the filter to bloc...

Page 214: ...port 139 Filter commands in this file will share the same access profile Format config filter netbios portlist all state enable disable Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Zxxx0 admin show filter extensive_netbios Command show filter extensive_netbios Enabled Ports 1 3 Zxxx0 admin portlist Specify a range of ports to be configured a...

Page 215: ...S filter state on the Switching Hub Format show filter netbios Parameters None Restrictions None Example To display the NetBIOS filter state Zxxx0 admin config filter netbios 1 10 state enable Command config filter netbios 1 10 state enable Success Zxxx0 admin Zxxx0 admin show filter netbios Command show filter netbios Enabled Ports 1 3 Zxxx0 admin ...

Page 216: ...e destination IP address If other device responds to Gratuitous ARP it means the IP address is duplicated Figure 26 1 Gratuitous ARP overview enable gratuitous_arp ipif ipif_name 12 trap log 1 disable gratuitous_arp ipif ipif_name 12 trap log 1 config gratuitous_arp learning enable disable config gratuitous_arp send dup_ip_detected enable disable config gratuitous_arp send ipif_status_up enable di...

Page 217: ...is command Example To enable gratuitous ARP 26 2 disable gratuitous_arp Description This command is used to disable the gratuitous ARP trap and log state Format disable gratuitous_arp ipif ipif_name 12 trap log 1 ipif Optional The interface name of the L3 interface ipif_name 12 Specify the name of the interface The maximum length is 12 characters trap Specify trap The trap is disabled by default l...

Page 218: ...ower User level users can issue this command Example To enable learning of ARP entries in the ARP cache based on the received gratuitous ARP packets ipif Optional The interface name of the L3 interface ipif_name 12 Specify the name of the interface The maximum length is 12 characters trap Specify trap The trap is disabled by default log Specify log The even log is enabled by default Zxxx0 admin di...

Page 219: ... the system can send out the gratuitous ARP request packet for this duplicate IP address Format config gratuitous_arp send dup_ip_detected enable disable Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the sending of gratuitous ARP requests when a duplicate IP address is detected Zxxx0 admin config gratuitous_arp learning enab...

Page 220: ...P packet will be broadcast Format config gratuitous_arp send ipif_status_up enable disable Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the sending of gratuitous ARP requests when the IP interface status becomes up enable Enable the sending of gratuitous ARP requests when the IPIF status becomes up disable Disable the sendi...

Page 221: ...ue this command Example To configure the gratuitous ARP interval to 5 for the IPIF System ipif_name 12 Specify the interface name of the L3 interface The maximum length is 12 characters interval The periodically send gratuitous ARP interval time in seconds value 0 65535 Specify the value between 0 and 65535 0 zero means not to send gratuitous ARP request packets periodically By default the interva...

Page 222: ...state ipif Optional The interface name of the L3 interface ipif_name 12 Specify the name of the interface The maximum length is 12 characters Zxxx0 admin show gratuitous_arp Command show gratuitous_arp Send on IPIF Status Up Disabled Send on Duplicate IP Detected Disabled Gratuitous ARP Learning Disabled IP Interface Name System Gratuitous ARP Trap Disabled Gratuitous ARP Log Enabled Gratuitous AR...

Page 223: ...nfig igmp_snooping querier vlan_name vlan_name 32 vlanid vlanid_list all query_interval sec 1 65535 max_response_time sec 1 25 robustness_variable value 1 7 last_member_query_interval sec 1 25 state enable disable version value 1 3 1 config router_ports vlan_name 32 vlanid vlanid_list add delete portlist config router_ports_forbidden vlan_name 32 vlanid vlanid_list add delete portlist enable igmp_...

Page 224: ...counter show igmp_snooping forwarding vlan vlan_name 32 vlanid vlanid_list show router_ports vlan vlan_name 32 vlanid vlanid_list all static dynamic forbidden config igmp_snooping unknow_data_learning all vlan_name vlan_name 32 vlanid vlanid_list state enable disable aged_out enable disable expiry_time sec 1 65535 config igmp_snooping unknow_data_learning max_learned_entry value 1 1024 clear igmp_...

Page 225: ...he IGMP snooping fast leave function If enabled the membership is immediately removed when the system receive the IGMP leave message enable Enable the IGMP snooping fast leave function disable Disable the IGMP snooping fast leave function proxy_reporting Specifies the proxy reporting option state Specifies the proxy reporting state enable Specifies that the proxy reporting option will be enabled d...

Page 226: ...f time that must pass before a multicast router decides there are no more members of a group on a network This interval is calculated as follows robustness variable x query interval 1 x query response interval Other querier present interval Amount of time that must pass before a multicast router decides that there is no longer another multicast router that is the querier This interval is calculate...

Page 227: ... but does not provide the multicast routing function then this state must be configured as disabled Otherwise if the Layer 3 router is not selected as the querier it will not send the IGMP query packet Since it will not also send the multicast routing protocol packet the port will be timed out as a router port enable Allows the Switching Hub to be selected as an IGMP Querier sends IGMP query packe...

Page 228: ...rameters Restrictions Only Administrator Operator and Power User level users can issue this command vlanid Specify the VLAN ID list vlanid_list Specify the VLAN ID list add Specify to add the router ports delete Specify to delete the router ports portlist Specify a range of ports to be configured Zxxx0 admin config router_ports default add 1 10 Command config router_ports default add 1 10 Success ...

Page 229: ...nds 229 Example To set up port range 1 to 7 to be forbidden router ports of the default VLAN Zxxx0 admin config router_ports_forbidden default add 1 7 Command config router_ports_forbidden default add 1 7 Success Zxxx0 admin ...

Page 230: ...mand Example To enable IGMP snooping on the Switching Hub 27 6 disable igmp_snooping Description This command is used to disable IGMP snooping on the Switching Hub IGMP snooping can be disabled only if IP multicast routing is not being used Disabling IGMP snooping allows all IGMP and IP multicast traffic to flood within a given IP interface Format disable igmp_snooping Parameters None Zxxx0 admin ...

Page 231: ... vlanid_list Parameters If no parameter is specified the system will display all current IGMP snooping configuration Restrictions None Example To show IGMP snooping Zxxx0 admin disable igmp_snooping Command disable igmp_snooping Success Zxxx0 admin vlan Optional Specify the name of the VLAN to display the IGMP snooping configuration vlan_name 32 Specify the VLAN name The maximum length is 32 chara...

Page 232: ...isable Querier Role Non Querier Querier IP 0 0 0 0 Querier Expiry Time 0 secs State Disable Fast Leave Disable Proxy Reporting Enable Proxy Reporting Source IP 0 0 0 0 Rate Limit No Limitation Version 3 Total Entries 1 Zxxx0 admin vlan Optional Specify the name of the VLAN for which you want to view IGMP snooping group configuration information vlan_name 32 Specify the VLAN name The maximum length...

Page 233: ...ing group information Zxxx0 admin show igmp_snooping group Command show igmp_snooping group Source Group NULL 224 106 0 211 VLAN Name VID default 1 Member Ports 1 UP Time 223 Expiry Time 37 Filter Mode EXCLUDE Source Group NULL 234 54 163 75 VLAN Name VID default 1 Member Ports 1 UP Time 223 Expiry Time 37 Filter Mode EXCLUDE Source Group 110 56 32 100 235 10 160 5 VLAN Name VID default 1 Member P...

Page 234: ...imit for ports 1 2 to have no limit ports Specify a range of ports to be configured portlist Specify a range of ports to be configured vlanid Specify a range of VLANs to be configured vlanid_list Specify the VLAN ID list value 1 1000 Specify the rate of IGMP control packets that the Switching Hub can process on a specific port VLAN The rate is specified in packet per second The packets that exceed...

Page 235: ...s Restrictions None Example To display the IGMP snooping rate limit for ports 1 2 ports Specify a range of ports to be displayed portlist Specify a range of ports to be displayed vlanid Specify a range of VLANs to be displayed vlanid_list Specify the VLAN ID list Zxxx0 admin show igmp_snooping rate_limit ports 1 2 Command show igmp_snooping rate_limit ports 1 2 Port Rate Limit 1 No Limit 2 No Limi...

Page 236: ...l only affect V2 IGMP operation The Reserved IP multicast address 224 0 0 X must be excluded from the configured group The VLAN must be created first before a static group can be created Format create igmp_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipaddr Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To create an IGMP ...

Page 237: ...d_list ipaddr add delete portlist Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To add port 9 to 10 to be IGMP snooping static member ports for group 239 1 1 1 on default VLAN vlan Specify the name of the VLAN on which the static group resides vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Specify the ID...

Page 238: ...erator and Power User level users can issue this command Example To delete an IGMP snooping static group from the default VLAN group 239 1 1 1 vlan Specify the name of the VLAN on which the router port resides vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Specify the VLAN ID list on which the router port resides vlanid_list Specify the VLAN ID list ipaddr Specify th...

Page 239: ... static groups vlan Specify the name of the VLAN on which the router port resides vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Specify the VLAN ID list on which the router port resides vlanid_list Specify the VLAN ID list ipaddr Specify the multicast group IP address for Layer 3 Switching Hub Zxxx0 admin show igmp_snooping static_group Command show igmp_snooping st...

Page 240: ...ed Format show igmp_snooping statistic counter vlan vlan_name 32 vlanid vlanid_list ports portlist Parameters Restrictions None Example To display the IGMP snooping statistics counter for port 1 vlan Specify a VLAN to be displayed vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Specify a list of VLANs to be displayed vlanid_list Specify the VLAN ID list ports Specify ...

Page 241: ... By Rate Limitation 0 Dropped By Multicast VLAN 0 Report Leave IGMP v1 Report 0 IGMP v2 Report 0 IGMP v3 Report 0 IGMP v2 Leave 0 Total 0 Dropped By Rate Limitation 0 Dropped By Max Group Limitation 0 Dropped By Group Filter 0 Dropped By Multicast VLAN 0 Transmit Statistics Query IGMP v1 Query 0 IGMP v2 Query 0 IGMP v3 Query 8 Total 8 Report Leave IGMP v1 Report 0 IGMP v2 Report 0 IGMP v3 Report 0...

Page 242: ...tion This command is used to display the Switching Hub s current IGMP snooping forwarding table It provides an easy way for users to check the list of ports that the multicast group comes from in terms of specific sources The packets come from the source VLAN They will be forwarded to the forwarding ports Format show igmp_snooping forwarding vlan vlan_name 32 vlanid vlanid_list Parameters Zxxx0 ad...

Page 243: ...rts vlan vlan_name 32 vlanid vlanid_list all static dynamic forbidden Parameters vlanid Optional Specify a list of VLANs to be displayed vlanid_list Specify the VLAN ID list Zxxx0 admin show igmp_snooping forwarding Command show igmp_snooping forwarding VLAN Name default Source IP 10 90 90 114 Multicast Group 225 0 0 0 Port Member 2 7 VLAN Name default Source IP 10 90 90 10 Multicast Group 225 0 0...

Page 244: ...ist all Specifies that all the VLAN s will be displayed static Optional Display router ports that have been statically configured dynamic Optional Display router ports that have been dynamically registered forbidden Optional Display forbidden router ports that have been statically configured Zxxx0 admin show router_ports vlan default Command show router_ports vlan default VLAN Name default Static ...

Page 245: ...trator Operator and Power User level users can issue this command Example To add a default gateway as 10 48 74 121 create iproute default ipaddr delete iproute default show iproute create ipv6route default ipif_name 12 ipv6addr delete ipv6route default ipif_name 12 ipv6addr show ipv6route default Create a default gateway ipaddr Specify the default gateway address Zxxx0 admin create iproute default...

Page 246: ...or Operator and Power User level users can issue this command Example To delete a default gateway from the routing table 28 3 show iproute Description This command is used to display the default gateway setting Format show iproute Parameters None Restrictions None default Delete iproute entry Zxxx0 admin delete iproute default Command delete iproute default Success Zxxx0 admin ...

Page 247: ... must be specified Format create ipv6route default ipif_name 12 ipv6addr Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To create an IPv6 default gateway Zxxx0 admin show iproute Command show iproute Routing Table IP Address Netmask Gateway Interface Protocol 10 0 0 0 8 0 0 0 0 System Local Total Entries 1 Zxxx0 admin default Specify t...

Page 248: ... 12 ipv6addr Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete an IPv6 default gateway Zxxx0 admin create ipv6route default System FEC0 5 Command create ipv6route default System FEC0 5 Success Zxxx0 admin default Specify the default gateway ipif_name 12 Specify the IP interface name ipv6addr Specify the next hop address for the ...

Page 249: ...lay the IPv6 default agateway setting Format show ipv6route Parameters None Restrictions None Example To display an IPv6 default gateway setting Zxxx0 admin show ipv6route Command show ipv6route IPv6 Prefix 0 Protocol Static Metric 1 Next Hop FEC0 5 IPIF System Total Entries 1 Zxxx0 admin ...

Page 250: ...and config ip_verify_source ports portlist all state enable disable config arp_inspection ports portlist all state enable disable create ip_source_binding ipaddress ipaddr mac_address macaddr port port delete ip_source_binding ipaddress ipaddr mac_address macaddr all config ip_source_binding ipaddress ipaddr mac_address macaddr port port show ip_source_binding all ipaddress ipaddr mac_address maca...

Page 251: ...ackets will be dropped Format config arp_inspection ports portlist all state enable disable Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable dynamic ARP inspection on port1 Zxxx0 admin config ip_verify_source ports 1 state enable Command config ip_verify_source ports 1 state enable Success Zxxx0 admin state enable Enable the dy...

Page 252: ...ower User level users can issue this command Example To create an IPSG entry that binds the IP address 10 1 1 1 to the MAC address 00 00 00 00 00 11 on port 3 ipaddr Specify the IP address used for the IPSG entry macaddrSpecify the MAC address used for the IPSG entry port Specify the port that the entry will apply to Zxxx0 admin create ip_source_binding ipaddress 10 1 1 1 mac_address 00 00 00 00 0...

Page 253: ... Power User level users can issue this command Example To delete an IPSG entry that binds the IP address 10 1 1 1 1 to the MAC address 00 00 00 00 00 11 ipaddr Specify the IP address of the entry macaddrSpecify the MAC address of the entry all Delete all IPSG manual binding entries Zxxx0 admin delete ip_source_binding ipaddress 10 1 1 1 mac_address 00 00 00 00 00 11 Command delete ip_source_bindin...

Page 254: ...ample To configure an IPSG entry so that the IP address 10 1 1 1 is bound to the MAC address 00 00 00 00 00 11 on port 10 ipaddr Specify the IP address of the entry being updated macaddrSpecify the MAC address of the entry being updated ports Specify which ports that will use the updated IPSG entry Zxxx0 admin config address_binding ip_mac ipaddress 10 1 1 1 mac_address 00 00 00 00 00 11 port 10 C...

Page 255: ...e binding entries The ACL status will display regardless of whether the hardware ACL is active or not ipaddr Specify the learned IP address of the entry in the database macaddrSpecify the MAC address of the entry or the blocked MAC address Zxxx0 admin show ip_source_binding all Command show ip_source_binding all M Mode D DHCP S Static ACL A Active I Inactive IP Address MAC Address M ACL Port 10 1 ...

Page 256: ...the IP Source Address Verify global configuration Zxxx0 admin show ip_source_binding ipaddress10 1 1 1 mac_address 00 00 00 00 00 11 Command show ip_source_binding ipaddress10 1 1 1 mac_address 00 00 00 00 00 11 M Mode D DHCP S Static ACL A Active I Inactive IP Address MAC Address M ACL Port 10 1 1 1 00 00 00 00 00 11 S I 3 Total Entries 1 Zxxx0 admin ports Specify the ports that the information w...

Page 257: ...hat either IP Source Guard or Dynamic ARP Inspection enabled Format enable dhcp_snoop Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Zxxx0 admin show ip_verify_source ports Command show ip_verify_source ports Port ARP Inspection IP Verify Source 1 Disabled Disabled 2 Enabled Disabled 3 Enabled Enabled 4 Disabled Disabled 5 Disabled Enable...

Page 258: ...disabled all of the DHCP snooping binding entries will be removed Format disable dhcp_snoop Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable DHCP snooping mode Zxxx0 admin admin enable dhcp_snoop Command enable dhcp_snoop Success Zxxx0 admin Zxxx0 admin disable dhcp_snoop Command disable dhcp_snoop Success Zxxx0 admin ...

Page 259: ... 29 11 show dhcp_snoop Description This command is used to show all the DHCP snooping configuration and learning databases Format show dhcp_snoop max_entry ports portlist binding_entry port port Parameters ports Specify the list of ports used to clear the DHCP snooping entries learned Zxxx0 admin clear dhcp_snoop binding_entry ports 1 3 Command clear dhcp_snoop binding_entry ports 1 3 Success Zxxx...

Page 260: ...tries Inactive indicates that the entry is currently inactive due to the port link being down If no parameters are specified all the DHCP snooping configuration Zxxx0 admin show dhcp_snoop Command show dhcp_snoop DHCP_Snoop Enabled Zxxx0 admin Zxxx0 admin show dhcp_snoop max_entry Command show dhcp_snoop max_entry Port Max Entry 1 10 2 10 3 10 4 No Limit 5 No Limit 6 No Limit 7 No Limit 8 No Limit...

Page 261: ...trictions Only Administrator Operator and Power User level users can issue this command Example To set the maximum number of DHCP snooping entries that can be learned on ports 1 3 to 10 portlist Specify the list of ports that needs a restriction on the maximum number of DHCP snooping address binding entries that can be learned all Indicates that all the ports on the Switch will be used limit value...

Page 262: ...logs when the IP Source Address Verify modules detect an illegal IP and MAC address Format enable ip_verify_source log Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the IP Source Address Verify logs function Zxxx0 admin enable ip_verify_source log Command enable ip_verify_source log Success Zxxx0 admin ...

Page 263: ...he IP Source Address Verify logs Format disable ip_verify_source log Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable IP Source Address Verify logs Zxxx0 admin disable ip_verify_source log Command disable ip_verify_source log Success Zxxx0 admin ...

Page 264: ... used to add a static neighbor on an IPv6 interface Format create ipv6 neighbor_cache ipif ipif_name 12 ipv6addr macaddr Parameters create ipv6 neighbor_cache ipif ipif_name 12 ipv6addr macaddr delete ipv6 neighbor_cache ipif ipif_name 12 all ipv6addr static dynamic all show ipv6 neighbor_cache ipif ipif_name 12 all ipv6address ipv6addr static dynamic all hardware config ipv6 nd ns ipif ipif_name ...

Page 265: ... static dynamic all Parameters Restrictions Only Administrator Operator and Power User level users can issue this command ipv6addr Specify the IPv6 address of the neighbor macaddr Specify the MAC address of the neighbor Zxxx0 admin create ipv6 neighbor_cache ipif System 3ffc 1 00 01 02 03 04 05 Command create ipv6 neighbor_cache ipif System 3FFC 1 00 01 02 03 04 05 Success Zxxx0 admin ipif_name 12...

Page 266: ...ne Example To display all neighbor cache entries for the IP interface System Zxxx0 admin delete ipv6 neighbor_cache ipif System 3ffc 1 Command delete ipv6 neighbor_cache ipif System 3FFC 1 Success Zxxx0 admin ipif_name 12 Specify the IPv6 interface name all Specify all the IPv6 interface names ipv6address Specify the IPv6 address of the neighbor ipv6addr Specify the IPv6 address static Specify to ...

Page 267: ...72 36 01 04 Port 1 21 Interface System VID 1 Total Entries 1 Zxxx0 admin ipif_name 12 Specify the name of the interface The maximum length is 12 characters retrans_time Specify the neighbor solicitation s retransmit timer in milliseconds It has the same value as ra retrans_time in the config ipv6 nd ra command If one is configured the other will change too millisecond 0 4294967295 Specify the neig...

Page 268: ... time that a node can consider a neighboring node reachable after receiving a reachability confirmation in millisecond millisecond 0 3600000 Specify the time between 0 and 3600000 milliseconds retrans_time Specifies the amount of time between retransmissions of router advertisement message in millisecond and the router advertisement packet will take it to host millisecond 0 4294967295 Specify the ...

Page 269: ...in on address configuration information disable Set to disable to stop hosts receiving this RA from using a stateful address configuration protocol to obtain on address configuration information min_rtr_adv_interval Specify the minimum time allowed between sending unsolicited multicast Router Advertisements from the interface in seconds It must be no less than 3 seconds and no greater than 75 MaxR...

Page 270: ...specified prefix using the stateless address configuration remains valid sec 0 4294967295 Specify the time between 0 and 4294967295 seconds For an infinite valid lifetime the value can be set to 4294967295 on_link_flag Specify to enable or disable the function enable Setting this field to enable will denote within the IPv6 packet that the IPv6 prefix configured here is assigned to this link local ...

Page 271: ...ctions Only Administrator Operator and Power User level users can issue this command Example To display IPv6 Neighbor Discover related configuration Zxxx0 admin config ipv6 nd ra prefix_option ipif ip1 3ffe 501 ffff 100 64 preferred_life_time 1000 Command config ipv6 nd ra prefix_option ipif ip1 3ffe 501 ffff 100 64 preferred_life_time 1000 Success Zxxx0 admin ipif Optional Specify the interface n...

Page 272: ...00 ms Router Advertisement Disabled RA Max Router AdvInterval 600 sec RA Min Router AdvInterval 198 sec RA Router Life Time 1800 sec RA Reachable Time 1200000 ms RA Retransmit Time 400 ms RA Managed Flag Disabled RA Other Configure Flag Disabled Prefix Preferred Valid OnLink Autonomous 1000 A111 B111 C111 64 604800 2592000 Enabled Enabled Zxxx0 admin ...

Page 273: ...30 IPv6 NDP Commands 273 ...

Page 274: ...is Switching Hub supports a jumbo frame with up to 9000 bytes and allows you to configure the setting for all ports or each port To transmit with jumbo frames all devices on the route including this Switching Hub must support jumbo frames If there are some devices not supporting jumbo frames data is transmitted with the standard frame size Figure 31 1 Jumbo frame overview enable jumbo_frame disabl...

Page 275: ... Power User level users can issue this command Example To enable Jumbo Frames 31 2 disable jumbo_frame Description This command is used to disable support of Jumbo Frames Format disable jumbo_frame Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable Jumbo Frames Zxxx0 admin enable jumbo_frame Command enable jumbo_frame Zxxx0...

Page 276: ...1 1 5 Zxxx0 admin disable jumbo_frame Command disable jumbo_frame Success Zxxx0 admin portlist Enter the list of ports used for this configuration here all Specifies that all the ports will be used for this configuration state Specifies the jumbo frame state to be applied to a range of ports specified enable Specifies that the jumbo frame state will be enabled disable Specifies that the jumbo fram...

Page 277: ...ers Restrictions None Example To display Jumbo Frames for port 1 to 5 portlist Optional Enter the list of ports to be displayed here Zxxx0 admin show jumbo_frame 1 5 Command show jumbo_frame 1 5 Jumbo Frame Global State Disabled Maximum Jumbo Frame Size 1518 Bytes Port Jumbo Frame State 1 Enabled 2 Enabled 3 Enabled 4 Enabled 5 Enabled Zxxx0 admin ...

Page 278: ...lly decide set and monitor the port connection status in link aggregation The LACP operation mode needs to be configured for each port Active Port sending LACP frames Passive Port receiving LACP frames For more information about how to enable link aggregation refer to Link Aggregation Commands section 32 1 config lacp_port Description This command is used to configure per port LACP mode Format con...

Page 279: ...eters If no parameter is specified the system will display current LACP mode for all ports Restrictions None Example To display the current LACP mode for ports 1 to 3 on the Switching Hub portlist Specify a range of ports to be configured mode Specify the port mode active Specify the mode as active passive Specify the mode as passive Zxxx0 admin config lacp_port 1 3 mode active Command config lacp...

Page 280: ...32 LACP Configuration Commands 280 Zxxx0 admin show lacp_port 1 3 Command show lacp_port 1 3 Port Activity 1 Active 2 Active 3 Active Zxxx0 admin ...

Page 281: ...er 2 protocol is tunnel enabled on an UNI once received the PDU on this port the multicast destination address of the PDU will be replaced by Layer 2 protocol tunneling multicast address The Layer 2 protocol tunneling multicast address for STP is 01 05 5D 00 00 00 for GVRP is 01 05 5D 00 00 21 for Layer 2 protocols MAC 01 00 0C CC CC CC is 01 05 5D 00 00 10 and for protocol MAC 01 00 0C CC CC CD i...

Page 282: ...led on this port stp Optional Specify to use the STP protocol gvrp Optional Specify to use the GVRP protocol protocol_mac Optional Specify which protocol MAC address to use 01 00 0C CC CC CCSpecify to use this protocol MAC address 01 00 0C CC CC CDSpecify to use this protocol MAC address all Specify to use all the MAC addresses threshold Optional Specify the drop threshold for packets per second a...

Page 283: ... ports uni Optional Specify show UNI detail information include tunneled and dropped PDU statistic nni Optional Specify show NNI detail information include de capsulated Layer 2 PDU statistic Zxxx0 admin show l2protocol_tunnel Command show l2protocol_tunnel Global State Enabled UNI Ports 1 2 NNI Ports 3 4 Zxxx0 admin Zxxx0 admin show l2protocol_tunnel uni Command show l2protocol_tunnel uni UNI Tun...

Page 284: ...arameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the Layer 2 protocol tunneling function Zxxx0 admin show l2protocol_tunnel nni Command show l2protocol_tunnel nni NNI Protocol Port 1 STP GVRP 01 00 0C CC CC CC 01 00 0C CC CC CD 2 STP GVRP 01 00 0C CC CC CC 01 00 0C CC CC CD Zxxx0 admin Zxxx0 admin enable l2protocol_tunnel C...

Page 285: ... 2 protocol tunneling function Format disable l2protocol_tunnel Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the Layer 2 protocol tunneling function Zxxx0 admin disable l2protocol_tunnel Command disable l2protocol_tunnel Success Zxxx0 admin ...

Page 286: ...rofile_name name 32 add delete mcastv6_address_list 1 delete mcast_filter_profile ipv4 ipv6 profile_id value 1 60 all profile_name name 32 show mcast_filter_profile ipv4 ipv6 profile_id value 1 60 profile_name name 32 config limited_multicast_addr ports portlist vlanid vlanid_list ipv4 ipv6 add delete profile_id value 1 60 profile_name name 32 access permit deny 1 show limited_multicast_addr ports...

Page 287: ... mcast_filter_profile profile_id 2 profile_name MOD Command create mcast_filter_profile profile_id 2 profile_name MOD Success Zxxx0 admin profile_idSpecify the ID of the profile value 1 60 The profile ID must be between 1 and 60 profile_name Specifies the name of the profile name 32 The profile name can be up to 32 characters long profile_name Specify a new name of the profile name 32 The profile ...

Page 288: ...le profile_id 2 add 225 1 1 1 225 1 1 100 Command config mcast_filter_profile profile_id 2 add 225 1 1 1 225 1 1 100 Success Zxxx0 admin profile_idSpecify the ID of the profile value 1 60 The profile ID must be between 1 and 60 profile_name Specifies the name of the profile name 32 The profile name can be up to 32 characters long profile_name Specify a new name of the profile name 32 The profile n...

Page 289: ...rator Operator and Power User level users can issue this command Example To delete a multicast profile with a profile ID of 3 Zxxx0 admin config mcast_filter_profile ipv6 profile_id 3 add FF0E 100 0 0 20 FF0E 100 0 0 22 Command config mcast_filter_profile ipv6 profile_id 3 add FF0E 100 0 0 20 FF0E 100 0 0 22 Success Zxxx0 admin ipv4 Optional Specify to delete an IPv4 multicast profile ipv6 Optiona...

Page 290: ...lete mcast_filter_profile profile_id 3 Success Zxxx0 admin Zxxx0 admin delete mcast_filter_profile profile_name MOD Command delete mcast_filter_profile profile_name MOD Success Zxxx0 admin ipv4 Optional Specify to display an IPv4 multicast profile ipv6 Optional Specify to display an IPv6 multicast profile profile_id Optional Specify the ID of the profile If both profile_id and profile_name are not...

Page 291: ...t_filter_profile Profile ID Name Multicast Addresses 1 MOD 234 1 1 1 238 244 244 244 234 1 1 1 238 244 244 244 2 customer 224 19 62 34 224 19 162 200 Total Entries 2 Zxxx0 admin ports Specify a range of ports to configure the multicast address filtering function portlist Specify a range of ports to be configured vlanid Specify the VLAN ID of the VLAN that the multicast address filtering function w...

Page 292: ...name can be up to 32 characters long access Optional Specify whether the access is permit or deny permit Specify that the packets that match the addresses defined in the profiles will be permitted deny Specify that the packets that match the addresses defined in the profiles will be denied Zxxx0 admin config limited_multicast_addr ports 1 3 add profile_id 2 Command config limited_multicast_addr po...

Page 293: ...mmand show limited_multicast_addr vlanid 1 VLAN 1 Access Deny Profile ID Name Multicast Addresses 1 customer 224 19 62 34 224 19 162 200 Zxxx0 admin Zxxx0 admin show limited_multicast_addr ports 1 3 Command show limited_multicast_addr ports 1 3 Port 1 Access Deny Profile ID Name Multicast Addresses 1 customer 224 19 62 34 224 19 162 200 Port 3 Access Deny Profile ID Name Multicast Addresses 1 cust...

Page 294: ...ssue this command Example To configure the maximum number of multicast groups that ports 1 and 3 can join to 100 ports Specify a range of ports to configure the maximum multicast group portlist Specify a range of ports to be configured vlanid Specify the VLAN ID to configure the maximum multicast group vlanid_list Enter the VLAN ID of the VLAN here ipv4 Optional Specify that the maximum number of ...

Page 295: ...00 Command config max_mcast_group ports 1 3 max_group 100 Success Zxxx0 admin ports Specify a range of ports to display the maximum number of multicast groups portlist Specify a range of ports to be displayed vlanid Specify the VLAN ID for displaying the maximum number of multicast groups vlanid_list Enter the VLAN ID of the VLAN here ipv4 Optional Specify to display the maximum number of IPv4 lea...

Page 296: ...nd configure the protocol settings by referring to LACP Configuration Commands 35 1 create link_aggregation group_id Description This command is used to create a link aggregation group Format create link_aggregation group_id value 1 32 type lacp static create link_aggregation group_id value 1 32 type lacp static delete link_aggregation group_id value 1 32 config link_aggregation group_id value 1 3...

Page 297: ... To delete a link aggregation group value 1 32 Specify the group ID The group number identifies each of the groups The Switching Hub allows up to 32 link aggregation groups to be configured type Optional Specify the group type belongs to static or LACP If type is not specified the default is the static type lacp Specify the group type as LACP static Specify the group type as static Zxxx0 admin cre...

Page 298: ... Zxxx0 admin value 1 32 Specify the group ID The group number identifies each of the groups The Switching Hub allows up to 32 link aggregation groups to be configured master_port Specify which port by port number of the link aggregation group will be the master port All of the ports in a link aggregation group will share the port configuration with the master port port Specify the master port ID p...

Page 299: ... config link_aggregation algorithm mac_source mac_destination mac_source_dest ip_source ip_destination ip_source_dest l4_src_port l4_dest_port l4_src_dest_port Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Zxxx0 admin config link_aggregation group_id 1 master_port 7 ports 5 7 Command config link_aggregation group_id 1 master_port 7 ports 5 7 ...

Page 300: ...rameter is specified the system will display all the link aggregation information Restrictions None Zxxx0 admin config link_aggregation algorithm mac_source_dest Command config link_aggregation algorithm mac_source_dest Success Zxxx0 admin group_id Optional Specify the group ID The group number identifies each of the groups value 1 32 The Switching Hub allows up to 32 link aggregation groups to be...

Page 301: ...k_aggregation Command show link_aggregation Link Aggregation Algorithm MAC_Source_Dest Group ID 1 Type LACP Master Port 1 Member Port 1 8 Active Port 7 Status Enabled Flooding Port 7 Total Entries 1 Zxxx0 admin Zxxx0 admin show link_aggregation Command show link_aggregation Link Aggregation Algorithm MAC Source Dest Group ID 1 Type LACP Master Port 1 Member Port 1 8 Active Port Status Disabled Flo...

Page 302: ...sage enable disable config lldp notification_interval sec 5 3600 config lldp ports portlist all notification enable disable admin_status tx_only rx_only tx_and_rx disable mgt_addr ipv4 ipaddr ipv6 ipv6addr enable disable basic_tlvs all port_description system_name system_description system_capabilities enable disable dot1_tlv_pvid enable disable dot1_tlv_protocol_vid vlan all vlan_name 32 vlanid v...

Page 303: ...sed from the neighbor in the neighbor table The default state for LLDP is disabled Format enable lldp Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable LLDP config lldp_med ports portlist all med_transmit_capabilities all capabilities network_policy inventory 1 state enable disable show lldp_med ports portlist show lldp_med...

Page 304: ...ompute the TTL value of txTTL in an LLDPDU The TTL will be carried in the LLDPDU packet The lifetime will be the minimum of 65535 and message_tx_interval message_tx_hold_multiplier On the partner Switching Hub when the time to live for a given advertisement expires the advertised data is deleted from the neighbor Switching Hub s MIB The TX delay is used to change the minimum time delay interval an...

Page 305: ... default setting is 30 seconds message_tx_hold_multiplier Specify the message TX hold multiplier int 2 10 Specify the range is from 2 to 10 The default setting is 4 tx_delay Specify the TX delay time sec 1 8192 Specify the range is from 1 to 8192 seconds The default setting is 2 seconds Note that txDelay should be less than or equal to 0 25 msgTxInterval reinit_delay Specify the reinit delay time ...

Page 306: ...to five seconds 36 4 show lldp Description This command is used to display LLDP Format show lldp Parameters None Restrictions None Zxxx0 admin config lldp tx_delay 8 Command config lldp tx_delay 8 Success Zxxx0 admin Zxxx0 admin config lldp reinit_delay 5 Command config lldp reinit_delay 5 Success Zxxx0 admin ...

Page 307: ... Only Administrator Operator and Power User level users can issue this command Zxxx0 admin show lldp Command show lldp LLDP System Information Chassis ID Subtype MAC Address Chassis ID 00 11 22 33 44 55 System Name System Description Gigabit Ethernet Switch System Capabilities Repeater Bridge LLDP Configurations LLDP Status Disabled LLDP Forward Status Disabled Message TX Interval 30 Message TX Ho...

Page 308: ..._interval sec 5 3600 Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To change the notification interval to 10 seconds Zxxx0 admin config lldp forward_message enable Command config lldp forward_message enable Success Zxxx0 admin sec 5 3600 Specify the notification interval range is from 5 to 3600 seconds The default setting is 5 seconds...

Page 309: ...a type include four basic types of information end of LLDPDU TLV chassis ID TLV port ID TLV and Time to Live TLV The mandatory type cannot be disabled There are also four data types which can be optionally selected They are port_description system_name system_description and system_capability Configure an individual port or group of ports to exclude one or more of IEEE 802 1 Organizationally port ...

Page 310: ...MP trap notification of LLDP data changes detected on advertisements received from neighbor devices disable Disable the SNMP trap notification of LLDP data changes detected on advertisements received from neighbor devices admin_status Select the desired administrative per port state The default per port state is tx_and_rx tx_only Configure the specified port s to transmit LLDP packets but block in...

Page 311: ...ual port or group of ports to exclude one or more of optional TLV data types from outbound LLDP advertisements dot1_tlv_pvid This TLV optional data type determines whether the IEEE 802 1 organizationally defined port VLAN ID TLV transmission is allowed on a given LLDP transmission capable port The default state is disabled enable Enable port VLAN ID TLV transmission on a given LLDP transmission ca...

Page 312: ...data type indicates whether the corresponding Local System s Protocol Identity instance will be transmitted on the port The Protocol Identity TLV provides a way for stations to advertise protocols that are important to the operation of the network such as Spanning Tree Protocol the Link Aggregation Control Protocol and numerous vendor proprietary variations which are responsible for maintaining th...

Page 313: ...fault state is disabled link_aggregation Optional This TLV optional data type indicates that LLDP agent should transmit Link Aggregation TLV This type indicates the current link aggregation status of IEEE 802 3 MACs More precisely the information should include whether the port is capable of doing link aggregation whether the port is aggregated in an aggregated link and the aggregated port ID The ...

Page 314: ...le Command config lldp ports 1 5 mgt_addr ipv4 192 168 254 10 enable Success Zxxx0 admin Zxxx0 admin config lldp ports all basic_tlvs system_name enable Command config lldp ports all basic_tlvs system_name enable Success Zxxx0 admin Zxxx0 admin config lldp ports all dot1_tlv_pvid enable Command config lldp ports all dot1_tlv_pvid enable Success Zxxx0 admin Zxxx0 admin config lldp ports all dot1_tl...

Page 315: ...mat show lldp ports portlist Parameters When a port list is not specified information for all ports will be displayed Restrictions None Zxxx0 admin config lldp ports all dot1_tlv_protocol_identity all enable Command config lldp ports all dot1_tlv_protocol_identity all enable Success Zxxx0 admin Zxxx0 admin config lldp ports all dot3_tlvs mac_phy_configuration_status enable Command config lldp port...

Page 316: ... config lldp_med fast_start repeat_count value 1 10 Parameters Restrictions Zxxx0 admin show lldp ports 1 Command show lldp ports 1 Port ID 1 Admin Status TX_and_RX Notification Status Disabled Advertised TLVs Option Port Description Disabled System Name Disabled System Description Disabled System Capabilities Disabled Enabled Management Address None Port VLAN ID Disabled Enabled Port_and_Protocol...

Page 317: ...disable Parameters Restrictions Only Administrator and Operator level users can issue this command Example To enable the log state of LLDP MED events Zxxx0 admin config lldp_med fast_start repeat_count 5 Command config lldp_med fast_start repeat_count 5 Success Zxxx0 admin enable Enable the log state for LLDP MED events disable Disable the log state for LLDP MED events The default is disabled Zxxx...

Page 318: ... Operator level users can issue this command Example To enable topology change notification on ports 1 to 2 portlist Specify a range of ports to be configured all Specify to set all ports in the system state Enable or disable the SNMP trap notification of topology change detected state enable Enable the SNMP trap notification of topology change detected disable Disable the SNMP trap notification o...

Page 319: ... to set all ports in the system med_transit_capabilities Select to send the LLDP MED TLV capabilities specified all Select to send capabilities network policy and inventory capabilities Optional Specify that the LLDP agent should transmit LLDP MED capabilities TLV If a user wants to transmit LLDP MED PDU this TLV type should be enabled Otherwise this port cannot transmit LLDP MED PDU network_polic...

Page 320: ...ample To display LLDP MED configuration information for port 1 36 14 show lldp_med Description This command is used to display the Switching Hub s general LLDP MED configuration status Format show lldp_med portlist Specify a range of ports to be displayed Zxxx0 admin show lldp_med ports 1 Command show lldp_med ports 1 Port ID 1 Topology Change Notification Status Enabled LLDP MED Capabilities TLV ...

Page 321: ...DP MED advertisements Format show lldp_med local_ports portlist Parameters Zxxx0 admin show lldp_med Command show lldp_med LLDP MED System Information Device Class Network Connectivity Device Hardware Revision A1 Firmware Revision 1 0 0 xx Software Revision 1 0 0 xx Serial Number Manufacturer Name MANAGER Model Name Zxxx0 Gigabit Ethernet S Asset ID LLDP MED Configuration Fast Start Repeat Count 4...

Page 322: ...DP MED information learned from neighbors Format show lldp_med remote_ ports portlist Parameters Zxxx0 admin show lldp_med local_ports 1 Command show lldp_med local_ports 1 Port ID 1 LLDP MED Capabilities Support Capabilities Support Network Policy Support Location Identification Not Support Extended Power Via MDI PSE Not Support Extended Power Via MDI PD Not Support Inventory Support Network Poli...

Page 323: ...36 LLDP Commands 323 When a port list is not specified information for all ports will be displayed Restrictions None Example To display remote entry information ワヰヵユワヰヵユ ...

Page 324: ...pport Extended Power Via MDI Support Inventory Support LLDP MED Capabilities Enabled Capabilities Enabled Network Policy Enabled Location Identification Enabled Extended Power Via MDI Enabled Inventory Enabled Network Policy Application Type Voice VLAN ID Priority DSCP Unknown True Tagged Application Type Softphone Voice VLAN ID 200 Priority 7 DSCP 5 Unknown False Tagged True Location Identificati...

Page 325: ...are Revision Firmware Revision Software Revision Serial Number Manufacturer Name Model Name Asset ID Zxxx0 admin portlist Optional Specify the ports to be displayed When a port list is not specified information for all ports will be displayed mode Optional Select the mode brief normal or detailed brief Specify to display the information in brief mode normal Specify to display the information in no...

Page 326: ... 02 03 05 00 Port Description Zxxx0 R1 0 0 xx Port 1 on Unit 1 Port PVID 1 Management Address Count 1 PPVID Entries Count 0 VLAN Name Entries Count 1 Protocol Identity Entries Count 0 MAC PHY Configuration Status See Detail Link Aggregation See Detail Maximum Frame Size 1536 Zxxx0 admin ipv4 Optional Specify the IPv4 address of the LLDP managament address entry ipaddr Specify the IPv4 address of t...

Page 327: ...ldp mgt_addr Address 1 Subtype IPv4 Address 10 19 72 38 IF Type Unknown OID 1 3 6 1 4 1 396 5 4 1 xx Advertising Ports Total Entries 1 Zxxx0 admin portlist Optional Specify the ports to be displayed When a port list is not specified information for all ports will be displayed mode Optional Select the mode brief normal or detailed brief Specify to display the information in brief mode normal Specif...

Page 328: ...hing Hub Format show lldp statistics Parameters None Restrictions None Example To display LLDP statistics Zxxx0 admin show lldp remote_ports 1 2 Command show lldp remote_ports 1 2 Remote Entities Count 0 Zxxx0 admin Zxxx0 admin show lldp statistics Command show lldp statistics Last Change Time 3648 Number of Table Insert 0 Number of Table Delete 0 Number of Table Drop 0 Number of Table Ageout 0 Zx...

Page 329: ...played Restrictions None Example To display LLDP statistic information for port 1 portlist Optional Specify the ports to be displayed Zxxx0 admin show lldp statistics ports 1 Command show lldp statistics ports 1 Port ID 1 LLDPStatsTXPortFramesTotal 0 LLDPStatsRXPortFramesDiscardTotal 0 LLDPStatsRXPortFramesErrors 0 LLDPStatsRXPortFramesTotal 0 LLDPStatsRXPortTLVsDiscardedTotal 0 LLDPStatsRXPortTLV...

Page 330: ...36 LLDP Commands 330 ...

Page 331: ...Restrictions Only Administrator Operator and Power User level users can issue this command create loopback ipif ipif_name 12 network_address state enable disable config loopback ipif ipif_name 12 ipaddress network_address state enable disable 1 show loopback ipif ipif_name 12 delete loopback ipif ipif_name 12 all ipif_name 12 Enter the IP interface name used for this configuration here This name c...

Page 332: ...1 with subnet address 10 0 0 1 8 Zxxx0 admin create loopback ipif loopback1 20 1 1 1 8 state enable Command create loopback ipif loopback1 20 1 1 1 8 state enable Success Zxxx0 admin ipif_name 12 Enter the IP interface name used for this configuration here This name can be up to 12 characters long ipaddress Optional Specifies the IPv4 network address of the loopback interface network_address Enter...

Page 333: ...d loopback1 Zxxx0 admin config loopback ipif loopback1 ipaddress 10 0 0 1 8 Command config loopback ipif loopback1 ipaddress 10 0 0 1 8 Success Zxxx0 admin ipif_name 12 Optional Enter the IP interface name used for this configuration here This name can be up to 12 characters long Zxxx0 admin show loopback ipif loopback1 Command show loopback ipif loopback1 Loopback Interface loopback1 Interface Ad...

Page 334: ...strator Operator and Power User level users can issue this command Example To delete the loopback interface named loopback1 ipif_name 12 Enter the IP interface name used for this configuration here This name can be up to 12 characters long all Specifies that all the IP loopback interfaces will be deleted Zxxx0 admin delete loopback ipif loopback1 Command delete loopback ipif loopback1 Success Zxxx...

Page 335: ... unauthorized devices Figure 38 1 MAC Notification overview 38 1 enable mac_notification Description This command is used to enable the trap notification for new learned MAC addresses on the Switch Format enable mac_notification enable mac_notification disable mac_notification config mac_notification interval int 1 2147483647 historysize int 1 500 1 config mac_notification ports portlist all enabl...

Page 336: ...used to disable the trap notification for new learned MAC addresses on the Switch Format disable mac_notification Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To disable the MAC notification function Zxxx0 admin enable mac_notification Command enable mac_notification Success Zxxx0 admin Zxxx0 admin disable mac_notification Command disable ...

Page 337: ...on global settings 38 4 config mac_notification ports Description This command is used to configure the port s MAC address table notification status settings Format config mac_notification ports portlist all enable disable interval Specify the time interval in seconds to trigger the notification int 1 2147483647 Specify between 1 second and 2147483647 seconds historysize Specify the entries of new...

Page 338: ...lobal settings Format show mac_notification Parameters None Restrictions None Example To show the Switching Hub s MAC address table notification global settings portlist Specify a range of ports to be configured all Specify to set all ports in the system enable Specify to enable the port s MAC address table notification disable Specify to disable the port s MAC address table notification Zxxx0 adm...

Page 339: ...ication status settings of all ports Zxxx0 admin show mac_notification Command show mac_notification Global MAC Notification Settings State Enabled Interval 1 History Size 500 Zxxx0 admin portlist Optional Specify a range of ports to be configured Zxxx0 admin show mac_notification ports Command show mac_notification ports Port MAC Address Table Notification State 1 Disabled 2 Disabled 3 Disabled 4...

Page 340: ...t 1 create mac_based_access_control guest_vlan vlan_name 32 guest_vlanid vlanid 1 4094 delete mac_based_access_control guest_vlan vlan_name 32 guest_vlanid vlanid 1 4094 clear mac_based_access_control auth_state ports all portlist mac_addr macaddr create mac_based_access_control_local mac macaddr vlan vlan_name 32 vlanid vlanid 1 4094 config mac_based_access_control_local mac macaddr vlan vlan_nam...

Page 341: ... Power User level users can issue this command Example To enable MAC based access control 39 2 disable mac_based_access_control Description This command is used to disable the MAC based access control function Format disable mac_based_access_control Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Zxxx0 admin enable mac_based_access_control...

Page 342: ...erator and Power User level users can issue this command Example To configure the password rosebud that will be used for authentication via RADIUS server Zxxx0 admin disable mac_based_access_control Command disable mac_based_access_control Success Zxxx0 admin passwd 16 In RADIUS mode the Switching Hub communicates with the RADIUS server using this password The maximum length of the key is 16 chara...

Page 343: ...ess_control guest_vlan ports Description This command is used to put the specified port in guest VLAN mode For those ports not contained in the port list they are in non guest VLAN mode For detailed information about the operation of guest VLAN mode please see the description for configuring the MAC based access control port command Format config mac_based_access_control guest_vlan ports portlist ...

Page 344: ...ember the port s will be removed from the original VLAN s member ports and added to MAC based access control guest VLAN member ports Before the authentication process starts the user is able to forward traffic under the guest VLAN After the authentication process the user will be able to access the assigned VLAN If the port authorize mode is port based mode when the port has been moved to the auth...

Page 345: ...authenticated host will be kept in the authenticated state When the aging time is timed out the host will be moved back to unauthenticated state infinite Specify an unlimited aging time min 1 1440 Specify the age out time in minutes between 1 and 1440 block_time Specify the blocking time in seconds between 0 and 300 second 0 300 Specify the blocking time The blocking time value must be between 0 a...

Page 346: ...l users can issue this command Example To create a MAC based access control guest VLAN guest_vlan Specify the name of the guest VLAN vlan_name 32 Specify the name of the guest VLAN The guest VLAN name can be up to 32 characters long guest_vlanid Specify the VLAN ID of the guest VLAN vlanid 1 4094 Specify the VLAN ID of the guest VLAN The guest VLAN ID must be between 1 and 4094 Zxxx0 admin create ...

Page 347: ... users can issue this command Example To delete a MAC based access control guest VLAN guest_vlan Specify the name of the guest VLAN vlan_name 32 Specify the name of the guest VLAN The guest VLAN name can be up to 32 characters long guest_vlanid Specify the VLAN ID of the guest VLAN vlanid 1 4094 Specify the VLAN ID of the guest VLAN The guest VLAN ID must be between 1 and 4094 Zxxx0 admin delete m...

Page 348: ...ts all portlist mac_addr macaddr Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To clear the authentication state of all ports ports Specify the port range to clear the authentication state all Specify all ports portlist Specify a range of ports mac_addr Specify to clear a specified host authentication state macaddr Enter the MAC addre...

Page 349: ...te a local database entry macaddr Specify the MAC address that access accepts by local mode vlan Optional If the MAC address is authorized the port will be assigned to this VLAN vlan_name 32 Specify a VLAN name up to 32 characters long vlanid Optional If the MAC address is authorized the port will be assigned to this VLAN ID vlanid 1 4094 Specify a VLAN ID between 1 and 4094 Zxxx0 admin create mac...

Page 350: ...l database entry macaddr Specify the MAC address that access is accepted by local mode vlan If the MAC address is authorized the port will be assigned to this VLAN vlan_name 32 Specify a VLAN name up to 32 characters long vlanid If the MAC address is authorized the port will be assigned to this VLAN ID vlanid 1 4094 Specify a VLAN ID between 1 and 4094 clear_vlan Specify to clear the specified VLA...

Page 351: ... command is used to enable or disable the acceptance of an authorized configuration When authorization is enabled for MAC based access controls with RADIUS authentication the authorized attributes for example VLAN 802 1p default priority and ACL assigned by the RADUIS server will be accepted if the global authorization status is enabled When authorization is enabled for MAC based access controls w...

Page 352: ...ault state is enabled disable If specified to disable the authorized attributes for example VLAN 802 1p default priority and ACL assigned by the RADIUS server will not be accepted even if the global authorization status is enabled local Specify to enable to disable the authorized attributes assigned by the local database enable If specified to enable the authorized attributes assigned by the local...

Page 353: ... MAC based access control local by VLAN name mac Delete database by this MAC address macaddr Enter the MAC address here vlan Delete database by this VLAN name vlan_name 32 Specify a VLAN name up to 32 characters long vlanid Delete database by this VLAN ID vlanid 1 4094 Specify a VLAN ID value must be between 1 and 4094 Zxxx0 admin delete mac_based_access_control_local mac 00 00 00 00 00 01 Command...

Page 354: ...access control authentication MAC information portlist Optional Specify the ports to display Zxxx0 admin show mac_based_access_control auth_state ports Command show mac_based_access_control auth_state ports P Port based Prio Priority Port MAC Address Original State VID Prio Aging Time RX VID Block Time 1 00 00 00 00 00 01 1 Authenticated 6 1439 1 00 00 12 00 03 00 1 Blocked 286 3 00 00 00 00 00 02...

Page 355: ... based access control information for ports 1 to 4 ports Optional Specify to display the MAC based access control port state portlist Specify a range of ports to be displayed Zxxx0 admin show mac_based_access_control Command show mac_based_access_control MAC based Access Control State Disabled Method Local Password Type Manual String Password default Max User No Limit Guest VLAN Guest VLAN Member ...

Page 356: ... show mac_based_access_control ports 1 4 Command show mac_based_access_control ports 1 4 Port State Aging Time Block Time Max User min sec 1 Disabled 1440 300 1024 2 Disabled 1440 300 1024 3 Disabled 1440 300 1024 4 Disabled 1440 300 1024 Zxxx0 admin mac Optional Display MAC based access control local databases by this MAC address macaddr Enter the MAC address here vlan Optional Specify the VLAN v...

Page 357: ...te enable disable Zxxx0 admin show mac_based_access_control_local Command show mac_based_access_control_local MAC Address VID 00 00 00 00 00 01 1 Total Entries 1 Zxxx0 admin Zxxx0 admin show mac_based_access_control_local mac 00 00 00 00 00 01 Command show mac_based_access_control_local mac 00 00 00 00 00 01 MAC Address VID 00 00 00 00 00 01 1 Total Entries 1 Zxxx0 admin Zxxx0 admin show mac_based...

Page 358: ...Administrator Operator and Power User level users can issue this command state Specifies the log state for MAC based Access Control enable Specifies that the log for MAC based Access Control will be enabled disable Specifies that the log for MAC based Access Control will be disabled Zxxx0 admin config mac_based_access_control log state disable Command config mac_based_access_control log state disa...

Page 359: ...e this command Example To configure the MAC based Access Control using client s MAC address as authentication password Zxxx0 admin config mac_based_access_control trap state enable Command config mac_based_access_control trap state enable Success Zxxx0 admin manual_string Specifies to use the same string as password for all clients do RADIUS authentication the string can be configured by using the...

Page 360: ... Zxxx0 admin config mac_based_access_control password_type client_mac_address Command config mac_based_access_control password_type client_mac_address Success Zxxx0 admin Zxxx0 admin config mac_based_access_control password_type manual_string Command config mac_based_access_control password_type manual_string Success Zxxx0 admin ...

Page 361: ...39 MAC based Access Control Commands 361 ...

Page 362: ...ive packets Figure 40 1 Mirroring overview 40 1 create mirror group_id Description This command used to create a mirror group If the mirror group has existed do nothing and return success Format create mirror group_id value 1 4 create mirror group_id value 1 4 config mirror port port add delete source ports portlist rx tx both config mirror group_id value 1 4 target_port port add delete source por...

Page 363: ...alue must be between 1 and 4 Zxxx0 admin create mirror group_id 3 Command create mirror group_id 3 Success Zxxx0 admin port Specify the port that will receive the packets duplicated at the mirror port add Optional Specify the mirror entry to be added delete Optional Specify the mirror entry to be deleted source ports Optional Specify the ports that will be mirrored All packets entering and leaving...

Page 364: ...orts 1 5 both Success Zxxx0 admin value 1 4 Enter the mirror group ID used here This value must be between 1 and 4 target_port Optional Specifies the port that will receive the packets duplicated at the mirror port port Enter the target port number used here add Optional Specifies the mirror source ports to be add delete Optional Specifies the mirror source ports to be delete source Optional Speci...

Page 365: ...this command Example To delete mirror group 3 state Optional Specifies the mirror group state to enable or disable the mirror group function enable Specifies that the mirror group state will be enabled disable Specifies that the mirror group state will be disabled Zxxx0 admin config mirror group_id 2 state enable add source ports 4 9 both Command config mirror group_id 2 state enable add source po...

Page 366: ...ithout having to modify the mirror session configuration If the target port hasn t been set enable mirror will not take effect Format enable mirrorg Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable mirroring configurations Zxxx0 admin enable mirror Command enable mirror Success Zxxx0 admin ワヰヵユワヰヵユ ...

Page 367: ...r and Operator level users can issue this command Example To disable mirroring configurations 40 7 show mirror Description This command is used to display the current port mirroring configuration on the Switching Hub Format show mirror group_id value 1 4 Parameters Zxxx0 admin disable mirror Command disable mirror Success Zxxx0 admin group_id Optional Specifies the group ID used for this display v...

Page 368: ...nds 368 Restrictions None Example To display mirroring configuration Zxxx0 admin show mirror Command show mirror Mirror Global State Disabled Group State Target Port Source Ports 1 Enabled 1 RX 2 3 TX 2 3 Zxxx0 admin ...

Page 369: ...r 1 config mld_snooping rate_limit ports portlist vlanid vlanid_list value 1 1000 no_limit show mld_snooping rate_limit ports portlist vlanid vlanid_list create mld_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipv6addr config mld_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipv6addr add delete portlist delete mld_snooping static_group vlan vlan_name 32 vlanid vlanid_lis...

Page 370: ...how mld_snooping mrouter_ports vlan vlan_name 32 vlanid vlanid_list all static dynamic forbidden show mld_snooping forwarding vlan vlan_name 32 vlanid vlanid_list config mld_snooping unknow_data_learning all vlan_name vlan_name 32 vlanid vlanid_list state enable disable aged_out enable disable expiry_time sec 1 65535 config mld_snooping unknow_data_learning max_learned_entry value 1 1024 clear mld...

Page 371: ...e the MLD leave message enable Enable the MLD snooping fast leave function disable Disable the MLD snooping fast leave function proxy_reporting Specifies that the proxy reporting function will be configured state Specifies the state of the proxy reporting function enableSpecifies that the proxy reporting function will be enabled disableSpecifies that the proxy reporting function will be disabled s...

Page 372: ... range of VLANs to be configured vlanid_list Specify the VLAN ID list value 1 1000 Specify the rate limit of MLD control packet that the Switching Hub can process on a specific port VLAN The rate is specified in packet per second The packet that exceeds the limited rate will be dropped no_limit The default setting is no limit Zxxx0 admin config mld_snooping rate_limit ports 1 100 Command config ml...

Page 373: ...ic member ports The static member port will only affect V2 MLD operation The Reserved IP multicast addresses FF0x 16 must be excluded from the configured group The VLAN must be created first before a static group can be created Format create mld_snooping static_group vlan vlan_name 32 vlanid vlanid_list ipv6addr Parameters Restrictions Only Administrator Operator and Power User level users can iss...

Page 374: ...id vlanid_list ipv6addr add delete portlist Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To unset ports 9 to 10 from MLD Snooping static member ports for group FF1E 1 on default VLAN Zxxx0 admin create mld_snooping static_group vlan vlan1 FF1E 1 Command create mld_snooping static_group vlan vlan1 FF1E 1 Success Zxxx0 admin vlan Speci...

Page 375: ...oping static group from the default VLAN group FF1E 1 Zxxx0 admin config mld_snooping static_group vlan default FF1E 1 delete 9 10 Command config mld_snooping static_group vlan default FF1E 1 delete 9 10 Success Zxxx0 admin vlan Specify the name of the VLAN on which the static group resides vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Specify the ID of the VLAN on ...

Page 376: ...tional Specify the name of the VLAN on which the static group resides vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Optional Specify the ID of the VLAN on which the static group resides vlanid_list Specify the VLAN ID list ipv6addr Optional Specify the multicast group IPv6 address for Layer 3 Switching Hub Zxxx0 admin show mld_snooping static_group Command show mld_...

Page 377: ...d Format show mld_snooping statistic counter vlan vlan_name 32 vlanid vlanid_list ports portlist Parameters Restrictions None Example To display the MLD snooping statistics counters on port 1 vlan Specify a VLAN to be displayed vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Specify a list of VLANs to be displayed vlanid_list Specify the VLAN ID list ports Specify a l...

Page 378: ...ry 0 Total 0 Dropped By Rate Limitation 0 Dropped By Multicast VLAN 0 Report Done MLD v1 Report 0 MLD v2 Report 0 MLD v1 Done 0 Total 0 Dropped By Rate Limitation 0 Dropped By Max Group Limitation 0 Dropped By Group Filter 0 Dropped By Multicast VLAN 0 Transmit Statistics Query MLD v1 Query 0 MLD v2 Query 0 Total 0 Report Done MLD v1 Report 0 MLD v2 Report 0 MLD v1 Done 0 Total 0 Total Entries 1 Z...

Page 379: ...g querier Description This command is used to configure the time in seconds between general query transmissions the maximum time to wait for reports from listeners and the permitted packet loss that guarantees MLD snooping Format config mld_snooping querier vlan_name vlan_name 32 vlanid vlanid_list all query_interval sec 1 65535 max_response_time sec 1 25 robustness_variable value 1 7 last_listene...

Page 380: ...lated as follows robustness variable x query interval 1 x query response interval Other querier present interval Amount of time that must pass before a multicast router decides that there is no longer another multicast router that is the querier This interval is calculated as follows robustness variable x query interval 0 5 x query response interval Last member query count Number of group specific...

Page 381: ... be sent by this port If a MLD packet received by the interface has a version higher than the specified version this packet will be forward from router ports or VLAN flooding value 1 2 Specify the values between 1 and 2 Zxxx0 admin config mld_snooping querier vlan_name default query_interval 125 state enable Command config mld_snooping querier vlan_name default query_interval 125 state enable Succ...

Page 382: ...lanid_list add delete portlist Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Zxxx0 admin config mld_snooping mrouter_ports vlan default add 1 10 Command config mld_snooping mrouter_ports vlan default add 1 10 Success Zxxx0 admin vlan Specify the name of the VLAN on which the router port resides vlan_name 32 Specify the name of the VLAN on whi...

Page 383: ...Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable MLD snooping on the Switching Hub Zxxx0 admin config mld_snooping mrouter_ports_forbidden vlan default add 1 10 Command config mld_snooping mrouter_ports_forbidden vlan default add 1 10 Success Zxxx0 admin Zxxx0 admin enable mld_snooping Command enable mld_snooping Success Z...

Page 384: ...nly Administrator Operator and Power User level users can issue this command Example To disable MLD snooping on the Switching Hub 41 15 show mld_snooping Description This command is used to display the current MLD snooping configuration on the Switching Hub Format show mld_snooping vlan vlan_name 32 vlanid vlanid_list Parameters Zxxx0 admin disable mld_snooping Command disable mld_snooping Success...

Page 385: ... mld_snooping MLD Snooping Global State Disabled Unknown Data Learning Max Entries 50 VLAN Name default Query Interval 125 Max Response Time 10 Robustness Value 2 Last Listener Query Interval 1 Querier State Disable Querier Role Non Querier Querier IP Querier Expiry Time 0 secs State Disable Fast Done Disable Proxy Reporting Enable Proxy Reporting Source IP Rate Limit No Limitation Version 2 Unkno...

Page 386: ...iew MLD snooping group information If VLAN and ports and IP address are not specified the system will display all current MLD snooping group information vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Optional Specify the ID of the VLAN for which to view MLD snooping group information vlanid_list Specify the VLAN ID list ports Optional Specify the list of port for whi...

Page 387: ...ault 1 Member Ports 3 UP Time 29 Expiry Time 247 Filter Mode EXCLUDE Source Group NULL FE1E 2 VLAN Name VID default 1 Member Ports 4 5 UP Time 40 Expiry Time 205 Filter Mode EXCLUDE Total Entries 3 Zxxx0 admin vlan Specify the name of the VLAN on which the router port resides vlan_name 32 Specify the name of the VLAN on which the router port resides The maximum length is 32 characters vlanid Speci...

Page 388: ...cket comes from the source VLAN They will be forwarded to the forwarding ports Format show mld_snooping forwarding vlan vlan_name 32 vlanid vlanid_list Parameters forbidden Optional Display forbidden router ports that have been statically configured Zxxx0 admin show mld_snooping mrouter_ports all Command show mld_snooping mrouter_ports all VLAN Name default Static Router Port Dynamic Router Port R...

Page 389: ...on the Switching Hub vlanid Optional Specify the ID of the VLAN for which to view MLD snooping forwarding table information vlanid_list Specify the VLAN ID list Zxxx0 admin show mld_snooping forwarding Command show mld_snooping forwarding VLAN Name default Source IP 2001 1 Multicast Group FE1E 1 Port Member 2 7 VLAN Name default Source IP 2001 1 Multicast Group FE1E 2 Port Member 5 Total Entries 2...

Page 390: ...t string 16 username default Parameters Restrictions When users issue the reset command the current command prompt will remain in tact Issuing the reset system will return the command prompt to its original factory default value Only Administrator and Operator level users can issue this command Example To edit the command prompt config command_prompt string 16 username default string 16 Specify th...

Page 391: ...cing application where multiple servers can share the same IP address and MAC address The requests from clients will be forwarded to all servers but will only be processed by one of them In multicast mode the client use the multicast MAC address as the destination MAC to reach the server Regarding of the mode this destination MAC is the named the shared MAC The server uses its own MAC address rath...

Page 392: ...nistrator Operator and Power User level users can issue this command Example To delete NLB multicast FDB entry macaddr Specifies the MAC address of the NLB multicast FDB entry to be created Zxxx0 admin create nlb multicast_fdb default 03 bf 01 01 01 01 Command create nlb multicast_fdb default 03 bf 01 01 01 01 Success Zxxx0 admin vlan_name 32 Enter the VLAN name of the NLB multicast FDB entry here...

Page 393: ...elete nlb multicast_fdb default 03 bf 01 01 01 01 Success Zxxx0 admin vlan_name 32 Enter the VLAN name of the NLB multicast FDB entry here This name can be up to 32 characters long vlanid Specifies the VLAN ID used vlanid Enter the VLAN ID used here macaddr Specifies the MAC address of the NLB multicast FDB entry to be configured add Specifies a list of forwarding ports to be added delete Specifie...

Page 394: ...lb fdb Parameters None Restrictions None Example To display the NLB forwarding table Zxxx0 admin show nlb fdb Command show nlb fdb MAC Address VLAN ID Egress Ports 02 bf 01 01 01 01 1 1 1 5 1 26 2 26 02 bf 01 01 01 02 1 1 1 5 1 26 2 26 03 bf 01 01 01 01 100 1 1 1 5 1 26 2 26 03 bf 01 01 01 01 1 1 1 1 5 1 26 2 26 Total Entries 4 Zxxx0 admin ...

Page 395: ...dr snmp telnet ssh http https ping config trusted_host ipaddr ipv6addr network network_address ipv6_prefix ipv6networkaddr add delete snmp telnet ssh http https ping all delete trusted_host ipaddr ipaddr ipv6address ipv6addr network network_address ipv6_prefix ipv6networkaddr all show trusted_host config snmp system_name sw_name config snmp system_location sw_location config snmp system_contact sw...

Page 396: ...o disable the SNMP function When SNMP function is disabled the network manager will not be able to access SNMP MIB objects The device will not send traps or notification to network manager either Format disable snmp Parameters None By default SNMP is disabled Restrictions Only Administrator and Operator level users can issue this command Example To disable SNMP Zxxx0 admin enable snmp Command enab...

Page 397: ...ed the IP range can access the Switch through any method Zxxx0 admin disable snmp Command disable snmp Success Zxxx0 admin ipaddr Specify the IP address of the trusted host ipv6addr Specify the IPv6 address of the trusted host network Specify the network address of the trusted network The form of network address is xxx xxx xxx xxx y network_address Specify the network address of the trusted networ...

Page 398: ...ost network Specify the network address of the trusted network The form of network address is xxx xxx xxx xxx y network_address Specify the network address of the trusted network The form of network address is xxx xxx xxx xxx y ipv6_prefix Specify the IPv6 network address of the trusted network ipv6networkaddr Specify the IPv6 network address of the trusted network add Allow to manage applications...

Page 399: ...elnet Command config trusted_host 10 48 74 121 add ssh telnet Success Zxxx0 admin ipaddr Specify the IP address of the trusted host ipaddr Specify the IP address of the trusted host ipv6address Specify the IPv6 address of the trusted host ipv6addr Specify the IPv6 address of the trusted host network Specify the network address of the trusted network The form of network address is xxx xxx xxx xxx y...

Page 400: ...trusted_host Parameters None Restrictions None Example To display trusted hosts Zxxx0 admin delete trusted_host ipaddr 10 48 74 121 Command delete trusted_host ipaddr 10 48 74 121 Success Zxxx0 admin Zxxx0 admin show trusted_host Command show trusted_host Management Stations IP Address Access Interface 10 48 93 100 10 51 17 1 10 50 95 90 Total Entries 3 Zxxx0 admin ...

Page 401: ...ig snmp system_location Description This command is used to enter a description of the SNMP system location of the Switching Hub A maximum of 255 characters can be used Format config snmp system_location sw_location Parameters sw_name Specify an SNMP system name for the Switching Hub A maximum of 255 characters is allowed Zxxx0 admin config snmp system_name Zxxx0 Gigabit Ethernet Switch Command co...

Page 402: ...aximum of 255 characters can be used Format config snmp system_contact sw_contact Parameters Restrictions Only Administrator and Operator level users can issue this command Example To configure the Switching Hub contact to Network Manager Zxxx0 admin config snmp system_location 7F Server Room Command config snmp system_location 7F Server Room Success Zxxx0 admin sw_contact Specify an SNMP system c...

Page 403: ...dministrator and Operator level users can issue this command Example To enable SNMP trap support 44 11 disable snmp traps Description This command is used to disable SNMP trap support on the Switching Hub Format disable snmp traps Parameters None Restrictions Only Administrator and Operator level users can issue this command Zxxx0 admin enable snmp traps Command enable snmp traps Success Zxxx0 adm...

Page 404: ...ntication failure trap support Format enable snmp authenticate_traps Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable SNMP authentication trap support Zxxx0 admin disable snmp traps Command disable snmp traps Success Zxxx0 admin Zxxx0 admin enable snmp authenticate_traps Command enable snmp authenticate_traps Success Zxxx0 admin ...

Page 405: ...r and Operator level users can issue this command Example To disable SNMP authentication trap support 44 14 enable snmp linkchange_traps Description This command is used to enable SNMP linkchange trap support Format enable snmp linkchange_traps Parameters None Restrictions Only Administrator and Operator level users can issue this command Zxxx0 admin disable snmp authenticate_traps Command disable...

Page 406: ...upport Format disable snmp linkchange_traps Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To disable SNMP linkchange trap support Zxxx0 admin enable snmp linkchange_traps Command enable snmp linkchange_traps Success Zxxx0 admin Zxxx0 admin disable snmp linkchange_traps Command disable snmp linkchange_traps Success Zxxx0 admin ...

Page 407: ...SNMP linkchange traps for ports 1 to 4 44 17 show snmp traps Description This command is used to display the SNMP trap state Format show snmp traps linkchange_traps ports portlist Parameters all Specify all ports portlist Specify a port or range of ports enable Enable sending of the link change trap for this port disable Disable sending of the link change trap for this port Zxxx0 admin config snmp...

Page 408: ... Traps Enabled Warmstart Traps Enabled Zxxx0 admin Zxxx0 admin show snmp traps linkchange_traps Command show snmp traps linkchange_traps Linkchange Traps Enabled Port 1 Enabled Port 2 Enabled Port 3 Enabled Port 4 Enabled Port 5 Enabled Port 6 Enabled Port 7 Enabled Port 8 Enabled Port 9 Enabled Port 10 Enabled Port 11 Enabled Port 12 Enabled Port 13 Enabled Port 14 Enabled Port 15 Enabled Port 16...

Page 409: ...start events 44 19 config snmp warmstart_traps Description This command is used to configure the trap state for warmstart events Format config snmp warmstart_traps enable disable Parameters enable Enable traps for coldstart events The default state is enabled disable Disable traps for coldstart events Zxxx0 admin config snmp coldstart_traps enable Command config snmp coldstart_traps enable Success...

Page 410: ... Only Administrator and Operator level users can issue this command Example To configure the trap source IP interface Zxxx0 admin config snmp warmstart_traps enable Command config snmp warmstart_traps enable Success Zxxx0 admin ipif_name 12 Specify the IP interface name If only this parameter is specified the IPv4 address and the smallest IPv6 address of ipif_name will be used as source IP address...

Page 411: ...ce Format show trap source_ipif Parameters None Restrictions None Example To display the trap source IP interface Zxxx0 admin config trap source_ipif none Command config trap source_ipif none Success Zxxx0 admin Zxxx0 admin show trap source_ipif Command show trap source_ipif Trap Source IP Interface Configuration IP Interface ipif4 IPv4 Address None IPv6 Address 3000 52 Zxxx0 admin ...

Page 412: ...isable the trap state for RMON rising_alarm Optional Specify the trap state for rising alarm The default state is enabled enable Enable the trap state for rising alarm disable Disable the trap state for rising alarm falling_alarm Optional Specify the trap state for falling alarm The default state is enabled enable Enable the trap state for falling alarm disable Disable the trap state for falling a...

Page 413: ...n This command is used to display RMON related settings Format show rmon Parameters None Restrictions None Example To display current RMON settings Zxxx0 admin show rmon Command show rmon RMON Rising Alarm Trap Enabled RMON Falling Alarm Trap Enabled Zxxx0 admin ...

Page 414: ...tical error warning notice informational debug level_list 0 7 module module_list show log_save_timing show log_software_module config log_save_timing time_interval min 1 65535 on_demand log_trigger enable syslog disable syslog show syslog config syslog host index all severity emergency alert critical error warning notice informational debug level 0 7 facility local0 local1 local2 local3 local4 loc...

Page 415: ...This command is used to display statistics about the packets sent and received by the Switching Hub Format show packet ports portlist Parameters Restrictions None Example To display the packets analysis for port 7 portlist Specify a port or range of ports to be displayed ...

Page 416: ...Size Type Frame Counts Frames sec 64 0 0 65 127 0 0 128 255 0 0 256 511 0 0 512 1023 0 0 1024 1518 0 0 1519 1522 0 0 1519 2047 0 0 2048 4095 0 0 4096 9216 0 0 Unicast RX 0 0 Multicast RX 0 0 Broadcast RX 0 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh Port number 7 Frame Type Total Total sec RX Bytes 0 0 RX Frames 0 0 TX Bytes 0 0 TX Frames 0 0 CTRL C ESC q Quit SPACE n Next Page...

Page 417: ...display port utilization Zxxx0 admin show error ports 3 Command show error ports 3 Port Number 3 RX Frames TX Frames CRC Error 0 Excessive Deferral 0 Undersize 0 CRC Error 0 Oversize 0 Late Collision 0 Fragment 0 Excessive Collision 0 Jabber 0 Single Collision 0 Drop Pkts 0 Collision 0 Symbol Error 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh ports Specify to display real time p...

Page 418: ...TX sec RX sec Util 1 0 0 0 21 0 0 0 2 0 0 0 22 0 0 0 3 0 0 0 23 0 0 0 4 0 0 0 24 0 0 0 5 0 0 0 25 0 0 0 6 0 0 0 26 0 0 0 7 0 0 0 27 0 0 0 8 0 0 0 28 0 0 0 9 0 0 0 10 0 0 0 11 0 0 0 12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0 16 0 0 0 17 0 0 0 18 0 0 0 19 0 0 0 20 0 0 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh Zxxx0 admin show utilization cpu Command show utilization cpu CPU utilizatio...

Page 419: ...isplay Flash utilization unit Specifies which unit on the stacking system If it is not specified it refers to the master unit unit_id Enter the unit ID used here Zxxx0 admin show utilization dram Command show utilization dram DRAM utilization Total DRAM 262144 KB Used DRAM 119586 KB Utilization 45 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh unit Specifies which unit on the stacki...

Page 420: ... To clear the Switching Hub s statistics counters for ports 7 to 9 Zxxx0 admin show utilization flash Command show utilization flash FLASH Memory Utilization Total FLASH 30608 KB Used FLASH 4786 KB Utilization 15 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh ports Specify a range of ports to be configured The beginning and end of the port list range are separated by a dash portlist...

Page 421: ...iption This command is used to display the Switching Hub history log Format show log index value_list severity module module_list emergency alert critical error warning notice informational debug level_list 0 7 module module_list Parameters Zxxx0 admin clear log Command clear log Success Zxxx0 admin index Optional Specify to display the history log between two values value_list Specify to display ...

Page 422: ...ecify severity level 3 warning Optional Specify severity level 4 notice Optional Specify severity level 5 informational Optional Specify severity level 6 debug Optional Specify severity level 7 level_list 0 7 Optional Specify a list of severity levels to be displayed If more than one severty level separate them by comma The level numbers are from 0 to 7 module Specify the modules to be displayed T...

Page 423: ...rs None Restrictions None Example To display the method to save log 45 10 show log_software_module Description This command is used to display the protocols or applications that support the enhanced log Format show log_software_module Parameters None Restrictions None Zxxx0 admin show log_save_timing Command show log_save_timing Saving Log Method On_demand Zxxx0 admin ...

Page 424: ...o save log as on demand Zxxx0 admin show log_software_module Command show log_software_module DHCPv6_CLIENT ERROR_LOG MSTP Zxxx0 admin time_interval Specify to save log to Flash every xxx minutes If no log occurs in this period nothing will be saved min 1 65535 Specify the time between 1 and 65535 minutes The default value is 60 minutes on_demand Specify to save log to Flash whenever the user type...

Page 425: ...ictions Only Administrator and Operator level users can issue this command Example To enable syslog to send a message 45 13 disable syslog Description This command is used to disable syslog from sending a message Format disable syslog Parameters None Restrictions Only Administrator and Operator level users can issue this command Zxxx0 admin enable syslog Command enable syslog Success Zxxx0 admin ...

Page 426: ...ommand is used to display the syslog protocol global state Format show syslog Parameters None Restrictions None Example To display the syslog protocol global state Zxxx0 admin disable syslog Command disable syslog Success Zxxx0 admin Zxxx0 admin show syslog Command show syslog Syslog Global State Enabled Zxxx0 admin ...

Page 427: ...l Specify critical messages error Specify error messages warning Specify warning messages noticeSpecify notice messages informational Specify informational messages debugSpecify debug messages level 0 7 Specify a level between 0 and 7 facility Some of the operating system daemons and processes have been assigned facility values Processes and daemons that have not been explicitly assigned a facilit...

Page 428: ...ort udp_port_number state enable disable Parameters ipaddress Specify the IPv4 address or IPv6 address of the host ipaddr Specify the IPv4 address of the host ipv6addr Specify the IPv6 address of the host state The syslog protocol has been used for the transmission of event notification messages across networks to host This option enables or disables the host to receive such messages enable Enable...

Page 429: ... level between 0 and 7 facility Some of the operating system daemons and processes have been assigned facility values Processes and daemons that have not been explicitly assigned a facility may use any of the local use facilities or they may use the user level facility Those facilities that have been designated are shown in the following local0User defined facility local1User defined facility loca...

Page 430: ... Restrictions Only Administrator and Operator level users can issue this command Example To delete a syslog host Zxxx0 admin create syslog host 1 ipaddress 10 1 1 1 Command create syslog host 1 ipaddress 10 1 1 1 Success Zxxx0 admin inex 1 4 Specify the host index all Specify all hosts Zxxx0 admin delete syslog host 4 Command delete syslog host 4 Success Zxxx0 admin ...

Page 431: ... Restrictions None Example To display syslog host configurations index 1 4 Optional Specify the host index Zxxx0 admin show syslog host Command show syslog host Syslog Global State Disabled Host 1 IP Address 10 1 1 2 Severity Warning Facility Local10 UDP port 514 Status Disabled Host 2 IP Address 3000 501 100 ffff 101 202 303 1 Severity Emergency Facility Local10 UDP port 514 Status Disabled Total...

Page 432: ...log source IP interface To clear the configured source IP interface for syslog ipif_name 12 Specify the IP interface name If only this parameter is specified the IPv4 address and the smallest IPv6 address of ipif_name will be used as source IP addresses ipaddr Optional Specify the IP4 address ipv6addr Optional Specify the IPv6 global address none Specify to clear the configured source IP interface...

Page 433: ...isplay the Switching Hub s attack log Format show attack_log index value_list Parameters Zxxx0 admin show syslog source_ipif Command show syslog source_ipif Syslog Source IP Interface Configuration IP Interface System IPv4 Address None IPv6 Address None Zxxx0 admin index Optional Specify the list of index of the entries that need to be displayed value_list Specify the list of index of the entries ...

Page 434: ...erator level users can issue this command Example To clear the Switching Hub s attack log Zxxx0 admin show attack_log index 1 3 Command show attack_log index 1 3 Index Date Time Level Log Text 3 2009 12 26 14 15 45 WARN 4 Port security violation mac addrss 00 18 F3 10 94 89 on locking address full port 28 2 2009 12 26 14 15 45 WARN 4 Port security violation mac addrss 00 18 F3 10 94 89 on locking ...

Page 435: ...45 Network Monitoring Commands 435 Zxxx0 admin clear attack_log Command clear attack_log Success Zxxx0 admin ...

Page 436: ...t threshold If a packet storm does not stop within a specified time the port is kept isolated until it is recovered manually Figure 46 1 Packet storm control config traffic control portlist all broadcast enable disable multicast enable disable unicast enable disable action drop shutdown threshold value 0 255000 countdown min 0 min 3 30 disable time_interval sec 5 600 1 config traffic control auto_...

Page 437: ...e Enable broadcast storm control disable Disable broadcast storm control multicast Specify the multicast storm status enable Enable multicast storm control disable Disable multicast storm control unicast Specify the unknown unicast packet storm status enable Enable unknown unicast packet storm control only support drop action disable Disable unknown unicast packet storm control action Specify the ...

Page 438: ...ode shutdown forever Format config traffic control auto_recover_time min 0 min 1 65535 countdown The timer for shutdown mode When a port enters a shutdown RX state and if this times out the port will shut down the port forever The default is 0 minutes min 0 Zero is the disable forever state min 3 30 Enter a value between 3 and 30 minutes disable Specifies that when the action is shutdown and the c...

Page 439: ...esn t support unicast storm control The log only generate for broadcast and multicast storm control Format config traffic control log state enable disable Parameters Restrictions Only Administrator Operator and Power User level users can issue this command min 0 Enter the automatic recovery time used here This value will specifies the time to be 0 otherwise known as no recovery mode min 1 65535 En...

Page 440: ...ed Format config traffic trap none storm_occurred storm_cleared both Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure a traffic control trap Zxxx0 admin config traffic control log state enable Command config traffic control log state enable Success Zxxx0 admin none none No notification will be generated when storm event is d...

Page 441: ...min config traffic trap both Command config traffic trap both Success Zxxx0 admin portlist Optional Specify a range of ports to be shown Zxxx0 admin show traffic control 1 3 Command show traffic control 1 3 Traffic Control Trap None Traffic Control Log Enabled Traffic Control Auto Recover Time 0 Minutes Port Thres Broadcast Multicast Unicast Action Count Time Shutdown hold Storm Storm Storm down I...

Page 442: ...rned entry number for the entire system for a port for a VLAN and for specific VLAN on a port If any limitation is exceeded the new entry will be discarded config port_security ports portlist all admin_state enable disable max_learning_addr max_lock_no 0 3328 lock_address_mode permanent deleteontimeout deleteonreset 1 vlan vlan_name 32 vlanid vidlist max_learning_addr max_lock_no 0 3328 no_limit c...

Page 443: ...k_address_mode Indicate locking address mode The default mode is deleteonreset permanent The address will never be deleted unless the user removes it manually or the VLAN of the entry is removed or the port are removed from the VLAN or port security is disabled on the port where the address resides deleteontimeout The locked addresses can be aged out after aging timer expires deleteonreset This ad...

Page 444: ...ic VLAN on a port If any limitation is exceeded the new entry will be discarded The setting for system level max learned users must be greater than the total of the max learned users allowed on all ports Format config port_security system max_learning_addr max_lock_no 1 3328 no_limit Zxxx0 admin config port_security ports 6 admin_state enable max_learning_addr 10 lock_address_mode permanent Comman...

Page 445: ...ded the new entry will be discarded Format config port_security vlan vlan_name 32 vlanid vidlist max_learning_addr max_lock_no 0 3328 no_limit Parameters max_lock_no 1 3328 Specify the maximum number of MAC address entries that can be learned by the system If the setting is smaller than the number of current learned entries on all enabled ports the command will be rejected no_limit By default the ...

Page 446: ...meter is set to 0 it means that no user can get authorization on this VLAN If the setting is smaller than the number of current learned entries on the VLAN the command will be rejected max_lock_no 0 3328 Specify the value between 0 and 3328 no_limit Specify the default value is no limit Zxxx0 admin config port_security vlan vlanid 1 max_learning_addr 64 Command config port_security vlan vlanid 1 m...

Page 447: ...dministrator Operator and Power User level users can issue this command Zxxx0 admin delete port_security_entry vlan default mac_address 00 01 30 10 2C C7 Command delete port_security_entry vlan default mac_address 00 01 30 10 2C C7 Success Zxxx0 admin ports Optional The port security entries learned on the specified port will be cleared portlist Specify a range of ports to be configured all All th...

Page 448: ...t Parameters Restrictions None Zxxx0 admin clear port_security_entry port 6 Command clear port_security_entry port 6 Success Zxxx0 admin ports Optional Specify a range of ports to be displayed portlist Specify a range of ports to be displayed vlan Optional Specify a VLAN to display its entry vlan_name 32 Specify the VLAN name The maximum length is 32 characters vlanid Optional Specify a VLAN list ...

Page 449: ...ame 32 vlanid vidlist Parameters Restrictions None Zxxx0 admin show port_security_entry Command show port_security_entry MAC Address VID Port Lock Mode 00 00 00 00 00 01 1 25 DeleteOnTimeout Total Entry Number 1 Zxxx0 admin ports Optional Specify a range of ports to be displayed portlist Specify a range of ports to be displayed vlan Optional Specify a VLAN to display its configuration vlan_name 32...

Page 450: ... relevant information will be logged Format enable port_security trap_log Parameters None Zxxx0 admin show port_security Command show port_security Port Security Trap Log Disabled System Maximum Address 512 VLAN Configuration Only VLANs with limitation are displayed VID VLAN Name Max Learning Addr 1 default 64 2 TstVLAN 8 Zxxx0 admin Zxxx0 admin show port_security ports 1 6 Command show port_secur...

Page 451: ...led no trap will be sent out for MAC violations and no log will be recorded Format disable port_security trap_log Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To prevent a port security trap from being sent from the Switching Hub Zxxx0 admin enable port_security trap_log Command enable port_security trap_log Success Zxxx0 admin ...

Page 452: ...o send a single link pulse When the port is turned off a simple receive energy detect circuit is continuously monitoring energy on the cable At the moment when energy is detected the port turns on fully per IEEE specification requirements The power saving function is performed while no link is detected and it will not affect the port capabilities while it is link up Format config power_saving stat...

Page 453: ...formation Format show power_saving Parameters None Restrictions None Example To display power saving information Zxxx0 admin config power_saving state enable Command config power_saving state enable Success Zxxx0 admin Zxxx0 admin show power_saving Command show power_saving Power Saving State Enabled Zxxx0 admin ...

Page 454: ...col group create dot1v_protocol_group group_id id group_name name 32 config dot1v_protocol_group group_id id group_name name 32 add protocol ethernet_2 ieee802 3_snap ieee802 3_llc protocol_value delete protocol ethernet_2 ieee802 3_snap ieee802 3_llc protocol_value delete dot1v_protocol_group group_id id group_name name 32 all show dot1v_protocol_group group_id id group_name name 32 config port d...

Page 455: ...ocol Specify the protocol to be added Depending on the frame type the octet string will have one of the following values below The form of the input is 0x0 to 0xffff ethernet_2 This is a 16 bit 2 octet hex value Example IPv4 is 800 IPv6 is 86dd ARP is 806 etc ieee802 3_snap This is a 16 bit 2 octet hex value Example IPv4 is 800 IPv6 is 86dd ARP is 806 etc ieee802 3_llc This is the 2 octet IEEE 802...

Page 456: ...econd octet for Source protocol_value Specify the protocol value used to identify a protocol of the frame type The form of the input is 0x0 to 0xffff Depending on the frame type the octet string will have one of the following values For Ethernet II this is a 16 bit 2 octet hex value For example IPv4 is 800 IPv6 is 86dd ARP is 806 etc For IEEE802 3 SNAP this is this is a 16 bit 2 octet hex value Fo...

Page 457: ...l_group Description This command is used to display the protocols defined in protocol groups Format show dot1v_protocol_group group_id id group_name name 32 group_idSpecify the group ID to be deleted id Specify the group ID to be deleted group_name Specify the name of the protocol group to be deleted name 32 Specify the name of the protocol group to be deleted The maximum length is 32 characters a...

Page 458: ...ity for those untagged packets classified by the protocol VLAN Format config port dot1v ports portlist all add protocol_group group_id id group_name name 32 vlan vlan_name 32 vlanid id priority value 0 7 delete protocol_group group_id id all group_id Optional Specify the group ID to be displayed id Specify the group ID to be displayed group_name Optional Specify the name of the protocol group name...

Page 459: ...acters vlan Specify the VLAN that is to be associated with this protocol group on this port vlan_name 32 Specify the VLAN that is to be associated with this protocol group on this port The maximum length is 32 characters vlanid Specify the VLAN ID id Specify the VLAN ID priority Specify the priority to be associated with the packet which has been classified to the specified VLAN by the protocol va...

Page 460: ... information for all ports will be displayed Restrictions None Example To display the protocol VLAN information for ports 1 to 2 ports Optional Specify a range of ports to be displayed portlist Specify a range of ports to be displayed Zxxx0 admin show port dot1v ports 1 2 Command show port dot1v ports 1 2 Port 1 Protocol Group ID VLAN Name Protocol Priority 1 default Port 2 Protocol Group ID VLAN ...

Page 461: ...49 Protocol VLAN Commands 461 ...

Page 462: ...ommunication purpose to secure response time and throughput required for each communication It performs communication priority control based on the priority tag priority information added to the header of a receive packet It also allows to restrict bandwidth according to the priority tag for each port Figure 50 1 QoS overview ...

Page 463: ... 802 1p default_priority portlist all priority 0 7 show 802 1p default_priority portlist enable hol_prevention disable hol_prevention show hol_prevention config dscp map portlist all dscp_priority dscp_list to priority 0 7 dscp_dscp dscp_list to dscp 0 63 config dscp trust portlist all state enable disable show dscp map portlist dscp_priority dscp_dscp dscp dscp_list show dscp trust portlist portl...

Page 464: ...ns tx_rate Optional Specify the limitation of transmit data rate no_limit Specify to indicate there is no limit on port tx bandwidth value 64 10240000 Specify an integer value from 64 to 10240000 to set a maximum limit in Kbits sec The specified bandwidth limit may be equaled but not exceeded This exact logical limit or token value is hardware determined Note 1 Kbit 1000 bits 1 Gigabit 1000 1000 K...

Page 465: ...Robin SDWRR mode Format config per_queue bandwidth_control ports portlist all cos_id_list 0 7 min_rate no_limit value 64 10240000 max_rate no_limit value 64 10240000 1 Parameters Zxxx0 admin show bandwidth_control 1 2 Command show bandwidth_control 1 2 Bandwidth Control Table Port RX Rate TX Rate Effective RX Effective TX Kbit sec Kbit sec Kbit sec Kbit sec 1 No Limit No Limit No Limit No Limit 2 ...

Page 466: ...y be equaled but not exceeded The exact logical limit or token value is hardware determined Note 1 Kbit 1000 bits 1 Gigabit 1000 1000 Kbits Actual rate inputted rate 64 64 max_rateSpecify one of the parameters below will be applied to the maximum rate that the class specified above will be allowed to transmit packets at no_limit Indicates there is no limit on egress queue of specified port bandwid...

Page 467: ...able On Port 1 Queue Min Rate Kbit sec Max Rate Kbit sec 0 No Limit No Limit 1 No Limit No Limit 2 64 1024 3 64 No Limit 4 No Limit No Limit 5 No Limit No Limit 6 No Limit No Limit 7 No Limit No Limit Zxxx0 admin ports Optional Specify a range of ports to be configured portlist Enter the list of ports here all Specifies that all the ports will be used class_id 0 7 Specifies the 8 hardware priority...

Page 468: ...t value for weighted round robin The queue will operate in WRR mode if the port mode is WRR It will operate in strict mode if the port mode is strict value 1 127 Enter the weight value here This value must be between 1 and 127 Zxxx0 admin config scheduling 0 weight 10 Command config scheduling 0 weight 10 Success Zxxx0 admin Zxxx0 admin config scheduling ports 1 10 1 weight 25 Command config sched...

Page 469: ...mmand is used to display the current traffic scheduling parameters Format show scheduling portlist Parameters Restrictions None Example To display the traffic scheduling parameters for each CoS queue Zxxx0 admin config scheduling_mechanism strict Command config scheduling_mechanism strict Success Zxxx0 admin Zxxx0 admin config scheduling_mechanism ports 1 1 strict Command config scheduling_mechani...

Page 470: ...ass 2 3 Class 3 4 Class 4 5 Class 5 6 Class 6 7 Class 7 8 QOS Output Scheduling On Port 2 Class ID Weight Class 0 1 Class 1 2 Class 2 3 Class 3 4 Class 4 5 Class 5 6 CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All Zxxx0 admin show scheduling 1 Command show scheduling 1 QOS Output Scheduling On Port 1 Class ID Weight Class 0 1 Class 1 2 Class 2 3 Class 3 4 Class 4 5 Class 5 6 Class 6 7 C...

Page 471: ...e Example To display the scheduling mechanism for all ports To show the scheduling mechanism on ports 1 10 portlist Optional Specifies a range of ports to be displayed Zxxx0 admin show scheduling_mechanism Command show scheduling_mechanism Port Mode 1 Strict 2 Strict 3 Strict 4 Strict 5 Strict 6 Strict 7 Strict 8 Strict 9 Strict 10 Strict CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All ...

Page 472: ...ing table Users can change this mapping by specifying the 802 1p user priority to assign to the class_id Priority in Frames Priority Queue of ASIC Remark 0 2 Mid Low 1 0 Lowest 2 1 Lowest 3 3 Mid Low 4 4 Mid High 5 5 Mid High 6 6 Highest 7 7 Highest Format config 802 1p user_priority ports portlist all priority 0 7 class_id 0 7 Parameters Zxxx0 admin show scheduling_mechanism 1 10 Command show sch...

Page 473: ...ommand is used to display 802 1p user priority Format show 802 1p user_priority Parameters None Restrictions None class_id 0 7 Specify the number of the Switching Hub s hardware priority queue The Switching Hub has eight hardware priority queues available They are numbered between 0 the lowest priority and 7 the highest priority Zxxx0 admin config 802 1p user_priority 1 3 Command config 802 1p use...

Page 474: ...y 5 Class 5 Priority 6 Class 6 Priority 7 Class 7 Port 2 Priority 0 Class 2 Priority 1 Class 0 Priority 2 Class 1 Priority 3 Class 3 Priority 4 Class 4 Priority 5 Class 5 Priority 6 Class 6 Priority 7 Class 7 Zxxx0 admin portlist Specify a range of ports for which the default priority is to be configured That is a range of ports for which all untagged packets received will be assigned the priority...

Page 475: ...signed by the RADIUS server will be the default priority of the effective port For per user authentication the priority assigned by RADIUS will not be the effective port default priority as the will priority associated with MAC address will be assigned Note that only devices supporting MAC based VLANs can provide per user authentication Format show 802 1p default_priority portlist Parameters If no...

Page 476: ...Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable HOL prevention on the Switching Hub Zxxx0 admin show 802 1p default_priority 1 4 Command show 802 1p default_priority 1 4 Port Priority Effective Priority 1 0 0 2 0 0 3 0 0 4 0 0 Zxxx0 admin Zxxx0 admin enable hol_prevention Command enable hol_prevention Success Zxxx0 admin ...

Page 477: ...y Administrator Operator and Power User level users can issue this command Example To disable HOL prevention on the Switching Hub 50 15 show hol_prevention Description This command is used to display the head of line prevention state on the Switching Hub Format show hol_prevention Parameters None Restrictions None Zxxx0 admin disable hol_prevention Command disable hol_prevention Success Zxxx0 admi...

Page 478: ... the new DSCP By default the DSCP is mapped to the same DSCP These DSCP mapping will take effect at the same time when IP packet ingress from a DSCP trusted port Format config dscp map portlist all dscp_priority dscp_list to priority 0 7 dscp_dscp dscp_list to dscp 0 63 Parameters Zxxx0 admin show hol_prevention Command show hol_prevention Device HOL Prevention State Enabled Zxxx0 admin portlist O...

Page 479: ...e disable Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example Enable DSCP trust on ports 1 1 1 8 Zxxx0 admin config dscp map 1 8 dscp_priority 1 to 1 Command config dscp map 1 8 dscp_priority 1 to 1 Success Zxxx0 admin portlist Enter the list of port used for this configuration here all Specify that the command apply to all ports on the Swi...

Page 480: ...CP map configuration on port 1 1 Zxxx0 admin config dscp trust 1 8 state enable Command config dscp trust 1 8 state enable Success Zxxx0 admin portlist Optional A range of ports to show If no parameter is specified all ports dscp mapping will be displayed dscp_priority Specify a list of DSCP value to be mapped to a specific priority dscp_dscp Specify a list of DSCP value to be mapped to a specific...

Page 481: ...is mapped to 0 DSCP 1 8 15 is mapped to 1 DSCP 16 23 is mapped to 2 DSCP 24 31 is mapped to 3 DSCP 32 39 is mapped to 4 DSCP 40 47 is mapped to 5 DSCP 48 55 is mapped to 6 DSCP 56 63 is mapped to 7 Zxxx0 admin Zxxx0 admin show dscp map 1 dscp_dscp Command show dscp map 1 dscp_dscp DSCP to DSCP Mapping Port 1 0 1 2 3 4 5 6 7 8 9 0 0 1 2 3 4 5 6 7 8 9 1 10 11 12 13 14 15 16 17 18 19 2 20 21 22 23 24...

Page 482: ...tions None Example Display DSCP trust status on ports 1 1 1 8 Zxxx0 admin show dscp trust 1 8 Command show dscp trust 1 8 Port DSCP Trust 1 Enabled 2 Enabled 3 Enabled 4 Enabled 5 Enabled 6 Enabled 7 Enabled 8 Enabled Zxxx0 admin ...

Page 483: ...50 QoS Commands 483 ...

Page 484: ...RRP control and Data VLAN for actual data communication networks Figure 51 1 RRP overview config rrp domain domain name type master transit control_vlan_id vid data_vlan_id vid list primary_port port num secondary_port port num polling_interval 1 2sec fail_period 2 5sec ring_guard_port primary secondary both disable create rrp domain domain name type master transit control_vlan_id vid data_vlan_id...

Page 485: ...domain transit Specify the RRP node as Transit control_vlan_id Specify the control VLAN ID vid Specify the control VLAN ID between 2 4094 The existed VLAN ID is not allowed to use data_vlan_id Specify the data VLAN ID vid list Specify the data VLAN ID s between 1 4094 You can use a comma or hyphen for multiple assignment primary_port Specify the primary port to connect with other nodes port num Sp...

Page 486: ...n failure The factory default is 2 sec 2 5 sec Specify the time between 2 and 5 seconds polling_interval and fail_period are not allowed to set the same value ring_guard_port Option Specify the ring guard function state The factory default is disable primary Specify to enable the ring guard and set the target port to primary port secondary Specify to enable the ring guard and set the target port t...

Page 487: ... connect with other nodes port num Specify the port number polling_interval Specify the polling interval time to send RRP control frame to next node The factory default is 1 sec 1 2 sec Specify the time between 1 and 2 seconds polling_interval and fail_period are not allowed to set the same value fail_period Specify the fail period time to detect communication failure The factory default is 2 sec ...

Page 488: ...main name Parameters Restrictions Only Administrator and Operator level users can issue this command Example To delete the pc ring domain Zxxx0 admin create rrp domain pc ring type transit control_vlan_id 30 primary_port 9 secondary_port 10 data_vlan_id 1 polling_interval 1 fail_period 2 Command create rrp domain pc ring type transit control_vlan_id 30 primary_port 9 secondary_port 10 data_vlan_id...

Page 489: ...trator and Operator level users can issue this command Example To disable RRP function 51 5 disable rrp domain Description This command used to disable the specific RRP domain state Format disable rrp domain domain name Parameters Restrictions Only Administrator and Operator level users can issue this command Zxxx0 admin disable rrp Command disable rrp Success Zxxx0 admin domain name Specify the R...

Page 490: ...rrp Parameters None Restrictions Only Administrator and Operator level users can issue this command Example To enable RRP function 51 7 enable rrp domain Description This command used to enable the specific RRP domain state Format enable rrp domain domain name Zxxx0 admin disable rrp domain pc ring Command disable rrp domain pc ring Success Zxxx0 admin Zxxx0 admin enable rrp Command enable rrp Suc...

Page 491: ... this command Example To enable the pc ring domain state 51 8 show rrp Description This command is used to display the RRP settings Format show rrp Parameters None Restrictions None domain name Specify the RRP domain name to enable Zxxx0 admin enable rrp domain pc ring Command enable rrp domain pc ring Success Zxxx0 admin ...

Page 492: ... is used to display the specific RRP domain settings Format show rrp status domain name Parameters Restrictions None Zxxx0 admin show rrp Command show rrp RRP Status Enabled Total Domain Number s 1 Domain Name Ctrl VLAN Data VLAN s Ring Status pc ring 30 1 Link Up Zxxx0 admin domain name Specify the RRP domain name to dipslay ...

Page 493: ...ng RRP Domain Name pc ring RRP Domain Status Enabled RRP Node Type Transit RRP Ring Status Link Up Primary Port 10 Primary Port Status Forwarding Primary Port Role Upstream Secondary Port 11 Secondary Port Status Forwarding Secondary Port Role Downstream Polling Interval 1 Fail Period 2 Ring Guard Port Disable Control VLAN 30 Data VLAN s 1 Zxxx0 admin ...

Page 494: ...redirect setting on a Switching Hub which relays mirror packets Figure 52 1 RSPAN overview enable rspan disable rspan create rspan vlan vlan_name vlan_name vlan_id vlanid 1 4094 delete rspan vlan vlan_name vlan_name vlan_id vlanid 1 4094 config rspan vlan vlan_name vlan_name vlan_id vlanid 1 4094 redirect add delete ports portlist source mirror_group_id value 1 4 add delete ports portlist rx tx bo...

Page 495: ...dministrator and Operator level users can issue this command Example To enable RSPAN globally 52 2 disable rspan Description This command is used to disable RSPAN globally Format disable rspan Parameters None Restrictions Only Administrator and Operator level users can issue this command Zxxx0 admin enable rspan Command enable rspan Success Zxxx0 admin ...

Page 496: ... and Operator level users can issue this command Example To create an RSPAN VLAN entry by VLAN name v2 To create an RSPAN VLAN entry by VLAN ID 3 Zxxx0 admin disable rspan Command disable rspan Success Zxxx0 admin vlan_name Create the RSPAN VLAN by VLAN name vlan_name Specify the VLAN name vlan_id Create the RSPAN VLAN by VLAN ID vlanid 1 4094 Specify the VLAN ID between 1 and 4094 Zxxx0 admin cre...

Page 497: ...mple To delete an RSPAN VLAN entry by VLAN name v2 To delete an RSPAN VLAN entry by VLAN ID 3 Zxxx0 admin create rspan vlan vlan_id 3 Command create rspan vlan vlan_id 3 Success Zxxx0 admin vlan_name Specify the RSPAN VLAN by VLAN name vlan_name Specify the VLAN name vlan_id Specify the RSPAN VLAN by VLAN ID vlanid 1 4094 Specify the VLAN ID between 1 and 4094 Zxxx0 admin delete rspan vlan vlan_na...

Page 498: ...when RSPAN is enabled Multiple RSPAN VLANs can be configured with the redirect setting at the same time A RSPAN VLAN can be configured with the source setting and the redirect setting at the same time Format config rspan vlan vlan_name vlan_name vlan_id vlanid 1 4094 redirect add delete ports portlist source mirror_group_id value 1 4 add delete ports portlist rx tx both Parameters Zxxx0 admin dele...

Page 499: ...orts the mirror group 1 will be the default group value 1 4 Enter the mirror group ID value here This value must be between 1 and 4 add Optional Specify to add source ports delete Optional Specify to delete source ports ports Optional Specify source port list to add to or delete from the RSPAN source portlist Specify a range of ports to be configured rx Optional Specify to only monitor ingress pac...

Page 500: ...ttings To display all RSPAN settings vlan_name Specify the RSPAN VLAN by VLAN name vlan_name Specify the VLAN name vlan_id Specify the RSPAN VLAN by VLAN ID vlanid 1 4094 Specify the VLAN ID between 1 and 4094 Zxxx0 admin show rspan vlan_id 63 Command show rspan vlan_id 63 RSPAN Enabled RSPAN VLAN ID 63 Mirror Group ID 1 Target Port 1 1 Source Ports RX 1 2 1 5 TX 1 2 1 5 Redirect Ports 1 9 1 12 To...

Page 501: ...admin show rspan Command show rspan RSPAN Enabled RSPAN VLAN ID 1 Mirror Group ID 1 Target Port 1 1 Source Ports RX TX RSPAN VLAN ID 2 Redirect Ports 1 6 1 10 RSPAN VLAN ID 3 Redirect Ports 1 6 1 10 Total RSPAN VLAN 3 Zxxx0 admin ...

Page 502: ...iv none des priv_key 32 32 delete snmp user user_name 32 show snmp user show snmp groups create snmp view view_name 32 oid view_type included excluded delete snmp view view_name 32 all oid show snmp view view_name 32 create snmp community community_string 32 view view_name 32 read_only read_write delete snmp community community_string 32 show snmp community community_string 32 create snmp communit...

Page 503: ...racters auth_password 8 20 Specify the HMAC MD5 96 authentication level between 8 and 16 characters sha Specify the HMAC SHA 96 authentication level between 8 and 20 characters auth_password 8 20 Specify the HMAC SHA 96 authentication level between 8 and 20 characters priv Indicate the input password for privacy The options are none and DES none Specify there will be no privacy string des Specify ...

Page 504: ...53 SNMPv1 v2 v3 Commands 504 Only Administrator level users can issue this command ...

Page 505: ...nly Administrator level users can issue this command Example To delete an SNMP user Zxxx0 admin create snmp user manager MANAGER_group encrypted by_password auth sha 12345678 priv des 12345678 Command create snmp user manager MANAGER_group encrypted by_password auth sha 12345678 priv des 12345678 Success Zxxx0 admin user_name 32 Specify the name of the user on the host to be deleted The range is 1...

Page 506: ...ions None Example To display SNMP user information 53 4 show snmp groups Description This command is used to display the names of groups on the Switching Hub and the security model level and the status of the different views Format show snmp groups Parameters None Zxxx0 admin show snmp user Command show snmp user Username Group Name VerAuthPriv initial initial V3 NoneNone Total Entries 1 Zxxx0 adm...

Page 507: ...min show snmp groups Command show snmp groups Vacm Access Table Settings Group Name public ReadView Name CommunityView WriteView Name Notify View Name CommunityView Security Model SNMPv1 Security Level NoAuthNoPriv Group Name public ReadView Name CommunityView WriteView Name Notify View Name CommunityView Security Model SNMPv2 Security Level NoAuthNoPriv Group Name private ReadView Name CommunityV...

Page 508: ... level users can issue this command view_name 32 Specify the view name to be created oid Specify the object identified tree the MIB tree view_type Specify the access type of of the MIB tree in this view included Specify to include this view excludedSpecify to exclude this view Zxxx0 admin create snmp view managerview 1 3 6 view_type included Command create snmp view managerview 1 3 6 view_type inc...

Page 509: ...agerview all Success Zxxx0 admin view_name 32 Optional Specify the view name of the user to be displayed Zxxx0 admin show snmp view Command show snmp view Vacm View Table Settings View Name Subtree View Type restricted 1 3 6 1 2 1 1 Included restricted 1 3 6 1 2 1 11 Included restricted 1 3 6 1 6 3 10 2 1 Included restricted 1 3 6 1 6 3 11 2 1 Included restricted 1 3 6 1 6 3 15 1 1 Included Commun...

Page 510: ...IB objects accessible to the community Format create snmp community community_string 32 view view_name 32 read_only read_write Parameters Restrictions Only Administrator level users can issue this command Example To create an SNMP community string community_string 32 Specify the community string The maximum string length is 32 characters view Specify the view name of the MIB The maximum length is ...

Page 511: ...command Example To delete an SNMP community 53 10 show snmp community Description This command is used to display community string configurations Format show snmp community community_string 32 Parameters community_string 32 Specify the community string that will be deleted Zxxx0 admin delete snmp community manager Command delete snmp community manager Success Zxxx0 admin community_string 32 Option...

Page 512: ... as and the user will have to double input confirm the SNMP community string when creating an SNMP community Format create snmp community_masking view view_name 32 read_only read_write Parameters Zxxx0 admin show snmp community Command show snmp community SNMP Community Table Community Name View Name Access Right private CommunityView read_write public CommunityView read_only Total Entries 2 Zxxx0...

Page 513: ...gineID snmp_engineID 10 64 Parameters Restrictions Only Administrator level users can issue this command Example To configure an identifier for the SNMP engine on the Switching Hub Zxxx0 admin create snmp community_masking view CommunityView read_only Command create snmp community_masking view CommunityView read_only Enter a case sensitive community Enter the community again for confirmation Succe...

Page 514: ...p Description This command is used to create a new SNMP group Format create snmp group groupname 32 v1 v2c v3 noauth_nopriv auth_nopriv auth_priv read_view view_name 32 write_view view_name 32 notify_view view_name 32 1 Parameters Zxxx0 admin show snmp engineID Command show snmp engineID SNMP Engine ID 1023457890 Zxxx0 admin groupname 32 Specify the name of the group v1 Specify the least secure of...

Page 515: ...o support packet authentication and encrypting read_view Specify the view name between 1 and 32 characters view_name 32 Specify the view name between 1 and 32 characters write_view Specify the view name between 1 and 32 characters view_name 32 Specify the view name between 1 and 32 characters notify_view Specify the view name between 1 and 32 characters view_name 32 Specify the view name between 1...

Page 516: ...s Zxxx0 admin host Specify the IP address of the recipient for which the traps are targeted ipaddr Specify the IP address of the recipient for which the traps are targeted v6host Specify the v6host IP address to which the trap packet will be sent ipv6addr Specify the v6host IP address to which the trap packet will be sent v1 Specify the least secure of the possible security models v2c Specify the ...

Page 517: ... If v1 or v2 is specified the auth_string presents the community string and it must be one of the entries in the community table If v3 is specified the auth_string presents the user name and it must be one of the entries in the user table Zxxx0 admin create snmp host 10 48 74 100 v3 noauth_nopriv initial Command create snmp host 10 48 74 100 v3 noauth_nopriv initial Success Zxxx0 admin host Specif...

Page 518: ...To display the receipient for which the traps are targeted Zxxx0 admin delete snmp host 10 48 74 100 Command delete snmp host 10 48 74 100 Success Zxxx0 admin ipaddr Optional Specify the IP address of the recipient for which the traps are targeted Zxxx0 admin show snmp host Command show snmp host SNMP Host Table Host IP Address SNMP Version Community Name SNMPv3 User Name 10 48 76 100 V3 noauthnop...

Page 519: ...one Example To display the recipient for which the traps are targeted ipv6addr Optional Specify the v6host IP address Zxxx0 admin show snmp v6host Command show snmp v6host SNMP Host Table Host IPv6 Address FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF SNMP Version V3 na np Community Name SNMPv3 User Name 123456789101234567890 Host IPv6 Address FECO 1A49 2AA FF FE34 CA8F SNMP Version V3 a np Community Na...

Page 520: ...n creating an SNMP community string after the encryption state has been enabled the community string will be displayed as an encrypted string six otherwise displayed as plaintext for example Zxxx0 admin enable community_encryption Command enable community_encryption Success Zxxx0 admin Zxxx0 admin show snmp community Command show snmp community SNMP Community Table Community Name View Name Access ...

Page 521: ...n state on the SNMP community string Format disable community_encryption Parameters None Restrictions Only Administrator level users can issue this command Example To disable the encryption state on the SNMP community string Zxxx0 admin disable community_encryption Command disable community_encryption Success Zxxx0 admin ...

Page 522: ...the encryption state on the SNMP community string Format show community_encryption Parameters None Restrictions None Example To show the encryption state on the SNMP community string Zxxx0 admin show community_encryption Command show community_encryption SNMP Community Encryption State Enabled Zxxx0 admin ...

Page 523: ...53 SNMPv1 v2 v3 Commands 523 ...

Page 524: ...the route In general if a cable is connected in a loop form a phenomenon called broadcast storm where frames keep looping permanently occurs and causes the network to go down The SPT function interchanges control frames called BPDU frames between Switching Hubs to calculate the shortest route Automatic port blocking to prevent frames from looping allows you to establish a network which logically n...

Page 525: ...P protocol to reduce recovery time to several seconds during a route failure When changing a route the RSTP function determines port roles and changes the route immediately through information exchanges proposal agreement between Switching Hubs instead of timers used in STP Figure 54 2 RSTP overview ...

Page 526: ...e 1 64 delete stp instance_id value 1 64 config stp instance_id value 1 64 add_vlan remove_vlan vidlist config stp mst_config_id revision_level int 0 65535 name string 1 enable stp disable stp config stp version mstp rstp stp config stp priority value 0 61440 instance_id value 0 64 config stp maxage value 6 40 maxhops value 6 40 hellotime value 1 2 forwarddelay value 4 30 txholdcount value 1 10 fb...

Page 527: ...nstance Description This command is used to display each instance parameters settings Value means the instance ID if there is no input of this value all instances will be shown Format show stp instance value 0 64 Zxxx0 admin show stp Command show stp STP Bridge Global Settings STP Status Enabled STP Version MSTP Max Age 20 Forward Delay 15 Max Hops 20 TX Hold Count 6 Forwarding BPDU Enabled NNI BP...

Page 528: ...ptional Specify the MSTP instance ID Instance 0 represents the default instance CIST This value must be between 0 and 64 Zxxx0 admin show stp instance Command show stp instance STP Instance Settings Instance Type CIST Instance Status Enabled Instance Priority 32768 Bridge Priority 32768 SYS ID Ext 0 STP Instance Operational Status Designated Root Bridge 32768 00 22 22 22 22 00 External Root Cost 0...

Page 529: ...same three elements in mst_config_id that means they are in the same MST region Format show stp mst_config_id Parameters None Restrictions None portlist Optional Specify a range of ports to be displayed Zxxx0 admin show stp ports Command show stp ports MSTP Port Information Port Index 1 Hello Time 2 2 Port STP enabled External PathCost Auto 200000 Edge Port No No P2P False No Port RestrictedRole F...

Page 530: ... value 1 64 Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To create an MSTP instance Zxxx0 admin show stp mst_config_id Command show stp mst_config_id Current MST Configuration Identification Configuration Name 00 22 22 22 22 00 Revision Level 0 MSTI ID Vid list CIST 1 4094 Zxxx0 admin value 1 64 Specify the MSTP instance ID Instance ...

Page 531: ...tance at a time Format delete stp instance_id value 1 64 Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete an MSTP instance value 1 64 Specify the MSTP instance ID Instance 0 represents the default instance CIST This value must be between 1 and 64 Zxxx0 admin delete stp instance_id 2 Command delete stp instance_id 2 Success Zxxx...

Page 532: ... command Example To map a VLAN ID to an MSTP instance To remove a VLAN ID from an MSTP instance value 1 64 Specify the MSTP instance ID Instance 0 represents a default instance CIST The DUT supports 65 instances 0 64 at most add_vlanDefined action type to configure an MST instance remove_vlan Defined action type to configure an MST instance vidlist Specify the newly added CLI Value Type It is simi...

Page 533: ...nfiguration identification 54 9 enable stp Description Although it is possible to modify to allow a user to enable STP per instance CIST should be enabled first before enabling other instances When a user enables the CIST all MSTIs will be enabled automatically if FORCE_VERSION is set to MSTP and there is at least one VLAN mapped to this instance revision_level Specify the revision level int 0 655...

Page 534: ...ers can issue this command Example To enable STP 54 10 disable stp Description This command is used to disable STP functionality in every existing instance Format disable stp Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Zxxx0 admin enable stp Command enable stp Success Zxxx0 admin ...

Page 535: ...MSTIs assuming that CIST is enabled Format config stp version mstp rstp stp Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the STP version Zxxx0 admin disable stp Command disable stp Success Zxxx0 admin mstp Specify to use Multiple Spanning Tree Protocol rstp Specify to use Rapid Spanning Tree Protocol This is the default ...

Page 536: ...gure the bridge parameter global settings Format config stp maxage value 6 40 maxhops value 6 40 hellotime value 1 2 forwarddelay value 4 30 txholdcount value 1 10 fbpdu enable disable 1 value 0 61440 Specify the bridge priority value which must be divisible by 4096 The default value is 32768 instance_id Specify the identifier value which is used to distinguish different STP instances value 0 64 S...

Page 537: ...time interval for sending Configuration BPDUs by the Root Bridge This parameter is for STP and RSTP version MSTP version uses per port hellotime parameter The default value is 2 seconds forwarddelay Specify the maximum delay time for one BPDU to be transmitted by a bridge and received from another bridge value 4 30 Specify the maximum delay time for one BPDU to be transmitted by a bridge and recei...

Page 538: ...ime yes Specify for port to send MSTP BPDU for a delay time no Specify for port not to send MSTP BPDU for a delay time edge Decide if this port is connected to a LAN or a Bridged LAN In auto mode the bridge will delay for a period to become edge port if no bridge BPDU is received true Specify a true edge connection false Specify a false edge connection auto The bridge will delay for a period to be...

Page 539: ...from the configuration of CIST instance ID 0 Format config stp mst_ports portlist instance_id value 0 64 internalCost auto value 1 200000000 priority value 0 240 1 fbpdu Decide if this port will flood STP BPDU when STP functionality is disabled enable Enable port to flood STP BPDU when STP functionality is disabled disable Disable port from flooding STP BPDU when STP functionality is disabled Zxxx...

Page 540: ...ance 0 represents CIST Instance from 1 to 64 represents MSTI 1 to MSTI 64 internalCost The Port Path Cost used in MSTP auto Specify to automatically determine the internal cost value 1 200000000 Specify a value between 1 and 200000000 priority Specify the Port Priority value 0 240 Specify a value between 0 and 240 Zxxx0 admin config stp mst_ports 1 instance_id 0 internalCost auto Command config st...

Page 541: ...e the following settings as an encryption algorithm of messages exchanged between the server and clients 3DES blowfish AES 128 192 256 arcfour cast128 twofish 128 192 256 config ssh algorithm 3DES AES128 AES192 AES256 arcfour blowfish cast128 twofish128 twofish192 twofish256 SHA1 RSA DSA enable disable show ssh algorithm config ssh authmode password publickey hostbased enable disable show ssh auth...

Page 542: ... blowfish Specify an SSH server encryption algorithm AES 128 192 256 Specify an SSH server encryption algorithm arcfour Specify an SSH server encryption algorithm cast128 Specify an SSH server encryption algorithm twofish 128 192 256 Specify an SSH server encryption algorithm MD5 Specify an SSH server data integrality algorithm SHA1 Specify an SSH server data integrality algorithm DSA Specify an S...

Page 543: ...e Example To show the SSH server algorithms Zxxx0 admin show ssh algorithm Command show ssh algorithm Encryption Algorithm 3DES Enabled AES128 Enabled AES192 Enabled AES256 Enabled arcfour Enabled blowfish Enabled cast128 Enabled twofish128 Enabled twofish192 Enabled twofish256 Enabled Data Integrity Algorithm SHA1 Enabled Public Key Algorithm RSA Enabled DSA Enabled Zxxx0 admin ...

Page 544: ...he SSH user authentication method 55 4 show ssh authmode Description This command is used to display the user authentication methods Format show ssh authmode password Specify the user authentication method publickey Specify the user authentication method hostbased Specify the user authentication method enable Specify to enable the user authentication method disable Specify to disable the user auth...

Page 545: ...rmation Format config ssh user username 15 authmode hostbased hostname domain_name 32 hostname_IP domain_name 32 ipaddr ipv6addr password publickey Parameters Zxxx0 admin show ssh authmode Command show ssh authmode The SSH Authentication Method Password Enabled Public Key Enabled Host based Enabled Zxxx0 admin username 15 Specify the user name authmode Specify the authentication mode ...

Page 546: ...e The hostname value can be up to 32 characters long hostname_IP Specify the host domain name and IP address domain_name 32 Specify the host domain name The hostname value can be up to 32 characters long ipaddr Specify the host IPv4 address ipv6addr Specifies the host IPv6 address password Specify the user authentication method publickey Specify the user authentication method Zxxx0 admin config ss...

Page 547: ...nfig ssh server Description This command is used to configure SSH server general information Format config ssh server maxsession int 1 8 contimeout sec 120 600 authfail int 2 20 rekey 10min 30min 60min never port tcp_port_number 1 65535 1 Zxxx0 admin show ssh user authmode Command show ssh user authmode Current Accounts User Name Authentication Host Name Host IP test Public Key manager Host based ...

Page 548: ...n 120 and 600 seconds The default value is 120 seconds authfail Specify the user maximum fail attempts int 2 20 Specify the user maximum fail attempts The maximum authentication fail attempts must be between 2 and 20 The default value is 2 rekey Optional Specify the time to re generate the session key 10min Specify 10 minutes to re generate the session key 30min Specify 30 minutes to re generate t...

Page 549: ...istrator Operator and Power User level users can issue this command Example To enable SSH 55 9 disable ssh Description This command is used to disable SSH server services Format disable ssh Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Zxxx0 admin enable ssh Command enable ssh Success Zxxx0 admin ...

Page 550: ...t show ssh server Parameters None Restrictions None Example To show SSH server Zxxx0 admin disable ssh Command disable ssh Success Zxxx0 admin Zxxx0 admin show ssh server Command show ssh server The SSH Server Configuration Maximum Session 3 Connection Timeout 300 Authentication Fail Attempts 2 Rekey Timeout 60min TCP Port Number 22 Zxxx0 admin ...

Page 551: ...VLAN function is prioritized 56 1 create mac_based_vlan mac_address Description This command is used to create static MAC based VLAN entries Format create mac_based_vlan mac_address macaddr vlan vlan_name 32 vlanid vlanid 1 4094 priority value 0 7 Parameters create mac_based_vlan mac_address macaddr vlan vlan_name 32 vlanid vlanid 1 4094 priority value 0 7 delete mac_based_vlan mac_address macaddr...

Page 552: ...ust be an existing static VLAN ID vlanid 1 4094 Specify the VLAN ID between 1 and 4094 priority Optional Specifies the priority that is assigned to untagged packets If not specified the priority is the default value 0 value 0 7 Enter the priority value used here This value must be between 0 and 7 Zxxx0 admin create mac_based_vlan mac_address 00 00 00 00 00 01 vlan default Command create mac_based_...

Page 553: ...caddr vlan vlan_name 32 vlanid vlanid 1 4094 Parameters Restrictions None Zxxx0 admin delete mac_based_vlan mac_address 00 00 00 00 00 01 vlan default Command delete mac_based_vlan mac mac_address 00 00 00 00 00 01 vlan default Success Zxxx0 admin mac_address Optional Specify the MAC address to be displayed macaddr Specify the MAC address to be displayed vlan Optional Specify the VLAN associated w...

Page 554: ...MAC AC has higher priority than manual configuration the manually configured entry will become inactive To display the MAC based VLAN entries Zxxx0 admin show mac_based_vlan MAC Address VLAN ID Status Type 00 80 e0 14 a7 57 200 Active Static 00 80 c2 33 c3 45 300 Inactive Static 00 80 c2 33 c3 45 400 Active MAC_based Access Control 00 a2 44 17 32 98 400 Active WAC Total Entries 4 Zxxx0 admin ...

Page 555: ...using them simultaneously you can configure which MAC based VLAN or subnet VLAN function is prioritized create subnet_vlan network network_address ipv6network ipv6networkaddr vlan vlan_name 32 vlanid vlanid 1 4094 priority value 0 7 delete subnet_vlan network network_address ipv6network ipv6networkaddr vlan vlan_name 32 vlanid vidlist all show subnet_vlan network network_address ipv6network ipv6ne...

Page 556: ...ers can issue this command network Specify an IPv4 network address network_address Specify an IPv4 network address The format is ipaddress prefix length ipv6network Specify an IPv6 network address ipv6networkaddr Specify an IPv6 network address The format is ipaddress prefix length The prefix length of IPv6 network address shall not be greater than 64 vlan Specify a VLAN name to be associated with...

Page 557: ...8 1 1 24 vlan v2 priority 2 Success Zxxx0 admin Zxxx0 admin create subnet_vlan ipv6network fe80 250 baff 0 64 vlan v2 priority 2 Command create subnet_vlan ipv6network fe80 250 baff 0 64 vlan v2 priority 2 Success Zxxx0 admin network Specify an IPv4 network address network_address Specify an IPv4 network address The format is ipaddress prefix length ipv6network Specify an IPv6 network address ipv6...

Page 558: ... delete subnet_vlan network 172 168 1 1 24 Success Zxxx0 admin Zxxx0 admin delete subnet_vlan all Command delete subnet_vlan all Success Zxxx0 admin network Optional Specify an IPv4 network address network_address Specify an IPv4 network address The format is ipaddress prefix length ipv6network Optional Specify an IPv6 network address ipv6networkaddr Specify an IPv6 network address The format is i...

Page 559: ... subnet_vlan network 172 168 1 1 24 IP Address Subnet Mask VLAN Priority 172 168 1 0 255 255 255 0 10 2 Zxxx0 admin Zxxx0 admin show subnet_vlan ipv6network fe80 250 baff 0 64 Command show subnet_vlan ipv6network FE80 250 BAFF 64 IP Address Subnet Mask VLAN Priority FE80 250 BAFF 64 10 2 Zxxx0 admin Zxxx0 admin show subnet_vlan Command show subnet_vlan IP Address Subnet Mask VLAN Priority 172 18 2...

Page 560: ... first If subnet VLAN classification fails the MAC based VLAN classification will be executed Format config vlan_precedence ports portlist mac_based_vlan subnet_vlan Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure subnet VLAN classification precedence on port 1 portlist Enter a list of ports used for this configuration here...

Page 561: ...s portlist Parameters Restrictions None Example To display VLAN classification precedence on ports 1 5 portlist Optional Specifies the list of ports used for this display Zxxx0 admin show vlan_precedence ports 1 1 1 5 Command show vlan_precedence ports 1 1 1 5 Port VLAN Precedence 1 MAC Based VLAN 2 Subnet VLAN 3 MAC Based VLAN 4 MAC Based VLAN 5 Subnet VLAN Zxxx0 admin ...

Page 562: ...57 Subnet VLAN Commands 562 ...

Page 563: ...isable learning enable disable state enable disable mdix auto normal cross description desc 1 32 clear_description 1 Parameters config ports portlist all medium_type fiber copper speed auto capability_advertised 10_half 10_full 100_half 100_full 1000_full 10_half 10_full 100_half 100_full 1000_full master slave auto_negotiation restart_an remote_fault_advertised disable offline link_fault auto_neg...

Page 564: ...onfigured disable Specifies to disable remote fault advertisement offline Specifies that a local device may indicate Offline prior to powering off running transmitter tests or removing the local device from the active configuration If it is set and detected offline it will advertise at the next auto negotiation It interacted for 1000Mbps MAUs link_fault Specifies that if set and local device was d...

Page 565: ...of cabling The default value is auto auto Select auto for auto sensing of the optimal type of cabling normal Select normal for normal cabling If set to normal state the port is in MDI mode and can be connected to a PC NIC using a straight through calbe or a port in MDI mode on another Switching Hub through a cross over cable cross Select cross for cross cabling If set to cross state the port is in...

Page 566: ...d description Optional Specify to display the port description err_disabled Optional Specify to display disabled information auto_negotiation Optional Specifies to display detailed auto negotiation information details Optional Specify to indicate if port detail information will be included in the display media_type Optional Specify to display the current port media type For FE ports the media type...

Page 567: ...own Enabled Auto 1 3 Enabled Auto Disabled Link Down Enabled Auto 1 4 Enabled Auto Disabled Link Down Enabled Auto CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh Zxxx0 admin show ports 1 4 description Command show ports 1 1 1 4 description Port State Settings Connection Address MDIX Speed Duplex FlowCtrl Speed Duplex FlowCtrl Learning 1 1 Enabled Auto Disabled Link Down Enabled Auto...

Page 568: ...Zxxx0 admin show ports err_disabled Command show ports err_disabled Port Port Connection Status Reason State 1 Enabled Err Disabled Storm control Description port1 8 Enabled Err Disabled Storm control Description port8 Zxxx0 admin ...

Page 569: ...tice information debug level 0 7 show system_severity trap Configure severity level control for a trap log Configure severity level control for a log all Configure severity level control for a trap and a log emergency Specify to configure the severity level for emergency messages alert Specify to configure the severity level for alert messages critical Specify to configure the severity level for c...

Page 570: ...l control for a system Format show system_severity Parameters None Restrictions None Example To show the severity level control for a system Zxxx0 admin config system_severity trap information Command config system_severity trap information Success Zxxx0 admin Zxxx0 admin show system_severity Command show system_severity System Severity Trap warning System Severity Log information Zxxx0 admin ...

Page 571: ...vice operation information Format show tech_support Parameters None Restrictions Only Administrator and Operator level users can issue this command The Switching Hub may become inaccessible when dumping the technical support data The management session may time out if dumping technical support data takes longer than the configured session timeout period It is strongly recommended to set the serial...

Page 572: ...22 41 48 Boot Time 29 Feb 2000 17 54 29 RTC Time 2000 02 29 22 41 48 Boot PROM Version Build 1 0 x xx Firmware Version Build 1 0 x xx Hardware Version A1 Serial number MAC Address 00 01 02 03 04 00 STACKING 2000 2 29 22 41 48 Topology Information Stable Topology My Box ID 1 Role Master Box Cnt 1 Topology Type Duplex Chain Unit Prio Device Runtime Stacking ID rity Role MAC Type option version versi...

Page 573: ...users can issue this command Example To upload technical support information Zxxx0 admin upload tech_support_toTFTP 10 0 0 66 tech_suppport txt Command upload tech_support_toTFTP 10 0 0 66 tech_suppport txt Connecting to server Done Upload techsupport file Done Success Zxxx0 admin ...

Page 574: ...fig time_zone operator hour gmt_hour 0 13 min minute 0 59 3 config dst disable repeating s_week start_week 1 4 last s_day start_day sun sat s_mth start_mth 1 12 s_time start_time hh mm e_week end_week 1 4 last e_day end_day sun sat e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 9 annual s_date start_date 1 31 s_mth start_mth 1 12 s_time start_time hh mm e_date end_date 1 31 e_mth end...

Page 575: ...ration Format show sntp Parameters None Restrictions None Example To show SNTP Zxxx0 admin config sntp primary 10 1 1 1 secondary 10 1 1 2 poll interval 30 Command config sntp primary 10 1 1 1 secondary 10 1 1 2 poll interval 30 Success Zxxx0 admin Zxxx0 admin show sntp Command show sntp Current Time Scource System Clock SNTP Disabled SNTP Primary Server 10 1 1 1 SNTP Secondary Server 10 1 1 2 SNT...

Page 576: ...ministrator Operator and Power User level users can issue this command Example To enable SNTP 61 4 disable sntp Description This command is used to turn off SNTP support Format disable sntp Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Zxxx0 admin enable sntp Command enable sntp Success Zxxx0 admin ...

Page 577: ...arameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure time Zxxx0 admin disable sntp Command disable sntp Success Zxxx0 admin date ddmthyyyy Specify the system clock date time hh mm ss Specify the system clock time Zxxx0 admin config time 30jun2003 16 30 30 Command config time 30jun2003 16 30 30 Success Zxxx0 admin ...

Page 578: ... users can issue this command Example To configure the time zone operatorSpecify the operator of the time zone Positive Negative hour Specify the hour of the time zone gmt_hour 0 13 Specify the hour of the time zone between 0 and 13 min Specify the minute of the time zone minute 0 59 Specify the minute of the time zone between 0 and 59 Zxxx0 admin config time_zone operator hour 2 min 30 Command co...

Page 579: ... 4 last Configure the start week number of DST The values are 1 to 4 s_day Configure the start day number of DST start_day sun sat Configure the start day number of DST The values are sun mon tue wed thu fri and sat s_mth Configure the start month number of DST start_mth 1 12 Configure the start month number of DST The values are 1 to 12 s_time Configure the start time of DST start_time hh mm Conf...

Page 580: ...add or to subtract during summertime 120 Specify 120 minutes to add or to subtract during summertime annual Set the DST to annual mode s_date Configure the start date number of DST start_date 1 31 Configure the start date number of DST The values are 1 to 31 e_date Configure the end date number of DST end_date 1 31 Configure the end date number of DST The values are 1 to 31 Zxxx0 admin config dst ...

Page 581: ...ictions None Example To show time Zxxx0 admin show time Command show time Current Time Source System Clock Boot Time 8 Jan 2000 21 44 33 Current Time 9 Jan 2000 03 25 17 Time Zone GMT 00 00 Daylight Saving Time Disabled Offset In Minutes 60 Repeating From Apr 1st Sun 00 00 To Oct last Sun 00 00 Annual From 29 Apr 00 00 To 12 Oct 00 00 Zxxx0 admin ...

Page 582: ...Only Administrator Operator and Power User level users can issue this command Example To configure traffic segmentation config traffic_segmentation portlist all forward_list null all portlist show traffic_segmentation portlist portlist Specify a range of ports to be configured all Specify all ports forward_list Specify a range of port forwarding domains null Specify the range of the port forwardin...

Page 583: ... parameter is specified the system will display all current traffic segmentation tables Restrictions None Example To display the traffic segmentation table for ports 1 to 3 portlist Optional Specify a range of ports to be displayed Zxxx0 admin show traffic_segmentation 1 3 Command show traffic_segmentation 1 3 Traffic Segmentation Table Port Forward Portlist 1 1 28 2 1 28 3 1 28 Zxxx0 admin ワヰヵユワ...

Page 584: ...TFTP ipaddr ipv6addr domain_name 255 dest_file path_filename 64 attack_log_toTFTP ipaddr ipv6addr domain_name 255 dest_file path_filename 64 unit unit_id 1 4 firmware_toTFTP ipaddr ipv6addr domain_name 255 dest_file path_filename 64 unit unit_id 1 4 src_file pathname upload attack_log_toRCP username username ipaddr dest_file path_filename 64 rcp string 128 unit unit_id 1 4 upload cfg_toRCP usernam...

Page 585: ...e 1 65535 enable broadcast_ping_reply disable broadcast_ping_reply show broadcast_ping_reply firmware_fromTFTP Download and install new firmware on the Switching Hub from a TFTP server ipaddr Specify the IP address of the TFTP server ipv6addr Specify the IPv6 address of the TFTP server domain_name 255 Specifies the domain name of the TFTP server This name can be up to 255 characters long src_file ...

Page 586: ...Specify the path name and file name of the FTP server It can be a relative path name or an absolute path name If path name is not specified it refers to the TFTP server path The maximum length is 64 characters unit Specifies which unit on the stacking system If it is not specified it refers to the master unit unit_id 1 4 Enter the unit ID used here all Specifies that all the units in the stacking ...

Page 587: ...uration file on the RCP server The maximum length is 64 rcp Syntax rcp username ipaddr directory filename Example for full path user_name 10 1 1 1 home user_name desxxxx had Example for relative path user_name 10 1 1 1 desxxxx had Note No spaces in the whole string string 128 Syntax rcp username ipaddr directory filename Example for full path user_name 10 1 1 1 home user_name desxxxx had Example f...

Page 588: ...cfg Command download cfg_fromRCP username rcp_user 172 18 212 106 src_file home runtime cfg Connecting to server Done Download configuration Done Zxxx0 admin username Optional Specify the remote user name on the RCP server username Specify the remote user name on the RCP server ipaddr Optional Specify the IP address of the RCP server src_file Specify the path name on the RCP server or local Note I...

Page 589: ...n RCP string 10 1 1 1 desxxxx rom Note No spaces are allowed in the string unit Specifies which unit on the stacking system If it is not specified it refers to the master unit unit_id 1 4 Enter the unit ID used here This value must be between 1 and 4 all Specifies that all the units in the stacking system will be used dest_file Optional Specify the path and file name of the destination file on the...

Page 590: ...ipaddr Specify the IP address of the TFTP server ipv6addr Specify the IPv6 address of the TFTP server domain_name 255 Enter the domain name of the TFTP server here This name can be up to 255 characters long dest_file Specify the path name on the TFTP server It can be a relative path name or an absolute path name path_filename 64 Specify the location of the Switching Hub configuration file on the T...

Page 591: ...n the TFTP server It can be a relative path name or an absolute path name attack_log_toTFTP Used to upload the attack log to a TFTP server ipaddr Specify the IP address of the TFTP server ipv6addr Specify the IPv6 address of the TFTP server domain_name 255 Enter the domain name of the TFTP server here This name can be up to 255 characters long dest_file Specify the path name if the TFTP server pat...

Page 592: ...e boot up image pathname Specify an absolute path name on the device file system If the path name is not specified it refers to the boot up image Zxxx0 admin upload firmware_toTFTP 10 1 1 1 dest_file D firmware rom src_file 1 0 0 xx rom Command upload firmware_toTFTP 10 1 1 1 dest_file D firmware rom src_file 1 0 0 xx rom Connecting to server Done Upload firmware Done Zxxx0 admin Zxxx0 admin uploa...

Page 593: ...oTFTP 10 48 74 121 dest_file c alert txt Connecting to server Done Upload attack log Done Success Zxxx0 admin username Optional The remote user name on the RCP Server username Enter the remote username used here ipaddr Optional Enter the IP address used for the configuration here dest_file Specifies the destination file used path_filename 64 The pathname specifies the pathname on the RCP server or...

Page 594: ..._file home Zxxx0 log unit 2 Connecting to server Done Upload Attack log Done Success Zxxx0 admin username Optional Specify the remote user name on the RCP server username Specify the remote user name on the RCP server ipaddr Optional Specify the IP address of the RCP server dest_file Specify the path name on the RCP server Note If a user specifies the relative file path the path search strategy wi...

Page 595: ... file Note that if no path name is specifies only the current device configuration will be uploaded include Optional Includes lines that contain the specified filter string exclude Optional Excludes lines that contain the specified filter string begin Optional The first line that contains the specified filter string will be the first line of the output filter_string 80 Specify a filter string encl...

Page 596: ...1 1 home user_name desxxxx rom Example for relative path user_name 10 1 1 1 desxxxx rom Note No spaces are allowed in the string string 128 Specify the path name on the RCP server or local RCP client Syntax rcp username ipaddr directory filename Example for full path user_name 10 1 1 1 home user_name desxxxx rom Example for relative path user_name 10 1 1 1 desxxxx rom Note No spaces are allowed in...

Page 597: ..._file Specify the path name of the RCP server Note If a user specifies the relative file path the path search strategy will depend on the server system For some systems the current user working directory will be searched first followed by the environment paths path_filename 64 Specify the path name of the RCP server rcp Specify the path name on the RCP server string 128 Specify the path name on th...

Page 598: ...in upload log_toRCP rcp tld2 172 18 212 104 home Zxxx0 log Command upload log_toRCP rcp tld2 172 18 212 104 home Zxxx0 log Connecting to server Done Upload log Done Success Zxxx0 admin unit Optional Specifies the unit ID used for this configuration unit_id 1 4 Enter the unit ID used for this configuration here pathname Specify a firmware on the device file system boot_up Specify as boot up file Zx...

Page 599: ...e Parameters Restrictions Only Administrator level users can issue this command Example To configure the specific configuration file as boot up unit Optional Specifies the unit ID used unit_id 1 4 Enter the unit ID used here pathname Specifies a configuration file on the device file system boot_up Specify as boot up file active Specifies to apply the configuration Zxxx0 admin config configuration ...

Page 600: ...modified current_config boot_up file pathname include exclude begin filter_string 80 filter_string 80 filter_string 80 include exclude begin filter_string 80 filter_string 80 filter_string 80 include exclude begin filter_string 80 filter_string 80 filter_string 80 Parameters effective Specifies to display only commands which affect the behavior of the device modifiedSpecifies to display only the c...

Page 601: ...les Format show boot_file Parameters None Restrictions None Zxxx0 admin show config current_config Command show config current_config Zxxx0 Gigabit Ethernet Switch Configuration Firmware Build 1 0 x xx STACK config stacking force_master_role state disable DEVICE config temperature threshold high 79 config temperature threshold low 11 config temperature trap state enable config temperature log stat...

Page 602: ...ll ask the user to input the server IP address or remote user name while executing the RCP commands Format config rcp server ipaddress ipaddr username username Parameters Restrictions Only Administrator level users can issue this command Example To configure RCP global server information for the username travel Zxxx0 admin show boot_file Command show boot_file Bootup Firmware c runtime rom Bootup ...

Page 603: ...an issue this command Example To clear the current username of the RCP global server Zxxx0 admin config rcp server username travel Command config rcp server username travel Success Zxxx0 admin ipaddr Clear the IP address of the RCP server username Clear the username of the RCP server both Clear both the IP address and the username of the RCP server Zxxx0 admin config rcp server clear username Comm...

Page 604: ...escription This command is used to send Internet Control Message Protocol ICMP echo messages to a remote IP address The remote IP address will then echo or return the message This is used to confirm connectivity between the Switching Hub and the remote device Format ping ipaddr domain_name 255 times value 1 255 timeout sec 1 99 source_ip ipaddr Parameters Zxxx0 admin show rcp server Command show r...

Page 605: ...s to be sent A value of 0 will send an infinite ICMP echo messages The maximum value is 255 The default is 0 timeout Optional Specify the time out period while waiting for a response from the remote device A value of 1 to 99 seconds can be specified The default is 1 second sec 1 99 Specify the time out period while waiting for a response from the remote device A value of 1 to 99 seconds can be spe...

Page 606: ...rce IPv6 address of the ping packets If specified the IPv6 address will be used as the packets source IPv6 address that ping send to remote host ipv6addr Enter the source IPv6 addres used here Zxxx0 admin ping6 3FFE 2 D04D 7878 66D E5BC times 10 size 6000 timeout 10 Command ping6 3FFE 2 D04D 7878 66D E5BC times 10 size 6000 timeout 10 Reply from 3FFE 2 D04D 7878 66D E5BC bytes 6000 time 10 ms Repl...

Page 607: ...he trace route request value 1 60 Specify the time to live value of the trace route request This is the maximum number of routers that a trace route packet can pass while seeking the network path between two devices The range for the TTL is 1 to 60 hops The default value is 30 port Optional Specify the port number value 30000 649000 Specify the port number The value range is from 30000 to 64900 Th...

Page 608: ... trace route request value 1 60 Specify the time to live value of the trace route request This is the maximum number of routers that a trace route packet can pass while seeking the network path between two devices The range for the TTL is 1 to 60 hops The default value is 30 port Optional Specify the port number value 30000 649000 Specify the port number The value range is from 30000 to 64900 The ...

Page 609: ...dr domain_name 255 ipv6addr tcp_port value 1 65535 Parameters Zxxx0 admin traceroute6 3000 1 probe 3 Command traceroute6 3000 1 probe 3 1 10 ms 1345 142 11 2 10 ms 2011 14 100 3 10 ms 3000 1 Trace complete Zxxx0 admin Zxxx0 admin traceroute6 1210 100 11 port 40000 Command traceroute6 1210 100 11 port 40000 1 10 ms 3100 25 2 10 ms 4130 100 3 10 ms 1210 100 11 Trace complete Zxxx0 admin ipaddr Optio...

Page 610: ...ll reply broadcast ping request Format enable broadcast_ping_reply Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable broadcast ping reply state tcp_port Optional Specify the Telnet server port number to be connected to If not specified the default port is 23 value 1 65535 Enter a value between 1 and 65535 Zxxx0 admin telnet...

Page 611: ...request Format disable broadcast_ping_reply Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable broadcast ping reply state Zxxx0 admin enable broadcast_ping_reply Command enable broadcast_ping_reply Success Zxxx0 admin Zxxx0 admin disable broadcast_ping_reply Command disable broadcast_ping_reply Success Zxxx0 admin ...

Page 612: ...g_reply command is used to show the broadcast ping reply state Format show broadcast_ping_reply Parameters None Restrictions None Example To show broadcast ping reply state Zxxx0 admin show broadcast_ping_reply Command show broadcast_ping_reply Broadcast Ping Reply State Enabled Zxxx0 admin ...

Page 613: ...eed to pre register the vendor code OUI of an IP phone connected Figure 64 1 Voice VLAN overview enable voice_vlan vlan_name 32 vlanid vlanid 1 4094 disable voice_vlan config voice_vlan priority int 0 7 config voice_vlan oui add delete macaddr macmask description desc 32 config voice_vlan ports portlist all state enable disable mode auto tag untag manual config voice_vlan log state enable disable ...

Page 614: ...al voice VLAN state is disabled Format enable voice_vlan vlan_name 32 vlanid vlanid 1 4094 Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable voice VLAN named v2 vlan_name 32 Specify the name of the voice VLAN The maximum length is 32 characters The name must be an existing static VLAN name vlanid Specify the VLAN ID of the voice...

Page 615: ...ers can issue this command Example To disable voice VLAN 64 3 config voice_vlan priority Description This command is used to configure voice VLAN priority The voice VLAN priority will be the priority associated with the voice VLAN traffic to distinguish the QoS of the voice traffic from data traffic Format config voice_vlan priority int 0 7 Parameters Zxxx0 admin disable voice_vlan Command disable...

Page 616: ...00 E0 BB 3COM 3com 00 03 6B Cisco cisco 00 E0 75 Veritel veritel 00 D0 1E Pingtel pingtel 00 01 E3 Siemens siemens 00 60 B9 NEC Philips nec philips 00 0F E2 Huawei 3COM huawei 3com 00 09 6E Avaya avaya Format config voice_vlan oui add delete macaddr macmask description desc 32 Parameters Zxxx0 admin config voice_vlan priority 6 Command config voice_vlan priority 6 Success Zxxx0 admin add Specify t...

Page 617: ...config voice_vlan oui add 00 C0 8F 00 00 00 FF FF FF 00 00 00 Success Zxxx0 admin portlist Specify a range of ports to set all Specify to set all ports state Specify the voice VLAN function state on ports The default state is disabled enable Specify to enable the voice VLAN function state on ports disable Specify to disable the voice VLAN function state on ports mode The voice VLAN mode The defaul...

Page 618: ...ssue this command Example To enable the voice VLAN log state Zxxx0 admin config voice_vlan ports 4 6 state enable Command config voice_vlan ports 4 6 state enable Success Zxxx0 admin Zxxx0 admin config voice_vlan ports 4 6 mode auto Command config voice_vlan ports 4 6 mode auto Success Zxxx0 admin enable Specify to enable the voice VLAN log state disable Specify to disable the voice VLAN log state...

Page 619: ...voice VLAN aging timer If the voice traffic resumes during the aging time the aging timer will be reset and stop Format config voice_vlan aging_time min 1 65535 Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To set 60 minutes as the aging time of voice VLAN 64 8 show voice_vlan Description This command is used to display voice VLAN glo...

Page 620: ...sed to display the voice devices that are discovered by LLDP MED Format show voice_vlan lldp_med voice_device Parameters None Restrictions None Example To display the voice devices that were discovered by LLDP MED Zxxx0 admin show voice_vlan Command show voice_vlan Voice VLAN State Disabled Voice VLAN Unassigned Priority 5 Aging Time 720 minutes Log State Enabled Zxxx0 admin ...

Page 621: ...ice_device Command show voice_vlan lldp_med voice_device Index 1 Local Port 1 1 Chassis ID Subtype MAC Address Chassis ID 00 C0 8F 00 00 11 Port ID Subtype Network Address Port ID 00 C0 8F 00 00 00 Create Time 9 1 2013 08 30 Remain Time 120 Seconds Index 2 Local Port 1 3 Chassis ID Subtype MAC Address Chassis ID 00 C0 8F 00 00 12 Port ID Subtype Network Address Port ID 00 C0 8F 00 00 00 Create Tim...

Page 622: ...min show voice_vlan oui Command show voice_vlan oui OUI Address Mask Description 00 01 E3 00 00 00 FF FF FF 00 00 00 Siemens 00 03 6B 00 00 00 FF FF FF 00 00 00 Cisco 00 09 6E 00 00 00 FF FF FF 00 00 00 Avaya 00 0F E2 00 00 00 FF FF FF 00 00 00 Huawei 3COM 00 60 B9 00 00 00 FF FF FF 00 00 00 NEC Phillips 00 D0 1E 00 00 00 FF FF FF 00 00 00 Pingtel 00 E0 75 00 00 00 FF FF FF 00 00 00 Veritel 00 E0 ...

Page 623: ...ers If no parameter is specified the system will display the connected Voice device of all ports Restrictions None Example To display voice VLAN device ports 1 to 2 Zxxx0 admin show voice_vlan ports 1 3 Command show voice_vlan ports 1 3 Ports Status Mode 1 Disabled Auto 2 Disabled Auto 3 Disabled Auto Zxxx0 admin portlist Optional Specify a range of ports to display Zxxx0 admin show voice_vlan voi...

Page 624: ... create vlan vlan_name 32 tag vlanid 2 4094 type 1q_vlan private_vlan advertisement create vlan vlanid vidlist type 1q_vlan private_vlan advertisement delete vlan vlan_name 32 delete vlan vlanid vidlist config vlan vlan_name 32 add tagged untagged forbidden delete portlist advertisement enable disable 1 config vlan vlanid vidlist add tagged untagged forbidden delete portlist advertisement enable d...

Page 625: ...d 1 4094 add isolated community remove vlan_name 32 vlanid vidlist show private_vlan vlan_name 32 vlanid vidlist vlan_name 32 Specify the name of the VLAN to be created The maximum length is 32 characters tag Specify the VLAN ID of the VLAN to be created vlanid 2 4094 The range is from 2 to 4094 type Optional Specify the type of VLAN to be created 1q_vlan Specify the VLAN is a 802 1q VLAN private_...

Page 626: ...N ID 2 To create a private VLAN with VLAN ID 3 Zxxx0 admin create vlan v3 tag 3 type private_vlan Command create vlan v3 tag 3 type private_vlan Success Zxxx0 admin vidlist Specify the VLAN ID of the VLAN to be created type Optional Specify the type of VLAN to be created 1q_vlan Specify the VLAN is a 802 1q VLAN private_vlan Specify the VLAN is a private VLAN advertisement Optional Specify to allo...

Page 627: ... Example To remove VLAN v1 65 4 delete vlan vlanid Description This command is used to delete a previously configured VLAN ID on the Switching Hub Format delete vlan vlanid vidlist Zxxx0 admin create vlan vlanid 3 type private_vlan Command create vlan vlanid 3 type private_vlan Success Zxxx0 admin vlan_name 32 Specify the VLAN name of the VLAN to be deleted The maximum length is 32 characters Zxxx...

Page 628: ...ement enable disable 1 Parameters vidlist Specify a range of VLAN ID to be deleted Zxxx0 admin delete vlan vlanid 2 Command delete vlan vlanid 2 Success Zxxx0 admin vlan_name 32 Specify the name of the VLAN to add or delete ports to The maximum length is 32 characters add Specify the port attribute to add tagged Specify the additional ports as tagged untagged Specify the additional ports as untagg...

Page 629: ... Specify to send GVRP out for this VLAN or not If not the VLAN cannot be joint dynamically enable Specify to enable GVRP disable Specify to disable GVRP Zxxx0 admin config vlan v1 add tagged 4 8 Command config vlan v1 add tagged 4 8 Success Zxxx0 admin Zxxx0 admin config vlan v1 delete 4 8 Command config vlan v1 delete 4 8 Success Zxxx0 admin Zxxx0 admin config vlan default advertisement enable Co...

Page 630: ...o add or delete ports to add Specify the port attribute to add tagged Specify the additional ports as tagged untagged Specify the additional ports as untagged forbidden Specify the ports to be forbidden from becoming members of the VLAN dynamically and not able to forward packets in this VLAN delete Specify the port status to delete portlist Specify a range of ports to add or delete to the VLAN ad...

Page 631: ...t enable Command config vlan vlanid default advertisement enable Success Zxxx0 admin portlist Specify a range of ports to be configured all Specify to configure all ports gvrp_state Specify if the port is allowed to dynamically become a member of a VLAN when receiving GVRP enable Enable GVRP for the ports specified in the port list disable Disable GVRP for the ports specified in the port list ingr...

Page 632: ...cceptable_frame Specify the type of frame that will be accepted by the port tagged_only Only tagged frame will be received admit_all Both tagged and untagged frames will be accepted pvid Specify the Port VID PVID that will be associated with the port vlanid 1 4094 Specify the VLAN ID between 1 and 4094 Zxxx0 admin config port_vlan 1 5 gvrp_state enable ingress_checking enable acceptable_frame tagg...

Page 633: ...ecking Acceptable Frame Type 1 1 Disabled Enabled All Frames 2 1 Disabled Enabled All Frames 3 1 Disabled Enabled All Frames Total Entries 3 Zxxx0 admin timer Specify GVRP timer join Specify the Join time will be set The default value is 200 milliseconds leave Specify the Leave time will be set The default value is 600 milliseconds leaveall Specify the LeaveAll time The default value is 10000 mill...

Page 634: ...VRP The default is disabled Format enable gvrp Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To enable the generic VLAN Registration Protocol GVRP Zxxx0 admin config gvrp timer join 200 Command config gvrp timer join 200 Success Zxxx0 admin Zxxx0 admin enable gvrp Command enable gvrp Success Zxxx0 admin ...

Page 635: ...e Generic VLAN Registration Protocol GVRP 65 12 show vlan Description This command is used to display summary information about each VLAN which includes VLAN ID VLAN Name Tagged Untagged Forbidden status for each port and Member Non member status for each port Format show vlan vlan_name 32 Parameters Zxxx0 admin disable gvrp Command disable gvrp Success Zxxx0 admin vlan_name 32 Optional Specify th...

Page 636: ... each port Format show vlan vlanid vidlist Parameters Restrictions None Zxxx0 admin show vlan Command show vlan VLAN Trunk State Disabled VLAN Trunk Member Ports VID 1 VLAN Name default VLAN Type Static Advertisement Enabled Member Ports 1 28 Static Ports 1 28 Current Tagged Ports Current Untagged Ports 1 28 Static Tagged Ports Static Untagged Ports 1 28 Forbidden Ports Total Static VLAN Entries 1...

Page 637: ...ple To display VLAN port settings Zxxx0 admin show vlan vlanid 1 Command show vlan vlanid 1 VID 1 VLAN Name default VLAN Type Static Advertisement Enabled Member Ports 1 28 Static Ports 1 28 Current Tagged Ports Current Untagged Ports 1 28 Static Tagged Ports Static Untagged Ports 1 28 Forbidden Ports Total Entries 1 Zxxx0 admin portlist Optional Specify a range of ports for which you want to disp...

Page 638: ...ne Example To display the GVRP status of the Switching Hub Zxxx0 admin show vlan ports 1 2 Command show vlan ports 1 2 Port VID Untagged Tagged Dynamic Forbidden 1 1 X 2 1 X Zxxx0 admin Zxxx0 admin show gvrp Command show gvrp Global GVRP Disabled Join Time 200 Milliseconds Leave Time 600 Milliseconds LeaveAll Time 10000 Milliseconds NNI BPDU Address dot1d Zxxx0 admin ...

Page 639: ...iated with a primary VLAN as the secondary VLAN the promiscuous port of the primary VLAN will behave as the untagged member of the secondary VLAN and the trunk port of the primary VLAN will behave as the tagged member of the secondary VLAN A secondary VLAN cannot be specified with advertisement Only the primary VLAN can be configured as a layer 3 interface The private VLAN member port cannot be co...

Page 640: ...e_vlan vlan_name 32 vlanid vidlist Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To display private VLAN settings Zxxx0 admin config private_vlan p1 add community vlanid 2 5 Command config private_vlan p1 add community vlanid 2 5 Success Zxxx0 admin vlan_name 32 Optional Specify the name of the private VLAN The maximum length is 32 ch...

Page 641: ...00 Promiscuous Ports 1 Trunk Ports 2 Isolated Ports 3 5 Isolated VLAN 20 Community Ports 6 8 Community VLAN 30 Community Ports 9 10 Community VLAN 40 Private VLAN 200 Promiscuous Ports 11 Trunk Ports 12 Isolated Ports 13 15 Isolated VLAN 50 Community Ports 16 18 Community VLAN 60 Zxxx0 admin ...

Page 642: ...ag information on the destination Switching Hub Figure 66 1 VLAN Trunking overview For VLAN Trunking configuration on ports with link aggregation configure the settings for the master port of link aggregation 66 1 enable vlan_trunk Description This command is used to enable VLAN trunking When VLAN trunking function is enabled the VLAN trunk ports shall be able to forward all tagged frames with any...

Page 643: ...and Example To enable VLAN trunking 66 2 disable vlan_trunk Description This command is used to disable VLAN trunking Format disable vlan_trunk Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable VLAN trunking Zxxx0 admin enable vlan_trunk Command enable vlan_trunk Success Zxxx0 admin ...

Page 644: ...ated link For a VLAN trunking port the VLANs on which the packets can be by passed will not be advertised by GVRP on this port However since the traffic on these VLANs is forwarded this VLAN trunking port should participate in the MSTP instances corresponding to these VLANs Format config vlan_trunk ports portlist all state enable disable Parameters Restrictions Only Administrator Operator and Powe...

Page 645: ...66 VLAN Trunking Commands 645 Zxxx0 admin config vlan_trunk ports 1 5 state enable Command config vlan_trunk ports 1 5 state enable Success Zxxx0 admin ...

Page 646: ...display VLAN trunking information Format show vlan_trunk Parameters None Restrictions None Example To display the current VLAN trunking information Zxxx0 admin show vlan_trunk Command show vlan_trunk VLAN Trunk Global Setting VLAN Trunk Status Disabled VLAN Trunk Member Ports Zxxx0 admin ...

Page 647: ...ent is called Supplicant The client sends an authentication request when connecting to the network and is able to access when authorized The authentication Switching Hub intermediates an authentication process between the client and authentication server It blocks connections to the network from unauthorized clients The authentication Switching Hub is also called Authenticator This Switching Hub a...

Page 648: ... authentication Authorize based on the MAC address of the client connected It authorizes even in an environment where multiple clients communicate on a single port of the authentication Switching Hub e g using an island hub You can register up to 448 MAC addresses per port Figure 67 2 Authentication in edge hub For authentication in an edge hub a Switching Hub acting as an edge hub requires the EA...

Page 649: ...st VLAN functions allows for restricted access such as authorizing connection to the Internet only instead of completely blocking communications from unauthorized clients Figure 67 3 Connection through guest VLAN Only one VLAN can be assigned to a guest VLAN ワヰヵユワヰヵユ ...

Page 650: ...te auth_configuration ports portlist config 802 1x capability ports portlist all authenticator none config 802 1x fwd_pdu ports portlist all enable disable config 802 1x fwd_pdu system enable disable config 802 1x auth_parameter ports portlist all default direction both in port_control force_unauth auto force_auth quiet_period sec 0 65535 tx_period sec 1 65535 supp_timeout sec 1 65535 server_timeo...

Page 651: ...mber 1 65535 timeout sec 1 255 retransmit int 1 20 1 config radius delete server_index 1 3 config radius server_index 1 3 ipaddress server_ip ipv6addr key password 32 auth_port udp_port_number 1 65535 default acct_port udp_port_number 1 65535 default timeout sec 1 255 default retransmit int 1 20 default 1 show radius show auth_statistics ports portlist show auth_diagnostics ports portlist show aut...

Page 652: ...evel users can issue this command Example To disable the 802 1X function 67 3 create 802 1x user Description This command is used to create an 802 1X user Format create 802 1x user username 15 Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Zxxx0 admin disable 802 1x Command disable 802 1x Success Zxxx0 admin username 15 Specify to add a user n...

Page 653: ...strator Operator and Power User level users can issue this command Example To delete the user named Tiberius Zxxx0 admin create 802 1x user ctsnow Command create 802 1x user ctsnow Enter a case sensitive new password Enter the new password again for confirmation Success Zxxx0 admin username 15 Specify to delete a user name Zxxx0 admin delete 802 1x user Tiberius Command delete 802 1x user Tiberius...

Page 654: ...on 67 6 config 802 1x auth_protocol Description This command is used to configure the 802 1X authentication protocol Format config 802 1x auth_protocol local radius_eap Parameters Zxxx0 admin show 802 1x user Command show 802 1x user Current Accounts Username Password ctsnow gallinari Total Entries 1 Zxxx0 admin local Specifiy the authentication protocol as local radius_eap Specify the authenticat...

Page 655: ...guration ports portlist Parameters Restrictions None Example To display 802 1X information Zxxx0 admin config 802 1x auth_protocol radius_eap Command config 802 1x auth_protocol radius_eap Success Zxxx0 admin auth_state Optional Specify to display the 802 1X authentication state of some or all ports auth_configuration Optional Specify to display 802 1X configuration of some or all ports ports Opti...

Page 656: ...ri VID State 1 00 00 00 00 00 01 10 Authenticated Idle A 4004 3 1 00 00 00 00 00 02 10 Authenticated Idle A 1234 1 00 00 00 00 00 04 30 Authenticating Response U 2 P Authenticating Request U 3 P Connecting Idle U 4 P Held Fail U Total Authenticating Hosts 3 Total Authenticated Hosts 2 Zxxx0 admin Zxxx0 admin show 802 1x auth_configuration ports 1 Command show 802 1x auth_configuration ports 1 Port...

Page 657: ...is command is used to configure the 802 1X PDU forwarding state on specific ports of the Switching Hub Format config 802 1x fwd_pdu ports portlist all enable disable portlist Specify a range of ports to be configured all Specify to configure all ports authenticator The port that wishes to enforce authentication before allowing access to services that are accessible via that port adopts the authent...

Page 658: ...able disable Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the 802 1X PDU forwarding state portlist Specify a range of ports to be configured all Specify all ports enable Enable the 802 1X PDU forwarding state disable Disable the 802 1X PDU forwarding state Zxxx0 admin config 802 1x fwd_pdu ports 1 2 enable Command config...

Page 659: ...ge of ports to be configured all Specify to configure all ports default Set all parameters to the default value direction Optional Set the direction of access control both For bidirectional access control in For ingress access control port_control Optional Force a specific port to be unconditionally authorized or unauthorized by setting the parameter of port_control to be force_authorized or force...

Page 660: ...alization value of the aWhile timer when timing out the authentication server Its default value is 30 and can be any value from 1 to 65535 sec 1 65535 The server timeout value must be between 1 an 65535 seconds max_req Optional The maximum number of times that the authenitcation PAE state machine will retransmit an EAP Request packet to the supplicant Its default value is 2 and can be any number f...

Page 661: ...this command Example To configure the 802 1X state of acceptation of an authorized configuration Zxxx0 admin config 802 1x auth_parameter ports 1 20 direction both Command config 802 1x auth_parameter ports 1 20 direction both Success Zxxx0 admin enable The authorization attributes such as VLAN 802 1p default priority and ACL assigned by the RADUIS server will be accepted if the global authorizati...

Page 662: ...e the authentication state machine of some or all port_based ports Used to configure authentication in port based mode portlist Specify a range of ports to be configured all Specify to configure all ports mac_based ports To configure authentication in host based 802 1X mode portlist Specify a range of ports to be configured all Specify to configure all ports mac_address Optional Specify the MAC ad...

Page 663: ...maximum numbers of the system 67 15 config 802 1x reauth Description This command is used to reauthenticate the device connected with the port During the reauthentication period the port status remains authorized until failed reauthentication Format config 802 1x reauth port_based ports portlist all mac_based ports portlist all mac_address macaddr value 1 448 Specify the maximum number of users no...

Page 664: ...lan_name 32 Parameters port_based ports The Switching Hub passes data based on its authenticated port portlist Specify a range of ports to be configured all Specify to configure all ports mac_based ports The Switching Hub passes data based on the MAC address of authenticated RADIUS client portlist Specify a range of ports to be configured all Specify to configure all ports mac_address Optional Spe...

Page 665: ...e the static VLAN itself Format delete 802 1x guest_vlan vlan_name 32 Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To delete a guest VLAN configuration Zxxx0 admin create 802 1x guest_vlan guestVLAN Command create 802 1x guest_vlan guestVLAN Success Zxxx0 admin vlan_name 32 Specify the guest VLAN name Zxxx0 admin delete 802 1x guest_...

Page 666: ...setting for ports 1 to 8 67 19 show 802 1x guest_vlan Description This command is used to display guest VLAN information Format show 802 1x guest_vlan portlist Specify a range of ports to be configured all Specify to configure all ports state Specify the guest VLAN port state of the configured ports enable Join the guest VLAN disable Remove from guest VLAN Zxxx0 admin config 802 1x guest_vlan port...

Page 667: ...20 1 Parameters Zxxx0 admin show 802 1x guest_vlan Command show 802 1x guest_vlan Guest Vlan Setting Guest vlan guest Enable guest vlan ports 1 10 Zxxx0 admin server_index 1 3 Specify the RADIUS server index server_ip Specify the IP address of the RADIUS server ipv6add Specifies the IPv6 address used key Specify the key pre negotiated between Switching Hub and the RADIUS server It is used to encry...

Page 668: ...acct_port Specify the UDP port number which is used to transmit RADIUS accounting statistics between the Switching Hub and the RADIUS server The range is 1 to 65535 udp_port_number 1 65535 The accounting statistics value must be between 1 and 65535 timeout Specify the time in seconds for waiting server reply The default value is 5 seconds int 1 255 The timeout value must be between 1 and 255 retra...

Page 669: ...radius delete 1 Command config radius delete 1 Success Zxxx0 admin server_index 1 3 Specify the RADIUS server index ipaddress Specify the IP address of the RADIUS server server_ip Enter the RADIUS server IP address here ipv6addr Enter the IPv6 address here key Specify the key pre negotiated between the Switching Hub and the RADIUS server It is used to encrypt user s authentication data before bein...

Page 670: ... the RADIUS server The default is 1812 udp_port_number 1 65535 The authentication port value must be between 1 and 65535 default Specify to use the default value timeout Specify the time in seconds for waiting for a server reply The default value is 5 seconds int 1 255 Specify the time in seconds for waiting for a server reply The timeout value must be between 1 and 255 The default value is 5 seco...

Page 671: ...S server configurations Format show radius Parameters None Restrictions None Example To display RADIUS server configurations Zxxx0 admin show radius Command show radius Index 1 IP Address 192 168 69 1 Auth Port 1812 Acct Port 1813 Timeout 5 Retransmit 2 Key 123456 Total Entries 1 Zxxx0 admin ...

Page 672: ...played portlist Specify a range of ports to be displayed Zxxx0 admin show auth_statistics ports 3 Command show auth_statistics ports 3 Auth VID 100 MAC Address 00 00 00 00 00 03 Port number 3 EapolFramesRx 0 EapolFramesTx 6 EapolStartFramesRx 0 EapolReqIdFramesTx 6 EapolLogoffFramesRx 0 EapolReqFramesTx 0 EapolRespIdFramesRx 0 EapolRespFramesRx 0 InvalidEapolFramesRx 0 EapLengthErrorFramesRx 0 Las...

Page 673: ...uth_diagnostics ports 3 Auth VID 100 MAC Address 00 00 00 00 00 03 Port number 1 EntersConnecting 20 EapLogoffsWhileConnecting 0 EntersAuthenticating 0 SuccessWhileAuthenticating 0 TimeoutsWhileAuthenticating 0 FailWhileAuthenticating 0 ReauthsWhileAuthenticating 0 EapStartsWhileAuthenticating 0 EapLogoffWhileAuthenticating 0 ReauthsWhileAuthenticated 0 EapStartsWhileAuthenticated 0 EapLogoffWhile...

Page 674: ...ional Specify a range of ports to be displayed portlist Specify a range of ports to be displayed Zxxx0 admin show auth_session_statistics ports 3 Command show auth_session_statistics ports 3 Auth VID 100 MAC Address 00 00 00 00 00 03 Port number 3 SessionOctetsRx 0 SessionOctetsTx 0 SessionFramesRx 0 SessionFramesTx 0 SessionId SessionAuthenticMethod Remote Authentication Server SessionTime 0 Sess...

Page 675: ...ds 675 67 27 show auth_client Description This command is used to display authentication client information Format show auth_client Parameters None Restrictions None Example To display authentication client information ...

Page 676: ...thenticators 0 radiusAuthClientPendingRequests 0 radiusAuthClientTimeouts 0 radiusAuthClientUnknownTypes 0 radiusAuthClientPacketsDropped 0 radiusAuthClient radiusAuthClientInvalidServerAddresses 0 radiusAuthClientIdentifier MANAGER radiusAuthServerEntry radiusAuthServerIndex 2 radiusAuthServerAddress 0 0 0 0 radiusAuthClientServerPortNumber X radiusAuthClientRoundTripTime 0 radiusAuthClientAccess...

Page 677: ...thServerEntry radiusAuthServerIndex 3 radiusAuthServerAddress 0 0 0 0 radiusAuthClientServerPortNumber X radiusAuthClientRoundTripTime 0 radiusAuthClientAccessRequests 0 radiusAuthClientAccessRetransmissions 0 radiusAuthClientAccessAccepts 0 radiusAuthClientAccessRejects 0 radiusAuthClientAccessChallenges 0 radiusAuthClientMalformedAccessResponses 0 radiusAuthClientBadAuthenticators 0 radiusAuthCl...

Page 678: ...ts 0 radiusAccClientTimeouts 0 radiusAccClientUnknownTypes 0 radiusAccClientPacketsDropped 0 radiusAcctClient radiusAcctClientInvalidServerAddresses 0 radiusAcctClientIdentifier MANAGER radiusAuthServerEntry radiusAccServerIndex 2 radiusAccServerAddress 0 0 0 0 radiusAccClientServerPortNumber X radiusAccClientRoundTripTime 0 radiusAccClientRequests 0 radiusAccClientRetransmissions 0 radiusAccClien...

Page 679: ...0 radiusAccClientBadAuthenticators 0 radiusAccClientPendingRequests 0 radiusAccClientTimeouts 0 radiusAccClientUnknownTypes 0 radiusAccClientPacketsDropped 0 Zxxx0 admin network Specify the accounting service for 802 1X port access control By default the service is disabled shell Specify the accounting service for shell events When a user logins or logouts of the Switching Hub via the console Teln...

Page 680: ...e information Format show accounting service Parameters None Restrictions None Example To display accounting service information Zxxx0 admin config accounting service shell state enable Command config accounting service shell state enable Success Zxxx0 admin Zxxx0 admin show accounting service Command show accounting service Accounting State Network Disabled Shell Disabled System Disabled Zxxx0 ad...

Page 681: ...te min 1 1440 idle_time infinite min 1 1440 block_time sec 0 300 1 config wac method local radius config wac default_redirpath string 128 config wac clear_default_redirpath config wac virtual_ip ipaddr config wac switch_http_port tcp_port_number 1 65535 create wac user username 15 vlan vlan_name 32 vlanid vlanid 1 4094 delete wac user username 15 all_users config wac user username 15 vlan vlan_nam...

Page 682: ...AC function 68 2 disable wac Description This command is used to disable the WAC function Format disable wac Parameters None Restrictions Only Administrator Operator and Power User level users can issue this command Example To disable the WAC function Zxxx0 admin enable wac Command enable wac Success Zxxx0 admin Zxxx0 admin disable wac Command disable wac Success Zxxx0 admin ...

Page 683: ...tance of an authorized configuration radius If specified to enable the authorized data assigned by the RADUIS server will be accepted if the global authorization network is enabled The default state is enabled enable Specify to enable authorized data assigned by the RADIUS server to be accepted disable Specify to disable authorized data assigned by the RADIUS server from being accepted local If sp...

Page 684: ...hich an authenticated host will be kept in authenticated state The default value is 1440 minutes infinite Specify to indicate the authenticated host on the port will not ageout min 1 1440 Specify an ageout value between 1 and 1440 minutes idle_timeSpecify a time period after which an authenticated host will be moved to un authenticated state if there is no traffic during that period The default va...

Page 685: ... command supports the protocol Format config wac method local radius Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure the WAC authentication method Zxxx0 admin config wac ports 1 5 aging_time 200 Command config wac ports 1 5 aging_time 200 Success Zxxx0 admin local Specify the authentication will be done via the local databa...

Page 686: ...inistrator Operator and Power User level users can issue this command Example To configure the WAC default redirect path 68 7 config wac clear_default_redirpath Description This command is used to clear the WAC default redirect path When the string is cleared the client will not be redirected to another URL after successful authentication Format config wac clear_default_redirpath Parameters string...

Page 687: ...ill be disabled By default the virtual IP is 0 0 0 0 The virtual IP will not respond to any ARP requests or ICMP packets To make this function work properly the virtual IP should not be an existing IP address It also cannot be located on an existing subnet Format config wac virtual_ip ipaddr Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Examp...

Page 688: ...or HTTP is 80 and the default port number for HTTPS is 443 If no protocol is specified the protocol is HTTP Format config wac switch_http_port tcp_port_number 1 65535 Parameters Restrictions Only Administrator Operator and Power User level users can issue this command Example To configure a TCP port which the WAC Switching Hub listens to tcp_port_number 1 65535 Specify a TCP port which the WAC Swi...

Page 689: ...Power User level users can issue this command Example To create a WAC account username 15 Specify the user account for Web based Access Control vlan Optional Specify the authentication VLAN name vlan_name 32 Specify the authentication VLAN name The VLAN name can be up to 32 characters long vlanid Optional Specify the authentication VLAN ID number vlanid 1 4094 Specify the authentication VLAN ID nu...

Page 690: ...Operator and Power User level users can issue this command Example To delete a WAC account user Specify the user account for Web based Access Control username 15 Specify the user account for Web based Access Control The username can be up to 15 characters long all_users Specify this option to delete all current WAC users Zxxx0 admin delete wac user duhon Command delete wac user duhon Success Zxxx0...

Page 691: ... Specify the name of user account which will change its VID vlan Specify the authentication VLAN name vlan_name 32 Specify the authentication VLAN name The VLAN name can be up to 32 characters long vlanid Specify the authentication VLAN ID vlanid 1 4094 Specify the authentication VLAN ID The VLAN ID must be between 1 and 4094 clear_vlan Specify to clear the specified VLAN Zxxx0 admin config wac us...

Page 692: ... Description This command is used to display WAC port information Format show wac ports portlist Parameters Zxxx0 admin show wac Command show wac Web based Access Control State Enabled Method RADIUS Redirect Path http www manager com Virtual IP 0 0 0 0 Switch HTTP Port 80 HTTP RADIUS Authorization Enabled Local Authorization Enabled Zxxx0 admin portlist Optional Specify a range of member ports to ...

Page 693: ...r Parameters None Restrictions None Example To show Web authentication user accounts Zxxx0 admin show wac ports 1 3 Command show wac ports 1 3 Port State Aging Time Idle Time Block Time min min sec 1 Disabled 1440 Infinite 60 2 Disabled 1440 Infinite 60 3 Disabled 1440 Infinite 60 Zxxx0 admin Zxxx0 admin show wac user Command show wac user User Name Password VID 123 1000 Total Entries 1 Zxxx0 admi...

Page 694: ...rt will return to un authenticated state All the timers associated with the port will be reset Format clear wac auth_state ports portlist all authenticated authenticating blocked macaddr macaddr portlist Optional Specify the list of ports whose WAC authentication state will be displayed Zxxx0 admin show wac auth_state ports Command show wac auth_state ports P Port based Pri Priority Port MAC Addre...

Page 695: ... cleared portlist Specify a range of ports all Specify to clear all ports authenticated Optional Specify to clear all authenticated users for a port authenticating Optional Specify to clear all authenticating users for a port blocked Optional Specify to clear all blocked users for a port macaddrSpecify to clear a specific user macaddr Enter the MAC address here Zxxx0 admin clear wac auth_state por...

Page 696: ...ndow title of the authentication page desc 64 Enter the login window title used here This value can be up to 64 characters long user_name_title Specifies to configure the user name title of the authentication page desc 32 Enter the user name title used here This value can be up to 32 characters long password_title Specifies to configure the password title of the authentication page desc 32 Enter t...

Page 697: ...entication page elements Zxxx0 admin config wac authentication_page element notification_line 1 Copyright All Rights Reserved Command config wac authentication_page element notification_line 1 Copyright All Rights Reserved Success Zxxx0 admin Zxxx0 admin show wac authenticate_page Command show wac authenticate_page Page Title MANAGER Login Window Title Authentication Login User Name Title User Nam...

Page 698: ...ort is below the maximum user limit in a time interval interval is project dependent 4 Warning MAC based Access Control enters stop learning state The authorized user number on the whole device has reached the maximum user limit 5 Warning MAC based Access Control recovers from stop learning state The authorized user number on the whole device is below the maximum user limit in a time interval inte...

Page 699: ...mational IP Directed Broadcast packet rate is high on subnet IP s IP Directed broadcast rate exceed 50 packets per second on a certain subnet 2 Informational IP Directed Broadcast rate is high IP Directed broadcast rate exceed 100 packets per second IP Directed Broadcast ...

Page 700: ...MAC macaddr Configuration downloaded successfully 6 Warning Configuration download by session unsuccessfully Username username IP ipaddr MAC macaddr Configuration download was unsuccessful 7 Informational Configuration uploaded by session successfully Username username IP ipaddr MAC macaddr Configuration uploaded successfully 8 Warning Configuration upload by session unsuccessfully Username userna...

Page 701: ...urations execute was unsuccessful 13 Informational Attack log message uploaded by session successfully Username username IP ipaddr MAC macaddr Attack log message uploaded successfully 14 Warning Attack log message upload by session unsuccessfully Username username IP ipaddr MAC macaddr Attack log message upload was unsuccessful Serverity Log message Explanation ...

Page 702: ... IP ipaddr MAC macaddr Configuration successfully downloaded 6 Warning Configuration download by session was unsuccessful Username username IP ipaddr MAC macaddr Configuration download was unsuccessful 7 Informational Configuration successfully uploaded by session Username username IP ipaddr MAC macaddr Configuration successfully uploaded 8 Warning Configuration upload by session was unsuccessful ...

Page 703: ... dynamic domain name cache be deleted 69 6 ARP Serverity Log message Explanation 1 Warning Conflict IP was detected with this device IP ipaddr MAC macaddr Port unitID portNum Interface ipif_name Gratuitous ARP detected duplicate IP 12 Warning Attack log message upload by session was unsuccessful Username username IP ipaddr MAC macaddr Attack log message upload was unsuccessful Serverity Log messag...

Page 704: ...ion timed out Username username IP ipaddr Telnet session timed out Telnet 69 8 Serverity Log message Explanation 1 Informational Port unitID portNum link up link state Port link up 2 Informational Port unitID portNum link down Port link down Interface 69 9 Serverity Log message Explanation 1 Warning 802 1X Authentication failure for reason from Username username Port unitID portNum MAC macaddr IEE...

Page 705: ...y This Ingress bandwidth will be assigned to the port 3 Informational RADIUS server ipaddr assigned egress bandwith egressBandwidth to port unitID portNum account username Egress bandwidth assigned from RADIUS server after RADIUS client is authenticated by RADIUS server successfully This egress bandwidth will be assigned to the port 4 Informational RADIUS server ipaddr assigned 802 1p default prio...

Page 706: ...ED TLV set detected on port portNum chassis id chassisType chassisID port id portType portID device class deviceClass Incompatible LLDP MED TLV set detected LLDP MED 69 12 Serverity Log message Explanation 1 Informational New voice device detected Port portNum MAC macaddr When a new voice device is detected in the port 2 Informational Port portNum add into Voice VLAN vid When a port which is in au...

Page 707: ...er Unit unitID Backup Master changed to Master 5 Informational Slave changed to master Master Unit unitID Slave changed to Master 6 Critical Hot insert failed box ID conflict Unit unitID conflict MAC macaddr and MAC macaddr Box ID conflict Serverity Log message Explanation 1 Informational SNMP request received from ipaddr with invalid community string SNMP request received with invalid community s...

Page 708: ...enabled SSH server is enabled 6 Informational SSH server is disabled SSH server is disabled 7 Informational Authentication Policy is enabled Module AAA Authentication Policy is enabled 8 Informational Authentication Policy is disabled Module AAA Authentication Policy is disabled 9 Warning Login failed through Console Telnet Web SSL SSH from ipaddr ipv6address due to AAA server ipaddr ipv6address t...

Page 709: ...y AAA local server ipaddr ipv6address Username username Enable Admin failed authenticated by AAA local or server 13 Informational Successful login through Console Telnet Web SSL SSH from ipaddr ipv6address authenticated by AAA local none server ipaddr ipv6address Username username Successful login authenticated by AAA local or none or server 14 Warning Login failed through Console Telnet Web SSL S...

Page 710: ... in a time interval 5 min 4 Informational WAC authenticated user Username string IP ipaddr MAC macaddr Port unitID portNum A client host authenticated successful WAC 69 17 Traffic Control Serverity Log message Explanation 1 Warning Port portNum Broadcast storm is occurring Broadcast storm occurrence 2 Informational Port portNum Broadcast storm has cleared Broadcast storm cleared 3 Warning Port por...

Page 711: ...69 System Log Lists 711 69 18 Serverity Log message Explanation 1 Informational Detected untrusted DHCP server IP ipaddr Port portNum Detected untrusted DHCP server IP address DHCP Server Screening ...

Page 712: ...nitID portNum old_status new_status STP port status is changed 7 Informational Spanning Tree port status changed Instance InstanceID port unitID portNum old_role new_role STP port role is changed 8 Informational Spanning Tree instance created Instance InstanceID STP instance is created 9 Informational Spanning Tree instance deleted Instance InstanceID STP instance is deleted 10 Informational Spann...

Page 713: ...21 DDM Serverity Log message Explanation 1 Critical Port unitID portNum SFP thresholdType exceedType the thresholdSubType alarm threshold DDM exceeded or recover from DDM alarm threshold 2 Warning Port unitID portNum SFP thresholdType exceedType the thresholdSubType warning threshold DDM exceeded or recover from DDM warning threshold 13 Informational Spanning Tree MST configuration ID VLAN mapping...

Page 714: ...tNum recover from BPDU under attacking state automatically BPDU attack automatically recovered 3 Informational Port unitID portNum recover from BPDU under attacking state manually BPDU attack manually recovered BPDU 69 23 Serverity Log message Explanation 1 Critical Unit unitID Right Side Fan value failed Right side fan failed 2 Critical Unit unitID Right Side Fan value recovered Right side fan re...

Page 715: ...ty Log message Explanation 1 Warning Dynamic DHCP binding entry conflicts with static ARP IP ipaddr MAC macaddr Port unitID portNum Dynamic DHCP binding entry conflicts with static ARP 2 Warning Dynamic DHCP binding entry conflicts with static IPSG entry IP ipaddr MAC macaddr Port unitID portNum Dynamic DHCP binding entry conflicts with static IPSG entry 3 Warning Creating DHCP binding entry faile...

Page 716: ... Master Node changes from Complete to Failed 3 Informational FDB was flushed Flushes its Forwarding Database based on RRP packets or state machine 4 Warning RRP ring status was changed to Link Up The RRP status in Transit Node changes to Link Up 5 Notice RRP ring status was changed to Link Down The RRP status in Transit Node changes to Link Down 6 Informational RRP ring status was changed to Pre F...

Page 717: ...69 System Log Lists 717 69 28 Serverity Log message Explanation 1 Emergency Uint unitID System re start reason system fatal error CPU exception lead to reboot system Others ...

Page 718: ...2 3z 1000BASE SX 1000BASE LX Diagnostic Monitoring Interface DMI SFF 8472 Console port x 1 RJ45 connector RS 232C ITU TS V 24 SD card slot x 1 Standard SD SDHC Class 2 4 6 10 Size 128 MB to 32 GB System Performance Store and forward system Switching capacity 56 Gbps Forwarding rate 10BASE T 14 880 pps 100BASE TX 148 800 pps 1000BASE T 1 488 000 pps 10GBASE X 14 880 000 pps Buffered memory 1 5 MB F...

Page 719: ...ion IEEE802 1ad 8 ports max per group 32 groups Port Monitoring Capable of monitoring multiple ports 1 set RSPAN Other Major Functions Tagged VLAN IEEE802 1Q 4094 max including default VLAN QoS IEEE802 1p 8 queues PQ WRR Access Control Storm Control Port based authentication IEEE802 1X Guest VLAN MAC based authentication w Guest VLAN Web based authentication w Guest VLAN Management Methods Console...

Page 720: ...DISMAN PING MIB RFC2925 DISMAN TRACEROUTE MIB RFC2925 IPV6 MIB RFC2465 Power Supply Specifications Power supply AC 100 240 V 50 60 Hz 2 0 A Power consumption Normally Max 23 7 W Min 12 4 W Environment Specifications Operating temperature 0 to 50 degrees C Operating humidity 20 to 80 RH no condensation Storage temperature 20 to 70 degrees C Storage humidity 10 to 90 RH no condensation External Spec...

Page 721: ... Please refer the operation manual included in ZEQUO asssit Plus archive file for more detail 1 Unzip the archive file ZEQUOASSISTPLUS_vxxxx zip included in attached CD ROM 2 Run ZEQUOASSIST exe and set login ID and password for this application 3 Click The ZEQUO series button in the ZEQUO assist Launcher 4 Click Terminal Emulator button in the ZEQUO assist main window 5 Check Console in Terminal ...

Page 722: ...rAttackingTrap 1 3 6 1 4 1 396 5 5 3 4 1 Port drop block shutdown is occurred by BPDU Attack Protection function swBpduProtectionRec overyTrap 1 3 6 1 4 1 396 5 5 3 4 2 The port is recovered automatically by BPDU Attack Protection function swFilterDetectedTrap 1 3 6 1 4 1 396 5 5 3 7 1 Violated DHCP server is detected by DHCP Server Screening function swPktStormOccurred 1 3 6 1 4 1 396 5 5 3 5 1 P...

Page 723: ...ngs of this Switching Hub or the terminal settings The SD CARD LED is not lit Is the SD card installed Ensure that the card is securely connected Communication Failure Is the UTP fiber cable connected to the correct port Are the SFP modules complied with the same standard each other Is the fiber cable correct the fiber mode single or multi Try to disable Power Saving or EEE Energy Efficient Ethern...

Page 724: ...ts 25 to 28 of the Switching Hub and the opposed ports to auto negotiation or the same port speed in the full duplex mode Check if equipment of which port mode is set to the half duplex mode is con nected to ports 25 to 28 Ports 25 to 28 do not link up with equipment in the half duplex mode Connect such equipment to ports 1 to 24 ...

Page 725: ... following information to the shop where you purchased this Switching Hub Product name Model number Product serial number 11 alphanumeric characters labeled on the back of the product Firmware version The number after Ver labeled on the unit package Problem status Please give as concrete information as possible Within the warranty period Repair service will be provided in accordance with the condi...

Page 726: ...OM Firmware Serial number 11 alphanumeric characters labeled on the product Shop Sales company Tel Customer service contact Tel Check screen is described in Section 5 8 of the Operating Instructions Panasonic Eco Solutions Networks Co Ltd 2015 2016 2 12 7 Higashi Shimbashi Minato ku Tokyo Japan 105 0021 URL http panasonic co jp es pesnw english P0315 2086 ...

Reviews:

No comments

Related manuals for ZEQUO 2200

Brand: TAMS Pages: 28

Brand: D-Link Pages: 14

Brand: Hama Pages: 9

Brand: UNICOM Pages: 1

Brand: Lindy Pages: 70

Brand: F&G Pages: 6

Brand: N-Tron Pages: 20

Brand: hager Pages: 2

Brand: HIKVISION Pages: 25

Brand: Canoga Perkins Pages: 7

Brand: GarrettCom Pages: 77

Brand: Allen-Bradley Pages: 2

Brand: Sven Pages: 4

Brand: UNIARCH Pages: 6

Summit X450-G2-24t-GE4

Brand: Extreme Networks Pages: 2

kontron KSwitch D3 UMP

Brand: S&T Pages: 36

Champion SeriesKD-2x1CSK

Brand: Key Digital Pages: 6

Brand: Dwyer Instruments Pages: 2

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands