background image

Command Guide  of  WGSW-28040

 

45 

1 | 10 | 192.168.1.111 | 49 | tackey   

 

 

4.2.8 tacacs host 

Command:   

tacacs host 

HOSTNAME

 [port 

<0-65535>

] [key 

TACPLUSKEY

] [priority 

<0-65535>

[timeout

 <1-30>

]   

 
no tacacs [host 

HOSTNAME

]   

 
Parameter: 

host 

HOSTNAME 

 

Specify  server host name, both IP address and domain name are available. 

 

port

 <0-65535>   

Specify  server udp port   

key

 TACPLUSKEY   

Specify  server key string   

priority 

<0-65535>   

Specify  server priority   

timeout 

<1-30>   

Specify  server timeout value   

 
Default:   

Default  key is “”.   

Default  timeout is 5 seconds.   

Mode: 

Global Configuration   

Usage Guide:   

Use “

tacacs host

” command to add or edit  server for authentication, authorization or accounting.   

Use no form to delete one or all  servers from database.   

Example:   

This example shows how to create a new  server   

 

Switch(config)# 

tacacs host 192.168.1.111 port 12345 key  priority 100 timeout 

10

   

 

This example shows how to show existing  server.   

 

Switch# 

show tacacs   

Prio | Timeout | IP Address | Port | Key   

Summary of Contents for WGSW-28040

Page 1: ...Command Guide of WGSW 28040 1 ...

Page 2: ...tion 22 4 1 802 1x 22 4 1 1 dot1x 22 4 1 2 dot1x authentication 23 4 1 3 dot1x reauthentication 24 4 1 4 dot1x timeout reauth period 25 4 1 5 dot1x timeout quiet period 26 4 1 6 dot1x timeout supp timeout 26 4 1 7 dot1x max req 27 4 1 8 dot1x guest vlan 28 4 1 9 dot1x guest vlan 30 4 1 10 show dot1x 31 4 1 11 show dot1x authenticated hosts 32 4 1 12 show dot1x interface 32 4 1 13 show dot1x guest ...

Page 3: ...l 54 4 3 5 permit IP 54 4 3 6 deny IP 57 4 3 7 ipv6 acl 59 4 3 8 permit IPv6 59 4 3 9 deny IPv6 61 4 3 10 bind acl 63 4 3 11 show acl utilization 64 4 4 Administration 66 4 4 1 enable 66 4 4 2 exit 67 4 4 3 configure 67 4 4 4 interface 68 4 4 5 line 69 4 4 6 end 70 4 4 7 reboot 70 4 4 8 system name 71 4 4 9 system contact 72 4 4 10 system location 73 4 4 11 username 74 4 4 12 enable password 75 4 ...

Page 4: ... 98 4 4 39 show ipv6 dhcp 99 4 4 40 show line 99 4 5 Cable Diagnostics 101 4 5 1 show cable diag interface 101 4 6 DHCP Snooping 102 4 6 1 Ip dhcp snooping 102 4 6 2 ip dhcp snooping vlan 102 4 6 3 ip dhcp snooping trust 103 4 6 4 ip dhcp snooping verify 104 4 6 5 ip dhcp snooping limit rate 105 4 6 6 clear ip dhcp snooping statistics 106 4 6 7 show ip dhcp snooping 106 4 6 8 show ip dhcp snooping...

Page 5: ...ction rate limit 127 4 8 6 clear ip arp inspection statistics 128 4 8 7 show ip arp inspection 129 4 8 8 show ip arp inspection interface 129 4 9 GVRP 131 4 9 1 gvrp 131 4 9 2 gvrp port 131 4 9 3 gvrp port registration mode 132 4 9 4 gvrp port creation vlan forbidden 133 4 9 5 clear gvrp statistics 134 4 9 6 show gvrp statistics 134 4 9 7 show gvrp 135 4 9 8 show gvrp port configuration 136 4 10 I...

Page 6: ...gmp snooping forward all 159 4 10 24 show ip igmp profile 160 4 10 25 show ip igmp port filter 160 4 10 26 show ip igmp port max group 161 4 10 27 show ip igmp port max group action 162 4 11 IP Source Guard 164 4 11 1 ip source verify 164 4 11 2 ip source binding 165 4 11 3 show ip source interface 165 4 11 4 show ip source binding 166 4 12 Link Aggregation 168 4 12 1 lag load balance 168 4 12 2 l...

Page 7: ... 202 4 14 2 logging flash buffered 203 4 14 3 logging host 204 4 14 4 show logging 206 4 14 5 show logging flash buffered 207 4 14 6 clear logging flash buffered 208 4 15 MAC Address Table 210 4 15 1 clear mac address table 210 4 15 2 mac address table aging time 211 4 15 3 mac address table static 211 4 15 4 mac address table static drop 212 4 15 5 show mac address table 213 4 15 6 show mac addre...

Page 8: ...w ipv6 mld snooping vlan 235 4 17 19 show ipv6 mld snooping forward all 235 4 17 20 show ipv6 mld profile 236 4 17 21 show ipv6 mld filter 237 4 17 22 show ipv6 mld max group 237 4 17 23 show ipv6 mld max group action 238 4 18 Port Security 240 4 18 1 port security 240 4 18 2 port security address limit 240 4 18 3 show port security 241 4 19 Port Error Disable 243 4 19 1 errdisable recovery cause ...

Page 9: ...rmon interfaces statistics 277 4 23 5 show rmon event 278 4 23 6 show rmon event log 279 4 23 7 show rmon alarm 280 4 23 8 show rmon history 280 4 23 9 show rmon history statistics 281 4 24 SNMP 283 4 24 1 snmp 283 4 24 2 snmp trap 283 4 24 3 snmp view 284 4 24 4 snmp access group 285 4 24 5 snmp community 286 4 24 6 snmp user 287 4 24 7 snmp engineID 288 4 24 8 snmp host 289 4 24 9 show snmp 290 ...

Page 10: ...panning tree tx hold count 307 4 26 10 spanning tree pathcost method 308 4 26 11 spanning tree port priority 309 4 26 12 spanning tree cost 309 4 26 13 spanning tree edge 310 4 26 14 spanning tree bpdu filter 311 4 26 15 spanning tree bpdu guard 311 4 26 16 spanning tree link type 312 4 26 17 spanning tree mst configuration 312 4 26 18 spanning tree mst priority 314 4 26 19 spanning tree mst cost ...

Page 11: ... tunnel vlan 337 4 29 11 switchport trunk native vlan 337 4 29 12 switchport trunk allowed vlan 338 4 29 13 switchport default vlan tagged 338 4 29 14 switchport forbidden default vlan 339 4 29 15 switchport forbidden vlan 340 4 29 16 management vlan 340 4 29 17 show management vlan 341 4 29 18 protocol vlan group 341 4 29 19 protocol vlan binding 343 4 29 20 show protocol vlan group 343 4 29 21 s...

Page 12: ...ine Interface CLI groups all the commands in appropriate modes by the nature of the commands Examples of the CLI command modes are described below Each of the command modes supports specific switch s commands The CLI Command Modes table captures the command modes the prompts visible in that mode and the exit method from that mode Command Mode Access Method Prompt Exit or Access Previous Mode User ...

Page 13: ...iguration mode The command prompt shown at this level is Command Prompt switch Global Config Mode This mode permits the operator to make modifications to the running configuration General setup commands are grouped in this mode From the Global Configuration mode the operator can enter the Interface Configuration mode The command prompt at this level is Command Prompt switch Config From the Global ...

Page 14: ...the cursor back one character Ctrl D Deletes the character at the cursor Ctrl E Jumps to the end of the current command line Ctrl F Moves the cursor forward one character Ctrl K Deletes from the cursor to the end of the command line Ctrl N Enters the next command line in the command history Ctrl P Enters the previous command line in the command history Ctrl U Deletes from the cursor to the beginni...

Page 15: ...alled with terminal emulator such as Hyper Terminal included in Windows XP 2003 Serial cable one end is attached to the RS 232 serial port while the other end to the console port of the Managed Switch Ethernet Port Connection Network cables Use standard network UTP cables with RJ 45 connectors The above PC is installed with Web Browser and JAVA runtime environment plug in ...

Page 16: ...nd system setting Users can use the attached RS 232 cable in the package and connect to the console port on the device After the connection users can run any terminal emulation program Hyper Terminal ProComm Plus Telix Winterm and so on to enter the startup screen of the device WGSW 28040 Rear Panel Figure 2 2 Rear Panel of WGSW 28040 A terminal program is required to make the software connection ...

Page 17: ...use you can remain connected and monitor the system during system reboots Also certain error messages are sent to the serial port regardless of the interface through which the associated action was initiated A Macintosh or PC attachment can use any terminal emulation program for connecting to the terminal serial port A workstation attachment under UNIX can use an emulator such as TIP ...

Page 18: ...ds to manage the Managed Switch For a detailed description of the commands please refer to the following chapters 1 For security reason please change and memorize the new password after this first setup 2 Only accept command in lowercase letter under console interface 2 3 Configuring IP Address The Managed Switch is shipped with default IP address shown below IP Address 192 168 0 100 Subnet Mask 2...

Page 19: ...d press Enter as shown in Figure 3 3 WGSW 28040 config ip address 192 168 1 100 mask 255 255 255 0 WGSW 28040 config ip default gateway 192 168 1 254 The previous command would apply the following settings for the Switch IP Address 192 168 1 100 Subnet Mask 255 255 255 0 Gateway 192 168 1 254 Figure 3 3 Configuring IP Address Screen 5 Repeat step 1 to check if the IP address is changed ...

Page 20: ...ure 3 4 Saving Current Configuration Command Screen If the IP is successfully configured the Managed Switch will apply the new IP address setting immediately You can access the Web interface of the Managed Switch through the new IP address If you are not familiar with the console command or the related parameter enter anytime in console to get the help description ...

Page 21: ... Managed Switch also supports telnet for remote management The switch asks for user name and password for remote login when using telnet please use admin for username password Default IP address 192 168 0 100 Username admin Password admin Figure 4 1 Managed Switch Telnet Login Screen ...

Page 22: ...based setting work Use the no form of this command to disable Example The following example shows how to enable 802 1X access control on port 1 Switch config dot1x switch config interface gi1 switch config if dot1x auto switch config if exit switch config show dot1x 802 1x protocol is Enabled 802 1x protocol version 2 switch config show dot1x interfaces gi1 Port Mode Current State Reauth Control R...

Page 23: ...sabled Mode Interface Configuration Usage Guide Use the dot1x command to enable 802 1X function on port Use the no form of this command to disable this function The enable of 802 1X global setting is a must Example The following example shows how to enable 802 1X access control on port 1 Switch config dot1x switch config interface gi1 switch config if dot1x auto switch config if exit switch config...

Page 24: ...le 802 1X periodical reauthentication function on port Use the no form of this command to disable this function Example The following example shows how to enable 802 1X access control on port 1 switch config interface gi1 switch config if dot1x reauth switch config if exit switch config show dot1x 802 1x protocol is Enabled 802 1x protocol version 2 switch config show dot1x interfaces gi1 Port Mod...

Page 25: ... command to configure the re authentication period Use the no form of this command to restore the period to default value Example The example shows how to configure re authentication period to 300 sec on port 1 switch config interface gi1 switch config if dot1x timeout reauth period 300 switch config if exit switch config show dot1x interfaces gi1 Port Mode Current State Reauth Control Reauth Peri...

Page 26: ...Use the no form of this command to restore the period to default value Example The example shows how to configure quiet period to 300 sec on port 1 switch config interface gi1 switch config if dot1x timeout quite period 300 switch config if exit switch config show dot1x interfaces gi1 Port Mode Current State Reauth Control Reauth Period gi1 Authentication Initialize Enabled 3600 Quiet Period 300 S...

Page 27: ...d to restore the period to default value Example The example shows how to configure supplicant period to 300 sec on port 1 switch config interface gi1 switch config if dot1x timeout supp timeout 300 switch config if exit switch config show dot1x interfaces gi1 Port Mode Current State Reauth Control Reauth Period gi1 Authentication Initialize Enabled 3600 Quiet Period 60 Second Supplicant timeout 3...

Page 28: ...re maximum request retries to 4 times on port 1 switch config interface gi1 switch config if dot1x max req 4 switch config if exit switch config show dot1x interfaces gi1 Port Mode Current State Reauth Control Reauth Period gi1 Authentication Initialize Enabled 3600 Quiet Period 60 Second Supplicant timeout 30 Second Max req 4 Session Time HH MM SS 0 0 0 0 4 1 8 dot1x guest vlan Command dot1x gues...

Page 29: ... to configure VLAN 2 as guest VLAN and enable guest VLAN on port 1 switch config dot1x guest vlan 2 switch config interface gi1 switch config if dot1x auto switch config if dot1x guest vlan switch config if exit switch config show dot1x guest vlan Guest VLAN ID 2 Port Guest VLAN In Guest VLAN gi1 Enabled No gi2 Disabled gi3 Disabled gi4 Disabled gi5 Disabled gi6 Disabled gi7 Disabled gi8 Disabled ...

Page 30: ...led Mode Interface Configuration Usage Guide Use the dot1x guest vlan command to enable guest VLAN function on a port Use the no form of this command to disable guest VLAN function For a port to become a member of guest VLAN after authentication fail you should also globally enable guest VLAN Example The example shows how to configure VLAN 2 as guest VLAN and enable guest VLAN on port 1 switch con...

Page 31: ...isabled gi4 Disabled gi5 Disabled gi6 Disabled gi7 Disabled gi8 Disabled gi9 Disabled gi10 Disabled gi11 Disabled gi12 Disabled gi13 Disabled gi14 Disabled gi15 Disabled gi16 Disabled gi17 Disabled gi18 Disabled gi19 Disabled gi20 Disabled gi21 Disabled gi22 Disabled gi23 Disabled gi24 Disabled gi25 Disabled gi26 Disabled gi27 Disabled gi28 Disabled 4 1 10 show dot1x ...

Page 32: ...is Disabled 802 1x protocol version 2 4 1 11 show dot1x authenticated hosts Command show dot1x auth hosts Mode Privileged EXEC Usage Guide Use show dot1x auth hosts command to show all dot1x authorized hosts Example This example shows how to show the dot1x authorized hosts Switch show dot1x auth hosts User Name Port Session Time Authentication Method MAC Address 8389_1 GE3 0 0 0 20 Remote 00 30 4F...

Page 33: ... show dot1x configurations on interface gi1 Switch show dot1x interfaces gi1 Port Mode Current State Reauth Control Reauth Period gi1 802 1X Disabled Enabled 3600 Quiet Period 60 Second Supplicant timeout 30 Second Max req 2 Session Time HH MM SS 0 0 0 0 4 1 13 show dot1x guest vlan Command show dot1x guest vlan Mode Privileged EXEC Usage Guide Use show dot1x guest vlan command to show dot1x guest...

Page 34: ...ed gi4 Disabled gi5 Disabled gi6 Disabled gi7 Disabled gi8 Disabled gi9 Disabled gi10 Disabled gi11 Disabled gi12 Disabled gi13 Disabled gi14 Disabled gi15 Disabled gi16 Disabled gi17 Disabled gi18 Disabled gi19 Disabled gi20 Disabled gi21 Disabled gi22 Disabled gi23 Disabled gi24 Disabled gi25 Disabled gi26 Disabled gi27 Disabled gi28 Disabled ...

Page 35: ...ation is used when user try to login into the switch Such as CLI login dialog and WEBUI login web page Enable authentication is used only on CLI for user trying to switch from User EXEC mode to Privileged EXEC mode Both of them support following authenticate methods Local Use local user account database to authenticate This method is not supported for enable authentication Enable Use local enable ...

Page 36: ... aaa authentication login lists Login List Name Authentication Method List default local test1 tacacs radius local This example shows how to add an enable authentication list to authenticate with order tacacs radius enable Switch config aaa authentication enable test1 tacacs radius enable This example shows how to show existing enable authentication lists Switch show aaa authentication login lists...

Page 37: ...t back Example This example shows how to create a new login authentication list and bind to telnet line Switch config aaa authentication login test1 tacacs radius local Switch config line telnet Switch config line login authentication test1 This example shows how to show line binding lists Switch show line lists Line Type AAA Type List Name console login default enable default exec default command...

Page 38: ...Mode Global Configuration Usage Guide Different access methods are allowed to bind different login authentication lists Use ip http https login authentication command to bind the list to WEBUI access from http or https Use no form to bind the default list back Example This example shows how to create two new login authentication lists and bind to http and https Switch config aaa authentication log...

Page 39: ... default acct cmd 8 default acct cmd 9 default acct cmd 10 default acct cmd 11 default acct cmd 12 default acct cmd 13 default acct cmd 14 default acct cmd 15 default telnet login default enable default exec default commands default acct exec default acct cmd 0 default acct cmd 1 default acct cmd 2 default acct cmd 3 default acct cmd 4 default acct cmd 5 default acct cmd 6 default acct cmd 7 defau...

Page 40: ...default acct cmd 1 default acct cmd 2 default acct cmd 3 default acct cmd 4 default acct cmd 5 default acct cmd 6 default acct cmd 7 default acct cmd 8 default acct cmd 9 default acct cmd 10 default acct cmd 11 default acct cmd 12 default acct cmd 13 default acct cmd 14 default acct cmd 15 default http login test1 https login test2 4 2 4 enable authentication Command enable authentication LISTNAME...

Page 41: ... back Example This example shows how to create a new enable authentication list and bind to telnet line Switch config aaa authentication enable test1 tacacs radius enable Switch config line telnet Switch config line enable authentication test1 This example shows how to show line binding lists Switch show line lists Line Type AAA Type List Name console login default enable default exec default comm...

Page 42: ...uthentication command to show login authentication or enable authentication method lists Example This example shows how to show existing login authentication lists Switch show aaa authentication login lists Login List Name Authentication Method List default local test1 tacacs radius local This example shows how to show existing enable authentication lists Switch show aaa authentication login lists...

Page 43: ...nction Example This example shows how to show line binding lists Switch show line lists Line Type AAA Type List Name console login default enable default exec default commands default accounting exec default telnet login default enable default exec default commands default accounting exec default ssh login default enable default exec default commands default accounting exec default http login defa...

Page 44: ...alues of tacacs server These default values will be used when user try to create a new tacacs server and not assigned these values Example This example shows how modify default tacacs configuration Switch config tacacs default config timeout 20 Switch config tacacs default config key tackey This example shows how to show default tacacs configurations Switch show tacacs default config Timeout Key 1...

Page 45: ...5 Specify tacacs server priority timeout 1 30 Specify tacacs server timeout value Default Default tacacs key is Default tacacs timeout is 5 seconds Mode Global Configuration Usage Guide Use tacacs host command to add or edit tacacs server for authentication authorization or accounting Use no form to delete one or all tacacs servers from database Example This example shows how to create a new tacac...

Page 46: ...lt config command to show tacacs default configurations Example This example shows how to show default tacacs configurations Switch show tacacs default config Timeout Key 10 tackey 4 2 10 show tacacs Command show tacacs Mode Privileged EXEC Usage Guide Use show tacacs command to show existing tacacs servers Example This example shows how to show existing tacacs server Switch show tacacs ...

Page 47: ...ault radius retransmit is 3 times Default radius timeout is 3 seconds Mode Global Configuration Usage Guide Use radius default config command to modify default values of radius server These default values will be used when user try to create a new radius server and not assigned these values Example This example shows how modify default radius configuration Switch config radius default config timeo...

Page 48: ...meout 1 30 type login 802 1x all no radius host HOSTNAME Parameter host HOSTNAME Specify radius server host name both IP address and domain name are available auth port 0 65535 Specify radius server udp port key RADIUSKEY Specify radius server key string priority 0 65535 Specify radius server priority retransmit 1 10 Specify radius server retransmit times timeout 1 30 Specify radius server timeout...

Page 49: ...ty 100 retransmit 5 timeout 10 type all This example shows how to show existing radius server Switch show radius Prio IP Address Auth Port Retries Timeout Usage Type Key 100 192 168 1 111 12345 5 10 All radiuskey 4 2 13 show radius default config Command show radius default config Mode Privileged EXEC Usage Guide Use show radius default config command to show radius default configurations Example ...

Page 50: ... Mode Privileged EXEC Usage Guide Use show radius command to show existing radius servers Example This example shows how to show existing radius server Switch show radius Prio IP Address Auth Port Retries Timeout Usage Type Key 100 192 168 1 111 12345 5 10 All radiuskey ...

Page 51: ...other ACL or QoS policy Once an ACL is created an implicit deny any ACE created at the end of the ACL That is if there are no matches the packets are denied Use the no form of this command to delete Example The example shows how to create a ip acl You can verify settings by the following show acl command Switch config mac acl test Switch mac al show acl MAC access list test 4 3 2 permit MAC Comman...

Page 52: ... conditions for a mac ACE that bypass those packets hit the ACE The sequence also represents hit priority when ACL bind to an interface An ACE not specifies sequence index would assign a sequence index which is the largest existed index plus 20 If packet content can match more than one ACE the lowest sequence ACE is hit An ACE can not be added if has the same conditions as existed ACE Example The ...

Page 53: ...utdown interface while ACE hit Mode MAC ACL Configuration Usage Guide Use the deny command to add deny conditions for a mac ACE that drop those packets hit the ACE The sequence also represents hit priority when ACL bind to an interface An ACE not specifies sequence index would assign a sequence index which is the largest existed index plus 20 If packet content can match more than one ACE the lowes...

Page 54: ... with other ACL or QoS policy Once an ACL is created an implicit deny any ACE created at the end of the ACL That is if there are no matches the packets are denied Use the no form of this command to delete Example The example shows how to create an IP ACL You can verify settings by the following show acl command Switch config ip acl iptest Switch ip al show acl IP access list iptest 4 3 5 permit IP...

Page 55: ...5535 echo discard time nameserver tacacs ds domain bootps bootpc tftp sunrpc ntp netbios n s snmp snmptrap who syslog PORT_RANGE any dscp precedence VALUE no sequence 1 2147483647 Parameter 1 2147483647 Optional Specify sequence index of ACE the sequence index represent the priority of an ACE in ACL A B C D A B C D a ny Specify the source IPv4 address and mask of packet or any IPv4 address A B C D...

Page 56: ...e added if has the same conditions as existed ACE Example The example shows how to add a set of ACEs You can verify settings by the following show acl command This command shows how to permit a source IP address subnet Switch ip al permit ip 192 168 1 0 255 255 255 0 This command shows how to permit ICMP echo request packet with any IP address Switch ip al permit icmp any any echo request any This...

Page 57: ... B C D any 0 65535 echo discard daytime ftp data ftp telnet smtp time hostname whois tacacs ds domain www pop2 pop3 syslog talk klogin kshell sunrpc drip PORT_RANGE any match all TCP_FLAG dscp precedence VALUE shutdown sequence 1 2147483647 deny udp A B C D A B C D any 0 65535 echo discard time nameserver tacacs ds domain bootps bootpc tftp sunrpc ntp netbios ns snmp snmptrap who syslog talk rip P...

Page 58: ...e urg ack psh rst syn fin urg ack psh rst syn and fin To define more than 1 flag enter additional flags one after another without a space example syn ack shutdown Optional Shutdown interface while ACE hit Mode IP ACL Configuration Usage Guide Use the deny command to add deny conditions for an IP ACE that drop those packets hit the ACE The sequence also represents hit priority when ACL bind to an i...

Page 59: ...CL That is if there are no matches the packets are denied Use the no form of this command to delete Example The example shows how to create an IPv6 ACL You can verify settings by the following show acl command Switch config ipv6 acl ipv6test Switch ipv6 al show acl IPv6 access list iptest 4 3 8 permit IPv6 Command sequence 1 2147483647 permit 0 255 ipv6 X X X X 0 128 any X X X X 0 128 any dscp pre...

Page 60: ...eserver tacacs ds domain bootps bootpc tftp sunrpc ntp netbios ns snmp snmptrap who syslog PORT_RANGE any dscp precedence VALUE no sequence 1 2147483647 Parameter 1 2147483647 Optional Specify sequence index of ACE the sequence index represent the priority of an ACE in ACL X X X X 0 128 a ny Specify the source IPv6 address and prefix of packet or any IPv6 address X X X X 0 128 a ny Specify the des...

Page 61: ... one ACE the lowest sequence ACE is hit An ACE can not be added if has the same conditions as existed ACE Example The example shows how to add a set of ACEs You can verify settings by the following show acl command This command shows how to permit a source IP address subnet Switch ipv6 al permit permit ipv6 fe80 1122 3344 5566 1 64 any Switch ipv6 al show acl IPv6 access list ipv6test sequence 1 p...

Page 62: ...sequence 1 2147483647 Parameter 1 2147483647 Optional Specify sequence index of ACE the sequence index represent the priority of an ACE in ACL A B C D A B C D a ny Specify the source IPv4 address and mask of packet or any IPv4 address A B C D A B C D a ny Specify the destination IPv4 address and mask of packet or any IPv4 address dscp VALUE Optional Specify the DSCP of packet precedence VLAUE Opti...

Page 63: ...t specifies sequence index would assign a sequence index which is the largest existed index plus 20 If packet content can match more than one ACE the lowest sequence ACE is hit An ACE can not be added if has the same conditions as existed ACE Use shutdown to shutdown interface while ACE hit Example The example shows how to add an ACE that denies packets with destination IP address fe80 abcd You ca...

Page 64: ...5 any 4 3 11 show acl utilization Command show all utilization Mode Global Configuration Usage Guide Use the show acl utilization command to show the usage of PIE of ASIC When a ACL bind to interface it needs ASIC PIE resource to help to filter packet An ASIC has limited PIE resource This command help user to know the PIE usage of AISC Example The example shows how to show PIE utilization Switch c...

Page 65: ...sed ACEs 0 ACEs Used by ACL 0 ACEs Used by QoS 0 Group Index 3 Group Assign to None Group Maximun ACEs 128 Group Remain ACEs 128 Group Used ACEs 0 ACEs Used by ACL 0 ACEs Used by QoS 0 Group Index 4 Group Assign to None Group Maximun ACEs 128 Group Remain ACEs 128 Group Used ACEs 0 ACEs Used by ACL 0 ACEs Used by QoS 0 ...

Page 66: ...ds are only available in privileged EXEC mode Use enable command to enter the privileged mode to do more actions on switch In privileged EXEC mode use exit command is able to go back to user EXEC mode with original user privilege level If you need to go back to user EXEC mode with different privilege level use disable command to specify the privilege level you need In privileged EXEC mode the prom...

Page 67: ...ion Interface Configuration Line Configuration Usage Guide In User EXEC mode exit command will close current CLI session In other modes exit command will go to the parent mode And every mode has the exit command Example This example shows how to enter privileged EXEC mode and use exit command to go back to user EXEC mode Switch enable Switch exit Switch 4 4 3 configure Command configure ...

Page 68: ... to select This parameter allows partial port name and ignore case For Example Gigabit4 If port range is specified the list format is also available For Example gi1 3 Mode Global Configuration Usage Guide Some configurations are port based In order to configure these configurations we need to enter Interface Configuration mode to configure them Use interface command to enter the Interface Configur...

Page 69: ...to configure Mode Global Configuration Usage Guide Some configurations are line based In order to configure these configurations we need to enter Line Configuration mode to configure them Use line command to enter the Line Configuration mode and select the line to be configured In Line Configuration mode the prompt will show as Switch config line Example This example shows how to enter Interface C...

Page 70: ... Every mode except User EXEC mode has the end command Example This example shows how to enter Interface Configuration mode and use end command to go back to privileged EXEC mode Switch configure Switch config interface gi1 Switch config if end Switch 4 4 7 reboot Command reboot Mode Privileged EXEC Usage Guide Use reboot command to make system hot restart Example This example shows how to restart ...

Page 71: ...shows how to modify contact information Switch config system name myname myname config This example shows how to show system name information Switch show info System Name myname System Location Default Location System Contact Default Contact MAC Address 00 30 4F EF 01 02 IP Address 192 168 0 100 Subnet Mask 255 255 255 0 Loader Version 1 3 0 26225 Loader Date Thu May 17 15 19 42 CST 2012 Firmware ...

Page 72: ...odify contact information Switch config system contact callme This example shows how to show system contact information Switch config system contact callme Switch show info System Name Switch System Location Default Location System Contact callme MAC Address 00 30 4F EF 01 02 IP Address 192 168 0 100 Subnet Mask 255 255 255 0 Loader Version 1 3 0 26225 Loader Date Thu May 17 15 19 42 CST 2012 Firm...

Page 73: ...o modify location information Switch config system location home This example shows how to show system location information Switch config system location home Switch show info System Name SwitchEF0102 System Location home System Contact Default Contact MAC Address 00 30 4f EF 01 02 IP Address 192 168 0 100 Subnet Mask 255 255 255 0 Loader Version 1 3 0 26225 Loader Date Thu May 17 15 19 42 CST 201...

Page 74: ...Specify custom privilege level password WORD 0 32 Specify password string and make it not encrypted Default Default username has password with privilege 1 Default username admin has password admin with privilege 15 Mode Global Configuration Usage Guide Use username command to add a new user account or edit an existing user account And use no username to delete an existing user account The user acc...

Page 75: ...ord WORD 0 32 Specify password string and make it not encrypted secret WORD 0 32 Specify password string and make it encrypted Default Default enable password for all privilege levels are Mode Global Configuration Usage Guide Use enable password command to edit password for each privilege level for enable authentication And use no enable command to restore enable password to default empty value Th...

Page 76: ...administration ipv4 address This address is very important When we try to use telnet ssh http https snmp to connect to the switch we need to use this ip address to access it Example This example shows how to modify the ipv4 address of the switch Switch config ip address 192 168 1 200 mask 255 255 255 0 This example shows how to show current ipv4 address of the switch Switch show ip IP Address 192 ...

Page 77: ...ateway address to factory default Example This example shows how to modify the ipv4 address of the switch Switch config ip default gateway 192 168 1 100 This example shows how to show current ipv4 default gateway of the switch Switch show ip IP Address 192 168 1 1 Subnet Netmask 255 255 255 0 Default Gateway 192 168 1 100 4 4 15 ip dns Command ip dns A B C D A B C D no ip dns A B C D Parameter A B...

Page 78: ...NS server of the switch Switch show ip dns DNS Server 1 111 111 111 111 DNS Server 2 222 222 222 222 4 4 16 ip dhcp Command ip dhcp no ip dhcp Default Default DHCP client is disabled Mode Global Configuration Usage Guide Use ip dhcp command to enabled dhcp client to get IP address from remote DHCP server Use no ip dhcp command to disabled dhcp client and use static ip address Example This example ...

Page 79: ...nfig command to disabled IPv6 auto configuration feature Example This example shows how to disable IPv6 auto config Switch config no ipv6 autoconfig This example shows how to show current IPv6 auto config state Switch show ipv6 IPv6 DHCP Configuration Disabled IPv6 DHCP DUID IPv6 Auto Configuration Disabled IPv6 Link Local Address fe80 dcad beff feef 102 64 IPv6 static Address fe80 20e 2eff fef1 4...

Page 80: ... add static ipv6 address of the switch Switch config ipv6 address fe80 20e 2eff fef1 4b3c prefix 128 This example shows how to show current ipv6 address of the switch Switch show ipv6 IPv6 DHCP Configuration Disabled IPv6 DHCP DUID IPv6 Auto Configuration Enabled IPv6 Link Local Address fe80 dcad beff feef 102 64 IPv6 static Address fe80 20e 2eff fef1 4b3c 128 IPv6 static Gateway Address IPv6 in u...

Page 81: ...ration Disabled IPv6 DHCP DUID IPv6 Auto Configuration Enabled IPv6 Link Local Address fe80 dcad beff feef 102 64 IPv6 static Address fe80 20e 2eff fef1 4b3c 128 IPv6 static Gateway Address IPv6 in use Address fe80 dcad beff feef 102 64 IPv6 in use Gateway Address 4 4 20 ipv6 dhcp Command ipv6 dhcp no ipv6 dhcp Default Default DHCPv6 client is disabled Mode Global Configuration Usage Guide Use ipv...

Page 82: ...nable Disable telnet service Ssh Enable Disable ssh service http Enable Disable http service https Enable Disable https service Default Default telnet service is disabled Default ssh service is disabled Default http service is enabled Default https service is disabled Mode Global Configuration Usage Guide Use ip service command to enable all kinds of ip services Such as telnet ssh http and https U...

Page 83: ...tps HTTPS daemon enabled Session Timeout 10 minutes 4 4 22 ip session timeout Command ip http https session timeout 0 86400 Parameter http Specify session timeout for http service https Specify session timeout for https service 0 86400 Specify session timeout minutes 0 means never timeout Default Default session timeout for http and https is 10 minutes Mode Global Configuration Usage Guide Use ip ...

Page 84: ...Timeout 20 minutes 4 4 23 exec timeout Command exec timeout 0 65535 Parameter 0 65535 Specify session timeout minutes 0 means never timeout Default Default session timeout for all lines are 10 minutes Mode line Configuration Usage Guide Use exec timeout command to specify the session timeout value for CLI running on console telnet or ssh service When user login into CLI and do not do any action af...

Page 85: ...nfig line exit This example shows how show line information Switch show line Console Session Timeout 15 minutes History Count 128 Password Retry 3 Silent Time 0 seconds Telnet Telnet Server disabled Session Timeout 20 minutes History Count 128 Password Retry 3 Silent Time 0 seconds SSH SSH Server disabled Session Timeout 25 minutes History Count 128 Password Retry 3 Silent Time 0 seconds 4 4 24 pa...

Page 86: ...iod of silent time which configured by the command silent time Example This example shows how to change console fail retry number to 4 telnet fail retry number to 5 and ssh fail retry number to 6 Switch config line console Switch config line password thresh 4 Switch config line exit Switch config line telnet Switch config line password thresh 5 Switch config line exit Switch config line ssh Switch...

Page 87: ...silent time for CLI running on console telnet or ssh service When user input password to login and authenticate failed the fail retry number will increase one After fail retry number exceed configured one the CLI will block login for the period of silent time which configured by the command silent time Example This example shows how to change console silent time to 10 telnet silent time to 15 and ...

Page 88: ...tory Count 128 Password Retry 3 Silent Time 10 seconds Telnet Telnet Server disabled Session Timeout 10 minutes History Count 128 Password Retry 3 Silent Time 15 seconds SSH SSH Server disabled Session Timeout 10 minutes History Count 128 Password Retry 3 Silent Time 20 seconds 4 4 26 history Command history 1 256 no history Parameter 1 256 Specify maximum CLI history entry number Default ...

Page 89: ...ommands Example This example shows how to change console history number to 100 telnet history number to 150 and ssh history number to 200 Switch config line console Switch config line history 100 Switch config line exit Switch config line telnet Switch config line history 150 Switch config line exit Switch config line ssh Switch config line history 200 Switch config line exit This example shows ho...

Page 90: ...ow show history commands Switch show history Maximun History Count 100 1 enable 2 configure 3 line console 4 exit 5 show history 6 line 7 exit 8 show history 9 configure 10 line 11 line console 12 exit 13 line console 14 history 100 15 exit 16 show history 17 exit 18 show history 4 4 27 clear service Command clear telnet ssh Parameter ...

Page 91: ...ow current telnet service status Switch clear telnet 4 4 28 ssl Command ssl Mode Global Configuration Usage Guide Use ssl command to generate security certificate files such as RSA DSA Example This example shows how to generate certificate files Switch config ssl This example shows how to show the certificate file lists Switch show flash File Name File Size Modified startup config 1191 2000 01 01 ...

Page 92: ...ng remote host 192 168 1 111 Switch ping 192 168 1 111 PING 192 168 1 111 192 168 1 111 56 data bytes 64 bytes from 192 168 1 111 icmp_seq 0 ttl 128 time 10 0 ms 64 bytes from 192 168 1 111 icmp_seq 1 ttl 128 time 0 0 ms 64 bytes from 192 168 1 111 icmp_seq 2 ttl 128 time 0 0 ms 64 bytes from 192 168 1 111 icmp_seq 3 ttl 128 time 0 0 ms 192 168 1 111 ping statistics 4 packets transmitted 4 packets...

Page 93: ... 192 168 1 111 Switch traceroute 192 168 1 111 traceroute to 192 168 1 111 192 168 1 111 30 hops max 40 byte packets 1 192 168 1 111 192 168 1 111 0 ms 10 ms 0 ms 4 4 31 clear arp Command clear arp A B C D show arp Parameter A B C D Specify specific arp entry to clear Mode User EXEC Privileged EXEC Usage Guide Use clear arp command to clear all or specific one arp entry Use show arp command to sho...

Page 94: ... 32 show version Command show version Mode User EXEC Privileged EXEC Usage Guide Use show version command to show loader and firmware version and build date Example This example shows how to show system version Switch show version Loader Version 1 3 0 26225 Loader Date Thu May 17 15 19 42 CST 2012 Firmware Version 2 5 0 beta 32811 Firmware Date Mon Sep 24 19 33 42 CST 2012 4 4 33 show info Command...

Page 95: ...t Contact MAC Address 00 30 4F EF 01 02 IP Address 192 168 1 1 Subnet Mask 255 255 255 0 Loader Version 1 3 0 26225 Loader Date Thu May 17 15 19 42 CST 2012 Firmware Version 2 5 0 beta 32811 Firmware Date Mon Sep 24 19 33 42 CST 2012 System Object ID 1 3 6 1 4 1 27282 3 2 10 System Up Time 0 days 1 hours 49 mins 29 secs 4 4 34 show history Command show history Mode User EXEC Privileged EXEC Global...

Page 96: ... configure 3 line console 4 exit 5 show history 6 line 7 exit 8 show history 9 configure 10 line 11 line console 12 exit 13 line console 14 history 100 15 exit 16 show history 17 exit 18 show history 4 4 35 show username Command show username Mode Privileged EXEC Usage Guide Use show username command show all user accounts in local database ...

Page 97: ...Y 15 secret test 7p57T9yMkViSUS 4 4 36 show ip Command show ip Mode User EXEC Privileged EXEC Usage Guide Use show ip command to show system IPv4 address net mask and default gateway Example This example shows how to show current ipv4 address of the switch Switch show ip IP Address 192 168 1 200 Subnet Netmask 255 255 255 0 Default Gateway 192 168 1 254 4 4 37 show ip dhcp Command show ip dhcp ...

Page 98: ...EXEC Privileged EXEC Usage Guide Use show ipv6 command to show system IPv6 address net mask default gateway and auto config state Example This example shows how to show current ipv6 address of the switch Switch show ipv6 IPv6 DHCP Configuration Disabled IPv6 DHCP DUID IPv6 Auto Configuration Enabled IPv6 Link Local Address fe80 dcad beff feef 102 64 IPv6 static Address fe80 20e 2eff fef1 4b3c 128 ...

Page 99: ...tate of the switch Switch show ipv6 dhcp DHCPv6 Status enabled 4 4 40 show line Command show line console telnet ssh Parameter console Select console line to show telnet Select telnet line to show ssh Select ssh line to show Mode Privileged EXEC Usage Guide Use show line command to show all line configurations including session timeout history count password retry number and silent time For telnet...

Page 100: ...nsole Session Timeout 15 minutes History Count 128 Password Retry 3 Silent Time 0 seconds Telnet Telnet Server disabled Session Timeout 20 minutes History Count 128 Password Retry 3 Silent Time 0 seconds SSH SSH Server disabled Session Timeout 25 minutes History Count 128 Password Retry 3 Silent Time 0 seconds ...

Page 101: ...e authenticate method including none local enable tacacs radius Mode Global Configuration Usage Guide Display the estimated length of copper cable attached to the ports show cable diag interface all Display the estimated length of copper cables attached to all ports show cable diag interface Disable the estimated length of copper cable attached to port gi1 Example Switch config show cable diag int...

Page 102: ...of this command to disable Example The example shows how to enable DHCP Snooping on VLAN 1 You can verify settings by the following show ip dhcp snooping command switch config ip dhcp snooping switch config ip dhcp snooping vlan 1 switch config show ip dhcp snooping DHCP Snooping enabled Enable on following Vlans 1 circuit id default format vlan port remote id 00 11 22 33 44 55 Switch Mac in Byte ...

Page 103: ...ou can verify settings by the following show ip dhcp snooping command switch config vlan 1 100 switch config exit switch config ip dhcp snooping switch config ip dhcp snooping vlan 1 100 switch config show ip dhcp snooping DHCP Snooping enabled Enable on following Vlans 1 100 circuit id default format vlan port remote id 00 11 22 33 44 55 Switch Mac in Byte Order switch config no ip dhcp snooping ...

Page 104: ...h config if ip dhcp snooping trust switch config if do show ip dhcp snooping interface gi1 Interfaces Trust State Rate pps hwaddr Check Insert Option82 gi1 Trusted None disabled disabled 4 6 4 ip dhcp snooping verify Command ip dhcp snooping verify mac address no ip dhcp snooping verify mac address Default DHCP snooping verify mac address is disabled Mode Interface Configuration Usage Guide Use th...

Page 105: ...DHCP packet Mode Interface Configuration Usage Guide Use the ip dhcp snooping limit rate command to set rate limitation on interface The switch drop DHCP packets after receives more than configured rate of packets per second Use the no form of this command to return to default settings Example The example shows how to set rate limit to 30 pps on interface gi1 You can verify settings by the followi...

Page 106: ... example shows how to clear statistics on interface gi1 You can verify settings by the following show ip dhcp snooping interface statistics command switch clear ip dhcp snooping interfaces gi1 statistics switch show ip dhcp snooping interfaces gi1 statistics Interfaces Forwarded Chaddr Check Dropped Untrust Port Dropped Untrust Port With Option82 Dropped Invalid Drop gi1 0 0 0 0 0 4 6 7 show ip dh...

Page 107: ...es IF_PORTS Parameter IF_PORTS specifies ports to show statistics Mode Global Configuration Usage Guide Use the show ip dhcp snooping interfaces command to show settings or statistics of interface Example The example shows how to show settings of interface gi1 switch show ip dhcp snooping interface gi1 Interfaces Trust State Rate pps hwaddr Check Insert Option82 gi1 Untrusted None enabled disabled...

Page 108: ...ntries that learned by DHCP Snooping Example The example shows how to show binding entries that learned by DHCP Snooping switch show ip dhcp snooping binding Bind Table Maximun Binding Entry Number 192 Port VID MAC Address IP Type Lease Time fa1 1 00 30 4F C7 12 62 192 168 1 100 255 255 255 255 DHCP Snooping 86400 4 6 10 ip dhcp snooping option Command ip dhcp snooping option no ip dhcp snooping o...

Page 109: ...ert Option82 gi1 Untrusted None disabled enabled 4 6 11 ip dhcp snooping option action Command ip dhcp snooping option action drop keep replace no ip dhcp snooping option action Parameter drop Drop packets with option82 that are received from un trusted port keep Keep original option82 content in packet replace Replace option82 content by switch setting Default DHCP snooping option82 is drop Mode ...

Page 110: ...it id is port id vlan id in byte format Mode Interface Configuration Usage Guide Use the ip dhcp snooping option circuit id command to set user defined circuit id string Circuit id is per port per VLAN setting If a VLAN is not found user defined circuit id then use per port circuit id string Use the no form of this command to default setting Example The example shows how to set a user defined circ...

Page 111: ...e string Use the no form of this command to default setting Example The example shows how to set a user defined remote id string on switch You can verify settings by the following show ip dhcp snooping option remote id switch config ip dhcp snooping option remote id test_remote switch config do show ip dhcp snooping option remote id Remote ID test_remote 4 6 14 show ip dhcp snooping option Command...

Page 112: ...p dhcp snooping database command to enable DHCP Snooping database agent The flash means that write backup file to switch local drive The tftp means that write backup file to remote TFTP server Use the no form of this command to disable Example The example shows how to enable DHCP Snooping database agent and write backup file to remote TFTP server with file name backup_file You can verify settings ...

Page 113: ...ase write delay Parameter 15 86400 Specifies the seconds of timeout Specify the duration for which the transfer should be delayed after the binding database changes Default DHCP snooping database write delay is 300 seconds Mode Global Configuration Usage Guide Use the ip dhcp snooping database write delay command to modify the write delay timer Use the no form of this command to default setting Ex...

Page 114: ...p dhcp snooping database timeout 0 86400 no ip dhcp snooping database timeout Parameter 0 86400 specifies the seconds of timeout Specify in seconds how long to wait for the database transfer process to finish before stopping the process Use 0 to define an infinite duration which means to continue trying the transfer indefinitely Default DHCP snooping database timeout is 300 seconds Mode Global Con...

Page 115: ...cessful Transfers 0 Failed Transfers 0 Successful Reads 0 Failed Reads 0 Successful Writes 0 Failed Writes 0 4 6 18 clear ip dhcp snooping database statistics Command clear ip dhcp snooping database statistics Mode Global Configuration Usage Guide Use the clear ip dhcp snooping database statistics command to clear statistics of DHCP Snooping databae Example The example shows how to clear statistic...

Page 116: ...oping database Command renew ip dhcp snooping database Mode Global Configuration Usage Guide Use the renew ip dhcp snooping database command to renew DHCP Snooping database from backup file Example The example shows how to renew DHCP Snooping database You can verify settings by the following show ip dhcp snooping database and show ip dhcp snooping binding command switch show ip dhcp snooping datab...

Page 117: ...5 DHCP Snooping 86400 4 6 20 show ip dhcp snooping database Command show ip dhcp snooping database Mode Global Configuration Usage Guide Use the show ip dhcp snooping database command to show settings of DHCP Snooping agent Example The example shows how to show settings of DHCP Snooping agent switch config show ip dhcp snooping database Type tftp 192 168 1 50 FileName backup_file Write delay Timer...

Page 118: ...Command Guide of WGSW 28040 118 Total Attempts 1 Successful Transfers 1 Failed Transfers 0 Successful Reads 1 Failed Reads 0 Successful Writes 0 Failed Writes 0 ...

Page 119: ...n sportl1024 deny synfin deny synrst deny tcp frag off min check tcpblat deny tcphdr min check udpblat deny xma deny dos icmp ping max length 0 65535 dos ipv6 min frag size length 0 65535 dos smurf netmask 0 32 dos tcphdr min length 0 31 Parameter daeqsa deny Enable Disable daeqsa deny protection icmp frag pkts deny Enable Disable icmp frag pkts deny protection icmp ping max length Specify icmp pi...

Page 120: ...deny protection xma deny Enable Disable xma deny protection Default Default enable state of all DoS types are enabled Default smurf netmask length is 0 Default tcphdr min length is 20 Default icmp ping max length is 512 Default ipv6 min frag size length is 1240 Mode Global Configuration Usage Guide DoS is using to protect malicious attack from other devices This command can configure DUT to enable...

Page 121: ... bits are set Example This example shows how to disable synfin deny and smurf with netmask length 30 Switch config no dos synfin deny Switch config dos smurf netmask 30 This example shows how to show current dos state on interface gi1 Switch show dos Type State Length DMAC equal to SMAC enabled Land DIP SIP enabled UDP Blat DPORT SPORT enabled TCP Blat DPORT SPORT enabled POD Ping of Death enabled...

Page 122: ...se dos command to enable dos configuration on selected ports Use no dos to diable on selected ports Example This example shows how to show current dos state on interface gi1 Switch show dos interfaces gi1 Port DoS Protection Gratuitous ARP gi1 enabled disabled 4 7 3 ip gratuitous arps Command ip gratuitous arps no ip gratuitous arps Default Default value is disable Mode ...

Page 123: ...terface gi1 Switch show dos interfaces gi1 Port DoS Protection Gratuitous ARP gi1 enabled disabled 4 7 4 show dos Command show dos interfaces IF_PORTS Parameter IF_PORTS Enable Disable syn fin protection Mode Privileged EXEC Usage Guide Use show dos command to show dos configuration on selected ports Example This example shows how to show current dos state on interface gi1 Switch show dos interfac...

Page 124: ...tion function Use the no form of this command to disable Example The example shows how to enable Dynamic Arp Inspection on VLAN 1 You can verify settings by the following show ip arp inspection command switch config ip arp inspection switch config ip arp inspection vlan 1 switch config show ip arp inspection Dynamic ARP Inspection enabled Enable on Vlans 1 4 8 2 ip arp inspection vlan Command ip a...

Page 125: ...c Arp Inspection and then disable VLAN 30 40 on Dynamic Arp Inspection You can verify settings by the following show ip arp inspection command switch config vlan 1 100 switch config exit switch config ip arp inspection switch config ip arp inspection vlan 1 100 switch config show ip arp inspection Dynamic ARP Inspection enabled Enable on Vlans 1 100 switch config no ip arp inspection vlan 30 40 sw...

Page 126: ...1 switch config ip arp inspection trust switch config do show ip arp inspection interface gi1 Interfaces Trust State Rate pps SMAC Check DMAC Check IP Check Allow Zero gi1 Trusted None disabled disabled disabled disabled 4 8 4 ip arp inspection validate Command ip arp inspection validate src mac ip arp inspection validate dst mac ip arp inspection validate ip allow zeros no ip arp inspection valid...

Page 127: ...face command switch config interface gi1 switch config if ip arp inspection validate src mac switch config if ip arp inspection validate dst ma switch config if ip arp inspection validate ip allow zeros switch config do show ip arp inspection interface gi1 Interfaces Trust State Rate pps SMAC Check DMAC Check IP Check Allow Zero gi1 Untrusted None enabled enabled enabled enabled 4 8 5 ip arp inspe...

Page 128: ...cs Command clear ip arp inspection interfaces IF_PORTS statistics Parameter IF_PORTS specifies ports to clear statistics Mode Global Configuration Usage Guide Use the clear ip arp inspection interfaces statistics command to clear statistics that are recorded on interface Example The example shows how to clear statistics on interface gi1 You can verify settings by the following show ip arp inspecti...

Page 129: ...ion switch config show ip arp inspection Dynamic ARP Inspection enabled Enable on Vlans 1 4 8 8 show ip arp inspection interface Command show ip arp inspection interfaces IF_PORTS show ip arp inspection interfaces IF_PORTS statistics Parameter IF_PORTS specifies ports to show statistics Mode Global Configuration Usage Guide Use the show ip arp inspection interfaces command to show settings or stat...

Page 130: ...d None disabled disabled disabled disabled The example shows how to show statistics of interface gi1 Switch config aaa authentication login test1 tacacs radius local switch show ip arp inspection interfaces gi1 statistics Port Forward Source MAC Failures Dest MAC Failures SIP Validation Failures DIP Validation Failures IP MAC Mismatch Failures gi1 0 0 0 0 0 0 ...

Page 131: ...Usage Guide no gvrp will clear all dynamic vlan entry do not learn vlan The configure can use show gvrp Example The following example specifies that set global gvrp test Switch config gvrp Switch show gvrp GVRP Status GVRP Enabled Join time 200 ms Leave time 600 ms LeaveAll time 10000 ms 4 9 2 gvrp port Command Gvrp ...

Page 132: ...terface gi1 Switch config if switchport mode trunk Switch config gvrp Switch show gvrp configuration interfaces gi1 Port GVRP Status Registration Dynamic VLAN Creation gi1 Enabled Normal Disabled 4 9 3 gvrp port registration mode Command gvrp registration mode normal fixed forbidden show gvrp configuration Parameter normal fixed forbidden normal register dynamic vlan and transmit all vlan attribut...

Page 133: ...GVRP Status Registration Dynamic VLAN Creation gi1 Enabled Fixed Disabled 4 9 4 gvrp port creation vlan forbidden Command gvrp vlan creation forbid no gvrp vlan creation forbid Default no gvrp vlan creation forbid Mode Interface Configuration Usage Guide gvrp vlan creation forbid will not remove dynamic port from vlan immediate The configure can use show gvrp configuration Example The following ex...

Page 134: ...faces IF_PORTS Specifies posts to clear statistics Mode Privileged Configuration Usage Guide This command will clear the ports error statistics or statistics info The configure can use show gvrp error statistics or show gvrp statistics to check Example The following example specifies that clear gvrp error statistics and statistics test Switch clear gvrp statistics Switch clear gvrp error statistic...

Page 135: ...tistics and statistics test Switch config aaa authentication login test1 tacacs radius local Switch show gvrp statistics Switch show gvrp error statistics INVPROT Invalid protocoal Id INVATYP Invalid Attribute Type INVALEN Invalid Attribute Length INVAVAL Invalid Attribute Value INVEVENT Invalid Event Port INVPROT INVATYP INVALEN INVAVAL INVEVENT gi1 0 0 0 0 0 gi2 0 0 0 0 0 gi3 0 0 0 0 0 gi4 0 0 0...

Page 136: ... show gvrp configuration interface IF_PORTS Parameter interface IF_PORTS Display Specifies posts configuration Mode Privileged Configuration Usage Guide This command will display the ports configuration info Example The following example specifies that display gvrp port configuration test Switch show gvrp configuration Port GVRP Status Registration Dynamic VLAN Creation gi1 Disabled Normal Enabled...

Page 137: ...Command Guide of WGSW 28040 137 gi 5 Disabled Normal Enabled gi 6 Disabled Normal Enabled gi 7 Disabled Normal Enabled More ...

Page 138: ...en do not learning the dynamic group and router port by igmp message The configure can use show ip igmp snooping Example The following example specifies that set ip igmp snooping test Switch config ip igmp snooping Switch show ip igmp snooping IGMP Snooping Status Snooping Enabled Report Suppression Enabled Operation Version v2 Forward Method mac Unknown Multicast Action Flood Switch config no ip ...

Page 139: ...lan router ports The configure can use show ip igmp snooping Example The following example specifies that disable ip igmp snooping report suppression test Switch config no ip igmp snooping report suppression Switch show ip igmp snooping IGMP Snooping Status Snooping Enabled Report Suppression Disabled Operation Version v2 Forward Method mac Unknown Multicast Action Flood 4 10 3 ip igmp snooping ve...

Page 140: ...nooping IGMP Snooping Status Snooping Enabled Report Suppression Disabled Operation Version v3 Forward Method mac Unknown Multicast Action Flood 4 10 4 ip igmp snooping unknown multicast action Command ip igmp snooping unknown multicast action drop flood router port Parameter drop flood router port Unknown multicast action for drop flood router port Default ip igmp snooping unknown multicast actio...

Page 141: ...h show ip igmp snooping IGMP Snooping Status Snooping Enabled Report Suppression Disabled Operation Version v2 Forward Method mac Unknown Multicast Action Router Port Switch config no ip igmp snooping Switch show ip igmp snooping IGMP Snooping Status Snooping Disabled Report Suppression Disabled Operation Version v2 Forward Method mac Unknown Multicast Action Flood 4 10 5 ip igmp snooping forward ...

Page 142: ... dst ip Switch show ip igmp snooping IGMP Snooping Status Snooping Disabled Report Suppression Disabled Operation Version v2 Forward Method src dst ip 4 10 6 ip igmp snooping querier Command ip igmp snooping vlan VLAN LIST querier no ip igmp snooping vlan VLAN LIST querier ip igmp snooping vlan VLAN LIST querier version 2 3 Parameter VLAN LIST specifies VLAN ID list to set 2 3 Query version 2 or 3...

Page 143: ...Querier IP 1 Disabled Non Querier No 2 Enabled Querier v2 192 168 1 254 Switch configure Switch config ip igmp snooping version 3 Switch config ip igmp snooping vlan 2 querier version 3 Switch config do show ip igmp snooping queier VID State Status Version Querier IP 1 Disabled Non Querier No 2 Enabled Querier v3 192 168 1 254 Switch config no ip igmp snooping queier Switch config do show ip igmp ...

Page 144: ...oping robustness admin 2 oper 2 IGMP Snooping query interval admin 125 sec oper 125 sec IGMP Snooping query max response admin 10 sec oper 10 sec IGMP Snooping last member query counter admin 2 oper 2 IGMP Snooping last member query interval admin 1 sec oper 1 sec IGMP Snooping last immediate leave disabled IGMP Snooping automatic learning of multicast router ports enabled Switch config no ip igmp...

Page 145: ...000 no ip igmp snooping vlan VLAN LIST query interval ip igmp snooping vlan VLAN LIST response time 5 20 no ip igmp snooping vlan VLAN LIST response time ip igmp snooping vlan VLAN LIST robustness variable 1 7 no ip igmp snooping vlan VLAN LIST robustness variable Parameter VLAN LIST specifies VLAN ID list to set last member query count 1 7 specifies last member query count to set Default is 2 las...

Page 146: ...ollowing example specifies that set ip igmp snooping vlan parameters test Switch config ip igmp snooping vlan 1 fastleave Switch config ip igmp snooping vlan 1 last member query count 5 Switch config ip igmp snooping vlan 1 last member query interval 3 Switch config ip igmp snooping vlan 1 query interval 100 Switch config ip igmp snooping vlan 1 response time 12 Switch config ip igmp snooping vlan...

Page 147: ...own vlan 1 ipv4 group will add the static ports ip igmp snooping vlan 1 forbidden port gi3 4 will add forbidden port gi3 4 for vlan 1 the all known vlan 1 ipv4 group will remove the forbidden ports The configure can use show ip igmp snooping forward all Example The following example specifies that set ip igmp snooping static forbidden port test Switch config ip igmp snooping vlan 1 static port gi1...

Page 148: ...n 1 forbidden router port gi2 will add forbidden router port gi2 for vlan 1 This will also remove gi2 from static router port The forbidden router port receive query will not forward The configure can use show ip igmp snooping router Example The following example specifies that set ip igmp snooping static forbidden test Switch config ip igmp snooping vlan 1 static router port gi1 2 Switch config i...

Page 149: ...port If the dynamic group exist then the static group will overlap the dynamic group If remove the last member of static group the static group will be delete The static group want to valid must igmp snooping vlan enable and ip igmp snooping enable The configure can use show ip igmp snooping group dynamic static to display And can use no ip igmp snooping vlan 1 group 224 1 1 1 to delete the static...

Page 150: ...llow Multicast address range ip address learning deny do not allow Multicast address range ip address learning Mode ip igmp profile 1 128 Global Configuration profile range ip ip addr ip addr action permit deny igmp profile config mode Usage Guide Use ip igmp profile 1 entry to the igmp profile config mode User profile range ip 224 1 1 1 224 1 1 8 action permit to configure the profile entry The p...

Page 151: ...1 5 224 1 1 10 action deny Switch config igmp profile show ip igmp profile IP igmp profile index 10 IP igmp profile action deny Range low ip 224 1 1 5 Range high ip 224 1 1 10 Switch config igmp profile exit Switch config exit Switch show ip igmp profile IP igmp profile index 1 IP igmp profile action permit Range low ip 224 1 1 1 Range high ip 224 1 1 8 IP igmp profile index 10 IP igmp profile act...

Page 152: ...atic group is excluded The configure can use show ip igmp filter to display Example The following example specifies that set ip igmp filter test The configure must create ip igmp profile firstly Switch config ip igmp profile 1 Switch config igmp profile profile range ip 224 1 1 1 224 1 1 8 action permit Switch config igmp profile exit Switch config interface gi1 Switch config if ip igmp filter 1 S...

Page 153: ...e use ip igmp max groups 10 to limit port learning max group num is 10 When the port had learned more than 10 groups then the more than 10 group will be remove the port form group static group is excluded The configure can use show ip igmp max group show ip igmp max group action to display Example The following example specifies that set ip igmp max groups and action is replace test Switch config ...

Page 154: ...rivileged Configuration Usage Guide This command will clear the ip igmp groups for dynamic or static or all of type The configure can use show ip igmp snooping groups to check Example The following example specifies that clear ip igmp snooping groups test Switch clear ip igmp snooping groups static Switch show ip igmp snooping groups Switch clear ip igmp snooping groups Switch show ip igmp snoopin...

Page 155: ...snooping statistics Switch show ip igmp snooping 4 10 17 show ip igmp snooping counters Command show ip igmp snooping groups counters Mode Privileged Configuration Usage Guide This command will display the ip igmp group counter include static group Example The following example specifies that display ip igmp snooping group counter test Switch show ip igmp snooping counters Total ip igmp snooping g...

Page 156: ...oups dynamic Switch show ip igmp snooping groups static 4 10 19 show ip igmp snooping router Command show ip igmp snooping router dynamic forbidden static Parameter dynamic forbidden static Display Ip igmp router info for different type Mode Privileged Configuration Usage Guide This command will display the ip igmp router info Example The following example specifies that show ip igmp snooping rout...

Page 157: ...cifies that show ip igmp snooping querier test Switch show ip igmp snooping querier VID State Status Version Querier IP 1 Disabled Non Querier No Total Entry 1 4 10 21 show ip igmp snooping Command show ip igmp snooping Mode Privileged Configuration Usage Guide This command will display ip igmp snooping global info Example The following example specifies that show ip igmp snooping test Switch show...

Page 158: ...ery RX 0 Specail Group Source Query RX 0 Leave TX 0 Report TX 0 General Query TX 0 Specail Group Query TX 0 Specail Group Source Query TX 0 4 10 22 show ip igmp snooping vlan Command show ip igmp snooping vlan VLAN LIST Parameter VLAN LIST Show specifies vlan ip igmp snooping info Mode Privileged Configuration Usage Guide This command will display ip igmp snooping vlan info Example The following e...

Page 159: ...rval admin 1 sec oper 1 sec IGMP Snooping last immediate leave disabled IGMP Snooping automatic learning of multicast router ports enabled 4 10 23 show ip igmp snooping forward all Command show ip igmp snooping forward all vlan VLAN LIST Parameter vlan VLAN LIST Show specifies vlan of ip igmp forward info Mode Privileged Configuration Usage Guide This command will display ip igmp snooping forward ...

Page 160: ...Example The following example specifies that show ip igmp profile test Switch show ip igmp profile IP igmp profile index 1 IP igmp profile action permit Range low ip 224 1 1 1 Range high ip 224 1 1 8 IP igmp profile index 2 IP igmp profile action deny Range low ip 225 1 1 0 Range high ip 225 1 2 1 4 10 25 show ip igmp port filter Command show ip igmp filter interfaces IF_PORTS Parameter interfaces...

Page 161: ...1 gi2 None gi3 None gi4 None gi5 None More 4 10 26 show ip igmp port max group Command show ip igmp max group interfaces IF_PORTS Parameter interfaces IF_PORTS Show specifies ports max group Mode Privileged Configuration Usage Guide This command will display ip igmp port max group Example The following example specifies that show ip igmp max group test Switch config aaa authentication login test1 ...

Page 162: ...p max group action interfaces IF_PORTS Parameter interfaces IF_PORTS Show specifies ports max group action Mode Privileged Configuration Usage Guide This command will display ip igmp port max group action Example The following example specifies that show ip igmp max group action test Switch config interface gi1 Switch config if ip igmp max groups action replace Switch config if exit Switch config ...

Page 163: ...Command Guide of WGSW 28040 163 gi1 replace gi2 deny gi3 deny gi4 deny gi5 deny More ...

Page 164: ...o form of this command to disable Example The example shows how to enable IP Source Guard with source IP address filtering on interface gi1 Switch config interface gi1 switch config if ip source verify The example shows how to enable IP Source Guard with source IP and MAC address filtering on interface gi2 You can verify settings by the following show ip source interfaces command Switch config int...

Page 165: ...urce binding command to create a static IP source binding entry has an IP address its associated MAC address VLAN ID interface Use the no form of this command to delete static entry Example The example shows how to add a static IP source binding entry You can verify settings by the following show ip source binding command Switch config ip source binding 00 11 22 33 44 55 vlan 1 192 168 1 55 interf...

Page 166: ...ntry Current Entry gi1 Verify MAC IP No Limit 0 4 11 4 show ip source binding Command show ip source binding dynamic static Parameter dynamic Show entries that added by DHCP snooping learn static Show entries that added by user Mode Global Configuration Usage Guide Use the show ip source binding command to show binding entries of IP Source Guard Example The example shows how to show static binding...

Page 167: ...Command Guide of WGSW 28040 167 gi1 1 00 11 22 33 44 55 192 168 1 55 255 255 255 255 Static NA ...

Page 168: ...destination MAC address for non IP packets Default Default load balance algorithm is src dst mac Mode Global Configuration Usage Guide Link aggregation group port should transmit packets spread to all ports to balance traffic loading There are two algorithm supported and this command allow you to select the algorithm Example This example shows how to change load balance algorithm to src dst mac ip...

Page 169: ...o connected DUT to select master switch Lower system priority value has higher priority And the DUT with higher priority can decide which ports are able to join the LAG Use no lacp system priority to restore to the default priority value The only way to show this configuration is using show running config command Example This example shows how to configure lacp system priority to 1000 Switch confi...

Page 170: ...nning config command Example This example shows how to configure interface fa1 lacp port priority to 100 Switch config interface gi1 Switch config if lacp port priority 100 4 12 4 lacp timeout Command lacp timeout long short Parameter long Send LACP packet every 30 seconds short Send LACP packet every 1 seconds Default Default LACP timeout is long Mode Interface Configuration Usage Guide LACP need...

Page 171: ... port passive Specify the LAG to be dynamic mode and join the interface into this LAG with LACP passive port Mode Interface Configuration Usage Guide Link aggregation group function allows you to aggregate multiple physical ports into one logic port to increase bandwidth This command makes normal port join into the specific LAG logic port with static or dynamic mode And use no lag to leave the LAG...

Page 172: ... 8 4 12 6 show lag Command Show lag Mode Privilleged Configuration Usage Guide Use show lag command to show current LAG load balance algorithm and members active inactive status Example This example shows how to show current LAG status Switch show lag Load Balancing src dst mac ip Group ID Type Ports 1 LACP Inactive gi1 3 2 3 4 5 6 ...

Page 173: ...Command Guide of WGSW 28040 173 7 8 ...

Page 174: ... be decided by lldp lldpdu command The LLDP enable status is displayed by show lldp command Example The following example sets LLDP enable disable Switch config lldp Switch show lldp State Enabled Timer 30 Seconds Hold multiplier 4 Reinit delay 2 Seconds Tx delay 2 Seconds LLDP packet handling Flooding Switch config no lldp Switch show lldp State Disabled Timer 30 Seconds Hold multiplier 4 Reinit ...

Page 175: ...ticed that both lldp tx interval and lldp tx delay affects the LLDP PDU TX time The larger value of the two configuration decides the TX interval The configuration could be shown by show lldp command Example This example sets LLDP TX interval to 10 seconds Switch config lldp tx interval 10 Switch show lldp State Disabled Timer 10 Seconds Hold multiplier 4 Reinit delay 2 Seconds Tx delay 2 Seconds ...

Page 176: ...n The port would not generate LLDP PDU until the delay counts to zero The configuration could be shown by show lldp command Example This example sets LLDP re initial delay to 5 seconds Switch config lldp reinit delay 5 Switch show lldp State Disabled Timer 10 Seconds Hold multiplier 4 Reinit delay 5 Seconds Tx delay 2 Seconds LLDP packet handling Flooding 4 13 4 lldp holdtime multiplier Command ll...

Page 177: ...delay 2 Seconds Tx delay 2 Seconds LLDP packet handling Flooding 4 13 5 lldp tx delay Command lldp tx delay 1 8192 Parameter 1 8192 Specify the LLDP tx delay in unit of seconds Default lldp tx delay 2 Mode Global Configuration Usage Guide This command globally configures the delay in seconds between successive LLDP frame transmissions The delay starts to count in any case LLDP PDU is sent such as ...

Page 178: ...gement addr management address Mode Interface Configuration Usage Guide This command per port configures the selected TLV attaching in PDU The no lldp tlv select command would remove all selected TLV The configuration could be shown by show lldp command Example This example selects system name system description system capability 802 3 MAC PHY 802 3 link aggregation 802 3 max frame size and manage...

Page 179: ...i3 802 3 optional TLVs 802 3 mac phy 802 3 lag 802 3 max frame size management addr 802 1 optional TLVs PVID Enabled 4 13 7 lldp tlv select pvid Command lldp tlv select pvid disable enable Parameter disable enable Specifies the LLDP 802 1 PVID TLV attach enable status Default lldp tlv select pvid enable Mode Interface Configuration Usage Guide This command per port configures the 802 1 PVID TLV at...

Page 180: ...sabled Timer 10 Seconds Hold multiplier 3 Reinit delay 2 Seconds Tx delay 2 Seconds LLDP packet handling Flooding Port State Optional TLVs Address gi1 RX TX 192 168 1 254 gi2 RX TX 192 168 1 254 Port ID gi1 802 3 optional TLVs 802 1 optional TLVs PVID Disabled Port ID gi2 802 3 optional TLVs 802 1 optional TLVs PVID Enabled 4 13 8 lldp tlv select vlan name Command lldp tlv select vlan name add rem...

Page 181: ...n 100 Switch config vlan exit Switch config vlan 4000 Switch config vlan exit Switch config interface gi10 Switch config if range switchport trunk allowed vlan add all Switch config if range lldp tlv select pvid enable Switch config if range exit Switch config show lldp interfaces gi1 gi2 State Disabled Timer 10 Seconds Hold multiplier 3 Reinit delay 2 Seconds Tx delay 2 Seconds LLDP packet handli...

Page 182: ...ally configures the LLDP PDU handling behavior when LLDP is globally disabled It should be noticed that if LLDP is globally enabled and per port LLDP RX status is configured to disabled the received LLDP PDU would be dropped instead of taking the global disable behavior The configuration could be shown by show lldp command Example This example sets LLDP disable action to bridging Switch config lld...

Page 183: ...e TX port gi4 to disable RX and TX Switch config interface gi1 Switch config if lldp rx Switch config if lldp tx Switch config if exit Switch config interface gi2 Switch config if no lldp rx Switch config if lldp tx Switch config if exit Switch config interface gi3 Switch config if lldp rx Switch config if no lldp tx Switch config if exit Switch config interface gi4 Switch config if no lldp rx Swi...

Page 184: ...s If LLDP MED is enabled LLDP MED capability TLV and other selected MED TLV would be attached The configuration could be shown by show lldp med command Example This example sets port gi1 4 to enable LLDP MED port gi5 8 to disable LLDP MED Switch config interface range gi1 4 Switch config if lldp med Switch config if exit Switch config interface range gi5 8 Switch config if no lldp med Switch confi...

Page 185: ... The command per port configures the LLDP MED TLV selection no lldp med tlv select command would remove all selected MED TLV over the dedicated ports It should be noticed that even no MED TLV is selected MED capability TLV would be attached if LLDP MED is enable The configuration could be shown by show lldp med command Example This example sets port gi1 2 to select LLDP MED network policy location...

Page 186: ... count 3 Mode Global Configuration Usage Guide The command globally configures the LLDP PDU fast start TX repeat count When port links up it will send LLDP PDU immediately to notify link partner The number of LLDP PDU sends when it links up depends on fast start repeat count configuration The LLDP PDU fast start transmits in interval of one second The fast start behavior works no matter LLDP MED i...

Page 187: ...pecify the L2 priority 0 63 Specify the DSCP value Mode Global Configuration Usage Guide The commands globally configures the LLDP MED network policy table The lldp med network policy command created a network policy entry that can be bind to ports If LLDP MED network policy voice auto mode is enabled voice type network policy can not be created since it is in auto mode The no lldp med network pol...

Page 188: ...Layer 2 priority 1 DSCP 63 4 13 15 lldp med network policy add remove Command lldp med network policy add remove 1 32 Parameter add remove Add or remove network policy binding for ports 1 32 Specify the network policy index Mode Interface Configuration Usage Guide The command per port configures the network policy binding for port interface The binded network policy of one port should be with diff...

Page 189: ...icy 32 Application type Conferencing VLAN ID 5 tagged Layer 2 priority 1 DSCP 63 Switch config interface range gi1 2 Switch config if range lldp med network policy add 1 32 Switch config show lldp interfaces gi1 2 med Port Capabilities Network Policy Location Inventory POE gi1 Yes Yes Yes Yes Yes gi2 Yes Yes Yes Yes Yes Port ID gi1 Network policies 1 32 Port ID gi2 Network policies 1 32 4 13 16 ll...

Page 190: ...mode to enable and then disable Switch config lldp med network policy auto Switch config show lldp med Fast Start Repeat Count 10 lldp med network policy voice auto Switch config no lldp med network policy auto Switch config show lldp med Fast Start Repeat Count 10 lldp med network policy voice manual 4 13 17 lldp med location Command lldp med location coordination civic address ecs elin ADDR no l...

Page 191: ...tion login test1 tacacs radius local Switch config interface gi1 Switch config if lldp med location coordinate 112233445566778899AABBCCDDEEFF00 Switch config if lldp med location civic address 112233445566 Switch config if lldp med location ecs elin 112233445566778899AA Switch config show lldp interfaces gi1 med Port Capabilities Network Policy Location Inventory POE gi1 Yes Yes Yes Yes Yes Port I...

Page 192: ... optional TLVs are port description PD system name SN system description SD and system capability SC Example This example displays lldp information of port gi1 and gi2 Switch show lldp interfaces gi1 gi2 State Disabled Timer 30 Seconds Hold multiplier 4 Reinit delay 2 Seconds Tx delay 2 Seconds LLDP packet handling Flooding Port State Optional TLVs Address gi1 RX TX PD SN SD SC 192 168 1 254 gi1 R...

Page 193: ...nfig show lldp local device LLDP Local Device Information Chassis Type Mac Address Chassis ID 00 12 12 12 12 12 System Name Switch System Description System Capabilities Support Bridge System Capabilities Enable Bridge Management Address 192 168 1 254 IPv4 Switch config show lldp interfaces gi1 local device Device ID 00 12 12 12 12 12 Port ID gi1 System Name Switch Capabilities Bridge System descr...

Page 194: ...entory LLDP MED Device type Network Connectivity LLDP MED Network policy Application type Voice Signaling Flags Unknown Policy VLAN ID 2 Layer 2 priority 3 DSCP 4 LLDP MED Network policy Application type Conferencing Flags Unknown Policy VLAN ID 5 Layer 2 priority 1 DSCP 63 Hardware revision 1123 Firmware revision 2 5 0 beta 32801 Software revision 2 5 0 beta 32801 Serial number abc Manufacturer N...

Page 195: ...LLDP PDU information Example This example displays the neighbor information Switch config show lldp neighbor Port Device ID Port ID SysName Capabilities TTL gi3 00 12 12 12 12 12 gi1 Switch Bridge 111 gi11 TREEBASE 00 1A 4D 26 EB E8 TREEBASE Station Only 33 Switch config show lldp interfaces gi3 neighbor Device ID 00 12 12 12 12 12 Port ID gi1 System Name Switch Capabilities Bridge System descript...

Page 196: ...k policy Application type Voice Signaling Flags Unknown Policy VLAN ID 2 Layer 2 priority 3 DSCP 4 LLDP MED Network policy Application type Conferencing Flags Unknown Policy VLAN ID 5 Layer 2 priority 1 DSCP 63 LLDP MED Power over Ethernet Device Type Power Sourcing Entity Power Source Primary Power Source Power priority Low Power value 13 0 Watts Hardware revision 1123 Firmware revision 2 5 0 bet...

Page 197: ...DP MED configuration information Example This example display the LLDP MED information Switch config show lldp med Fast Start Repeat Count 10 lldp med network policy voice manual Network policy 1 Application type Voice Signaling VLAN ID 2 tagged Layer 2 priority 3 DSCP 4 Network policy 32 Application type Conferencing VLAN ID 5 tagged Layer 2 priority 1 DSCP 63 Port Capabilities Network Policy Loc...

Page 198: ... Yes No No No gi18 Yes Yes No No No gi19 Yes Yes No No No gi20 Yes Yes No No No gi21 Yes Yes No No No gi22 Yes Yes No No No gi23 Yes Yes No No No gi24 Yes Yes No No No gi25 Yes Yes No No No gi26 Yes Yes No No No gi27 Yes Yes No No No gi28 Yes Yes No No No Switch config show lldp interfaces gi1 med Port Capabilities Network Policy Location Inventory POE gi1 Yes Yes Yes Yes Yes Port ID gi1 Network p...

Page 199: ...ds display the LLDP RX TX statistics Example This example display the LLDP statistics Switch config show lldp statistics LLDP Global Statistics Insertions 3 Deletions 0 Drops 0 Age Outs 1 TX Frames RX Frames RX TLVs RX Ageouts Port Total Total Discarded Errors Discarded Unrecognized Total gi1 50 0 0 0 0 0 0 gi2 0 0 0 0 0 0 0 gi3 0 50 0 0 0 0 1 gi4 0 0 0 0 0 0 0 gi5 0 0 0 0 0 0 0 gi6 0 0 0 0 0 0 0 ...

Page 200: ... 0 0 0 gi24 0 0 0 0 0 0 0 gi25 3377 0 0 0 0 0 0 gi26 3377 0 0 0 0 0 0 gi27 0 0 0 0 0 0 0 gi28 0 0 0 0 0 0 0 Switch config show lldp interfaces gi1 statistics LLDP Port Statistics TX Frames RX Frames RX TLVs RX Ageouts Port Total Total Discarded Errors Discarded Unrecognized Total gi1 51 0 0 0 0 0 0 4 13 23 show lldp tlv overloading Command show lldp interfaces IF_NMLPORTS tlvs overloading Paramete...

Page 201: ...s and if the TLVs overload the PDU length The TLVs with status marked overload would not be transmitted Example This example display the LLDP TLVs overloading status of port gi1 Switch config show lldp interfaces gi1 tlvs overloading gi1 TLVs Group Bytes Status Mandatory 21 Transmitted LLDP MED Capabilities 9 Transmitted LLDP MED Location 53 Transmitted LLDP MED Network Policies 20 Transmitted LLD...

Page 202: ...e logging service When the logging service is disabled all messages will stop logging to the system show logging Display the global logging status It will show the logging configuration of the system including the global logging status and the lists of logging services Example Switch config show logging Switch config no logging Switch config show logging Logging service is disabled TARGET STATUS S...

Page 203: ...h with the minimum severity The minimum severity value is 6 including messages of severity emergency alert critical error warning notice and info logging flash Enable the capability to log message to flash and the default minimum severity is 6 When the service is enables messages will start to be logged to the flash All logging messages will be saved when the system shutdown Only when the local lo...

Page 204: ...ging flash or buffered will be shown by the command show logging Otherwise the logging entry will be removed from the service list Example Switch config show logging Logging service is enabled TARGET STATUS Server PORT FACILITY LOG LEVEL buffered enabled emerg alert crit error warning notice info Switch config no logging buffer Switch config show logging Logging service is enabled TARGET STATUS Se...

Page 205: ...otice info and the facility is local7 All logging message will be sent to the remote server Only when the remote logging capability is enabled the status of remote logging service will be shown by the command show logging When an existed entry is set twice the old setting will be replaced and modified with the new one no logging host 192 168 1 100 Disable the capability to log messages to the remo...

Page 206: ...ost 192 168 1 100 Switch config show logging Logging service is enabled TARGET STATUS Server PORT FACILITY LOG LEVEL buffered enabled emerg alert crit error warning notice info flash enabled emerg alert crit error warning notice 4 14 4 show logging Command show logging Mode Global Configuration Privileged Configuration Usage Guide show logging Show the logging configuration The information include...

Page 207: ...flash RAM show logging flash Show the messages logged to the flash When the capability of the service is enabled it will show all message logged to the flash All messages will be logged in inverse chronological order show logging buffered Show the messages logged to the RAM When the capability of the service is enabled it will show all message logged to the RAM Logs will be lost after system shutd...

Page 208: ...08 00 23 System notice System Startup 4 14 6 clear logging flash buffered Command clear logging flash buffered Parameter flash Specify showing the messages logged to flash buffered Specify showing the messages logged to RAM Mode Global Configuration Privileged Configuration Usage Guide Clear the message logged to flash RAM clear logging flash Clear the messages logged to flash clear logging buffer...

Page 209: ...success 4 Jan 01 08 00 28 AAA info User is authorized with privilege level 1 5 Jan 01 08 00 28 AAA info User login from console success 6 Jan 01 08 00 24 System info Sysinfo variable resetdefault is set to value 0 7 Jan 01 08 00 23 System notice System Startup Switch clear logging buffered Switch show logging buffered Log messages in buffered NO Timestamp Category Severity Message ...

Page 210: ...ic mac entry on specified interface or VLAN or all dynamic mac entry in mac address table You can verify your setting by entering the show mac address table dynamic Privileged EXEC command Example This example shows how to delete dynamic MAC address entries on gi1 Switch show mac address table dynamic VID MAC Address Type Ports 1 00 30 4F 00 00 12 Dynamic gi11 1 00 30 4F 3B 1E E6 Dynamic gi1 Total...

Page 211: ...mple The following example show how to configure dynamic mac entry aging out time Switch config mac address table aging time 100 Switch show mac address table aging time Mac Address Table aging time 100 sec 4 15 3 mac address table static Command mac address table static A B C D E F vlan 1 4094 interfaces IF_PORTS no mac address table static A B C D E F vlan 1 4094 Parameter A B C D E F Destinatio...

Page 212: ...ac address table static 0 1 2 3 4 5 vlan 1 interfaces gi5 Switch config mac address table static 1 6 7 9 a b vlan 100 interfaces gi1 gi5 gi10 Switch show mac address table static VID MAC Address Type Ports 1 00 30 4F 03 04 05 Static gi5 100 00 30 4F 09 0A 0B Static gi1 gi5 gi10 Total number of entries 2 4 15 4 mac address table static drop Command mac address table static A B C D E F vlan 1 4094 d...

Page 213: ...F 03 04 05 Static gi5 100 00 30 4F 09 0A 0B Static gi1 gi5 gi10 20 00 30 4F 0D 0E 0F Filtering All Total number of entries 3 4 15 5 show mac address table Command show mac address table static dynamic interfaces IF_PORTS vlan 1 4094 show mac address table A B C D E F vlan 1 4094 Parameter static Add Edit login authentication list dynamic Displays only static MAC address table entries IF_PORTS Disp...

Page 214: ... containing the specified MAC address Switch show mac address table 0 1 2 3 4 5 VID MAC Address Type Ports 1 00 01 02 03 04 05 Static gi5 Total number of entries 1 4 15 6 show mac address table counters Command show mac address table counters Mode Privileged EXEC Usage Guide Use the show mac address table counters command in EXEC mode to display the number of addresses present in mac address table...

Page 215: ...tch show mac address table aging time Mac Address Table aging time 300 sec 4 16 Mirror 4 16 1 mirror session Command mirror session 1 4 source interfaces IF_PORTS both rx tx no mirror session 1 4 source interfaces IF_PORTS both rx tx mirror session 1 4 source vlan 1 4094 no mirror session 1 4 source vlan mirror session 1 4 destination interface IF_NMLPORT allow ingress no mirror session 1 4 destin...

Page 216: ...e or destination interfaces or filters from the SPAN session You can verify your setting by entering the show mirror Privileged EXEC command Example This example shows how to create a local SPAN session 1 to monitor both sent and received traffic on source port gi1 Switch config mirror session 1 source interface gi2 5 both Switch config mirror session 1 destination interface gi1 Switch config show...

Page 217: ...e This example shows how to display mirror session configuration Switch config show mirror Session 1 Configuration Source RX Port gi2 5 Source TX Port gi2 5 Destination port gi1 Ingress State disabled Session 2 Configuration Mirrored source Not Config Destination port Not Config Session 3 Configuration Mirrored source Not Config Destination port Not Config Session 4 Configuration Mirrored source N...

Page 218: ...he static ipv6 mld group invalid Then do not learning the dynamic group and router port by mld message The configure can use show ipv6 mld snooping Example This example shows how to specify that set ipv6 mld snooping test Switch config ipv6 mld snooping Switch show ipv6 mld snooping MLD Snooping Status Snooping Enabled Report Suppression Enabled Operation Version v1 Forward Method mac Unknown Mult...

Page 219: ...sage Guide no ipv6 mld snooping report suppression will disable mld v1 report suppression function So when receive report will forward to the vlan router ports The configure can use show ipv6 mld snooping Example This example shows how to specify that disable ipv6 mld snooping report suppression test Switch config no ipv6 mld snooping report suppression Switch show ipv6 mld snooping MLD Snooping S...

Page 220: ...ersion 2 packet is not process The configure can use show ipv6 mld snooping Example This example shows how to set ipv6 mld snooping version 2 Switch config ipv6 mld snooping version 2 Switch show ipv6 mld snooping MLD Snooping Status Snooping Enabled Report Suppression Disabled Operation Version v2 Forward Method mac Unknown Multicast Action Flood 4 17 4 ipv6 mld snooping vlan Command ipv6 mld sno...

Page 221: ...pv6 mld snooping vlan 1 MLD Snooping is globaly enabled MLD Snooping VLAN 1 admin enabled MLD Snooping oper mode enabled MLD Snooping robustness admin 2 oper 2 MLD Snooping query interval admin 125 sec oper 125 sec MLD Snooping query max response admin 10 sec oper 10 sec MLD Snooping last member query counter admin 2 oper 2 MLD Snooping last member query interval admin 1 sec oper 1 sec MLD Snoopin...

Page 222: ...er query interval 1 60 no ipv6 mld snooping vlan VLAN LIST last member query interval no ipv6 mld snooping vlan VLAN LIST router learn pim dvmrp no ipv6 mld snooping vlan VLAN LIST fastleave ipv6 mld snooping vlan VLAN LIST query interval 30 18000 no ipv6 mld snooping vlan VLAN LIST query interval ipv6 mld snooping vlan VLAN LIST response time 5 20 no ipv6 mld snooping vlan VLAN LIST response time...

Page 223: ... ipv6 mld snooping vlan parameters Switch config ipv6 mld snooping vlan 1 fastleave Switch config ipv6 mld snooping vlan 1 last member query count 5 Switch config ipv6 mld snooping vlan 1 last member query interval 3 Switch config ipv6 mld snooping vlan 1 query interval 100 Switch config ipv6 mld snooping vlan 1 response time 12 Switch config ipv6 mld snooping vlan 1 robustness variable 4 Switch s...

Page 224: ... all known vlan 1 ipv6 group will add the static ports ipv6 mld snooping vlan 1 forbidden port gi3 4 will add forbidden port gi3 4 for vlan 1 The all known vlan 1 ipv6 group will remove the forbidden ports The configuration can use show ipv6 mld snooping forward all Example This example shows how to set ipv6 mld snooping static forbidden port Switch config ipv6 mld snooping vlan 1 static port gi1 ...

Page 225: ...ing vlan 1 forbidden router port gi2 will add forbidden router port gi2 for vlan 1 This will also remove gi2 from static router port The forbidden router port received query will not forward The configure can use show ipv6 mld snooping router Example This example shows how to set ipv6 mld snooping static forbidden Switch config ipv6 mld snooping vlan 1 static router port gi1 2 Switch config ipv6 m...

Page 226: ... If remove the last member of static group the static group will be delete The static group want to valid must mld snooping vlan enable and ipv6 mld snooping enable The configure can use show ipv6 mld snooping groups dynamic static to display And can use no ipv6 mld snooping vlan 1 group ff12 1 to delete the static group Also can use clear ipv6 mld snooping groups to delete the static group Exampl...

Page 227: ...ile 1 entry to the mld profile config mode User profile range ipv6 ff12 1 ff12 8 action permit to configure the profile entry The profile entry is used by port filter The configure can use show ipv6 mld profile 1 128 to display Example This example shows how to set ipv6 mld profile Switch config ipv6 mld profile 1 Switch config mld profile profile range ipv6 ff13 1 ff13 10 action permit Switch con...

Page 228: ... low ip ff12 1 Range high ip ff12 12 4 17 10 ipv6 mld filter Command ipv6 mld profile 1 128 profile range ipv6 ipv6 addr ipv6 addr action permit deny show ipv6 mld profile 1 128 Parameter 1 128 specifies profile ID interfaces IF_PORTS Specifies interfaces to display Mode Interface mode Usage Guide After create ipv6 mld profile entry Can use ipv6 mld filter 1 to bind a profile for port When then po...

Page 229: ...e gi1 Switch config if ipv6 mld filter 1 Switch config if exit Switch config exit Switch show ipv6 mld filter Port ID Profile ID gi1 1 gi2 None gi3 None gi4 None gi5 None 4 17 11 ipv6 mld max groups Command ipv6 mld max groups 0 256 no ipv6 mld max groups ipv6 mld max groups action deny replace show ipv6 mld max group interfaces IF_PORTS show ipv6 mld max group action interfaces IF_PORTS Parameter...

Page 230: ...e configure can use show ipv6 mld max group show ipv6 mld max group action to display Example This example shows how to set ipv6 mld max groups and action is replace Switch config interface gi1 Switch config if ipv6 mld max groups 10 Switch config if ipv6 mld max groups action replace Switch config if exit Switch config exit Switch show ipv6 mld max group Port ID Max Group gi1 10 gi2 256 gi3 256 g...

Page 231: ...ed mode Usage Guide This command will clear the ipv6 mld groups for dynamic or static or all of type The configuration can use show ipv6 mld snooping groups to check Example This example shows how to clear ipv6 mld snooping groups Switch clear ipv6 mld snooping groups static Switch show ipv6 mld snooping groups Switch clear ipv6 mld snooping groups Switch show ipv6 mld snooping groups 4 17 13 clea...

Page 232: ...ng groups counters Command show ipv6 mld snooping groups counters Mode privileged mode Usage Guide This command will display the ipv6 mld group counter include static group Example This example shows how to display ipv6 mld snooping group counter Switch show ipv6 mld snooping counters 4 17 15 show ipv6 mld snooping groups Command show ipv6 mld snooping groups dynamic static Parameter none Show ipv...

Page 233: ...ld snooping router Command show ipv6 mld snooping router dynamic forbidden static Parameter none Show ipv6 mld router include dynamic and static and forbidden dynamic forbidden static Display ipv6 mld router info for different type Mode privileged mode Usage Guide This command will display the ipv6 mld router info Example This example shows how to show ipv6 mld snooping router Switch show ipv6 mld...

Page 234: ...ooping Switch show ipv6 mld snooping MLD Snooping Status Snooping Disabled Report Suppression Enabled Operation Version v1 Forward Method mac Unknown Multicast Action Flood Packet Statistics Total RX 0 Valid RX 0 Invalid RX 0 Other RX 0 Leave RX 0 Report RX 0 General Query RX 0 Specail Group Query RX 0 Specail Group Source Query RX 0 Leave TX 0 Report TX 0 General Query TX 0 Specail Group Query TX...

Page 235: ...ing VLAN 1 admin disabled MLD Snooping oper mode disabled MLD Snooping robustness admin 2 oper 2 MLD Snooping query interval admin 125 sec oper 125 sec MLD Snooping query max response admin 10 sec oper 10 sec MLD Snooping last member query counter admin 2 oper 2 MLD Snooping last member query interval admin 1 sec oper 1 sec MLD Snooping last immediate leave disabled MLD Snooping automatic learning...

Page 236: ... VLAN 1 MLD Snooping static port None MLD Snooping forbidden port None 4 17 20 show ipv6 mld profile Command show ipv6 mld profile 1 128 Parameter 1 128 Show specifies index profile info Mode privileged mode Usage Guide This command will display ipv6 mld profile info Example This example shows how to show ipv6 mld profile Switch show ipv6 mld profile IPv6 mld profile index 1 IPv6 mld profile actio...

Page 237: ... privileged mode Usage Guide This command will display ipv6 mld port filter info Example This example shows how to show ipv6 mld filter Switch show ipv6 mld filter Port ID Profile ID gi1 1 gi2 None gi3 None gi4 None gi5 None More 4 17 22 show ipv6 mld max group Command show ipv6 mld max group interfaces IF_PORTS Parameter interfaces IF_PORTS Show specifies ports max group ...

Page 238: ... config if exit Switch config exit Switch show ipv6 mld max group Port ID Max Group gi1 50 gi2 256 gi3 256 gi4 256 gi5 256 More 4 17 23 show ipv6 mld max group action Command show ipv6 mld max group action interfaces IF_PORTS Parameter interfaces IF_PORTS Show specifies ports max group action Mode privileged mode Usage Guide This command will display ipv6 mld port max group action Example This exa...

Page 239: ...itch config interface gi1 Switch config if ipv6 mld max groups action replace Switch config if exit Switch config exit Switch show ipv6 mld max group action Port ID Max groups Action gi1 replace gi2 deny gi3 deny gi4 deny gi5 deny More ...

Page 240: ...his command to disable Example This example shows how to enable port security on port 1 and set the learning limit number to 10 switch config interface gi1 switch config if port security address limit 10 action discard switch config if port security switch config show port security interfaces gi1 Port Mode Security CurrentAddr Action gi1 Dynamic Enabled 10 0 Discard 4 18 2 port security address li...

Page 241: ...s limit default is 10 and action is discard Mode Interface Configuration Usage Guide Use the port security address limit command to set the learning limit number and the violation action Use the no form of this command to restore the default settings Example The following example shows how to enable port security on port 1 and set the learning limit number to 10 switch config interface gi1 switch ...

Page 242: ...EC Usage Guide Use show port security interfaces command to show port security information of the specified port Example This example shows how to show port security configurations on interface gi1 Switch show port security interfaces gi1 Port Mode Security CurrentAddr Action gi1 Dynamic Enabled 10 0 Discard ...

Page 243: ...ast flood Enable Disable to auto recovery for port error disabled by storm control broadcast flood reason bpduguard Enable Disable to auto recovery for port error disabled by STP BPDU Guard reason dhcp rate limit Enable Disable to auto recovery for port error disabled by dhcp rate limit reason psecure violation Enable Disable to auto recovery for port error disabled by violate port security rule r...

Page 244: ... recovery cause bpduguard Switch config errdisable recovery cause broadcast flood This example shows how to show current auto recovery state of each reason and port error disabled status Switch show errdisable recovery ErrDisable Reason Timer Status bpduguard enabled udld disabled selfloop disabled broadcast flood enabled unknown multicast flood disabled unicast flood disabled acl disabled psecure...

Page 245: ...ror disabled Example This example shows how to configure the auto recovery interval to 600 seconds Switch config errdisable recovery interval 600 This example shows how to show current auto recovery interval Switch show errdisable recovery ErrDisable Reason Timer Status bpduguard enabled udld disabled selfloop disabled broadcast flood enabled unknown multicast flood disabled unicast flood disabled...

Page 246: ...us Example This example shows how to show current auto recovery interval Switch show errdisable recovery ErrDisable Reason Timer Status bpduguard enabled udld disabled selfloop disabled broadcast flood enabled unknown multicast flood disabled unicast flood disabled acl disabled psecure violation disabled dhcp rate limit disabled arp inspection disabled Timer Interval 600 seconds Interfaces that wi...

Page 247: ...quoted to wrap it Use no form to restore description to empty string Example This example shows how to modify port descriptions Switch config interface gi1 Switch config if description userport Switch config if exit Switch config interface gi2 Switch config if description uplink port This example shows how to show current port description on interface fa1 and fa2 Switch show interfaces gi1 2 statu...

Page 248: ...ed is auto with all available abilities Mode Interface Configuration Usage Guide Use speed command to change port speed configuration The speed is only able to configure to the physical maximum speed For example in fast Ethernet port speed 1000 is not available Example This example shows how to modify port speed configuration Switch config interface gi1 Switch config if speed 100 Switch config if ...

Page 249: ...r auto Specify port duplex to auto negotiation full Specify port duplex to force full duplex half Specify port duplex to force half duplex Default Default port duplex is auto Mode Interface Configuration Usage Guide Use duplex command to change port duplex configuration Example This example shows how to add a login authentication list to authenticate with order tacacs radius local Switch config aa...

Page 250: ...itch config interface gi1 Switch config if flow control on This example shows how to show current flow control configuration Switch show interfaces gi1 Hardware is Gigabit Full duplex Auto speed media type is Copper flow control is on 0 packets input 0 bytes 0 throttles Received 0 broadcasts 0 multicasts 0 runts 0 giants 0 throttles 0 input errors 0 CRC 0 frame 0 overrun 0 ignored 0 multicast 0 pa...

Page 251: ...hutdown command can also recovery the port manually Example This example shows how to modify port duplex configuration Switch config interface gi1 Switch config if shutdown This example shows how to show current admin state configuration Switch show running config interfaces gi1 interface gi1 shutdown 4 20 6 jumbo frame Command jumbo frame 64 9216 Parameter 64 9216 Specify the maximum frame size D...

Page 252: ...urrent jumbo frmae size Switch show running config interface gi1 interface gi1 jumbo frame 9216 4 20 7 protected Command protected no protected Mode Interface Configuration Usage Guide Use protected command to make port to be protected Protected port is only allowed to communicate with unprotected port In other words protected port is not allowed to communicate with another protected port Use no f...

Page 253: ...ce Configuration Usage Guide Use eee command to make port to enable the energy efficient Ethernet feature and use no eee command to disable it The only way to show this configuration is using show running config command Example This example shows how to configure port gi1 to be protected port Switch config interface gi1 Switch config if eee This example shows how to show current jumbo frmae size S...

Page 254: ...ces gi1 counters This example shows how to show current counters Switch show interfaces gi1 Hardware is gigabit Auto duplex Auto speed media type is Copper flow control is off 0 packets input 0 bytes 0 throttles Received 0 broadcasts 0 multicasts 0 runts 0 giants 0 throttles 0 input errors 0 CRC 0 frame 0 overrun 0 ignored 0 multicast 0 pause input 0 input packets with dribble condition detected 0...

Page 255: ... show interfaces gi1 Hardware is Gigabit Auto duplex Auto speed media type is Copper flow control is off 0 packets input 0 bytes 0 throttles Received 0 broadcasts 0 multicasts 0 runts 0 giants 0 throttles 0 input errors 0 CRC 0 frame 0 overrun 0 ignored 0 multicast 0 pause input 0 input packets with dribble condition detected 0 packets output 0 bytes 0 underrun 0 output errors 0 collisions 0 inter...

Page 256: ...WGSW 28040 256 Port Protected State gi1 enabled gi2 enabled This example shows how to show current port status Switch show interfaces gi1 status Port Name Status Vlan Duplex Speed Type gi1 connected 1 full a 100M Copper ...

Page 257: ...function is disabled and all packets will go through lowest priority queue It means first in will be first out no QoS is guarantee Basic According to basic trust type to assign queue for packets and packets with higher priority are able to send first Example This example shows how to change qos to basic mode Switch config qos basic This example shows how to change qos to disabled mode Switch confi...

Page 258: ...Global Configuration Usage Guide In QoS basic mode there are 4 trust types for device to judge the appropriate queue of the packets This command is able to switch between these trust types CoS IEEE 802 1p defined 3bits priority value in vlan tag Trust this value in packets and assign queue according to cos queue map DSCP IETF RFC2474 defined 6bits priority value in IP packet highest 6bits in ToS f...

Page 259: ...itch show qos QoS Mode basic Basic trust cos 4 21 3 qos map Command qos map cos queue dscp queue precedence queue SEQUENCE to 1 8 qos map queue cos queue precedence SEQUENCE to 0 7 qos map queue dscp SEQUENCE to 0 63 Parameter cos queue Configure or show CoS to queue map dscp queue Configure or show DSCP to queue map precedence queue Configure or show IP Precedence to queue map queue cos Configure...

Page 260: ...e showing in the following table CoS Queue ID 0 2 1 1 2 3 3 4 4 5 5 6 6 7 7 8 The default values of dscp queue are showing in the following table DSCP Queue ID 0 7 1 8 15 2 16 23 3 24 31 4 32 39 5 40 47 6 48 55 7 56 63 8 The default values of ip precedence are showing in the following table IP Precedence Queue ID 0 1 1 2 2 3 3 4 4 5 5 6 6 7 7 8 ...

Page 261: ... 1 0 2 8 3 16 4 24 5 32 6 40 7 48 8 56 The default values of queue precedence are showing in the following table Queue ID DSCP 1 0 2 1 3 2 4 3 5 4 6 5 7 6 8 7 Mode Global Configuration Usage Guide According to different trust type packets will be assigned to different queue based on the specific qos map For example if the trust type is trust cos the device will get the cos value in packet and refe...

Page 262: ...how qos map cos queue CoS to Queue mappings COS 0 1 2 3 4 5 6 7 Queue 2 1 3 4 5 6 1 1 This example shows how to map queue 4 and 5 to cos 7 Switch config qos map queue cos 4 5 to 7 Switch show qos map queue cos Queue to CoS mappings Queue 1 2 3 4 5 6 7 8 CoS 1 0 2 7 7 5 6 7 4 21 4 qos queue Command qos queue strict priority num 0 8 qos queue weight SEQUENCE show qos queueing Parameter strict priori...

Page 263: ...ict priority queue will always occupy the higher priority queue For example if you specify the strict priority number to be 2 then the queue 7 and 8 will be the strict priority queues and the others are weighted queues After you setup the number of strict priority queue you need to setup the weight for the weighted queues by using qos queue weight command And the bandwidth will shared by the weigh...

Page 264: ...y for packets by configuring the interface default cos value If there is no qos information in the packets the device will use this default cos value and find the cos queue map to get the final destination queue Use qos cos command to assign port default cos value Example This example shows how to configure default cos value 7 on interface gi1 Switch config interface GigabitEthernet 1 Switch confi...

Page 265: ...the trust type and the qos maps Otherwise all ingress packets will assign to queue 1 Use qos trust to enable trust state on interface and use no qos trust to disable trust state on interface Example This example shows how to disable qos trust state on interface gi1 Switch config interface GigabitEthernet 1 Switch config if no qos trust Switch config if end Switch show qos interface GigabitEthernet...

Page 266: ...remark the cos value to be 5 for next tier of device you can enable the cos remarking feature on fa1 and configure the queue cos map for queue 1 map to cos 5 Use qos remark command to enable remarking feature on specific type And use no qow remark command to disable it Example This example shows how to enable remarking features on interface gi1 Switch config interface GigabitEthernet 1 Switch conf...

Page 267: ...eue dscp queue precedence Parameter cos queue Show CoS to queue map dscp queue Show DSCP to queue map precedence queue Show IP Precedence to queue map queue cos Show queue to CoS map queue dscp Show queue to DSCP map queue precedence Show queue to IP Precedence map Mode Privileged EXEC Usage Guide Use show qos map command to show all kinds of mapping for qos remapping and remarking features Exampl...

Page 268: ... 6 7 7 5 7 7 7 7 7 7 8 8 8 8 6 8 8 8 8 IP Precedence to Queue mappings IP Precedence 0 1 2 3 4 5 6 7 Queue 1 2 3 4 5 6 7 8 Queue to CoS mappings Queue 1 2 3 4 5 6 7 8 CoS 1 0 2 3 4 5 6 7 Queue to DSCP mappings Queue 1 2 3 4 5 6 7 8 DSCP 0 8 16 24 32 40 48 56 Queue to IP Precedence mappings Queue 1 2 3 4 5 6 7 8 ipprec 0 1 2 3 4 5 6 7 4 21 10 show qos interface Command show qos interface IF_PORTS P...

Page 269: ...w qos interfaces command to show port default cos remarking state and remarking type state informations Example This example shows how to show qos configurations on interface gi1 Switch show qos interface GigabitEthernet 1 Port CoS Trust State Remark Cos Remark DSCP Remark IP Prec gi1 7 enabled disabled disabled disabled ...

Page 270: ...it ingress burst Global Configuration mode command to limit the incoming traffic rate for all ports Use the no form of this command to disable the rate limit Use the rate limit egress burst Global Configuration mode command to configure the egress ports or queue shaper Use the no form of this command to disable the shaper You can verify your setting by entering the show running config Privileged E...

Page 271: ...speed 1 8 Specify the egress shaper queue number Mode Interface Configuration Usage Guide Use the rate limit ingress Interface Configuration mode command to limit the incoming traffic rate on a port Use the no form of this command to disable the rate limit Use the rate limit egress Interface Configuration mode command to configure the egress port or queue shaper Use the no form of this command to ...

Page 272: ...if rate limit ingress 128 Switch config if rate limit egress 2048 Switch config if rate limit egress queue 1 512 Switch show running config interfaces gi7 interface gi7 rate limit ingress 128 rate limit egress 2048 165 rate limit egress queue 1 512 ...

Page 273: ... Global Configuration Usage Guide Use the rmon alarm command to add or modify a RMON alarm entry Use the no form of this command to delete Example The example shows how to add RMON event entry with log and trap action and then modify it action to log only You can verify settings by the following show rmon event command switch config rmon event 1 log trap public description test owner admin switch ...

Page 274: ...127octets pkts128to255octets pkts256to511octets pkts512to1023octets pkts1024to1518octets 1 2147483647 absolute delta rising 0 2147483647 0 65535 falling 0 2147483647 0 65535 startup rising rising falling falling owner NAME no rmon alarm 1 65535 Parameter 1 65535 Specify alarm index to create or modify IF_PORT Specify the interface to sample drop events octets pkts broadcast pkt s multicast pkts cr...

Page 275: ...on Usage Guide Use the rmon event command to add or modify a RMON event entry Before add alarm entry at least one event entry must be added Use the no form of this command to delete Example The example shows how to add RMON alarm entry that sample interface fa1 packets delta count every 300 seconds Trigger event index 1 if over than rising threshold 10000 trigger event index 2 if lower than fallin...

Page 276: ...val 1 3600 owner NAME no rmon history 1 65535 Parameter 1 65535 Specify history index to create or modify IF_PORT Specify the interface to sample bucket 1 65535 Optional Specify the maximum number of buckets interval 1 3600 Optional Specify time interval for each sample owner NAME Optional Specify owner of history Mode Global Configuration Usage Guide Use the rmon history command to add or modify ...

Page 277: ... Rmon History Bucket 50 Rmon history Interval 30 Rmon History Owner admin 4 23 4 clear rmon interfaces statistics Command clear rmon interfaces IF_PORTS statistics Parameter IF_PORTS specifies ports to clear Mode Global Configuration Usage Guide Use the clear rmon interfaces statistics command to clear RMON etherStat statistics those are recorded on interface Example The example shows how to clear...

Page 278: ...ollisions 0 etherStatsPkts64Octets 0 etherStatsPkts65to127Octets 0 etherStatsPkts128to255Octets 0 etherStatsPkts256to511Octets 0 etherStatsPkts512to1023Octets 0 etherStatsPkts1024to1518Octets 0 4 23 5 show rmon event Command show rmon event 1 65535 all Parameter 1 65535 specifies event index to show all Show all existed event Mode Global Configuration Usage Guide Use the show rmon event command to...

Page 279: ...st Sent Rmon Event Owner admin 4 23 6 show rmon event log Command show rmon event 1 65535 log Parameter 1 65535 specifies event index to show event log Mode Global Configuration Usage Guide Use the show rmon event log command to show log triggered by RMON alarm Example The example shows how to show rmon event log switch config show rmon event 1 log Index 1 Alarm Index 1 Action Startup Falling Time...

Page 280: ...alarm entry Switch config rmon alarm 1 interface gi1 pkts 300 delta rising 10000 1 falling 100 1 startup rising falling owner admin Rmon Alarm Index 1 Rmon Alarm Sample Interval 300 Rmon Alarm Sample Interface gi1 Rmon Alarm Sample Variable Pkts Rmon Alarm Sample Type delta Rmon Alarm Type Rising or Falling Rmon Alarm Rising Threshold 10000 Rmon Alarm Rising Event 1 Rmon Alarm Falling Threshold 10...

Page 281: ...itch config show rmon history 1 Rmon History Index 1 Rmon Collection Interface gi1 Rmon History Bucket 50 Rmon history Interval 30 Rmon History Owner admin 4 23 9 show rmon history statistics Command show rmon history 1 65535 statistic Parameter 1 65535 specifies history index to show history statistic Mode Global Configuration Usage Guide Use the show rmon history statistic command to show statis...

Page 282: ...Pkts 9 MulticastPkts 0 CRCAlignErrors 0 UnderSizePkts 0 OverSizePkts 0 Fragments 0 Jabbers 0 Collisions 0 Utilization 1 Sample Index 1 Interval Start 32939462 3 days 19 29 54 62 DropEvents 0 Octets 220 Pkts 3 BroadcastPkts 1 MulticastPkts 0 CRCAlignErrors 0 UnderSizePkts 0 OverSizePkts 0 Fragments 0 Jabbers 0 Collisions 0 Utilization 0 ...

Page 283: ...p will enable snmp The configure can use show snmp Example The following example specifies that set global snmp test Switch config snmp Switch show snmp SNMP is enabled 4 24 2 snmp trap Command no snmp trap auth linkUpDown warm start cold start port security Default snmp trap auth snmp trap linkUpDown snmp trap warm start snmp trap cold start ...

Page 284: ...mp trap Example The following example specifies that set trap auth disable test Switch config no snmp auth Switch show snmp trap SNMP auth failed trap Disable SNMP linkUpDown trap Enable SNMP warm start trap Enable SNMP cold start trap Enable SNMP port security trap Enable 4 24 3 snmp view Command snmp view NAME subtree OID oid mask all MASK viewtype included excluded no snmp view NAME subtree all...

Page 285: ...e 1 3 6 1 2 1 1 oid mask all viewtype included Switch show snmp view View Name Subtree OID OID Mask View Type all 1 all included systemView 1 3 6 1 2 1 1 all included 4 24 4 snmp access group Command snmp group NAME version 1 2c 3 noauth auth priv read view NAME write view NAME notify view NAME no snmp group NAME security mode version 1 2c 3 Parameter NAME Access group name 1 2c 3 Access model for...

Page 286: ...ig snmp group group2 version 2c noauth read view all write view all Switch config snmp group group3 version 3 auth read view all write view all Switch show snmp group Group Name Model Level ReadView WriteView NotifyView group1 v1 noauth all group2 v2c noauth all all group3 v3 auth all all 4 24 5 snmp community Command snmp community NAME view NAME ro rw snmp community NAME group NAME no snmp commu...

Page 287: ... community to check Example The following example specifies that configure community test Switch config snmp communit public rw Switch config snmp communit test1 view all ro Switch config snmp group group2 version 2c noauth read view all write view Switch config snmp community test2 group group2 Switch show snmp comunity Commnunity Name Group Name View Access public all rw test2 group2 test1 all r...

Page 288: ... can use show snmp user to check Example The following example specifies that set auth snmp user test Switch config snmp group group3 version 3 auth read view all write view all Switch config snmp user user1 group3 auth md5 12345678 Switch show snmp user Username user1 Password Privilege Mode rw Access GroupName group3 Authentication Protocol md5 Encryption Protocol none Access SecLevel auth 4 24 ...

Page 289: ...DBEEF0114 IP address Remote SNMP engineID 192 168 1 100 112233445566 4 24 8 snmp host Command snmp host A B C D X X X X HOSTNAME traps informs version 1 2c NAME udp port 1 65535 timeout 1 300 retries 1 255 snmp host A B C D X X X X HOSTNAME traps informs version 3 auth noauth priv NAME udp port 1 65535 timeout 1 300 retries 1 255 no snmp host A B C D X X X X HOSTNAME traps informs version 1 2c 3 P...

Page 290: ...how snmp host to check Example The following example specifies that snmp community configure test Switch config snmp community public ro Switch config snmp community private rw Switch config snmp group group3 version 3 auth read view all write view all Switch config snmp user user1 group3 auth md5 12345678 Switch config snmp host 192 168 1 100 version 2c public Switch config snmp host 192 168 1 10...

Page 291: ...ow snmp trap Command show snmp trap Mode privileged mode Usage Guide This command will display snmp trap class auth linkupdown cold start warm start port security Status Example The following example specifies that display snmp trap test Switch show snmp trap 4 24 11 show snmp view Command show snmp view Mode privileged mode Usage Guide This command will display the snmp view entry ...

Page 292: ...e privileged mode Usage Guide This command will display the snmp group Example The following example specifies that display snmp group test Switch show snmp group 4 24 13 show snmp community Command show snmp community Mode privileged mode Usage Guide This command will display the snmp community entry Example The following example specifies that display snmp community test ...

Page 293: ...command will display the snmp host entry Example The following example specifies that display snmp host test Switch show snmp host 4 24 15 show snmp user Command show snmp user Mode privileged mode Usage Guide This command will display the snmp user entry Example The following example specifies that display snmp user test Switch show snmp user ...

Page 294: ...w snmp engineid Command show snmp engineid Mode privileged mode Usage Guide This command will display the snmp local remote engine id Example The following example specifies that display snmp local remote engine id test Switch show snmp engineid ...

Page 295: ...e Guide Storm control mechanism will try to calculate ingress packets is exceed configured rate or not and do corresponding action This command allows you to change the unit of calculating method Example This example shows how to configure storm control rate unit as pps Switch config storm control unit pps This example shows how to show storm control global configuration Switch show storm control ...

Page 296: ...ress packets is exceed configured rate or not and do corresponding action This command allows you to decide to include exclude the preamble and inter frame gap into the calculating or not Example This example shows how to configure storm control rate unit as pps Switch config storm control ifg include This example shows how to show storm control global configuration Switch show storm control Storm...

Page 297: ...rface Configuration Usage Guide Storm control function is able to enable disable on each single port Use the storm control command to enable storm control feature on the selected ports And use no storm control command to disable storm control feature Not only port is able to enable disable on the port Each storm control type is also able to enable disable on each single port Use the storm control ...

Page 298: ...rm control action drop shutdown no storm control action Parameter drop shutdown Storm control action for drop flood router port Default Default storm control action is drop Mode Interface Configuration Usage Guide The storm control mechanism allows you to drop packets which exceed storm control rate or just shutdown port Use no form to restore to default action Example This example shows how to co...

Page 299: ... control command to show all storm control related configurations including global configuration and per port configurations Use show storm control interface command to show selected port storm control configurations Example This example shows how to show storm control global configuration Switch show storm control Storm control preamble and IFG Excluded Storm control unit pps This example shows h...

Page 300: ...Command Guide of WGSW 28040 300 fa1 enable 200 Off 10000 Off 10000 Shutdown ...

Page 301: ...nd disable Switch configure Switch config spanning tree Switch config exit Switch show spanning tree Spanning tree enabled mode RSTP Default port cost method long Root ID Priority 32768 Address 00 03 4F 28 55 00 This switch is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Number of topology changes 1 last change occurred 01 49 43 ago Times hold 0 topology change 0 notification 0 he...

Page 302: ...du flooding Mode Global Configuration Usage Guide Configure the BPDU forwarding action when STP is disabled Example This example sets the BPDU forwarding action to filtering Switch configure Switch config no spanning tree Switch config spanning tree bpdu filtering Switch config exit Switch show spanning tree Spanning tree disabled BPDU filtering mode RSTP Default port cost method long Switch 4 26 ...

Page 303: ...nd Example This example sets STP mode to STP Classic Spanning Tree Protocol Switch configure Switch config spanning tree mode stp Switch config exit Switch show spanning tree Spanning tree enabled mode STP Default port cost method long Root ID Priority 32768 Address 00 30 4F 28 55 00 This switch is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Number of topology changes 1 last chan...

Page 304: ...ts the bridge priority to 16384 Switch configure Switch config spanning tree priority 16384 Switch config exit Switch show spanning tree Spanning tree enabled mode RSTP Default port cost method long Root ID Priority 16384 Address 00 30 4F 28 55 00 This switch is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Number of topology changes 2 last change occurred 00 03 37 ago Times hold 0...

Page 305: ...s the BPDU hello time to 5 sec Switch configure Switch config spanning tree hello time 5 Switch config exit Switch show spanning tree Spanning tree enabled mode RSTP Default port cost method long Root ID Priority 16384 Address 00 30 4F 28 55 00 This switch is the root Hello Time 5 sec Max Age 20 sec Forward Delay 15 sec Number of topology changes 2 last change occurred 00 00 01 ago Times hold 0 to...

Page 306: ...mand configures the maximum hops value for MSTP The configuration could be shown by show spanning tree command Example This example sets the max hops to 15 Switch configure Switch config spanning tree max hops 15 4 26 7 spanning tree forward delay Command spanning tree forward delay 4 30 Parameter 4 30 Specify the forward delay interval second Default spanning tree forward delay 15 Mode Global Con...

Page 307: ...4 26 8 spanning tree maximum age Command spanning tree maximum age 6 40 Parameter 6 40 Specify the maximum age time second Default spanning tree maximum age 20 Mode Global Configuration Usage Guide This command configures the BPDU maximum age interval second The configuration could be shown by show spanning tree command Example This example sets the BPDU maximum age to 10 sec Switch configure Swit...

Page 308: ...ing tree tx hold count 10 4 26 10 spanning tree pathcost method Command spanning tree pathcost method long short Parameter long Specify the type of pathcost value to 32 bits long short Specify the type of pathcost value to 16 bits short Default spanning tree pathcost method long Mode Global Configuration Usage Guide This command configures the BPDU pathcost value type to 16bits short or 32 bits lo...

Page 309: ...8 Mode Port Configuration Usage Guide This command per port configures the STP port priority The configuration could be shown by show spanning tree interface command Example This example sets port gi1 STP port priority to 64 Switch configure Switch config interface gi1 Switch config if spanning tree port priority 64 4 26 12 spanning tree cost Command spanning tree cost 0 200000000 Parameter 0 2000...

Page 310: ...to 100 Switch configure Switch config interface gi1 Switch config if spanning tree cost 100 4 26 13 spanning tree edge Command spanning tree edge no spanning tree edge Mode Port Configuration Usage Guide This command per port configures the STP edge port function The configuration could be shown by show spanning tree interface command Example This example sets port gi1 STP edge port to enable Swit...

Page 311: ...command Example This example sets port gi1 STP BPDU Filter status to enable Switch configure Switch config interface gi1 Switch config if spanning tree bpdu filter 4 26 15 spanning tree bpdu guard Command spanning tree bpdu guard no spanning tree bpdu guard Mode Port Configuration Usage Guide This command per port configures the STP BPDU Guard status The configuration could be shown by show spanni...

Page 312: ...ecify the STP port link type to Point to Point or Shared medium Mode Port Configuration Usage Guide This command per port configures the STP port link type The configuration could be shown by show spanning tree interface command Example This example sets port gi1 STP port link type to be Shared Switch configure Switch config interface gi1 Switch config if spanning tree link type shared 4 26 17 spa...

Page 313: ...lobal Configuration Usage Guide This command configures the MSTP Configuration ID The configuration could be shown by show spanning tree mst configuration command Example This example sets MSTP Configuration ID name to Region1 revision to 123 and VLAN 100 mapped to instance 1 Switch configure Switch config spanning tree mst configuration Switch config mst name Region1 Switch config mst revision 12...

Page 314: ... spanning tree mst 0 priority 32768 Mode Global Configuration Usage Guide This command configures the MST instance priority The configuration could be shown by show spanning tree mst command Example This example sets the priority of MST instance 1 to 4096 Switch configure Switch config spanning tree mode mstp Switch config spanning tree mst 1 priority 4096 4 26 19 spanning tree mst cost Command sp...

Page 315: ...ce command Example This example sets port gi1 STP pathcost of MST instance 1 to 100 Switch configure Switch config interface gi1 Switch config if spanning tree mst 1 cost 100 4 26 20 spanning tree mst port priority Command spanning tree mst 0 15 priority 0 240 Parameter 0 15 Specify the MST instance ID to configure 0 240 Specify the STP port priority It must multiples of 16 Default spanning tree m...

Page 316: ...le sets port gi1 MST port priority of MST instance 0 to 32 Switch configure Switch config interface gi1 Switch config if spanning tree mst 1 cost 0 Switch config if exit Switch config interface gi1 Switch config if spanning tree mst 1 port priority 32 ...

Page 317: ...mand to select the active firmware image And another firmware image will become a backup one Example This example shows how to select image1 as active image Switch config boot system image1 Select image1 Success This example shows how to show active image partition Switch show flash File Name File Size Modified startup config 1191 2000 01 01 00 00 23 rsa1 974 2000 01 01 00 00 18 rsa2 1675 2000 01 ...

Page 318: ...nning configuration to startup configuration Switch save Success 4 27 3 copy Command copy flash tftp flash tftp copy tftp backup config running config startup config copy backup config running config startup config tftp copy backup config startup config running config copy backup config running config startup config copy running config startup config backup config Parameter flash Specify the file ...

Page 319: ...g these copy commands we can upgrade backup following type of files Firmware Image Configuration Files Syslog Files Example This example shows how to copy running configuration to startup configuration Switch copy running config startupst config This example shows how to backup running configuration to remote tftp server 192 168 111 with file name test1 cfg Switch copy running config tftp 192 168 ...

Page 320: ...sh to delete Available files are flash startup config flash backup config startup config Delete startup configuration file backup config Delete backup configuration file image0 Delete flash image0 Image1 Delete flash image1 Mode Privileged EXEC Usage Guide Use delete command to delete configuration files or use delete system command to delete firmware image stored in flash The delete startup confi...

Page 321: ... all system The command is equal to delete startup config Example This example shows how to restore factory defaults Switch restore defaults Restore Default Success Do you want to reboot now y n n 4 27 6 show config Command show running config startrup config backup config Parameter running config Show running configuration on terminal startrup config Show startup configuration on terminal backup ...

Page 322: ...ystem Version v2 5 0 beta 32811 System Name SwitchEF0102 System Up Time 0 days 5 hours 23 mins 42 secs username privilege user secret dnXencJRwflV6 username admin secret FzjrGO6vfbERY voice vlan vpt 0 voice vlan dscp 0 4 27 7 show flash Command show flash Mode Privileged EXEC Usage Guide Use show flash command to show all files status which stored in flash Example This example shows how to show al...

Page 323: ...Command Guide of WGSW 28040 323 startup config 1191 2000 01 01 00 00 23 image0 active 4372401 2012 09 24 01 57 29 image1 backup 0 ...

Page 324: ...of year month day hour minute second Mode Global Configuration Usage Guide Use the clock set command to set static time The static time won t save to configuration file Example The example shows how to set static time of switch You can verify settings by the following show show clock command switch clock set 11 03 00 sep 21 2012 11 03 00 DFL UTC 8 Sep 21 2012 switch show clock 11 03 21 DFL UTC 8 S...

Page 325: ...nd to set timezone setting Use the no form of this command to default setting Example The example shows how to set time zone of switch and then restore to default time zone You can verify settings by the following show show clock command switch config clock timezone test 5 switch config show clock detail 10 13 27 test UTC 5 Sep 21 2012 No time source Time zone Acronym is test Offset is UTC 5 switc...

Page 326: ...s that use remote SNTP server Use the no form of this command to default setting Example The example shows how to set clock source of switch You can verify settings by the following show show clock command switch config clock source sntp switch config show clock detail 08 32 12 test UTC 5 Sep 21 2012 No time source Time zone Acronym is DFL Offset is UTC 8 4 28 4 clock summer time Command clock sum...

Page 327: ...the first Sunday of November eu Using daylight saving time in the Europe that starts on the last Sunday in March and ending on the last Sunday in October 1 5 first last sun mon tue wed t hu fri sat jan feb mar apr ma y jun jul aug sep oc t nov dec HH MM Specify ecurring daylight saving time duration Mode Global Configuration Usage Guide Use the clock summer time command to set daylight saving time...

Page 328: ...tail Parameter detail Show more detail information of clock Mode Global Configuration Usage Guide Use the show clock command to show clock of switch The detail means that show more information of clock such as time zone and daylight saving time Example The example shows how to show clock of switch and detail information Switch config clock source sntp Switch config clock summer time DLS recurring ...

Page 329: ...ameter HOSTNAME Specify ip address or hostname of sntp server port 1 65535 Specify server port of sntp server Mode Global Configuration Usage Guide Use the sntp command to set remote SNTP server Default server port is 123 Use the no form of this command to default setting Example The example shows how to set remote SNTP server of switch You can verify settings by the following show show sntp comma...

Page 330: ... port 123 4 28 7 show sntp Command show sntp Mode Global Configuration Usage Guide Use the show sntp command to remote SNTP server information Example The example shows how to show remote SNTP server Switch config show sntp SNTP is Enabled SNTP Server address 192 168 1 100 SNTP Server port 123 ...

Page 331: ...y Using vlan command to entry the VLAN configuration mode Example The following example creates and removes a VLAN entry 100 Switch configure Switch config vlan 100 Switch config vlan exit Switch config no vlan 100 Switch config exit Switch 4 29 2 vlan name Command vlan name NAME Parameter NAME Specify the name of the VLAN Max 32 chars Mode ...

Page 332: ...e VLAN mode to Hybrid port trunk Specify the VLAN mode to Trunk port uplink Specify the Uplink property on this Trunk port tunnel Specify the VLAN mode to Dot1Q Tunnel port Default Switchport mode trunk Mode Port Configuration Usage Guide The VLAN mode is used to configure the port for different port role Access port Accepts only untagged frames and join an untagged VLAN Hybrid port Support all fu...

Page 333: ...id 1 4094 Parameter 1 4094 Specify the port based VLAN ID on the Hybrid port Default switchport hybrid pvid 1 Mode Port Configuration Usage Guide This command configures the hybrid port s PVID The configuration could be shown by show interface switchport command Example This example sets PVID to 100 Switch configure Switch config interface gi10 Switch config if switchport mode hybrid Switch config...

Page 334: ... configure Switch config interface gi10 Switch config if switchport mode hybrid Switch config if switchport hybrid ingress filtering 4 29 6 switchport hybrid acceptable frame type Command switchport hybrid acceptable frame type all tagged only untagged only Parameter all Specify to accept all frames tagged only Specify to only accept tagged frames untagged only Specify to only accept untagged fram...

Page 335: ... tagged untagged Parameter VLAN LIST Specifies the VLAN list to be added tagged untagged Specifies the member type to tagged or untagged Mode Port Configuration Usage Guide This command per hybrid port configures to add the allowed VLAN list The configuration could be shown by show interface switchport command Example This example sets port fa10 VLAN to join the VLAN 100 as tagged member Switch co...

Page 336: ... sets port fa10 VLAN to leave the VLAN 100 Switch configure Switch config interface gi10 Switch config if switchport hybrid allowed vlan remove 100 4 29 9 switchport access vlan Command switchport access vlan 1 4094 Parameter 1 4094 Specifies the access VLAN ID Mode Port Configuration Usage Guide This command per Access port configures the native VLAN ID The configuration could be shown by show in...

Page 337: ...ation could be shown by show interface switchport command Example This example sets Tunnel port gi10 native VLAN to 100 Switch configure Switch config interface gi10 Switch config if switchport mode tunnel Switch config if switchport tunnel vlan 100 4 29 11 switchport trunk native vlan Command switchport trunk native vlan 1 4094 Mode Port Configuration Usage Guide The command per Trunk port config...

Page 338: ...rameter add remove Specify the action to add or remove the allowed VLAN list VLAN LIST all Specify the VLAN list or all VLANs to be added or removed Mode Port Configuration Usage Guide The command per Trunk port configures the allowed VLAN list The configuration could be shown by show interface switchport command Example This example sets Trunk port gi10 to add the allowed VLAN 100 Switch configur...

Page 339: ...figure Switch config interface gi10 Switch config if switchport default vlan tagged 4 29 14 switchport forbidden default vlan Command switchport forbidden default vlan no switchport forbidden default vlan Mode Port Configuration Usage Guide The command per port configures the membership of the default VLAN to forbidden The configuration could be shown by show interface switchport command Example T...

Page 340: ...gures the membership of the specfied VLANs to forbidden The configuration could be shown by show interface switchport command Example This example sets the membership of the VLAN 100 with port fa10 to forbidden Switch configure Switch config interface gi10 Switch config if switchport forbidden vlan add 100 4 29 16 management vlan Command management vlan vlan 1 4094 no management vlan Parameter 1 4...

Page 341: ...le The following example specifies that management vlan 2 is created Switch config management vlan vlan 2 4 29 17 show management vlan Command show management vlan Parameter login Add Edit login authentication list enable Add Edit enable authentication list default Edit default authentication list Mode Global Configuration Usage Guide Display information about management vlan Example The following...

Page 342: ...dd protocol vlan group with spefied proto type and value Use the no form of this command to remove protocol vlan group setting You can verify your setting by entering the show vlan proto vlan Privileged EXEC command Example The following example show how to configure protocol vlan group Switch config vlan protocol vlan group 1 frame type ethernet_ii protocol value 0x806 Switch config vlan protocol...

Page 343: ...ocol VLAN Group on specified interfaces Use the no form of this command to cancel protocol VLAN Group Binding You can verify your setting by entering the show vlan protocol vlan interfaces IF_PORTS Privileged EXEC command Example The following example how to configure Protocol VLAN function on specified interfaces Switch config interface gi1 Switch config if vlan protocol vlan group 1 vlan 2 Switc...

Page 344: ...nabled Ethernet 0x0806 2 Enabled LLC other 0x0800 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled 4 29 21 show protocol vlan interfaces Command show vlan protocol vlan interfaces IF_PORTS Parameter IF_PORTS Specify interfaces protocol vlan to display Mode Privileged EXEC Usage Guide Use the show vlan mac vlan interface command in EXEC mode to display the Protocol VLAN interfaces ...

Page 345: ...n protocol vlan interfaces gi1 Port gi1 Group 1 Status Enabled VLAN ID 2 Group 2 Status Enabled VLAN ID 3 Group 3 Status Disabled Group 4 Status Disabled Group 5 Status Disabled Group 6 Status Disabled Group 7 Status Disabled Group 8 Status Disabled ...

Page 346: ...vice Use the no form of this command to disable voice vlan function You can verify your setting by entering the show voice vlan Privileged EXEC command Example The following example shows how to change voice vlan state from auto to oui mode Switch config no voice vlan Switch config voice vlan cos 6 4 30 2 voice vlan id Command voice vlan vlan 1 4094 Parameter 1 4094 Specify the voice VLAN ID Mode ...

Page 347: ...B C DESCRIPTION no voice vlan oui table A B C Parameter A B C Specify OUI Mac address to add or remove DESCRIPTION Specify description of the specified MAC address to the voice VLAN OUI table Mode Global Configuration Usage Guide Use the voice vlan oui table global configuration command to add oui mac address to OUI Table Use the no form of this command to remove all or specified oui mac address Y...

Page 348: ...n You can verify your setting by entering the show voice vlan Privileged EXEC command Example The following example show how to set cos value and enable 1p remark function Switch config voice vlan cos 7 remark 4 30 5 voice vlan aging time Command voice vlan aing time 30 65536 Parameter 30 65536 Specify the voice VLAN aging timeout interval in minutes Default The default aging timeout value is 1440...

Page 349: ...ckets that are classified to the Voice VLAN Default The defaultall port in Src mode Mode Interface Configuration Usage Guide Use the voice vlan cos mode Interface configuration command to configure OUI voice VLAN cos mode configuration on an interface You can verify your setting by entering the show voice vlan interfaces Privileged EXEC command Example The following example how to configure voice ...

Page 350: ...g example how to enable voice VLAN function in oui mode on an interface Switch config interface range gi1 3 Switch config if voice vlan 4 30 8 show voice vlan Command show voice vlan show voice vlan interfaces IF_PORTS Parameter IF_PORTS Specifies intefaces to display voice VLAN settings in oui mode Mode Privileged EXEC Usage Guide Use the show voice vlan command in EXEC mode to display the voice ...

Page 351: ...LAN CoS 5 Voice VLAN 1p Remark enabled Switch show voice vlan interfaces gi1 Voice VLAN Aging 720 minutes Voice VLAN CoS 5 Voice VLAN 1p Remark enabled OUI table OUI MAC Description 00 E0 BB 3COM 00 03 6B Cisco 00 E0 75 Veritel 00 D0 1E Pingtel 00 01 E3 Siemens 00 60 B9 NEC Philips 00 0F E2 H3C 00 09 6E Avaya Port State Cos Mode gi1 Disabled Src ...

Reviews: