Ruijie Networks RG-S2600E Series Cli Reference Manual Download Page 892

Page: 892 / 1191

S2600E CLI Reference Guide Chapter 1 ACL Configuration Commands

destination-wildcard

host destination

any

} {

host destination-mac-address

any

} [

precedence

precedence

] [

tos

tos

] [

fragment

] [

range

lower

upper

]

[

time-range time-range-name

]

Extended expert ACLs of some important protocols:



Internet Control Message Protocol

(ICMP)

[

]

deny icmp

[[

VID

[

out

][

inner in

]]] {

source source-wildcard

host source

any

} {

host source-mac-address

any

} {

destination

destination-wildcard

host

destination

any

} {

host destination-mac-address

any

} [

icmp-type

]

[[

icmp-type

[

icmp-code

]] | [

icmp-message

]] [

precedence precedence

] [

tos

tos

] [

fragment

] [

time-range

time-range-name

]



Transmission Control Protocol

(TCP)

[

]

deny tcp

[[

VID

[

out

][

inner in

]]]{

source

source-wildcard

host

Source

any

} {

host source-mac-address

any

} [

operator

port

[

port

]] {

destination

destination-wildcard

host

destination

any

} {

host destination-mac-address

any

} [

operator port

[

port

]] [

precedence

precedence

] [

tos tos

] [

fragment

]

[

range

lower

upper

] [

time-range time-range-name

] [

match-all tcp-flag

]



User Datagram Protocol

(UDP)

[

]

deny udp

[[

VID

[

out

][

inner in

]]]{

source source –wildcard

host source

any

} {

host source-mac-address

any

} [

operator

port

[

port

]] {

destination

destination-wildcard

host destination

any

}{

host

destination-mac-address

any

} [

operator port

[

port

]] [

precedence

precedence

] [

tos

tos

] [

fragment

] [

range

lower

upper

] [

time-range

time-range-name

]



Address Resolution Protocol (ARP)

[

]

deny arp

{

vid vlan-id

}[

source-mac-address source-wildcard |host

source-mac-address

any

] [

host

destination –mac-address

any

]

{

sender-ip sender-ip–wildcard

host

sender-ip

any

} {

sender-mac

sender-mac-wildcard

host

sender-mac

any

} {

target-ip target-ip–wildcard

host

target-ip

any

}

5. Extended IPv6 ACL

[

]

deny protocol

{

source-ipv6-prefix

prefix-length

any

host

source-ipv6-address

} {

destination-ipv6-prefix / prefix-length

any

hostdestination-ipv6-address

} [

dscp

dscp

] [

flow-label flow-label

] [

fragment

]

[

range

lower

upper

] [

time-range time-range-name

]

Summary of Contents for RG-S2600E Series

Page 1: ...CLI Reference Guide RG S2600E Series Switch RGOS 10 4 3 p1 1...

Page 2: ...party in any means are all registered trademarks of Ruijie Networks Co Ltd and are protected by law Exemption Statement This document is provided as is The contents of this document are subject to ch...

Page 3: ...th bolded characters 2 Command Line Format Convention Arial is used as the font for the command line The meanings of specific formats are described below Bold Key words in the command line which shall...

Page 4: ...ioned in the examples of this manual may not be consistent with the actual ones In real network environments you need configure port types according to the support on various products The display info...

Page 5: ...Basic Configuration...

Page 6: ...de alias mode command alias original command no alias mode command alias Parameter Description mode Mode of the command represented by the alias command alias Alias of the command Parameter descriptio...

Page 7: ...s also has its help information that is displayed after in the following format command alias original command For example in the privileged EXEC mode the default alias s stands for show You can enter...

Page 8: ...ig def route ip route 0 0 0 0 0 0 0 0 192 168 1 1 Ruijie config def route def route ip route 0 0 0 0 0 0 0 0 192 168 1 1 Ruijie config end Ruijie show aliases config globle configure mode alias def ro...

Page 9: ...onfiguration mode you can use privilege to list all CLI command modes that can be authorized Mode Descripton config Global configuration mode exec Privileged EXEC mode interface Interface configuratio...

Page 10: ...pending reload scheme in reload after a time interval cr Command Description Related commands enable secret Set CLI level password 1 3 show aliases To display all the command aliases or aliases in spe...

Page 11: ...0E P CLI Reference Guide Chapter 1 CLI Authorization Configuration Commands exec mode alias h help p ping s show u undebug un undebug Command Description Related commands alias Set the alias of a comm...

Page 12: ...privilege level Privilege level Command mode Privileged mode Usage guidelines Use this command to return to user mode from privileged mode If a privilege level is added the current privilege level wi...

Page 13: ...t privilege level execute the global configuration command enable password The no form of this command is used to delete the password of the specified level enable password level level password 0 7 en...

Page 14: ...lost password that has been encrypted with any method cannot be restored The only way is to reconfigure the device password Examples The example below configures the password as pw10 Ruijie config en...

Page 15: ...me as the security password an alert is provided The password must be saved in encrypted manner with simple encryption for the password type password and security encryption for the security type pass...

Page 16: ...rvice Use the no enable service command to disable the specified service Examples The example below enables the SSH Server Ruijie Config enable service ssh sesrver Command Description Related commands...

Page 17: ...y executed Caution The size of the batch file shall not exceed 128K otherwise the execution of batch files may fail For the over sized batch files you can divide them into several small files with siz...

Page 18: ...he username and password set by the local username command The user must bind to the privilege of level15 Default enable Command mode Global configuration mode Usage guidelines This command is used to...

Page 19: ...restore it to the default setting Examples The example below set the port of the HTTP service as 8080 Ruijie Config ip http port 8080 Command Description Related commands enable service Enable or disa...

Page 20: ...tion use the ip telnet source interface command in the global configuration mode ip telnet source interface interface name Keyword Description Parameter description interface name Name of the specifie...

Page 21: ...he steps below 1 Enter the lock command and the system will prompt you to enter the password 2 Enter the password which may be any string The system will prompt you to confirm the entered password and...

Page 22: ...to cancel the setting lockable no lockable Parameter description N A Command mode Line configuration mode Usage guidelines This command is used to support the terminal lock function in corresponding l...

Page 23: ...n at logon The password here is the one configured for VTY or console interface Examples The example below shows how to set the logon password authentication on VTY Ruijie config no aaa new model Ruij...

Page 24: ...orm logon authentication with radius Ruijie config aaa new model Ruijie config aaa authentication login default radius Ruijie config line vty 0 Ruijie config line login authentication default Command...

Page 25: ...figure the local user information 2 1 16 password To configure the password for line logonexecute the line configuration command password The no form of this command is used to delete the line logon p...

Page 26: ...ommands Command mode Please refer to the chapter of configure CLI authorization commands Usage guidelines Please refer to the chapter of configure CLI authorization commands Examples Please refer to t...

Page 27: ...word Set passwords of different privileges 2 1 19 telnet To log in one server which supports the telnet connection use the telnet command to log on in the EXEC privileged mode telnet host port source...

Page 28: ...telnet source interface Specify the IP address of the interface as the source address for the Telnet connection show sessions Show the currently established Telnet sessions Related commands exit Exit...

Page 29: ...d Examples The example below configures a username and password and bind the user to level 15 Ruijie config username test privilege 15 password 0 pw15 Command Description Related commands login local...

Page 30: ...er motd command banner motd c message c Parameter Description c Separator of the MOTD Delimiters are not allowed in the MOTD Parameter description message Contents of an MOTD Command mode Global confi...

Page 31: ...le in local flash as the startup config filename 2 This configuration must be used in early boot so it is saved in the Boot ROM of the device instead of the configuration file Examples The following e...

Page 32: ...1 31 of month month Month 1 12 OF year Parameter description year Year 1993 2035 abbreviation is not allowed Command mode Privileged mode Usage guidelines Use this command to set the system time to f...

Page 33: ...rdware clock still runs If hardware clock and software clock are asynchronous then software clock is more accurate Execute clock update calendar command to copy date and time of software clock to hard...

Page 34: ...s connection within specified time this connection will be interrupted and this LINE will be restored to the free status Examples The example below specifies the connection timeout is 5 30 Ruijie conf...

Page 35: ...pt string Parameter Description Parameter description string Character string of the prompt command The maximum length is 32 letters Command mode Global configuration mode Usage guidelines If you have...

Page 36: ...ut for the remote terminal established in current LINE use the session timeout command When the session timeout for the remote terminal in the LINE is cancelled the session will never be timeout sessi...

Page 37: ...the terminal For serial ports the optional rates are 9600 19200 38400 57600 and 115200 bps The default rate is 9600 bps Command mode Global configuration mode Default Configuration The default rate i...

Page 38: ...g config Command mode Privileged mode Usage guidelines Despite of the alternative command these commands have been widely used and accepted so they are reserved to facilitate user s operation The no f...

Page 39: ...name rgos bin Command Description Related commands boot system Set the filename of the boot main program Platform description 2 3 2 show clock To view the system time execute the privileged user comma...

Page 40: ...and mode Privileged mode Usage guidelines This command shows the configuration information of a line Examples The following example shows the configuration of console port Ruijie show line console 0 C...

Page 41: ...42 Reload reason test 2 3 5 show running confi g To show the configuration information current device system is running execute the privileged user command show running config show running config Comm...

Page 42: ...start time version information device information serial number etc Examples The example below shows the system information Ruijie show clock detail clock 2003 3 17 10 27 21 Clock read from calendar w...

Page 43: ...he show web server status command Ruijie show web server status http server status enabled http server port 80 https server status enabled https server port 443 2 4 Showing Configuration Example Comma...

Page 44: ...on examples therefore users can only ask for the configuration help by other means such as reading related manuals and going to our frontline engineers for help Displaying the typical configurations o...

Page 45: ...mmands Examples Note Use the language chinese english command in privileged mode to switchover the Chinese English interface Command Description Related commands view user manage Show the configuratio...

Page 46: ...ly you can enter the question mark to display the configuration help with the configuration of the next keyword or parameter and related description However users may not understand the meaning about...

Page 47: ...ation mode Usage guidelines Currently you can enter the question mark to display the configuration help with the configuration of the next keyword or parameter and related description However users ma...

Page 48: ...the keyword login login help Parameter Description Parameter description Command mode Line configuration mode Usage guidelines Currently you can enter the question mark to display the configuration h...

Page 49: ...chinese english command in privileged mode to switchover the Chinese English interface Command Description Related commands user manage help Show the typical configuration of SMNG modules Platform de...

Page 50: ...or parameter and related description However users may not understand the meaning about the description of keywords so they do not know how to continue the configuration in order to complete the confi...

Page 51: ...ion mark to display the configuration help with the configuration of the next keyword or parameter and related description However users may not understand the meaning about the description of keyword...

Page 52: ...ormation of various lines show line summary Parameter Description Parameter description Command mode Any mode Usage guidelines N A Example s Command Description Related commands user manage help Show...

Page 53: ...ral commands are needed for showing various status information that the user want which is not convenient for users Users want to see various main statuses after the configuration So showing the infor...

Page 54: ...S2600E P CLI Reference Guide Chapter 2 Switch Management Configuration Commands user manage help Show the typical configuration of SMNG modules Platform description...

Page 55: ...the SSH server does not generate a public key Command mode Global configuration mode Usage guidelines When you need to enable the SSH Server service use this command to generate a public key on the S...

Page 56: ...3 1 2 crypto key zeroize In global configuration mode use this command to delete the public key on the SSH server crypto key zeroize rsa dsa Parameter Description rsa Delete the RSA key Parameter des...

Page 57: ...ing ip ssh authentication retries retry times no ip ssh authentication retries Parameter Description Parameter description retry times Authentication retry times Default configuration The default auth...

Page 58: ...description time Authentication timeout Default configuration The timeout value is 120s by default Command mode Global configuration mode Usage guidelines The authentication is considered timeout and...

Page 59: ...only The no ip ssh version command can also be used to restore it to the default setting Command mode Global configuration mode Usage guidelines This command is used to configure the SSH connection p...

Page 60: ...Privileged EXEC mode Usage guidelines You can disconnect a SSH connection by entering the ID of the SSH connection or disconnect a SSH connection by entering the specified VTY connection ID Only conn...

Page 61: ...Default configuration N A Command mode Privileged EXEC mode Usage guidelines This command is used to show the information about the public key part of the generated public key on the SSH Server inclu...

Page 62: ...e SSH version is still unavailable even if this SSH version has been configured Examples Ruijie show ip ssh Command Description ip ssh version 1 2 Configure the version for the SSH Server ip ssh time...

Page 63: ...ples Ruijie show ssh Related commands N A Version description The software version must be RGOS10 1 and higher 3 3 Showing Configuration Example Commands 3 3 1 ssh help Use this command to show the ty...

Page 64: ...reading related manuals and going to our frontline engineers for help Displaying the typical configurations provides the corresponding help about the quick basic deployment of certain security functi...

Page 65: ...mands displayed Use the language chinese english command in the global configuration mode to switchover the interface between Chinese and English Command Description Related commands view ssh Show the...

Page 66: ...on N A Command mode Global configuration mode Usage guidelines Currently you can enter the question mark to display the configuration help with the configuration of the next keyword or parameter and r...

Page 67: ...nning with the keyword ip ssh ip ssh help Parameter Description Parameter description Default configuration N A Command mode Global configuration mode Usage guidelines Currently you can enter the ques...

Page 68: ...hinese and English Command Description Related commands ssh help Show the typical configuration information about ssh modules Platform description 3 5 Showing Main Status Commands 3 5 1 view ssh Use t...

Page 69: ...nformation of this function And several commands are involved for showing various status information that the user want which is not convenient for users Users want to see various main statuses after...

Page 70: ...access list number access list name in out Parameter Description access list number access list name Specify the ACL defined by access list in Perform access control over the incoming connections Par...

Page 71: ...Show status information Version description The software version must be later than RGOS10 1 4 1 2 line To enter the specified LINE mode use the following command line aux console tty vty first line...

Page 72: ...Global configuration mode Usage guidelines When you need to increase or decrease the number of available VTY connections use the above commands Examples Increase the number of available VTY connection...

Page 73: ...transport input command to restore the setting to the default value Command mode Line configuration mode Usage guidelines This command is used to set the protocols in the Line mode that are available...

Page 74: ...E P CLI Reference Guide Chapter 4 LINE Configuration Commands Command Description Related commands show running Show status information Version description The software version must be later than RGOS...

Page 75: ...address Specifies an IPv4 address length Specifies the length of the packet to be sent times Specifies the number of packets to be sent seconds Specifies the timeout time data Specifies the data to f...

Page 76: ...nd For the extension functions of ping the number quantity and timeout time of the packets to be sent can be specified and the statistics is also displayed in the end To use the domain name function c...

Page 77: ...ription Ipv6 address Specifies an IPv6 address length Specifies the length of the packet to be sent times Specifies the number of packets to be sent seconds Specifies the timeout time data Specifies t...

Page 78: ...time of the packets to be sent can be specified and the statistics is also displayed in the end To use the domain name function configure the domain name server firstly For the concrete configuration...

Page 79: ...the traceroute command to test the connectivity of a network to exactly locate the network connectivity problem when the network failure occurs To use the function domain name configure the domain na...

Page 80: ...msec 24 msec 12 202 97 37 65 32 msec 24 msec 24 msec 13 202 97 38 162 52 msec 52 msec 224 msec 14 202 96 12 38 84 msec 52 msec 52 msec 15 202 106 192 226 88 msec 52 msec 52 msec 16 202 106 192 174 52...

Page 81: ...ription Ipv6 address Specifies an IPv6 address number Specifies the number of probe packets to be sent seconds Specifies the timeout time Parameter description minimum maximum Specifies the minimum an...

Page 82: ...s sent to the host with an IP address of 3004 1 gateways 1 4 and the spent time are displayed Such information is helpful for network analysis 2 When some gateways in the network fail Ruijie tracerout...

Page 83: ...Ethernet Switching...

Page 84: ...mode execute the carrier delay command to set the carrier delay on the interface and the no carrier delay command to restore it to the default value carrier delay seconds no carrier delay Parameter De...

Page 85: ...should set the parameter to a higher value to avoid unnecessary route vibration Examples The following example shows how to configure the carrier delay of serial interface to 5 seconds Ruijie config i...

Page 86: ...regate port This command is equal to the shutdown and no shutdown commands Examples Ruijie clear interface gigabitethernet 1 1 Command Description Related commands shutdown Shutdown the interface 1 1...

Page 87: ...ng duplex auto full half no duplex Parameter Description auto Self adaptive full duplex and half duplex full Full duplex Parameter description half Half duplex Default configuration Auto Command mode...

Page 88: ...evices Command mode Interface configuration mode Usage guidelines Use show interfaces to display the flow control configurations Examples This example shows how to enable flow control on fastEthernet...

Page 89: ...config if Command Description Related commands show interfaces Show the interface information Platform description 1 1 8 interface fastEthernet Use this command to select a Ethernet interface and ente...

Page 90: ...the extended module Command mode Global configuration mode Usage guidelines The no form of the command is not available and this interface type cannot be deleted Use show interfaces or show interfaces...

Page 91: ...tion Related commands show interfaces Show the interface information Platform Description 1 1 11 line detect Use this command to detect the cable connection status line detect Command mode Interface c...

Page 92: ...l OK length Length of the line in meter Only the length of the line pair whose status is OK takes effect Since the length is calculated based on the transmission time of signal there may have a certai...

Page 93: ...rt for example status duplex flow control and rate all mean those of the currently selected media type After the port type is changed the attributes of the new port type take the default values which...

Page 94: ...rface Use the no form of the command to enable a disabled port shutdown no shutdown Command mode Interface configuration mode Usage guidelines Use this command to stop the forwarding on the interface...

Page 95: ...If the link status of the port changes the SNMP sends the LinkTrap Command mode Interface configuration mode Usage guidelines For an interface for instance Ethernet interface AP interface and SVI inte...

Page 96: ...ameter description auto The transmission rate of the interface is adaptive Default configuration Auto Command mode Interface configuration mode Usage guidelines If an interface is the member of an agg...

Page 97: ...create a new one and add the interface to the VLAN if you enter a new VLAN ID If the VLAN ID already exists the command adds the interface to the VLAN If the port is a trunk port the operation does n...

Page 98: ...list of the interface determines the VLANs to which the interface may belong The trunk port is the member of all the VLANs in the allowed VLAN list Use switchport trunk to define the allowed VLANs lis...

Page 99: ...ecified VLAN list to the allowed VLAN list Parameter description native vlan vlan id Specify the native VLAN Default configuration The allowed VLAN list is all the Native VLAN is VLAN1 Command mode In...

Page 100: ...ure an interface as a statics access port and assign it to a VLAN 1 2 Showing Related Command 1 2 1 show interfaces Use this command to show the interface information and optical module information sh...

Page 101: ...interface information when the Gi0 1 is Trunk port SwitchA show interfaces gigabitEthernet 0 1 Index dec 1 hex 1 GigabitEthernet 0 1 is DOWN line protocol is DOWN Hardware is Broadcom 5464 GigabitEth...

Page 102: ...tes 0 underruns 0 dropped 0 output errors 0 collisions 0 interface resets The following example shows the interface information when the Gi0 1 is Access port SwitchA show interfaces gigabitEthernet 0...

Page 103: ...id port SwitchA show interfaces gigabitEthernet 0 1 Index dec 1 hex 1 GigabitEthernet 0 1 is DOWN line protocol is DOWN Hardware is Broadcom 5464 GigabitEthernet Interface address is no ip address MTU...

Page 104: ...facesgigabitEthernet 0 1 switchport Interface Switchport ModeAccess Native Protected VLAN lists GigabitEthernet 0 1 enabled Access 11 Disabled ALL Command Description duplex Duplex flowcontrol Flow co...

Page 105: ...he optical module information alarming the fault and diagnosing the parameters shall be used combining with the optical module of the RG network To show the optical module and alarm the fault and diag...

Page 106: ...nd Parameter description mac address MAC address to be bound Command mode Global configuration mode Usage guidelines If you have bound an IP address and a MAC address the switch will discard the packe...

Page 107: ...an IP address and a MAC address the switch will discard the packets that have the same source IP address but different source MAC address Examples This is an example of binding the IP address 3 3 3 3...

Page 108: ...e packets matching IPv4 and MAC are forwarded No IPv6 packets are forwarded default Loose Only the packets matching IPv4 and MAC are forwarded All IPv6 packets are forwarded compatible Only the packet...

Page 109: ...ter description N A Command mode Global configuration mode Usage guidelines If you have installed the exceptional port you can run this command to make installation policy take effect Examples Install...

Page 110: ...nding policy does not take effect Examples Following example is to set the fa 0 1 port as an exceptional port for address binding Ruijie config address bind uplink fa0 1 Command Function Related comma...

Page 111: ...s command to display dynamic MAC address 2 1 7 clear mac address table filtering Use this command to clear the filtering MAC address clear mac address table filtering address mac addr vlan vlan id Par...

Page 112: ...MAC addresses address mac addr Clear the specified static MAC address interface interface id Clear all the static MAC addresses of the specified interface Parameter description vlan vlan id Clear all...

Page 113: ...rface with the MAC address learning function disabled could not be configured the security function Examples The following example disables the MAC address learning Ruijie config if no mac address lea...

Page 114: ...s command to configure the filtering MAC address Use the no form of the command to remove the filtering address mac address table filtering mac address vlan vlan id source destination no mac address t...

Page 115: ...c address table notification Use this command to enable the MAC address notification function You can use The no form of the command to disable this function mac address table notification interval va...

Page 116: ...ing the MAC address trap message show mac address table notification Show the MAC address notification configuration and the MAC address trap notification table Related commands snmp trap mac notifica...

Page 117: ...MAC address Use clear mac address table static to clear static MAC address Examples When the packet destined to 00d0 f800 073c arrives at VLAN4 it will be forwarded to the specified port gigabitethern...

Page 118: ...nterface to display configuration Examples Ruijie config interface gigabitethernet 1 1 Ruijie config if snmp trap mac notification added Command Description mac address table notification Enable MAC a...

Page 119: ...command to show the exceptional port show address bind uplink Command mode Privileged mode Usage guidelines N A Examples Ruijie show address bind uplink Ports State Fa0 1 Disabled Fa0 2 Disabled Comm...

Page 120: ...d mode Command mode Ruijie show mac address table address 00d0 f800 1001 Vlan MAC Address Type Interface 1 00d0 f800 1001 STATIC Gi1 1 Command Description show mac address table static Show the static...

Page 121: ...ription Related commands mac address table aging time Specify the aging time of the dynamic MAC address 2 2 6 show mac address table count Use this command to display the mac address table count show...

Page 122: ...terface interface id vlan vlan id Parameter Description mac addr Destination MAC address of the entry vlan id VLAN of the entry Parameter description interface id Interface that the packet is forwarde...

Page 123: ...ode Examples Ruijie show mac address table filtering Vlan MAC Address Type Interface 1 0000 2222 2222 FILTER Not available Command Description clear mac address table filtering Clear the filtering MAC...

Page 124: ...iption show mac address table static Show the static MAC address show mac address table filtering Show the filtering MAC address show mac address table dynamic Show the dynamic MAC address show mac ad...

Page 125: ...MAC Notification Feature Disabled Interval between Notification Traps 1 secs Maximum Number of entries configured in History Table 1 Current History Table Length 0 Ruijie show mac address table notifi...

Page 126: ...gigabitethernet 1 1 Command Description mac address table static Configure the static MAC address Related commands clear mac address table static Clear the static MAC address 2 2 12 show mac address t...

Page 127: ...3 1 address bind help Use this command to show the typical configuration of address bind modules address bind help Command mode Privileged mode Usage guidelines For current operation of the CLI the c...

Page 128: ...ommands 2 4 1 address bind help Use this command to show the example information of the command beginning with the keyword address bind address bind help Command mode Global interface configuration mo...

Page 129: ...witchover the Chinese English interface Command Description Related commands view address bind Show the main status and configuration information of address bind modules 2 5 Showing Main status Comman...

Page 130: ...ds are involved for showing various status information that the user want which is not convenient for users Users want to see various main statuses after the configuration So showing the information c...

Page 131: ...ription dst mac Traffic is distributed according to the destination MAC addresses of the incoming packets For all the links of an aggregate port the messages with the same destination MAC addresses ar...

Page 132: ...t to the same port and those with different destination IP addresses are sent to different ports src ip Traffic is distributed according to the source IP addresses of the incoming packets For all the...

Page 133: ...membership from the aggregate port port group port group number no port group Parameter Description Parameter description port group number Number of the member group of an aggregate port the interfac...

Page 134: ...hm on the aggregate port Parameter description summary Show the summary of the aggregate port Command mode Privileged mode Usage guidelines If the aggregate port number is not specified all the aggreg...

Page 135: ...tion and deployment of a specific functional module current CLI presentation lacks some replicable typical configuration examples therefore users can only ask for the configuration help by other means...

Page 136: ...Configuration Commands Example s The following is the presentation of the command run in the privileged mode Use the language chinese english command in the privileged mode to switchover the Chinese E...

Page 137: ...nter the question mark to display the configuration help with the configuration of the next keyword or parameter and related description However users may not understand the meaning about the descript...

Page 138: ...rently two commands are needed to show the configuration and main state information respectively and several related showing commands are required to display the information of each state which is not...

Page 139: ...the group ID on the port to be aggregated The key values vary with the aggregation group numbers supported for different products active Places a port into an active negotiating state in which the po...

Page 140: ...e configuration mode Usage guidelines When multiple ports are to be aggregated the ports with high priorities take precedence and the port with the highest priority is selected as the master port The...

Page 141: ...Enable the LACP on the port and specify the aggregation group ID and operation mode 4 1 3 lacp system priority Use this command to set the LACP system priority The no form of it restores it to the def...

Page 142: ...ted commands lacp port priority Set the LACP port priority 4 2 Showing Related Command 4 2 1 show lacp summary Use this command to show the LACP aggregation information show lacp summary key Parameter...

Page 143: ...0x3d Field Description Local information Show the local LACP information Port Show the system port ID Flags Show the port state flag S indicates that the LACP is stable and in the state of periodicall...

Page 144: ...ner infomation Partly show the LACP information of the peer port Dev ID Partly show the system MAC information of the peer device Command Description Related commands port group key mode Enable the LA...

Page 145: ...the command to remove the Access interface add interface interface id range interface range no add interface interface id range interface range Parameter Description interface id Layer 2 Ethernet inte...

Page 146: ...t but not for the member port of the layer 2 AP port Examples The following example adds the interface GigabitEthernet 0 10 into the VLAN20 Ruijie configure terminal SwitchA config vlan 20 SwitchA con...

Page 147: ...ted VLAN lists AggregatePort 10 enabled ACCESS 20 1 Disabled ALL Command Description Related commands show interface interface id switchport Show the layer 2 interfaces 5 1 2 name Use the command to s...

Page 148: ...Description Parameter description vlan id The VLAN ID at which the port to be added Default configuration By default the switch port is an access port and the VLAN is VLAN 1 Command mode Interface con...

Page 149: ...id Configure the switch port as a hybrid port uplink Configure the switch port as an uplink port Parameter description dot1q tunnel Configure the switch port as a 802 1Q tunnel port Default configurat...

Page 150: ...ameter Description allowed vlan vlan list Configure the list of VLANs allowed on the trunk port vlan list can be a VLAN or a range of VLANs starting with the smaller VLAN ID and ending with the larger...

Page 151: ...nt the traffic from passing over the trunk port by configuring allowed VLAN lists on a trunk port Use show interfaces switchport to display configuration Examples The example below removes port 1 15 f...

Page 152: ...d EXEC mode input end or pressing Ctrl C To return to the global configuration mode input exit Examples Ruijie config vlan 1 Ruijie config vlan Command Description Related commands show vlan Show memb...

Page 153: ...es Ruijie show vlan id 1 VLAN Name Status Ports 1 VLAN0001 STATIC Fa0 1 Fa0 2 Command Description name VLAN name Related commands switchport access Add the interface to a VLAN 5 3 Showing Configuratio...

Page 154: ...nal module current CLI presentation lacks some replicable typical configuration examples therefore users can only ask for the configuration help by other means such as reading related manuals and goin...

Page 155: ...P CLI Reference Guide Chapter 5 VLAN Configuration Commands Example s Use the language chinese english command in the privileged mode to switchover the Chinese English interface Related Command Descr...

Page 156: ...cription Parameter description Default configuration N A Command mode Interface configuration mode Usage guidelines Currently you can enter the question mark to display the configuration help with the...

Page 157: ...itchover the Chinese English interface Command Description Related commands 5 4 2 switchport trunk help Use this command to show the example information of the command beginning with the keyword switc...

Page 158: ...ion of keywords so they do not know how to continue the configuration in order to complete the configuration task Examples Use the language chinese english command in the privileged mode to switchover...

Page 159: ...o use which command to show the main status information of this function And several commands are involved for showing various status information that the user want which is not convenient for users U...

Page 160: ...vlan community isolated primary Parameter Description community Configure it as the community VLAN isolated Configure it as the isolated VLAN primary Configure it as the primary VLAN Parameter descri...

Page 161: ...VLAN list Parameter description no Remove the association between the primary VLAN and all the secondary VLANs Default configuration No association Command mode Primary VLAN configuration Mode Example...

Page 162: ...tform description The software version must be RGOS10 1 and later 6 1 4 switchport mode private vlan Use this command to declare the private VLAN mode of the interface switchport mode private vlan hos...

Page 163: ...rimary VID s_vid Secondary VID Parameter description no Delete the host port from the private VLAN Command mode Interface configuration mode Examples Ruijie config interface gigabitEthernet 0 1 Ruijie...

Page 164: ...vlan association trunk 202 203 Command Description Related commands show vlan private vlan Platform description The software version must be RGOS10 4 3 and later 6 1 7 switchport private vlan mapping...

Page 165: ...hport private vlan promiscuous trunk Use this command to configure the ports as a promiscuous trunk port which is associated with the L2 port and the private VLAN Multiple pairs are allowed to associa...

Page 166: ...y primary isolated Parameter Description primary Show the primary VLAN information community Show the community VLAN information Parameter description isolated Show the isolated VLAN information Defau...

Page 167: ...ater 6 3 2 switchport hybrid native vlan Use this command to configure the default VLAN of a hybrid port switchport hybrid native vlan vid no switchport hybrid native vlan Parameter Description Parame...

Page 168: ...rid allowed vlan Parameter Description Parameter description no Restore the output rules of the hybrid port to the default settings Default configuration No output rules are configured Command mode In...

Page 169: ...ration mode Usage guidelines The MAC VLAN entries configured globally won t take effect on the port unless the MAC VLAN function is enabled on this port The MAC VLAN function can be enabled on the hyb...

Page 170: ...binary This field is full of Fs by default vlan vlan id Specify the VLAN corresponding to the MAC address in the range of 1 to 4094 Parameter description priority pri_val Specify the 802 1p priority o...

Page 171: ...0 200 5 S 0001 0001 0001 ffff ffff ffff 100 3 S Total MAC VLAN address count 2 Command Description Related commands show mac vlan all Show the MAC VLAN entries 7 2 Show Related Command 7 2 1 show mac...

Page 172: ...Dynamic MAC ADDR MASK VLAN ID PRIO STATE 0011 1100 0000 ffff ff00 0000 100 1 S 0022 2222 0000 ffff ffff 0000 200 2 S 0000 0000 0003 ffff ffff ffff 300 3 D 0000 0000 0004 ffff ffff ffff 400 4 D 0000 00...

Page 173: ...the MAC VLAN function enabled on the port use this command to verify whether the configuration is successful Examples Ruijie show mac vlan interface MAC VLAN is enabled on following interface fasteth...

Page 174: ...arameter Description Parameter description Default Settings N A Command mode VLAN configuration mode Usage guidelines Use the no share command to cancel the share vlan Enter the end command or Ctrl C...

Page 175: ...ured Parameter Description Parameter description Default Settings N A Command mode Any configuration mode Usage guidelines Enter the end command or Ctrl C to return to the privileged EXEC mode Enter t...

Page 176: ...vlan id The Voice VLAN ID Default Settings Disabled Command mode Global configuration mode Usage guidelines Use this command to enable the Voice VLAN and specify the Voice Vlan ID Caution 1 The corres...

Page 177: ...to set the Voice VLAN aging time in the global configuration mode Use the no form of this command to restore it to the default value voice vlan aging minutes no voice vlan aging Parameter Description...

Page 178: ...e Voice VLAN CoS value Default Settings 6 Command mode Global configuration mode Usage guidelines You can improve the Voice VLAN priority level and the session quality by modifying the Voice VLAN CoS...

Page 179: ...s The following example shows how to set the Voice VLAN DSCP value as 40 Ruijie config voice vlan dscp 40 Command Description Related commands show voice vlan Show Voice VLAN configurations and the cu...

Page 180: ...ble Command Description Related commands show voice vlan Show Voice VLAN configurations and the current state 9 1 6 voice vlan mac address Use this command to set the recognizable Voice VLAN OUI addre...

Page 181: ...cription Related commands show voice vlan oui Show the OUI address OUI address mask and the descriptions 9 1 7 voice vlan mode auto Use this command to set the Voice VLAN auto mode in the interface co...

Page 182: ...ded to the Voice VLAN or the port not used for a long time can be still in the Voice VLAN Note 1 With the Voice VLAN enabled on the port the auto and manual modes switchover is disallowed Disable the...

Page 183: ...e connected downward the port or the port type Caution You are not recommended to transmit the voice and service data in the Voice VLAN at the same time But if it is necessary for you you shall ensure...

Page 184: ...cription Default Settings N A Command mode Privileged EXEC mode Usage guidelines N A Examples Ruijie config show voice vlan Voice VLAN status ENABLE Voice VLAN ID 2 Voice VLAN security mode Security V...

Page 185: ...tion information show voice vlan oui Parameter Description Parameter description Default Settings N A Command mode Privileged EXEC mode Usage guidelines N A Examples Ruijie config show voice vlan oui...

Page 186: ...ress for the voice packet Mask The OUI mask The valid length for the OUI address Description The description information for the OUI address Command Description Related commands voice vlan mac address...

Page 187: ...only restores the corresponding parameters to the default values but does not disable the spanning tree function spanning tree forward time seconds hello time seconds max age seconds no spanning tree...

Page 188: ...Ruijie config spanning tree forward time 10 Command Description show spanning tree Show the global STP configuration spanning tree mst cost Set the PathCost of an STP interface Related commands spanni...

Page 189: ...anning tree bpduguard enabled disabled Parameter Description enabled Enable BPDU guard on the interface Parameter description disabled Disable BPDU guard on the interface Default configuration Disable...

Page 190: ...point to point Command Description Related commands show spanning tree interface Show the STP configuration of the interface 10 1 5 spanning tree max hops Use this command to set the maximum number o...

Page 191: ...to 10 for all instances Ruijie config spanning tree max hops 10 You can verify your setting by entering the show spanning tree mst command in the privileged configuration mode Command Description Rela...

Page 192: ...bal configuration mode Usage guidelines To return to the privileged EXEC mode enter end or Ctrl C To return to the global configuration mode enter exit After entering the MST configuration mode you ca...

Page 193: ...ion 1 Ruijie config mst revision 1 Ruijie config mst show MST configuration Name region1 Revision 1 Instance Vlans Mapped 0 1 2 4 11 4094 1 3 5 10 Ruijie config mst exit Ruijie config To remove VLAN 3...

Page 194: ...he default value is calculated by the link rate of the interface automatically 1000 Mbps 20000 100 Mbps 200000 10 Mbps 2000000 Command mode Interface configuration mode Usage guidelines A higher cost...

Page 195: ...n priority Interface priority Sixteen integers are available 0 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 which are the multiples of 16 Default configuration The default instance id is 0 Th...

Page 196: ...st instance id priority Parameter Description instance id Instance ID in the range of 0 to 64 Parameter description priority Device priority Sixteen integers are available 0 4096 8192 12288 16384 2048...

Page 197: ...de Examples Ruijie config spanning tree reset Command Description show spanning tree Show the global STP configuration Related commands show spanning tree interface Show the STP configuration of the i...

Page 198: ...of the command to restore it to the default setting spanning tree pathcost method long standard short no spanning tree pathcost method Parameter Description Long standard Adopt the 802 1t standard to...

Page 199: ...le the portfast on the interface Default configuration Disabled Command mode Interface configuration mode Examples Ruijie config interface gigabitethernet 1 1 Ruijie config if spanning tree portfast C...

Page 200: ...he global STP configuration 10 1 16 spanning tree portfast bpdufilter default Use this command to enable the BPDU filter function globally You can use the no form of the command to disable the BPDU fi...

Page 201: ...portfast default Parameter description N A Default configuration Disabled Command mode Global configuration mode Examples Ruijie config spanning tree portfast default Command Description Related comm...

Page 202: ...tc protection tc guard Parameter description N A Default configuration Disabled Command mode Global configuration mode Examples Ruijie config spanning tree tc protection tc guard 10 1 20 spanning tre...

Page 203: ...t configuration By default the TC filtering function is disabled Command mode Interface configuration mode Examples Ruijie config if spanning tree ignore tc 10 1 22 spanning tree guard root Use this c...

Page 204: ...r description N A Default configuration Disabled Command mode Global configuration mode Examples Ruijie config spanning tree loopguard default 10 1 24 spanning tree guard loop Use this command to enab...

Page 205: ...iguration mode Examples Ruijie config spanning tree guard none 10 1 26 spanning tree autoedge Use this command to enable Autoedge on the interface Use the disabled option of this command to disable Au...

Page 206: ...MAC address are received Parameter description no Indicate that the BPDU messages from any MAC address are received Default configuration Disabled Command mode Interface configuration mode Examples Ru...

Page 207: ...tion with other vendors spanning tree compatible enable no spanning tree compatible enable Parameter description N A Default configuration Disabled Command mode Interface configuration mode Examples R...

Page 208: ...mand Description spanning tree pathcost method Set the pathcost method spanning tree forward time Set BridgeForwardDelay spanning tree hello time Set BridgeHelloTime spanning tree max age Set BridgeMa...

Page 209: ...panning tree bpduguard Enable the BPDU guard on the interface Related commands spanning tree link type Set the link type of the interface to point to point 10 2 3 show spanning tree mst In privileged...

Page 210: ...ing tree mst max hops Show the maximum hops of the instance spanning tree mst priority Show the equipment priority of the instance Related commands spanning tree mst port priority Show the port priori...

Page 211: ...odule current CLI presentation lacks some replicable typical configuration examples therefore users can only ask for the configuration help by other means such as reading related manuals and going to...

Page 212: ...s command to show the example information of the command beginning with the keyword spanning tree spanning tree help Parameter description N A Default configuration N A Command mode Global interface c...

Page 213: ...In the interface configuration mode Note Use the language chinese english command in the global configuration mode to switchover the Chinese English interface Command Description Related commands 10...

Page 214: ...n However users may not understand the meaning about the description of keywords so they do not know how to continue the configuration in order to complete the configuration task Example s Note Use th...

Page 215: ...users may not understand the meaning about the description of keywords so they do not know how to continue the configuration in order to complete the configuration task Example s Note Use the language...

Page 216: ...er want which is not convenient for users Users want to see various main statuses after the configuration So showing the information combining the related configuration with running status information...

Page 217: ...re the TxHoldCount for global STP set the maximum number of BPDU sent per second 3 Use this command to configure the maximum hops of BPDU frames 4 Use this command to configure the max age of BPDU pac...

Page 218: ...no form of this command to restore it to the default setting gvrp applicant state normal non applicant no gvrp applicant state Parameter Description Parameter description Default Allow sending the GVR...

Page 219: ...ating the vlan dynamically is not allowed Command mode Global configuration mode Usage guidelines Use the show gvrp configuration to show the related configurations Examples Ruijie config gvrp dynamic...

Page 220: ...eating registering canceling the vlan dynamically on the port Use the no form of this command to restore it to the default setting gvrp registration mode normal disabled no gvrp registration mode Para...

Page 221: ...is time range the port VLAN relation is still exist and the timer becomes invalid If no Join Message is received on the port the port status will be the Empty and removed from the VLAN member list Par...

Page 222: ...or re counting clear gvrp statistics interface id all Parameter Description Parameter description interface id Interface id Default NA Command mode Privileged mode Usage guidelines Use the show gvrp s...

Page 223: ...t GigabitEthernet 3 2 app mode normal reg mode normal Port GigabitEthernet 3 3 app mode normal reg mode normal Port GigabitEthernet 3 4 app mode normal reg mode normal Port GigabitEthernet 3 5 app mod...

Page 224: ...d mode Privileged mode Usage guidelines Use the show gvrp statistics to show the statistics of one interface or all interfaces Examples Ruijie show gvrp statistics gigabitethernet 1 1 Interface Gigabi...

Page 225: ...s of one interface or all interfaces 11 2 4 show gvrp status Use this command to show the GVRP status show gvrp status Parameter Description Parameter description Default NA Command mode Privileged mo...

Page 226: ...emark cos outer cos value no dot1q tunnel cos inner cos value remark cos outer cos value Parameter Description Parameter description no Cancel the priority mapping of the packets on the interface Defa...

Page 227: ...mode Interface configuration mode Examples Ruijie config interface g0 3 Ruijie config if frame tag tpid 0x9100 Ruijie config if end Ruijie show frame tag tpid Port tpid Gi0 3 0x9100 Command Descriptio...

Page 228: ...mode dot1q tunnel Use this command to configure the interface as the dot1q tunnel interface switchport mode dot1q tunnel no switchport mode Parameter Description Parameter description no Delete the co...

Page 229: ...port is configured Command mode Interface configuration mode Examples Here is an example of configuring the interface as a uplink port Ruijie config interface gigabitEthernet 0 1 Ruijie config if swit...

Page 230: ...tputting the frame with tag Ruijie config interface gigabitEthernet 0 1 Ruijie config if switchport dot1q tunnel allowed vlan tagged 3 6 Ruijie config end Command Description Related commands show int...

Page 231: ...dot1q tunnel Platform description The software version must be RGOS10 3 and later 12 1 8 vlan mapping in vlan src vlan list remark dest vlan Use this command to configure the policy list of the VLAN...

Page 232: ...10 4 and later 12 1 9 vlan mapping out vlan src vlan remark dest vlan Use this command to configure the policy list of the one to one VLAN mapping in the outgoing direction on the acess trunk hybrid u...

Page 233: ...port to receive L2 protocol message l2protocol tunnel stp gvrp no l2protocol tunnel stp gvrp Parameter Description stp Receive stp message gvrp Receive gvrp message Parameter description no Remove th...

Page 234: ...guration mode Examples Here is an example of enabling transparent transmission of L2 protocol message Ruijie configure Ruijie config interface fa 0 1 Ruijie config if l2protocol tunnel gvrp enable Rui...

Page 235: ...g the MAC address for the L2 protocol transparent transmission function Ruijie config if l2protocol tunnel gvrp tunnel dmac 011AA9 000005 Ruijie config if end Command Description Related commands show...

Page 236: ...configuration of interface tpid show frame tag tpid interface intf id Parameter Description Parameter description intf id Specific Interface Default configuration The tpid is not modified Command mode...

Page 237: ...1q tunnel Use this command to show dot1q tunnel configuration show interface intf id dot1q tunnel Parameter Description Parameter description intf id The specified interface Default configuration N A...

Page 238: ...os 3 5 Platform description The software version must be RGOS10 1 and later 12 2 6 show l2protocol tunnel Use this command to show transparent transmission configuration of L2 protocol show l2protocol...

Page 239: ...erence Guide Chapter 12 QinQ Configuration Commands L2protocol tunnel Stp Enable Ruijie show l2protocol tunnel gvrp L2protocol tunnel gvrp Disable Platform description The software version must be RGO...

Page 240: ...IPApplication...

Page 241: ...ss with 8 bits in one group in decimal format Groups are separated by dots network mask 32 bit network mask 1 stands for the mask bit 0 stands for the host bit with 8 bits in one group in decimal form...

Page 242: ...ly there is no limit for the number of secondary IP addresses The primary IP address must be configured before the secondary IP addresses The secondary IP address and the primary IP address must belon...

Page 243: ...command to modify both the management IP and default gateway The keyword gateway is not in the output of show running config but in the output of ip default gate command Examples In the example below...

Page 244: ...e ARP cache table Command mode Global configuration mode Usage guidelines RGOS finds the 48 bit MAC address according to the 32 bit IP address using the ARP cache table Since most hosts support dynami...

Page 245: ...the free ARP request message regularly on this interface to notify that the switch is the real gateway Examples The following configuration sets to send one free ARP request to SVI 1 per second Ruijie...

Page 246: ...ntry Examples The following configuration sets the retry interval of the ARP request as 30s arp retry interval 30 Command Function Related commands arp retry times number Set the retry time of the ARP...

Page 247: ...too large Examples The following configuration will set the local ARP request not to be retried arp retry times 1 The following configuration will set the local ARP request to be retried for one time...

Page 248: ...f setting the timeout for the dynamic ARP mapping record that is learned dynamically from FastEthernet port 0 1 to 120 seconds interface fastEthernet 0 1 arp timeout 120 Command Description clear arp...

Page 249: ...he privileged mode clear arp cache vrf vrf_name trusted ip mask interface interface name Command mode Privileged mode Usage guidelines This command can be used to refresh an ARP cache table Caution On...

Page 250: ...nter command Ruijie show arp counter The Arp Entry counter 0 The Unresolve Arp Entry 0 The meaning of each field in the ARP cache table is described in Table 1 1 3 3 show ip interface Use this command...

Page 251: ...rface status will be shown as UP The results shown may vary with the interface type because some contents are the interface specific options Example s Presented below is the output of show ip interfac...

Page 252: ...ce type such as broadcast point to point etc IP interface MTU is Show the MTU value of the interface IP address is Show the IP address and mask of the interface IP address negotiate is Show whether th...

Page 253: ...packet input number 0 Echo request 0 Echo reply 0 Unreachable 0 Source quench 0 Routing redirect 0 Show the total number of ICMP packets received on the interface including Echo request packet Echo re...

Page 254: ...mode Usage guidelines N A Examples Command Description Related commands ip default gateway Configure the default gateway which is only supported on the Layer 2 switch 1 3 5 show ip redirects Use this...

Page 255: ...d Description Related commands ip default gateway Configure the default gateway which is only supported on the Layer 2 switch Platform description 1 4 Showing Example Commands 1 4 1 arp help global co...

Page 256: ...ver the Chinese English interface Platform description 1 4 2 arp help interface configuration mode Use this command to show example information of the command beginning with the keyword arp in interfa...

Page 257: ...rd arp retry in global configuration mode arp retry help Parameter description N A Command mode Global configuration mode Example s Note Use the language Chinese English command in the privileged mode...

Page 258: ...e Chinese English command in the privileged mode to switchover the Chinese English interface Platform description 1 4 5 ip help global configuration mode Use this command to show example information o...

Page 259: ...in the privileged mode to switchover the Chinese English interface Platform description 1 4 6 ip help interface configuration mode Use this command to show example information of the command beginning...

Page 260: ...language Chinese English command in the privileged mode to switchover the Chinese English interface Platform description 1 5 Showing Main Status Commands 1 5 1 view arp Use this command to show the i...

Page 261: ...the Status field of ARP security The Enabled is shown as long as one port is enabled with Anti ARP spoofing The Enabled is shown as long as one port is enabled with ARP check The Enabled is shown as...

Page 262: ...onfiguration Commands 1 5 2 view ip Use this command to show the important and common used information about the IPv4 protocol view ip The view ipv4 command is equivalent to the view ip Parameter desc...

Page 263: ...S2600E P CLI Reference Guide Chapter 1 IP Address Configuration Commands Platform description...

Page 264: ...gateway Default configuration By default no default gateway is configured Command mode Global configuration mode Usage guidelines The packets will be sent to the default gateway if the destination ad...

Page 265: ...ess no ipv6 address ipv6 address prefix length no ipv6 address ipv6 prefix prefix length eui 64 no ipv6 address prefix name sub bits prefix length eui 64 Parameter Description ipv6 prefix IPv6 address...

Page 266: ...ated using the general prefix That is the IPv6 address consists of the general prefix and the sub prefix and the host bit The general prefix could be configured using the ipv6 general prefix command o...

Page 267: ...idelines The stateless automatic address configuration is that when receiving the RA Route Advertisement message the device could use the prefix information of the RA message to automatically generate...

Page 268: ...he interface Caution If an IPv6 address is configured for the interface the IPv6 function will be enabled automatically on the interface and cannot be disabled with no ipv6 enable Examples Ruijie conf...

Page 269: ...l prefix A general prefix could contain multiple prefixes These longer specified prefixes is usually used for the Ipv6 address configuration on the interface Examples The following example configures...

Page 270: ...neighbor including routed Port L3 AP interface or SVI interface Parameter description hardware address Hardware address of the neighbor It shall be a 48 bit MAC address in the format of XXXX XXXX XXXX...

Page 271: ...dad attempts Parameter Description Parameter description value Number of the NS packets If it is set to 0 it indicates that the IPv6 address collision check is disabled on the interface The range is 0...

Page 272: ...naged address configuration flag bit of the RA message Use the no form of this command to remove the setting ipv6 nd managed config flag no ipv6 nd managed config flag Default configuration None Comma...

Page 273: ...of the RA message sent by the device is set After receiving this flag bit the host uses the dhcpv6 to acquire the information excluding the IPv6 address for the purpose of automatic configuration When...

Page 274: ...ace Show the interface information 3 1 11 ipv6 nd prefix Use this command to configure the address prefix included in the RA Use the no form of this command to delete the set prefix or restore it to t...

Page 275: ...advertised prefix is the one set with ipv6 address on the interface The default parameters of the prefix configured in the RA are as follows valid lifetime 2592000s 30 days preferred lifetime 604800s...

Page 276: ...01 64 infinite 2592000 The following example sets the default prefix parameters for SVI 1 they cannot be used for auto address configuration Ruijie config interface vlan 1 Ruijie config if ipv6 prefix...

Page 277: ...form of this command to restore it to the default setting ipv6 nd ra interval seconds min max min_value max_value no ipv6 nd ra interval Parameter Description seconds Interval of sending the RA messag...

Page 278: ...ation ipv6 nd ra lifetime Set the lifetime of the device ipv6 nd ra hoplimit Set the hopfcount of the RA message Related commands ipv6 nd ra mtu Set the MTU of the RA message 3 1 14 ipv6 nd ra lifetim...

Page 279: ...t the hopcount of the RA Related commands ipv6 nd ra mtu Set the MTU of the RA 3 1 15 ipv6 nd ra mtu Use this command to set the MTU of the RA messag Use the no form of this command to restore it to t...

Page 280: ...ation The default value in RA is 0 unspecified the reachable time for the neighbor is 30000ms 30s when the device discovers the neighbor Command mode Interface configuration mode Usage guidelines The...

Page 281: ...figuration mode Usage guidelines This command suppresses the sending of the RA message on an interface Examples Ruijie config if ipv6 nd suppress ra Command Description Related commands show ipv6 inte...

Page 282: ...function ipv6 redirects no ipv6 redirects Default configuration The ICMPv6 redirect message is permitted to be sent on the IPV6 interface Command mode Interface configuration mode Usage guidelines The...

Page 283: ...type 0 that destined to the local machine is processed Examples Ruijie config no ipv6 source route Related commands None 3 1 21 ping ipv6 Use this command to diagnose the connectivity of the IPv6 net...

Page 284: ...or example IP address collision is detected Unknown error Examples Ruijie ping ipv6 fec0 1 3 2 Showing Related Command 3 2 1 clear ipv6 neighbors Use this command to clear the dynamically learned neig...

Page 285: ...Use this command to show the IPv6 addresses show ipv6 address interface name Parameter Description Parameter description interface name Interface name Command mode Privileged mode Usage guidelines N...

Page 286: ...efix including the manually configured and learned from the DHCPv6 agent Examples The following example shows the information of the general prefix Ruijie show ipv6 general prefix There is 1 general p...

Page 287: ...02 1 2 ff02 1 1 ff00 1 INET6 2001 1 subnet is 2001 64 TENTATIVE Joined group address es ff01 1 1 ff02 1 1 ff02 1 2 ff02 1 1 ff00 1 MTU is 1500 bytes ICMP error messages limited to one every 10 millise...

Page 288: ...opped waits 0 initcount 3 statistics RA out in inconsistent 4 0 0 RS input 0 Link layer address 00 00 00 00 00 01 Physical MTU 1500 ND device advertisements live for 1800 seconds ND device advertiseme...

Page 289: ...ates the managed config flag bit in the RA is not set M Conversely O O O indicates the other config flag bit in the RA is not set O Conversely Description of the fields of the prefix list in ra info F...

Page 290: ...ighbors interface id Show the neighbors of the specified interface Parameter description ipv6 addres Show the neighbors of the specified IPv6 address Command mode Privileged mode Usage guidelines Show...

Page 291: ...neighbor in STALE state If the STALE state changes to DELAY DELAY will be changed to PROBE if no neighbor reachability notification is received within DELAY_FIRST_PROBE_TIME seconds 5s the NS will be...

Page 292: ...v6 neighbors Command Description Related commands ipv6 neighbor Configure a neighbor 3 2 6 show ipv6 neighbors statistics Use the following command to show the statistics of one IPv6 neighbors show ip...

Page 293: ...mple shows the statistics of all neighbors Command Description Related commands Platform description 3 2 7 show ipv6 packet statistics Use this command to show the statistics of IPv6 packets show ipv6...

Page 294: ...Privileged mode Usage guidelines N A Example s The following example shows the total statistics of the Ipv6 packets and the statistics of each inerface The following example shows the total statistic...

Page 295: ...nd to show the example of the command that starts with ipv6 address in the interface configuration mode ipv6 address help Parameter Description Parameter description Command mode Interface configurati...

Page 296: ...example of the command that starts with ipv6 in the global configuration mode ipv6 help Parameter Description Parameter description Command mode Global configuration mode Usage guidelines N A Example...

Page 297: ...xample of the command that starts with ipv6 in the interface configuration mode ipv6 help Parameter Description Parameter description Command mode Interface configuration mode Usage guidelines N A Exa...

Page 298: ...to show the example of the command that starts with ipv6 nd in the interface configuration mode ipv6 nd help Parameter Description Parameter description Command mode Interface configuration mode Usage...

Page 299: ...Use this command to show the example of the command that starts with the ipv6 route in the global configuration mode ipv6 route help Parameter Description Parameter description Command mode Global co...

Page 300: ...ands Platform description 3 4 Showing Status Commands 3 4 1 view ipv6 Use this command to show the information about the IPv6 addresses IPv6 packet statistics IPv6 neighbors and IPv6 route tables view...

Page 301: ...S2600E P CLI Reference Guide Chapter 3 IPv6 Configuration Commands Examples Command Description Related commands Platform description...

Page 302: ...ace configuration mode Usage guidelines When requesting the IP address the DHCP client of the RGOS software also requires the DHCP server provide 5 configuration parameter information 1 DHCP option 1...

Page 303: ...to carry out the DHCP client debugging in the privileged user mode debug ip dhcp client no debug ip dhcp client Parameter description N A Default Disabled Command mode Privileged mode Usage guidelines...

Page 304: ...the binding condition of this IP address Examples The following is the result of the show dhcp lease Ruijie show dhcp lease Temp IP addr 192 168 5 71 for peer on Interface FastEthernet0 0 Temp sub net...

Page 305: ...o ip dhcp relay check server id Default Disabled Command mode Global configuration mode Usage guidelines Switch will select the server to be sent according to server id option when forwarding DHCP REQ...

Page 306: ...with the 802 1x related configuration to configure this command Examples The following example enables the DHCP option dot1x function on the device Ruijie configure terminal Ruijie config ip dhcp rel...

Page 307: ...address is that of the gateway Ruijie config ext nacl permit ip host 192 168 4 1 any Ruijie config ext nacl permit ip host 192 168 5 1 any Ruijie config ext nacl deny ip 192 168 3 0 0 0 0 255 192 168...

Page 308: ...form of this command is used to disable the ip dhcp relay information option82 function no ip dhcp relay information option82 Default Disabled Command mode Global configuration mode Usage guidelines T...

Page 309: ...ing example enables the relay suppression function on the interface 1 Ruijie configure terminal Ruijie config interface fastEthernet 0 1 Ruijie config if ip dhcp relay suppression Ruijie config if exi...

Page 310: ...the port based configuration if the vrf is not specified the current default server and port configurations belong to the same vrf Examples The following example configures the addresses for two serve...

Page 311: ...ription Related commands ip helper address Add an IP address of the DHCP server 5 2 Showing Configuration Example Commands 5 2 1 dhcp relay help Use this command to show the configuration example abou...

Page 312: ...and in the privileged mode to switchover the Chinese English interface Command Description Related commands view dhcp relay Show the dhcp relay modules Platform description 5 3 Showing Example Command...

Page 313: ...the configuration of the next keyword or parameter and related description However users may not understand the meaning about the description of keywords so they do not know how to continue the confi...

Page 314: ...n mode Usage guidelines Currently you can enter the question mark to display the configuration help with the configuration of the next keyword or parameter and related description However users may no...

Page 315: ...ines Currently you can enter the question mark to display the configuration help with the configuration of the next keyword or parameter and related description However users may not understand the me...

Page 316: ...delines Currently two commands should be used to show the related configuration and status information respectively and several commands are needed for showing various status information that the user...

Page 317: ...S2600E P CLI Reference Guide Chapter 5 DHCP Relay Configuration Commands Platform description...

Page 318: ...etbios ns netbios dgm tacacs Parameter Description port Port to enable forwarding If this parameter is not specified the broadcast message from the ports 69 53 37 137 138 49 will be forwarded by defau...

Page 319: ...able Enable the forwarding of the UDP broadcast message Related commands ip forward protocol Configure the UDP port to enalbe forwarding Platform description Currently this command is supported on the...

Page 320: ...ve the forwarding destination server Examples The following is an example of configuring the destination server where the UDP broadcast message will be forwarded to Ruijie config if ip helper address...

Page 321: ...on of UDP Helper The UDP broadcast messages from the port 69 53 37 137 138 49 are forwarded by default Examples The following is an example of enabling the UDP forwarding function Ruijie config udp he...

Page 322: ...m of this command to disable the DNS domain name resolution function ip domain lookup no ip domain lookup Default configuration Enabled Command mode Global configuration mode Usage guidelines This com...

Page 323: ...age guidelines To delete the host list use the no ip host host name ip address command Examples Ruijie config ip host switch 192 168 5 243 Command Description Related commands show hosts Show the DNS...

Page 324: ...2 168 5 134 Ruijie config ip name server 2001 0DB8 250 8bff fee8 f800 2001 0DB8 0 f004 1 Command Description Related commands show hosts Show the DNS related configuration information 7 1 4 ipv6 host...

Page 325: ...clear all the dynamically learned host names Command mode Privileged mode Usage guidelines You can obtain the mapping record of the host name buffer table in two ways 1 the ip host static configurati...

Page 326: ...amples Ruijie show hosts Name servers are 192 168 5 134 static Host type Address TTL sec switch static 192 168 5 243 www ruijie com dynamic 192 168 5 123 126 Command Description ip host Configure the...

Page 327: ...on Parameter description Default Settings Disabled Command mode Privileged user mode Usage guidelines Use this command to display the detailed debugging information during FTP server operation Example...

Page 328: ...de Global configuration mode Usage guidelines This command is used to enable the FTP server to connect the FTP client to upload download the files Caution To enable the FTP client to access to the FTP...

Page 329: ...Usage guidelines For the FTP server the login username and the login password must be configured to verify the client connection One password can be set at most The password must include the letter o...

Page 330: ...config ftp server password 7 8001 The following example shows how to delete the password configuration Ruijie config no ftp server password Platform description N A 8 1 4 ftp server topdir Use this c...

Page 331: ...lowing example shows how to remove the top directory configuration Ruijie config no ftp server topdir Platform description N A 8 1 5 ftp server timeout Use this command to set the FTP session idle tim...

Page 332: ...rm of this command to cancel the username configuration ftp server username username no ftp server username Parameter Description Parameter description username Set the login username Default Settings...

Page 333: ...Showing Related Commands 8 2 1 show ftp server Use this command to show the status information of the FTP server show ftp server Parameter Description Parameter description Default Settings N A Comma...

Page 334: ...ijie show ftp server ftp server information enable Y topdir timeout 20min username config Y password config Y type BINARY control connect Y ftp server ip 192 167 201 245 port 21 ftp client ip 192 167...

Page 335: ...Network Management and Monitoring...

Page 336: ...s This command disables the SNMP agent services of all versions supported on the device Examples The example below disables the SNMP agent service Ruijie config no snmp server 1 1 2 snmp server chassi...

Page 337: ...P information 1 1 3 snmp server community Use this command to specify the SNMP community access string in the global configuration mode The no format of the command cancels the SNMP community access s...

Page 338: ...nable the SNMP agent function It specifies the community attribute range of the NMSs that can access the MIB and more To disable the SNMP agent function execute the command no snmp server Examples The...

Page 339: ...ck the SNMP information Related commands no snmp server Disable the SNMP agent function 1 1 5 snmp server enable traps Use this command to enable the SNMP server to actively send the SNMP Trap massage...

Page 340: ...user group snmp server group groupname v1 v2c v3 auth noauth priv read readview write writeview access ipv6 ipv6_aclname aclnum aclname num name no snmp server group groupname v1 v2c v3 Parameter Desc...

Page 341: ...guration 1 1 7 snmp server host Use this command to specify the SNMP host NMS to send the trap message in the global configuration mode The no form of this command is used to remove the specified SNMP...

Page 342: ...iple SNMP hosts to receive the SNMP Trap messages One host can use different combinations of the types of the SNMP trap message but the last configuration for the same host will overwrite the previous...

Page 343: ...server contact Specify the system contact information 1 1 9 snmp server packetsize Use this command to specify the maximum size of the SNMP packet in the global configuration mode The no form of this...

Page 344: ...MP trap message queue is used to store the SNMP trap messages This command can be used to adjust the size of the SNMP trap message queue to control the speed to sending the SNMP trap messages The maxi...

Page 345: ...elow enables the SNMP system restart notification function Ruijie config snmp server system shutdown 1 1 12 snmp server trap source Use this command to specify the source of the SNMP trap message in t...

Page 346: ...able the sending of the SNMP trap message Related commands snmp server host Specify the NMS host to send the SNMP trap message 1 1 13 snmp server trap timeout Use this command to define the retransmis...

Page 347: ...n But only SNMPv3 supports the following security parameters encrypted Input the password in cipher text mode In cipher text mode input continuous HEX alphanumeric characters Note that the authenticat...

Page 348: ...d to access the MIB Default configuration N A Command mode Global configuration mode Examples The example below configures an SNMPv3 user with MD5 authentication and DES encryption Ruijie config snmp...

Page 349: ...fig snmp server view mib2 1 3 6 1 include Command Description Related commands show snmp view Show the view configuration 1 2 Showing Related Command 1 2 1 show snmp Use this comand to show the SNMP i...

Page 350: ...les 0 Get request PDUs 0 Get next PDUs 0 Set request PDUs 0 SNMP packets output 0 Too big errors Maximum packet size 1472 0 No such name errors 0 Bad values errors 0 General errors 0 Response PDUs 0 T...

Page 351: ...LI lacks some replicable typical configuration examples therefore users can only obtain the configuration help by other means such as reading related manuals and going to our frontline engineers for h...

Page 352: ...S2600E CLI Reference Guide Chapter 1 SNMP Configuration Command If the user enters number 2 the following information is displayed Use the language chinese english command in the global...

Page 353: ...ds 1 4 1 snmp server help Use this comand to show the example information of the command beginning with the keyword snmp server snmp server help Command mode Global configuration mode Usage guidelines...

Page 354: ...tween Chinese and English Command Description Related commands snmp help Show the typical configuration information about snmp modules Platform description Supported by switches only 1 4 2 snmp server...

Page 355: ...guration in order to complete the configuration task Example s Use the language chinese english command in the global configuration mode to switchover the interface between Chinese and English Command...

Page 356: ...do not know how to continue the configuration in order to complete the configuration task Example s Use the language chinese english command in the global configuration mode to switchover the interfac...

Page 357: ...y do not know how to continue the configuration in order to complete the configuration task Example s Use the language chinese english command in the global configuration mode to switchover the interf...

Page 358: ...he configuration in order to complete the configuration task Example s Use the language chinese english command in the global configuration mode to switchover the interface between Chinese and English...

Page 359: ...ontinue the configuration in order to complete the configuration task Example s Use the language chinese english command in the global configuration mode to switchover the interface between Chinese an...

Page 360: ...status information of this function And several commands are involved for showing various status information that the user want which is not convenient for users Users want to see various main statuse...

Page 361: ...S2600E CLI Reference Guide Chapter 1 SNMP Configuration Command Platform description Supported by switches only...

Page 362: ...t N A Command mode Global configuration mode Usage guidelines The RGOS allows you to modify the configured history information of the Ethernet network including variable absolute delta owner rising th...

Page 363: ...odify the configured history information of the Ethernet network including owner buckets and interval However the modification does not take effect immediately until the system records history at the...

Page 364: ...name buckets bucket number interval seconds Add a history control entry 2 1 4 rmon event Use this command to define an event The no form of this command cancels the logging rmon event number log trap...

Page 365: ...1 show rmon alarm Use this command to show the rmon alarm table show rmon alarm Default N A Command mode Privileged mode Usage guidelines N A Examples The example below shows the rmon alarm table Rui...

Page 366: ...mand to show the event information show rmon event Default N A Command mode Privileged mode Usage guidelines N A Examples The example below shows the event information Ruijie show rmon event rmon even...

Page 367: ...le below shows the history information Ruijie show rmon history rmon history control table index 1 interface FastEthernet 0 1 bucketsRequested 10 bucketsGranted 10 interval 1800 owner zhangsan stats 1...

Page 368: ...show the statistics show rmon statictics Default N A Command mode Privileged mode Usage guidelines N A Examples The example below shows the statistics Ruijie show rmon statistics ether statistic tabl...

Page 369: ...MON Configuration commands packets128To255Octets 229 packets256To511Octets 3 packets512To1023Octets 0 packets1024To1518Octets 1200 Command Description Related commands rmon collection stats index owne...

Page 370: ...ation information of ntp no ntp Parameter description N A Default Disabled Command mode Global configuration mode Usage guidelines By default the NTP function is disabled However once the NTP server o...

Page 371: ...st for the time of and control the local NTP service but also allow the time synchronization of the local and the peer serve Allow to request for the time of and control the local NTP service only the...

Page 372: ...tches with the order in accordance with the above rules the related requests about the control and query are not supported If you do not configure any access control rules then all accesses are allowe...

Page 373: ...authentication key is configured and specified as the global trusted key enable the authentication mechanism Ruijie config ntp authentication key 6 md5 wooooop Ruijie config ntp trusted key 6 Ruijie...

Page 374: ...keys is 1024 However each server can only support one key Examples The following example configures an authentication key with ID 6 Ruijie config ntp authentication key 6 md5 wooooop Command Descripti...

Page 375: ...e configuration example below disables the function of receiving the NTP message on the interface Ruijie config no ntp disable 3 1 6 ntp master Use this command to configure the local time as the NTP...

Page 376: ...command the time synchronization instability may occur due to the time difference between the devices In addition before using this command if the system has never been synchronized with an external...

Page 377: ...ted communication of the server It requires the server presents identical global encryption key and global trust key to complete the encrypted communication with the server In the same condition for i...

Page 378: ...ete the instant synchronization during the interval of auto sync Examples The following example synchronizes the NTP realtime Ruijie config ntp synchronize Command Description Related commands ntp ser...

Page 379: ...the NTP authentication key Related commands ntp server Specify a NTP server 3 1 10 ntp update calendar Use this command to update the calendar for the NTP client using the synchronization time of the...

Page 380: ...no debug ntp Parameter description N A Default Disabled Command mode Privileged mode Usage guidelines To carry out the NTP function debugging output necessary debugging information to implement the fa...

Page 381: ...Parameter description N A Default N A Command mode Privileged mode Usage guidelines For current operation of the CLI the configuration is realized by executing the every single command As for the con...

Page 382: ...S2600E CLI Reference Guide Chapter 3 NTP Configuration Commands Exa mple s When the user inputs 1 the following information is displayed When the user inputs 2 the following information is displayed...

Page 383: ...ption Related commands view ntp Show the configuration and running status information about ntp modules Platform description Supported by switches only 3 4 Showing Example Commands 3 4 1 ntp help Use...

Page 384: ...er to complete the configuration task The description for the command example greatly increases the accuracy and efficiency of user configuration helping user get a better understanding of the configu...

Page 385: ...r the question mark to display the configuration help with the configuration of the next keyword or parameter and related description However users may not understand the meaning about the description...

Page 386: ...l interface configuration mode Usage guidelines Currently you can enter the question mark to display the configuration help with the configuration of the next keyword or parameter and related descript...

Page 387: ...authentication key help Parameter description N A Default N A Command mode Global configuration mode Usage guidelines Currently you can enter the question mark to display the configuration help with t...

Page 388: ...ration of ntp modules Platform description Supported by switches only 3 5 Showing Main Status Commands 3 5 1 show ntp server Use this command to show the information about the ntp server show ntp help...

Page 389: ...urrently multiple commands are needed to show the related configuration or status information of one function The users do not know to use which command to show the main status information of this fun...

Page 390: ...600E CLI Reference Guide Chapter 3 NTP Configuration Commands Command Description Related commands ntp help Show the typical configuration of ntp modules Platform description Supported by switches onl...

Page 391: ...nd to restore the default value no sntp enable Default configuration Disabled Command mode Global configuration mode Usage guidelines This command shows the parameters of SNTP Examples Ruijie config s...

Page 392: ...conds Default configuration 1800s Command mode Global configuration mode Usage guidelines The show sntp command shows the parameters of SNTP Caution Note that the set interval will not take effect imm...

Page 393: ...escription Parameter description ip address The IP address of the NTP SNTP server Default configuration No NTP SNTP server is configured Command mode Global configuration mode Usage guidelines The sho...

Page 394: ...w sntp SNTP state Enable SNTP server 192 168 4 12 SNTP sync interval 60 Time zone 8 Command Description sntp enable Enable SNTP Related commands show sntp Show the SNTP configuration Platform descript...

Page 395: ...help by other means such as reading related manuals and going to our frontline engineers for help Displaying the typical configurations on the CLI provides the corresponding help information about the...

Page 396: ...e function The users do not know to use which command to show the main status information of this function And several commands are involved for showing various status information that the user want w...

Page 397: ...itor session session_number source interface interface id both rx tx destination interface interface id encapsulation switch mac source mac addr destination mac addr both rx tx acl name no monitor ses...

Page 398: ...sabled ports However the SPAN does not work unless you enable the source and destination ports A port can not be configured as the source port and the destination port at the same time You will remove...

Page 399: ...displayed by default Parameter Description Parameter description session session_number SPAN session number Command mode Privileged mode Usage guidelines N A Examples This example shows how to use sho...

Page 400: ...configuration and deployment of the specific functional module current presentation of the CLI lacks some replicable typical configuration examples therefore users can only obtain the configuration h...

Page 401: ...lp Default configuration N A Parameter Description Parameter description Command mode Global configuration mode Usage guidelines Currently you can enter the question mark to display the configuration...

Page 402: ...ver the interface between Chinese and English Command Description Related commands 5 3 2 monitor session help Use this command to display the example information of the command beginning with the keyw...

Page 403: ...f keywords so they do not know how to continue the configuration in order to complete the configuration task Exa mple s Use the language chinese english command in the privileged mode to switchover th...

Page 404: ...nderstand the meaning about the description of keywords so they do not know how to continue the configuration in order to complete the configuration task Example s Use the language chinese english com...

Page 405: ...d the meaning about the description of keywords so they do not know how to continue the configuration in order to complete the configuration task Example s Use the language chinese english command in...

Page 406: ...iption However users may not understand the meaning about the description of keywords so they do not know how to continue the configuration in order to complete the configuration task Example s Use th...

Page 407: ...mation of one function The users do not know to use which command to show the main status information of this function And several commands are involved for showing various status information that the...

Page 408: ...S2600E CLI Reference Guide Chapter 5 SPAN Configuration Commands...

Page 409: ...an id interface interface name switch Set remote source mirror monitor session session num source interface interface id rx tx both Set mirror reflector port monitor session session num destination re...

Page 410: ...estination switch Ruijie config monitor session 2 remote destination Ruijie config monitor session 2 destination remote vlan 7 interface gigabitEthernet 1 1 switch Command Description Related commands...

Page 411: ...lines For current operation of the CLI the configuration is realized by executing the single command one by one As for the configuration and deployment of the specific functional module current presen...

Page 412: ...S2600E CLI Reference Guide Chapter 6 RSPAN Configuration Commands Input 1 to show the configuration example 1 Input 2 to show the configuration example 2...

Page 413: ...ce Guide Chapter 6 RSPAN Configuration Commands Use the language chinese english command in the privileged mode to switchover the interface between Chinese and English Command Description Related comm...

Page 414: ...ands are needed to show the related configuration or status information of one function The users do not know to use which command to show the main status information of this function And several comm...

Page 415: ...S2600E CLI Reference Guide Chapter 6 RSPAN Configuration Commands Platform description N A...

Page 416: ...Multicast Commands...

Page 417: ...e multica specified by the profile is den Default Command mode Profile configuration mode Usage guidelines First configure the multicast range using the range ect command in the profile configuration...

Page 418: ...rofile must be applied to the specified interface in order to make the profile take effect Examples g a profile numbered onfiguration mode Ruijie config ip igmp profile 1 The following is an example o...

Page 419: ...lly to 100 s g ip igmp snooping dyn mr aging time 100 Set the aging time of the routing interface that the swi Ruijie confi Command Function Related ng Enable IGMP snooping commands ip igmp snoopi 1 1...

Page 420: ...no form of this command is used to le ip igmp snooping filter profile number no ip igmp snooping filter profile number gmp snooping filter To configure a port to receive a specific set of multicast st...

Page 421: ...ast address yet in different VLANs the IGMP snooping function handles only the same group as that in After this mode the multicast address table GDA other multicast frames are forwarded ng example dem...

Page 422: ...mp Filter multicast groups that pass through snooping filter a port 1 1 8 ip i packets outing interface execute the ip bal configuration mode The no mic learning ip igmp snooping mrouter learn pim dvm...

Page 423: ...the source port check function enabled the dynamic routing interface learning function will improve the application flexibility of IGMP snooping Examples The following example demonstrates how to enab...

Page 424: ...igmp snooping The following example associates the profile 100M port 0 1 and associates multicast preview profile 2 onfig if i filter 1 Command Description Related commands Create a profile ip igmp pr...

Page 425: ...all VLANs and disabl nfigurations ip igmp snooping querier no ip igmp snooping querier gmp snooping querier To enable the IGMP querier functio global configuration command e the global co Parameter De...

Page 426: ...f the ry packets que Default No source IP address is specified Co mode Global configuration mode mmand Usage guidelines r the source If the IGMP querier source IP has been specified in VLAN the source...

Page 427: ...p igmp snooping querier max response time num r max respo Parameter Description Parameter description num it second default 10 Maximum response time 1 25 un De ault Default value f Command mode Global...

Page 428: ...ip igmp snooping querier query interval Parameter Description Parameter description num Query interval 1 18000 unit second default 60 seconds Default Default value Command mode Global configuration mo...

Page 429: ...ameter description num Non querier expiration timer 60 300 unit second default 125 seconds Default Default value Command mode Global configuration mode Usage guidelines After globally enabling IGMP qu...

Page 430: ...ration mode Usage guidelines If the IGMP querier version number has been configured in the corresponding VLAN the value specified in VLAN will be used first Examples The following example configures I...

Page 431: ...adjust the waiting time after receiving the query message Examples Set the aging time of the routing interface that the switch learns dynamically to 100s Ruijie config ip igmp snooping query max respo...

Page 432: ...ijie config ip igmp snooping source check port Command Description Related commands Ip igmp snooping source check default server Enable the multicast source IP address check function 1 1 19 ip igmp sn...

Page 433: ...no ip igmp snooping tunnel Parameter Description Parameter description Default IGMP Passthrough is disabled Command mode Global configuration mode Usage guidelines After IGMP Snooping is enabled and d...

Page 434: ...1 and packets from VLAN 1 and VLAN 10 can pass through port A When multicast requests of VLAN 10 are sent to port A IGMP Snooping will create the multicast entry of VLAN 1 and insert the VLAN Tag of V...

Page 435: ...vlan 2 Command Description Related commands ip igmp snooping ivgl Enable the igmp and enter the ivgl mode 1 1 22 ip igmp snooping vlan mrouter interface Routing interface is a port through which a mul...

Page 436: ...ry dvmrp or PIM packets dynamically in order to automatically identify a routing interface execute the ip igmp snooping vlan mrouter learn command in the global configuration mode The no form of this...

Page 437: ...corresponding VLAN ip igmp snooping vlan vid querier no ip igmp snooping vlan vid querier Parameter Description Parameter description vid VLAN ID Default Querier function is disabled Command mode Glob...

Page 438: ...specified Command mode Global configuration mode Usage guidelines After enabling the IGMP querier you also need to configure a source IP address for query packets so that the device can send packets n...

Page 439: ...ing vlan vid querier max response time Parameter Description vid VLAN ID Parameter description num Maximum response time 1 25 unit second default 10 Default Default value Command mode Global configura...

Page 440: ...p igmp snooping vid querier query interval Parameter Description vid VLAN ID Parameter description num Query interval 1 18000 unit second default 60 seconds Default Default value Command mode Global c...

Page 441: ...uerier timer expiry Parameter Description vid VLAN ID Parameter description num Non querier expiration timer 60 300 unit second default 125 seconds Default Default value Command mode Global configurat...

Page 442: ...of this command to restore to the default setting ip igmp snooping vlan vid querier version num no ip igmp snooping vlan vid querier Parameter Description vid VLAN ID Parameter description num IGMP ve...

Page 443: ...ip addr Multicast IP address Parameter description interface id Interface ID Default N A Command mode Global configuration mode Usage guidelines Multiple multicast IP addresses can be configured for...

Page 444: ...ulticast stream 224 2 2 2 Ruijie config ip igmp profile 1 Ruijie config profile range 224 2 2 2 Ruijie config profile permit Command Description ip igmp profile Create a profile Related commands range...

Page 445: ...ge 224 2 2 2 to 224 2 2 244 Ruijie config ip igmp profile 1 Ruijie config profile range 224 2 2 2 224 2 2 244 Command Description ip igmp profile Create a profile deny Deny the forwarding of the multi...

Page 446: ...np packet undebug igmp snp msf undebug igmp snp warning Parameter Description none Show all debug information of IGMP Snooping event Show the debug information of IGMP Snooping event packet Show the d...

Page 447: ...1 0 239 255 255 255 1 2 4 show ip igmp snooping Use this command to show related information of igmp snooping show ip igmp snooping gda table interfaces mdevice statistics vlan vlan id Parameter Desc...

Page 448: ...gda table Abbr M mrouter D dynamic S static VLAN Address Member ports 1 233 3 3 3 Gi0 2 S 2 234 4 4 4 Gi0 11 S 1 233 4 4 4 Ag2 S 1 3 Showing Configuration Example Commands 1 3 1 igmp snooping help Use...

Page 449: ...S2600E P CLI Reference Guide Chapter 1 IGMP Snooping Commands Example3 Example4...

Page 450: ...S2600E P CLI Reference Guide Chapter 1 IGMP Snooping Commands...

Page 451: ...P CLI Reference Guide Chapter 1 IGMP Snooping Commands Note Use the language chinese english command in privileged EXEC mode to switchover the interface between Chinese English Related Command Descri...

Page 452: ...n mode Use this command to show the example information of the command beginning with the keyword ip igmp snooping ip igmp snooping help Parameter Description Parameter description Command mode Global...

Page 453: ...mand beginning with the keyword ip igmp snooping ip igmp snooping help Parameter Description Parameter description Command mode Interface configuration mode Example s Example1 Note Use the language ch...

Page 454: ...ooping Use this command to show the configuration and main status information of the igmp snooping modules view igmp snooping Parameter Description Parameter description Command mode Any mode Example...

Page 455: ...profile mode a profile must be configu is a mode navigation command Yo uration mode v6 mld profile Parameter Description Paramet descriptio er n e number Set the profile numner The valid range is 1 10...

Page 456: ...r can be the multicast a ring a profile rofile configur ange low ipv o range low Parameter Description low ipv6 address The low address within the specified range Parameter pv6 address The high addres...

Page 457: ...uration mode Command Usage figuring this command use the range rst guidelines Before con command to set the multicast range fi Examples ow to prevent the multicast flow profile within the range of FF7...

Page 458: ...rofile 1 Ruijie config profile 1 R ile The following example shows ho flow profile within the range of range FF77 uijie config prof permit Command Description ipv6 mld profile Create one profile range...

Page 459: ...o restore it i ping r aging time no ipv6 mld snooping dyn mr aging ti 6 mld snooping dyn mr aging time set the agin f the dynamic he no form o pv6 mld snoo to the default value time me dyn m Parameter...

Page 460: ...ceiving the MLD general query packets the Layer 2 multicast device updates the aging timer of all member ports The time of the timer is the response value When the timer value decreases to 0 it indica...

Page 461: ...nes By default the mld snooping is enabled in all VLANs You can disable the mld snooping for the specified vlan Examples The following example shows how to disable the mld snooping function in vlan1 R...

Page 462: ...t device Those multicast flow through the non mroute interface are invalid and will be discarded dynamically route interfac snooping flexibility Examples T g example dynamic multicast route port learn...

Page 463: ...ds ipv6 mld snooping source check port Set the multicast source port check 2 1 11 ipv Use this command t membe ive the multicast flow for the purpose of preventing the port from p he ML ooping enabled...

Page 464: ...and to disable this function i ooping eave enable no ipv6 mld snooping fast leave enable mld snoopin fast onfigurat pv6 mld sn fast l Parameter Description Parameter description Default Settings N A m...

Page 465: ...g suppression and only the MLDv1 Report packets are Usage With the IPv6 MLD snooping suppression function only forward the first received MLD Report packet in an IPv6 multicast group to the layer 3 de...

Page 466: ...o flow are illegal and forwarded to the registered member port according to the MLD Snooping forwarding list With the MLD Snooping source port c registered interface by the layer 2 multicast device an...

Page 467: ...xample shows how to associate profile1 rface fastEthernet 0 1 Ruijie config interface fastEthernet 0 1 Examples with the inte Ruijie config if ipv6 mld snooping filter 1 Command Description Related co...

Page 468: ...oping lter multicast group on the interface commands ipv6 mld s Fliter the fi 2 1 17 clear ipv6 mld snooping gda table Use this command to clear the forwarding table information learned dynamically c...

Page 469: ...itch 2 2 Showing Related Commands 2 2 1 show ipv6 mld snooping Use this command to show the related m ing information s snoo able inter vlan id ld snoop how ipv6 mld ping gda t faces mrouter statistic...

Page 470: ...S2600E P CLI Reference Guide Chapter 2 MLD Snooping Commands Default Settings N A Command mode Privileged EXEC mode Usage guidelines Use this command to show the related mld snooping information...

Page 471: ...1 VL1 Gi4 2 0d 0h 0m 7s 2003 1111 Report pkts 1 Leave pkts 0 The following example shows the mrouter interface of the mld snooping using the show ipv6 mld snooping mrouter command Ruijie show ipv6 mld...

Page 472: ...w the configurations of all profiles Parameter description profile number Show the configuration of the specified profile Default Settings N A Command mode Privileged EXEC mode Usage guidelines Use th...

Page 473: ...iguration Related Command se this comm Parameter Description Parameter description Disable Default d Command mode Global configuration mode Usage guidelines N A Examples Ruijie config ip multicast con...

Page 474: ...6 multicast control Ruijie config Command Description Related show ipv6 multicast ol Show the IPv6 controllable multicast users commands contr 3 2 Show ds 3 2 1 show Use this command to show the IPv4...

Page 475: ...ID Interface IpGroup 1 Gi3 1 224 1 1 1 224 1 1 2 2 Gi3 2 224 1 1 1 Command Description Related commands show ipv6 multicast control Show the IPv6 controllable multicast users 3 2 2 show ipv6 multicas...

Page 476: ...le shows the IPv6 controllable multicast users Ruijie show ipv6 multicast control ipv6 multicast control enable ID Interface Ipv6Group 1 Gi3 1 FF02 1 FF00 1 FF02 1 FF00 2 2 Gi3 2 FF02 1 FF00 4 Command...

Page 477: ...Security...

Page 478: ...x default list name Parameter Description default When this parameter is used the following defined 802 1x user authentication method list is used as the default method for user authentication list na...

Page 479: ...the local user database is used for authentication Ruijie config aaa authentication dot1x rds_d1x group radius local Command Description aaa new model Enable the AAA security service dot1x authenticat...

Page 480: ...configure a default or optional method list for Enable authentication The next method can be used for authentication only when the current method does not work The Enable authentication function autom...

Page 481: ...keywords listed in the following table One method list can contain up to four methods Keyword Description local Use the local user name database for authentication none Do not perform authentication...

Page 482: ...nable AAA PPP user authentication and configure the PPP user authentication method list The no form of this command is used to delete the authentication method list aaa authentication ppp default list...

Page 483: ...RADIUS security server does not respond the local user database is used for authentication Ruijie config aaa authentication ppp rds_ppp group radius local Command Description aaa new model Enable the...

Page 484: ...ication method list named list 1 In the authentication method list first the local user database is used for authentication Then apply this method to VTY 0 4 Ruijie config aaa authentication login lis...

Page 485: ...r authorization At present the RADIUS server group is supported Default Disabled Command mode Global configuration mode Usage guidelines RGOS supports authorization of the commands executed by the use...

Page 486: ...commands no aaa authorization config commands Parameter description N A Default Disabled Command mode Global configuration mode Usage guidelines If you only authorize the commands in the non configura...

Page 487: ...ts to identify the users logged in from the console and from other terminals configure whether to authorize the users logged in from the console or not If the command authorization function is disable...

Page 488: ...e of the keywords listed in the following table One method list can contain up to four methods Keyword Description local Use the local user name database for authorization none Do not perform authoriz...

Page 489: ...list name method1 method2 no aaa authorization network default list name Parameter Description default When this parameter is used the following defined method list is used as the default method for...

Page 490: ...server to authorize network services Ruijie config aaa authorization network default group radius Command Description aaa new model Enable the AAA security service aaa accounting Define AAA accountin...

Page 491: ...method list with name cmd authorizes command level 15 uses the TACACS server If the security server does not response it does not perform authorization After configuration the authorization command i...

Page 492: ...If you attempt to apply a undefined method list a warning message will prompt that the exec authorization in this line is ineffective tilll the authorization method list is defined Examples The follow...

Page 493: ...fault When this parameter is used the following defined method list is used as the default method for command accouting list name Name of the command accouting method list which could be any character...

Page 494: ...count users in order to count the network access fees or manage user activities The no form of this command is used to disable the accounting function aaa accounting exec default list name start stop...

Page 495: ...ommand otherwise it is ineffective Examples The following example performs accounting of the network service requests from users using RADIUS and sends the accounting messages at the start and end tim...

Page 496: ...vities by sending record attributes to the security server Use the keyword start stop to set the user accounting option Examples The following example performs accounting of the network service reques...

Page 497: ...update function Ruijie config aaa new model Command Description aaa new model Enable the AAA security service Related commands aaa accounting network Define a network accounting method list 1 3 5 aaa...

Page 498: ...nting update periodic 1 Command Description aaa new model Enable the AAA security service Related commands aaa accounting network Define a network accounting method list 1 3 6 accounting commands Use...

Page 499: ...unts the level 15 command uses the TACACS server If the security server does not response it does not perform accounting After configuration the accounting command is applied to VTY 0 4 lines Ruijie c...

Page 500: ...is line is ineffective till the exec accounting command method list is defined Examples The following example configures the exec accounting method list with name exec 1 uses the RADIUS server If the...

Page 501: ...is command to configure the domain name based AAA service The default is to configure the default domain That is the method list used by the network device if the users are without domain information...

Page 502: ...onfiguration enable this service Examples The following example enables the domain name based AAA service Ruijie config aaa domain enable Command Description aaa new model Enable the AAA security serv...

Page 503: ...A security service enable Switchover the user level Related commands username Define a local user database 1 4 4 accounting network Use this command to configure the Network accounting list The no for...

Page 504: ...how the domain configuration 1 4 5 authentication dot1x Use this command to configure the IEEE802 1x authentication list The no form of this command is used to remove the setting authentication dot1x...

Page 505: ...this command is used to remove the setting authorization network default list name no authorization network Parameter Description default Use this parameter to specify the default method list Paramete...

Page 506: ...Parameter Description default Use this parameter to show the default domain Parameter description domain name Show the specified domain Default N A Command mode Privileged EXEC mode Usage guidelines...

Page 507: ...e configured domain is invalid Parameter description active The configured domain is valid Default Active Command mode Domain configuration mode Usage guidelines Use this command to set whether the sp...

Page 508: ...escription with domain Set the user name with the domain information Default Without domain Command mode Domain configuration mode Usage guidelines Use this command to configure the user name whether...

Page 509: ...ration mode Usage guidelines This command is used to configure the AAA server group Currently the RADIUS and TACACS server groups are supported Examples The following example configures an AAA server...

Page 510: ...ied Examples The following example adds a server to the server group Ruijie config aaa group server radius ss Ruijie config gs radius server 192 168 4 12 acct port 5 authen port 6 Ruijie config gs rad...

Page 511: ...Name ss Group Type radius Referred 2 Server List IP Address 192 168 217 64 Authentication Port 1812 Accounting Port 1813 Referred 1 Command Description Related commands aaa group server Configure the...

Page 512: ...figuration parameter of current login 1 6 2 aaa local authentication lockout time Use this command to configure the length of lockout time when the login user has attempted for more than the limited t...

Page 513: ...le the AAA security service aaa new model no aaa new model Parameter description N A Default Disabled Command mode Global configuration mode Usage guidelines Use this command to enable AAA If AAA is n...

Page 514: ...d to clear all the user lists or the specified user list Examples Ruijie config clear aaa local user lockout all Command Description show running config Show the current configuration of the switch Re...

Page 515: ...radius aaa authentication ppp default group radius aaa authentication dot1x default group radius aaa authentication dot1x san f local group angel group rain none aaa authentication enable default gro...

Page 516: ...time is Examples Ruijie show aaa user lockout all Command Description show running config Show the current configuration of the switch Related commands show aaa lockout Show the lockout configuration...

Page 517: ...e CLI lacks some replicable typical configuration examples therefore users can only obtain the configuration help by other means such as reading related manuals and going to our frontline engineers fo...

Page 518: ...cription Related commands view aaa Show the main status and configuration information of aaa modules Platform description Supported by switch products only 1 8 Showing Example Commands 1 8 1 aaa help...

Page 519: ...t understand the meaning about the description of keywords so they do not know how to continue the configuration in order to complete the configuration task Exam ples Without the AAA command enabled W...

Page 520: ...Default N A Command mode Global configuration mode Usage guidelines Currently you can enter the question mark to display the configuration help with the configuration of the next keyword or parameter...

Page 521: ...ommand beginning with the keyword aaa authorization aaa authorization help Parameter Description Parameter description Default N A Command mode Global configuration mode Usage guidelines Currently you...

Page 522: ...nfiguration information of aaa modules Platform description Supported by switch products only 1 8 4 aaa accounting help Use this command to display the example information of the command beginning wit...

Page 523: ...es Use the language chinese english command in the global configuration mode to switchover the interface between Chinese English Command Description Related commands view aaa Show the main status and...

Page 524: ...n of keywords so they do not know how to continue the configuration in order to complete the configuration task Examples Use the language chinese english command in the global configuration mode to sw...

Page 525: ...o use which command to show the main status information of this function And several commands are involved for showing various status information that the user want which is not convenient for users U...

Page 526: ...S2600E CLI Reference Guide Chapter 1 AAA Configuration Commands Platform description Supported by switch products only...

Page 527: ...ource IP address of the RADIUS packet belongs to Default The source IP address of the RADIUS packet is set by the network layer Command mode Global configuration mode Usage guidelines In order to redu...

Page 528: ...format ietf normal unformatted no radius server attribute 31 mac format Parameter Description ietf The standard format specified by the IETF RFC3580 is used as the seperator for example 00 D0 F8 33 22...

Page 529: ...umber test username name idle time time ignore auth port ignore acct port no radius server host ipv4 address ipv6 address Parameter Description hostname DNS name of the RADIUS security server host ip...

Page 530: ...rder to implement the AAA security service using RADIUS you must define a RADIUS security server You can define one or more RADIUS security servers using the radius server host command Examples The fo...

Page 531: ...us server key Parameter Description text string Text of the shared password Parameter description 0 7 Password encryption type 0 no encryption 7 Simply encrypted Default No shared password is specifie...

Page 532: ...umber of retransmissions Default The default number of retransmissions is 3 Command mode Global configuration mode Usage guidelines AAA uses the next method to authenticate users only when the current...

Page 533: ...change the timeout of packet retransmission Examples The following example sets the timeout to 10 seconds Ruijie config radius server timeout 10 Command Description radius server host Define the RADIU...

Page 534: ...able The value is in the range of 1 to 100 Default time seconds 60s tries number 10 Command mode Global configuration mode Usage guidelines If a Radius server meets the timeout and timeout times at th...

Page 535: ...that is the device keeps sending requests to the unreachable Radius server Command mode Global configuration mode Usage guidelines If active Radius server detection is enabled on the device the time p...

Page 536: ...attributes in Ruijie is recognized id Function Type 1 max down rate 1 2 qos 2 3 user ip 3 4 vlan id 4 5 version to client 5 6 net ip 6 7 user name 7 8 password 8 9 file directory 9 10 file count 10 11...

Page 537: ...17 version to server 17 18 flux max high32 18 19 flux max low32 19 20 proxy avoid 20 21 dailup avoid 21 22 ip privilege 22 23 login privilege 42 24 limit to user number 50 Command mode Global configu...

Page 538: ...mode Global configuration mode Usage guidelines Set the qos value sent by the RADIUS server as the cos value and the dscp value by default Examples The following example sets the qos value sent by th...

Page 539: ...IDs of private vendors Ruijie config radius vendor specific extend Command Description radius attribute Configure vendor type Related commands radius set qos cos Set the qos value sent by the RADIUS...

Page 540: ...IP 192 168 4 12 Accounting Port 23 Authen Port 77 Test Username viven Test Idle Time 10 Minutes Test Ports Authen Server State Active Current duration 765s previous duration 0s Dead total time 0s coun...

Page 541: ...et retransmissions radius server key Define a shared password for the RADIUS server Related commands radius server timeout Define the packet transmission timeout 2 2 3 show radius parameter Use this c...

Page 542: ...ommands radius server timeout Define the packet transmission timeout 2 2 4 show radius vendor specific Use this command to show the configuration of the private vendors show radius vendor specific Par...

Page 543: ...gh32 18 19 flux max low32 19 20 proxy avoid 20 21 dialup avoid 21 22 ip privilege 22 23 login privilege 42 26 ipv6 multicast addre 79 ss 27 ipv4 multicast addre 87 ss Command Description radius server...

Page 544: ...Parameter description group_name TACACS server group name Default Configuration No TACACS server group is configured Command mode Global configuration mode Usage guidelines By dividing TACACS servers...

Page 545: ...oup server Default Configuration N A Command mode TACACS group server configuration mode Usage guidelines You must enter TACACS server group configuration mode to configure this command To configure s...

Page 546: ...ss interface of TACACS packet Default Configuration The source address of TACACS packet is set on network layer Command mode Global configuration mode Usage guidelines To decrease the work of maintain...

Page 547: ...st ipv6 address IPv6 address of TACACS server host port integer TCP port used in TACACS communication timeout integer Timeout time of TACACS host Parameter description key string Shared keyword of TAC...

Page 548: ...ription 0 7 Encryption type of password 0 indicates no encryption 7 indicates being simply encrypted Default Configuration No specified shared password Command mode Global configuration mode Usage gui...

Page 549: ...erver tacacs server timeout seconds no tacacs server timeout Parameter Description Parameter description seconds Timeout time s in the range 1 to 1000s Default Configuration 5s Command mode Global con...

Page 550: ...ed Command 3 2 1 debug tacacs Use this command to turn on the TACACS debugging switch The no form of this command turns off the TACACS debugging switch debug tacacs no debug tacacs Parameter descripti...

Page 551: ...to show the interoperation condition with each TACACS server Examples Ruijie show tacacs Tacacs Server 172 19 192 80 49 Socket Opens 0 Socket Closes 0 Total Packets Sent 0 Total Packets Recv 0 Refere...

Page 552: ...dot1x auto req Default Enabled Command mode Global configuration mode Usage guidelines This command is used to actively initiate 802 1x authentication on the device Use the show dot1x auto req comman...

Page 553: ...of authentication request messages that the device sends automatically Default num 0 namely the packets are sent continuously Command mode Global configuration mode Usage guidelines Use the show dot1...

Page 554: ...e Usage guidelines Use the show dot1x auto req command to view the setting of this function Examples The following example sets the time interval of sending authentication request message to 60s Ruiji...

Page 555: ...ig dot1x auto req user detect Ruijie config end Ruijie show dot1x auto req Auto Req Enabled User Detect Enabled Packet Num 0 Req Interval 60 Second Command Description Related commands show dot1x auto...

Page 556: ...1000s Ruijie configure terminal Ruijie config dot1x timeout quiet period 1000 Ruijie config end Ruijie show dot1x 802 1X Status Enabled Authentication mode EAP MD5 Authed User Number 0 Re authen Enab...

Page 557: ...ples The following example sets the period of re authentication to 1000s Ruijie configure terminal Ruijie config dot1x timeout re authperiod 1000 Ruijie config end Ruijie show dot1x 802 1X Status Enab...

Page 558: ...seconds Command mode Global configuration mode Usage guidelines Use show dot1x command to show 802 1X configuration Examples The following example sets the authentication timeout of the authenticatio...

Page 559: ...ce and the supplicant The range is from 0 to 65535 seconds Default 3 seconds Command mode Global configuration mode Usage guidelines Use show dot1x command to show 802 1X configuration Examples The fo...

Page 560: ...od seconds no dot1x timeout tx period Parameter Description Parameter description seconds Period of retransmission The range is from 0 to 65535 seconds Default 3 seconds Command mode Global configurat...

Page 561: ...after they are authenticated and get online Use this command to allow users to change usernames Use the no form of this command to restore the default setting dot1x multi account enable no dot1x mult...

Page 562: ...sage guidelines This command will reauthenticate the supplicant periodically after he passes the authentication Use show dot1x command to show 802 1X configuration Examples The following example enabl...

Page 563: ...lt The default value is 3 Command mode Global configuration mode Usage guidelines Use this command to specify the maximum number of supplicant reauthentications Use show dot1x command to show 802 1X c...

Page 564: ...erval Interval of sending the Hello message alive Alive interval Parameter description interval Timer value Default The default Hello interval is 20 seconds Default user alive interval is 250 seconds...

Page 565: ...ble the online probe function of the client Examples Enable the online probe function of the client Ruijie configure terminal Ruijie config dot1x client probe enable Ruijie config end Ruijie show dot1...

Page 566: ...ame of the default authentication method list Parameter description list name Name of the method list available Default If AAA is enabled the AAA service is used for login authentication by default Co...

Page 567: ...ace Parameter Description mac addr Physical IP address that can be authenticated Parameter description interface Interface number Default N A Command mode Global configuration mode Usage guidelines On...

Page 568: ...mode Global configuration mode Usage guidelines Use show dot1x command to show the configurations Examples The following example demonstrates how to set the maximum attempt times of entering the fail...

Page 569: ...if dot1x auth fail vlan 2 Ruijie config end Ruijie write Command Description Related commands show dot1x interface Show the 802 1x configurations on the interface 4 5 5 dot1x auth mode Use this comman...

Page 570: ...er Description Parameter description Default Disabled Command mode Interface configuration mode Usage guidelines With the IAB function enabled on the port if there is only RADIUS authentication method...

Page 571: ...uijie config interface fa 0 10 Ruijie config if dot1x port control auto Ruijie config if dot1x critical Ruijie config if end Command Description Related commands 4 5 7 dot1x critical recovery action r...

Page 572: ...escription 4 5 8 dot1x critical vlan Use this command to configure the port in IAB status to jump to the specified fail vlan Use the no form of this command to disable this function dot1x critical vla...

Page 573: ...Related commands 4 5 9 dot1x default Use this command to restore part of 802 1x parameters to the default value dot1x default Parameter description N A Default N A Command mode Global configuration m...

Page 574: ...mic vlan command to show the 802 1X configuration Examples The following example enables dynamic VLAN Ruijie configure terminal Ruijie config interface gigabitEthernet 4 5 Ruijie config if dot1x dynam...

Page 575: ...dd the port to a VLAN manually 3 Execute show running config to view 802 1x configuration Examples The following example sets 802 1x guest vlan jumping Ruijie configure terminal Ruijie config interfac...

Page 576: ...ation about 802 1x 4 5 13 dot1x mac auth bypass Use this command to set the 802 1x MAC bypass authentication dot1x mac auth bypass no dot1x mac auth bypass Parameter description N A Default The 802 1x...

Page 577: ...Parameter Description Parameter description value The online time in seconds The valid range is 1 65535 Default No default value Command mode Interface configuration mode Usage guidelines Use the sho...

Page 578: ...es The following example sets the 802 1x MAC bypass authentication violation Ruijie configure terminal Ruijie config interface fa0 1 Ruijie config dot1x mac auth bypass violation Ruijie config end Rui...

Page 579: ...mmands show dot1x Show the configuration about 802 1x 4 5 17 dot1x max req During interaction between the dot1x and the server the dot1x will send a request to the server again if it does not receive...

Page 580: ...this command to support the private supplicant in the global configuration mode The no form of this command restores it to the default value dot1x private supplicant only no dot1x private supplicant...

Page 581: ...t to the default value dot1x port control auto no dot1x port control Parameter description N A Default By default the port does not participate in 802 1x authentication Command mode Interface configur...

Page 582: ...based single host no dot1x port control mode Parameter Description mac based Enable the MAC address based control port based Enable port based control Parameter description single host Enable singleho...

Page 583: ...ig if end Ruijie Command Description show dot1x port control Show the port control mode Related commands Show running config Show the configuration 4 5 21 dot1x stationarity enable In the port based 8...

Page 584: ...uthentication success failure for the terminal user if the browser is used to access the network the switch will redirect the URL accessed by the user to the configured URL which is began with http ta...

Page 585: ...ion information 4 5 23 dot1x redirect for special tcp destination port Use this command to set the specific destination port and redirect the web request for the destiantion IP Excepting for the port...

Page 586: ...ation 4 5 24 dot1x redirect time out Use this command to set the timeout time maintaining the redirect connection Use the no form of this command to restore to the default value dot1x redirect time ou...

Page 587: ...onnection of the same source Use the no form of this command to restore to the default value dot1x redirect num for special source ip num no dot1x redirect num for special source ip Parameter Descript...

Page 588: ...x Parameter description N A Default N A Command mode Privileged mode Usage guidelines N A Examples The following example shows the information about 802 1x Ruijie show dot1x 802 1X Status Enabled Auth...

Page 589: ...fore reauthentication dot1x timeout re authperiod Set the re authentication period for the supplicant dot1x timeout server timeout Set the authentication timeout between the device and authentication...

Page 590: ...t1x port control auto Set the port to participate in authentication dot1x reauth max Set the maximum number of the supplicant re authentications dot1x re authentication Set the re authentication attri...

Page 591: ...Req Disabled User Detect Enabled Packet Num 0 Req Interval 30 Seconds Ruijie Command Description dot1x auth mode Set the 802 1x authentication mode dot1x max req Set the maximum number of authenticat...

Page 592: ...rmation about the private supplicant show dot1x private supplicant only Parameter description N A Default N A Command mode Privileged mode Usage guidelines N A Examples The following example shows the...

Page 593: ...n the device and authentication server dot1x timeout supp timeout Set the authentication timeout between the device and the supplicant dot1x timeout tx period Set the retransmission period 4 6 5 show...

Page 594: ...waits before reauthentication dot1x timeout re authperiod Set the re authentication period for the supplicant dot1x timeout server timeout Set the authentication timeout between the device and authen...

Page 595: ...authentication dot1x reauth max Set the maximum number of the supplicant re authentications dot1x re authentication Set the re authentication attribute dot1x timeout quiet period Set the time the devi...

Page 596: ...entication request retransmissions dot1x port control auto Set the port to participate in authentication dot1x reauth max Set the maximum number of the supplicant re authentications dot1x re authentic...

Page 597: ...shows the information about reauthentication Ruijie show dot1x re authentication eauth enabled disabled Ruijie Command Description dot1x auth mode Set the authentication mode dot1x max req Set the ma...

Page 598: ...od 4 6 9 show dot1x reauth max Use this command to show the maximum number of re authentications show dot1x reauth max Parameter description N A Default N A Command mode Privileged mode Usage guidelin...

Page 599: ...the authentication timeout between the device and authentication server dot1x timeout supp timeout Set the authentication timeout between the device and the supplicant dot1x timeout tx period Set the...

Page 600: ...hentication Set the re authentication attribute dot1x timeout quiet period Set the time the device waits before reauthentication dot1x timeout re authperiod Set the re authentication period for the su...

Page 601: ...S on this port is 5 Up bandwidth is 1024 kbps Down bandwidth is 1024 kbps Authorization vlan is dep7 Authorization seesion time is 1000000 seconds Authorization ip address is 192 168 217 64 Start acco...

Page 602: ...eout between the device and the supplicant dot1x timeout tx period Set the retransmission period 4 6 12 show dot1x timeout The commands show the information about the 802 1X timeout show dot1x timeout...

Page 603: ...x timeout quiet period Set the time the device waits before reauthentication dot1x timeout re authperiod Set the re authentication period for the supplicant dot1x timeout server timeout Set the authen...

Page 604: ...odule current CLI presentation lacks some replicable typical configuration examples therefore users can only ask for the configuration help by other means such as reading related manuals and going to...

Page 605: ...1 dot1x help Use this command to show the example information of the command beginning with the keyword dot1x dot1x help Parameter description N A Default N A Command mode Global interface configurait...

Page 606: ...In the interface configuration mode Note 1 Use the language chinese english command in the global configuration mode to switchover the Chinese English interface Command Description Related commands vi...

Page 607: ...iguration mode Usage guidelines Currently you can enter the question mark to display the configuration help with the configuration of the next keyword or parameter and related description However user...

Page 608: ...inning with the keyword dot1x timeout dot1x timeout help Parameter description N A Default N A Command mode Global configuration mode Usage guidelines Currently you can enter the question mark to disp...

Page 609: ...to switchover the Chinese English interface Command Description Related commands view dot1x Show the main state and configuration information of dot1x modules 4 8 4 dot1x reauth max help Use this comm...

Page 610: ...t know how to continue the configuration in order to complete the configuration task Examples Note 1 Use the language chinese english command in the global configuration mode to switchover the Chinese...

Page 611: ...w how to continue the configuration in order to complete the configuration task Examples Note 1 Use the language chinese english command in the global configuration mode to switchover the Chinese Engl...

Page 612: ...on of keywords so they do not know how to continue the configuration in order to complete the configuration task Examples Note 1 Use the language chinese english command in the global configuration mo...

Page 613: ...bout the description of keywords so they do not know how to continue the configuration in order to complete the configuration task Examples Note 1 Use the language chinese english command in the globa...

Page 614: ...ing about the description of keywords so they do not know how to continue the configuration in order to complete the configuration task Examples Note 1 Use the language chinese english command in the...

Page 615: ...ot understand the meaning about the description of keywords so they do not know how to continue the configuration in order to complete the configuration task Examples Note 1 Use the language chinese e...

Page 616: ...t understand the meaning about the description of keywords so they do not know how to continue the configuration in order to complete the configuration task Examples Note 1 Use the language chinese en...

Page 617: ...tand the meaning about the description of keywords so they do not know how to continue the configuration in order to complete the configuration task Examples Note 1 Use the language chinese english co...

Page 618: ...ation and status information respectively and several commands are needed for showing various status information that the user want which is not convenient for users Users want to see various main sta...

Page 619: ...I Reference Guide Chapter 4 802 1X Configuration Commands Command Description Related commands dot1x help Show the typical configuration or example information of dot1x function 4 10 Showing default p...

Page 620: ...cial access of the HTTP redirection http redirect ip address ipv6 address no http redirect ip address ipv6 address Parameter Description ip address IPv4 address for special access of the HTTP redirect...

Page 621: ...iption show http redirect View the HTTP redirection configuration Related Commands http redirect homepage Set the address of the authentication homepage Platform Description None 5 1 2 http redirect d...

Page 622: ...and Mode Global configuration mode Use Guide When Web authentication is enabled all users must pass Web authentication to access network resources This command is used to make certain network resource...

Page 623: ...Description classifier id ID of the HTTP redirection classifier It is in the range of 1 to 255 Default Configuration The address of the authentication homepage is not configured Command Mode Global co...

Page 624: ...ation will fail A homepage address includes up to 255 characters Default Configuration The address of the authentication homepage is not configured Command Mode Global configuration mode Use Guide To...

Page 625: ...uide When you access the network resource you send HTTP packets The access device can intercept such HTTP packets to detect your access If the access device detects that an unauthenticated user is acc...

Page 626: ...d user http redirect session limit session num port port session num no http redirect session limit Parameter Description session num Total number of HTTP sessions that can be originated by an unauthe...

Page 627: ...ommands number of HTTP sessions by unauthenticated users must be limited on the access device In addition to authentication other programs may also occupy HTTP sessions Therefore it is not recommended...

Page 628: ...maintenance The no form of this command is used to reset the timeout to 3 seconds http redirect timeout seconds no http redirect timeout Parameter Description Parameter Description seconds Set the tim...

Page 629: ...his command is used to set VLAN based Web authentication function and the authenticated VLAN list The no form of this command is used to cancel the setting web auth allow vlan list no web auth allow v...

Page 630: ...d to set the IP address free of authentication The no form of this command is used to cancel the IP address free of authentication web auth direct host ipv6 address ipv6 prefix prefix length ip addres...

Page 631: ...on optional It is necessary for IPv4 addresses only Default Configuration No user is free of authentication All users must pass the Web authentication to access the restricted network resources Comman...

Page 632: ...eck whether a user is offline based on the user s traffic The no form of this command is used to disable user s online status check based on traffic web auth offline detect mode flow no web auth offli...

Page 633: ...nsiders that the user is offline 3 User traffic based check The user s traffic does not increase in 15 min the user is considered offline Methods 1 and 2 are mandatory method 3 is optional By default...

Page 634: ...is used to disable Web authentication on a port web auth port control ip only mode no web auth port control Parameter Description Parameter Description ip only mode By default when a user passes Web...

Page 635: ...Interface configuration mode Use Guide To use the Web function the address of the authentication homepage must be configured Configuration Example Example 1 Enable Web authentication on port FastEthe...

Page 636: ...thentication server Platform Description None 5 1 12 web auth portal key This command is used to set the communication key between the access device and the authentication server The no form of this c...

Page 637: ...se the Web authentication function the communication key between the access device and the authentication server must be set Configuration Example Example 1 Set the communication key between the acces...

Page 638: ...s updated The no form of this command is used to reset the interval at which the online user information is updated to 60s web auth update interval seconds no web auth update interval Parameter Descri...

Page 639: ...tion is updated to 30s Ruijie config web auth update interval 30 Command Description Related Commands Platform Description None 5 2 Showing Related Commands 5 2 1 show http redirect This command is us...

Page 640: ...55 On 61 233 3 220 255 255 255 255 Off 192 168 5 140 255 255 255 255 Off 218 30 66 101 255 255 0 0 Off 218 30 66 101 255 255 255 255 Off Direct hosts Address Mask Port ARP Binding 192 168 1 1 255 255...

Page 641: ...t is bound with the user s IP address ARP Binding Enable Disable ARP binding Command Description http redirect Set the IP address of the authentication server http redirect direct site Set the network...

Page 642: ...Privileged mode Use Guide None Configuration Example Example 1 View the VLAN list supporting VLAN based Web authentication Ruijie show web auth allow vlan Allow vlan list 1 3 5 Command Description Rel...

Page 643: ...web auth direct host Direct hosts Address Mask Port ARP Binding 192 168 0 1 255 255 255 255 Fa0 2 On 192 168 4 11 255 255 255 255 Fa0 10 On 192 168 5 0 255 255 255 0 Fa0 16 Off Field Description Addre...

Page 644: ...ommand is used to display the authentication configuration and statistics of an interface show web auth port control Parameter Description Parameter Description Default Configuration None Command Mode...

Page 645: ...S2600E CLI Reference Guide Chapter 5 Web Authentication Configuration Commands Field Description Port Physical port of the access device Control Enable Disable Web authentication on the port...

Page 646: ...00E CLI Reference Guide Chapter 5 Web Authentication Configuration Commands Command Description Related Commands web auth port control Enable the Web authentication on the port Platform Description No...

Page 647: ...ser Parameter Description ipv6 address IPv6 address of the user Default Configuration None Command Mode Privileged mode Use Guide None Configuration Example Example 1 Display the global Web authentica...

Page 648: ...Port Access device port connected to the user Online Whether the user is online Time Limit Available duration of the user 0 means unlimited Time Used Online duration of the user Time Start Time when t...

Page 649: ...he CLI the configuration is realized by executing the every single command As for the configuration and deployment of a specific functional module current CLI presentation lacks some replicable typica...

Page 650: ...ence Guide Chapter 5 Web Authentication Configuration Commands Configuration Example Note use the language Chinese English command to switchover the interface between Chinese and English in global con...

Page 651: ...e information of the command beginning with the keyword web auth web auth help Parameter Description Parameter Description Default Configuration None Command Mode Global configuration mode Use Guide C...

Page 652: ...ence Guide Chapter 5 Web Authentication Configuration Commands Configuration Example Note use the language Chinese English command to switchover the interface between Chinese and English in global con...

Page 653: ...mand beginning with the keyword http redirect http redirect help Parameter Description Parameter Description Default Configuration None Command Mode Global configuration mode Use Guide Currently you c...

Page 654: ...ence Guide Chapter 5 Web Authentication Configuration Commands Configuration Example Note use the language Chinese English command to switchover the interface between Chinese and English in global con...

Page 655: ...r Description Parameter Description Default Configuration None Command Mode Any mode Use Guide Currently multiple commands are needed to show the related configuration or status information of one fun...

Page 656: ...S2600E CLI Reference Guide Chapter 5 Web Authentication Configuration Commands Configuration Example...

Page 657: ...m Description None 5 6 Showing Default Parameters Configuration 5 7 Showing Prompt for Feedback 1 If the trusted port of DHCP snooping has been enabled on the device port the following prompt should b...

Page 658: ...Guide Chapter 5 Web Authentication Configuration Commands 3 If the exceptional port binding has been configured globally on the device port the following prompt should be shown when enabling the web a...

Page 659: ...address bind enable no security address bind enable Default N A Command mode Interface configuration mode support L2 switch port excluding AP and AP member port Usage guidelines It is worth mentionin...

Page 660: ...and the server If you choose v3 use the snmp server command to set the v3 username For the detailed information please refer to SNMP command reference Examples The following example shows how to set t...

Page 661: ...the no form of this command to disable the function security gsn enable no security gsn enable Parameter description N A Default Disabled Command mode Global configuration mode Usage guidelines Use th...

Page 662: ...the snmp server configuration 6 2 Showing and Monitoring Commands 6 2 1 show security event interval Use this command to show the minimum interval of security event show security event interval Comma...

Page 663: ...e Usage guidelines For current operation of the CLI the configuration is realized by executing the every single command As for the configuration and deployment of a specific functional module current...

Page 664: ...on Commands Example s Use the language chinese english command in the global configuration mode to switchover the Chinese English interface Command Description Related commands view gsn Show the main...

Page 665: ...interface configuration mode Usage guidelines Currently you can enter the question mark to display the configuration help with the configuration of the next keyword or parameter and related descripti...

Page 666: ...ew gsn Use this command to show the main status and configuration information of gsn modules view gsn Default N A Command mode Any mode Usage guidelines Currently multiple commands are needed to show...

Page 667: ...owing the information combining the related configuration with running status information is necessary Example s More information refer to show gsn address bind Command Description Related commands gs...

Page 668: ...storm control broadcast multicast unicast level percent pps packets rate bps Parameter Description broadcast Enable the broadcast storm suppression function multicast Enable the unknown unicast storm...

Page 669: ...nt types of packets till data streams are recovered to the normal state then packets will be forwarded normally Use show storm control to display configuration Examples The following example enables t...

Page 670: ...port security Use this command to configure port security and the way to deal with violation Use the no form of the command to disable the port security or restore it to the default switchport port s...

Page 671: ...et 1 1 Ruijie config if switchport port security Ruijie config if switchport port security violation shutdown Command Description Related commands show port security Show port security settings 7 1 4...

Page 672: ...elated commands show port security Show port security settings 7 1 5 switchport port security binding Use this command to configure secure address binding manually in the interface configuration mode...

Page 673: ...ion show port security Show port security settings switchport port security Enable the port security switchport port security binding interface Configure the secure address binding in the privileged m...

Page 674: ...configuration N A Command mode Privileged mode Usage guidelines N A Examples 1 This example shows how to bind the IP address 192 168 1 100 on the interface g 0 10 Ruijie config switchport port securit...

Page 675: ...port security mac address mac address vlan vlan id Parameter Description mac address Static secure MAC address Parameter description vlan id Vlan ID of the MAC address Note the configuration of vlan i...

Page 676: ...cure address in the privileged mode Use the no form of the command to remove the configuration no switchport port security interface interface id mac address mac address vlan vlan id Parameter Descrip...

Page 677: ...configure manually the Sticky MAC secure address in the interface configuration mode Use the no form of the command to remove the configuration no switchport port security mac address sticky mac addr...

Page 678: ...hport port security Enable the port security switchport port security binding Configure the secure address binding switchport port security mac address interface Set the static secure address in the p...

Page 679: ...g if switchport port security maximum 2 Command Description show port security Show port security settings switchport port security Enable the port security switchport port security binding Configure...

Page 680: ...et the limited number of the port IP address as 100 Ruijie config inter f 0 1 Ruijie config if nac author user maximum 100 Command Description Related commands show nac author user Show the limited an...

Page 681: ...ddress Show all the secure addresses or the secure address on the specified interface Interface interface id Show the port security configuration of the specified interface Parameter description all S...

Page 682: ...pression information show storm control interface id Parameter Description Parameter description interface id Interface on which the storm suppression is enabled Default configuration All information...

Page 683: ...al module current CLI presentation lacks some replicable typical configuration examples therefore users can only ask for the configuration help by other means such as reading related manuals and going...

Page 684: ...mode Usage guidelines For current operation of the CLI the configuration is realized by executing the every single command As for the configuration and deployment of a specific functional module curr...

Page 685: ...Chinese English interface Command Description Related commands view storm control Show the main status or configuration information of storm control modules 7 3 3 port security help Use this command t...

Page 686: ...ading related manuals and going to our frontline engineers for help Displaying the typical configurations of each security module on the CLI provides the corresponding help about the quick basic deplo...

Page 687: ...al module current CLI presentation lacks some replicable typical configuration examples therefore users can only ask for the configuration help by other means such as reading related manuals and going...

Page 688: ...ion Parameter description Default configuration N A Command mode Any mode Usage guidelines Currently multiple commands are needed to show the related configuration or status information of one functio...

Page 689: ...es Currently multiple commands are needed to show the related configuration or status information of one function The users do not know to use which command to show the main status information of this...

Page 690: ...n of one function The users do not know to use which command to show the main status information of this function And several commands are involved for showing various status information that the user...

Page 691: ...the related configuration or status information of one function The users do not know to use which command to show the main status information of this function And several commands are involved for sh...

Page 692: ...nning with the keyword storm control storm control help Parameter Description Parameter description Default configuration N A Command mode Interface configuration mode Usage guidelines Currently you c...

Page 693: ...rface Command Description Related commands view storm control Show the main status or configuration information of storm control modules 7 5 2 switchport help Use this command to show the example info...

Page 694: ...the configuration in order to complete the configuration task Examples Use the language chinese english command in the global configuration mode to switchover the Chinese English interface Command Des...

Page 695: ...ly you can enter the question mark to display the configuration help with the configuration of the next keyword or parameter and related description However users may not understand the meaning about...

Page 696: ...l configuration mode Interface configuration mode Use the language chinese english command in the global configuration mode to switchover the Chinese English interface Command Description Related comm...

Page 697: ...rp pim ttl1 unknown ipmc dvmrp pps pps_value Parameter Description Parameter description pps_value Packets per second Default The default bandwidth that the CPU uses to receive various types of packet...

Page 698: ...us types of packets Command mode Global configuration mode Examples The following example sets the priority of the BPDU packets as 7 Ruijie config cpu protect type bpdu pri 7 Set packet type bpdu pri...

Page 699: ...0 0 0 vrrp 0 0 0 unknown ipmc 0 0 0 ttl1 0 0 0 Command Description Related commands show cpu protect slot slot num Show the statistics of the CPU protection on the specified line card 8 2 2 show cpu p...

Page 700: ...tion on the management board 8 2 3 show cpu protect type Use this command to show the statistics of the specified type of packets show cpu protect type arp bpdu dhcp ipv6mc igmp rip ospf vrrp pim ttl1...

Page 701: ...vileged mode Usage guidelines For current operation of the CLI the configuration is realized by executing the every single command As for the configuration and deployment of a specific functional modu...

Page 702: ...and cpp help Command mode Privileged mode Usage guidelines For current operation of the CLI the configuration is realized by executing the every single command As for the configuration and deployment...

Page 703: ...4 1 cpu protect help global configuration mode Use this command to show the example information of the command beginning with keyword cpu protect cpu protect help Command mode Global configuration mo...

Page 704: ...s and configuration information of cpp modules view cpu protect Command mode Any mode Usage guidelines Currently multiple commands are needed to show the related configuration or status information of...

Page 705: ...CLI Reference Guide Chapter 8 CPU Protection Configuration Commands Examples Command Description Related commands cpu protect help Show the typical configuration of cpp modules 8 6 Showing Default Par...

Page 706: ...disable this function ip deny invalid l4port no ip deny invalid l4port Parameter Description Parameter description Default Settings Disabled Command mode Global configuration mode Usage guidelines N...

Page 707: ...t Settings Disabled Command mode Global configuration mode Usage guidelines N A Examples The following example shows how to enable the anti attack of the invalid TCP packets Ruijie config ip deny inva...

Page 708: ...e following example shows how to disable the anti land attack Ruijie config no ip deny land Command Description Related commands show ip deny land Show the anti land attack state 9 1 4 ip deny spoofin...

Page 709: ...Ruijie config if vlan no ip deny spoofing source The following example shows how to enable the ingress filtering on the routed port Fa 0 5 Ruijie config int Fa 0 5 Ruijie config if FastEthernet ip den...

Page 710: ...invalid tcp Use this command to show the state of the anti attack of the invalid TCP packets show ip deny invalid tcp Parameter Description Parameter description Default Settings N A Command mode Priv...

Page 711: ...leged EXEC mode Usage guidelines N A Examples Ruijie show ip deny land DoS Protection Mode State protect against land attack On Command Description Related commands no ip deny land Enable Disable the...

Page 712: ...ly ask for the configuration help by other means such as reading related manuals and going to our frontline engineers for help Displaying the typical configurations of each security module on the CLI...

Page 713: ...de Usage guidelines Currently multiple commands are needed to show the related configuration or status information of one function The users do not know to use which command to show the main status in...

Page 714: ...CLI Reference Guide Chapter 9 DoS Protection Configuration Commands Command Description Related commands dos protect help Show the typical configuration of anti DOS attack modules Platform descriptio...

Page 715: ...N A Default Disabled Command mode Global configuration mode Usage guidelines Enable the DHCP snooping function on the switch You can use the show ip dhcp snooping command to view whether the DHCP sno...

Page 716: ...the specific VLAN The no form of this command will disable the DHCP snooping function for the corresponding VLAN no ip dhcp snooping vlan vlan rng vlan min vlan max Parameter Description vlan rng VLA...

Page 717: ...e guidelines By default the DHCP Snooping only forwards Bootp packets With this function enabled it can snoop Bootp packets After the Boop client requests an address successfully the DHCP Snooping add...

Page 718: ...ode Usage guidelines Use this command to enable checking the validity of the source MAC address of the DHCP request message Once the function is enabled the system will discard the DHCP request messag...

Page 719: ...rmat The option82 uses the standard format Default configuration Disabled Command mode Global configuration mode Usage guidelines This command adds option82 to the DHCP request message based on which...

Page 720: ...option82 s remote id extension format is customized character string Parameter description hostname The content of the option82 s remote id extension format hostname Default Disabled Command mode Glo...

Page 721: ...sage guidelines This function can avoid loss of user information after restart In that case users need to obtain IP addresses again for normal communication Examples The following is an example of set...

Page 722: ...ic user information of the DHCP binding database into flash in real time Examples The following is an example of writing the dynamic user information of the DHCP binding database into flash Ruijie con...

Page 723: ...nd Command Description Related commands show ip dhcp snooping View the configuration information of the DHCP snooping 10 2 2 ip dhcp snooping trust Use this command to set the ports of the switch as t...

Page 724: ...10 2 3 ip dhcp snooping vlan vlan id information option change vlan to vlan Use this command to enable the option82 s sub option circuit and change the VLAN in the circuit id into the specified VLAN...

Page 725: ...the option82 s sub option circuit id as user defined the storage format is ASCII and to perform the packet forwarding The no form of this command will disable this function no ip dhcp snooping vlan v...

Page 726: ...this command to set rate limit of receiving DHCP packets on the interface The no form of this command removes the setting no ip dhcp snooping limit rate rate value Parameter Description Parameter desc...

Page 727: ...E DHCP snooping database write delay time 0 seconds DHCP snooping option 82 status ENABLE DHCP snooping Support Bootp bind status ENABLE Interface Trusted Rate limit pps GigabitEthernet 0 1 NO 100 Com...

Page 728: ...ng Enable the DHCP snooping globally ip dhcp snooping verify mac address Enable the check of source MAC address of DHCP Snooping packets ip dhcp snooping write delay Set the interval of writing user i...

Page 729: ...information to the DHCP Snooping database Related commands clear ip dhcp snooping binding Clear the dynamic user information from the DHCP snooping binding database 10 4 Other DHCP Snooping Configurat...

Page 730: ...the DHCP snooping binding database 10 4 2 debug ip dhcp snooping Use this command to trun on the debugging switch of the DHCP snooping debug ip dhcp snooping Default Turned off Command mode Privilege...

Page 731: ...n This command is supported on all switches 10 5 Configuration Example Showing Commands 10 5 1 dhcp snooping help Use this command to show the configuration examples related to dhcp snooping dhcp snoo...

Page 732: ...ish command in the privileged mode to switchover the Chinese English interface Command Description Related commands 10 6 Example Showing Commands 10 6 1 ip dhcp help Use this command to show the confi...

Page 733: ...description However users may not understand the meaning about the description of keywords so they do not know how to continue the configuration in order to complete the configuration task Examples Co...

Page 734: ...status Showing Commands 10 7 1 view dhcp snooping Use this command to show the configuration and status information of DHCP snooping view dhcp snooping Parameter description N A Default N A Command m...

Page 735: ...S2600E CLI Reference Guide Chapter 10 DHCP Snooping Configuration Commands Examples Command Description Related commands...

Page 736: ...ooping Configuration Commands Examples Global configuration mode Interface configuration mode Note 1 Use the language chinese english command in the privileged mode to switchover the Chinese English i...

Page 737: ...cified VLAN If the parameter vlan id is neglected the DAI inspection function of all VLANs will be disabled ip arp inspection vlan vlan id no ip arp inspection vlan vlan id Parameter Description Param...

Page 738: ...e L2 port is a untrusted port Command mode Interface configuration mode Usage guidelines If it is necessary to make the ARP message received by some interface pass the DAI inspection unconditionally y...

Page 739: ...NFPP supported switches only the interface trust state will be displayed 11 3 Showing Configuration Example Commands 11 3 1 dai help Use this command to show the typical DAI configuration dai help Th...

Page 740: ...elated commands view dai Show the main status and configuration information of DAI function Platform description This command is supported on the layer 3 switches 11 4 Showing Main Status 11 4 1 view...

Page 741: ...ription Related commands dai help Show the typical DAI configuration Platform description This command is supported on the layer 3 switches 11 5 DHCP Snooping Database Related Configuration When the c...

Page 742: ...guration Commands needed to check based on the DHCP Snooping database If no configuration is carried out for the database the ARP message passes the validity check For the configuration on the DHCP Sn...

Page 743: ...he corresponding static user no ip source binding mac address vlan vlan id ip address interface interface id ip mac ip only Parameter Description mac address Add user MAC address statically vlan id Ad...

Page 744: ...FastEthernet 0 1 Total number of bindings 1 Command Description Related commands show ip source binding View the binding information of IP source address and database Platform description This command...

Page 745: ...ple configures IP Source Guard on fastEthernet 0 1 Ruijie configure terminal Ruijie config interface fastEthernet 0 1 Ruijie config if ip verify source Ruijie config if end Command Description Related...

Page 746: ...corresponding vlan Interface id Show user binding information of corresponding interface Default configuration N A Command mode Privileged EXEC mode Usage guidelines N A Examples Ruijie show ip sourc...

Page 747: ...tEthernet 0 10 Now IP Source Guard supports the following filtering modes inactive no snooping vlan the interface isn t within the range of DHCP Snooping VLAN and IP Source Guard is inactive inactive...

Page 748: ...lt configuration The debugging switch is turned off Command mode Privileged EXEC mode Usage guidelines Use this command to view the debug information of IP Source Guard Examples Ruijie debug ip source...

Page 749: ...n help by other means such as reading related manuals and going to our frontline engineers for help Displaying the typical configurations of each security module on the CLI provides the corresponding...

Page 750: ...ode Any mode Usage guidelines Currently multiple commands are needed to show the related configuration or status information of one function The users do not know to use which command to show the main...

Page 751: ...onfiguration Commands Examples If the total number of bindings exceeds 3 only the first three entries are displayed Command Description Related commands ipsource guard help Show the typical configurat...

Page 752: ...on globally no ipv6 dhcp snooping Parameter description N A Default Disabled Command mode Global configuration mode Usage guidelines Enable the DHCPv6 snooping function on the switch You can use the s...

Page 753: ...bal configuration mode Usage guidelines By default the DHCPv6 Snooping binding entries are added to the hardware filtering list With this command configured if no IPv6 address conflict is detected wit...

Page 754: ...or normal communication Examples The following is an example of setting interval at which the switch writes the user information into the flash as 100s Ruijie config ip dhcp snooping database write de...

Page 755: ...3 1 5 ipv6 dhcp snooping filter dhcp pkt Use this command to filter all received DHCPv6 request packets The no form of this command will disable this function ipv6 dhcp snooping filter dhcp pkt no ipv...

Page 756: ...HCPv6 reply packet forwarding depends on the MAC address list searching For the sake of security the switch does not forward the related DHCPv6 reply packets if it fails to find the port of the corres...

Page 757: ...and configured the option18 37 will be added to the DHCPv6 request packets and the DHCPv6 server will assign the addresses according to the option18 37 information Examples The following example confi...

Page 758: ...format remote id string ascii string hostname Parameter Description string The content of Option37 remote id extension format is customized character string Parameter description hostname The content...

Page 759: ...ion N A Default Disabled Command mode Global configuration mode Usage guidelines By default the dynamic binding entries are not cleared on an interface when the interface links down With this function...

Page 760: ...under the trust port are forwarded normally but the response messages received under the untrust port will be discarded Examples The following is an example of setting fastEthernet 0 1 as a trust por...

Page 761: ...Examples The following example disables the DHCPv6 snooping function in VLAN1 Ruijie config no ipv6 dhcp snooping vlan 1 Platform description This command is supported on all switches 13 1 12 ipv6 dhc...

Page 762: ...snooping vlan 4094 information option change vlan to vlan 4093 Ruijie config if end Platform description This command is supported on all switches 13 1 13 ipv6 dhcp snooping vlan vlan id information...

Page 763: ...tEthernet 0 1 Ruijie config if ipv6 dhcp snooping vlan 4094 information option format type interface id string port name Ruijie config if end Platform description This command is supported on all swit...

Page 764: ...ource binding 00d0 f866 4777 vlan 10 2001 2002 2003 interface fastethernet 0 10 Command Description Related commands show ipv6 source binding View all munually added static binding entries and DHCPv6...

Page 765: ...de on the interface fastethernet 0 1 Ruijie config interface fastethernet 0 1 Ruijie config if ipv6 verify source port security Platform description This command is supported on all switches 13 1 16 r...

Page 766: ...nooping show ipv6 dhcp snooping Parameter description N A Default N A Command mode Privileged EXEC mode Usage guidelines N A Examples Ruijie show ipv6 dhcp snooping Switch DHCPv6 snooping status ENABL...

Page 767: ...address binding entry mac address Show the MAC address binding entry vlan vlan_id Show the VLAN binding entry Parameter description interface interface_name Show the interface binding entry Defaults N...

Page 768: ...address prefix entry vlan vlan_id Show the VLAN prefix entry Parameter description interface interface_name Show the interface prefix entry Default N A Command mode Privileged EXEC mode Usage guidelin...

Page 769: ...ay forward 0 No binding entry 0 Binding fail 0 Unknown packet 0 Unknown output interface 0 No enough memory 0 Admin filter dhcpv6 pkt 0 Field Description Received on untrusted ports The discarded serv...

Page 770: ...ng filter dhcp pkt command to filter the packets Platform description This command is supported on all switches 13 2 5 show ipv6 source binding Use this command to view all static binding entry and dh...

Page 771: ...latform description This command is supported on all switches 13 3 Clearing Related Commands clear ipv6 dhcp snooping binding clear ipv6 dhcp snooping prefix clear ipv6 dhcp snooping statistics 13 3 1...

Page 772: ...clear ipv6 dhcp snooping binding Platform description This command is supported on all switches 13 3 2 clear ipv6 dhcp snooping prefix Use this command to clear all the user information in the dhcpv6...

Page 773: ...s command is supported on all switches 13 3 3 clear ipv6 dhcp snooping statistics Use this command to clear the statistical information of the dhcpv6 packets clear ipv6 dhcp snooping statistics Parame...

Page 774: ...event debugging message Trace the DHCPv6 SNP event processing in real time such as the VLAN AP change process generating and deleting the binding entry the switchover message of hot backup and hot pl...

Page 775: ...spoofing ip ip address no anti arp spoofing ip ip address Parameter Description Parameter description ip address IP address for the gateway Default Disabled Command mode Interface configuration mode U...

Page 776: ...and to show the typical configuration of anti arp spoofing modules anti arp spoofing help Command mode Privileged mode Usage guidelines For current operation of the CLI the configuration is realized b...

Page 777: ...xample Commands 14 4 1 anti arp spoofing help interface configuration mode Use this command to show the example information of the command beginning with the keyword anti arp spoofing anti arp spoofin...

Page 778: ...status and configuration information of anti arp spoofing modules view anti arp spoofing Command mode Any mode Usage guidelines Currently multiple commands are needed to show the related configuratio...

Page 779: ...arp spoofing Configuration Commands Example s The top five anti arp spoofing addreddes configured are displayed Command Description Related commands anti arp spoofing help Show the typical configurati...

Page 780: ...Description Parameter description pps_value The rate limit threshold ranging from 1 to 8192 Default The default traffic bandwidths of each type of packets are Manage packets 3000pps Route packets 3000...

Page 781: ...ult The default percent values of each type of packets occupied in the buffer area are Manage packets 30 Route packets 20 Protocol packets 45 Command mode Global configuration mode Examples Ruijie con...

Page 782: ...tack threshold for each source IP address and source MAC address is 8pps and the attack threshold for each port is 200pps Command mode NFPP configuration mode Usage guidelines The attack threshold sha...

Page 783: ...onfiguration mode Usage guidelines N A Examples Ruijie config nfpp Ruijie config nfpp arp guard enable Command Description nfpp arp guard enable Enable the anti ARP attack on the interface Related com...

Page 784: ...d isolate period Set the isolate time on the interface Related commands show nfpp arp guard summary Show the configurations 15 2 4 arp guard monitor period Use this command to configure the arp guard...

Page 785: ...ijie config nfpp Ruijie config nfpp arp guard monitor period 180 Command Description show nfpp arp guard summary Show the configurations show nfpp arp guard hosts Show the monitored host list Related...

Page 786: ...s Ruijie config nfpp Ruijie config nfpp arp guard monitored host limit 200 Command Description Related commands show nfpp arp guard summary Show the configurations 15 2 6 arp guard rate limit Use this...

Page 787: ...rd scan threshold Use this command to set the global scan threshold arp guard scan threshold pkt cnt Parameter Description Parameter description pkt cnt Set the scan threshold in the range of 1 9999 D...

Page 788: ...15 2 8 clear nfpp arp guard hosts Use this command to clear the monitored host isolation clear nfpp arp guard hosts vlan vid interface interface id ip address mac address Parameter Description vid Se...

Page 789: ...table clear nfpp arp guard scan Parameter Description Parameter description Default Settings N A Command mode Privileged EXEC mode Usage guidelines N A Examples Ruijie clear nfpp arp guard scan Comman...

Page 790: ...e config interface G0 1 Ruijie config if nfpp arp guard enable Command Description arp guard enable Enable the anti ARP attack function Related commands show nfpp arp guard summary Show the configurat...

Page 791: ...y Show the configurations 15 2 12 nfpp arp guard policy Use this command to set the rate limit threshold and the attack threshold nfpp arp guard policy per src ip per src mac per port rate limit pps a...

Page 792: ...interface G 0 1 Ruijie config if nfpp arp guard policy per src ip 2 10 Ruijie config if nfpp arp guard policy per src mac 3 10 Ruijie config if nfpp arp guard policy per port 50 100 Command Descripti...

Page 793: ...G 0 1 Ruijie config if nfpp arp guard scan threshold 20 Command Description arp guard attack threshold Set the global attack threshold show nfpp arp guard summary Show the configurations show nfpp ar...

Page 794: ...the attack threshold for each port is 300pps Command mode NFPP configuration mode Usage guidelines N A Examples Ruijie config nfpp Ruijie config nfpp dhcp guard attack threshold per src mac 15 Ruijie...

Page 795: ...guard isolate period seconds permanent Parameter Description seconds Set the isolate time in seconds The valid range is 0 or 30 86400 Parameter description permanent Permanent isolation Default Settin...

Page 796: ...The valid range is 180 86400 Default Settings 600s Command mode NFPP configuration mode Usage guidelines When the attacker is detected if the isolate period is 0 the attacker will be monitored by the...

Page 797: ...Default Settings 1000 Command mode NFPP configuration mode Usage guidelines If the monitored host number has reached the default 1000 the administrator shall set the max number smaller than 1000 and i...

Page 798: ...t Set the rate limit for each port Parameter description pps Set the rate limit in the range of 1 9999 Default Settings The default rate limit for each source MAC address is 5pps the default rate limi...

Page 799: ...tings N A Command mode Privileged EXEC mode Usage guidelines Use this command without the parameter to clear all monitored hosts Examples Ruijie clear nfpp dhcp guard hosts vlan 1 interface g0 1 Comma...

Page 800: ...enable Command Description dhcp guard enable Enable the anti ARP attack function Related commands show nfpp dhcp guard summary Show the configurations 15 3 9 nfpp dhcp guard isolate period Use this c...

Page 801: ...mmand to set the rate limit threshold and the attack threshold nfpp dhcp guard policy per src mac per port rate limit pps attack threshold pps Parameter Description per src mac Set the rate limit thre...

Page 802: ...dhcp guard rate limit Set the global rate limit threshold show nfpp dhcp guard summary Show the configurations show nfpp dhcp guard hosts Show the monitored host Related commands clear nfpp dhcp guar...

Page 803: ...Ruijie config nfpp Ruijie config nfpp dhcpv6 guard attack threshold per src mac 15 Ruijie config nfpp dhcpv6 guard attack threshold per port 200 Command Description nfpp dhcpv6 guard policy Show the...

Page 804: ...on seconds Set the isolate time in seconds The valid range is 0 or 30 86400 Parameter description permanent Permanent isolation Default Settings The default isolate time is 0 which means no isolation...

Page 805: ...Command mode NFPP configuration mode Usage guidelines When the attacker is detected if the isolate period is 0 the attacker will be monitored by the software and the timeout time will be the monitor...

Page 806: ...gs 1000 Command mode NFPP configuration mode Usage guidelines If the monitored host number has reached the default 1000 the administrator shall set the max number smaller than 1000 and it will prompt...

Page 807: ...source MAC address per port Set the rate limit for each port Parameter description pps Set the rate limit in the range of 1 9999 Default Settings The default rate limit for each source MAC address is...

Page 808: ...nterface id Set the interface name and number Parameter description mac address Set the MAC address Default Settings N A Command mode Privileged EXEC mode Usage guidelines Use this command without the...

Page 809: ...anti attack configuration is prior to the global configuration Examples Ruijie config interface G0 1 Ruijie config if nfpp dhcpv6 guard enable Command Description dhcpv6 guard enable Enable the anti A...

Page 810: ...d commands show nfpp dhcpv6 guard summary Show the configurations 15 4 10 nfpp dhcpv6 guard policy Use this command to set the rate limit threshold and the attack threshold nfpp dhcpv6 guard policy pe...

Page 811: ...config interface G 0 1 Ruijie config if nfpp dhcpv6 guard policy per src mac 3 10 Ruijie config if nfpp dhcpv6 guard policy per port 50 100 Command Description dhcpv6 guard attack threshold Set the gl...

Page 812: ...e valid range is 1 9999 Default Settings By default the attack threshold and the rate limit threshold for each source IP address and each port are the same For the default rate limit threshold value s...

Page 813: ...guration mode Usage guidelines N A Examples Ruijie config nfpp Ruijie config nfpp icmp guard enable Command Description nffp icmp guard enable Enable the ICMP anti attack function on the interface Rel...

Page 814: ...l be adopted or the interface based isolate period shall be adopted Examples Ruijie config nfpp Ruijie config nfpp icmp guard isolate period 180 Command Description nfpp icmp guard isolate period Set...

Page 815: ...changed to be 0 the attackers on the interface will be removed rather than being monitored by the software Examples Ruijie config nfpp Ruijie config nfpp icmp guard monitor period 180 Command Descrip...

Page 816: ...GUARD 4 SESSION_LIMIT Attempt to exceed limit of 1000 monitored hosts to remind the administrator Examples Ruijie config nfpp Ruijie config nfpp icmp guard monitored host limit 200 Command Description...

Page 817: ...uard trusted host Use this command to set the trusted hosts free form monitoring icmp guard trusted host ip mask no icmp guard trusted host all ip mask Parameter Description ip Set the IP address mask...

Page 818: ...15 5 8 clear nfpp icmp guard hosts Use this command to clear the monitored host isolation clear nfpp icmp guard hosts vlan vid interface interface id ip address Parameter Description vid Set the VLAN...

Page 819: ...on on the interface nfpp icmp guard enable Parameter Description Parameter description Default Settings The ICMP anti attack function is not enabled on the interface Command mode Interface configurati...

Page 820: ...ermanent Permanent isolation Default Settings By default the isolate period is not configured Command mode Interface configuration mode Usage guidelines N A Examples Ruijie config interface G0 1 Ruiji...

Page 821: ...tings By default the rate limit threshold and the attack threshold are not configured Command mode Interface configuration mode Usage guidelines The attack threshold value shall be equal to or greater...

Page 822: ...nd neighbor advertisement rs Set the router request ra redirect Set the router advertisement and the redirect packets Parameter description pps Set the attack threshold in pps The valid range is 1 999...

Page 823: ...d guard enable Parameter Description Parameter description Default Settings Enabled Command mode NFPP configuration mode Usage guidelines N A Examples Ruijie config nfpp Ruijie config nfpp nd guard en...

Page 824: ...or the ns na rs and ra redirect on each port is 15 Command mode NFPP configuration mode Usage guidelines N A Examples Ruijie config nfpp Ruijie config nfpp nd guard rate limit per port ns n a 10 Ruiji...

Page 825: ...le Command Description nd guard enable Enable the ND anti attack function Related commands show nfpp nd guard summary Show the configurations 15 6 5 nfpp nd guard policy Use this command to set the ra...

Page 826: ...sted port shall higher than the one for the untrusted port because the traffic of the trusted port generally is higher than the traffic of the untrusted port For the trusted port with ND snooping enab...

Page 827: ...ess ipv6 address Parameter Description name Defined guard name vid VLAN ID interface id Interface name ip address IP address Parameter description ipv6 address IPv6 address Default Settings N A Comman...

Page 828: ...nfig nfpp Ruijie config nfpp define tcp enable Command Description Related commands show nfpp define summary Show the user defined anti attack configurations 15 7 3 isolate period Use this command to...

Page 829: ...orm description 15 7 4 match Use this command to specify the message matching filed for the user defined anti attack match etype type src mac smac src mac mask smac_mask dst mac dmac dst mac mask dst_...

Page 830: ...ce port dport Destination port Default Settings N A Command mode NFPP configuration mode Usage guidelines Use this command to create a new user defined anti attack type and specify the message fileds...

Page 831: ...is smaller than current monitored hosts 1000 please clear a part of monitored hosts to remind the administrator of the invalid configuration and removing the monitored hosts When the maximum monitore...

Page 832: ...ored attacker will be auto isolated by the hardware and the timeout time will be the isolate period The monitor period is valid with the isolate period 0 If the isolate period has changed to be 0 the...

Page 833: ...mands show nfpp define summary Show the user defined anti attack configurations 15 7 8 trusted host Use this command to set the trusted hosts free form monitoring trusted host mac mac_mask ip mask IPv...

Page 834: ...allowed In the same way if the message type is IPv6 the IPv4 trusted addresses are not allowed Examples Ruijie config nfpp Ruijie config nfpp define tcp Ruijie config nfpp define trusted host 1 1 1 1...

Page 835: ...ate limit threshold shall be equal to or greater than the attack threshold If the rate is greater than the rate limit threshold the packets that meet this classification rule will be discarded If the...

Page 836: ...of the user defined anti attack and the match rate count rate limit and the attack threshold have been configured Examples Ruijie config interface G0 1 Ruijie config if nfpp define tcp enable Command...

Page 837: ...isolate period 180 Command Description isolate period Set the global isolate period Related commands show nfpp define summary Show the configurations 15 7 12 nfpp define name policy Use this command t...

Page 838: ...hreshold Examples Ruijie config interface G 0 1 Ruijie config if nfpp define tcp policy per src ip 2 10 Ruijie config if nfpp define tcp policy per port 50 100 Command Description define policy Set th...

Page 839: ...Show the NFPP log configurations or the log buffer area 15 8 2 log buffer entries Use this command to set the NFPP log buffer area size log buffer entries number Parameter Description Parameter descr...

Page 840: ...number_of_message interval length_in_seconds Parameter Description number_of_message The valid range is 0 1024 0 indicates that all logs are recorded in the specific buffer area and no syslogs are ge...

Page 841: ...uffer logs 2 interval 12 Command Description log buffer entries number Set the NFPP log buffer area size Related commands show nfpp log summary Show the NFPP log configurations or the log buffer area...

Page 842: ...e following example shows the administrator how to record the logs on the interface GigabitEthernet 0 1 only Ruijie config nfpp Ruijie config nfpp logging interface G 0 1 Command Description Related c...

Page 843: ...N A MAC 0000 0000 0004 port Gi4 1 VLAN 1 was detected 2009 07 01 13 00 00 Examples The following example shows the NFPP log configurations Ruijie show nfpp log summary Total log buffer size 10 Syslog...

Page 844: ...3 ISOLATE_FAILE 4 SCAN 5 PORT_ATTACKED Command Description Related commands clear nfpp log Clear the NFPP log buffer area 15 9 ARP guard Showing Related Commands 15 9 1 show nfpp arp guard hosts Use t...

Page 845: ...istics success fail total 100 20 120 The following example shows the monitored host Ruijie show nfpp arp guard hosts If column 1 shows it means hardware do not isolate user VLAN interface IP address M...

Page 846: ...tion mac address The MAC address Default Settings N A Command mode Privileged EXEC mode Usage guidelines N A Examples Ruijie show nfpp arp guard scan statistics ARP scan table has 4 record s Ruijie sh...

Page 847: ...d commands clear nfpp arp guard scan Clear the ARP scan list 15 9 3 show nfpp arp guard summary Use this command to show the configurations show nfpp arp guard summary Parameter Description Parameter...

Page 848: ...he rate limit threshold for the port Attack threshold In the same format as the rate limit No configuration Command Description arp guard attack threshold Set the global attack threshold arp guard ena...

Page 849: ...sts Use this command to show the monitored host show nfpp dhcp guard hosts statistics vlan vid interface interface id ip address mac address Parameter Description statistics Show the statistical infor...

Page 850: ...failed to isolate host VLAN interface MAC address remain time seconds 1 gi0 2 0000 0000 0001 10 2 gi0 1 0000 0000 0002 20 Total 2 host s Command Description Related commands clear nfpp dhcp guard hos...

Page 851: ...Disable the anti attack function Rate limit In the format of the rate limit threshold for the source IP address the rate limit threshold for the source MAC address the rate limit threshold for the po...

Page 852: ...hcpv6 guard hosts Use this command to show the monitored host show nfpp dhcpv6 guard hosts statistics vlan vid interface interface id ip address mac address Parameter Description statistics Show the s...

Page 853: ...failed to isolate host VLAN interface MAC address remain time seconds 1 gi0 2 0000 0000 0001 10 2 gi0 1 0000 0000 0002 20 Total 2 host s Command Description Related commands clear nfpp dhcpv6 guard ho...

Page 854: ...le the anti attack function Rate limit In the format of the rate limit threshold for the source IP address the rate limit threshold for the source MAC address the rate limit threshold for the port Att...

Page 855: ...ard Showing Related Commands 15 12 1 show nfpp icmp guard hosts Use this command to show the monitored host show nfpp icmp guard hosts statistics vlan vid interface interface id ip address mac address...

Page 856: ...icmp guard hosts If column 1 shows it means hardware failed to isolate host VLAN interface IP address remain time s 1 Gi0 1 1 1 1 1 110 2 Gi0 2 1 1 2 1 61 Total 2 host s Command Description Related c...

Page 857: ...Disable the anti attack function Rate limit In the format of the rate limit threshold for the source IP address the rate limit threshold for the source MAC address the rate limit threshold for the por...

Page 858: ...15 12 3 show nfpp icmp guard trusted host Use this command to show the trusted host free from being monitored show nfpp icmp guard summary Parameter Description Parameter description Default Settings...

Page 859: ...guidelines N A Examples Ruijie show nfpp nd guard summary Format of column Rate limit and Attack threshold is N S NA RS RA REDIRECT Interface Status Rate limit Attack threshold Global Enable 20 5 10 4...

Page 860: ...it threshold and attack threshold 15 14 Defined guard Showing Related Commands 15 14 1 show nfpp define hosts Use this command to show the monitored hosts show nfpp define hosts name statistics vlan v...

Page 861: ...efine hosts tcp Define tcp If column 1 shows it means hardware do not isolate host VLAN interface IP address MAC address remain time s 1 Gi0 1 1 1 1 1 110 2 Gi0 2 1 1 2 1 61 Total 2 host s Command Des...

Page 862: ...ttack threshold is per src ip per src mac per port Interface Status Isolate period Rate limit Attack thre shold Global Enable 300 5 150 10 300 G 0 1 Enable 180 6 8 G 0 2 Disable 200 5 30 10 50 Field D...

Page 863: ...ttack type Default Settings N A Command mode Privileged EXEC mode Usage guidelines N A Examples The following example shows the trusted host configurations Ruijie show nfpp define trusted host tcp Def...

Page 864: ...escription Default Settings N A Command mode Privileged mode Usage guidelines N A Examples Note Use the language Chinese English command in the privileged mode to switchover the Chinese English interf...

Page 865: ...mple information of the command beginning with the arp guard in the NFPP configuration mode arp guard help Parameter Description Parameter description Default Settings N A Command mode NFPP configurat...

Page 866: ...information of the command beginning with the nfpp arp guard in the interface configuration mode nfpp arp guard help Parameter Description Parameter description Default Settings N A Command mode Inter...

Page 867: ...ormation of the command beginning with the nfpp arp guard policy in the interface configuration mode nfpp arp guard policy help Parameter Description Parameter description Default Settings N A Command...

Page 868: ...on of the command beginning with the nfpp in the interface configuration mode nfpp help Parameter Description Parameter description Default Settings N A Command mode Interface configuration mode Usage...

Page 869: ...ommands 15 17 Showing Main Status Commands 15 17 1 view nfpp Use this command to show the main status information about NFPP view nfpp Parameter Description Parameter description Default Settings N A...

Page 870: ...S2600E CLI Reference Guide Chapter 15 NFPP Configuration Commands Command Description Related commands nfpp help Show the typical NFPP configuration...

Page 871: ...command to cancel the setting rgos security compatible no rgos security compatible Parameter Description Parameter description Default Settings By default RGOS security function and RGOS compatible m...

Page 872: ...Usage guidelines For current operation of the CLI the configuration is realized by executing the single command one by one As for the configuration and deployment of the specific functional module cur...

Page 873: ...ference Guide Chapter 16 Ruijie Switch Security Compatible Mode Configuration Commands Examples Use the language chinese english command in the global configuration mode to switchover the Chinese Engl...

Page 874: ...ules view security function Parameter Description Parameter description Default Settings N A Command mode Any mode Usage guidelines Displaying the status or configuration of a certain function needs m...

Page 875: ...typical configurations of the security modules Platform description N A Version Description Command history 10 4 3 Newly added command 16 2 3 show resources Use this command to show the usage and ava...

Page 876: ...displaying the important status information of this function Some important status or configuration showing information requires configuring different commands This command is designed for presenting...

Page 877: ...S2600E CLI Reference Guide Chapter 16 Ruijie Switch Security Compatible Mode Configuration Commands...

Page 878: ...ACL QOS...

Page 879: ...ber For IPv6 this field can be IPv6 icmp tcp udp and numbers 0 to 255 For IPv4 it can be one of eigrp gre ipinip igmp nos ospf icmp udp tcp and ip or it can be numbers 0 to 255 that represent the IP p...

Page 880: ...rator port port Operator lt smaller eq equal gt greater neq unequal range range port indicates the port number Dyadic operation needs two port numbers while other operators only need one port number s...

Page 881: ...21 V Sequence number 50 I Encapsulated data type 24 W Confirmation field 54 J IP version number 26 XY IP header length and reserved bits 58 K TOS field 27 Z Resrved bits and flags bit 59 L Length of...

Page 882: ...ld or cos field access list id deny permit ethernet type cos out inner in VID out inner in source source wildcard host source any host source mac address any destination destination wildcard host dest...

Page 883: ...port precedence precedence tos tos fragment range lower upper time range time range name 5 List remark access list id list remark text The following parameters are described in the sequence they appe...

Page 884: ...ower limit of the layer4 port number upper Upper limit of the layer4 port number time range Time range of packet filtering time range name Time range name of packet filtering tos Specify type of servi...

Page 885: ...rd IP ACL 1 to 99 1300 to 1999 only controls the source IP addresses The extended IP ACL 100 to 199 2000 to 2699 can enforce strict control over the source and destination IP addresses The extended MA...

Page 886: ...min delay min monetary cost normal The ICMP message types are as below administratively prohibited dod host prohibited dod net prohibited echo echo reply fragment time exceeded general parameter prob...

Page 887: ...e precedence unreachable protocol unreachable redirect device advertisement device solicitation source quench source route failed time exceeded timestamp reply timestamp request ttl exceeded unreachab...

Page 888: ...pc syslog tacacs talk telnet time uucp whois www The UDP ports are as follows A UDP port can be specified by port name and port number biff bootpc bootps discard dnsix domain echo isakmp mobile ip nam...

Page 889: ...s list 1 permit 192 168 1 64 0 0 0 63 2 Example of the extended IP ACL The following extended IP ACL allows the DNS messages and ICMP messages to pass Ruijie config access list 102 permit tcp any any...

Page 890: ...s list extended 2702 10 deny tcp host 192 168 12 3 mac 00d0 f800 0044 any any 10 permit any any any any Command Description show access lists Show all the ACLs Related commands mac access group Apply...

Page 891: ...perator port port precedence precedence tos tos fragment range lower upper time range time range name 3 Extended MAC ACL sn deny any host source mac address any host destination mac address ethernet t...

Page 892: ...mac address any operator port port precedence precedence tos tos fragment range lower upper time range time range name match all tcp flag User Datagram Protocol UDP sn deny udp VID out inner in source...

Page 893: ...source ipv6 prefix prefix length host source ipv6 address any operator port port destination ipv6 prefix prefix length host destination ipv6 address any operator port port dscp dscp flow label flow la...

Page 894: ...alue within the range of 0 to 63 flow label Flow label flow label Flow label value within the range of 0 to 1048575 protocol For the IPv6 the field can be ipv6 icmp tcp udp and number in the range 0 t...

Page 895: ...s list extended ip ext acl 10 deny tcp host 192 168 4 12 eq 100 any Ruijie config ext nacl exit Ruijie config interface gigabitethernet 1 1 Ruijie config if ip access group ip ext acl in Ruijie config...

Page 896: ...ts ipv6 access list extended v6 acl 11 deny ipv6 host 192 168 4 12 any Ruijie config ipv6 nacl exit Ruijie config interface gigabitethernet 1 1 Ruijie config if ipv6 traffic filter v6 acl in Command D...

Page 897: ...Filter the outputting packets of the interface Default configuration No Expert ACL is applied on the interface Command mode Interface configuration mode Usage guidelines N A Examples The following ex...

Page 898: ...lt configuration N A Command mode Global configuration mode Usage guidelines Use show access lists to display the ACL configurations Examples Create an extended expert ACL Ruijie config expert access...

Page 899: ...terface unreflect Disable the Reflexive ACL Parameter description reflect Enable the Reflexive ACL Default configuration No ACL is applied on the interface Command mode Interface configuration mode Us...

Page 900: ...0 to 2699 for extended ACL Parameter description name Name of the ACL Default configuration N A Command mode Global configuration mode Usage guidelines There are differences between a standard ACL and...

Page 901: ...access list resequence id name Parameter Description id ACL ID name ACL name start sn Start sequence Parameter description inc sn Sequence increment Default configuration The start sequence is 10 and...

Page 902: ...ic filter name in out Parameter Description name Name of Ipv6 ACL in Filter the incoming packets of the interface Parameter description out Filter the outgoing packets of the interface Default configu...

Page 903: ...ipv6 access list name no mac access list name Parameter Description Parameter description name ACL name Command mode Global configuration mode Usage guidelines Use show access lists to view ACL confi...

Page 904: ...the interface Parameter description out Filter the outgoing packets of the interface Default configuration No ACL is applied on the interface Command mode Interface configuration mode Usage guideline...

Page 905: ...figuration N A Command mode Global configuration mode Usage guidelines Use show access lists to display the ACL configurations Examples Create an extended MAC ACL Ruijie config mac access list extende...

Page 906: ...ermit ipv6 host 192 168 4 12 any 12 deny ipv6 any any Ruijie config ipv6 nacl no 12 Ruijie config ipv6 nacl show access lists ipv6 access list extended v6 acl 10 permit ipv6 host 192 168 4 12 any Ruij...

Page 907: ...TCP sn permit tcp source source wildcard host Source any operator port port destination destination wildcard host destination any operator port port precedence precedence tos tos fragment time range t...

Page 908: ...rd host destination any host destination mac address any icmp type icmp type icmp code icmp message precedence precedence tos tos fragment time range time range name Transmission Control Protocol TCP...

Page 909: ...ess any operator port port destination ipv6 prefix prefix length host destination ipv6 address any operator port port dscp dscp flow label flow label fragment time range time range name match all tcp...

Page 910: ...ACL to interface gigabitethernet 1 1 The configuration procedure is as below Ruijie config ip access list extended 102 Ruijie config ext nacl permit tcp host 192 168 4 12 eq 100 any Ruijie config ext...

Page 911: ...192 168 4 12 and apply the ACL to interface gigabitethernet 1 1 The configuration procedure is as below Ruijie config ipv6 access list extended v6 acl Ruijie config ipv6 nacl 11 permit ipv6 host 192 1...

Page 912: ...nterface is specified the associated ACLs of all the interfaces will be shown Examples Ruijie show access group ip access list standard ipstd3 Applied On interface GigabitEthernet 0 1 ip access list s...

Page 913: ...is specified all the ACLs will be shown Examples Ruijie show access lists n_acl ip access list standard n_acl Ruijie show access lists 102 ip access list extended 102 Ruijie show access lists ip acce...

Page 914: ...ified the associated expert ACLs of all the interfaces will be shown Examples Ruijie show expert access group interface gigabitethernet 0 2 expert access group ee in Applied On interface GigabitEthern...

Page 915: ...version must be RGOS10 0 and higher 1 2 5 show ipv6 traffic filter Use this command to show the configured IPv6 ACL of the interface show ipv6 traffic filter interface interface Parameter Description...

Page 916: ...rface Interface ID Command mode Privileged mode Usage guidelines Show the MAC ACL associated with the interface If no interface is specified the associated MAC ACLs of all associated interfaces will b...

Page 917: ...d mode Global configuration mode Usage guidelines Use this command to configure the global security channel Examples Ruijie security global access group 1 Platform description 1 3 2 security access gr...

Page 918: ...ink enable no security uplink enable Command mode Interface configuration mode Usage guidelines Use this command to configure the uplink port of the security channel on the interface Examples Ruijie s...

Page 919: ...e config if show secu acl Ports Type access group Fa0 4 security 50 Global security 60 Fa0 6 uplink Command Description security global access group Define the global security channel security access...

Page 920: ...figuration is realized by executing the every single command As for the configuration and deployment of a specific functional module current CLI presentation lacks some replicable typical configuratio...

Page 921: ...lish interface Command Description Related commands view access list Show the configuration and main status information of ACL modules Platform description 1 4 2 acl help This command is used to show...

Page 922: ...nfiguration examples therefore users can only ask for the configuration help by other means such as reading related manuals and going to our frontline engineers for help Displaying the typical configu...

Page 923: ...th the keyword ip access list ip access list help Parameter Description Parameter description Default configuration N A Command mode Global configuration mode Usage guidelines Currently you can enter...

Page 924: ...atform description 1 5 2 expert access list help Use this command to show the example information of the command beginning with the keyword expert access list expert access list help Parameter Descrip...

Page 925: ...uration mode to switchover the Chinese English interface Command Description Related commands view access list Show the configuration and main status information of ACL modules Platform description 1...

Page 926: ...nfiguration in order to complete the configuration task Example s Note Use the language chinese english command in the global configuration mode to switchover the Chinese English interface Command Des...

Page 927: ...do not know how to continue the configuration in order to complete the configuration task Example s Note Use the language chinese english command in the global configuration mode to switchover the Chi...

Page 928: ...escription of keywords so they do not know how to continue the configuration in order to complete the configuration task Example s Note Use the language chinese english command in the global configura...

Page 929: ...ext keyword or parameter and related description However users may not understand the meaning about the description of keywords so they do not know how to continue the configuration in order to comple...

Page 930: ...enter the question mark to display the configuration help with the configuration of the next keyword or parameter and related description However users may not understand the meaning about the descri...

Page 931: ...terface configuration mode Usage guidelines Currently you can enter the question mark to display the configuration help with the configuration of the next keyword or parameter and related description...

Page 932: ...iption Default configuration N A Command mode Any mode Usage guidelines Currently multiple commands are needed to show the related configuration or status information of one function The users do not...

Page 933: ...S2600E CLI Reference Guide Chapter 1 ACL Configuration Commands Example s Command Description Related commands access list help Show the typical configuration of ACL modules Platform description...

Page 934: ...riction given in Configuring Security ACLs The QoS function is disabled by default Namly the device processes all the packets in the same way But if you associate a policy map with an interface and th...

Page 935: ...2 40 48 56 CoS 0 1 2 3 4 5 6 7 2 2 Related Configuration Commands 2 2 1 mls qos trust Use this command to configure the trust mode on an interface Use the no form of this command to restore it to the...

Page 936: ...erface Use the no form of this command to restore it to the default mls qos cos default cos no mls qos cos Parameter Description default cos 0 7 Parameter description no Restore it to the default valu...

Page 937: ...te limit input 1000000 4096 Command Description Related commands show mls qos interface 2 2 4 class maps Use the following command to creat an ACL ip access list extended standard acl id acl name Or m...

Page 938: ...group acl name acl id Delete the match no match ip dscp dscp value1 dscp value2 dscp valueN Delete the matched ip dscp value Parameter description no match ip precedence ip pre value1 ip pre value2 ip...

Page 939: ...nfiguration mode no policy map policy map name Use the following command to create the class map data classification used in the policy map and enter into the data classification configuration mode no...

Page 940: ...kbps burst byte The burst traffic limitation in Kbyte drop Drop the packets exceeding the bandwidth dscp value Overwrite the DSCP value of the packets exceeding the bandwidth whose range varies with p...

Page 941: ...cription no Cancel the application of the policy map on the interface or the virtual group Command mode Interface configuration mode and virtual group configuration mode Examples Ruijie config interfa...

Page 942: ...Examples Ruijie config no priority queue Related commands show mls qos queuing 53 2 8 priority queue cos map Use this command to configure the associated CoS value of output queue priority queue cos...

Page 943: ...or the number of weights and its range see the default settings Parameter description no Restore to the default value Default configuration weight1 weightn 1 1 Command mode Global configuration mode E...

Page 944: ...d to map the DSCP value to the COS value Use the no form of the command to disable the mapping mls qos map dscp cos dscp list to cos no mls qos map dscp cos Parameter Description dscp list DSCP list I...

Page 945: ...ies with products Parameter description no Restore to the default value Command mode Interface configuration mode Examples Ruijie config interface fastEthernet 0 1 Ruijie config if rate limit input 10...

Page 946: ...s command to set the queue weight in the DRR scheduling mode Use the no form of the command to restore it to the default drr queue bandwidth weight1 weight8 no drr queue bandwidth Parameter Descriptio...

Page 947: ...figuration mode Examples Ruijie config mls qo map ip prec dscp 8 10 16 18 24 26 32 34 Command Description Related commands show mls qos maps Show the DSCP COS COS DSCP and IP prec DSCP maps 2 2 15 vir...

Page 948: ...r 24 ports or the latter 24 ports Examples The following example sets the interface gigabitEthernet 1 3 as the member of virtual group 3 Ruijie config interface gigabitethernet 1 3 Ruijie config if vi...

Page 949: ...ption class name Name of the class map Default configuration All policy maps are shown by default Command mode Privileged EXEC mode Examples Ruijie show policy map 2 3 3 show mls qos interface Use thi...

Page 950: ...Platform description 2 3 5 show mls qos scheduler Use this command to show the information on queue scheduling algorithm show mls qos scheduler Command mode Privileged EXEC mode Examples Ruijie show m...

Page 951: ...rface id Parameter Description Parameter description interface Interface ID Command mode Privileged EXEC mode Examples Ruijie show mls qos rate limit 2 3 8 show virtual group Use this command to show...

Page 952: ...S2600E CLI Reference Guide Chapter 2 QoS Configuration Command Command Description Related commands virtual group Enable the virtual group...

Page 953: ...Reliability...

Page 954: ...up The no form of this command is used to disable a link state track group link state track num no link state track num Parameter Description Parameter description num Interface ID of the link aggrega...

Page 955: ...e port to be an upstream port in the link state track group Parameter description downstream Configures the port to be a downstream port in the link state track group Default The port is not added int...

Page 956: ...0 Default A maximum of 150 MAC address update packets are sent per second Command mode Global configuration mode Usage guidelines When a link is switched REUP sends a certain number of MAC address upd...

Page 957: ...rimary interface and backup interface Ruijie config interface fa 0 1 Ruijie config if switchport backup interface fa 0 2 Command Description Related commands show interface switchport backup View the...

Page 958: ...eemption delay refers to the delay time of the link reswitch after the restoration of the link failure Examples The following example shows how to set the dual link backup with fa 0 1 and fa 0 2 as th...

Page 959: ...ss table move update receive Command Description Related commands mac address table move update transit Enable REUP to transmit the mac address table update messages 1 1 7 mac aadress table move updat...

Page 960: ...le REUP to receive MAC address update packets 1 1 8 mac address table move update transit Use this command to enable REUP to transmit the mac address table update messages mac address table move updat...

Page 961: ...ion mode Usage guidelines When a link is switched the VLAN enabled to transmit MAC address update packets will send MAC address update packets to its uplink device Examples The following example confi...

Page 962: ...apidly Examples Ruijie config if mac address table update group 2 Command Description Related commands show mac address table update group detail Show the mac address table update group information 1...

Page 963: ...erface switchport backup Show the configuration of dual link backup on the switch Related commands spanning tree mst configuration Configure MSTP instances 1 2 Showing and Monitoring Commands 1 2 1 sh...

Page 964: ...dual link backup Parameter description detail Show the detailed information about the dual link backup Default Show the dual link backup information on all interfaces Command mode Privileged EXEC mode...

Page 965: ...ples Ruijie configure terminal Ruijie config mac address table move update receive Ruijie config interface range gigabitEthernet 0 3 4 Ruijie config if range mac address table update group Ruijie conf...

Page 966: ...1 1 rldp enable Use this command to enable RLDP globally Use the no form of this command to disable the function rldp enable no rldp enable Parameter description N A Default Disabled Command mode Glo...

Page 967: ...ironment where STP is enabled it is recommended that the product of interval multiplying the maximum number of detections is less than the topology convergence time of STP Examples The following examp...

Page 968: ...tion Related commands rldp detect interval Set the detection interval 2 1 4 rldp port Use this command to enable RLDP on the port and specify detection type and troubleshooting method Use the no form...

Page 969: ...ure RLDP detection on fas 0 1 specify the detection type as loop detection and troubleshooting method as block Ruijie config interface fas 0 1 Ruijie config if rldp port loop detect block Command Desc...

Page 970: ...2 2 debug rldp Use this command to turn on the RLDP service debugging switch The no form of this command is used to turn off the debugging switch debug rldp packet event error undebug rldp packet eve...

Page 971: ...entation lacks some replicable typical configuration examples therefore users can only ask for the configuration help by other means such as reading related manuals and going to our frontline engineer...

Page 972: ...rldp help Parameter description N A Default N A Command mode Global configuration mode Usage guidelines Currently you can enter the question mark to display the configuration help with the configurat...

Page 973: ...d to show example information of the command beginning with the keyword rldp port rldp port help Parameter description N A Default N A Command mode Interface configuration mode Usage guidelines Curren...

Page 974: ...the language chinese english command in the privileged mode to switchover the Chinese English interface Command Description Related commands 2 5 Showing Main Status Commands 2 5 1 view rldp Use this c...

Page 975: ...formation respectively and several commands are needed for showing various status information that the user want which is not convenient for users Users want to see various main statuses after the con...

Page 976: ...d Command mode Global configuration mode Usage guidelines The topology protection function is enabled by default so as to protect the network against topology oscillation due to attacks It should be u...

Page 977: ...is port will be notified when the CPU utilization of the local device is too high or there are other problems with the local device This command is applicable to the layer 2 switching interfaces and r...

Page 978: ...vileged EXEC mode Usage guidelines This command is used to view the current TPP configuration and port detection Examples The following example shows how to display information about the topology prot...

Page 979: ...in hh mm text at hh mm month day day month text cancel Parameter Description warm Use Warm reboot text Reason to reboot the system in 1 to 255 bytes in hh mm Reboot the system after the specified per...

Page 980: ...copy tftp and reload warm commands Ruijie copy tftp 192 168 122 122 ngsa maincompress s26e bin_ flash rgos bin Accessing tftp 192 168 122 122 ngsa maincompress s26e bin_ System is running defragment p...

Page 981: ...ble count uptime Parameter Description enable Enable the warm reload function count count value Configure the maximum times of successive warm reloads between two cold reboots The value is in the rang...

Page 982: ...eload set the maximum times to 10 and set the minimum time interval to 8 minutes Ruijie config warm reload enable To activate warm reload please save the configuration and restart the system And 26932...

Page 983: ...operation history current state and statistics of warm reload in the global configuration mode show warm reload Parameter Description Parameter Description Default Configuratio n None Command Mode Glo...

Page 984: ...Max reload count 10 Min uptime 60 s Warm Reload running state Warm Reload is close Field Description max reload count Maximum times of consecutive warm reloads between two cold reboots min uptime Min...

Page 985: ...S2600E CLI Reference Guide Chapter 4 Warm Reload Upgrade Configuration Commands Platform Description None...

Page 986: ...ute cpu command to enter the owner cpu configuration mode cpu Parameter Description Parameter description Default NA Command mode srm policy configuration mode Usage guidelines N A Examples Example 1...

Page 987: ...group instance resource user_name no instance resource user_name Paramet er Description resource user_na me Name of resource user Execute show resource database command to display the information abou...

Page 988: ...1 3 memory In the srm policy configuration mode execute memory command to enter the owner memory configuration mode memory Parameter Description Parameter description Default N A Command mode Srm poli...

Page 989: ...enter the srm policy configuration mode policy policy name global no policy policy name Parameter Description policy name Policy name name of policy global If you add the global parameter it will bec...

Page 990: ...nds resource manager Enter the SRM configuration mode Platform description 5 1 5 policy policy name In the config res group configuration mode execute policy policy name command to associate the group...

Page 991: ...group policy rgos_policy Command Description Related commands resource manager Enter the SRM configuration mode Platform description 5 1 6 resource manager Enter the SRM configuration mode in global m...

Page 992: ...alue interval interval value falling falling waterline value interval interval value no critical major minor Parameter Description rising Rising waterline rising waterli ne value Rising waterline valu...

Page 993: ...r Enter the SRM configuration mode policy policy name global Create the policy and enter the SRM policy configuration mode memory Enter the owner memory configuration mode Related commands cpu Enter t...

Page 994: ...apply to snmpd Ruijie configure terminal Ruijie config resource manager Ruijie config srm policy rgos_policy Ruijie config srm policy exit Ruijie config srm user snmpd rgos_policy Command Description...

Page 995: ...tion mode Usage guidelines N A Examples Example 1 Configure a global monitoring policy named rgos_policy and apply to the global resource user group Ruijie configure terminal Ruijie config resource ma...

Page 996: ...rameter Description Parameter description resource group name Name of resource user group no Remove the resource user group Default N A Command mode SRM configuration mode Usage guidelines N A Example...

Page 997: ...ce owner resource user group and resource users show resource database slot slot id subsystem subsystem id Parameter Description slot slot id Specify the board card to be displayed Parameter descripti...

Page 998: ...pu 0x0 Memory 0x1 Resource Users ID Priority Ktimer 0x1 PROT_TASK Atimer 0x2 APP_TASK printk_task 0x3 APP_TASK_TS waitqueue_process 0x4 PROT_TASK tasklet_task 0x5 PROT_TASK cmic_pause_detect 0x6 PROT_...

Page 999: ...nds Platform description 5 2 2 show resource notification Display statistics of SRM monitoring event notifications show resource notification owner all cpu memory slot slot id subsystem subsystem id P...

Page 1000: ...ring notifications Ruijie show resource notification owner all Owner cpu Global Global Notif cr U D ma U D mi U D global Not in monitored Multi User Group User Notif cr U D ma U D mi U D rgnos_group c...

Page 1001: ...Global resource usage Multi User Group Multi user resource user group Single User Group Single user resource user group Global Notif Notifications of global policy monitoring waterline User Notif Not...

Page 1002: ...mation about memory owner slot slot id Specify the board card to be displayed Parameter description subsystem subsystem id Subsystem id range 0 1 equivalent to the cpu id displayed after executing sho...

Page 1003: ...mc_trap_task 1602920 0 0 0 ssp_flow_rx_task 1604410 0 0 0 flow_warn_msg_task 1604440 0 0 0 flow_age_task 1604440 0 0 0 temperature_handler_task 1604650 0 0 0 keepalive_link_notify 1604700 0 0 0 datapk...

Page 1004: ...610 kevents 0 0 0 iftp_server 0 0 0 snmpd 45312 53 47 snmp_trapd 0 0 0 mtdblock 0 0 0 gc_task 4 13 13 context 0 0 0 kswapd 0 0 0 bdflush 0 0 0 kupdate 0 2 2 Field Description Total Size B Total memory...

Page 1005: ...resource user in 5 minutes Command Description Related commands Platform description 5 2 4 show resource policy Display SRM monitoring policy show resource policy all policy name slot slot id subsyst...

Page 1006: ...6600 RO cpu critical rising 99 interval 1800 falling 20 interval 1800 major rising 85 interval 3800 falling 40 interval 3800 minor rising 60 interval 6900 falling 10 interval 6900 policy Name rgnos_p...

Page 1007: ...00 Field Description Policy Name Name of monitoring policy Type Type of monitoring policy In Use In use or not RO memory Resource owner memory RO cpu Resource user cpu Command Description Related comm...

Page 1008: ...global Global Group rgnos_policy1 rgnos_group Multi User Group rgnos_policy ktimer Single User Group Field Description Policy Monitoring policy Resource User Resource user group User Type Group type i...

Page 1009: ...resource user slot slot id Specify the board card to be displayed Parameter description subsystem subsystem id Subsystem id range 0 1 equivalent to the cpu id displayed after executing show version co...

Page 1010: ...urce user group Single User Group Single user resource user group Policy Monitoring policy User Resource user Resource Owner Resource owner Allocated Size B Allocated memory size byte Alloc Cnt Memory...

Page 1011: ...S2600E CLI Reference Guide Chapter 5 SRM Configuration Commands Command Description Related commands Platform description...

Page 1012: ...S2600E CLI Reference Guide Chapter 6 GRTD Configuration Commands 6 GRTD Configuration Commands 6 1 Configuration Related Commands...

Page 1013: ...guration mode Usage guidelines Use the diagnostic bootup level command to set the bootup test level Three levels of bootup test can be configured bypass bootup test minimal bootup test and complete bo...

Page 1014: ...S2600E CLI Reference Guide Chapter 6 GRTD Configuration Commands Command Description Related commands show diagnostic bootup level Show the current bootup test level Platform description...

Page 1015: ...delines Use the diagnostic event log size command to set the number of diagnostic event records You can set the number of diagnostic event records to 1 1000 Caution This command is for the management...

Page 1016: ...S2600E CLI Reference Guide Chapter 6 GRTD Configuration Commands commands show diagnostic events Show diagnostic events Platform description...

Page 1017: ...ose meaning is equivalent to cpu id in the show version command test all test id range test range Test items all means all items range means a range for example from item m to item n hh mm ss Hour min...

Page 1018: ...st 2 12 12 12 day 10 ruijie config Example 2 The following example sets the health monitoring test interval of the second test item of slot 2 back to the default value ruijie config no diagnostic moni...

Page 1019: ...id in the show version command Parameter description test all test id range test range Test items all means all items range means a range for example from item m to item n Default Active Command mode...

Page 1020: ...t be used as health monitoring test Example 2 The following example sets the health monitoring test status of all test items 1 4 of a BOX device to inactive ruijie config no diagnostic monitor active...

Page 1021: ...all test id range test range Parameter Description slot slot_id Slot ID sub_system subsys_id Optional Subsystem ID value range 0 1 whose meaning is equivalent to cpu id in the show version command tes...

Page 1022: ...nitor threshold slot 2 test all failure count 50 ruijie config The test 1 can not be used as health monitoring test The test 5 can not be used as health monitoring test Example 2 The following example...

Page 1023: ...ils Command mode Global configuration mode Usage guidelines Use the diagnostic monitor syslog command to set a system log message to be generated when any monitoring test fails Examples Example 1 The...

Page 1024: ...S2600E CLI Reference Guide Chapter 6 GRTD Configuration Commands Platform description...

Page 1025: ...ekly day_of_week hh mm Parameter Description slot slot_id Slot ID sub_system subsys_id Optional Subsystem ID value range 0 1 whose meaning is equivalent to cpu id in the show version command daily Tes...

Page 1026: ...1 of slot 2 to be conducted at 10 10 a m on September 10 2010 ruijie config diagnostic schedule slot 2 test 1 on 2010 september 10 10 10 ruijie config Example 3 The following example sets item 1 of s...

Page 1027: ...S2600E CLI Reference Guide Chapter 6 GRTD Configuration Commands Platform description 6 2 Test Related Commands...

Page 1028: ..._id Optional Subsystem ID value range 0 1 whose meaning is equivalent to cpu id in the show version command mac Port MAC loopback phy Port PHY loopback Parameter description none Cancelling port loopb...

Page 1029: ...S2600E CLI Reference Guide Chapter 6 GRTD Configuration Commands commands None Platform description...

Page 1030: ...whose meaning is equivalent to cpu id in the show version command length Optional Length of test frame num Optional Number of test frames Parameter description time_out Optional Timeout time for rece...

Page 1031: ...S2600E CLI Reference Guide Chapter 6 GRTD Configuration Commands Platform description...

Page 1032: ...mple from item m to item n Default This command has no default setting Command mode Privileged mode Usage guidelines Use the diagnostic start command to start command line tests Generally in command l...

Page 1033: ...nds ruijie diagnostic start slot 2 test all Running test s 1 5 11 13 15 17 26 may disrupt normal system Do you want to continue no yes ruijie Command Description Related commands show diagnostic resul...

Page 1034: ...al Subsystem ID value range 0 1 whose meaning is equivalent to cpu id in the show version command Default This command has no default setting Command mode Privileged mode Usage guidelines Use the diag...

Page 1035: ...S2600E CLI Reference Guide Chapter 6 GRTD Configuration Commands 6 3 Display Related Commands...

Page 1036: ...r description level Bootup test level Default This command has no default setting Command mode Privileged mode Usage guidelines Use the show diagnostic bootup to display the bootup test level Examples...

Page 1037: ...pu id in the show version command Parameter description slot slot_id Slot ID Default This command has no default setting Command mode Privileged mode Usage guidelines Use the show diagnostic content c...

Page 1038: ...NA K Require resetting the line card after the test completed NA test interval Thre ID Test Name Attributes day hh mm ss shold 1 PortLoopbackTest M PDX not config NA 2 InbandSelfTest DX not config NA...

Page 1039: ...Monitoring in active Monitoring in inactive NA Y O Key test Non key test NA R Power down line cards and need reload mainboard NA K Require resetting the line card after the test completed NA test inte...

Page 1040: ...active Monitoring in inactive NA Y O Key test Non key test NA R Power down line cards and need reload mainbord NA K Require resetting the line card after the test completed NA test interval Thre ID T...

Page 1041: ...For detailed description refer to the Configuration Guide test interval Test interval used for system health monitoring test threshold Maximum number of consecutive failed monitoring tests Command De...

Page 1042: ...ion test all test id range test range Test items all means all items range means a range for example from item m to item n Default This command has no default setting Command mode Privileged mode Usag...

Page 1043: ...Reference Guide Chapter 6 GRTD Configuration Commands This test verifies the data path between the mainboard and network ports of a line card ruijie Command Description Related commands None Platform...

Page 1044: ...command has no default setting Command mode Privileged mode Usage guidelines Use the show diagnostic events command to display all event information generated by GRTD Examples Example 1 Use the show d...

Page 1045: ...nce Guide Chapter 6 GRTD Configuration Commands Slot Slot number Event Message Event message content Command Description Related commands diagnostic event log size Set the number of event records Plat...

Page 1046: ...Test item Default This command has no default setting Command mode Privileged mode Usage guidelines Use the show diagnostic result command to display all diagnostic test results You can display the te...

Page 1047: ...Commands P P P P P P P P P P P P P P P P P P P P P P P P Port 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 P P P P P P P P P P P P P P P P P P P P 2 TestI2C P 3 TestDDR P ruijie Command...

Page 1048: ...ommand has no default setting Command mode Privileged mode Usage guidelines Use the show diagnostic schedule command to display the planned test timetables for management boards and slots Examples Exa...

Page 1049: ...00E CLI Reference Guide Chapter 6 GRTD Configuration Commands Command Description Related commands diagnostic schedule Set the planned test timetables for management boards or slots Platform descripti...

Page 1050: ...se the show diagnostic status command to display all current diagnostic test status Examples Example 1 Use the show diagnostic status command to display the following ruijie show diagnostic status BU...

Page 1051: ...S2600E CLI Reference Guide Chapter 6 GRTD Configuration Commands Run by Diagnostic mode Command Description Related commands None Platform description...

Page 1052: ...no action label Parameter Description label Label of the action command cli string Command to be executed Parameter description pattern pattern string optional Response pattern when the command strin...

Page 1053: ...ecuted by smart manager run as clear_cache which will clears the arp table and IP routing table and notify the user upon completion of action Ruijie config smart manager applet clear_cache Ruijie conf...

Page 1054: ...the operation Parameter description op dec inc nop set Method used in the operation Default configuration By default no action is configured Command mode SEM configuration mode Usage Guideline The co...

Page 1055: ...result optional returned value of the Exit it is 0 by default Default configuration By default 0 is returned when the policy is executed to the end Command mode SEM configuration mode Usage Guideline...

Page 1056: ...nitor_cli cli pattern line sync yes Ruijie config applet action 00 cli command enable Ruijie config applet action 10 cli command aaa new model Ruijie config applet commit Ruijie config applet exit Com...

Page 1057: ...application When the policy running the action publish event has generated the message the event application with the same sub system and type will be triggered Examples The following example monitors...

Page 1058: ...wing example sets to reload the device when the memory of entire device is less than 20M Ruijie config smart manager applet Test_1 Ruijie config applet event tag monitor_memory sysmon memory scope sys...

Page 1059: ...he following example sets the variable in the policy with none event type and sends the variable into the log Ruijie config smart manager applet Test_1 Ruijie config applet event tag none_event none R...

Page 1060: ...ntilization of the entire device exceeds 95 Ruijie config smart manager applet Test_2 Ruijie config applet event tag monitor_cpu sysmon cpu scope system entry op gt entry val 95 Ruijie config applet a...

Page 1061: ...for 5 seconds Ruijie config smart manager applet Test_1 Ruijie config applet event tag monitor_cli cli pattern show arp sync yes Ruijie config applet action 00 cli command enable Ruijie config applet...

Page 1062: ...0 set var_for_test Test_1 running Ruijie config applet commit Ruijie config applet exit Command Description Related commands rollback Roll back the policy configurations Platform description N A 7 1 1...

Page 1063: ...ommand line 7 1 11 event cli In SEM configuration mode use this command to confiure command line monitoring The no form of this command deletes the event of specified name event tag event name correla...

Page 1064: ...Optional invalid period of occurs command the duration of occurs operation over the period value will be considered as time out This parameter is invalid when the occurs is 1 Default configuration By...

Page 1065: ...of option occurs Caution The policy configuration command line you enter may also be patterned If skip is yes or sync is yes and the returned value of the policy is 0 the command will not be executed...

Page 1066: ...Command Description Related commands smart manager applet Define the command line based SEM policy 7 1 12 event application In SEM configuration mode this command monitors the event published by the...

Page 1067: ...plication_type Indicates the type of the published event _application_data1 Indicates parameter 1 for event publishing _application_data2 Indicates parameter 2 for event publishing _application_data3...

Page 1068: ...ue exit op operator exit val exit value no event tag event name Parameter Description event name Event name correlate andnot and or Optional correlationship between current event and previous all even...

Page 1069: ...terning stops the combinations between the command counter and exit op exit val are patterned If the patterning succeeds the combined patterning with entry op and entry val recovers Available events V...

Page 1070: ...p operator entry val entry value entry type value increment rate poll interval poll int value exit op operator exit val exit value exit type value increment rate exit comb or and exit time exit time v...

Page 1071: ...han or equal to lt less than ne unequal to exit val exit value The value to recover comparison optional exit type value increment rate The value type to recover comparison optional exit time exit time...

Page 1072: ...s_underrun Number of underruns on output output_packets_dropped Number of packets dropped from output Q receive_broadcasts Number of broadcast packets received receive_giants Number of too large packe...

Page 1073: ...rface_resets of GigabitEthernet3 0 creases a log is generated Ruijie config intelligence manager applet Test_1 Ruijie config event tag monitor_interface interface name GigabitEthernet3 0 parameter int...

Page 1074: ...nt name correlate andnot and or The relation between the current event and the combination of the previous events in the case of multiple events optional The values are and or and andnot cpu system ta...

Page 1075: ...or the following items CPU utilization by the system type cpu scope system CPU utilization by a certain task type cpu scope task task name Memory utilization by the system type memory scope system use...

Page 1076: ...g applet event monitor_cpu sysmon cpu scope system entry op gt entry val 95 Ruijie config applet action 00 syslog msg system busy Ruijie config applet commit Ruijie config applet exit Command Descript...

Page 1077: ...No event is configured Command mode SEM configuration mode Usage Guideline This command is used to configure a monitor of the entered intelligence manager run command It is the policy that triggers ma...

Page 1078: ...name correlate andnot and or snmp oid oid value get type exact next entry op operator entry val entry value entry type value increment rate poll interval poll int value exit op operator exit val exit...

Page 1079: ...ge greater than or equal to gt greater than le less than or equal to lt less than ne unequal to exit val exit value The value to recover comparison optional exit type value increment rate The value ty...

Page 1080: ...y val 10000 entry type value poll interval 5 Ruijie config applet action 00 syslog msg _snmp_oid out of range Ruijie config applet commit Ruijie config applet exit Command Description Related commands...

Page 1081: ...d Command mode SEM configuration mode Usage Guideline Available events Variable Name Function _snmp_notif_oid Trap OID _snmp_notif_oid_val Trap OID value Examples The following example configures to m...

Page 1082: ...getnext set oid oid value type value istable yes no skip yes no no event tag event name Parameter Description event name The event name correlate andnot and or The relation between the current event...

Page 1083: ..._snmp_request_type _snmp_request_type _snmp_value _snmp_value Ruijie config applet action 10 exit 1 Ruijie config applet commit Ruijie config applet exit Command Description Related commands smart ma...

Page 1084: ...value is due the occurs operation times out This parameter is invalid when occurs is 1 skip yes no Indicate whether to skip the Syslog If it is set to yes the patterned log will be skipped The default...

Page 1085: ...on entry cron entry watchdog time time value name timer name no event tag event name Parameter Description event name The event name correlate andnot and or The relation between the current event and...

Page 1086: ...e Available events Variable Name Function _timer_type Timer type Examples Example 1 Restart the device at Unix format time 1257831095 Ruijie config intelligence manager applet Test_1 Ruijie config app...

Page 1087: ...cron entry 0 0 Ruijie config applet action 00 cli command enable Ruijie config applet action 10 cli command clear ip route Ruijie config applet commit Ruijie config applet exit Command Description Rel...

Page 1088: ...perator The comparing method eq equal to ge greater than or equal to gt greater than le less than or equal to lt less than ne unequal to value value The comparison value slot slotid mboard The monitor...

Page 1089: ...cy Platform description N A 7 1 23 event grtd This command is used to configure a GRTD based event in SEM configuration mode The no form of this command is used to delete an event with the specified n...

Page 1090: ...rmal faults and severity minor for minor faults Default configuration No event is configured Command mode SEM configuration mode Usage Guideline Available events Variable Name Function _grtd_test_slot...

Page 1091: ...iption Parameter description Default configuration By default the policy configuration is not rolled back Command mode SEM configuration mode Usage Guideline N A Examples The following example rolls b...

Page 1092: ...ed commands rollback Roll back the policy configuratioins 7 1 26 policy record In SEM configuration mode configure to record CLI action outputs and configure the size of CLI action outputs policy reco...

Page 1093: ...nd is the combination of date and time when this record is generated and the policy trigger ID Use more command to view logs When the number of CLI action outputs exceeds the size configured with the...

Page 1094: ...icy record Clear CLI records generated during the execution of the SEM policy 7 1 27 smart manager applet In the global configuration mode use this command to define a SEM policy The no form of this i...

Page 1095: ...icy configuration Viewing the current policy configuration Each event must have a unique name specified by parameter tag SEM automatically arranges events by tag alphabetically Each action must be ass...

Page 1096: ...tails refer to the smart manager policy bootup delay Note When several events are configured for a policy SEM automatically arranges the events alphabetically in a parallel relationship The other even...

Page 1097: ..._A Ruijie config smart manager applet Test_A Ruijie config applet Example 2 Create a command line based policy with the name as Test_B and class as D Ruijie config smart manager applet Test_B class D...

Page 1098: ...lid when being invoked by policies while local variables take effect Examples Example 1 Define a global variable with the name as variable_name and value as variable_value Ruijie config smart manager...

Page 1099: ...m saved number of SEM Even history information to 30 Ruijie config smart manager history size events 30 Command Description Related commands show smart manager history events Show the event history in...

Page 1100: ...to clear the CLI record generated by running the SEM policy smart manager policy record clean no registed policy registed polciy name dir record directory all Parameter Description no registed Clear...

Page 1101: ...ouput record which records the CLI action 7 1 32 smart manager run In the privileged mode use this command to run the policy of the events with none type smart manager run policy name parameter Param...

Page 1102: ...the SEM event queues smart manager scheduler clear all policy job id class class options Parameter Description all All policies policy job id Specify the trigger ID of the policy Parameter description...

Page 1103: ...e trigger ID of the policy Parameter description class class options Specify the policy class Default configuration By default no hold is performed Command mode Privileged mode Usage Guideline N A Exa...

Page 1104: ...mand mode Privileged mode Usage Guideline N A Examples The following example sets the queue priority of the policy with the type being applet and the class being B up to high Ruijie smart manager sche...

Page 1105: ...global configuration mode use this command to configure the thread pool of SEM policy category and set the thread pool size The no form of this command is used to restore the SEM policy thread pool t...

Page 1106: ...ailable threads for the thread pool of Class B and Class D Ruijie config smart manager scheduler thread class B D number 5 The following example configures up to 10 available threads for the thread po...

Page 1107: ...tion Related commands show smart manager scheduler Show the SEM scheduler information 7 1 39 trigger Use this command to configure the trigger attributes of the policy in SEM configuration mode trigge...

Page 1108: ...s 20 seconds by default Default configuration By default the trigger is not configured Command mode SEM mode Usage Guideline N A Examples The following example specifies the policy named Test_1 to run...

Page 1109: ...cs optional show the detector statistics Default configuration N A Command mode Privileged mode Usage Guideline N A Examples The following example executes the show smart manager detector all command...

Page 1110: ...sync yes default wait time no skip yes no mode mode val occurs num occurrences period period value no event tag event name Applet Built in Environment Variables _event_id _event_type _event_type_strin...

Page 1111: ...e_b The following example executes the show smart manager environment all command Ruijie show smart manager environment all No Name Value 1 var_a value_a 2 var_b value_b The following example executes...

Page 1112: ...es The following example executes the show smart manager history events command Ruijie show smart manager history events No Job Id Proc Status Time of Event Event Type Name 1 2817 Actv success Wed Nov...

Page 1113: ...emain 1 996 3 2841 Actv success Wed Nov11 10 16 03 2009 timer watchdog applet Test_1 timer_time 3466923363 364 timer_remain 1 996 Command Description Related commands smart manager history 7 2 4 show...

Page 1114: ...on of the registered policy policy policy name optional specify the policy name event type event name optional specify the event type of policy class class options optional select the policy class det...

Page 1115: ...w smart manager policy active class class options detailed Parameter Description class class options optional select the policy class Parameter description detailed optional show the detailed informat...

Page 1116: ...vent Event Type Policy Name 1 3159 N A running Wed Nov11 10 28 14 2009 none Test_1 exec time Wed Nov11 10 28 14 2009 elapsed time 142 768 maxrun 31536000 000 2 3160 N A running Wed Nov11 10 28 38 2009...

Page 1117: ...nt Type Policy Name 1 3191 N P pend Wed Nov11 10 28 53 2009 none Test_1 2 3192 N P pend Wed Nov11 10 28 53 2009 none Test_1 3 3193 N P pend Wed Nov11 10 28 54 2009 none Test_1 4 3194 N P pend Wed Nov1...

Page 1118: ...8 show smart manager scheduler In the privileged mode this command shows the operation of SEM scheduler show smart manager scheduler thread detailed Parameter Description Parameter description detail...

Page 1119: ...9 show smart manager version In the privileged mode this command shows the version information of SEM show smart manager version Parameter description N A Default configuration N A Command mode Privi...

Page 1120: ...S2600E CLI Reference Guide Chapter 7 SEM Configuration Commands counter 01 00 interface 01 00 sysmon 01 00 none 01 00 oir 01 00 snmp 01 00 snmp notification 01 00 timer 01 00 snmp object 01 00...

Page 1121: ...System Management...

Page 1122: ...eter must be carried with Parameter description directory Specified directory Default The default directory is the flash root directory Command mode Privileged EXEC mode Usage guidelines Change the ab...

Page 1123: ...d EXEC mode Usage guidelines This command is used to copy the files among various storage media in the local and to transmit the files between the network servers The following table lists the URL pre...

Page 1124: ...t the wildcard Note Without the specified URL prefix configured it refers to the current file system Examples Example 1 Download the file from the tftp server Ruijie copy tftp 192 168 201 54 rgos bin...

Page 1125: ...les in the present directory delete url Parameter Description Parameter description url The URL for the file to be deleted Default N A Command mode Privileged EXEC mode Usage guidelines This command i...

Page 1126: ...em for the file to be displayed This parameter must carry with Parameter description directory Set the directory for the file to be displayed Default By default only the information under the present...

Page 1127: ...the information of all the files in the present directory Ruijie dir Directory of temp Mode Link Size MTime Name 1 399 2008 01 01 00 17 58 a dat 1 Files Total size 399 Bytes 0 Directories Total 33030...

Page 1128: ...ry of flash backup temp will fail The solution is that the directory of flash backup shall be created before the creation of the directory of flash backup temp Examples Example 1 Create the test direc...

Page 1129: ...the slave board to the usb0 device Ruijie rename slave log txt usb0 log txt Example 3 Rename the log txt in the present directory as log txt bak Ruijie rename log txt log txt bak Example 4 Move the rg...

Page 1130: ...empty directories Examples If there is tmp directory in the present directory and the directory does not contain any files Ruijie rmdir tmp Ruijie ls 1 2 Showing Related Commands 1 2 1 pwd Use this co...

Page 1131: ...file system information show file systems Parameter description N A Default N A Command mode Privileged EXEC mode Usage guidelines Use this command to show the file systems supported in the present de...

Page 1132: ...the archive configuration mode to the default state archive no archive Parameter Description Parameter description Default Command mode Global configuration mode Usage guidelines Use the archive comm...

Page 1133: ...no hidekeys Parameter Description Parameter description Default Allow showing the passwords in the configuration log by default Command mode Archive log management configuration mode Usage guidelines...

Page 1134: ...config Parameter Description Parameter description Default N A Command mode Archive configuration mode Usage guidelines Use the log config command to switch to the archive log management configuratio...

Page 1135: ...xamples The following example enables the function of logging the configuration change Ruijie configure terminal Enter configuration commands one per line End with CNTL Z Ruijie config archive Ruijie...

Page 1136: ...configuration log as 50 Ruijie configure terminal Enter configuration commands one per line End with CNTL Z Ruijie config archive Ruijie config archive log config Ruijie config archive log config logg...

Page 1137: ...commands one per line End with CNTL Z Ruijie config archive Ruijie config archive log config Ruijie config archive log config notify syslog Command Description archive Enter the archive configuration...

Page 1138: ...e in the configuration file that only exist in one of the configuration files The type of these configurations depends on the order of the specified configuration file And in front of each configurati...

Page 1139: ...ooping bootp bind interface GigabitEthernet 0 3 ip dhcp snooping limit rate 1000 snmp server host 1 1 1 2 traps public ip dhcp snooping verify mac address snmp server host 1 1 1 1 traps public Command...

Page 1140: ...ions of the config_bak1 text file and current device are shown as below config_bak1 text Configurations on current device ip dhcp snooping informat ion option ip dhcp snooping bootp bind interface Gig...

Page 1141: ...isioning contenttype plaintext statistics Parameter Description all Show all entry information of the configuration log start num end num Specifying the start num means showing all configuration logs...

Page 1142: ...specified to 0 show all configuration logs starting with the start num On condition that the configuration log entry that corresponding to the specified start num is not existent show the configuratio...

Page 1143: ...ig logging enable logging size 50 The following example shows the memory usage of the configuration log Ruijie show archive log config statistics Config Log Session Info Number of sessions being track...

Page 1144: ...PU utilization information in 5sec 1 min and 5 min and the CPU utilization of every task in 5sec 1 min and 5 min Examples Ruijie show cpu CPU Using Rate Information CPU utilization in five seconds 25...

Page 1145: ...6 0 0 0 rldp_task 27 0 2 1 rerp_task 28 0 0 0 reup_event_handler 29 0 0 0 tpp_task 30 0 0 0 ip6timer 31 0 0 0 rtadvd 32 0 0 0 tnet6 33 2 0 0 tnet 34 0 0 0 Tarptime 35 0 0 0 gra_arp 36 0 0 0 Ttcptimer...

Page 1146: ...c _task 74 0 0 0 dhcpd_task 75 0 0 0 dhcps_task 76 0 0 0 dhcpping_task 77 0 0 0 dhcpc_task 78 0 0 0 uart_debug_file_task 79 0 0 0 ssp_init_task 80 0 0 0 rl_listen 81 0 0 0 ikl_msg_operate_thread 82 0...

Page 1147: ...number 5Sec CPU utilization of the tasks in 5sec 1Min CPU utilization of the tasks in 1min 5Min CPU utilization of the tasks in 5min The first 2 lines in the list above indicate the CPU utilization of...

Page 1148: ...ng rate is less than the low threshold it prompts the message and advertises that the current CPU using rate has been down only when the CPU high and low threshold switches over Examples This example...

Page 1149: ...l when the memory reaches the lower threshold The upper routing protocol includes BGP OSPF RIP PIM SM memory lack exit policy bgp ospf pim sm rip no memory lack exit policy Parameter Description bgp o...

Page 1150: ...configure the BGP exit policy when the memory lacks Specifying the disabled routing protocol to take precedence to exit the policy can not help the system obtain enough memory resources Note The exit...

Page 1151: ...e the following table Parameter Description min The memory resources are extremely insufficient It can only keep the kernel running All application modules fails to run if the minimum watermark has be...

Page 1152: ...nd to display the usage of the memory for the routing protocols Note Different switches and versions support different routing protocols The main routing protocols are BGP OSPF RIP LDP PIM ISIS and ec...

Page 1153: ...r id is not configured use this command to set the priority of member 1 Parameter description priority The member priority ranging from 1 to 10 Default 1 Command mode Global configuration mode Usage g...

Page 1154: ...idelines After executing the write command to save the configuration this configuration takes effect Examples The following example shows how to set the alias of member 2 to red giant Ruijie config de...

Page 1155: ...and mode Interface configuration mode Usage guidelines Examples The following example shows how to enable the stack function on gigabitEthernet 0 28 Ruijie config interface GigabitEthernet 0 28 Ruijie...

Page 1156: ...00d0 f822 33aa 1 RGOS 10 1 00 2 Release 12889 1 0 SWITCH 3 00d0 f822 33ae 1 RGOS 10 1 00 2 Release 12889 1 0 SWITCH 4 00d0 f822 33b0 1 RGOS 10 1 00 2 Release 12889 1 0 SWITCH 5 00d0 f822 33b2 1 RGOS 1...

Page 1157: ...re to the default value poe disconnect mode mode no poe disconnect mode Parameter Description Parameter description mode Disconnection detection mode within the range of ac dc Command mode Global conf...

Page 1158: ...mum allowed voltage Use the no form of this command to restore to the default value poe power lower lower no poe power lower Parameter Description Parameter description lower Minimum allowed voltage w...

Page 1159: ...mple sets the maximum allowed voltage of the current POE system as 56000 mv Ruijie configure Ruijie config poe power upeer 56000 Ruijie config end 6 2 Show Related Command 6 2 1 show poe interface s U...

Page 1160: ...0 0 0V Gi0 3 Disable OFF 0 0W 0 0W 0 0W 0mA normal 0 0 0V Gi0 4 Disable OFF 0 0W 0 0W 0 0W 0mA normal 0 0 0V Gi0 5 Disable OFF 0 0W 0 0W 0 0W 0mA normal 0 0 0V Gi0 6 Disable OFF 0 0W 0 0W 0 0W 0mA no...

Page 1161: ...sage guidelines This command is used to view the POE power supply status Examples Ruijie show poe powersupply PSE Total Power 379971 mW PSE Total Power Consumption 0 mW PSE Available Power 379971 mW P...

Page 1162: ...kets Examples The following example clears the log packets from the memory buffer Ruijie clear logging Command Function logging on Record logs on different devices show logging Show the logs in the bu...

Page 1163: ...128K Bytes 4 other devices 4K Bytes The log severity is 7 Command mode Global configuration mode Usage guideline s The memory buffer for log is used in recycled manner That is when it is full the old...

Page 1164: ...uffer size especially in condition of large buffer may fails due to the insufficent availble continuous memory The failure message will be shown It is recommended to modify the log buffer size as soon...

Page 1165: ...ow logging command displays the related setting parameters and statistics of the log Examples The example below sets the severity of log that is allowed to be displayed on the console as 6 Ruijie conf...

Page 1166: ...count Show the log statistics Related commands show logging Show the logs and related log configuration parameters in the buffer 7 1 5 logging facility Use this command to configure the log device Th...

Page 1167: ...news 8 uucp Unix to Unix copy system 9 clock1 Clock daemon 10 auth2 security authorization message 11 ftp FTP daemon 12 ntp NTP daemon 13 logaudit Log audit 14 logalert Log alert 15 clock2 Clock daem...

Page 1168: ...ded in the log files The name of the severity or the numeral can be used By default the severity of logs recorded in the FLASH is 6 For the details of log severity please see Table 1 Default configura...

Page 1169: ...mand to write one syslog to the FLASH Examples The example below records the logs into the expansion FLASH with the name trace txt file size 128K and log severity 6 Ruijie config logging file flash tr...

Page 1170: ...ndows Examples The example below sets the severity of log that is allowed to be printed on the VTY window as 6 Ruijie config logging monitor informational Command Description logging on Record logs on...

Page 1171: ...erver logging file flash Record logs on the FLASH logging console Set the log level to be displayed on the console logging monitor Set the log level to be displayed on the VTY window such as telnet wi...

Page 1172: ...tput Examples The example below sets the number of the logs including debug processed in a second as 10 However the logs with warning or higher severity level are not controlled Ruijie config logging...

Page 1173: ...vers at the same time Examples The example below specifies a syslog server at address 202 101 11 1 Ruijie config logging server 202 101 11 1 The example below specifies an ipv6 address as AAAA BBBB FF...

Page 1174: ...ace is configured the source IP address of the log message is still that of the interface from which the message is sent Examples The example below specifies loopback 0 as the source address of the sy...

Page 1175: ...the source IP address of the log message is still that of the interface from which the message is sent Examples The example below specifies the 192 168 1 1 as the source address of the syslog messages...

Page 1176: ...PDOWN Line protocol on Interface GigabitEthernet 0 1 changed state to DOWN Ruijie configure terminal the input command by the user is output again rather than being intererupted Command Description Re...

Page 1177: ...evicds logging Record logs to the Syslog server Related commands show logging Show the logs and related log configuration parameters in the buffer 7 1 15 more flash Use this command to show the conten...

Page 1178: ...ched Command mode Global configuration mode Usage guidelines In addition to the timestamp it is possible to add sequential numbers to the logs numbering from 1 Then it is clearly known whether the log...

Page 1179: ...commands one per line End with CNTL Z Ruijie config service sysname Ruijie config end Ruijie Mar 22 15 35 57 S3250 SYS 5 CONFIG Configured from console by console Command Function Related commands sh...

Page 1180: ...r Minute Second for example 2007 Jul 27 16 53 07 Default configuration The time stamp in the log information is the current time of the device If the device has no RTC the time stamp is automatically...

Page 1181: ...the temporary attributes of the current VTY As the temporary attribute it is not stored permanently At the end of the VTY terminal session the system will use the default setting and the temporary se...

Page 1182: ...s datetime Sequence number log messages enable Sysname log messages enable Count log messages enable Trap logging level informational 15242 message lines logged 0 fail logging to 202 101 11 22 logging...

Page 1183: ...Console logging Level of the logs printed on the console and statistics Monitor logging Level of the logs printed on the VTY window and statistics Buffer logging Level of the logs recorded in the mem...

Page 1184: ...statistics show logging count Parameter description N A Command mode Privileged EXEC mode Usage guidelines To use the log packet statistics function run logging count in the global configuration mode...

Page 1185: ...ent operation of the CLI the configuration is realized by executing the every single command As for the configuration and deployment of a specific functional module current CLI presentation lacks some...

Page 1186: ...and Function Related commands view logging Show the configuration and running status information about syslog modules Platform description Supported by switches only 7 4 Showing Example Commands 7 4 1...

Page 1187: ...he configuration task The description for the command example greatly increases the accuracy and efficiency of user configuration helping user get a better understanding of the configuration and the m...

Page 1188: ...ng about the description of keywords so they do not know how to continue the configuration in order to complete the configuration task The description for the command example greatly increases the acc...

Page 1189: ...next keyword or parameter and related description However users may not understand the meaning about the description of keywords so they do not know how to continue the configuration in order to comp...

Page 1190: ...ption N A Command mode Any mode Usage guidelines Currently multiple commands are needed to show the related configuration or status information of one function The users do not know to use which comma...

Page 1191: ...Reference Guide Chapter 7 Syslog Configuration Commands Examples Command Function Related commands logging help Show the typical configuration of syslog modules Platform description Supported by swit...

Search results

Summary of Contents for RG-S2600E Series

Reviews:

Related manuals for RG-S2600E Series

Brands by name

Popular brands

Ruijie Networks RG-S2600E Series, Cli Reference Manual

Search results

Summary of Contents for RG-S2600E Series

Reviews:

Related manuals for RG-S2600E Series

Brands by name

Popular brands