Ruijie RG-S29 Series Command Reference Manual Download Page 1293

Page: 1293 / 1510

Command Reference ACL Commands

Org Code field

Sequence number

Encapsulated data type

Confirmation field

IP version number

IP header length and

reserved bits

TOS field

Resrved bits and flags bit

Length of IP packet

Windows size field

Others

Flags field

The offsets of fields in the above table are their offsets in 802.3 data frames of SNAP+tag.

1.2 access-list

Use this command to create an access list to filter data packets. Use the

form of this command to

remove the specified access list.

Standard IP access list (1 to 99, 1300 to 1999)

access-list

{

deny

permit

} {

source source-wildcard

host

source

any | interface

idx

}

[

time-range

tm-range-name

] [

log

]

Extended IP access list (100 to 199, 2000 to 2699)

access-list

{

deny

permit

}

protocol

{

source source-wildcard

host

source

any| interface

idx

}

{

destination

destination-wildcard

host

destination

any

} [

precedence

precedence

] [

tos

tos

]

[

fragment

] [

range

lower

upper

] [

time-range

time-range-name

] [

log

]

Extended MAC access list (700 to 799)

access-list

{

deny

permit

} {

any

host

source-mac-address

source-mac-address mask

} {

any

host

destination-mac-address

destination-mac-address mask

} [

ethernet-type

][

cos

[

out

][

inner

]]

Extended expert access list (2700 to 2899)

access-list

{

deny

permit

} [

protocol

| [

ethernet-type

][

cos

[

out

][

inner

]]] [

VID

[

out

][

inner

]]

{

source

source-wildcard

host

source

any

} {

host

source-mac-address

any

} {

destination

destination-wildcard

host

destination

any

} {

host

destination-mac-address

any

} ][

precedence

precedence

] [

tos

tos

] [

fragment

] [

time-range

time-range-name

]



When you select the Ethernet-type field or cos field:

access-list

{

deny

permit

} {

ethernet-type|

cos

[

out

][

inner

]} [

VID

[

out

][

inner

]]

{

source

source-wildcard

host

source

any

} {

host

source-mac-address

any

} {

destination

destination-wildcard

host

destination

any

} {

host

destination-mac-address

any

} [

time-range

time-range-name

]



When you select the protocol field:

access-list

{deny | permit}

protocol [VID

[

out

][

inne

]] {

source

source-wildcard

| host

source

any

} {

host

source-mac-address

any

}{destination

destination-wildcard

host

destination

any}

{host

destination-mac-address

any} [precedence

precedence

] [

tos

tos

]

[fragment]

[

range

lower

upper

]

[time-range

time-range-name

]



Extended expert ACLs of some important protocols:

Internet Control Message Protocol

(ICMP)

access-list

{

deny

permit

}

icmp

[

VID

[

out

][

inner

]] {

source

source-wildcard

host

source

any

}

{

host

source-mac-address

any

} {

destination

destination-wildcard

host

destination

any

} {

host

«
...
1291
1292
1293
1294
1295
...
»

Summary of Contents for RG-S29 Series

Page 1: ...RG S29 Series Switch RGOS Command Reference Release 11 4 1 B12...

Page 2: ...or by any means without the prior written consent of Ruijie Networks is prohibited Exemption Statement This document is provided as is The contents of this document are subject to change without any n...

Page 3: ...uments Documents Description Configuration Guide Describes network protocols and related mechanisms that supported by the product with configuration examples Hardware Installation and Reference Guide...

Page 4: ...ped in brackets and separated by vertical bars Symbols Means reader take note Notes contain helpful suggestions or references Means reader be careful In this situation you might do something that coul...

Page 5: ...3 Line Commands 4 File System Commands 5 SYS Commands 6 Time Range Commands 7 HTTP Service Commands 8 Syslog Commands 9 CWMP Commands 10 CA MONITOR Commands 11 ZAM Commands 12 Module Hot plugging Unp...

Page 6: ...ult alias Command Mode Global configuration mode Usage Guide The following table lists the default alias of the commands in privileged EXEC mode Alias Actual Command h help p ping s show u undebug un...

Page 7: ...service The command alias also has its help information For example if the alias ia represents ip address in the interface configuration mode then Ruijie config if ia A B C D IP address dhcp IP Addre...

Page 8: ...an be authorized by the privilege command in CLI mode The number of command modes that can be authorized may vary with different devices In the global configuration mode you can use the privilege comm...

Page 9: ...on N A 1 3 show aliases Use this command to show all the command aliases or aliases in special command modes show aliases mode Parameter Description Parameter Description mode Mode of the command repr...

Page 10: ...Command Reference Command Line Interface Commands Platform Description N A...

Page 11: ...1 99 command is used to restore the session If the session is created you can use the show session command to display the session Configuration Examples The following example restores the suspended Te...

Page 12: ...he EXEC message is displayed The messages are for all lines If you want to disable display the EXEC message on a specific line configure the no exec banner command on the line Configuration Examples T...

Page 13: ...nfig banner incoming Welcome Related Commands Command Description N A N A Platform Description N A 2 4 banner login Use this command to configure a login banner Use no form of this command to r remove...

Page 14: ...on mode Usage Guide This command sets the MOTD which is displayed at login The letters that follow the separator will be discarded Configuration Examples The following example configures the MOTD Ruij...

Page 15: ...ion N A N A Platform Description N A 2 7 banner slip ppp Use this command to configure the slip ppp message for the SLIP PPP session Use the no form of this command to remove the setting banner slip p...

Page 16: ...e Flash Defaults By default startup configuration file of a device is saved in Flash config text Command Mode Privileged EXEC mode Usage Guide The startup configuration file name follows a slash for e...

Page 17: ...ge Guide N A Configuration Examples The following example enters global configuration mode Ruijie configure Ruijie config Related Commands Command Description N A N A Platform Description N A 2 10 dis...

Page 18: ...nd Description enable Moves from user EXEC mode enter to privileged EXEC mode or reaches a higher level of authority Platform Description N A 2 11 disconnect Use this command to disconnect the Telnet...

Page 19: ...client ipv6 X X X X X Specifies source IPv6 address for Telnet client interface interface name Specifies source port for Telnet client Defaults N A Command Mode User EXEC mode Privileged EXEC mode Int...

Page 20: ...el 0 password 7 encrypted password no enable password level leve l Parameter Description Parameter Description password Password for the user to enter the EXEC configuration layer level User s level 0...

Page 21: ...scription Parameter Description secret Password for the user to enter the EXEC configuration layer level User s level 0 The password is in plain text 5 encrypted password The password is encrypted Def...

Page 22: ...enabled at the same time web server http https all Enables HTTP Server IPv4 and IPv6 services are enabled at the same time snmp agent Enables SNMP Agent IPv4 and IPv6 services are enabled at the same...

Page 23: ...this command to return to privileged EXEC mode Configuration Examples The following example returns to privileged EXEC mode Ruijie con Enter configuration commands one per line End with CNTL Z Ruijie...

Page 24: ...u configure the banner incoming command the banner incoming message is displayed on all reverse Telnet sessions and the display cannot be disabled on a specific line Configuration Examples The followi...

Page 25: ...command on the file execute flash filename Parameter Description Parameter Description filename Specifies the file path Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Exa...

Page 26: ...he following example returns to the upper configuration mode Ruijie con Enter configuration commands one per line End with CNTL Z Ruijie config line vty 0 Ruijie config line end May 20 09 49 38 SYS 5...

Page 27: ...ntil entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Part...

Page 28: ...rval for load calculation for an interface mac Mac extended ACL mac address Set mac address mpls Multi Protocol Label Switching mtu Set the interface Maximum Transmission Unit MTU no Negate a command...

Page 29: ...during dialup and CHAP authentication Configuration Examples The following example configures the hostname of the device as BeiJingAgenda Ruijie config hostname BeiJingAgenda BeiJingAgenda config Rela...

Page 30: ...ands Command Description telnet Logs in a Telnet server Platform Description N A 2 25 lock Use this command to set a temporary password for the terminal lock Parameter Description Parameter Descriptio...

Page 31: ...no form of this command to restore the default setting lockable no lockable Parameter Description Parameter Description N A N A Defaults This function is disabled by default Command Mode LINE configu...

Page 32: ...A Defaults Login is disabled for console and enabled for AUX TTY and VTY by default Command Mode Line configuration mode Usage Guide If the AAA security server is inactive this command enables simple...

Page 33: ...configures VTY line authentication with AAA enabled Ruijie config log access non aaa Ruijie config aaa new model Ruijie config line vty 0 4 Ruijie config line login local Ruijie config line Related Co...

Page 34: ...mands Command Description aaa new model Enables the AAA security service aaa authentication login Configures the login authentication method list Platform Description N A 2 30 login local Use this com...

Page 35: ...setting login privilege log no login privilege log Parameter Description Parameter Description N A N A Defaults This command is disabled by default Command Mode Global configuration mode Usage Guide N...

Page 36: ...nes by default Command Mode Line configuration mode Usage Guide After you configure the banner exec and the banner motd commands the EXEC and the MOTD messages are displayed on all lines by default If...

Page 37: ...login 0 The password is in plain text 7 encrypted password The password is encrypted Defaults N A Command Mode Line configuration mode Usage Guide Configuration Examples The following example configur...

Page 38: ...fig end RGOS Related Commands Command Description N A N A Platform Description N A 2 35 secret Use this command to set a password encrypted by irreversible MD5 for line login Use the no form of this c...

Page 39: ...ails enhancing security for the system password Configuration Examples The following example sets the password encrypted by irreversible MD5 for line login to vty0 Ruijie config line vty 0 Ruijie conf...

Page 40: ...1 slot m1 Related Commands Command Description N A N A Platform Description N A 2 37 session timeout Use this command to configure the session timeout for a remote terminal Use the no form of this co...

Page 41: ...ving startup configurations and the corresponding file name show boot config Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configur...

Page 42: ...s Command Description N A N A Platform Description N A 2 40 show line Use this command to display the configuration of a line show line aux line num console line num tty line num vty line num line num...

Page 43: ...Session never never History is enabled history size is 10 Total input 53564 bytes Total output 395756 bytes Data overflow 27697 bytes stop rx interrupt 0 times Related Commands Command Description N...

Page 44: ...d to display how the current device system is configured show running config Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configur...

Page 45: ...abled telnet server disabled Related Commands Command Description N A N A Platform Description N A 2 44 show sessions Use this command to display the Telnet Client session information show sessions Pa...

Page 46: ...ig Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide The device configuration stored in the NVRAM is executed while the device is starting...

Page 47: ...ration mode 3 Use the interface range command to configure interfaces and enter interface range configuration mode In vlan range or interface range mode if the number of VLANs or interfaces exceeds 50...

Page 48: ...d speed no speed Parameter Description Parameter Description speed Transmission rate bps on the terminal For serial ports optional rates include 9600 19200 38400 57600 and 115200 bps The default rate...

Page 49: ...interface used by the Telnet client Defaults N A Command Mode User EXEC mode Usage Guide Configuration Examples The following example sets telnet to IPv6 address 2AAA BBBB CCCC Ruijie telnet 2AAA BBB...

Page 50: ...If the type is 7 the password is encrypted The password is in plain text by default secret 0 5 text string If the password type is 0 the password is in plain text If the type is 5 the password is enc...

Page 51: ...rmation from the file username import filename Parameter Description Parameter Description filename The file name Defaults N A Command Mode Privileged EXEC mode Usage Guide This command is used to imp...

Page 52: ...NVRAM which is equivalent to copy running config startup config terminal Displays the system configuration which is equivalent to show running config Defaults N A Command Mode Privileged EXEC mode Us...

Page 53: ...Privileged EXEC mode Usage Guide The zero configuration function is applicable to the ACS solution only The zero configuration function is applicable to standalone systems only With the zero configur...

Page 54: ...Command Reference Basic Configuration Management Commands non zero configuration mode switch Related Commands Command Description N A N A Platform Description N A...

Page 55: ...cted once the timeout timer expires Before the terminal logs out a message is displayed to prompt the remaining time Terminal will be login out after 20 second Configuration Examples The following exa...

Page 56: ...ie config line access list 20 in The following example uses the ACL named test to filter the outgoing connections in line VTY 6 7 Ruijie config line vty 6 7 Ruijie config line access list test out Rel...

Page 57: ...nds 15 default Related Commands Command Description N A N A Platform Description N A 3 4 accounting exec Use this command to enable user access accounting in the line Use the no form of this command t...

Page 58: ...store the default setting activation character ascii value no activation character Parameter Description Parameter Description ascii value Sets the ASCII value of the character for activating the term...

Page 59: ...ptional list name Defaults This function is disabled by default Command Mode Line configuration mode Usage Guide This function is used together with AAA authorization Configure AAA authorization first...

Page 60: ...Examples The following example performs EXEC authorization to line VTY 1 Ruijie config aaa new model Ruijie config aaa authorization exec default group radius Ruijie config line vty 1 Ruijie config l...

Page 61: ...Location 0 con 0 idle 00 01 31 1 vty 0 idle 00 00 00 192 168 21 200 Related Commands Command Description N A N A Platform Description N A 3 9 clear line Use this command to clear connection status of...

Page 62: ...sync line in flow communication mode Use the no form of this command to restore the default setting databits bit no databits Parameter Description Parameter Description bit Sets the databit number of...

Page 63: ...ommand Mode Line configuration mode Usage Guide This command is used to set the hot key that disconnects the terminal service connection The hot key cannot be the commonly used ASCII node such as char...

Page 64: ...ent session is disconnected to return to the original session Configuration Examples The following example sets the escape character for the line to 23 Ctrl w Ruijie config line vty 0 Ruijie config li...

Page 65: ...coded character set for the async line Use the no form of this command to restore the default setting exec character bits 7 8 no exec character bits Parameter Description Parameter Description 7 Conf...

Page 66: ...Guide This command is used to control the data sending rate to make it consistent with the receiving rate at the receiving end The terminal cannot receive data while sending data so this function prev...

Page 67: ...size is 10 Command Mode Line configuration mode Usage Guide N A Configuration Examples The following example sets the number of commands in the command history to 20 for line VTY 0 5 Ruijie config lin...

Page 68: ...ipv6 access list test out Related Commands Command Description show running Displays status information Platform Description N A 3 18 length Use this command to set the screen length for the line Use...

Page 69: ...terminal line applicable for telnet ssh connection first line Number of first line to enter last line Number of last line to enter Defaults N A Command Mode Global configuration mode Usage Guide Confi...

Page 70: ...0 to 19 Ruijie config line vty 19 The following example decreases the number of available VTY connections to 10 The available VTY connections are numbered 0 9 Ruijie config line vty 10 Related Comman...

Page 71: ...tor Use this command to enable log display on the terminal Use the no form of this command to restore the default setting monitor no monitor Parameter Description Parameter Description N A N A Default...

Page 72: ...e Usage Guide Parity is required in communication through some devices such as async serial ports and console ports Configuration Examples The following example configures even parity for the async li...

Page 73: ...4 Related Commands Command Description N A N A Platform Description N A 3 25 show history Use this command to display the command history of the line show history Parameter Description Parameter Descr...

Page 74: ...port line This parameter is on routers generally vty Displays configuration for the virtual terminal line line num Displays the line Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Conf...

Page 75: ...n characters Timeouts Timeout value never indicates no timeout History Whether to enable command history the number of commands in the command history Total input Data volume received from the drive T...

Page 76: ...line and users not logging into the line Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example displays the information about users logging into...

Page 77: ...audrate no speed Parameter Description Parameter Description baudrate Sets the baud rate in the range from 9600 to 115200 Defaults The default is 9600 Command Mode LINE configuration mode Usage Guide...

Page 78: ...ion Configuration Examples The following example configures Ctrl Y ASCII 25 for starting software flow control on the async line Ruijie config line console 0 Ruijie config line start character 25 Rela...

Page 79: ...n the async line Use the no form of this command to restore the default setting stop character ascii value no stop character Parameter Description Parameter Description ascii value Sets the ASCII valu...

Page 80: ...lowing example sets the databit number of every character for the current terminal in flow communication mode to 7 Ruijie terminal databits 7 Related Commands Command Description N A N A Platform Desc...

Page 81: ...character set for the current terminal Use the no form of this command to restore the default setting terminal exec character bits 7 8 terminal no exec character bits Parameter Description Parameter...

Page 82: ...s The default flow control mode is none Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example configures software flow control for the current terminal Ruijie...

Page 83: ...he command history for the current terminal Ruijie terminal no history Related Commands Command Description N A N A Platform Description N A 3 38 terminal length Use this command to set the screen len...

Page 84: ...tion Configures location description of the current device Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example configures location description o...

Page 85: ...the current terminal Ruijie terminal parity even Related Commands Command Description N A N A Platform Description N A 3 41 terminal speed Use this command to configure the baud rate for the current...

Page 86: ...e corresponding to the start character for software flow control on the current terminal in the range from 0 to 255 Defaults The default is Ctrl Q ASCII 17 Command Mode Privileged EXEC mode Usage Guid...

Page 87: ...character Use this command to configure the stop character for software flow control on the current terminal Use the no form of this command to restore the default setting terminal stop character asci...

Page 88: ...ng terminal no terminal type Parameter Description Parameter Description terminal type string Sets the terminal type string such as vt100 and ansi Defaults The default is vt100 Command Mode Privileged...

Page 89: ...pe string of the async line terminal type terminal type string no terminal type Parameter Description Parameter Description terminal type string Configures the terminal type string such as vt100 and a...

Page 90: ...e user to enter any message seconds Timeout value in the range from 1 to 300 in the unit of seconds Defaults The default is 30 Command Mode Line configuration mode Usage Guide N A Configuration Exampl...

Page 91: ...tocols are allowed Command Mode Line configuration mode Usage Guide N A Configuration Examples The following example specifies that only the Telnet protocol is allowed to login in line vty 0 4 Ruijie...

Page 92: ...ut from the ruijie device Related Commands Command Description N A N A Platform Description N A 3 51 width Use this command to set the screen width for the line Use the no form of this command to rest...

Page 93: ...Command Reference Line Commands Description...

Page 94: ...path Defaults The default directory is the flash root directory Command Mode Privileged EXEC mode Usage Guide Configuration Examples Related Commands Command Description pwd Displays the present word...

Page 95: ...following example copies the netconfig file from device 192 168 64 2 to the FLASH disk and the netconfile file exists locally Ruijie copy tftp 192 168 64 2 netconfig flash netconfig Do you want to ov...

Page 96: ...Delete success Ruijie dir Directory of flash 1 rw 4096 Jan 03 2012 12 32 09 rc d 2 rw 10485760 Jan 03 2012 18 13 37 rpmdb 2 files 0 directories 10 489 856 bytes total 13 192 992 bytes free Related Co...

Page 97: ...Jan 03 2012 18 13 37 rpmdb 3 files 0 directories 10 490 192 bytes total 13 192 656 bytes free Field Description 1 2 3 Index number rw Permissions on a file include d directory r read w write x execut...

Page 98: ...formation about a file file filesystem file url Parameter Description Parameter Description filesystem The URL of file system followed by a colon The file system includes flash usb and tmp file url Th...

Page 99: ...ged EXEC mode Usage Guide N A Configuration Examples The following example sets the prompt mode to noisy Ruijie file prompt noisy Related Commands Command Description N A N A Platform Description N A...

Page 100: ...42 fstab 2 rw 4096 Jan 03 2012 12 32 09 rc d 3 rw 10485760 Jan 03 2012 18 13 37 rpmdb 4 drw 4096 Jan 03 2012 18 13 37 newdir 3 files 1 directories 10 494 228 bytes total 13 188 560 bytes free Related...

Page 101: ...is currently only used in conjunction with the TI RPC code in the libtirpc library Entries consist of network_id semantics flags protofamily protoname device nametoaddr_libs The device and nametoaddr_...

Page 102: ...ination file or directory Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example renames the fstab file in the root directory on the FLASH disk as...

Page 103: ...lash usb and tmp directory The path name A file name starts with is an absolute path Otherwise it is a relative path Defaults The default filesystem is flash Command Mode Privileged EXEC mode Usage Gu...

Page 104: ...isplays USB information flash Displays FLASH information Defaults N A Command Mode User EXEC mode Privileged EXEC mode Global configuration mode Interface configuration mode Usage Guide N A Configurat...

Page 105: ...n Ruijie show file systems Size KB Free KB Type Flags Prefixes NA NA ram rw tmp NA NA network rw tftp NA NA network rw oob_tftp NA NA xmodem rw xmodem 8192 2416 disk rw flash 1048576 548576 disk rw us...

Page 106: ...s type fusectl rw none on sys kernel debug type debugfs rw none on sys kernel security type securityfs rw udev on dev type devtmpfs rw mode 0755 devpts on dev pts type devpts rw noexec nosuid gid 5 mo...

Page 107: ...Global configuration mode Usage Guide N A Configuration Examples The following example binds source IP address 192 168 23 236 with the TFTP client Ruijie config tftp client source ip 192 168 23 236 T...

Page 108: ...mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example displays the file tree of flash echo Ruijie tree flash echo client_module client_userspace echo_cli c echo_clien...

Page 109: ...5 value The file MD5 which is compared with the computed MD5 filesystem The URL of file system followed by a colon The file system includes flash usb and tmp file url The file name containing the path...

Page 110: ...rify md5 8b072de7db7affd8b2ef824e7e4d71 flash gcc Error verifying flash gcc Computed signature 8b072de7db7affd8b2ef824e7e4d716c Submitted signature 8b072de7db7affd8b2ef824e7e4d71 Related Commands Comm...

Page 111: ...eter that is neglected keeps the current system value For example if the current hardware time is 2012 02 29 09 33 44 and you want to change month and hour and keep values of other parameters use the...

Page 112: ...ue As shown in the last example enter 18 hour and then enter 3 month and 2 day Check Method Platform Description 5 2 clock read calendar Use this command to enable the system to synchronize the softwa...

Page 113: ...your needs The parameter that is neglected keeps the current system value For example if the current hardware time is 2012 02 29 09 33 44 and you want to change month and hour and keep values of othe...

Page 114: ...42 48 CST Fri Mar 2 2012 Because the hour parameter in this command is mandatory set it to the current time if you do not need to change its value As shown in the last example enter 18 hour and then e...

Page 115: ...he end time of the summer time end month End month Value range January February March April May June July August September October November and December The value is not case sensitive and you may ent...

Page 116: ...00 09 SYS 5 CLOCKUPDATE Set system clock 18 00 09 ABC Sun Jan 1 2012 Set system clock 18 00 09 ABC Sun Jan 1 2012 Ruijie show clock 18 00 12 ABC Sun Jan 1 2012 If the system uses the default summer t...

Page 117: ...time while the positive digit indicates that the time is faster than the hardware time If the time is slower than the UTC time add before hours offset minutes offset Minutes of time difference The ra...

Page 118: ...to synchronize the hardware time with the software time Ruijie clock update calendar Set the hardware time from the system clock The following example sets the time zone of the hardware time to GMT 5...

Page 119: ...29 2012 Check Method Platform Description 5 7 cpu high watermark set Use this command to set the high watermark of the CPU usage of the control core and enable CPU usage monitoring cpu high watermark...

Page 120: ...watermark set Reset default cpu watermark monitor set system cpu watermark high 80 75 85 The following example disables CPU usage monitoring Ruijie config no cpu high watermark set Close cpu watermark...

Page 121: ...memory history clear one forth half all Parameter Description Parameter Description one forth Clears one fourth entries half Clears a half of entries all Clears all the entries Defaults Command Mode...

Page 122: ...e Platform Description 5 9 memory low watermark set Use this command to set the low watermark threshold of the memory and enable the memory low watermark detection memory low watermark set mem value U...

Page 123: ...d Use this command to reload the device reload at hour minute second month day year Parameter Description Parameter Description hour minute second Sets the restart time in the format of hour minute se...

Page 124: ...eter Description Command Mode Privileged EXEC mode global configuration mode Default Level Usage Guide Configuration Examples The following example displays the hardware calendar Ruijie show calendar...

Page 125: ...orm Description 5 13 show cpu Use this command to display the information on the system task running on the control core instead of the non virtual core show cpu Parameter Description Parameter Descri...

Page 126: ...s the memory low watermark threshold of the system process id Displays the memory usage of the task specified by process id process name Displays the memory usage of the task specified by process name...

Page 127: ...Description of some keywords in the command Keyword Description total Total system memory used Used memory free Remaining memory used rate Memory usage percentage Active Active page inactive Inactive...

Page 128: ...nd 0x2100000 Class Revision 0xc031030 Latency 0x0 first 64 bytes of configuration address space 00 31 11 61 15 00 00 10 02 30 10 03 0c 20 00 80 00 10 00 00 00 f0 00 00 00 00 00 00 00 00 00 00 00 00 20...

Page 129: ...urs in table Command Mode Privileged EXEC mode global configuration mode Default Level Usage Guide Configuration Examples The following example displays the tasks listed in ascending order of task IDs...

Page 130: ...task stopped Stopped task zombie Terminated task but not reclaimed by the system Description of each task Field Description Pid Task ID S Task status Five statuses in total R running T stopped S slee...

Page 131: ...the first segment on the x coordinate nearest to 0 is the CPU usage in the last five seconds measured in The second histogram displays the CPU usage of the control core within the last 60 minutes meas...

Page 132: ...cates the CPU usage within the last five seconds The second table lists the CPU usage within the last 60 minutes measured in The two adjacent cells show the CPU usage measured at an interval of one mi...

Page 133: ...this command to display the details of the specified task show processes cpu detailed process id process name Parameter Description Parameter Description process id Displays the information on the tas...

Page 134: ...tion Process Id Task ID Process Name Task name Process Ppid Parent process task ID State Task running status On CPU CPU where the task is running Priority Task priority Age Time Duration for the task...

Page 135: ...scription Parameter Description all Displays the reboot reason of all devices service modules Command Mode Privileged EXEC mode global configuration mode User EXEC mode Default Level Usage Guide Confi...

Page 136: ...llowing example displays the system version information Ruijie show version System description Ruijie Indoor AP320 I 802 11a n and 802 11b g n By Ruijie Networks System start time 2012 12 06 00 00 00...

Page 137: ...l 14 Usage Guide Use the absolute command to configure a time absolute time range between a start time and an end time to allow a certain function to take effect within the absolute time range The max...

Page 138: ...Mode Time range configuration mode Default Level 14 Usage Guide Use the periodic command to configure a periodic time interval to allow a certain function to take effect within the periodic time Conf...

Page 139: ...ge Platform Description 6 4 time range Use this command to create a time range and enter time range configuration mode time range time range name Use the no form of this command to remove the configur...

Page 140: ...ol in time range mode Configuration Examples The following example creates a time range Ruijie config time range no http Ruijie config time range Check Method Use the show time range time range name c...

Page 141: ...and mode Global configuration mode Usage Guide If run a command ends with the keyword all or without keyword it indicates enabling both the HTTP service and the HTTPS service if run a command ends wit...

Page 142: ...ples The following example configures the HTTP port number as 8080 Ruijie config http port 8080 Related Commands Command Description N A N A Platform Description N A 7 3 http secure port Use this comm...

Page 143: ...the configuration and status of the Web service show web server status Parameter Description Parameter Description N A N A Defaults N A Command mode Privileged EXEC mode Usage Guide N A Configuration...

Page 144: ...package into the file system and upgrades the package Ruijie copy tftp 192 168 23 24 web upd flash web upd Ruijie upgrade web flash web upd Related Commands Command Description enable service web serv...

Page 145: ...e level username name password password 0 7 encrypted password no webmaster level privilege level username name Parameter Description Parameter Description privilege level Configures the user privileg...

Page 146: ...the specified username and password Usernames and passwords come with three permission levels each of which includes at most 10 usernames and passwords Configuration Examples The following example co...

Page 147: ...rs the log packets from the memory buffer Ruijie clear logging Related Commands Command Function logging on Turns on the log switch show logging Displays the logs in the buffer logging buffered Record...

Page 148: ...ple configures a syslog server with IP address 10 1 1 100 and port number 8099 Ruijie config logging 202 101 11 1 udp port 8099 The following example configures a syslog server with IPv6 address AAAA...

Page 149: ...run normally Alerts 1 Problems that need immediate remedy Critical 2 Critical conditions Errors 3 Error message warnings 4 Alarm information Notifications 5 Information that is normal but needs atten...

Page 150: ...Defaults The default is debugging 7 Command Mode Global configuration mode Usage Guide When a log severity is set the log messages at or below that severity will be displayed on the console The show l...

Page 151: ...modules of the system show logging Displays basic configuration of log modules and log information in the buffer Platform Description N A 8 6 logging delay send file Use this command to set the name...

Page 152: ...s named log_server_6 txt Configuration Examples The following example sets the name of the log file saved locally to log_server Ruijie config logging delay send file flash log_server Related Commands...

Page 153: ...P server username password Sets the FTP server password 0 Optional The password is displayed in plaintext 7 The password are encrypted Defaults This function is disabled by default Command Mode Global...

Page 154: ...iguration Examples The following example enables delay in sending logs to console and remote terminal Ruijie config logging delay send terminal Related Commands Command Description N A N A Platform De...

Page 155: ...by syslogd 6 lpr Line printer subsystem 7 news USENET news 8 uucp Unix to Unix copy system 9 clock1 Clock daemon 10 auth2 security authorization messages 11 ftp FTP daemon 12 ntp NTP subsystem 13 loga...

Page 156: ...from 128K to 6M bytes The default is 128K level Sets the level of the log message saved in the log file which can be either the level name or the level number The default is 6 See Usage Guide for det...

Page 157: ...Parameter Description Parameter Description numbers Sets the number of log files written into FLASH in the range from 2 to 32 Defaults The default is 16 Command Mode Global configuration mode Usage Gu...

Page 158: ...command file Log messages destined to the log file are filtered server Log messages destined to the log server are filtered terminal Log messages destined to the console and the VTY terminal includin...

Page 159: ...vel level Log level Defaults No filter rule is configured by default Command Mode Global configuration mode Usage Guide If you want to filter a specific log message use the exact match filter rule and...

Page 160: ...og messages are printed the terminal screen keeps being refreshed If you are not concerned with these log messages use the filter only filter type to filter the log messages 2 If you are concerned wit...

Page 161: ...takes effect only once for each configuration The log messages cached in the buffer are written into the flash file immediately after configuration Configuration Examples The following example writes...

Page 162: ...ed Commands Command Description N A N A Platform Description N A 8 18 logging life time Use this command to configure the preservation duration of logs in expanded FLASH Use the no form of this comman...

Page 163: ...rameter Description Parameter Description level Severity of the log message The name of the severity or the numeral can be used For the details of log severity see Table 1 Defaults The default is debu...

Page 164: ...is the total log switch If this switch is turned off no log will be displayed or recorded unless the severity level is greater than 1 Configuration Examples The following example disables the log swi...

Page 165: ...ty level all Applies the ranking policy in all directions server Applies the ranking policy to the direction toward the server file Applies the ranking policy to the direction toward the log file cons...

Page 166: ...log whose severity level is less than or equal to error 3 is not controlled severity Log severity level in the range from 0 to 7 The lower the level is the higher the severity is Defaults The log rat...

Page 167: ...enables the log re direction function on a device Ruijie config logging rd on Related Commands Command Description show logging count Displays log information about modules of the system show logging...

Page 168: ...ds Command Description show logging count Displays log information about modules of the system show logging Displays basic configuration of log modules and log information in the buffer Platform Descr...

Page 169: ...e interface Use this command to configure the source interface of logs in global configuration mode Use the no form of this command to restore the default setting logging source interface interface ty...

Page 170: ...es the source IPV6 address sending the logs to IPV6 log server Defaults No source address is configured by default Command Mode Global configuration mode Usage Guide By default the source address of t...

Page 171: ...o monitor the system performance Configuration Examples The following example enables logging periodically Ruijie config logging statistic enable Related Commands Command Description N A N A Platform...

Page 172: ...logging statistic terminal Use this command to enable logs to be sent to the console and the remote terminal periodically Use the no form of this command to restore the default setting logging statist...

Page 173: ...ying in the characters Configuration Examples Ruijie config line console 0 Ruijie config line logging synchronous Print UP DOWN logs on the port when keying in the command the input command will be ou...

Page 174: ...ameters and statistics of the log Configuration Examples The following example enables logs at severity 6 to be sent to the Syslog Server with the address of 202 101 11 22 Ruijie config logging 202 10...

Page 175: ...ogging function to record user operation Use the no form of this command to restore the default setting logging userinfo command log no logging userinfo command log Parameter Description Parameter Des...

Page 176: ...umbers service sysname service timestamps service private syslog and service standard syslog commands become invalid and hidden After switching back to the RFC3164 format the logging delay send loggin...

Page 177: ...amp facility severity mnemonic description Here is an example May 31 23 31 28 SYS 5 CONFIG_I Configured from console by console The difference between the private syslog format and the default syslog...

Page 178: ...witch service timestamps Attaches timestamps to the logs Platform Description N A 8 38 service standard syslog Use this command to set the syslog format to the standard syslog format defined in RFC316...

Page 179: ...is command to attach system name to logs in global configuration mode Use the no form of this command to restore the default setting service sysname no service sysname Parameter Description Parameter...

Page 180: ...cates that with severity level 7 uptime Device start time in the format of Day Hour Minute Second for example 07 00 10 41 datetime Current time of the device in the format of Month Date Hour Minute Se...

Page 181: ...tion N A 8 41 show logging Use this command to display configured parameters and statistics of logs and log messages in the memory buffer at privileged user layer The log messages are sorted by the ti...

Page 182: ...p 19 02 46 28 Ruijie LINKN A3N AUPDOWN Interface FastEthernet 0 24 changed state to up 015492 Sep 19 02 46 28 Ruijie LINEPROTO 5 UPDOWN Line protocol on Interface FastEthernet 0 24 changed state to up...

Page 183: ...ijie CAPWAP 4 NO_IP_ADDR No ip address for capwap 135 1 2013 07 24T12 20 02 80343Z ruijie 7 Please config the IP address for capwap 132 1 2013 07 24T12 20 32 250265Z ruijie CAPWAP 4 NO_IP_ADDR No ip a...

Page 184: ...ivileged EXEC mode Usage Guide N A Configuration Examples The following example displays the outcome of running the show logging config command with RFC5424 disabled Ruijie show logging config Syslog...

Page 185: ...the show logging config command with RFC5424 enabled Ruijie show logging Syslog logging enabled Console logging level debugging 4740 messages logged Monitor logging level debugging 0 messages logged...

Page 186: ...e log in the system in privileged mode show logging count Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide To use the log packet statistic...

Page 187: ...The following command displays the result of the show logging reverse command with RFC5424 format disabled Ruijie show logging reverse Syslog logging enabled Console logging level debugging 15495 mes...

Page 188: ...of the logs recorded in the memory buffer and statistics Standard format Standard log format Timestamp debug messages Timestamp format of the Debug messages Timestamp log messages Timestamp format of...

Page 189: ...address for capwap 135 1 2013 07 24T12 19 33 130290Z ruijie 7 Please config the IP address for capwap Field Description Syslog logging Logging flag enabled or disabled Console logging Level of the lo...

Page 190: ...mode Usage Guide This command only sets the temporary attributes of the current VTY As the temporary attribute it is not stored permanently At the end of the VTY terminal session the system will use t...

Page 191: ...guration mode Usage Guide Use this command to configure the ACS user password to be authenticated for the CPE to connect to the ACS In general the encryption type does not need to be specified The enc...

Page 192: ...manually specified but a dynamic ACS URL is obtained through DHCP the CPE initiates a connection to the ACS using the dynamically obtained ACS URL The URL of the ACS should meet the following format...

Page 193: ...be authenticated for the CPE to connect to the ACS Defaults N A Command Mode CWMP configuration mode Usage Guide Configures the ACS username to be authenticated for the CPE to connect to the ACS Confi...

Page 194: ...itself from exceptions of its main program or configuration file Then when the CPE fails to connect to the ACS and breaks away from the NMS after its main program or configuration file is upgraded th...

Page 195: ...for wrong configuration delivery Use this command to recover the previous programs and configurations Configuration Examples The following example disables the CPE backup function Ruijie config termi...

Page 196: ...ery 60 seconds The narrower periodical notification interval allows the ACS to track the latest CPE status more accurately However narrower periodical notification interval brings about more sessions...

Page 197: ...e needs to be specified only when copying and pasting the encrypted password of this command A valid password should meet the following format requirements The command contains English letters in uppe...

Page 198: ...dynamically obtained CPE URL The URL of the CPE should meet the following format requirements The URL of the CPE is formatted as http ip port path The URL of the CPE consists of at most 256 characters...

Page 199: ...the CPE username to be authenticated for the ACS to connect to the CPE to admin Ruijie config terminal Enter configuration commands one per line End with CNTL Z Ruijie config cwmp Ruijie config cwmp...

Page 200: ...uration of CWMP show cwmp status Displays the running status of CWMP Platform Description N A 9 10 disable download Use this command to disable the function of downloading main program and configurati...

Page 201: ...fault setting disable upload no disable upload Parameter Description Parameter Description N A N A Defaults By default the CPE can upload its configuration and log files to the ACS Command Mode CWMP c...

Page 202: ...ruijie com cn acs ACS username admin ACS password CPE URL http 10 10 10 2 7547 CPE username ruijie CPE password CPE inform status disable CPE inform interval 60s CPE inform start time 0 0 0 0 0 0 CPE...

Page 203: ...ACS CPE upload status Indicates whether to upload configuration files and log files to the ACS CPE back up status Indicates whether backup and restoration of the main program and configuration file is...

Page 204: ...t failed session type Last fail session time The last failed session time Session retry times The number of session retransmission attempts Related Commands Command Description show cwmp configuration...

Page 205: ...Ruijie config terminal Enter configuration commands one per line End with CNTL Z Ruijie config cwmp Ruijie config cwmp timer cpe timeout 50 Ruijie config cwmp Related Commands Command Description show...

Page 206: ...rivileged EXEC mode Level 14 Usage Guide This command is used to display power information Configuration Examples N A Prompt Messages N A Platforms N A 10 2 show fan Use this command to display the op...

Page 207: ...ollowing example displays the power information of S29XS PoE Ruijie show fan Fan id Fan type Status 1 RG_FAN ok 2 RG_FAN ok Ruijie show fan speed Fan id Fan type Status Speed R m Speed level 1 RG_FAN...

Page 208: ...ature When the temperature of the board exceeds the hazard threshold the board powers off automatically In addition the active supervisor module generates a Syslog message and the Alarm LED on the pan...

Page 209: ...al configuration mode Interface configuration mode Usage Guide N A Configuration Examples The following example displays the current configuration and status of ZAM Ruijie Ruijie show zam ZAM state di...

Page 210: ...Command Reference ZAM Commands Command Mode Global configuration mode Usage Guide Configuration Examples The following example disables ZAM Ruijie config no zam Ruijie config Platform Description N A...

Page 211: ...tes after the device is restarted Configuration Examples The following example clears the configuration on device 1 Ruijie config remove configure device 1 Related Commands Command Description N A N A...

Page 212: ...on V1 0 Mac Address 00 D0 F8 00 11 22 Device 2 Location Slot M1 Device name M12000 CM Device Serial Number 32150129A8B0DAF0F0321 Hardware Version V1 0 Software Version RGOS 10 4 3b17 Release 129646 Ma...

Page 213: ...S12006 Device Serial Number 62150129A8B0DAF0F0321 Hardware Version V1 0 Mac Address 00 D0 F8 00 11 22 Device 2 Location Slot 1 M1 Device name M12000 CM Device Serial Number 32150129A8B0DAF0F0321 Hard...

Page 214: ...ice 8 Location Chassis 2 Device name RG S12006 Device Serial Number 62150129A8B0DAF0F0322 Hardware Version V1 0 Software Version RGOS 10 4 3b17 Release 129646 Mac Address 00 D0 F8 00 11 33 Device 9 Lo...

Page 215: ...ice 13 Location Power 2 2 Device name RG PD1200I Device Serial Number 42150129A8B0DAF0F0324 Hardware Version V1 0 Device 14 Location FAN 2 Device name M12000 FAN Device Serial Number 52150129A8B0DAF0F...

Page 216: ...d to display the details of the module show version module detail slot num show version module detail device id slot num Parameter Description Parameter Description slot num Optional Slot number devic...

Page 217: ...Optional Slot number device id Optional Device ID Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples Ruijie show version slots Dev Slot Configured Module Online Mod...

Page 218: ...uption caused by MAC address change The valid MAC address saved in the configuration file validates in preference after the device is restarted 2 The MAC address of the gateway may be bound on some do...

Page 219: ...r Description Parameter Description value Automatic synchronization time interval measured in seconds in the range from one second to one month 2 678 400 seconds Defaults The default is one hour 3600...

Page 220: ...de N A Configuration Examples The following example enters redundancy configuration mode Ruijie config terminal Ruijie config redundancy Ruijie config red exit Related Commands Command Description N A...

Page 221: ...l VSDs Configuration Examples The following example performs active standby supervisor module switchover Ruijie redundancy forceswitch This operation will reload the master unit and force switchover t...

Page 222: ...continue N y y Preparing to reload peer The following example resets device 2 which works as a VSU device Ruijie redundancy reload shelf 2 This operation will reload the device 2 Are you sure to conti...

Page 223: ...ncy state realtime The following example displays the redundancy state of the candidate supervisor module Ruijie enable Ruijie show redundancy states Redundancy role candidate Redundancy state none Fi...

Page 224: ...ption N A N A Defaults This function is disabled by default Command Mode Global configuration mode Usage Guide N A Configuration Examples The following example enables LLDP two event classification Ru...

Page 225: ...ription N A N A Platform Description N A 14 3 poe legacy Use this command to enable non standard PD compatibility Use the no or default form of this command to restore the default setting poe legacy n...

Page 226: ...t The maximum power in the range from 0 to 30W Note that this parameter is in the range from 0 to 15 4W on the system supporting 802 3af only HPoE port ID is in the range from 0 to 90 Defaults The max...

Page 227: ...e default mode is auto Command Mode Global configuration mode Usage Guide N A Configuration Examples The following example sets the PoE management mode to energy saving mode Ruijie configure Ruijie co...

Page 228: ...tion Use this command to set the PD descriptor for the port Use the no or default form of this command to restore the default setting poe pd description pd name no poe pd description default poe pd de...

Page 229: ...r off time range Parameter Description Parameter Description name Time range name Defaults N A Command Mode Interface configuration mode Usage Guide N A Configuration Examples The following example se...

Page 230: ...guration Examples The following example sets the PoE priority for port GigabitEthernet 0 1 to critical Ruijie config interface GigabitEthernet 0 1 Ruijie config if GigabitEthernet 0 1 poe priority cri...

Page 231: ...N A N A Platform Description N A 14 11 poe warning power Use this command to set the power alarm threshold for the system Use the no or default form of this command to restore the default setting poe...

Page 232: ...leged EXEC mode Usage Guide N A Configuration Examples The following example displays the PoE configuration and status in interface GigabitEthernet 0 1 Ruijie show poe interface GigabitEthernet 0 1 In...

Page 233: ...ower Curr Avg Peak Curr Trouble PD Port Control Status Power Power Power Current Cause Class Voltage Gi0 1 enable on 14 8W 14 8W 14 8W 278mA 0 4 53 5V Gi0 2 enable on 28 4W 28 4W 28 4W 531mA 0 4 53 5V...

Page 234: ...i0 2 enable on N A N A critical off N A Gi0 3 enable on N A N A critical off N A Gi0 4 enable off N A N A critical off N A Gi0 5 enable on N A N A critical off N A Gi0 6 enable on N A N A high off N A...

Page 235: ...atus Ruijie show poe powersupply Device member 1 Power management auto PSE total power 1000W PSE total power consumption 300W PSE total remain power 700W PSE total powered port 0 PSE disconnect mode d...

Page 236: ...Command Reference PoE Management Commands Related Commands Command Description N A N A Platform Description N A...

Page 237: ...all installation packages on the local device Configuration Examples Ruijie clear storage Remove the whole storage directory y n y Ruijie clear storage usb0 Remove the file or directory usb0 from the...

Page 238: ...e will change their defaults files Though this is more possibly normal than malicious the show component command is used only to judge whether component files change in use It is unable to distinguish...

Page 239: ...ed relationship verify OK The other information except the basic information of components is listed as follows Field Description Package file validate Checks whether the component filesare intact OK...

Page 240: ...e This command is used to display the auto sync upgrade configuration in the system including the policy range and upgrade package s path Prompt Messages The auto sync information of the system is dis...

Page 241: ...ge Package files Package files lib64 lib64 libbridge so sbin sbin bridge This command is used to obtain the information in the package Field Description Name Name of the package Version Version of the...

Page 242: ...uration Examples The following example displays the upgrade history Ruijie show upgrade history Last Upgrade Information Time 2014 08 31 12 15 03 Method LOCAL Package Name N18000_RGOS11 0 1 B1_CM_0120...

Page 243: ...check whether the upgrade of a subsystem component is successful Run the show component command to check whether the upgrade of a feature component is successful upgrading a feature component Prompt M...

Page 244: ...n Run the show upgrade auto sync command to display current auto sync policy If url provides normal path run the stat command to check whether it can be accessed Prompt Messages 15 8 Upgrade auto sync...

Page 245: ...this command to set the range of auto sync upgrade upgrade auto sync range chassis vsu Parameter Description Parameter Description chassis Auto sync version upgrade in the range of chassis vsu Auto sy...

Page 246: ...mand is used to perform automatic installation copy and upgrade of files Configuration Examples The following example upgrades the main package Ruijie upgrade download tftp 192 168 201 98 eg1000m_main...

Page 247: ...installation package is not available on the device and needs to be regained for upgrade command Device don t support There is no need to upgrade the device The version in device is newer or the same...

Page 248: ...Command Reference PKG_MGMT Commands...

Page 249: ...mmands 2 MAC Address Commands 3 Aggregate Port Commands 4 VLAN Commands 5 MAC VLAN Commands 6 Protocol VLAN Commands 7 Private VLAN Commands 8 Voice VLAN Commands 9 MSTP Commands 10 GVRP Commands 11 L...

Page 250: ...and does not affect the actual bandwidth on the interface Instead it is used to display the system the bandwidth specification By default the bandwidth is determined by the actual link rate on the int...

Page 251: ...time the parameter should be set longer to accelerate route aggregation so that the routing table can be converged more quickly On the contrary if the DCD carrier interruption period is shorter than t...

Page 252: ...clear the counters If the interface is not specified the counters on all interfaces will be cleared Configuration Examples The following example clears the counters on interface gigabitethernet 1 1 Ru...

Page 253: ...description Use this command to configure the alias of interface Use the no form of this command to restore the default setting description string no description Parameter Description Parameter Descri...

Page 254: ...de Usage Guide The duplex mode is associated with the interface type Use show interfaces to display the duplex mode of the interface Configuration Examples The following example specifies the duplex m...

Page 255: ...terval time Parameter Description Parameter Description interval time Time for the command to take effect The range is from 30 to 86 400 seconds Defaults By default it is disabled Command Mode Global...

Page 256: ...ode Usage Guide If the optical module antifake detection is enabled by default when a non original optical module is inserted alarm logs are printed Configuration Examples The following example enable...

Page 257: ...Description N A 1 11 interface Use this command to enter the interface configuration mode interface interface type interface number Parameter Description Parameter Description interface type The inte...

Page 258: ...Ethernet physical interface or a loopback interface macro macro_name The macro name which represents the interface range Defaults The interface range command is disabled by default Command Mode Globa...

Page 259: ...command is used to detect the line status and locate the problem in case of a line failure for example the line is torn down Configuration Examples The following example detects the cable connection s...

Page 260: ...ands Command Description N A N A Platform Description N A 1 14 load interval Use this command to set the interval for calculating load on the interface Use the no form of this command to restore the d...

Page 261: ...interface logging link updown error frame link dither Parameter Description Parameter Description link updown Prints the status change information error frame Prints the error frame information link...

Page 262: ...d are configured for the interface of the selected medium type If the interface type is changed the attributes of the new interface type are the default attributes You can reconfigure these attributes...

Page 263: ...MTU supported on interface gigabitethernet 1 1 to 9000 Ruijie config interface GigabitEthernet 1 1 Ruijie config if GigabitEthernet mtu 9000 Related Commands Command Description show interfaces Displa...

Page 264: ...protect Parameter Description Parameter Description N A N A Defaults This function is enabled by default Command Mode Global configuration mode Usage Guide After you configure the physical port dither...

Page 265: ...L3 Use this command to deny the L3 communication between protected ports Use the show running config command to display configuration Configuration Examples The following example configures L3 routin...

Page 266: ...ble Cause Trouble cause The following example displays EEE status of all interfaces Ruijie show eee interface status Interface EEE Admin Oper Remote Trouble Support Status Status Status Cause Gi0 1 Ye...

Page 267: ...ype interface number description switchport trunk Parameter Description Parameter Description interface id interface number Interface including Ethernet interface aggregate port SVI or loopback interf...

Page 268: ...broadcast Storm Control is OFF multicast Storm Control is OFF unicast Storm Control is OFF Port type trunk Native vlan 1 Allowed vlan lists 1 4094 Active vlan lists 1 3 4 5 minutes input rate 0 bits...

Page 269: ...0 packets sec 0 packets input 0 bytes 0 no buffer 0 dropped Received 0 broadcasts 0 runts 0 giants 0 input errors 0 CRC 0 frame 0 overrun 0 abort 0 packets output 0 bytes 0 underruns 0 dropped 0 outp...

Page 270: ...ped 0 output errors 0 collisions 0 interface resets The following example displays the layer 2 information of the Gi0 1 Ruijie show interfacesgigabitEthernet 0 1 switchport Interface Switchport ModeAc...

Page 271: ...s the port up statistics down Optional Displays the port down statistics Defaults N A Command Mode Any CLI mode Usage Guide If you do not specify an interface the packet statistics on all interfaces a...

Page 272: ...usage and Txload refers to the Tx bandwidth usage InPkts is the total number of receive unicast multicast and broadcast packets OutPkts is the total number of transmit unicast multicast and broadcast...

Page 273: ...which are smaller than 1518 bytes CRC Align Err is the number of receive packets with CRC error Align_Err is the number of receive packets with frame alignment error FCS Err is the number of receive p...

Page 274: ...ansmitted on the interface OutBroadcastPkts is the number of broadcast packets transmitted on the interface Related Commands Command Description N A N A Platform Description N A 1 24 show interfaces l...

Page 275: ...e status information show interfaces interface type interface number status Parameter Description Parameter Description interface type interface number The interface type and ID status Displays interf...

Page 276: ...Guide If you do not specify an interface violation status of all interfaces is displayed Configuration Examples The following example displays the violation status of interface GigabitEthernet 0 1 Rui...

Page 277: ...s GigabitEthernet 5 4 transceiver Transceiver Type 1000BASE SX SFP Connector Type LC Wavelength nm 850 Transfer Distance 50 125 um OM2 fiber 550m 62 5 125 um OM1 fiber 270m Digital Diagnostic Monitori...

Page 278: ...d Mode Any CLI mode Usage Guide If you do not specify an interface the bandwidth usage of all interfaces is displayed Bandwidth refers to the actual link bandwidth rather than the bandwidth parameter...

Page 279: ...the interface exists but does not take effect You can view the interface status by using the show interfaces command If you use the script to run no shutdown frequently and rapidly the system may pro...

Page 280: ...ce from sending LinkTrap on the interface Ruijie config interface gigabitEthernet 1 1 Ruijie config if no snmp trap link status The following example enables the interface to forward Link trap Ruijie...

Page 281: ...auto Parameter Description Parameter Description 10 The transmission rate of the interface is 10Mbps 100 The transmission rate of the interface is 100Mbps 1000 The transmission rate of the interface i...

Page 282: ...ion mode Usage Guide This command is valid only for physical interfaces The switchport command is used to disable the interface and re enable it In this status the device will send the information to...

Page 283: ...Configuration Examples The following example configures interface gigabitethernet 1 1 as a statistic access port and adds it to VLAN 2 Ruijie config interface gigabitethernet 1 1 Ruijie config if swit...

Page 284: ...Use switchport trunk to define the allowed VLANs list Configuration Examples The following example specifies a L2 interface switch port mode Ruijie config if switchport mode trunk Related Commands Co...

Page 285: ...allowed vlan all add remove except vlan list native vlan vlan id no switchport trunk allowed vlan native vlan Parameter Description Parameter Description allowed vlan vlan list Configures the list of...

Page 286: ...r you can prevent the traffic from passing over the trunk by configuring allowed VLAN lists on a trunk Use show interfaces switchport to display configuration Configuration Examples The following exam...

Page 287: ...l the dynamic MAC addresses of the specified VLAN in the range from 1 to 4094 Defaults N A Command Mode Privileged EXEC mode Usage Guide Use the show mac address table dynamic command to display all t...

Page 288: ...earning globally Use the no or default form of this command to restore the default setting mac address learning enable Use this command to disable MAC address learning globally mac address learning di...

Page 289: ...s 300 Command Mode Global configuration mode Usage Guide Use show mac address table aging time to display configuration Configuration Examples The following example sets the aging time of the dynamic...

Page 290: ...he filtering MAC address Platform Description N A 2 6 mac address table notification Use this command to enable the MAC address notification function Use The no or default form of the command to resto...

Page 291: ...ace Platform Description N A 2 7 mac address table static Use this command to configure a static MAC address Use the no or default form of the command to restore the default setting mac address table...

Page 292: ...MAC addresses learned dynamically on the VLAN or interface If the number of MAC addresses dynamically learned on the VLAN or interface reaches the upper limit MAC address learning is disabled on the V...

Page 293: ...show mac address learning Parameter Description Parameter Description N A N A Defaults N A Command Mode All modes Usage Guide N A Configuration Examples The following example displays the MAC address...

Page 294: ...e address 00d0 f800 1001 Vlan MAC Address Type Interface 1 00d0 f800 1001 STATIC GigabitEthernet 1 1 Ruijie show mac address table Vlan MAC Address Type Interface 1 00d0 f800 1001 STATIC GigabitEthern...

Page 295: ...to display the number of address entries in the address table show mac address table count interface interface id vlan vlan id Parameter Description Parameter Description interface interface id Inter...

Page 296: ...dresses 10 Related Commands Command Description show mac address table static Displays the static address show mac address table filtering Displays the filtering address show mac address table dynamic...

Page 297: ...gigabitethernet 1 1 1 0007 95cf f41f DYNAMIC gigabitethernet 1 1 1 0009 b715 d400 DYNAMIC gigabitethernet 1 1 1 0050 bade 63c4 DYNAMIC gigabitethernet 1 1 Related Commands Command Description clear m...

Page 298: ...ameter Description interface id Displays the MAC address information of the specified Interface physical interface or aggregate port vlan id VLAN ID of the entry in the range from 1 to 4094 Defaults N...

Page 299: ...on all VLANs which are configured with the maximum number of dynamic MAC address learning vlan id Displays the dynamic MAC address learned on the specified VLAN interface Displays the dynamic MAC addr...

Page 300: ...pecified interface Ruijie show mac address table max dynamic mac count interface GigabitEthernet 0 1 Interface Limit MAC count Learning GigabitEthernet 0 1 160 6 YES Field Description Interface The In...

Page 301: ...ize 0 Related Commands Command Description mac address table notification Enables MAC address notification snmp trap mac notification Enables the MAC address trap notification function on the specifie...

Page 302: ...n id Parameter Description Parameter Description vlan id VLAN ID of the entry within the range from 1 to 4094 Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The...

Page 303: ...n added removed Parameter Description Parameter Description added Notifies when a MAC address is added removed Notifies when a MAC address is removed Defaults Command Mode Interface configuration mode...

Page 304: ...n IP address pairs are forwarded through different ports The packets with the same source and destination IP address pairs are forwarded through the same links At layer 3 this load balancing style is...

Page 305: ...show aggregateport load balance Displays aggregate port configuration Platform Description N A 3 2 aggregateport member linktrap Use this command to send LinkTrap to aggregate port members Use the no...

Page 306: ...s shutdown Shutdown AP to enable action Defaults The default is 1 And no action is set Command Mode Interface configuration mode Usage Guide Optional For static AP its peer end also has to apply the f...

Page 307: ...e interface configuration mode Otherwise this command is used to create the aggregate port and then enter its interface configuration mode Configuration Examples The following example creates AP 5 and...

Page 308: ...fault setting lacp short timeout no lacp short timeout Parameter Description Parameter Description N A N A Defaults The default is long timeout mode Command Mode Interface configuration mode Usage Gui...

Page 309: ...de Usage Guide Configuration Examples The following example sets the LACP system priority to 4096 Ruijie config lacp system priority 4096 Related Commands Command Description port group key mode activ...

Page 310: ...d to be trunk ports The ports belonging to different native VLANs cannot form an aggregate port Configuration Examples The following example specifies the Ethernet interface 1 3 as a member of the sta...

Page 311: ...ad balance algorithm of AP Platform Description N A 3 10 show lacp summary Use this command to display the LACP aggregation information show lacp summary key Parameter Description Parameter Descriptio...

Page 312: ...the LACP is stable and in the state of periodically sending the LACPPDU A indicates that the port is in the active mode State Show the port aggregation information bndl indicates that the port is agg...

Page 313: ...ngs in the interface configuration mode that is the switchport access vlan vlan id command For the two commands of adding the interface to the VLAN the command configured later will overwrite the one...

Page 314: ...witchport Interface Switchport Mode Access Native Protected VLAN lists AggregatePort 10 enabled ACCESS 20 1 Disabled ALL Related Commands Command Description show interface interface id switchport Dis...

Page 315: ...d Parameter Description Parameter Description vlan id VLAN ID Defaults N A Command mode All modes Usage Guide N A Configuration Examples The following command displays the status of VLAN 1 Ruijie conf...

Page 316: ...n vlan id The VLAN ID at which the port to be added Defaults By default the switch port is an access port and the VLAN is VLAN 1 Command mode Interface configuration mode Usage Guide Enter one VLAN ID...

Page 317: ...ng out on the port are not tagged with VLAN ID remove Removes the port from the VLAN vlist Specifies the VLAN Defaults By default the hybrid port is in all VLANs All VLAN packets except native VLAN pa...

Page 318: ...etes all the other VLANs The VLAN packets going out on the port are tagged with VLAN ID Ruijie config interface gigabitEthernet 0 1 Ruijie config if GigabitEthernet 0 1 switchport mode hybrid Ruijie c...

Page 319: ...re the default setting switchport mode access trunk hybrid uplink no switchport mode default switchport mode Parameter Description Parameter Description access Configures the switch port as an access...

Page 320: ...0 1 Ruijie config if GigabitEthernet 0 1 switchport mode uplink The following example configures port 1 as a hybrid port Ruijie config int g 0 1 Ruijie config if GigabitEthernet 0 1 switchport mode h...

Page 321: ...config interface gigabitEthernet 0 10 Ruijie config if GigabitEthernet 0 10 switchport mode trunk Ruijie config if GigabitEthernet 0 10 switchport trunk allowed vlan remove 2 The following example rem...

Page 322: ...out on the trunk port Configuration Examples The following example configures VLAN 10 as the native VLAN for trunk port GigabitEthernet 0 10 Ruijie config interface gigabitEthernet 0 10 Ruijie config...

Page 323: ...N 1 cannot be removed vlan range VLAN ID range Defaults The default is static VLAN Command mode Global configuration mode Usage Guide N A Configuration Examples The following example creates VLAN 10 R...

Page 324: ...unless the MAC VLAN function is enabled on this port The MAC VLAN function can be enabled on the hybrid port only Configuration Examples The following example enables MAC VLAN Ruijie config if interfa...

Page 325: ...riority Use the no form of this command to remove the static MAC VLAN entry Configuration Examples The following example configures a static MAC VLAN entry Ruijie config mac vlan mac address 0001 0001...

Page 326: ...VLAN entries Ruijie show mac vlan all The following MAC VLAN addresses exist S Static D Dynamic MAC ADDR MASK VLAN ID PRIO STATE 0011 1100 0000 ffff ff00 0000 100 1 S 0022 2222 0000 ffff ffff 0000 200...

Page 327: ...r the MAC VLAN function is enabled on the interface Configuration Examples The following example displays the interfaces which are enabled with MAC VLAN Ruijie show mac vlan interface MAC VLAN is enab...

Page 328: ...e following example enables the subnet VLAN Ruijie config interface GigabitEthernet 0 1 Ruijie config if GigabitEthernet 0 1 switchport Ruijie config if GigabitEthernet 0 1 switchport mode hybrid Ruij...

Page 329: ...ds Command Description show protocol vlan ipv4 N A no protocol vlan ipv4 addr mask addr N A no protocol vlan ipv4 N A Platform Description N A 6 3 protocol vlan profile in interface configuration mode...

Page 330: ...he VLAN protocol vlan profile num frame type type ether type type protocol vlan profile num frame type LLC DSAP value SSAP value Use this command to delete the specified profile no protocol vlan profi...

Page 331: ...splay a protocol VLAN show protocol vlan profile id ipv4 Parameter Description Parameter Description id Profile index Defaults N A Command mode Privileged EXEC mode Usage Guide N A Configuration Examp...

Page 332: ...Command Reference Protocol VLAN Commands Commands N A N A Platform Description...

Page 333: ...aring during private VLAN configuration This command can be used to troubleshoot VLAN and interface configuration failure With private VLAN debugging enabled all super VLAN configuration and packet pr...

Page 334: ...ry Ruijie config vlan vlan 91 Ruijie config vlan private vlan isolated Ruijie config vlan vlan 92 Ruijie config vlan private vlan community The following example disables the private VLAN feature usin...

Page 335: ...Removes the associated secondary VLAN Defaults This function is disabled by default Command mode VLAN configuration Mode Usage Guide N A Configuration Examples The following example associates the se...

Page 336: ...iguration Examples The following example associates the secondary VLAN with the primary VLAN on layer 3 Ruijie config interface vlan 22 Ruijie config if private vlan mapping add 24 26 Related Commands...

Page 337: ...nds Command Description N A N A Platform Description N A 7 6 switchport mode private vlan Use this command to declare the private VLAN mode of the interface Use the no or default form of this command...

Page 338: ...imary VLAN which is associated with the private VLAN mode of the interface with the secondary VLAN Use the no or default form of this command to restore the default setting switchport private vlan hos...

Page 339: ...restore the default setting switchport private vlan mapping p_vid svlist add svist remove svlist no switchport private vlan mapping default switchport private vlan mapping Parameter Description Parame...

Page 340: ...Command Reference Private VLAN Commands Ruijie config if switchport private vlan mapping 22 add 23 25 Related Commands Command Description show vlan private vlan N A Platform Description N A...

Page 341: ...BLE Voice VLAN is enabled Voice VLAN ID 2 Voice VLAN ID Voice VLAN security mode Security Security Mode Voice VLAN aging time 5 minutes Aging Time Voice VLAN cos 6 Voice VLAN CoS Voice VLAN dscp 46 Vo...

Page 342: ...phone 0003 6b00 0000 ffff ff00 0000 Cisco phone 0004 0d00 0000 ffff ff00 0000 Avaya phone 0060 b900 0000 ffff ff00 0000 Philips NEC phone 00d0 1e00 0000 ffff ff00 0000 Pingtel phone 00e0 7500 0000 fff...

Page 343: ...be created before configuring the Voice VLAN 2 The default VLAN is VLAN1 and cannot be set as the Voice VLAN 3 A VLAN is not allowed to be set as the Voice VLAN and the Super VLAN at the same time 4...

Page 344: ...ets from the port within the aging time this Voice VLAN will be removed from this port The aging time is valid for the auto mode only Configuration Examples The following example sets the Voice VLAN a...

Page 345: ...ription N A 8 6 voice vlan dscp Use this command to set the Voice VLAN DSCP value in the global configuration mode Use the no form of this command to restore the default setting voice vlan dscp dscp v...

Page 346: ...ation mode Usage Guide Use this command to enable the Voice VLAN on the physical port only The Voice VLAN can be enabled on the Access Port Trunk Port Hybrid Port Private VLAN host port Private VLAN p...

Page 347: ...different manufacturers The first three bytes of the MAC address for the voice device are used to identify the manufacture Voice VLAN determines whether the packets are voice packets or not through th...

Page 348: ...works in the auto mode note that the native VLAN of the port cannot be set as the Voice VLAN for the normal function performance 3 The Trunk Port Hybrid Port on the Ruijie product can transmit the pac...

Page 349: ...ds of enabling the Voice VLAN function on the port are different The working mode can be set according to the IP phone type connected downward the port or the port type You are not recommended to tran...

Page 350: ...Command Reference Voice VLAN Commands Description...

Page 351: ...ng switches and causing MSTP abnormal When the switch connected to a port on a point to point link is determined you can enable BPDU source MAC address check to receive BPDU packets sent only by the p...

Page 352: ...tandard don t forward BPDU frames In real network deployment devices may be required to support BPDU transparent transmission For example when a device is not enabled with STP BPDU transparent transmi...

Page 353: ...nds Command Description show spanning tree counters Displays the statistics of STP transceived packets Platform Description N A 9 4 clear spanning tree detected protocols Use this command to force the...

Page 354: ...EXEC mode Usage Guide N A Configuration Examples The following example clears STP topology change record Ruijie show spanning tree mst 0 topochange record Topology change information on mst 0 Time Int...

Page 355: ...10 By default all VLANs are in instance 0 Use the no form of this command to remove VLAN from instance 1 64 If you create 64 instances by stacking on a Ruijie device with a small memory e g 64M the m...

Page 356: ...PDU TUNNEL globally enable BPDU TUNNEL on the interface first Configuration Examples The following example enables BPDU TUNNEL globally Ruijie config l2protocol tunnel stp Ruijie config show l2protoco...

Page 357: ...stp Enable L2protocol tunnel destination mac address 01d0 f800 0005 GigabitEthernet 0 1 l2protocol tunnel stp enable Related Commands Command Description N A N A Platform Description N A 9 9 l2protoco...

Page 358: ...T name Use the no form of the command to restore the default setting name name no name Parameter Description Parameter Description name MST name up to 32 characters Defaults The default is NULL Comman...

Page 359: ...0 to 65535 Defaults The default is 0 Command Mode MST configuration mode Usage Guide revision version Sets the MST version in the range from 0 to 65535 show spanning tree mst configuration Displays MS...

Page 360: ...Examples The following example displays BPDU TUNNEL configuration Ruijie show l2protocol tunnel stp L2protocol tunnel stp Enable L2protocol tunnel destination mac address 011a a900 0005 GigabitEtherne...

Page 361: ...on mode and interface configuration mode Usage Guide N A Configuration Examples The following example displays the global spanning tree configuration Ruijie show spanning tree hello time The following...

Page 362: ...ode Privileged EXEC mode global configuration mode and interface configuration mode Usage Guide N A Configuration Examples The following example displays the STP configuration on interface Gi 0 1 Ruij...

Page 363: ...spanning tree mst Use this command to display the information of MST and instances show spanning tree mst configuration instance id interface interface id Parameter Description Parameter Description c...

Page 364: ...stance spanning tree mst port priority Displays the port priority of the instance Platform Description N A 9 16 show spanning tree mst topochange record Use this command to display the STP topology ch...

Page 365: ...root inconsistence Inferior Unblock The interface returns to Forward status after not receiving inferior BPDU frames Related Commands Command Description N A N A Platform Description N A 9 17 spanning...

Page 366: ...s do not work Configuration Examples The following example enables the spanning tree function Ruijie config spanning tree The following example configures the BridgeForwardDelay Ruijie config spanning...

Page 367: ...ys the STP configuration information of the interface Platform Description N A 9 19 spanning tree bpdufilter Use this command to enable BPDU filter on the interface You can use the enabled or disabled...

Page 368: ...led state after receiving a BPDU 2 Run command errdisable recovery interval seconds to recover the interface in Error disabled state Configuration Examples The following example enables the BPDU guard...

Page 369: ...g interface gigabitethernet 0 1 Ruijie config if interface id interface id spanning tree compatible enable Related Commands Command Description N A N A Platform Description N A 9 22 spanning tree guar...

Page 370: ...spanning tree guard none Use this command to disable guard on the interface Use the no form of this command to enable this function spanning tree guard none no spanning tree guard none Parameter Desc...

Page 371: ...l not change due to incorrect configuration or illegal packet attacks 4 The loop guard function and root guard function cannot be enabled at the same time Configuration Examples The following example...

Page 372: ...ree link type point to point shared no spanning tree link type Parameter Description Parameter Description point to point Sets the link type of the interface to point to point shared Forcibly sets the...

Page 373: ...iption N A N A Defaults This function is disabled by default Command Mode Global configuration mode Usage Guide Enabling loop guard on a root port or backup port will prevent possible loops caused by...

Page 374: ...reased by 1 until it reaches 0 which indicates the BPDU message times out The device will drop the BPDU message whose Hop Count is 0 Changing the max hops command affects all instances Configuration E...

Page 375: ...ription N A 9 30 spanning tree mst configuration Use this command to enter the MST configuration mode in the global configuration mode and configure the MSTP region Use the no form of the command to r...

Page 376: ...name of MST revision Configures the version of MST Platform Description N A 9 31 anning tree mst cost Use this command to set the path cost of an instance in the interface configuration mode Use the n...

Page 377: ...will determine which interface of a loop in a region is in charge of forwarding Use the no form of this command to restore the default setting spanning tree mst instance id port priority priority no s...

Page 378: ...mst instance id priority priority no spanning tree mst instance id priority Parameter Description Parameter Description instance id Instance ID in the range of 0 to 64 priority Device priority Sixteen...

Page 379: ...cost value short Adopts the 802 1d standard to configure path cost Defaults 802 1T standard is adopted to set path cost by default Command Mode Global configuration mode Usage Guide If the port path c...

Page 380: ...ernet 1 1 Ruijie config if interface id spanning tree portfast Related Commands Command Description show spanning tree interface Displays the STP configuration of the interface Platform Description N...

Page 381: ...g tree portfast bpduguard default Parameter Description Parameter Description N A N A Defaults This function is disabled by default Command Mode Global configuration mode Usage Guide Once the BPDU gua...

Page 382: ...onfiguration mode Usage Guide N A Configuration Examples The following example enables the portfast feature on all interfaces globally Ruijie config spanning tree portfast default Related Commands Com...

Page 383: ...is command to disable this function on the interface spanning tree tc guard no spanning tree tc guard Parameter Description Parameter Description N A N A Defaults This function is disabled by default...

Page 384: ...tree tc protection Related Commands Command Description N A N A Platform Description N A 9 42 spanning tree tc protection tc guard Use this command to enable tc guard to prevent TC packets from being...

Page 385: ...ommand to restore the default setting spanning tree tx hold count tx hold count no spanning tree tx hold count Parameter Description Parameter Description tx hold count Indicates the maximum number of...

Page 386: ...d for future standardization In other words the device following the IEEE 802 1Q standard does not forward GVRP PDUs frames However in actual network deployment GVRP PDUs transparent transmission may...

Page 387: ...P advertisement mode on the interface Use the no form of this command to restore default setting gvrp applicant state normal non applicant no gvrp applicant state Parameter Description Parameter Descr...

Page 388: ...aults This function is disabled by default Command mode Global configuration mode Usage Guide Use the show gvrp configuration to display the configuration Configuration Examples The following example...

Page 389: ...ontrol whether to enable dynamic VLAN creation registration canceling on the port Use the no form of this command to restore the default setting gvrp registration mode normal disabled no gvrp registra...

Page 390: ...s and the timer becomes invalid If no Join Message is received on the port the port status will be the Empty and removed from the VLAN member list leave all timer_value Controls the minimum interval o...

Page 391: ...meter Description Parameter Description N A N A Defaults This function is disabled by default Command mode Global configuration mode Usage Guide If you want to enable global GVRP PDUs TUNNEL enable GV...

Page 392: ...ollowing example enables GVRP PDUs TUNNEL on the interface Ruijie config if interface id l2protocol tunnel gvrp enable Ruijie config if interface id show l2protocol tunnel gvrp L2protocol tunnel Gvrp...

Page 393: ...config l2protocol tunnel gvrp tunnel dmac 011a a900 0006 Related Commands Command Description N A N A Platform Description N A 10 11 show gvrp configuration Use this command to display the GVRP confi...

Page 394: ...on Mode Registration mode Related Commands Command Description N A N A Platform Description N A 10 12 show gvrp statistics Use this command to display the GVRP statistics of one interface or all inter...

Page 395: ...cEmpty SentEmpty Number of received sent Empty messages RecLeaveEmpty SentLeaveEmpty Number of received sent LeaveEmpty messages RecLeaveIn SentLeaveIn Number of received sent LeaveIn messages RecLeav...

Page 396: ...following example displays the GVRP status Ruijie show gvrp status VLAN 1 Dynamic Ports DVLAN 2 Dynamic Ports Field Description VLAN Static VLAN DVLAN Dynamic VLAN Dynamic Ports Dynamic ports Related...

Page 397: ...N A Configuration Examples The following example displays GVRP PDUs TUNNEL configuration Ruijie show l2protocol tunnel gvrp L2protocol tunnel Gvrp Enable L2protocol tunnel destination mac address 011...

Page 398: ...he tag frame includes user_priority and vlan id is 0 none Optional The network policy is not advertised VoIP determines the network policy based on its configuration untagged Optional The untag frame...

Page 399: ...ice signaling vlan 3 dscp 6 Related Commands Command Description show lldp network policy profile profile num Displays the LLDP network policy Platform Description N A 11 2 civic location Use this com...

Page 400: ...0 post office box CA type 31 additional code CA type 32 ca word Address information Defaults N A Command Mode LLDP Civic address configuration mode Usage Guide This command is used to configure a comm...

Page 401: ...interface GigabitEthernet 0 1 Ruijie show lldp statistics interface GigabitEthernet 0 1 Lldp statistics information of port GigabitEthernet 0 1 The number of lldp frames transmitted 0 The number of fr...

Page 402: ...he number of error frames 0 The number of lldp frames received 0 The number of TLVs discarded 0 The number of TLVs unrecognized 0 The number of neighbor information aged out 0 Ruijie clear lldp table...

Page 403: ...identifier id interface interface name static Displays LLDP Civic Address information Platform Description N A 11 6 lldp compliance vendor Use this command to enable detection of compatible neighbors...

Page 404: ...lowing example disables LLDP globally and on the interface Ruijie config Ruijie config no lldp enable Ruijie config interface gigabitethernet 0 1 Ruijie config if no lldp enable Related Commands Comma...

Page 405: ...te detection port aggregation configuration detection MTU configuration detection and loop detection If any error is detected by LLDP warning message will be printed to notify the administrator Use th...

Page 406: ...o form of this command to restore the default setting lldp fast count value no lldp fast count Parameter Description Parameter Description value The number of fast sent LLDP packets in the range from...

Page 407: ...latform Description N A 11 12 lldp location civic location identifier Use this command to create a common address of a device connected to the network in LLDP Civic Address configuration mode Use the...

Page 408: ...number in the range from 1 to 1024 tel number Emergency number in the range from 10 to 25 bytes Defaults N A Command Mode Global configuration mode Usage Guide This command is used to configure an eme...

Page 409: ...ied on the port will be tried If the IPv6 address is still not found the MAC address of the device will be advertised as the management address Configuration Examples The following example configures...

Page 410: ...ldp network policy profile Use this command to create an LLDP network policy and enter the LLDP network policy configuration mode Use the no form of this command to delete the policy lldp network poli...

Page 411: ...face configuration mode Usage Guide By configuring LLDP Trap the LLDP information of local device such as information about the detection of new neighbor or the fault on the communication link can be...

Page 412: ...l be sent to the network management server Configuration Examples The following example sets the interval of sending LLDP Traps to 10 seconds Ruijie config Ruijie config lldp timer notification interv...

Page 413: ...ult setting lldp timer tx delay seconds no lldp timer tx delay Parameter Description Parameter Description seconds LLDP packet transmission delay in the range from 1 to 8192 in the unit of seconds Def...

Page 414: ...le sets the interval of sending the LLDP packets to 10 seconds Ruijie config Ruijie config lldp timer tx interval 10 Related Commands Command Description show lldp status Displays LLDP status informat...

Page 415: ...tionally specific TLV link aggregation Link Aggregation TLV mac physic MAC PHY Configuration Status TLV max frame size Maximum Frame Size TLV power Power Via MDI TLV med tlv LLDP MED TLV capability LL...

Page 416: ...gure terminal Ruijie config interface gigabitethernet 0 1 Ruijie config if GigabitEthernet 0 1 lldp tlv enable dot1 tlv all The following example applies LLDP network policy 1 on the 0 1 interface Rui...

Page 417: ...displays the device information to be sent to neighbor device Ruijie show lldp local information Global LLDP local information Chassis ID type MAC address Chassis id 00d0 f822 33aa System name System...

Page 418: ...f duplex mode Operational MAU type PoE support NO Link aggregation supported YES Link aggregation enabled NO Aggregation port ID 0 Maximum frame Size 1500 LLDP MED organizationally information Power v...

Page 419: ...gement address Management address Interface numbering subtype Type of the interface identified by the management address Interface number ID of the interface identified by the management address Objec...

Page 420: ...Encapsulates a common address of a network device elin Encapsulates an emergency number identifier Displays one address or emergency number configured id Policy ID of configured information interface...

Page 421: ...gency numbers Ruijie show lldp location elin location static Elin location information Identifier t Elin iiiiiiiiii Ports Gi1 0 3 Related Commands Command Description N A N A Platform Description N A...

Page 422: ...dp neighbors detail Lldp neighbor information of port GigabitEthernet 0 1 Neighbor index 1 Device type LLDP Device Update time 1hour 53minutes 30seconds Aging time 5seconds Chassis ID type MAC address...

Page 423: ...Power via MDI power source Power via MDI power priority Power via MDI power value Description of fields Field Description Neighbor index Neighbor index Device type Type of neighboring device Update ti...

Page 424: ...ID PPVID Supported Whether port and protocol VLAN is supported PPVID Enabled Whether port and protocol VLAN is enabled VLAN name of VLAN 1 VLAN 1 name Protocol Identity Protocol ID Auto negotiation su...

Page 425: ...fied the information about the specified network policy is displayed If no parameter is specified the information about all network policies is displayed Configuration Examples The following example d...

Page 426: ...number of lldp frames transmitted 26 The number of frames discarded 0 The number of error frames 0 The number of lldp frames received 12 The number of TLVs discarded 0 The number of TLVs unrecognized...

Page 427: ...d Description N A N A Platform Description N A 11 28 show lldp status Use this command to display LLDP status information show lldp status interface interface name Parameter Description Parameter Desc...

Page 428: ...ation interval Interval for sending LLDP Traps Fast start counts The number of fast sent LLDPDUs Port status of LLDP Whether LLDP is enabled on the port Port state Link status of port UP or DOWN Port...

Page 429: ...escription TLV YES YES System Name TLV YES YES System Description TLV YES YES System Capabilities TLV YES YES Management Address TLV YES YES IEEE 802 1 extend TLV Port VLAN ID TLV YES YES Port And Pro...

Page 430: ...Command Reference LLDP Commands Description...

Page 431: ...d outer vlan vid inner vlan v_list Parameter Description Parameter Description new vid Vid list of the vid Vid of outer tag no Removes the setting Defaults The policy list is null by default Command M...

Page 432: ...es vid in the tag of input message as 4 22 and setss the vid to 3 Ruijie configure Ruijie config interface gigabitEthernet 0 1 Ruijie config if switchport mode dot1q tunnel Ruijie config if dot1q oute...

Page 433: ...onfig if end Related Commands Command Description show translation table interface intf id N A Platform Description N A 12 4 dot1q relay vid vid translate inner vid v list Use this command to configur...

Page 434: ...ner cos value remark cos outer cos value default dot1q Tunnel cos inner cos value remark cos outer cos value Parameter Description Parameter Description inner cos value Indicates the CoS value of the...

Page 435: ...D Defaults The default is 0x8100 Command Mode Interface configuration mode Usage Guide If the TPID value of the connected third party device is not 0x8100 default value defined in IEEE802 1Q the TPID...

Page 436: ...rk connects the user s VLAN tag priority can be copied to the outer VLAN tag so that the user s packets are encapsulated with the outer VLAN tag and have the same priority as the user s VLAN tag In th...

Page 437: ...function of receiving L2 protocol gvrp and stp Ruijie configure Ruijie config l2protocol tunnel stp Ruijie config l2protocol tunnel gvrp Ruijie config end Related Commands Command Description show l2...

Page 438: ...tunnel dmac Use this command to set the MAC address for the transparent transmission of the corresponding protocol messages Use the no or default form of this command to restore the default setting l2...

Page 439: ...n list destination vlan dst vlan id default mac address mapping x source vlan src vlan list destination vlan dst vlan id Parameter Description Parameter Description index id Policy ID of copying MAC a...

Page 440: ...Command Mode Any mode Usage Guide N A Configuration Examples The following example displays whether dot1q tunnel of interface is enabled or not Ruijie show dot1q tunnel Ports Dot1q tunnel Gi0 1 Enabl...

Page 441: ...rm Description N A 12 14 show inner priority trust Use this command to display whether the priority copy function is enabled show inner priority trust Parameter Description Parameter Description N A N...

Page 442: ...mode Usage Guide N A Configuration Examples The following example displays the VLAN configuration on the dot1q tunnel port Ruijie show interfaces dot1q tunnel Interface Gi0 3 Native vlan 10 Allowed v...

Page 443: ...elated Commands Command Description N A N A Platform Description N A 12 17 show interfaces remark Use this command to display the priority mapping configuration show interfaces intf id remark Paramete...

Page 444: ...mmand Mode Any mode Usage Guide N A Configuration Examples The following example displays the VLAN mapping configuration ruijie show interfaces vlan mapping Ports Type Status Destination VID Source VI...

Page 445: ...tocol tunnel Stp Enable Ruijie show l2protocol tunnel gvrp L2protocol tunnel gvrp Disable Related Commands Command Description N A N A Platform Description N A 12 20 show registration table Use this c...

Page 446: ...erface intf id Parameter Description Parameter Description intf id Specifies the interface Defaults N A Command Mode Any mode Usage Guide N A Configuration Examples The following example displays flow...

Page 447: ...hybrid port Ruijie show translation table Ports Type Relay VID Old local Local inner VID list Gi0 7 Inner CVID 8 N A 10 20 Gi0 7 Local SVID 1001 N A 30 60 Gi0 7 In Out 8 20 50 Related Commands Comman...

Page 448: ...nfig if switchport dot1q tunnel allowed vlan tagged 3 6 Ruijie config end Related Commands Command Description show interface dot1q tunnel N A Platform Description N A 12 24 switchport dot1q tunnel na...

Page 449: ...interface as the dot1q tunnel interface Use the no or default form of this command to restore the default setting switchport mode dot1q tunnel no switchport mode default switchport mode Parameter Desc...

Page 450: ...tion Parameter Description acl Flow matching vid Modified inner vid Defaults By default no policy is configured Command Mode Interface configuration mode Usage Guide N A Configuration Examples The fol...

Page 451: ...llowing example specifies the vid of input message whose source address is 1 1 1 3 as 9 Ruijie configure Ruijie config ip access list standard 20 Ruijie config std nacl permit host 1 1 1 3 Ruijie conf...

Page 452: ...d nacl exit Ruijie config interface gigabitEthernet 0 1 Ruijie config if switchport mode trunk Ruijie config if traffic redirect access group 2 outer vlan 3 in Ruijie config if end Related Commands Co...

Page 453: ...ollowing example specifies the vid of the incoming messages whose vid in the tag is 3 as 4 and forwards it Ruijie configure terminal Ruijie config vlan range 3 4 Ruijie config vlan range exit Ruijie c...

Page 454: ...the VLAN module to configure elaborately the VLAN and the relation between ports and VLAN so as to transmit the sub ring s protocol packets in other Ethernet rings and not leak the packets to the use...

Page 455: ...e sub ring raps vlan 100 Related Commands Command Description N A N A Platform Description N A 13 2 erps enable Use this command to enable disable the ERPS function in the global configuration mode er...

Page 456: ...state by oam vlan vlan id no erps monitor link state by oam Parameter Description Parameter Description vlan id Indicates the VLAN that monitors link state Defaults By default it adopts the directly...

Page 457: ...AN that is not used on the device Cannot set the VLAN1 to the R APS VLAN The same Ethernet ring of different devices needs the same R APS VLAN If you want to transparently transmit the ERPS protocol p...

Page 458: ...Configuration Examples Suppose that the ERP1 and ERP2 are configured on the switch to implement the load balance The R APS VLAN of the ERPS1 is 100 the protected data VLAN is in the range of 1 to 99 a...

Page 459: ...Guide 1 After adding the port to the ERP ring the trunk attribute of the port is not allowed to be modified any more 2 If the ring port is configured on the virtual channel this ring will be consider...

Page 460: ...he subring and other Ethernet rings in the subring ERPS configuration mode Platform Description N A 13 7 rpl port Use this command to configure the RPL port and RPL owner rpl port west east rpl owner...

Page 461: ...here the RPL link is and the RPL owner Ruijie config erps4093 rpl port west rpl owner Related Commands Command Description ring port west interface name1 virtual channel east interface name2 virtual c...

Page 462: ...L Owner Enabled Holdoff Time 0 milliseconds Guard Time 500 milliseconds WTR Time 5 minutes Current Ring State Idle R APS VLAN 4093 Ring Status Enabled West Port Virtual Channel East Port Gi 0 10 Forwa...

Page 463: ...ription N A N A Defaults Disabled Command Mode EPRS configuration mode Usage Guide Only after the global ERPS protocol and the ERPS protocol of the specified ring are both enabled the ERPS protocol of...

Page 464: ...fig erps enable Related Commands Command Description erps enable Enable the global ERPS protocol Platform Description N A 13 10 sub ring tc propagation Use this command to specify the devices correspo...

Page 465: ...g Ruijie config erps4093 ring port west fastEthernet 0 1 east fastEthernet 0 2 Configure the Ethernet subring Ruijie config erps raps vlan 100 Ruijie config interface fastEthernet 0 3 Ruijie config if...

Page 466: ...t the message of link recovery and starts up the Guard timer Before the Guard times out except for the flush packets indicating the subring topology change other packets are discarded directly without...

Page 467: ...Command Reference ERPS Commands Commands N A N A Platform Description N A...

Page 468: ...rvice Commands 2 ARP Commands 3 IPv6 Commands 4 DHCP Commands 5 DHCPv6 Commands 6 DNS Commands 7 FTP Server Commands 8 FTP Client Commands 9 TFTP Server Commands 10 Network Connectivity Test Tool Comm...

Page 469: ...Protocol IP The network mask is also a 32 bit value that identifies which bits among the IP address is the network portion Among the network mask the IP address bits that correspond to value 1 are the...

Page 470: ...address be configured Both slave and primary addresses are configured on an Layer 3 interface backing up each other In general the master device adopts the primary IP address and the slave device uses...

Page 471: ...y this interface to 0 0 0 0 Ruijie config interface gigabitEthernet 0 1 Ruijie config if GigabitEthernet 0 1 ip broadcast address 0 0 0 0 Related Commands Command Description N A N A Platform Descript...

Page 472: ...transmission of directed broadcast packets that have reached the destination subnet instead of normal forwarding of other directed broadcast packets You can also define an access list on an interface...

Page 473: ...umbered 4 to the source IP address for path MTU discovery Rate limits on ICMP destination unreachable packets and other error packets are needed to prevent path MTU discovery failure It is recommended...

Page 474: ...les The following example sets the FastEthernet 0 1 interface of a device to respond the ICMP mask request message Ruijie config interface fastEthernet 0 1 Ruijie config if ip mask reply Related Comma...

Page 475: ...ICMP redirection message in the interface configuration mode Use the no form of this command to disable this function ip redirects no ip redirects Parameter Description Parameter Description N A N A D...

Page 476: ...cket it will check the options of the IP packet such as strict source route loose source route and record route Details about these options can be found in RFC 791 If an option is found to be enabled...

Page 477: ...s Use the no form of this command to disable this function ip unreachables no ip unreachables Parameter Description Parameter Description N A N A Defaults This function is enabled by default Command M...

Page 478: ...ble RGOS will create a direct route in the routing table The interface is available in that the RGOS software can receive and send packets through this interface If the interface changes from availabl...

Page 479: ...st is OFF ICMP mask reply is ON Send ICMP redirect is ON Send ICMP unreachabled is ON DHCP relay is OFF Fast switch is ON Help address is Proxy ARP is OFF ARP packet input number 0 Request packet 0 Re...

Page 480: ...ctor protocol Help address is Show the helper IP address Proxy ARP is Show whether the agent ARP is enabled ARP packet input number Request packet Reply packet Unknown packet Show the total number of...

Page 481: ...Receive queue overflow 0 Unknow protocol drops 0 ICMP rcv drops 0 for skb check fail ICMP rcv drops 0 for skb is broadcast Sent packets Success 15644 Generate 13 and send 8 ICMP reply packets send 26...

Page 482: ...ceived 113962 packets 11948991 bytes Unicast 90962 Multicast 5232 Broadcast 17768 Discards 0 HdrErrors 0 BadChecksum 0 TTLExceeded 0 Others 0 NoRoutes 0 Others 0 Sent 34917 packets 1863146 bytes Unica...

Page 483: ...A Platform Description N A 1 14 show ip raw socket Use this command to display IPv4 raw sockets show ip raw socket num Parameter Description Parameter Description num Protocol Defaults N A Command Mod...

Page 484: ...ileged EXEC mode Usage Guide N A Configuration Examples The following displays all IPv4 sockets Ruijie show ip sockets Number Process name Type Protocol LocalIP Port ForeignIP Port State 1 dhcp elf RA...

Page 485: ...ield Description Field Description Number Serial number Process name Process name Type Socket type including the following types RAW raw sockets DGRAM datagram type STREAM stream type Protocol Protoco...

Page 486: ...ess Peer Address Process name 1 0 0 0 0 68 0 0 0 0 0 dhcpc elf 2 0 0 0 0 161 0 0 0 0 0 rg snmpd 3 0 0 0 0 2000 0 0 0 0 0 wbav2 4 0 0 0 0 3333 0 0 0 0 0 vrrp_plus elf 5 0 0 0 0 3503 0 0 0 0 0 mpls elf...

Page 487: ...2 bit IP address using the ARP cache table Since most hosts support dynamic ARP resolution usually static ARP mapping is not necessary The clear arp cache command can be used to delete the ARP mapping...

Page 488: ...r Description Parameter Description num The number of the IP message to trigger the ARP to discarded entry in the range from 0 to 100 0 stands for disabling the arp anti ip attack function Defaults By...

Page 489: ...ect Configuration Examples The following example sets the maximum number of ARP learned on the interface to 300 Ruijie config interface gi 0 0 Ruijie config if GigabitEthernet 0 0 arp cache interface...

Page 490: ...Command Description N A N A Platform Description N A 2 5 arp retry interval Use this command to set the frequency for sending the arp request message locally namely the time interval between two cont...

Page 491: ...range from 1 to100 When it is set as 1 it indicates that the ARP request is not retransmitted only 1 ARP request message is sent Defaults The default is 5 Command Mode Global configuration mode Usage...

Page 492: ...the more network bandwidth occupied by the ARP Hence the advantages and disadvantages should be weighted Generally it is not necessary to configure the ARP timeout unless there is a special requireme...

Page 493: ...elated Commands Command Description service trustedarp Enables the trusted ARP function Platform Description N A 2 9 arp trusted aging Use this command to set trusted ARP aging Use the no form of this...

Page 494: ...ommand enable the trusted ARP function first This command is needed only when the VLAN sent by the server is different from the VLAN which takes effect in the trusted ARP entry Configuration Examples...

Page 495: ...Ruijie config interface gi 0 0 Ruijie config if GigabitEthernet 0 0 arp trust monitor enable The following example disables engress gateway trusted ARP Ruijie config interface gi 0 0 Ruijie config if...

Page 496: ...entries in a subnet mask If trusted value is specified trusted ARP entries in the subnet mask are deleted otherwise all dynamic ARP entries are deleted The dynamic ARP entry specified by the IP addre...

Page 497: ...mode Usage Guide Proxy ARP helps those hosts without routing message obtain MAC address of other networks or subnet IP address For example a device receives an ARP request The IP addresses of request...

Page 498: ...the device s Ethernet MAC address realizing communication between different hosts through L3 routes Configuration Examples The following example enables local proxy ARP on VLAN1 Ruijie config interfa...

Page 499: ...trusted ARP entries Currently only the global VRF supports the trusted ARP ip Displays the ARP entry of the specified IP address If trusted is configured only trusted ARP entries are displayed Otherwi...

Page 500: ...ess corresponding to the IP address Type Hardware address type ARPA for all Ethernet addresses Interface Interface associated with the IP addresses The following example displays the output result of...

Page 501: ...p counter command Ruijie sho arp counter ARP Limit 75000 Count of static entries 0 Count of dynamic entries 1 complete 1 incomplete 0 Total 1 Related Commands Command Description N A N A Platform Desc...

Page 502: ...displayed Configuration Examples The following example displays the output result of the show arp detail command Ruijie show arp detail IP Address MAC Address Type Age min Interface Port 20 1 1 1 000...

Page 503: ...esponding to the ARP entries Location Local ARP entries are generated or learned on the local device Remore ARP entries are synced from a remote gateway Related Commands Command Description N A N A Pl...

Page 504: ...ies Number of received ARP response messages Received Others Number of other received ARP packets Sent Requests Number of sent ARP requests Sent Replies Number of sent ARP requests Related Commands Co...

Page 505: ...e show ip arp Protocol Address Age min Hardware Type Interface Internet 192 168 7 233 23 0007 e9d9 0488 ARPA FastEthernet 0 0 Internet 192 168 7 112 10 0050 eb08 6617 ARPA FastEthernet 0 0 Internet 19...

Page 506: ...configured the value of the field is represented with Hardware Hardware address corresponding to the IP address Type The type of hardware address The value is ARPA for all Ethernet addresses Interfac...

Page 507: ...Examples The following example clears the dynamic IPv6 neighbors Ruijie clear ipv6 neighbors Related Commands Command Description ipv6 neighbor Configures the neighbor show ipv6 neighbors Displays th...

Page 508: ...ID Defaults N A Command Mode Interface configuration mode Usage Guide When an IPv6 interface is created and the link status is UP the system will automatically generate a local IP address for the int...

Page 509: ...device could use the prefix information of the RA message to automatically generate the EUI 64 interface address If the RA message contains the flag of the other configurations the interface will obt...

Page 510: ...Platform Description N A 3 5 ipv6 general prefix Use this command to configure the IPv6 general prefix in the global configuration mode ipv6 general prefix prefix name ipv6 prefix prefix length no ip...

Page 511: ...eral prefix Platform Description N A 3 6 ipv6 hop limit Use this command to configure the default hopcount to send unicast messages in the global configuration mode ipv6 hop limit value no ipv6 hop li...

Page 512: ...rsize error packet to the source IPv6 address This kind of ICMPv6 error packet is used for IPv6 path MTU discovery If there are too many ICMPv6 error packets the ICMPv6 oversize error packet may not b...

Page 513: ...l network segment the IPv6 MTU of the interconnected interface must be the same Configuration Examples The following example sets the IPv6 MTU of the FastEthernet 0 1 interface to 1400 bytes Ruijie co...

Page 514: ...ipv6 nd dad attempts Use this command to set the number of the NS packets to be continuously sent for IPv6 address collision check on the interface Use the no form of this command to restore it to th...

Page 515: ...ct detection Use the no form of this command to restore the default setting ipv6 nd dad retry value no ipv6 nd dad retry Parameter Description Parameter Description value Sets the interval for address...

Page 516: ...tains an IP address through stateful auto configuration otherwise it does not be used Configuration Examples Ruijie config if ipv6 nd managed config flag Related Commands Command Description show ipv6...

Page 517: ...l configuration flag bit of the RA message Use the no form of this command to delete the flag bit ipv6 nd other config flag no ipv6 nd other config flag Parameter Description Parameter Description N A...

Page 518: ...es that the prefix is always valid default Sets the default prefix no advertise The prefix will not be advertised by the device off link When the host sends an IPv6 packet if the prefix of the destina...

Page 519: ...ually reduced until the end time is 0 Configuration Examples The following example adds a prefix for SVI 1 Ruijie config interface vlan 1 Ruijie conifig if ipv6 nd prefix 2001 64 infinite 2592000 The...

Page 520: ...e RA message in seconds 3 1800s min max Maximum and minimum interval sending the RA message in seconds min_value Minimum interval sending the RA message in seconds max_value Maximum interval sending t...

Page 521: ...ce in the range from 0 to 9000 in the unit of seconds Defaults The default is 1800 Command Mode Interface configuration mode Usage Guide The router lifetime field is available in each RA It specifies...

Page 522: ...nformation ipv6 nd ra lifetime Sets the lifetime of the device ipv6 nd ra interval Sets the interval of sending the RA message ipv6 nd ra hoplimit Sets the hopcount of the RA message Platform Descript...

Page 523: ...pv6 interface Displays the interface information Platform Description N A 3 21 ipv6 nd state time Use this command to set the period for the neighbor to maintain the state Use the no form of this comm...

Page 524: ...Guide This command suppresses the sending of the RA message on an interface Configuration Examples Ruijie config if ipv6 nd suppress ra Related Commands Command Description show ipv6 interface Display...

Page 525: ...ss interface id Parameter Description Parameter Description ipv6 address The neighbor IPv6 address in the form as defined in RFC4291 interface id Specifies the network interface where the neighbor is...

Page 526: ...ed Commands Command Description N A N A Platform Description N A 3 25 ipv6 ns linklocal src Use this command to set the local address of the link as the source IP address to send neighbor requests Use...

Page 527: ...nfiguration Examples The following example enables ICMPv6 redirection on interface GigabitEthernet 0 1 Ruijie config if GigabitEthernet 0 1 ipv6 redirects Related Commands Command Description show ipv...

Page 528: ...Examples Ruijie config no ipv6 source route Related Commands Command Description N A N A Platform Description N A 3 28 show ipv6 address Use this command to display the IPv6 addresses show ipv6 addres...

Page 529: ...tEthernet 0 1 Related Commands Command Description N A N A Platform Description N A 3 29 show ipv6 general prefix Use this command to display the information of the general prefix show ipv6 general pr...

Page 530: ...IPv6 interface information show ipv6 interface interface id ra info brief interface id Parameter Description Parameter Description interface id Interface including Ethernet interface aggregate port o...

Page 531: ...bit in the following the INET6 address is explained as follows Flag Meaning ANYCAST Indicate that the address is an anycast address TENTATIVE Indicate that the DAD is underway The address is a tentat...

Page 532: ...are different from those contained in the RAs advertised by the device RS input Indicate the number of the RSs that are received Link layer address Link layer address of the interface Physical MTU Lin...

Page 533: ...mmand to display the IPv6 neighbors show ipv6 neighbors verbose interface id ipv6 address show ipv6 neighbors static Parameter Description Parameter Description verbose Displays the neighbor details s...

Page 534: ...the neighbor DELAY A packet is sent to the neighbor in STALE state If the STALE state changes to DELAY DELAY will be changed to PROBE if no neighbor reachability notification is received within DELAY...

Page 535: ...ple displays the statistics of the global neighbors Ruijie show ipv6 neighbor statistics Memory 0 bytes Entries 0 Static 0 Dynamic 0 Local 0 Incomplete 0 Reachable 0 Stale 0 Delay 0 Probe 0 Ruijie The...

Page 536: ...me Interface name Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example displays the total statistics of the IPv6 packets and the statistics of ea...

Page 537: ...ytes Unicast 0 Multicast 0 Ruijie Related Commands Command Description N A N A Platform Description Supported on all platforms 3 34 show ipv6 raw socket Use this command to display all IPv6 raw socket...

Page 538: ...nt of the specified interface Defaults N A Command Mode Privileged EXEC mode Usage Guide Use this command to display the neighbor routers and the routing advertisement If no interface is specified all...

Page 539: ...pe Protocol LocalIP Port ForeignIP Port State 1 vrrp elf RAW ICMPv6 58 0 2 tcpip elf RAW ICMPv6 58 0 3 vrrp elf RAW VRRP 112 0 4 rg snmpd DGRAM UDP 161 0 5 rg snmpd DGRAM UDP 162 0 6 dhcp6 elf DGRAM U...

Page 540: ...ription Parameter Description local port num Local port number peer port num Peer port number Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following exampl...

Page 541: ...Command Reference IPv6 Commands Platform Description N A...

Page 542: ...st be from low address to high address so as to allow the duplication of network segment range between multiple CLASSes If the CLASS associated with the address pool is specified without configuring t...

Page 543: ...file from the corresponding server such as TFTP Other servers are defined by the next server command Configuration Examples The following example defines the device conf as the startup file name boot...

Page 544: ...ddresses have been to the upper limit then continue to assign the address from the next CLASS and so on Each CLASS corresponds to one network segment range that must be from low addresses to high addr...

Page 545: ...ress conflict records ip address Deletes the conflict record of the specified IP addresses Defaults N A Command Mode Privileged EXEC mode Usage Guide The DHCP server uses the ping session to detect th...

Page 546: ...de This command is configured on the DHCP server Configuration Examples The following example clears all addresses assigned by the DHCP server Ruijie clear ip dhcp history Related Commands Command Des...

Page 547: ...A Defaults N A Command Mode Privileged EXEC mode Usage Guide This command is used to clear statistics about the packet processing rate of every module including arp hot backup lsm and socket Configura...

Page 548: ...P address pool configuration mode Use the no form of this command to restore the default setting client identifier unique identifier no client identifier Parameter Description Parameter Description un...

Page 549: ...ent in the DHPC address pool configuration mode Use the no form of this command to restore the default setting client name client name no client name Parameter Description Parameter Description client...

Page 550: ...s defined by default Command Mode DHCP address pool configuration mode Usage Guide In general the DHCP client should get the information of the default gateway from the DHCP server The DHCP server sho...

Page 551: ...acts as the DHCP client the DNS server information obtained by the client can be transmitted to the DHCP client Configuration Examples The following example specifies the DNS server 192 168 12 3 for...

Page 552: ...hardware address Use this command to define the hardware address of the DHCP client in the DHPC address pool configuration mode Use the no form of this command to restore the default setting hardware...

Page 553: ...mode Use the no form of this command to restore the default setting host ip address netmask no host Parameter Description Parameter Description ip address Defines the IP address of DHCP client netmask...

Page 554: ...hen requesting the IP address the DHCP client of the RGOS software also requires the DHCP server provide 5 configuration parameter information 1 DHCP option 1 client subnet mask 2 DHCP option 3 it is...

Page 555: ...configure the Option82 information that matches the CLASS and the CLASS identification information Configuration Examples The following example configures a global CLASS Ruijie config ip dhcp class m...

Page 556: ...luded address 192 168 12 100 192 168 12 150 Related Commands Command Description ip dhcp pool Defines the name of the DHCP address pool and enters the DHCP address pool configuration mode network DHCP...

Page 557: ...s only those packets sent from a VRRP interface in the Master state Use the no form of this command to restore the default setting If it is canceled the DHCP Server processes packets from VRRP interfa...

Page 558: ...ion to check whether this address is occupied by other hosts Record it if the address is occupied otherwise assign it to the DHCP client The Ping operation will send up to 10 packets two packets by de...

Page 559: ...ping timeout 600 Related Commands Command Description clear ip dhcp conflict Clears the DHCP history conflict record ip dhcp ping packets Defines the number of the data packets sent by the ping operat...

Page 560: ...ines the network number and network mask of the DHCP address pool Platform Description N A 4 25 ip dhcp relay check server id Use this command to enable the ip dhcp relay check server id function Use...

Page 561: ...This function is disabled by default Command Mode Global configuration mode Usage Guide This command is configured on the DHCP Relay When you configure the ip dhcp relay information circuit id format...

Page 562: ...e DHCP Relay adds the option information in the DHCP request packets Configuration Examples The following example sets the device name for circuit id Ruijie config ip dhcp relay information circuit id...

Page 563: ...mat hex ascii Parameter Description Parameter Description hex Hexadecimal ascii ASCII code string Custom string Defaults This function is disabled by default Command Mode Global configuration mode Usa...

Page 564: ...onfigure the ip dhcp relay information remote id string command the device as the DHCP Relay adds the option information in the DHCP request packets Configuration Examples The following example sets t...

Page 565: ...dhcp Enables the DHCP Relay Platform Description N A 4 32 ip dhcp relay information remote id format Use this command to set the custom string for remote id on an interface Use the no form of this co...

Page 566: ...or remote id on an interface Use the no form of this command to restore the default setting ip dhcp relay information remote id string portname no ip dhcp relay information remote id string Parameter...

Page 567: ...Mode Global configuration mode Usage Guide This command is used to detect whether the user has gone offline If the user does not go online within a certain period the IP address is reclaimed Configur...

Page 568: ...global configuration mode or the interface configuration mode to add the DHCP server information ip helper address cycle mode A B C D no ip helper address cycle mode A B C D Parameter Description Para...

Page 569: ...ours minutes Optional Lease time in minutes It is necessary to define the days and hours before defining the minutes infinite Infinite lease time Defaults The lease time for a static address pool is i...

Page 570: ...l number of assignable address pools If the number of assigned pools stays above the alarm threshold an alarm is generated every 5 minutes Configuration Examples The following example sets the alarm t...

Page 571: ...HCP client netbios name server 192 168 12 3 Related Commands Command Description ip address dhcp Enables the DHCP client on the interface to obtain the IP address ip dhcp pool Defines the name of the...

Page 572: ...de type for Microsoft operating system is broadcast or hybrid If the WINS server is not configured broadcast node is used Otherwise hybrid node is used It is recommended to set the type of the NetBIOS...

Page 573: ...address conflict detection configuration Configuration Examples The following example defines the network number of the DHCP address pool as 192 168 12 0 and the network mask as 255 255 255 240 networ...

Page 574: ...Platform Description N A 4 43 option Use this command to configure the option of the DHCP server in the DHCP address pool configuration mode Use the no form of this command to restore the default set...

Page 575: ...ork 172 16 16 0 and the gateway 192 168 12 16 option 33 ip 172 16 12 0 192 168 12 12 172 16 16 0 192 168 12 16 Related Commands Command Description ip dhcp pool Defines the name of the DHCP address po...

Page 576: ...onfigure the class matching multiple Option82 information Configuration Examples The following example configures a global CLASS and enters the Option82 matching information configuration mode Ruijie...

Page 577: ...relayinfo relay information hex 060225654565 Ruijie config dhcp class relayinfo relay information hex 060223 Related Commands Command Description ip dhcp class Defines a CLASS and enter the global CLA...

Page 578: ...rameter Description Parameter Description N A N A Defaults The service dhcp command is disabled Command Mode Global configuration mode Usage Guide The DHCP server can assign the IP addresses to the cl...

Page 579: ...hcp lease Ruijie show dhcp lease Temp IP addr 192 168 5 71 for peer on Interface FastEthernet0 0 Temp sub net mask 255 255 255 0 DHCP Lease server 192 168 5 70 state 3 Bound DHCP transaction id 168F L...

Page 580: ...The IP address to be assigned to the DHCP client Client Identifier Hardware address The client identifier or hardware address of the DHCP client Lease expiration The expiration date of the lease The...

Page 581: ...ibed as follows Field Description IP address The IP addresses which cannot be assigned to the DHCP client Detection Method The conflict detection method Related Commands Command Description clear ip d...

Page 582: ...ID and address usage show ip dhcp identifier Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following exa...

Page 583: ...Address range 192 168 0 1 192 168 0 254 Class range 192 168 0 1 192 168 0 254 Total address 252 Excluded 2 Distributed 30 Conflict 10 Remained 212 Usage percentage 84 12698 Lease threshold 90 The mean...

Page 584: ...to display the statistics of the DHCP relay show ip dhcp relay statistics Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide This command i...

Page 585: ...iption Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide This command displays the statistics of the DHCP server Configuration Examples The following example dis...

Page 586: ...er of allocated lease Automatic bindings Number of automatic address bindings Manual bindings Number of manual address bindings Expired bindings Number of expired address bindings Malformed messages N...

Page 587: ...n N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example displays the socket used by the DHCP server ruijie show ip dhcp socket dhcp socket...

Page 588: ...and is used to reset the DHCPv6 client which may lead the client to request for the configurations from the server again Configuration Examples The following example resets DHCP client VLAN 1 Ruijie c...

Page 589: ...mmit no ipv6 dhcp client ia Parameter Description Parameter Description rapid commit Allows the two message interaction process Defaults This function is disabled by default Command Mode Interface con...

Page 590: ...prefix request to the DHCPv6 server The keyword rapid commit allows the client and the server two message interaction process With this keyword configured the solicit message sent by the client inclu...

Page 591: ...y service The forwarding output interface configuration is mandatory if the forwarding address is the local link address or the multicast address And the forwarding output interface configuration is o...

Page 592: ...this command to display the DHCPv6 interface information show ipv6 dhcp interface interface name Parameter Description Parameter Description interface name Sets the interface name Defaults N A Command...

Page 593: ...h DHCPv6 packets sent from a client are forwarded through a specified relay exit optional by an interface for which the relay function has been enabled by Relay Agent Examples The following example di...

Page 594: ...jie show ipv6 dhcp relay statistics Packets dropped 2 Error 2 Excess of rate limit 0 Packets received 28 SOLICIT 0 REQUEST 0 CONFIRM 0 RENEW 0 REBIND 0 RELEASE 0 DECLINE 0 INFORMATION REQUEST 14 RELAY...

Page 595: ...configuration 2 the DNS dynamic learning Execute this command to delete the host name records learned by the DNS dynamically Configuration Examples The following configuration deletes the dynamically...

Page 596: ...n Platform Description N A 6 3 ip host Use this command to configure the mapping of the host name and the IP address Use the no form of the command to remove the host list ip host host name ip address...

Page 597: ...ess The IPv6 address of the domain name server Defaults No domain name server is configured by default Command Mode Global configuration mode Usage Guide Add the IP address of the DNS server Once this...

Page 598: ...mode Usage Guide To delete the host list use the no ipv6 host host name ipv6 address command Configuration Examples The following example configures the IPv6 address for the domain name Ruijie config...

Page 599: ...126 Field Description Name servers Domain name server Host Domain name type Resolution type Static resolution and dynamic resolution Address IP address corresponding to the domain name TTL TTL of entr...

Page 600: ...led by default Command Mode Global configuration mode Usage Guide This command is used to enable the FTP server to connect the FTP client to upload download the files Configuration Examples The follow...

Page 601: ...rval refers to the maximum time when your account is allowed online after you login to the server If you don t perform authentication again before the timeout interval expires you will be forced offli...

Page 602: ...onfig ftp server login times 5 The following example restores the default setting Ruijie config no ftp server login times Related Commands Command Description N A N A Platform Description N A 7 4 ftp...

Page 603: ...P server files Use the no form of this command to restore the default setting ftp server topdir directory no ftp server topdir Parameter Description Parameter Description directory Sets the top direct...

Page 604: ...by default Command Mode Global configuration mode Usage Guide Use this command to set the login username for the FTP server To log in to the FTP server the correct username and password shall be prov...

Page 605: ...us information of the FTP server show ftp server Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide The FTP server status information includ...

Page 606: ...name a1 password PLAINT bbbb connect num 0 username a2 password PLAINT bbbb connect num 0 username a3 password PLAINT bbbb connect num 0 username a4 password PLAINT bbbb connect num 0 username a5 pass...

Page 607: ...ver remote directory File directory of FTP Server It is optional and limited to 255 bytes No space or Chinese character is supported If left blank it implies the current directory of FTP server remote...

Page 608: ...not contain and space neither can it be omitted password The password for logging into FTP Server It is limited to 32 bytes and must not contain and space neither can it be omitted dest address IP add...

Page 609: ...transfer files Platform Description N A 8 3 ftp client ascii Use this command to use ASCII mode for FTP transfer Use the no form of this command to restore the default setting ftp client ascii no ftp...

Page 610: ...A N A Defaults The default is PASV mode for FTP data connection Command Mode Global configuration mode Usage Guide This command is used to configure the connection mode to PORT mode in which the serve...

Page 611: ...the route Command Mode Global configuration mode Usage Guide The default command is used to restore the FTP client setting Specifically data connection is in PASV mode and file transfer BINARY The cli...

Page 612: ...eanwhile TFTP clients are able to upload or download files Configuration Examples The following example enables the TFTP server and sets the top directory of the TFTP server to syslog Ruijie config tf...

Page 613: ...rver defines what files and folders the client is able to access And the client cannot access the TFTP server before a top directory is correctly configured for the server Configuration Examples The f...

Page 614: ...n Examples The following example clears all Rping entries Ruijie clear rping table all The following example clears the specified Rping entry Ruijie clear rping table user ruijie Related Commands Comm...

Page 615: ...ength are sent to the specified IP address within specified time 2s by default Command Mode Privileged EXEC mode Usage Guide If the device can be pinged the response information is displayed and the s...

Page 616: ...timeout is 3 seconds press Ctrl C to break Reply from 192 168 21 26 bytes 1500 time 1ms TTL 64 Reply from 192 168 21 26 bytes 1500 time 1ms TTL 64 Reply from 192 168 21 26 bytes 1500 time 1ms TTL 64...

Page 617: ...sent range 1 4294967295 seconds Specifies the timeout time range 1 10 seconds data Specifies the data to fill in source Specifies the source IPv6 address or the source interface The loopback interface...

Page 618: ...etwork connectivity problem Ruijie ping ipv6 2000 1 Sending 5 100 byte ICMP Echoes to 2000 1 timeout is 2 seconds press Ctrl C to break Success rate is 100 percent 5 5 round trip min avg max 1 2 10 ms...

Page 619: ...mber of Rping accounts owner Username test name Test name storage type Storage type Related Commands Command Description N A N A Platform Description N A 10 5 traceroute Use this command to display al...

Page 620: ...t connected successfully 1 When the network is connected smoothly Ruijie traceroute 61 154 22 36 press Ctrl C to break Tracing the route to 61 154 22 36 1 192 168 12 1 0 msec 0 msec 0 msec 2 192 168...

Page 621: ...ceroute www ietf org Translating www ietf org OK press Ctrl C to break Tracing the route to 64 170 98 32 1 192 168 217 1 0 msec 0 msec 0 msec 2 10 10 25 1 0 msec 0 msec 0 msec 3 10 10 24 1 0 msec 0 ms...

Page 622: ...st the connectivity of a network to exactly locate the network connectivity problem when the network failure occurs To use the function domain name configure the domain name server For the concrete co...

Page 623: ...c 8 msec 4 msec 4 5 3004 1 4 msec 28 msec 12 msec The above result clearly shown that the gateways passed by the packets sent to the host with an IP address of 3004 1 gateways 1 5 and the spent time a...

Page 624: ...function enables TCP to detect whether the peer end is operating properly Suppose the keepalive function is enabled together with default interval times and idle period settings TCP begins to send th...

Page 625: ...f MSS However this configuration is not needed in general This command applies to both IPv4 and IPv6 TCP Configuration Examples The following example sets the upper limit of the MSS value to 1300 byte...

Page 626: ...mer If the PMTU discovered is smaller than the MSS negotiated between two ends of the TCP connection the device will be trying to discover the greater PMTU at the specified interval untill the PMTU va...

Page 627: ...imeout value for SYN packets the maximum time from SYN transmission to successful three way handshake Use the no form of this command to restore the default setting ip tcp synwait time seconds no ip t...

Page 628: ...ections involving a large bandwidth and mass data increasing the size of receiving buffer will remarkably improve TCP transmission performance The sending buffer is used to buffer the data of applicat...

Page 629: ...onfiguration mode Usage Guide The keepalive function enables the TCP server to detect whether the client is operating properly If the TCP server sends the keepalive packet for four consecutive times w...

Page 630: ...times without receiving any TCP packet from the server the TCP connection is considered invalid and then is disconnected automatically Configuration Examples The following example enables the keepali...

Page 631: ...information Ruijie show ipv6 tcp connect Number Local Address Foreign Address State Process name 1 22 0 LISTEN rg sshd 2 23 0 LISTEN rg telnetd 3 1000 1 23 1000 2 64201 ESTABLISHED rg telnetd The foll...

Page 632: ...Privileged EXEC mode Usage Guide N A Configuration Examples The following example information about IPv6 TCP PMTU Ruijie show ipv6 tcp pmtu Number Local Address Foreign Address PMTU 1 1000 1 23 1000...

Page 633: ...following example displays the current IPv6 TCP port status Ruijie show ipv6 tcp port TCP connections on port 23 Number Local Address Foreign Address State 1 1000 1 23 1000 2 64571 ESTABLISHED Total 1...

Page 634: ...he local end has sent the FIN packet from the peer end and received the FIN packet from the peer end before the ACK packet for the peer end to respond with this FIN packet is received TIMEWAIT The FIN...

Page 635: ...is the port number State Current status of the TCP connection There are eleven possible states CLOSED The connection has been closed LISTEN Listening state SYNSENT In the three way handshake phase whe...

Page 636: ...ISHED 1 SYN_SENT 0 SYN_RECV 0 FIN_WAIT1 0 FIN_WAIT2 0 TIME_WAIT 0 CLOSED 0 CLOSE_WAIT 0 LAST_ACK 0 LISTEN 1 CLOSING 0 Total 2 Related Commands Command Description N A N A Platform Description N A 11 1...

Page 637: ...nit bytes Current allocated memory 0 Current memory pressure flag 0 SYN specific information Max SYN_RECV sockets per LISTEN socket 65535 Max SYN retries 5 Max SYN ACK retries 5 Timewait specific info...

Page 638: ...MTU of IPv4 TCP connection Ruijie show tcp pmtu Number Local Address Foreign Address PMTU 1 192 168 195 212 23 192 168 195 112 13560 1440 Field Description Number Sequence number Local Address The loc...

Page 639: ...listen on 23 have connections TCB Foreign Address Port State c340800 1 1 1 2 64571 ESTABLISHED Tcpv4 listen on 23 have total 1 connections Tcpv6 listen on 23 have connections TCB Foreign Address Port...

Page 640: ...the peer end before the ACK packet for the peer end to respond with this FIN packet is received TIMEWAIT The FIN packet sent by the local end has been acknowledged and the local end has also acknowled...

Page 641: ...escription Field Description TCP Packets Normal packets and error packets Three way handshake Three way handshake information including session request count server client connection count three way h...

Page 642: ...Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example clears IPv4 REF packet statistics Ruijie clear ip ref packet statistics Related Commands Command Descrip...

Page 643: ...umber discard Displays discarded adjacent nodes statistics Statistics Defaults N A Command Mode Privileged EXEC mode Usage Guide This command can be used to display the information about the adjacent...

Page 644: ...acent node chg Whether the adjacent node is on the changing link ip IP address of the adjacent node interface Interface linklayer Layer 2 head Related Commands Command Description show ip ref route Di...

Page 645: ...00 25 64 C5 9D 6A 00 D0 F8 98 76 54 08 00 Description of fields Field Description id Adjacency ID state Adjacency state Unresolved Resolved type Adjacency type Local local adjacency Forward forward ad...

Page 646: ...0 no ip routing 0 Field Description total recved Number of total packets received by REF bad head Number of the packets with false header lookup fib fail Number of the packets with failed REF routing...

Page 647: ...displays IPv4 REF resolution information Ruijie show ip ref resolve list IP res_state flags interface 1 1 1 1 unres 1 GigabitEthernet 0 0 Field Description IP IP address res_state unres unresolved re...

Page 648: ...ute zero route ip mask weight path id next hop interface 255 255 255 255 255 255 255 255 1 4 0 0 0 0 Local 0 224 0 0 0 240 0 0 0 1 1 224 0 0 0 224 0 0 0 255 255 255 0 1 4 0 0 0 0 Local 0 192 168 50 0...

Page 649: ...Statistics Defaults N A Command Mode Privileged EXEC mode Usage Guide This command can be used to display the information about the adjacent node table in the privileged EXEC mode and global configura...

Page 650: ...ipv6 ref exact route source ipv6 address destination ipv6 address Parameter Description Parameter Description source ipv6 address Source IP address of the packet destination ipv6 address Destination I...

Page 651: ...rface linklayer Layer 2 head Related Commands Command Description N A N A Platform Description N A 12 10 show ipv6 ref packet statistics Use this command to display IPv6 REF packet statistics show ipv...

Page 652: ...of the packets matching the gleaned adjacency forward Number of the packets matching the forwarded adjacency no ip routing Number of the packets not allowed to be forwarded and sent to local Related C...

Page 653: ...mmand Description N A N A Platform Description N A 12 12 show ipv6 ref route Use this command to display all the routing information in the IPv6 REF table show ipv6 ref route default statistics prefix...

Page 654: ...en weight path_id next_hop interface 2001 da8 ffe 2 64 1 3 GigabitEthernet 0 0 2001 da8 ffe 2 3 128 1 2 1 Local 1 fe80 10 1 6 Null 0 fe80 21a a9ff fe3b fa41 128 1 2 1 Local 1 Field Description prefix...

Page 655: ...IP Routing Commands 1 RIP Commands 2 OSPFv2 Commands 3 OSPFv3 Commands 4 RIPng Commands 5 NSM Commands 6 Protocol independent Configuration Commands...

Page 656: ...ute cannot be seen in the routing table reducing the size of the routing table significantly Advertising the summarized route is more efficient than advertising individual routes in light of the follo...

Page 657: ...default route is generated by default The default metric value is 1 Command Mode Routing process configuration mode Usage Guide By default RIP will not advertise the default route if the default route...

Page 658: ...ue no default metric Parameter Description Parameter Description metric value Indicates the default metric value with the range from 1 to 16 If the metric value is greater than or equal to 16 the RGNO...

Page 659: ...n distance Sets the management distance of a RIP route an integer in the range from 1 to 255 ip address Indicates the prefix of the source IP address of the route wildcard Defines the comparison bit o...

Page 660: ...CL can be accepted prefix prefix list name Uses the prefix list to filter the routes gateway prefix list name Uses the prefix list to filter the source of the routes interface type interface number Op...

Page 661: ...route update advertisement control to a specified interface in the distribution list connected Optional Applies route update advertisement control to only connected routes in this distribution list o...

Page 662: ...access list Defines the ACL rule prefix list Defines the prefix list redistribute Configures route redistribution Platform Description N A 1 7 enable mib binding Use this command to bind a MIB with a...

Page 663: ...warding table remains unchanged and the RIP route is restored to the state before protocol restart When the GR period expires RIP exits the GR state and performs normal RIP operation The graceful rest...

Page 664: ...the keychain which specifies the keychain used for RIP authentication Defaults The keychain is not associated by default Command Mode Interface configuration mode Usage Guide If the keychain is specif...

Page 665: ...res RIP authentication as plaintext authentication md5 Configures RIP authentication as MD5 authentication Defaults It is plaintext authentication by default Command Mode Interface configuration mode...

Page 666: ...tication text password 0 7 password string no ip rip authentication text password Parameter Description Parameter Description 0 Specifies that the key is displayed as plaintext 7 Specifies that the ke...

Page 667: ...s the default route rather than other routes originate Notifies the default route and other routes metric metric value Specifies the metric value of the default route in the range from1 to 15 Defaults...

Page 668: ...the interface by default Command Mode Interface configuration mode Usage Guide To prevent an interface from receiving RIP packets use the no form of this command in interface configuration mode This c...

Page 669: ...through the interface and allows RIPv1 and RIPv2 packets to be received on the interface at the same time If the command is configured without parameters data package receiving depends on the configur...

Page 670: ...or disables receiving RIP packets on the interface passive interface Configures a passive RIP interface Platform Description N A 1 16 ip rip send supernet routes Use this command to enable RIP to sen...

Page 671: ...erface Use the no form of this command to restore the default setting ip rip send version 1 2 no ip rip send version Parameter Description Parameter Description 1 Optional Receives only RIPv1 packets...

Page 672: ...iple devices For non broadcast multi path access networks such as frame relay and X 25 split horizon may cause some devices to be unable to learn all routing information Split horizon may need to be d...

Page 673: ...k edge by default Command Mode Interface configuration mode Usage Guide The ip rip summary address command converges an IP address or a subnet on a specified port RIP routes are automatically converge...

Page 674: ...mer timer Configures the interval at which the Update Request and Update Response packets are retransmitted The range is from 1 to 3 600 The unit is second The default is five retransmit count count C...

Page 675: ...y To enable the function make sure that the RIP configuration is the same on both ends of the link such as RIP authentication and the RIP version supported by the interface If this function is enabled...

Page 676: ...on the version setting Configuration Examples The following example sends RIPv2 packets in broadcast mode on the fastEthernet 0 1 interface Ruijie config interface fastEthernet 0 1 Ruijie config if Fa...

Page 677: ...1 2 only Ruijie config router rip Ruijie config router passive interface default Ruijie config router neighbor 192 168 1 2 Related Commands Command Description passive interface Configures the interfa...

Page 678: ...nd to increase the metric value of received or sent RIP routes Use the no form of this command to restore the default setting offset list access list number name in out offset interface type interface...

Page 679: ...m 8 to 50 in the unit of milliseconds Defaults No sending delay is configured by default Command Mode Routing process configuration mode Usage Guide In normal cases the size of a RIP update packet is...

Page 680: ...nterface type interface num command to set specified interfaces as non passive interfaces After you set an interface to the passive interface RIP route update packets will no longer be sent but can be...

Page 681: ...to 16 route map route map name Sets the redistribution filtering rule Defaults By default All the routes of the sub types of the instance are redistributed when you configure redistributing OSPF All...

Page 682: ...tion default metric metric Sets the default metric of the route to be redistributed default information originate Generates the default route in the RIP process Platform Description N A 1 28 router ri...

Page 683: ...rsion RIP interface and network range metric and distance of the RIP process quickly Configuration Examples The following example displays the basic information of the RIP process such as the update t...

Page 684: ...the network number is specified count Optional Displays the abstract of the route statistics in the RIP database Defaults N A Command Mode Privileged EXEC mode Global configuration mode Routing proces...

Page 685: ...Valid Invalid database 5 5 0 auto summary 5 5 0 connected 1 1 0 rip 4 4 0 Related Commands Command Description show ip rip Displays the information of the currently running routing protocol process Pl...

Page 686: ...ospf 1 1 1 1 32 metric 2 nhop 192 100 3 2 if 2 ospf 90 1 1 1 32 metric 2 nhop 192 100 3 2 if 2 Related Commands Command Description show ip rip Displays the information of the currently running routi...

Page 687: ...t timer 5 Retransmit count 36 V2 Broadcast Disabled Multicast registe Registed Interface Summary Rip Not Configured Authentication mode Text Authentication key chain ripk1 Authentication text password...

Page 688: ...r exists no information will be displayed Configuration Examples The following example displays the RIP neighbor information Ruijie show ip rip peer Peer 192 168 3 2 Local address 192 168 3 1 Input in...

Page 689: ...eared out of the routing table The default Flush time is 120 seconds Defaults By default the update time is 30 seconds the invalid time is 180 seconds and the flushing time is 120 seconds Command Mode...

Page 690: ...bling split horizon on the interface causes the RIP routing process to enable update message source address validation no matter whether it has been configured with the validate update source command...

Page 691: ...ion mode Usage Guide This command defines the RIP version running on the device It is possible to redefine the messages of which RIP version are processed on every interface by using the ip rip receiv...

Page 692: ...d its configuration including the area based area authentication area default cost area filter list and area nssa commands Do not remove the OSPF area configuration under the following conditions Virt...

Page 693: ...the message digest option is used All devices in the same OSPF area must use the same authentication type If authentication is enabled the authentication password must be configured on an interface c...

Page 694: ...configuration mode Usage Guide This command takes effect only on the Area Border Router ABR of the stub area or the ABR Autonomous System Border Router ASBR of the NSSA The ABR can advertise a Link S...

Page 695: ...Usage Guide This command can be configured only on an ABR You can use this command when it is required to filter the inter area routes on the ABR Configuration Examples The following example sets are...

Page 696: ...Routing process configuration mode Usage Guide The default information originate parameter is used to generate the default Type 7 LSA However on the NSSA ABR the default Type 7 LSA will always be gen...

Page 697: ...ion N A 2 6 area range Use this command to configure inter area route aggregation for OSPF Use the no form of this command to delete route aggregation Use the no form with the cost parameter to restor...

Page 698: ...according to the longest match when multiple aggregate routes with direct inclusion relationships are configured Configuration Examples The following example aggregate the routes of area 1 into a rout...

Page 699: ...d can be executed only on the ABR The area default cost command defines the initial cost metric of the internal default route Configuration Examples The following example sets area 1 as the stub area...

Page 700: ...ng must consider the round trip time of packets on the link transmit delay seconds Optional OSPF LSA transmission delay in seconds The range is from 0 to 65535 This value adds the LSA keep alive perio...

Page 701: ...hello multiplier and the multiplier parameter You can set the death clock to 1 second in minimal and hello multiplier to a value equal to or greater than 2 In this case the Hello packet sending inter...

Page 702: ...packet authentication and define the authentication mode show ip ospf Displays the OSPF process information including the router ID show ip ospf virtual links Monitors information about a virtual lin...

Page 703: ...ig router auto costreference bandwidth10 Related Commands Command Description show ip ospf Displays the OSPF global configuration information ip ospf cost Sets the cost value of the OSPF interface ban...

Page 704: ...and restarts all the running OSPF instances Defaults The rule recommended in the RFC 1583 is used by default Command Mode Privileged EXEC mode Usage Guide Resetting the entire OSPF process causes that...

Page 705: ...efault route to be injected into the OSPF routing domain in routing process configuration mode Use the no form of this command to restore the default setting default information originate always metri...

Page 706: ...F neighbor to display the default route The metric of the external default route can be defined only with the default information originate command There are two types of OSPF external routes type 1 e...

Page 707: ...te command in routing process configuration mode to modify the initial metric of all redistributed routes The configuration result of the default metric command does not take effect for the external r...

Page 708: ...configuration mode Usage Guide After route aggregation the range may exceed the actual network range of the route table and sending the data to the nonexistent network may cause loops or increase rout...

Page 709: ...distance is 110 The default inter area distance is 110 The default external distance is 110 Command Mode OSPF Routing process configuration mode Usage Guide This command is used to specify different...

Page 710: ...er the ABR or ASBR The following route map rules will be supported if the route map parameter is configured match interface match ip address match ip address prefix list match ip next hop match ip nex...

Page 711: ...process configuration mode Usage Guide Similar to the redistribute route map command the distribute list out command filters the routes that other protocols redistribute to the OSPF However the distr...

Page 712: ...SPF process over Simple Network Management Protocol SNMP use this command to bind the MIB to SNMP Configuration Examples The following example operates OSPFv2 process 100 over SNMP Ruijie config route...

Page 713: ...on the virtual interface Virtifconfigerror Parameter configuration error on the virtual interface Virtifrxbadpacket Error packets received on the virtual interface isa Configures all traps switches r...

Page 714: ...2 process 100 Ruijie config routerospf100 Ruijie config router enable traps Related Commands Command Description show ip ospf Displays the OSPF global configuration information enable mib binding Bind...

Page 715: ...ions The GR interval is 120 seconds set with the graceful restart command and the graceful restart grace period command allows you to change the interval explicitly GR is unavailable when the Fast Hel...

Page 716: ...e disable option indicates that GR helper is not provided for any device that implements GR After a device becomes the GR helper the network changes are not detected by default If any change takes pla...

Page 717: ...ation mode configured for the local area of the interface If authentication mode is configured as null no authentication is enabled When both the interface and its area are configured with authenticat...

Page 718: ...to the same physical network segment must use the same key To enable the OSPF area authentication execute the area authentication command in routing process configuration mode The authentication can...

Page 719: ...PF interface cost is 100Mbps Bandwidth where Bandwidth is the interface bandwidth configured with the bandwidth command in interface configuration mode The default costs of different types of lines ar...

Page 720: ...epts LSAs from neighbors but stops sending LSAs to neighbors Configuration Examples The following example stops sending LSA update packets of fastEthernet 0 1 Ruijie config interface fastEthernet 0 1...

Page 721: ...nimal and hello multiplier keywords and the multiplier parameter The minimal keyword indicates that the death interval is set to 1s and hello multiplier indicates the number of Hello packets sent per...

Page 722: ...sable all Parameter Description Parameter Description N A N A Defaults OSPF packets are generated on the specified interface by default Command Mode Interface configuration mode Usage Guide The interf...

Page 723: ...The interval of sending the Hello packets is included in the Hello packet A shorter interval means that OSPF detects the topological change faster which will increase network traffic The Hello packet...

Page 724: ...uthentication execute the area authentication command in routing process configuration mode The authentication can be enabled separately on an interface by executing the ip ospf authentication command...

Page 725: ...setting ip ospf mtu ignore no ip ospf mtu ignore Parameter Description Parameter Description N A N A Defaults MTU check is disabled by default Command Mode Interface configuration mode Usage Guide Aft...

Page 726: ...PPP Serial Line Internet Protocol SLIP frame relay point to point PTP sub interface X 25 PTP sub interface encapsulation NBMA network type frame relay except for PTP sub interface X 25 encapsulation e...

Page 727: ...nes the mapping between IP address and X 25 network address Platform Description N A 2 33 ip ospf priority Use this command to configure the OSPF priority in interface configuration mode Use the no fo...

Page 728: ...The range is from 1 to 65535 This interval must be greater than the round trip delay of packets between two neighbors Defaults The default is 5 Command Mode Interface configuration mode Usage Guide Af...

Page 729: ...ses of two ends of the link are individually set and they are not required to be in the same network segment The peer address is informed during the process of point to point link negotiation therefor...

Page 730: ...transmission delay of the interface For low rate lines the transmission delay of the interface shall be slightly larger The LSU packet transmission delay of the virtual link is defined with the area v...

Page 731: ...splays the OSPF global configuration information Platform Description N A 2 38 max concurrent dd Use this command to specify the maximum number of DD packets that can be processed initiated or accepte...

Page 732: ...store the default setting max metric router lsa external lsa max metric value include stub on startup seconds summary lsa max metric value no max metric router lsa external lsa max metric value includ...

Page 733: ...arameter to set certain delay so that this device can serve as a transmission node after restarting The device is added into the network without being used for dataflow transmission If the backup path...

Page 734: ...information for every non broadcast network neighbor The IP address of a neighbor must be the master IP address of that neighbor interface In the NBMA network if the neighbor device becomes inactive...

Page 735: ...t a subnet can be used as the OSPF area identifier Defaults No OSPF area is configured by default Command Mode Routing process configuration mode Usage Guide The ip address and wildcard parameters all...

Page 736: ...r Description Parameter Description number Maximum number of LSAs The range is from 1 to 4294967294 hard soft hard shuts down the OSPF instance when the number of LSAs exceeds that number soft issues...

Page 737: ...mber is exceeded Command Mode Routing process configuration mode Usage Guide When the number of external LSAs exceeds the value of max db size the device enters the overflow state Then no more externa...

Page 738: ...he whole network To reduce that possibility OSPF will generate a default route directing to the NULL port and this default route will exist in the OVERFLOW state Use the clear ip ospf process command...

Page 739: ...erface as a passive address Defaults No interface is configured as a passive interface by default All interfaces are allowed to receive or send OSPF packets Command Mode Routing process configuration...

Page 740: ...es are redistributed metric metric value Specifies the metric of an OSPF external LSA in the range from 0 to 16777214 metric type 1 2 Sets the external routing type as E 1 or E 2 route map route map n...

Page 741: ...eters restore their default values 2 If the no form contains no parameter delete the whole command Configuration Examples N A Related Commands Command Description summary address Configures the aggreg...

Page 742: ...ameter Description number Maximum number of DD packets in the range from 1 to 65535 Defaults The default is 10 Command Mode Global configuration mode Usage Guide When a routing device is exchanging da...

Page 743: ...as the router ID Command Mode Routing process configuration mode Usage Guide You can configure any IP address as the router ID However the router ID should be unique Note that once the router ID chang...

Page 744: ...routing information Originating router LSAs with maximum metric Condition on startup for 100 seconds State inactive Advertise stub links with maximum metric in router LSAs Advertise summary LSAs with...

Page 745: ...virtual neighbors through this area is 0 Area has no authentication SPF algorithm last executed 02 09 23 040 ago SPF algorithm executed 4 times Number of LSA 6 Checksum 0x028638 NSSA Translator State...

Page 746: ...xternal LSA Number of external LSAs stored in the database External LSA Checksum Sum Checksum sum of external LSAs stored in the database Number of opaque LSA Number of external LSAs stored in the dat...

Page 747: ...mes Times of SPF calculations Number of LSA Total number of LSAs in this area Checksum Sum Checksum sum of the LSAs in the area NSSATranslatorState Whether to convert the NSSA LSA to External LSA It i...

Page 748: ...1 1 1 Displays the OSPF ID of the border device 2 Displays the cost to the border device via 10 0 0 1 Displays the next hop gateway to the border device FastEthernet 0 1 Displays the interface to the...

Page 749: ...s database summary Optional Displays the statistics of LSAs of the link state database detail Displays detailed information of LSAs of the OSPF brief Displays the brief information of the LSAs of the...

Page 750: ...ID Device Link States Displays the device LSA information Net Link States Displays the network LSA information Summary Net Link States Displays the summary network LSA information NSSA external Link S...

Page 751: ...the device advertising the LSA LS Seq Number Displays the sequence number of the LSA Checksum Displays the checksum of the LSAs Length Displays the length in bytes of the LSA Network Mask Displays th...

Page 752: ...SA Metric Type Indicates the external link type TOS TOS value which can be 0 only now Metric Displays the metric of the route corresponding to the LSA Forward Address IP address through which traffic...

Page 753: ...ys the checksum of LSAs Length Displays the length in bytes of the LSA Network Mask Displays the network mask of the network corresponding to the LSA Attached Router Displays the device that is connec...

Page 754: ...bytes of the LSA Number of Links Displays the number of links associated with the device Link connected to Displays what the link is connected to and the network type Link ID Link identifier Link Data...

Page 755: ...f the LSA Checksum Displays the checksum of LSAs Length Displays the length in bytes of the LSA Network Mask Displays the network mask of the route corresponding to the LSA TOS TOS value supporting on...

Page 756: ...q Number Displays the sequential number of the LSA Checksum Displays the checksum of the LSAs Length Displays the length in bytes of the LSA Network Mask Displays the network mask of the route corresp...

Page 757: ...ag 0 The following table describes the fields in the output of the show ip ospf database external command Field Description OSPF Device with ID Displays the router ID Type 7 AS External Link States Di...

Page 758: ...output of the show ip ospf database database summary command Ruijie show ip ospf database database summary OSPF process 1 Device Link States 4 Network Link States 2 Summary Link States 4 ASBR Summary...

Page 759: ...net 0 1 command Ruijie show ip ospf interface fastEthernet0 1 FastEthernet 0 1 is up line protocol is up Internet Address 192 88 88 27 24 Ifindex 4 Area 0 0 0 0 MTU 1500 Matching network config 192 88...

Page 760: ...BRD of the interface BDR s Interface address Address of the BDR of the interface Time intervals configured Hello Dead Wait and Retransmit intervals of the interface Hello due in Time when the previou...

Page 761: ...nal Displays the information of the specified neighbor statistics Optional Displays the neighbor statistics Defaults N A Command Mode Privileged EXEC mode Usage Guide This command displays neighbor in...

Page 762: ...pe 2 E1 OSPF external type 1 E2 OSPF external type 2 E2 100 0 0 0 24 1 20 via 192 88 88 126 FastEthernet 0 1 C 192 88 88 0 24 1 is directly connected FastEthernet 0 1 Area 0 0 0 1 The following table...

Page 763: ...n Area_id OSPF area ID 30min_counts OSPF routing counts within the latest 30 minutes Total_counts Total counts of the OSPF routing till now Related Commands Command Description show ip ospf Displays t...

Page 764: ...58 show ip ospf virtual link Use this command to display the OSPF virtual link information show ip ospf process id virtual link ip address Parameter Description Parameter Description process id ID of...

Page 765: ...t Delay Displays the transmit delay of the virtual link State Interface state Time intervals configured Hello Dead Wait and Retransmit interval of the interface Adjacency State Neighbor state where FU...

Page 766: ...al routes of the OSPF routing domain For the NSSA the summary address command is valid only on the NSSA ABR now and aggregates only redistributed routes Configuration Examples The following example ge...

Page 767: ...ng and then refresh the whole groups as well as the update interval for the aged link state Use the no form of this command to restore the default setting timers pacing lsa group seconds no timers pac...

Page 768: ...a transmit transmit time transmit count no timers pacing lsa transmit Parameter Description Parameter Description transmit time Configures the interval of sending the LSA grouping The range is from 10...

Page 769: ...to start the SPF calculation spf holdtime Defines the interval between two SPF calculations in seconds The range is from 0 to 2147483647 When the waiting time is up but the interval between two calcu...

Page 770: ...ttle lsa all delay time hold time max wait time no timers throttle lsa all Parameter Description Parameter Description delay time Configures the time delay of generating the LSA first The range is fro...

Page 771: ...no form of this command to restore the default setting timers throttle route inter area ia delay ase ase delay no timers throttle route inter area ase Parameter Description Parameter Description inte...

Page 772: ...in routing process configuration mode Use the no form of this command to restore the default setting timers throttle spf spf delay spf holdtime spf max waittime no timers throttle spf Parameter Descr...

Page 773: ...aitime cannot be smaller than the value of spf holdtime or the value of spf max waittime will be set to be equal to the value of spf holdtime automatically The configurations of the timers spf command...

Page 774: ...r dead interval the corresponding adjacency will be disconnected In this case you can enable the two way maintain function for the packets such as DD LSU LSR and LSAck packets from a neighbor in the n...

Page 775: ...n a cipher text format key Specifies an authentication key Defaults Authentication is not performed by default Command Mode Routing process configuration mode Usage Guide RGOS supports three authentic...

Page 776: ...or NSSA area It can be an integer or an IPv4 prefix cost Cost of the default route of the stub or NSSA area in the range from 0 to 16777215 Defaults The default cost is 1 Command Mode Routing process...

Page 777: ...ull encryption mode and two authentication modes MD5 and SHA1 If encryption authentication is configured for an OSPFv3 area the configuration takes effect on all interfaces except for those of virtual...

Page 778: ...vertise it to other areas The routing information combination only takes place on the area border The specific routing information is seen on the intra area routers but only one converged route can be...

Page 779: ...area is designed as the stub area it cannot learn the AS external routing information type 5 LSAs In practical application the external routing information takes a large proportion of the link state d...

Page 780: ...f seconds retransmit interval seconds Interval for retransmitting LSA on the local interface of the virtual link The range is from 1 to 65535 in the unit of seconds transmit delay seconds Delay on the...

Page 781: ...xt format 7 indicates that a key is displayed in the cipher text format key specifies an authentication key Defaults No virtual link is defined by default hello interval 10 seconds dead interval four...

Page 782: ...er Description Parameter Description reference bandwidth ref bw Reference bandwidth in the range from 1 to 4294967 Mbps Defaults The interface metric is calculated based on the reference bandwidth whi...

Page 783: ...cified all the OSPFv3 instances will be cleared Configuration Examples The following example restarts the OSPF process enble clear ipv6 ospf process Related Commands Command Description N A N A Platfo...

Page 784: ...e neighbors no matter whether the default route in the core routing table exists or not However the local router does not display the default route To make sure whether the default route is generated...

Page 785: ...20 Command Mode The default route type is type 2 Usage Guide This command can be used together with redistribute to set the default metric for the routes to be redistributed But this command does not...

Page 786: ...istance of the intra area route 110 Management distance of the inter area route 110 Management distance of the external area route 110 Command Mode Routing process configuration mode Usage Guide This...

Page 787: ...affect the link state database and the routing tables of the neighbors The ACL and prefix list filtering rules cannot be set at the same time You can set only the ACL filtering rule or the prefix list...

Page 788: ...t command has the similar function as the redistribute route map command It can be used to filter the routes that are re distributed based on other protocols into an OSPFv3 area It does not directly r...

Page 789: ...s number of 100 through SNMP Ruijie config ipv6 router ospf 100 Ruijie config router enable mib binding Related Commands Command Description show ipv6 ospf Displays global OSPFv3 configuration informa...

Page 790: ...ateChange Specifies state change of a virtual interface VirtNbrStateChange Specifies state change of a virtual neighbor Defaults All traps are disabled by default Command Mode Routing process configur...

Page 791: ...onfigured with different parameters Use this command to configure the GR period The GR period is the longest interval that lasts from the moment when OSPFv3 fails to the moment that OSPFv3 gracefully...

Page 792: ...internal lsa checking no graceful restart helper strict lsa checking internal lsa checking Parameter Description Parameter Description disable Disables the device to assist other devices in performing...

Page 793: ...tection policy Ruijie config ipv6 router ospf 1 Ruijie config router graceful restart helper disable Ruijie config router no graceful restart helper disable Ruijie config router graceful restart helpe...

Page 794: ...outer ospf Starts the OSPFv3 routing process passive interface Setsthe a passive interface show ipv6 ospf interface Displays the OSPFv3 interface information Platform Description N A 3 19 ipv6 ospf au...

Page 795: ...n Specifies virtual link authentication Platform Description N A 3 20 ipv6 ospf cost Use this command to set the cost of the interface Use the no form of this command to restore the default setting ip...

Page 796: ...nship is considered to fail Use the no form of this command to restore the default setting ipv6 ospf dead interval seconds minimal hello multiplier multiplier instance instance id no ipv6 ospf dead in...

Page 797: ...nterval No matter whether the fast hello function is configured the dead interval of neighbors on the interconnected interfaces of neighbors must be consistent The values of hello multiplier on the in...

Page 798: ...ption authentication parameters configured on interconnected interfaces must be consistent Configuration Examples The following example specifies null encryption and MD5 authentication in OSPFv3 inter...

Page 799: ...interface to send the Hello message to 20 seconds Ruijie config int fastethernet 0 0 Ruijie config if ipv6 ospf hello interval 20 Related Commands Command Description ipv6 ospf dead interval Sets the...

Page 800: ...Use the no form of this command to restore the default setting ipv6 ospf neighbor ipv6 address cost 1 65535 poll interval 0 2147483647 priority 0 255 instance instance id no ipv6 ospf neighbor ipv6 a...

Page 801: ...ce Ipv6 ospf network Sets the network type of an interface Platform Description N A 3 26 ipv6 ospf network Use this command to set the network type of the interface Use the no form of this command to...

Page 802: ...ork type of the interface that participates in the OSPFv3 to point to point Ruijie config interface ethernet 1 0 Ruijie config if ipv6 ospf network point to point Related Commands Command Description...

Page 803: ...router id Sets the ID of a router show ipv6 ospf interface Displays the OSPFv3 interface information instance instance id Configures the specific OSPFv3 instance on the interface Platform Description...

Page 804: ...ransmit delay Use this command to set the delay on the interface in sending the LSA Use the no form of this command to restore the default setting ipv6 ospf transmit delay seconds instance instance id...

Page 805: ...ults No OSPFv3 routing process is started Command Mode Global configuration mode Usage Guide After the OSPFv3 process is started the routing process configuration mode is entered At present our produc...

Page 806: ...routing processes to 4 The result is that in the interaction between a large number of neighbors interactions with up to 4 neighbors are allowed to be initiated on this device concurrently and intera...

Page 807: ...mber Maximum number of DD packets that can be processed concurrently in the range from 1 to 65535 Defaults The default is 5 Command Mode Routing process configuration mode Usage Guide When a router is...

Page 808: ...erface type interface number Sets the specified interface to a passive one Defaults No passive interface is set by default Command Mode Routing process configuration mode Usage Guide After an interfac...

Page 809: ...cular ospf instance within the range of 1 65535 rip The rip is redistributed static The static route is redistributed match It is used in the OSPFv3 route redistribution only and filters specific rout...

Page 810: ...ome parameters are specified in the no command restore their default settings If no parameters are specified in the no command delete the whole command Configuration Examples The following example red...

Page 811: ...outer ID of every routers in the AS must be unique If multiple OSPFv3 processes are running on the same device the router ID of every process must be unique Note that the change of the router ID resul...

Page 812: ...ime for LSA throttle 5000 msecs Lsa Transmit Pacing timer 40 msecs 1 LS Upd LSA interval 5 secs Minimum LSA arrival 1000 msecs Pacing lsa group 30 secs Number of incomming current DD exchange neighbor...

Page 813: ...ss id database lsa type adv router router id Parameter Description Parameter Description process id OSPF process ID number lsa type The LSA types are as follows NSSA external LSA AS external LSAs Link...

Page 814: ...02 0x0529 0 Inter Area Prefix LSA Area 0 0 0 1 Link State ID ADV Router Age Seq CkSum 0 0 0 1 1 1 1 1 77 0x80000002 0x83b4 AS external LSA Link State ID ADV Router Age Seq CkSum 0 0 0 1 1 1 1 1 1 0x80...

Page 815: ...sent 4 LS Req received 1 sent 1 LS Upd received 3 sent 6 LS Ack received 6 sent 2 Discarded 0 If the BFD has been enabled for the neighbor on the interface the content of BFD enabled is also displayed...

Page 816: ...pe and interface number neighbor id Neighbor s router ID Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following command displays the brief information abou...

Page 817: ...tart Parameter Description Parameter Description process id OSPFv3 process ID number Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example display...

Page 818: ...3 routes Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example displays the information about OSPFv3 routes Ruijie show ipv6 ospf route OSPFv3 Pro...

Page 819: ...n of OSPFv3 Ruijie show ipv6 ospf summary prefix OSPFv3 Process 1 Summary prefix 2001 db8 64 Metric 16777215 Type0 Tag0 Match count0 advertise Related Commands Command Description ipv6 router ospf Sta...

Page 820: ...hs to Area 0 0 0 1 routers Router ID Bits Metric Next Hop Interface 1 1 1 1 B Related Commands Command Description ipv6 router ospf Starts the OSPFv3 routing process area range Configures the address...

Page 821: ...in in the routing process configuration mode Use the no form of this command to restore the default setting summary prefix ipv6 prefix prefix length not advertise tag number cost cost no summary prefi...

Page 822: ...ig ipv6 router ospf 1 Ruijie config router summary prefix 2001 DB8 64 Related Commands Command Description area range Configures route convergence between the OSPFv3 areas redistribute Redistributes t...

Page 823: ...If update and aging operations of each LSA are separately computed a large number of CPU resources will be consumed To effectively utilize CPU resources configure the device to group LSAs for uniform...

Page 824: ...packets in an LSA group The range is from 1 to 200 Defaults The default transmit time is 40 and the transmit count is 1 Command Mode Routing process configuration mode Usage Guide There are usually a...

Page 825: ...ns earlier than RGOS 10 4 do not support the command timers throttle spf The system default is timers spf 5 10 2 The RGOS 10 4 and the later versions do support the command timers throttle spf where t...

Page 826: ...he unit of milliseconds max wait time Specifies a longest interval for consecutive two times of LSA refreshment in milliseconds The value is used to determine whether LSAs are refreshed consecutively...

Page 827: ...ia delay time runs out ase Calculates the external routes ase delay Sets the delay time of the external route calculation in the range from 0 to 600000 in the unit of milliseconds On receiving the ext...

Page 828: ...o the delay from the topology change to the SPF calculation Spf holdtime refers to the minimum interval between the first and the second SPF calculations Then the interval of the consecutive SPF calcu...

Page 829: ...the OSFPv3 timers spf Configures the SPF calculation delay Platform Description N A 3 54 two way maintain Use this command to enable two way OSPFv3 maintenance Use the no form of this command to disa...

Page 830: ...due to receiving delay or discarding of hello packets Configuration Examples The following example disables two way OSPFv3 maintenance Ruijie config ipv6 router ospf 1 Ruijie config router no two way...

Page 831: ...nd should be used with caution Configuration Examples The following example clears the RIPng routes Ruijie clear ipv6 rip Related Commands Command Description N A N A Platform Description N A 4 2 defa...

Page 832: ...ult metric value is 1 Configuration Examples The following example shows how to set the RIPng metric value as 3 when redistributing OSPF process 100 Ruijie config router default metric 3 Ruijie config...

Page 833: ...bute list interface type interface name Optional Applies the distribute list to the specified interface Defaults By default no distribute list is defined Command mode Routing process configuration mod...

Page 834: ...ter the GR period expires the RIPng process exits the GR status and the common RIPng operation is performed The graceful restart grace period command allows a user to modify the GR period in explicit...

Page 835: ...value Sets the metric value for the default route The valid range is from 1 to 15 The default metric is 1 Defaults By default no default route is configured Command mode Interface configuration mode U...

Page 836: ...nterface configuration mode Usage Guide This command is used to add the RIPng interface Before this command is configured if the RIPng is not enabled use this command to enable the RIPng automatically...

Page 837: ...figuration Examples The following example shows how to set the metric value of the interface Ethernet 0 1 as 5 Ruijie config interface ethernet 0 1 Ruijie config if ipv6 rip metric offset 5 Related Co...

Page 838: ...iption Parameter Description default Enables the passive mode on all interfaces interface type interface num Interface type and interface number Defaults No passive interface is configured by default...

Page 839: ...default metric value is 1 By default the route map is not configured By default all sub type routes in the specified routing process are redistributed Command mode Routing process configuration mode U...

Page 840: ...uijie show ipv6 rip Routing Protocol is RIPng Sending updates every 10 seconds with 50 next due in 8 seconds Timeout after 30 seconds garbage collect after 60 seconds Outgoing update filter list for a...

Page 841: ...uide N A Configuration Examples Ruijie show ipv6 rip database Codes R RIPng C Connected S Static O OSPF B BGP sub codes n normal s static d default r redistribute i interface a s aggregated suppressed...

Page 842: ...ult Command mode Routing process configuration mode Usage Guide In the process of packet updating split horizon function prevents some routing information from being advertised through the interface l...

Page 843: ...tate The invalid routing will be removed from the routing list if the flush time expires Defaults The default update time is 30 seconds the default invalid time is 180 seconds and the default flush ti...

Page 844: ...RIPng Commands Related Commands Command Description show ipv6 rip Displays the parameters and the statistical information of the RIPng process show ipv6 rip database Displays the RIPng routes Platfor...

Page 845: ...the corresponding routes and triggers the routing protocol relearning Please note that clearing all route cache leads to temporary network disconnection Examples The following example clears the cache...

Page 846: ...default network network default ip default network network Parameter Description Parameter Description network Default network Defaults The default is 0 0 0 0 0 Command Mode Global configuration mode...

Page 847: ...al The next hop egress of the static route distance Optional The administrative distance of the static route tag Optional The tag of the static route permanent Optional Permanent route ID weight numbe...

Page 848: ...ect If the advertised track object status is active the static route takes effect based on another status With association between a static route and a track object the third party status concerned by...

Page 849: ...ured If a user runs the no ip routing command the configuration of a large number of static routes may be lost To prevent this situation the static route configuration will be hidden temporarily when...

Page 850: ...gateway IPv6 address on 2 layer devices Use the no or default form of this command to restore the default setting ipv6 default gateway ipv6 address no ipv6 default gateway default ipv6 default gatewa...

Page 851: ...you configure equal cost routes The weight ranges from 1 to 8 When the weights of all equal cost routes of a route are summed up the sum cannot exceed the maximum number of equal cost routes that can...

Page 852: ...ommand Mode Global configuration mode Usage Guide The goal is to control the number of static routes You can view the upper threshold of the configured non default static routes with the show running...

Page 853: ...tion of RGOS Ruijie no ipv6 unicast routing Related Commands Command Description ipv6 route Configure the IPv6 static route show ipv6 route Displays the IPv6 routing table Platform Description N A 5 1...

Page 854: ...llowing example sets the number of equivalent routes to 10 and then restores the default setting maximum paths 10 no maximum paths 5 12 show ip redirects Use this command to display the default gatewa...

Page 855: ...ent routes Defaults All routes are displayed by default Command Mode Privileged EXEC mode Global configuration mode Interface configuration mode Routing protocol configuration mode Route map configura...

Page 856: ...rnal type 1 N2 OSPF NSSA external type 2 E1 OSPF external type 1 E2 OSPF external type 2 SU IS IS summary L1 IS IS level 1 L2 IS IS level 2 IA Inter area candidate default Gateway of last resort is no...

Page 857: ...entry b backup entry a active entry Gateway of last resort is 192 168 1 2 to network 0 0 0 0 S 0 0 0 0 0 ma via 192 168 1 2 b via 192 168 2 2 O IA 192 168 10 0 24 m via 35 1 10 2 00 38 26 VLAN 1 ba vi...

Page 858: ...Command Reference NSM Commands Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage guideline N A...

Page 859: ...OTAL 11 7 4 22 The following example displays the statistics of all routing tables Ruijie show ip route summary all Codes NORMAL Normal route ECMP ECMP route FRR Fast Reroute route IP routing table co...

Page 860: ...ence Field Description NORMAL Type of the table entries Value NORMAL common routes not ECMP or FRR ECMP equivalent route FRR fast reroute TOTAL total Memory Memory occupied by the table Entries Number...

Page 861: ...route ipv6 prefix prefix length longer prefixes protocol process id weight Parameter Description Parameter Description ipv6 prefix prefix length Optional Specifies a prefix for route s IPv6 address l...

Page 862: ...mmand Mode Privileged EXEC mode Usage Guide N A Examples The following example displays statistics of IPv6 routing table of the global VRF Ruijie show ipv6 route summary IPv6 routing table name is Def...

Page 863: ...ed Describes the protocol type of the entry The field can be Connected Connected route entry Static Static route entry RIP RIP route entry OSPF OSPF route entry ISIS ISIS route entry BGP BGP route ent...

Page 864: ...second month month date day year year The default start time is Jun 1 1993 which is also the earliest start time available infinite Indicates that the encryption key is valid for ever end time End tim...

Page 865: ...eter Description path list num Specifies the AS path access list number The range is from 1 to 500 permit Permits advertisement based on matching conditions deny Denies advertisement based on matching...

Page 866: ...the community list deny Denies access to the community list community number Community number in the form of AA NN AS number 2 byte numerical in the range of 1 to 255 characters It may also be one of...

Page 867: ...es a standard extcommunity list ranging from 1 to 99 One extcommunity list may contain multiple rules expanded list name Indicates the name of an extended extcommunity comprising not more than 32 char...

Page 868: ...af neighbor 3 3 3 3 send community extended Ruijie config router af neighbor 3 3 3 3 route map rt_in_filter in 6 5 ip prefix list Use this command to create a prefix list or add an entry to the prefi...

Page 869: ...h for a prefix for flexible configuration ge indicates the range of minimum prefix length to 32 le indicates the range of the mask length of the IP prefix to maximum prefix length ge and le indicates...

Page 870: ...A 6 7 ip prefix list sequence number Use this command to enable sort function for a prefix list Use the no form of this command to disable the sort function ip prefix list sequence number no ip prefix...

Page 871: ...can be any valid IP address The mask can be 0 to 32 characters minimum prefix length Optional Minimum length of the prefix the starting length Note ge indicates the operation of larger than and equiv...

Page 872: ...prefix list description text Description of the ipv6 prefix list Default configuration No description is added for an IPv6 prefix list by default Command mode Global configuration mode Examples The e...

Page 873: ...to define an encryption key and enter the encryption key chain configuration mode Use the no form of this command to delete it key key id no key key id Parameter description Parameter Description key...

Page 874: ...e Usage guideline For a key chain to take effect you need to configure at least one key Examples The following example configures key chain ripkeys and enters the key chain configuration mode Ruijie c...

Page 875: ...xact match community list number community list name exact match Parameter description Parameter Description community list number Number of the standard community list in the range 1 to 99 Number of...

Page 876: ...e number Default configuration None Command mode Route map configuration mode Usage guidelines This command can be followed by multiple interfaces You can redistribute the routes from one routing proc...

Page 877: ...tric type Set the metric type set tag Set the tag 6 16 match ip address Use match ip address command to redistribute the routes matching the IP address permitted by the ACL or the prefix list Use the...

Page 878: ...ed on the route redistribution different routing protocols can use different commands with the route map The following example enables the OSPF routing protocol to redistribute RIP routes that match a...

Page 879: ...be implemented between all the IP routing protocols For route redistribution route maps are usually used to control the mutual route redistribution between two routing domains One or more match or se...

Page 880: ...ess list name Name of the access list prefix list prefix list name Specify the prefix list to match Default configuration None Command mode Route map configuration mode Usage guidelines Multiple acces...

Page 881: ...command to redistribute the network routes permitted in the IPv6 access list or the IPv6 prefix list Use the no form of this command to delete the setting match ipv6 address access list name prefix li...

Page 882: ...er ospf redistribute rip subnets route map redrip ipv6 access list v6acl 10 permit ipv6 2620 64 any route map redrip permit 10 match ipv6 address v6acl set metric 30 Related commands Command Descripti...

Page 883: ...ed no operation will be performed Examples The route map can be configured very flexibly to be used for route redistribution and policy based routing No matter how the route map is used the configurat...

Page 884: ...list prefix list prefix list name Specify the IPv6 prefix list to match Default configuration None Command mode Route map configuration mode Usage guideline You can redistribute the routing informati...

Page 885: ...10 match ipv6 address v6acl set metric 50 Related commands Command Description ipv6 access list Set the IPV6 access list match interface Match the next hop interface of the route match ipv6 address M...

Page 886: ...tributes the RIP routes of metric 10 router ospf 1 redistribute rip subnets route map redrip network 192 168 12 0 0 0 0 255 area 0 route map redrip permit 10 match metric 10 Related commands Command D...

Page 887: ...sed to control the mutual route redistribution between two routing domains In configuring one route map one or more match or set commands can be executed If the match command is not used all the route...

Page 888: ...redistribution route maps are usually used to control the mutual route redistribution between two routing domains In configuring one route map one or more match or set commands can be executed If the...

Page 889: ...RIP when the memory is insufficient Default By default the routing protocol which occupies the largest memory exits preferentially Command mode Global configuration mode Usage guideline When the memo...

Page 890: ...ond route map till the set command is executed finally deny Optional If the deny keyword is defined and the rule defined by match is met no operation will be performed Neither route redistribution nor...

Page 891: ...policies Compared with traditional destination IP address based routing policy based routing offers a flexibility for routing based on source IP address length and port of IP packets Policy based rout...

Page 892: ...ranges from 1 to 2147483646 Default infinite Command mode Encryption key configuration mode Usage guideline Use this command to specify the lifetime of an encryption key in its send direction Example...

Page 893: ...the packet will be forwarded to the nexthop set with this command To use the policy based routing you must specify the route map for it and create the route map A route map contains multiple policies...

Page 894: ...utgoing interface set ip next hop Set the next hop of the packets set ip precedence Set the priority of the packets Platform description N A 6 29 set ip dscp Use this command to specify the DSCP value...

Page 895: ...the operation mode of this command will be automatically switched to the WCMP load balancing mode In the WCMP load balancing mode for the nexthop address without configuring the corresponding weight t...

Page 896: ...0 Ruijie config route map match ip address 20 Ruijie config route map set ip next hop 172 16 100 1 Ruijie config route map load balance permit 30 Ruijie config route map set interface Null 0 Related c...

Page 897: ...dence of the packet with the source IP address 192 168 217 68 received at the interface FastEthernet 0 0 as 4 Ruijie config access list 1 permit 192 168 217 68 0 0 0 0 Ruijie config route map name Rui...

Page 898: ...P header Defaults N A Command mode Route map configuration mode Usage guideline With different TOS values for the IP packet head configured the IP packets matching the PBR routing are transmitted with...

Page 899: ...l ipv6 address weight global ipv6 address weight Parameter description Parameter Description global ipv6 address Indicates the next hop IPv6 address for packet forwarding The next hop router must be a...

Page 900: ...form of this command to remove the setting This command is only used to configure policy based routing set ipv6 next hop global ipv6 address weight global ipv6 address weight no set ip next hop global...

Page 901: ...ching rule of policy based routing ipv6 policy route map Use the policy based routing on the interface set ipv6 next hop Set the next hop of the policy based routing Platform description N A 6 35 set...

Page 902: ...default next hop address for forwarding packets set ipv6 next hop Set the next hop address for forwarding packet show ipv6 policy Show the policy based routing show route map Show the route map config...

Page 903: ...he next hop IP address match ip route source Match the source IP address match metric Match the metric match route type Match the route type match tag Match the tag set metric type Set the metric type...

Page 904: ...h or set commands can be executed to configure a route map If the match command is not used all the routes will be matched If the set command is not used no operation will be performed Examples The fo...

Page 905: ...redistribution between two routing domains In configuring one route map one or more match or set commands can be executed If the match command is not used all the routes will be matched If the set com...

Page 906: ...he IP routing protocols In the route redistribution route maps are usually used to control the mutual route redistribution between two routing domains In configuring one route map one or more match or...

Page 907: ...PF routing protocol to redistribute the RIP route and sets the tag as 100 Ruijie config router ospf Ruijie config router redistribute rip subnets route map redrip Ruijie config router network 192 168...

Page 908: ...s list 30 permit 30 Field Description AS path access list AS path access list number permit Permits advertisement based on matching conditions 30 Regular expression Related command Command Description...

Page 909: ...nity list show ip extcommunity list extcommunity list num extcommunity list name Parameter description Parameter Description extcommunity list num extcommunity list number ranging from 1 to 199 extcom...

Page 910: ...interface configuration mode routing protocol configuration mode route map configuration mode Usage guidelines If no prefix list is specified the configurations of all the prefix lists are displayed...

Page 911: ...he IPv6 prefix list Default configuration The configuration information of all the IPv6 prefix lists is displayed Command mode Privileged EXEC mode global configuration mode interface configuration mo...

Page 912: ...key chain kc key 1 text ruijie accept lifetime 12 11 00 May 2 2001 infinite send lifetime always valid always valid valid now Field Description key chain Key chain name key Key ID accept lifetime Lif...

Page 913: ...yed otherwise only the configuration of the specified route map is displayed Examples Ruijie show route map route map AAA permit sequence 10 Match clauses ip address 2 Set clauses metric 10 Field Desc...

Page 914: ...Multicast Commands 1 IPv4 Multicast Routing Commands 2 IGMP Snooping Commands...

Page 915: ...e following example enables the overflow overriding mechanism Ruijie config msf ipmc overflow override Ruijie config 1 2 msf nsf Use this command to configure the parameter for the continuous multicas...

Page 916: ...ace of the multi layer multicast forwarding table is 4096 indicates a routed port Default Command Mode Privileged EXEC mode Global configuration mode Interface EXEC mode Usage Guide The three paramete...

Page 917: ...r 3 outgoing oif REQ DONE This oif configuration on the hardware has done OPORT 6 The layer 2 port in the oif with index 6 IGMP SNP This port is created by the IGMP SNOOPING protocol This value can al...

Page 918: ...Command Reference IPv4 Multicast Routing Commands Related Commands Command Description msf nsf Configure the multicast NSF parameter...

Page 919: ...c or dynamic ID and member interface ID Among them the VID and group address identify a forwarding entry the static routing interfaces will not age and cannot be deleted by using the clear ip igmp sno...

Page 920: ...Profile configuration mode Usage Guide First configure the multicast range using the range command in the profile configuration mode In addition the profile must be applied to the interface in order t...

Page 921: ...d is used without any profile specified all profiles in the profile are denied Configuration Examples The following example creates and permits profile 1 with addresses from 224 2 2 2 to 224 2 2 244 R...

Page 922: ...le to divide a set of multicast address range to the SVGL within which the member port of the multicast forwarding entry can be forwarded across VLANs and without which the member ports are forwarded...

Page 923: ...e that the switch learns dynamically to 100 seconds Ruijie config ip igmp snooping dyn mr aging time 100 Platform Description N A 2 7 ip igmp snooping fast leave enable Use this command to enable the...

Page 924: ...ping filter profile number no ip igmp snooping filter profile number default ip igmp snooping filter Use this command to specify the profile for VLANs Use the no or default form of this command to res...

Page 925: ...this timer is determined by host aging time If the timer expires the system determines that there is no host in this port for receiving multicast packets The multicast device removes the port from th...

Page 926: ...e maximum number of multicast groups Platform Description N A 2 11 ip igmp snooping max groups Use this command to configure the maximum number of groups that can be added dynamically to this interfac...

Page 927: ...lticast routing protocols enabled By default the dynamic routing interface learning function is enabled You can use the no form of this command to disable this function and clear all routing interface...

Page 928: ...ng filter it can allow the user to preview partial contents This function shall be used in conjunction with IGMP Snooping filter or multicast control in order to realize effective multicast preview Co...

Page 929: ...tore the default setting ip igmp snooping querier no ip igmp snooping querier default ip igmp snooping vlan vid querier Parameter Description Parameter Description vlan vid VLAN ID By default the spec...

Page 930: ...n VLAN the source IP configured in the relevant VLAN will be used first Configuration Examples The following example specifies the source IP of the IGMP querier as 1 1 1 1 on the device Ruijie config...

Page 931: ...ier to send query packets Use no or default form of this command to restore the default setting ip igmp snooping querier query interval seconds no ip igmp snooping querier query interval default ip ig...

Page 932: ...if the device is elected as a non querier execute this command to change the expiration timer for non querier If expiration timer has been configured in the corresponding VLAN the value specified in...

Page 933: ...21 ip igmp snooping query max response time Use this command to specify the time for the switch to wait for the member join message after receiving the query message Use the no or default form of thi...

Page 934: ...ip igmp snooping suppression enable default ip igmp snooping suppression enable Parameter Description Parameter Description N A N A Defaults This function is disabled by default Command Mode Global c...

Page 935: ...mp snooping svgl profile 2 Platform Description N A 2 24 ip igmp snooping svgl subvlan Use this command to specify the subvlan of multicast VLAN Use the no or default form of this command to restore t...

Page 936: ...nfiguration mode Usage Guide This command only works in the SVGL and IVGL SVGL mode Configuration Examples The following example specifies the vlan2 as the shared vlan The following example specifies...

Page 937: ...ticast packets in the default VLAN of dot1q tunnel port after inserting the VLAN Tag of the default VLAN of dot1q tunnel port For example It is assumed that IGMP Snooping has been enabled on the devic...

Page 938: ...rs IVGL mode and disables the IGMP Snooping in the VLAN 2 Ruijie config ip igmp snooping ivgl Ruijie config no ip igmp snooping vlan 2 Platform Description N A 2 28 ip igmp snooping vlan mrouter inter...

Page 939: ...o restore the default setting ip igmp snooping vlan vid static group address interface interface type interface number no ip igmp snooping vlan vid static group address interface interface type interf...

Page 940: ...uration mode 2 Use the range command to define a range for the profile 3 Use the permit command to permit the multicast forwarding for the profile Configuration Examples The following example permits...

Page 941: ...forwarding of the multicast streams from 224 2 2 2 to 224 2 2 244 of profile 1 Ruijie config ip igmp profile 1 Ruijie config profile range 224 2 2 2 224 2 2 244224 2 2 2 Ruijie config profile permit P...

Page 942: ...bal IGMP Snooping information Ruijie show ip igmp snooping IGMP Snooping running mode IVGL IGMP Snooping L2 entry limit 65536 Source port check Disable Source ip check Disable IGMP Fast Leave Disable...

Page 943: ...nooping Commands Dynamic Host Aging Time 260 Seconds vlan 1 IGMP Snooping state Enable Multicast router learning mode pim dvmrp IGMP Fast Leave Disable IGMP VLAN querier Disable IGMP VLAN Mode STATIC...

Page 944: ...eb Authenticatoin Commands 6 SCC Commands 7 Global IP MAC Binding Commands 8 Password Policy Commands 9 Port Security Commands 10 Storm Control Commands 11 SSH Commands 12 GSN Commands 13 CPU Protecti...

Page 945: ...18 IP Source Guard Commands 19 IPv6 Source Guard Commands 20 Anti ARP Spoofing Commands 21 NFPP Commands 22 DoS Protection Commands...

Page 946: ...the following table One method list can contain up to four methods none Does not perform accounting group Uses the server group for accounting the TACACS server group is supported Defaults This functi...

Page 947: ...ault Command Mode Global configuration mode Usage Guide RGOS enables the exec accounting function after enabling the login authentication After enabling the accounting function it sends the account st...

Page 948: ...r whether the start accounting message enables the accounting successfully none Does not perform accounting group Uses the server group for accounting the RADIUS and TACACS server group is supported D...

Page 949: ...owing example enables the accounting update function Ruijie config aaa new model Ruijie config aaa accounting update Related Commands Command Description aaa new model Enables the AAA security service...

Page 950: ...2 1x and configure the 802 1x user authentication method list Use the no form of this command to delete the 802 1x user authentication method list aaa authentication dot1x default list name method1 me...

Page 951: ...with the 802 1x user username Defines a local user database Platform Description N A 1 7 aaa authentication enable Use this command to enable AAA Enable authentication and configure the Enable authen...

Page 952: ...l username Defines a local user database Platform Description N A 1 8 aaa authentication login Use this command to enable AAA Login authentication and configure the Login authentication method list Us...

Page 953: ...security service login authentication Applies the Login authentication method to the terminal lines username Defines a local user database Platform Description N A 1 9 aaa authentication web auth Use...

Page 954: ...s_web group radius none Related Commands Command Description N A N A Platform Description N A 1 10 aaa authorization commands Use this command to authorize the command executed by the user who has log...

Page 955: ...mmands Command Description aaa new model Enables the AAA security service authorization commands Applies the command authorization for the terminal line Platform Description N A 1 11 aaa authorization...

Page 956: ...gged in from the console and from other terminals configure whether to authorize the users logged in from the console or not If the command authorization function is disabled on the console the author...

Page 957: ...users logged in the NAS CLI and assignment of CLI authority level 0 15 The aaa authorization exec function is effective on condition that Login authentication function has been enabled It cannot enter...

Page 958: ...s can be specified Like authorization the next method can be used for authorization only when the current authorization method does not work If the current authorization method fails other subsequent...

Page 959: ...domain name the method lists associated with this domain are used At present the system can configure up to 32 domains Configuration Examples The following example configures the domain name Ruijie co...

Page 960: ...ter Description Parameter Description max attempts In the range from 1 to 2 147 483 647 Defaults The default is 3 Command Mode Global configuration mode Usage Guide Use this command to configure login...

Page 961: ...and Description show running config Displays the current configuration of the switch show aaa lockout Displays the lockout configuration parameter of current login Platform Description N A 1 19 aaa lo...

Page 962: ...35 0 indicates the printing rate is not limited Defaults The default is 5 Command Mode Global configuration mode Usage Guide Too much printing may flood the screen or even reduce device performance In...

Page 963: ...ist aaa accounting Defines a user accounting method list Platform Description N A 1 22 access limit Use this command to configure the number of users limit for the domain which is only valid for the I...

Page 964: ...ault method list list name The name of the network accounting list Defaults With no method list specified if the user sends the request the device will attempt to specify the default method list for t...

Page 965: ...following example sets an IEEE802 1x authentication method list for the specified domain Ruijie config aaa domain ruijie com Ruijie config aaa domain authentication dot1x default Related Commands Comm...

Page 966: ...guration Platform Description N A 1 26 clear aaa local user lockout Use this command to clear the lockout user list clear aaa local user lockout all user name word Parameter Description Parameter Desc...

Page 967: ...ample displays the accounting update information Ruijie show aaa accounting update Related Commands Command Description aaa new model Enables the AAA security service aaa domain enable Enables the dom...

Page 968: ...urity service aaa domain enable Enables the domain name based AAA service Platform Description N A 1 29 show aaa group Use this command to display all the server groups configured for AAA show aaa gro...

Page 969: ...mode Interface configuration mode Usage Guide Use this command to display the lockout configuration Configuration Examples The following example displays the lockout configuration Ruijie show aaa loc...

Page 970: ...ted Commands Command Description aaa authentication Defines a user authentication method list aaa authorization Defines a user authorization method list aaa accounting Defines a user accounting method...

Page 971: ...w aaa user by name wwxy Id Name 2345687901 wwxy Ruijie show aaa user lockout Name Tries Lock Timeout min Ruijie Related Commands Command Description N A N A Platform Description N A 1 33 state Use thi...

Page 972: ...rmat Use this command to configure the user name whether to be with the domain information when the NAS interacts with the servers Use the no form of this command to restore the default setting userna...

Page 973: ...mmands Related Commands Command Description aaa new model Enables the AAA security service aaa domain enable Enables the domain name based AAA service show aaa domain Displays the domain configuration...

Page 974: ...e default RADIUS and TACACS server group names Defaults N A Command Mode Global configuration mode Usage Guide This command is used to configure a RADIUS AAA server group Configuration Examples The fo...

Page 975: ...RADIUS packet This command is used in the layer 3 devices Configuration Examples The following example specifies that the RADIUS packet obtains an IP address from the fastEthernet 0 0 interface and us...

Page 976: ...5 6 net ip 6 7 user name 7 8 password 8 9 file directory 9 10 file count 10 11 file name 0 11 2 file name 1 12 13 file name 2 13 14 file name 3 14 15 file name 4 15 16 max up rate 16 17 version to ser...

Page 977: ...proxy avoid 20 21 dailup avoid 21 22 ip privilege 22 23 login privilege 42 24 limit to user number 50 Command Mode Global configuration mode Usage Guide This command is used to configure the private a...

Page 978: ...sent by the RADIUS server as the CoS value and the DSCP value by default Configuration Examples The following example sets the QoS value sent by the RADIUS server as the CoS value of the interface Ru...

Page 979: ...ommand to restore the default setting radius vendor specific extend no radius vendor specific extend Parameter Description Parameter Description N A N A Defaults Only the private vendor IDs of Ruijie...

Page 980: ...efault radius server account attribute type unpackage Parameter Description Parameter Description type RADIUS attribute in the range from 1 to 255 Defaults RFC compliant Command Mode Global configurat...

Page 981: ...s command to enable account request packets to contain vendor specific RADIUS attributes Use the no or default form of this command to restore the default setting radius server account vendor vendor_n...

Page 982: ...the flow control through the CLASS attribute Configuration Examples N A Related Commands Command Description N A N A Platform Description N A 2 11 radius server attribute 31 Use this command to speci...

Page 983: ...Use this command to enable access request packets to contain a specified RADIUS attribute Use the no or default form of this command to restore the default setting radius server authentication attrib...

Page 984: ...osoft cisco Defaults Access request packets do not contain vendor specific RADIUS attributes by default Command Mode Global configuration mode Usage Guide Use this command to enable access request pac...

Page 985: ...nd timeout times Configuration Examples The following example sets the timeout to 120 seconds and timeout times to 20 Ruijie config radius server dead criteria time 120 tries 20 Related Commands Comma...

Page 986: ...achable Platform Description N A 2 16 radius server host Use this command to specify a RADIUS security server host Use the no form of this command to restore the default setting radius server host ipv...

Page 987: ...order to implement the AAA security service using RADIUS you must define a RADIUS security server You can define one or more RADIUS security servers using the radius server host command Configuration...

Page 988: ...rity server In order to allow the device to communicate with the RADIUS security server you must define the same shared password on the device and the RADIUS security server Configuration Examples The...

Page 989: ...guration Examples The following example sets the number of retransmissions to 4 Ruijie config radius server retransmit 4 Related Commands Command Description radius server host Defines the RADIUS secu...

Page 990: ...is command to restore the default setting radius server timeout seconds no radius server timeout Parameter Description Parameter Description seconds Timeout in the range from 1 to 1 000 in the unit of...

Page 991: ...ort1 Server authentication port port2 Server accounting port Defaults No server is configured by default Command Mode Server group configuration mode Usage Guide N A Configuration Examples The followi...

Page 992: ...es The following example displays RADIUS accounting statistics Ruijie show radius acct statistics Accounting Servers Server Index 1 Server Address 192 168 1 1 Server Port 1813 Msg Round Trip Time 0 ms...

Page 993: ...s Ip Port 6 Service Type 7 Framed Protocol 8 Frame Ip Address 9 Framed Ip Mask 10 Framed Routing 11 Filter Id 12 Framed Mtu 13 Framed Compress 14 Login Ip Host 15 Login Service 16 Login Tcp Port 18 Re...

Page 994: ...Gigawords 53 Acct Output Gigawords 60 Chap Challenge 61 Nas Port Type 62 Port Limit 63 Login Lat Port 64 Tunnel Type 65 Tunnel Medium Type 66 Tunnel Client EndPoint 67 Tunnel Service EndPoint 79 eap m...

Page 995: ...uijie show radius auth statistics Authentication Servers Server Index 1 Server Address 192 168 1 1 Server Port 1812 Msg Round Trip Time 0 msec First Requests 0 Retry Requests 0 Accept Responses 0 Reje...

Page 996: ...s group Radius group radius Vrf not set Server 192 168 1 1 Server key ruijie Authentication port 1812 Accounting port 1813 State Active RG S29 series do not support the VRF parameter The above example...

Page 997: ...Time 10 Seconds Tries 10 Related Commands Command Description N A N A Platform Description N A 2 27 show radius server Use this command to display the configuration of the RADIUS server show radius s...

Page 998: ...uration 0s Dead total time 0s count 0 Statistics Authen request 0 timeouts 0 Author request 0 timeouts 0 Account request 20 timeouts 0 Related Commands Command Description radius server host Defines t...

Page 999: ...6 net ip 6 7 user name 7 8 password 8 9 file directory 9 10 file count 10 11 file name 0 11 12 file name 1 12 13 file name 2 13 14 file name 3 14 15 file name 4 15 16 max up rate 16 17 current supplic...

Page 1000: ...nfiguration Guide RADIUS Commands retransmissions radius server key Defines a shared password for the RADIUS server radius server timeout Defines the packet transmission timeout Platform Description N...

Page 1001: ...nt TACACS servers the tasks of authentication authorization and accounting can be implemented by different server groups Configuration Examples The following example configures a TACACS server group n...

Page 1002: ...The following example specifies the IP address of GigabitEthernet 0 0 for the outgoing TACACS packets Ruijie config ip tacacs source interface gigabitEthernet 0 0 Related Commands Command Description...

Page 1003: ...a group server tacacs tac1 Ruijie config gs tacacs server 1 1 1 1 Related Commands Command Description aaa group server tacacs Configures a TACACS server group Platform Description N A 3 4 show tacacs...

Page 1004: ...integer Port number of the server The range is from 1 to 65 535 The default is 49 timeout integer Timeout time of TACACS host The range is from 1 to 1 000 key string Configures an authentication and...

Page 1005: ...by default Command Mode Global configuration mode Usage Guide Use command to configure a global authentication and encryption key for TACACS communication Use the key parameter in the tacacs server h...

Page 1006: ...ration mode Usage Guide Use command to configure a global timeout interval Use the timeout parameter in the tacacs server host command to configure a server based interval Configuration Examples The f...

Page 1007: ...Global configuration mode Usage Guide Supplicant authorization mode supports only Ruijie supplicant Radius server authorization mode requires the server to allocate IP addresses by framed ip DHCP ser...

Page 1008: ...ear dot1x user id Use this command to clear 802 1X authentication users according to session IDs clear dot1x user id session id Parameter Description Parameter Description session id Session ID Defaul...

Page 1009: ...789A Ruijie clear dot1x user mac 0012 3456 789A Related Commands Command Description N A N A Platform Description N A 4 5 clear dot1x user name Use this command to clear the 802 1 X authentication use...

Page 1010: ...d to configure the 802 1X accounting method Configuration Examples The following example configures the accounting list Ruijie config dot1x accounting dot1x acct Related Commands Command Description N...

Page 1011: ...arameter Description Parameter Description list name Authentication method list Defaults N A Command Mode Global configuration mode Usage Guide If AAA does not adopt the default 802 1X authentication...

Page 1012: ...empt 2 Related Commands Command Description show dot1x Displays the 802 1x configuration Platform Description N A 4 10 dot1x auth fail vlan Use this command to enable the auth fail VLAN Use the no for...

Page 1013: ...ion mode Defaults The default is EAP MD5 authentication mode Command Mode Global configuration mode Usage Guide The selection of authentication mode depends on the suppliant and portal server Configur...

Page 1014: ...configure auto request 802 1X authentication Use the no form of this command to restore the default setting dot1x auto req no dot1x auto req Parameter Description Parameter Description N A N A Defaul...

Page 1015: ...acket num 100 Related Commands Command Description show dot1x auto req Displays the authentication request information Platform Description N A 4 15 dot1x auto req req interval Use this command to set...

Page 1016: ...dot1x auto req user detect Parameter Description Parameter Description N A N A Defaults This function is enabled by default Command Mode Global configuration mode Usage Guide N A Configuration Exampl...

Page 1017: ...ass on the port Use the no form of this command to restore the default setting dot1x critical no dot1x critical Parameter Description Parameter Description N A N A Defaults This functions is disabled...

Page 1018: ...rt entering the inaccessible authentication bypass status if the RADIUS server returns to normal you need to reinitialize the authentication for all users that have accomplished the network access aut...

Page 1019: ...critical vlan 10 Related Commands Command Description N A N A Platform Description N A 4 21 dot1x dbg filter Use this command to enable debug information print for a user with a specified MAC address...

Page 1020: ...n Configuration Examples The following example restores 802 1X configuration to the default setting Ruijie config dot1x default Related Commands Command Description show dot1x Displays the 802 1X info...

Page 1021: ...show dot1x port control interface fastEthernet 0 10 Displays the number of users allowed by a specific 802 1X interface Platform Description N A 4 24 dot1x dynamic vlan enable Use this command to ena...

Page 1022: ...guest VLAN does not take effect When configuring guest VLAN it is recommended not to modify L2 attribute of the port especially not to add the port to a VLAN manually Configuration Examples The follo...

Page 1023: ...lti user Use this command to configure multiple MAB authentications Use the no form of this command to restore the default setting dot1x mac auth bypass multi user no dot1x mac auth bypass multi user...

Page 1024: ...onfiguration Examples The following example sets the MAB authentication timeout interval Ruijie config if GigabitEthernet 0 0 dot1x mac auth bypass timeout activity 3600 Related Commands Command Descr...

Page 1025: ...this command to configure the MAB VLAN function Use the no form of this command to restore the default setting dot1x mac auth bypass vlan vlan list no dot1x mac auth bypass vlan vlan list Parameter D...

Page 1026: ...s Command Description show dot1x Displays the information about 802 1X Platform Description N A 4 32 dot1x multi account enable Use this command to enable the user with one single MAC address to perfo...

Page 1027: ...ation failure in the range from 0 to 65 535 in the unit of seconds Defaults The default is 0 second indicating no quiet period Command Mode Global configuration mode Usage Guide The default setting is...

Page 1028: ...sers that connect to this port have access to the network In the port based single user control mode the port is authenticated when it allows only one authenticated user who is enabled to use the netw...

Page 1029: ...rt control mode show running config Displays the configuration Platform Description N A 4 36 dot1x private supplicant only Use this command to filter non Ruijie clients Use the no form of this command...

Page 1030: ...e default setting is recommended Configuration Examples The following example sets Ruijie terminal alive interval to 120 seconds Ruijie config dot1x probe timer alive 120 Related Commands Command Desc...

Page 1031: ...ts This function is enabled by default Command Mode Global configuration mode Usage Guide By default the device uses its own MAC address as the source MAC address of the EAP packets for the 802 1X aut...

Page 1032: ...tication Use the show dot1x command to display 802 1X configuration The default setting is recommended Configuration Examples The following example enables timed re authentication function Ruijie conf...

Page 1033: ...the no form of this command to restore the default setting dot1x redirect no dot1x redirect Parameter Description Parameter Description N A N A Defaults This function is disabled by default Command Mo...

Page 1034: ...he information about 802 1X Platform Description N A 4 44 dot1x timeout server timeout Use this command to set the server timeout interval dot1x timeout server timeout time Parameter Description Param...

Page 1035: ...default is 3 seconds Command Mode Global configuration mode Usage Guide Use the show dot1x command to show display 802 1X configuration Configuration Examples The following example sets the authentica...

Page 1036: ...uthentication clients and authentication servers Use the no form of this command to restore the default setting dot1x user name compatible no dot1x user name compatible Parameter Description Parameter...

Page 1037: ...ccounting Ruijie config dot1x valid ip acct enable Platform Description N A 4 49 dot1x valid ip acct timeout Use this command to configure IP address triggered accounting timeout Use the no form of th...

Page 1038: ...tion mode Usage Guide Optional When the server is unreachable disable global 802 1x so users can access the Internet without authentication After the server resumes reachability enable global 802 1x a...

Page 1039: ...pol Tag enable 802 1x redirect disable Private supplicant only disable Related Commands Command Description dot1x auth mode Sets the 802 1X authentication mode dot1x max req Sets the maximum number of...

Page 1040: ...ow dot1x auth address table Interface Address Fa0 1 00d0 f800 0c0e Fa0 2 001a c800 0102 Ruijie show dot1x auth address table interface fastEthernet 0 1 Interface Address Fa0 1 00d0 f800 0c0e Ruijie sh...

Page 1041: ...figuration mode Usage Guide N A Configuration Examples The following example displays the auto request authentication information Ruijie show dot1x auto req Auto Req Enabled User Detect Enabled Packet...

Page 1042: ...t challenge packet transmission Ruijie show dot1x max req Max Req 3 Times Related Commands Command Description dot1x auth mode Sets the 802 1X authentication mode dot1x max req Sets the maximum number...

Page 1043: ...uthened MAB Gi0 5 mac based 0 0 unlimited no disable Related Commands Command Description dot1x auth mode Sets the 802 1X authentication mode dot1x max req Sets the maximum number of authentication re...

Page 1044: ...ot1x auth mode Sets the 802 1X authentication mode dot1x max req Sets the maximum number of authentication request re transmissions dot1x port control auto Sets the port to participate in authenticati...

Page 1045: ...s the configuration of online user probe Ruijie show dot1x probe timer Hello Interval 20 Hello Alive 60 Field Description Command Description Hello Interval Sets the probe period Hello Alive Sets the...

Page 1046: ...x Use this command to display the maximum re auth attempts show dot1x reauth max Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Global configuration...

Page 1047: ...d Commands Command Description dot1x auth mode Sets the 802 1X authentication mode dot1x max req Sets the maximum number of authentication request re transmissions dot1x port control auto Sets the por...

Page 1048: ...t period after the authentication failure Configuration Examples The following example shows how to displays the quiet period the time for the device to wait before re authentication after the authent...

Page 1049: ...N A Platform Description N A 4 63 show dot1x timeout server timeout Use this command to display the authentication timeout period show dot1x timeout server timeout Parameter Description Parameter Des...

Page 1050: ...ommand to display the request challenge packets re transmission interval Configuration Examples Use this command to display the request challenge packets re transmission interval Ruijie show dot1x tim...

Page 1051: ...N A Platform Description N A 4 66 show dot1x user id Use this command to display the information about 802 1X authentication users based on user IDs show dot1x user id id Parameter Description Parame...

Page 1052: ...t The port that user accesses from Time online User online time User ip address User IP address Max user number on this port The maximum number of users on the port Authorization session time The auth...

Page 1053: ...23 aeaa 4286 User name ts user User id 16777225 Type static Mac address is 0023 aeaa 4286 Vlan id is 2 Access from port Gi0 5 Time online 0days 0h 0m17s User ip address is 192 168 3 21 Max user number...

Page 1054: ...on Parameter Description name User name Defaults N A Command Mode Privileged EXEC mode Global configuration mode Interface configuration mode Usage Guide Use the show dot1x summary command to display...

Page 1055: ...ccess from Time online User online time User ip address User IP address Max user number on this port The maximum number of users on the port Authorization session time The authorized session time Supp...

Page 1056: ...ethod list parameter in this command should be consistent with network accounting list name configured in AAA Configuration Examples The following example sets the mlist1 accounting method for the epo...

Page 1057: ...this command to set a binding mode for the template Use the no form of this command to restore the default setting bindmode ip mac mode ip only mode no bindmode Parameter Description Parameter Descrip...

Page 1058: ...arameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example clears all direct ARP sources Ruijie clear web auth direct arp...

Page 1059: ...A Platform Description N A 5 6 clear web auth direct site Use this command to clear all authentication exempted network resources clear web auth direct site Parameter Description Parameter Description...

Page 1060: ...r name num Specifies the user s AAA session ID Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example forces all users to go offline Ruijie config...

Page 1061: ...redirect direct arp ip address ip mask no http redirect direct arp ip address ip mask Parameter Description Parameter Description ip address IPv4 address ip mask Optional IPv4 mask Defaults No authen...

Page 1062: ...ecessary for IPv4 network resources only mac address MAC address of the authentication extempted user Defaults No authentication exempted network resource is set Command Mode Global configuration mode...

Page 1063: ...client download page By default the access device intercepts users HTTP packets with port 80 to check whether they are accessing network resources This command is used to change the destination port...

Page 1064: ...prevent HTTP attacks caused by unauthenticated users from using up the TCP connections of the access device the maximum number of HTTP sessions by unauthenticated users must be limited on the access...

Page 1065: ...ple sets the timeout for the redirection connection maintenance to 4 seconds Ruijie config http redirect timeout 4 Related Commands Command Description show http redirect Displays the HTTP redirection...

Page 1066: ...ace Parameter Description Parameter Description interface type Port type interface num Port No Defaults No communication interface is specified by default Command Mode Global configuration mode Usage...

Page 1067: ...g tmplt eportalv2 port 10000 Related Commands Command Description N A N A Platform Description N A 5 17 show web auth control Use this command to display the authentication configuration show web auth...

Page 1068: ...mand Description N A N A Platform Description N A 5 18 show web auth direct arp Use this command to display the address range of the authentication exempted ARP show web auth direct arp Parameter Desc...

Page 1069: ...eged EXEC mode Usage Guide N A Configuration Examples The following example displays the Web authentication exempted users Ruijie show web auth direct host Direct hosts Address Mask Port ARP Binding 1...

Page 1070: ...resource without authentication is set Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example displays the range of the Web authentication exempted network res...

Page 1071: ...age Guide N A Configuration Examples The following example displays the portal client mapping rule Ruijie config show web auth ip mapping Name iportal Ip 0 0 0 0 Url Ip Mapping Name eportalv1 Ip 172 1...

Page 1072: ...sions that are created by an unauthenticated user timeout Timeout interval of the redirection connection Related Commands Command Description N A N A Platform Description N A 5 23 show web auth portal...

Page 1073: ...rt Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example displays the TCP interception port Ru...

Page 1074: ...eb auth syslog ip 192 168 197 35 Address 192 168 197 35 Core index 0 Current index 2 Index 0 Time 2015 10 16 20 37 34 Behavior ONLINE Mac 00d0 f822 33e7 Vid 101 Port Gi3 1 Timeused 0d 00 00 00 Flow_up...

Page 1075: ...how web auth template Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide Use this command to display the portal server configuration Configu...

Page 1076: ...list name which is on only the second generation portal server Authmlist Authentication method list name which is on only the second generation portal server Related Commands Command Description N A N...

Page 1077: ...Address 192 168 0 11 Mac 00d0 f800 2233 Port Gi0 2 Online On Time Limit 0d 01 00 00 Time Used 0d 00 15 10 Time Start 2009 02 22 20 05 10 Status Active Field Description Address IP address of the user...

Page 1078: ...t homepage url string command which is now hidden as a compatible command If no URL is specified the default URL in the http ip address format will be adopted among which ip address is the IP address...

Page 1079: ...ree of authentication optional port interface name Binds user s IP address with a port of the access device optional arp If ARP CHECK is enabled on the access device keyword arp is needed for ARP bind...

Page 1080: ...emplate template name Customized template Defaults The Web authentication function is disabled on the port by default The default template is eportalv1 Command Mode Interface configuration mode Usage...

Page 1081: ...de Usage Guide N A Configuration Examples The following example sets the link down timeout to 30 seconds Ruijie config web auth linkdown timeout 30 Related Commands Command Description N A N A Platfor...

Page 1082: ...Use the no form of this command to clear the communication key between the redirected Web request of a user and the authentication server web auth portal key key string no web auth portal key Paramete...

Page 1083: ...check Parameter Description Parameter Description Intsec Check interval in the range from 1 to 1 000 in the unit of seconds The default is 10 seconds tosec Timeout interval in the range from 1 to 1 0...

Page 1084: ...portal escape Platform Description N A 5 37 web auth template Use this command to create the first generation authentication template and enter its configuration mode web auth template eportalv1 Use...

Page 1085: ...rtalv1 template should be configured If no URL format is specified the default http ip address format will be adopted The IP address of the portal server is the network resource exempted from authenti...

Page 1086: ...ion N A 5 39 web auth vlan control Use this command to configure the authenticable VLAN list Use the no form of this command to restore the default setting web auth vlan control vlan list no web auth...

Page 1087: ...VLAN configuration no direct vlan vlanlist Parameter Description Parameter Description vlanlist VLAN list which can be a VLAN or a group of VLANs Defaults By default no authentication exemption VLANs...

Page 1088: ...mmand Mode Interface configuration mode Default Level 14 Usage Guide Use this command to configure the maximum number of IPv4 access users on a port Configuration Examples The following example restri...

Page 1089: ...hold in bytes The range is from 0 to 4 294 967 294 in bytes The value of 0 indicates that the user is disconnected when no traffic of the user is detected Defaults By default the detection interval is...

Page 1090: ...e show direct vlan direct vlan 5 7 100 Prompt Messages N A Platforms This command is supported only on switches 6 6 show nac author user interface Use this command to display the capacity limit and cu...

Page 1091: ...N A Defaults Authenticated user migration is not permitted by default Command Mode Global configuration mode Level 14 Usage Guide You can enable the authenticated user migration function to allow the...

Page 1092: ...Configuration Guide SCC Commands Platforms N A...

Page 1093: ...Command Mode Global configuration mode Usage Guide N A Configuration Examples The following example configures global IP MAC address binding Ruijie configure terminal Enter configuration commands one...

Page 1094: ...ed logs is prompted if the actual printing rate exceeds the set rate The following example enables logging filter Configuration Examples Ruijie configure terminal Enter configuration commands one per...

Page 1095: ...ault setting This command is also used to set the compatible mode address bind ipv6 mode compatible loose strict no address bind ipv6 mode Parameter Description Parameter Description compatible Compat...

Page 1096: ...ets that have the same source IP address but different source MAC address If the port is an exceptional port and is installed see address bind install this binding policy does not take effect Configur...

Page 1097: ...Binding MAC Addr Bound MAC address Related Commands Command Description address bind Enables IP address MAC address binding Platform Description N A 7 7 show address bind uplink Use this command to d...

Page 1098: ...ate Indicates whether the port is exception port State Enabled indicates that it is an exception port while state Disabled indicates that it it not Related Commands Command Description address bind up...

Page 1099: ...the password lifecycle After the password lifecycle expires the system reminds you to change the password when you login next time This function is valid for the global password the enable password a...

Page 1100: ...mode Configuration Examples The following example sets the minimum length of the password to 8 Ruijie config password policy min size 8 Related Commands Command Description N A N A Platform Descriptio...

Page 1101: ...at times 5 Related Commands Command Description N A N A 8 4 password policy strong Use this command to enable strong password check password policy strong no password policy strong Parameter Descripti...

Page 1102: ...words are displayed in plain text unless they are encrypted After you run the service password encryption and show running or write command to save your configuration the password changes into cipher...

Page 1103: ...nfigurations Password encryption Enabled Password strong check Enabled Password min size Enabled 6 characters Password life cycle Enabled 90 days Password no repeat times Enabled max history record 5...

Page 1104: ...specified port all Displays all valid secure addresses and valid port security bindings Defaults N A Command Mode Privileged EXEC mode Usage Guide To display all port security configuration and viola...

Page 1105: ...t 0 1 Ruijie show port security interface gigabitEthernet 0 1 Interface GigabitEthernet 0 1 Port status down Port Security enabled SecureStatic address aging disabled Sticky dynamic address disabled V...

Page 1106: ...AC Binding Addresses The number of IPv6 MAC address bindings Aging time min The aging time of the secure address The following example displays all secure addresses on the device Ruijie show port secu...

Page 1107: ...meter Description Parameter Description protect Discards the packets breaching security restrict Discards the packets breaching security and sends the Trap message shutdown Discards the packets breach...

Page 1108: ...addresses on an interface Use the no form of this command to restore the default setting switchport port security aging static time time no switchport port security aging static time Parameter Descrip...

Page 1109: ...Platform Description N A 9 4 switchport port security binding Use these commands to configure secure address binding manually in the interface configuration mode through performing the source IP addr...

Page 1110: ...address 00d0 f800 5555 with VLAN ID 1 on interface g 0 10 Ruijie configure terminal Ruijie config interface gigabitethernet 0 10 Ruijie config if switchport port security binding 00d0 f800 5555 vlan 1...

Page 1111: ...ng Ruijie configure terminal Ruijie config switchport port security binding filter logging Ruijie config end Related Commands Command Description N A N A Platform Description N A 9 6 switchport port s...

Page 1112: ...nterface g 0 10 Ruijie configure terminal Ruijie config switchport port security binding interface g0 10 binding 192 168 1 100 Ruijie config end The following example binds the IP address 192 168 1 10...

Page 1113: ...on the TRUNK port Defaults N A Command Mode Glocal configuration mode Usage Guide N A Configuration Examples The following example sets the static secure address and VLAN ID of TRUNK port 10 to 00d0 f...

Page 1114: ...guration mode Usage Guide N A Configuration Examples The following example sets the static secure address and VLAN ID of TRUNK port 10 to 00d0 f800 5555 and 2 respectively Ruijie configure terminal Ru...

Page 1115: ...ported on the TRUNK port Defaults This function is disabled by default Command Mode Interface configuration mode Usage Guide Sticky MAC addresses either static or dynamic are special addresses free fr...

Page 1116: ...128 Defaults The default is 128 Command Mode Interface configuration mode Usage Guide The number of the secure address contains the sum of static secure address and dynamically learnt secure address...

Page 1117: ...Configuration Guide Port Security Commands switchport port security aging Sets the aging time for the port secure address Platform Description N A...

Page 1118: ...iguration Examples The following example displays storm control configuration on FastEthernet 0 1 Ruijie show storm control fastEthernet 0 1 Interface Broadcast Control Multicast Control Unicast Contr...

Page 1119: ...led by default Command Mode Interface configuration mode Usage Guide Too many broadcast multicast or unicast packets received on a port may cause storm and thus slow network and increase timeout Proto...

Page 1120: ...ly DSA RSA authentication is available for one connection Also the key algorithm may differ in different client Thus it is recommended to generate both RSA and DSA keys so as to ensure connection with...

Page 1121: ...able the SSH server run the no enable service ssh server command Configuration Examples The following example deletes a RSA key to the SSH server Ruijie configure terminal Ruijie config crypto key zer...

Page 1122: ...ys the information about the established SSH connection clear line vty line_number Disconnects the current VTY connection Platform Description N A 11 4 ip scp server enable Use this command to enable...

Page 1123: ...hentication is not successful when the configured authentication retry times on the SSH server is exceeded Use the show ip ssh command to display the configuration of the SSH server Configuration Exam...

Page 1124: ...the advancement of cryptography study CBC and Others encryption modes are proved to easily decipher It is recommended to enable the CTR mode to raise assurance for organizations and enterprises deman...

Page 1125: ...ication you can specify a public key file based on the user name Use the no form of this command to restore the default setting ip ssh peer username public key rsa dsa filename no ip ssh peer username...

Page 1126: ...s starting from receiving a connection request Use the show ip ssh command to display the configuration of the SSH server Configuration Examples The following example sets the timeout value to 100 sec...

Page 1127: ...N A 11 11 show crypto key mypubkey Use this command to display the information about the public key part of the public key to the SSH server show crypto key mypubkey rsa dsa Parameter Description Para...

Page 1128: ...display the information of the SSH server show ip ssh Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Global configuration mode Usage Guide This com...

Page 1129: ...ation about the established SSH connection show ssh Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Global configuration mode Usage Guide This comman...

Page 1130: ...s Version SSH version Encryption Encryption algorithm Hmac Message authentication algorithm Compress Compress algorithm State Connection state Username Username Related Commands Command Description N...

Page 1131: ...s authenticated 802 1x IP authorization should be disabled when the GSN address binding policy is applied Configuration Examples The following example enables GSN address binding on GigabitEthernet 0...

Page 1132: ...e v3 username For the detailed information please refer to SNMP command reference Configuration Examples The following example sets the v1 community Ruijie config security v1 community public The foll...

Page 1133: ...uijie config no security event interval Related Commands Command Description show security event interval Displays the interval of security event Platform Description N A 12 4 security gsn enable Use...

Page 1134: ...A Configuration Examples The following example displays the sending interval of security events Ruijie show security event interval Event sending interval seconds 10 Related Commands Command Descripti...

Page 1135: ...he IP address of the SMP server smp server host ip address no smp server host Parameter Description Parameter Description ip address IP address of the SMP server Defaults No SMP server address is conf...

Page 1136: ...slot parameter To the chassis device the slot parameter indicates the line card of the master chassis If no slot parameter is specified that means the command will clear all node statistics in the sy...

Page 1137: ...and Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example clears the CPP statistics on the supervisor module Ruijie config show cpu protect type bpdu Packet Type Traff...

Page 1138: ...Guide N A Configuration Examples The following example sets the CPU port bandwidth to 32000pps Ruijie configure terminal Ruijie config cpu protect cpu bandwidth 32000 Ruijie show cpu protect cpu cpu p...

Page 1139: ...c class Bandwidth pps Rate pps Drop pps 5 3500 0 0 Related Commands Command Description N A N A Platform Description N A 13 5 cpu protect type bandwidth Use this command to configure the bandwidth of...

Page 1140: ...this command to restore the default setting cpu protect type packet type traffic class traffic class num no cpu protect type packet type traffic class Parameter Description Parameter Description packe...

Page 1141: ...ice If no device parameter is specified that indicates this command takes effect to the master chassis or the master box type device slot_num To the box type device there is no slot parameter To the c...

Page 1142: ...N A Configuration Examples The following example displays the configuration of the CPU port Ruijie show cpu protect cpu cpu port bandwidth 32000 pps Related Commands Command Description N A N A Platf...

Page 1143: ...CPP configuration and statistics of the master device show cpu protect summary Parameter Description Parameter Description N A N A Defaults N A Command Mode All configuration modes Usage Guide N A Co...

Page 1144: ...no slot parameter To the chassis device the slot parameter indicates the line card of the master chassis If no slot parameter is specified that means the command will clear all node statistics in the...

Page 1145: ...ct to the master chassis or the master box type device slot_num To the box type device there is no slot parameter To the chassis device the slot parameter indicates the line card of the master chassis...

Page 1146: ...ode Privileged EXEC mode Usage Guide Use this command to clear the current dynamic user information from the DHCP Snooping binding database After this command is used all the DHCP clients connecting i...

Page 1147: ...ooping function is enabled Configuration Examples The following example enables the DHCP Snooping function Ruijie configure terminal Ruijie config ip dhcp snooping Ruijie config end Related Commands C...

Page 1148: ...iguration Platform Description N A 14 4 ip dhcp snooping check giaddr Use this command to enable DHCP Snooping to support the function of processing Relay requests Use the no form of this command to r...

Page 1149: ...setting ip dhcp snooping database write delay time no ip dhcp snooping database write delay Parameter Description Parameter Description time The interval at which the system writes the dynamic user i...

Page 1150: ...ip dhcp snooping database write to flash Parameter Description Parameter Description N A N A Defaults N A Command Mode Global configuration mode Usage Guide This command is used to write the dynamic u...

Page 1151: ...P Relay function adds option82 by default Therefore it is unnecessary to enable functions of DHCP Snooping option82 and DHCP Relay at the same time Configuration Examples The following example adds op...

Page 1152: ...mote id as hostname Ruijie configure terminal Ruijie config ip dhcp snooping information option format remote id hostname Related Commands Command Description N A N A Platform Description N A 14 9 ip...

Page 1153: ...mands Command Description N A N A Platform Description N A 14 10 ip dhcp snooping loose forward Use this command to enable DHCP Snooping loose forwarding Use the no form of this command to restore the...

Page 1154: ...t Command Mode Interface configuration mode Usage Guide This command denies all DHCP request messages under the port that is all the users under the port are prohibited to request IP addresses through...

Page 1155: ...e discarded This command is only supported on Layer 2 switch interfaces and aggregate ports APs Configuration Examples The following example sets fastEthernet 0 1 as a trusted port Ruijie configure te...

Page 1156: ...end Related Commands Command Description show ip dhcp snooping Displays the DHCP Snooping configuration Platform Description N A 14 14 ip dhcp snooping vlan Use this command to enable DHCP Snooping fo...

Page 1157: ...rd max user user number Parameter Description Parameter Description vlan word The VLAN range user number The maximum number of users bound with the VLAN Defaults This function is disabled by default C...

Page 1158: ...N to be replaced Defaults This function is disabled by default Command Mode Interface configuration mode Usage Guide With this command configured the option82 is added to the DHCP request packets the...

Page 1159: ...s This function is disabled by default Command Mode Interface configuration mode Usage Guide This command is used to add the option82 to the DHCP request packets The content of the sub option circuit...

Page 1160: ...ration Examples The following example imports the flash file information to the DHCP Snooping database Ruijie renew ip dhcp snooping database Related Commands Command Description N A N A Platform Desc...

Page 1161: ...ay Sets the interval of writing user information to FLASH periodically ip dhcp snooping information option Adds option82 to the DHCP request message ip dhcp snooping bootp bind Enables the DHCP Snoopi...

Page 1162: ...ecord order MacAddress The MAC address of the user IpAddress The IP address of the user Lease sec The lease time of the record Type The record type VLAN The VLAN where the user belongs Interface The u...

Page 1163: ...d Specifies the interface to be cleared Defaults N A Command Mode Privileged EXEC mode Usage Guide This command is used to clear the generated user information in the DHCPv6 Snooping binding database...

Page 1164: ...clear the generated user information in the DHCPv6 Snooping prefix list Configuration Examples The following example clears all the user information in the DHCPv6 Snooping binding database Ruijie clea...

Page 1165: ...elay forward 0 No binding entry 0 Binding fail 0 Unknown packet 0 Unknown output interface 0 No enough memory 0 Admin filter dhcpv6 pkt 0 Related Commands Command Description N A N A Platform Descript...

Page 1166: ...lt setting ipv6 dhcp snooping binding delay seconds no ipv6 dhcp snooping binding delay Parameter Description Parameter Description seconds Sets the binding delay time Defaults This function is disabl...

Page 1167: ...and Mode Global configuration mode Usage Guide This function writes user information into flash and can avoid loss after restart In that case users need to obtain IP addresses again for normal communi...

Page 1168: ...d Commands Command Description N A N A Platform Description N A 15 8 ipv6 dhcp snooping filter dhcp pkt Use this command to filter all received DHCPv6 request packets Use the no form of this command t...

Page 1169: ...on option standard format Parameter Description Parameter Description standard format The Option18 37 uses the standard format Defaults This function is disabled by default Command Mode Global configu...

Page 1170: ...e id string ascii string hostname no ipv6 dhcp snooping information option format remote id string ascii string hostname Parameter Description Parameter Description string ascii string The content of...

Page 1171: ...ed by default Command Mode Global configuration mode Usage Guide By default the dynamic binding entries are not cleared on a wired interface when the interface links down With this function enabled th...

Page 1172: ...messages received under the untrusted port will be discarded 2 This command is valid only on Layer 2 wired switch ports and aggregate ports Configuration Examples The following example sets FastEther...

Page 1173: ...1 to VLAN 10 Ruijie configure terminal Ruijie config ipv6 dhcp snooping vlan 1 10 Ruijie config end Related Commands Command Description N A N A Platform Description N A 15 14 ipv6 dhcp snooping vlan...

Page 1174: ...Use this command to enable the function of adding the option18 into the DHCP request packets and filling the option18 interface id with the content being the user defined the storage format is ASCII a...

Page 1175: ...pv6 dhcp snooping database Use this command to import the information in current flash to the DHCPv6 Snooping binding database manually as needed renew ipv6 dhcp snooping database Parameter Descriptio...

Page 1176: ...dhcp snooping Switch DHCPv6 snooping status ENABLE DHCPv6 snooping vlan 1 4094 DHCPv6 snooping database write delay time 0 seconds DHCPv6 snooping option 18 37 status DISABLE DHCPv6 snooping link det...

Page 1177: ...otal number of bindings 1 NO MacAddress IPv6 Address Lease sec VLAN Interface 1 00d0 f801 0101 2001 10 42368 2 GigabitEthernet 0 1 Related Commands Command Description N A N A Platform Description N A...

Page 1178: ...Related Commands Command Description N A N A Platform Description N A 15 20 show ipv6 dhcp snooping statistics Use this command to display the statistical information of the DHCPv6 packets show ipv6 d...

Page 1179: ...the packets are discarded due to a lack of the hardware resources Unknown packet The unknown DHCP packets Unknown output interface The packets on the unknown output interface The MAC address for the i...

Page 1180: ...oping function disabled Configuration Examples The following example displays the VLAN with DHCPv6 Snooping function disabled Ruijie show ipv6 dhcp snooping vlan VLAN Name Closed 2 VLAN 2 YES Field De...

Page 1181: ...ser information implementing the illegal ARP packet filtering on the network Configuration Examples This following example enables the APR check function on interface GigabitEthernet 0 1 Ruijie config...

Page 1182: ...DER IP POLICY SOURCE GigabitEthernet 0 1 00D0 F800 0003 192 168 1 3 address bind GigabitEthernet 0 1 00D0 F800 0001 192 168 1 1 port security GigabitEthernet 0 4 192 168 1 3 port security GigabitEther...

Page 1183: ...a trusted port indicating that you do not need to check whether the ARP message received by this interface is legal Configuration Examples The following example sets the gigabitEthernet 0 19 interfac...

Page 1184: ...the ARP packet detection function For example the DHCP Snooping Trust port does not support any security detection including this function Configuration Examples The following example detects the rece...

Page 1185: ...ommand Description N A N A Platform Description N A 17 4 show ip arp inspection vlan Use this command to verify whether the DAI function on the VLAN is enabled show ip arp inspection vlan vlan id word...

Page 1186: ...ration Guide DAI Commands 1 Active Parameter Description Parameter Description Vlan VLAN number Configuration DAI status active inactive Related Commands Command Description N A N A Platform Descripti...

Page 1187: ...pe is IP MAC ip only The global binding type is IP only Defaults No static address is added by default Command Mode Global configuration mode Usage Guide This command allows specific clients to go thr...

Page 1188: ...e default setting ip verify source port security no ip verify source Parameter Description Parameter Description port security Configures IP Source Guard to do IP MAC based detection Defaults This fun...

Page 1189: ...store the function ip verify source exclude vlan vlan id no ip verify source exclude vlan vlan id Parameter Description Parameter Description vlan id The ID of VLAN excluded from the IP source guard c...

Page 1190: ...d Parameter Description Parameter Description ip address Displays user binding information of corresponding IP mac address Displays user binding information of corresponding MAC dhcp snooping Displays...

Page 1191: ...ing interface Defaults N A Command Mode Privileged EXEC mode Usage Guide If IP Source Guard is not enabled on the corresponding interface the printing information will be shown on the terminal as IP s...

Page 1192: ...IP ONLY Active 1 2 3 7 0001 0002 0007 1 Static 4 Global IP MAC Active 1 2 3 6 0001 0002 0006 1 Static 5 GigabitEthernet 0 1 UNSET Inactive restrict off 1 2 3 9 0001 0002 0009 1 DHCP Snooping 6 Gigabit...

Page 1193: ...lt Command Mode Global configuration mode Usage Guide Use this command to exempt trusted hosts from IPv6 source guard This command is supported only on Layer 2 ports aggregate ports and encapsulated s...

Page 1194: ...and is supported only on Layer 2 ports aggregate ports and encapsulated sub interfaces Currently the IPv6 source guard feature of Ruijie devices filters traffic based on the DHCPv6 Snooping database o...

Page 1195: ...LAN bindings interface id Displays the interface bindings Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example displays the IPv6 source binding database Ruiji...

Page 1196: ...Configuration Guide IPv6 Source Guard Commands Platform Description N A...

Page 1197: ...ration mode Usage Guide This command is used to enable anti ARP spoofing on only L2 interfaces Use the show anti arp spoofing command to display the configuration Configuration Examples The following...

Page 1198: ...uration Examples The following example displays the anti ARP spoofing configuration on all interfaces Ruijie show anti arp spoofing NO PORT IP STATUS 1 Gi0 1 192 168 1 1 active Field Description Field...

Page 1199: ...or each port pps Sets the attack threshold in the range from 1 to 19 999 in unit of pps Defaults The default value varies with products For details see the Configuration Guide Command Mode NFPP config...

Page 1200: ...ard function globally Ruijie config nfpp Ruijie config nfpp arp guard enable Related Commands Command Description nfpp arp guard enable Enables the anti ARP attack on the interface show nfpp arp guard...

Page 1201: ...ration Platform Description N A 21 4 arp guard isolate forwarding enable Use this command to enable packet forwarding through NFPP isolation Use the no form of this command to disable this function Us...

Page 1202: ...as reached the default 20 000 the administrator shall set the max number smaller than 20 000 and it will prompt the message that ERROR The value that you configured is smaller than current monitored h...

Page 1203: ...not 0 the software monitored attacker will be auto isolated by the hardware and the timeout time will be the isolate period The monitor period is valid with the isolate period 0 If the isolate period...

Page 1204: ...ets the arp guard rate limit Ruijie config nfpp Ruijie config nfpp arp guard rate limit per src ip 2 Ruijie config nfpp arp guard rate limit per src mac 3 Ruijie config nfpp arp guard rate limit per p...

Page 1205: ...o restore the default setting arp guard scan threshold pkt cnt no arp guard scan threshold default arp guard scan threshold Parameter Description Parameter Description pkt cnt Sets the scan threshold...

Page 1206: ...nd to clear the monitored host isolation clear nfpp arp guard hosts vlan vid interface interface id ip address mac address Parameter Description Parameter Description vid Sets the VLAN ID interface id...

Page 1207: ...mand Description arp guard attack threshold Sets the global attack threshold nfpp arp guard policy Sets the attack threshold show nfpp arp guard scan Displays the ARP scanning table Platform Descripti...

Page 1208: ...monitored hosts that it release them from isolation clear nfpp dhcp guard hosts vlan vid interface interface id mac address Parameter Description Parameter Description vid Sets the VLAN ID interface...

Page 1209: ...Guide Use this command without the parameter to clear all monitored hosts Configuration Examples The following example clears the DHCPv6 monitored hosts Ruijie clear nfpp dhcpv6 guard hosts vlan 1 int...

Page 1210: ...cy Sets the limit threshold and attack threshold show nfpp icmp guard hosts Displays the monitored host Platform Description N A 21 16 clear nfpp ip guard hosts Use this command to clear the monitored...

Page 1211: ...interface interface id Parameter Description Parameter Description vid Sets the VLAN ID interface id Sets the interface name and number Defaults N A Command Mode Privileged EXEC mode Usage Guide This...

Page 1212: ...form of this command to restore the default setting cpu protect sub interface manage protocol route percent percent_value no cpu protect sub interface manage protocol route percent default cpu protect...

Page 1213: ...ault cpu protect sub interface manage protocol route pps Parameter Description Parameter Description pps_value The rate limit threshold in the range from 1 to 100 000 Defaults The default value varies...

Page 1214: ...defined anti attack type Ruijie config nfpp Ruijie config nfpp define tcp Ruijie config nfpp define Related Commands Command Description show nfpp define summary Displays the defined anti attack conf...

Page 1215: ...is command to restore the default setting dhcp guard attack threshold per src mac per port pps no dhcp guard attack threshold per src mac per port default dhcp guard attack threshold per src mac per p...

Page 1216: ...unction Use the no or default form of this command to restore the default setting dhcp guard enable no dhcp guard enable default dhcp guard enable Parameter Description Parameter Description N A N A D...

Page 1217: ...ace the global value shall be adopted or the interface based isolate period shall be adopted Configuration Examples The following example sets the isolate time globally to 180 seconds Ruijie config nf...

Page 1218: ...administrator Configuration Examples The following example sets the maximum monitored host number to 200 Ruijie config nfpp Ruijie config nfpp dhcp guard monitored host limit 200 Related Commands Comm...

Page 1219: ...ts Displays the monitored host list clear nfpp dhcp guard hosts Clears the isolated host Platform Description N A 21 28 dhcp guard rate limit Use this command to set the rate limit threshold globally...

Page 1220: ...lt dhcpv6 guard attack threshold per src mac per port Parameter Description Parameter Description per src mac Sets the attack threshold for each source MAC address per port Sets the attack threshold f...

Page 1221: ...er Description N A N A Defaults This function is disabled by default Command Mode NFPP configuration mode Usage Guide N A Configuration Examples The following example enables the DHCPv6 anti attack fu...

Page 1222: ...xceeded it prompts the message that NFPP_DHCPV6_GUARD 4 SESSION_LIMIT Attempt to exceed limit of 20000 monitored hosts to remind the administrator Configuration Examples The following example sets the...

Page 1223: ...ig nfpp dhcpv6 guard monitor period 180 Related Commands Command Description show nfpp dhcpv6 guard summary Displays the configuration show nfpp dhcpv6 guard hosts Displays the monitored host list cle...

Page 1224: ...tistics based on the source IP VID and port per src mac Performs the rate statistics based on the source MAC VID and port per port Performs the rate statistics based on each physical port of receiving...

Page 1225: ...hold Use this command to set the global attack threshold When the packet rate exceeds the attack threshold the attack occurs Use the no or default form of this command to restore the default setting i...

Page 1226: ...guard enable Use this command to enable the ICMP anti attack function Use the no or default form of this command to restore the default setting icmp guard enable no icmp guard enable default icmp guar...

Page 1227: ...Usage Guide The isolate period can be configured globally or based on the interface For one interface if the isolate period is not set based on the interface the global value shall be adopted or the i...

Page 1228: ...the monitored hosts When the maximum monitored host number has been exceeded it prompts the message that NFPP_ARP_GUARD 4 SESSION_LIMIT Attempt to exceed limit of 20 000 monitored hosts to remind the...

Page 1229: ...e config nfpp Ruijie config nfpp icmp guard monitor period 180 Related Commands Command Description show nfpp icmp guard summary Displays the configuration show nfpp icmp guard hosts Displays the moni...

Page 1230: ...guard trusted host ip mask no icmp guard trusted host all ip mask default icmp guard trusted host Parameter Description Parameter Description ip Sets the IP address mask Sets the IP mask all Deletes t...

Page 1231: ...IP address per port Sets the attack threshold for each port pps Sets the attack threshold in pps The valid range is 1 to 19 999 Defaults The default value varies with products For details see the Conf...

Page 1232: ...s is not the local one For those with the local address as the destination CPP CPU Protect Policy will limit their rates Configuration Examples The following example enables the IP guard globally Ruij...

Page 1233: ...interface show nfpp ip guard summary Displays the configuration Platform Description N A 21 45 ip guard monitor period Use this command to configure the monitor time Use the no or default form of thi...

Page 1234: ...ximum monitored host number Use the no or default form of this command to restore the default setting ip guard monitored host limit number no ip guard monitored host limit default ip guard monitored h...

Page 1235: ...port default ip guard rate limit per src ip per port Parameter Description Parameter Description per src ip Sets the rate limit for each source IP address per port Sets the rate limit for each port pp...

Page 1236: ...e the Configuration Guide Command Mode NFPP configuration mode Usage Guide N A Configuration Examples The following example sets the global scan threshold to 20 pps Ruijie config nfpp Ruijie config nf...

Page 1237: ...om monitoring UP to 500 trusted hosts are supported Configuration Examples The following example sets the trusted hosts free form monitoring Ruijie config nfpp Ruijie config nfpp ip guard trusted host...

Page 1238: ...er no log buffer entries default log buffer entries Parameter Description Parameter Description number The buffer area size in the range from 0 to 1 024 Defaults The default is 256 Command Mode NFPP c...

Page 1239: ...ffer area but generate the syslog immediately With both the number_of_message and length_in_seconds values are 0 it indicates not to write the log to the buffer area but generate the syslog immediatel...

Page 1240: ...mode Usage Guide Use this command to filter the logs and records the logs within the specified VLAN range or the specified port Configuration Examples The following example records the logs in VLAN 1...

Page 1241: ...dress sipv6_masklen Source IPv6 address mask dip Destination IPv4 address dip_mask Destination IPv4 address mask dipv6 Destination IPv6 address dipv6_masklen Length of the destination IPv6 address mas...

Page 1242: ...hat you configured is smaller than current monitored hosts 20 000 please clear a part of monitored hosts to remind the administrator of the invalid configuration and removing the monitored hosts When...

Page 1243: ...od 0 If the isolate period has changed to be 0 the attackers on the interface will be removed rather than being monitored by the software Configuration Examples The following example sets the monitori...

Page 1244: ...ets the global attack threshold Ruijie config nfpp Ruijie config nfpp nd guard attack threshold per port ns na 20 Ruijie config nfpp nd guard attack threshold per port rs 10 Ruijie config nfpp nd guar...

Page 1245: ...ault setting nd guard rate limit per port ns na rs ra redirect pps no nd guard rate limit per port ns na rs ra redirect default nd guard rate limit per port ns na rs ra redirect Parameter Description...

Page 1246: ...ard ratelimit forwarding enable Use this command to disable the ND guard ratelimit forwarding on the interface no nd guard ratelimit forwarding enable Use this command to restore the default setting d...

Page 1247: ...Use the no or default form of this command to restore the default setting nfpp arp guard enable no nfpp arp guard enable default nfpp arp guard enable Parameter Description Parameter Description N A...

Page 1248: ...scription seconds Sets the isolate period The value is 0 or in the range from 30 to 86 400 in the unit of seconds permanent Permanent isolation Defaults By default the isolate period is not configured...

Page 1249: ...he rate limit threshold and the attack threshold are not configured Command Mode Interface configuration mode Usage Guide The attack threshold value shall be equal to or greater than the rate limit th...

Page 1250: ...fig if nfpp arp guard scan threshold 20 Related Commands Command Description arp guard attack threshold Sets the global attack threshold show nfpp arp guard summary Displays the configuration show nfp...

Page 1251: ...per src mac per port rate limit pps attack threshold pps no nfpp define name policy per src ip per src mac per port default nfpp define name policy per src ip per src mac per port Parameter Descriptio...

Page 1252: ...fpp dhcp guard enable no nfpp dhcp guard enable default nfpp dhcp guard enable Parameter Description Parameter Description N A N A Defaults The DHCP anti attack function is not enabled on the interfac...

Page 1253: ...reshold in the range from1 to 19 999 Defaults The rate limit threshold and the attack threshold are not configured by default So the device adopts the rate limit threshold and the attack threshold tha...

Page 1254: ...tion Platform Description N A 21 71 nfpp dhcpv6 guard policy Use this command to set the rate limit threshold and the attack threshold Use the no or default form of this command to restore the default...

Page 1255: ...guration show nfpp dhcpv6 guard hosts Displays the monitored host clear nfpp dhcpv6 guard hosts Clears the isolated host Platform Description N A 21 72 nfpp icmp guard enable Use this command to enabl...

Page 1256: ...t nfpp icmp guard isolate period Parameter Description Parameter Description seconds Sets the isolate period The value is 0 or in the range from 30 to 86 400 in the unit of seconds permanent Permanent...

Page 1257: ...he rate limit threshold and the attack threshold are not configured Command Mode Interface configuration mode Usage Guide The attack threshold value shall be equal to or greater than the rate limit th...

Page 1258: ...elated Commands Command Description ip guard enable Enables the anti ARP attack function show nfpp ip guard summary Displays the configuration Platform Description N A 21 76 nfpp ip guard isolate peri...

Page 1259: ...ip per port default nfpp ip guard policy per src ip per port Parameter Description Parameter Description per src ip Sets the rate limit threshold and the attack threshold for each source IP address pe...

Page 1260: ...store the default setting nfpp ip guard scan threshold pkt cnt no nfpp ip guard scan threshold default nfpp ip guard scan threshold Parameter Description Parameter Description pkt cnt Sets the scan th...

Page 1261: ...the ND anti attack function on the interface Ruijie config interface G0 1 Ruijie config if nfpp nd guard enable Related Commands Command Description nd guard enable Enables the ND anti attack functio...

Page 1262: ...Ruijie config if nfpp nd guard policy per port ns na 50 100 Ruijie config if nfpp nd guard policy per port rs 10 20 Ruijie config if nfpp nd guard policy per port ra redirect 10 20 Related Commands Co...

Page 1263: ...s remain time s 1 Gi0 1 1 1 1 1 110 2 Gi0 2 1 1 2 1 61 3 Gi0 3 0000 0000 1111 110 4 Gi0 4 0000 0000 2222 61 Total 4 hosts Related Commands Command Description clear nfpp arp guard hosts Clears the mon...

Page 1264: ...25 10 4 Gi0 4 0000 0000 0004 2008 01 23 16 26 10 Total 4 record s The following example displays the ARP scan list Ruijie show nfpp arp guard scan vlan 1 interface G 0 1 0000 0000 0001 VLAN interface...

Page 1265: ...the rate limit threshold for the source MAC address the rate limit threshold for the port Attack threshold In the same format as the rate limit Scan threshold Scan threshold Related Commands Command...

Page 1266: ...erface name ip address IP address mac address MAC address ipv6 address IPv6 address Defaults N A Command Mode Privileged EXEC mode Usage Guide This command allows filtering the hosts with parameters s...

Page 1267: ...5 Maximum count of monitored hosts 20000 Monitor period 600s Format of column Rate limit and Attack threshold is per src ip per src mac per port Interface Status Rate limit Attack threshold Global Dis...

Page 1268: ...i attack type Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example displays the trusted host configuration Ruijie show nfpp define trusted host t...

Page 1269: ...ess fail total 100 20 120 The following example displays the monitored host Ruijie show nfpp dhcp guard hosts If column 1 shows it means hardware failed to isolate host VLAN interface MAC address rema...

Page 1270: ...ormat of the rate limit threshold for the source IP address the rate limit threshold for the source MAC address the rate limit threshold for the port Attack threshold In the same format as the rate li...

Page 1271: ...d Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example displays the monitored host Ruijie show nfpp dhcpv6 guard hosts If column 1 shows it means hardware failed to i...

Page 1272: ...he format of the rate limit threshold for the source IP address the rate limit threshold for the source MAC address the rate limit threshold for the port Attack threshold In the same format as the rat...

Page 1273: ...P address Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example displays the monitored host Ruijie show nfpp icmp guard hosts statistics success f...

Page 1274: ...8 100 Gi 0 1 Enable 180 5 8 Gi 0 2 Disable 200 4 60 8 100 Maximum count of monitored hosts 1000 Monitor period 300s Field Description Interface Global Global configuration Status Enables Disables the...

Page 1275: ...ption N A 21 93 show nfpp icmp guard trusted host Use this command to display the trusted host free from being monitored show nfpp icmp guard trusted host Parameter Description Parameter Description N...

Page 1276: ...EXEC mode Usage Guide N A Configuration Examples The following example displays the monitored host Ruijie show nfpp ip guard hosts statistics success fail total 100 20 120 The following example displ...

Page 1277: ...od 300s Field Description Interface Global Global configuration Status Enables Disables the anti attack function Isolate period Isolate period Rate limit In the format of the rate limit threshold for...

Page 1278: ...g monitored show nfpp ip guard trusted host Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following exam...

Page 1279: ...r example NFPP_ARP_GUARD 4 DOS_DETECTED Host IP N A MAC 0000 0000 0004 port Gi4 1 VLAN 1 was detected 2009 07 01 13 00 00 Configuration Examples The following example displays the NFPP log configurati...

Page 1280: ...se this command to display the configuration show nfpp nd guard summary Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration...

Page 1281: ...form Description N A 21 99 show nfpp nd guard hosts Use this command to display the monitored host show nfpp nd guard hosts statistics vlan vid interface interface id Parameter Description Parameter D...

Page 1282: ...configuration of all trusted hosts with the no form of this command Defaults N A Command Mode NFPP define configuration mode Usage Guide The administrator can use this command to set the trusted host...

Page 1283: ...de Usage Guide By default all basic NFPP guards are enabled This global command supports basic NFPP guards including ARP GUARD IP GUARD ICMP GUARD DHCP GUARD DHCPv6 GUARD and ND GUARD The no form comm...

Page 1284: ...nable no dhcp guard enable no dhcpv6 guard enable no nd guard enable Ruijie config nfpp all guard enable Ruijie config nfpp show running config begin nfpp nfpp log buffer enable arp guard rate limit p...

Page 1285: ...N A Configuration Examples The following example enables the anti attack of the self consumption Ruijie config ip deny invalid l4port The following example disables the anti attack of the self consum...

Page 1286: ...ated Commands Command Description show ip deny invalid tcp Displays the state of anti attack of the invalid TCP packets Platform Description N A 22 3 ip deny land Use this command to enable the anti l...

Page 1287: ...meter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The following example displays the state of the anti DOS attack ruijie show ip deny Prot...

Page 1288: ...gainst invalid l4port attack Off Related Commands Command Description N A N A Platform Description N A 22 6 show ip deny invalid tcp Use this command to display the state of the anti attack of the inv...

Page 1289: ...nd to display the anti land attack state show ip deny land Parameter Description Parameter Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage Guide N A Configuration Examples The...

Page 1290: ...ACL QoS Configuration Commands 1 ACL Commands 2 QoS Commands...

Page 1291: ...P ESP PCP PIM and IP or it can be numbers 0 to 255 that represent the IP protocol It is described when some important protocols such as ICMP TCP and UDP are listed individually interface idx Interface...

Page 1292: ...D vid VLAN ID VID inner vid VID of the tag ethernet type Ethernet protocol type 0x value can be entered match all tcpf Match all bits of the TCP flag established Match the RST or ACK bit of the TCP fl...

Page 1293: ...stination mac address destination mac address mask ethernet type cos out inner in 4 Extended expert access list 2700 to 2899 access list id deny permit protocol ethernet type cos out inner in VID out...

Page 1294: ...2700 to 2899 and 700 to 799 deny If not matched access is denied permit If matched access is permitted source Specify the source IP address host address or network address source wildcard It can be d...

Page 1295: ...ypes according to the security needs The standard IP ACL 1 to 99 1300 to 1999 only controls the source IP addresses The extended IP ACL 100 to 199 2000 to 2699 can enforce strict control over the sour...

Page 1296: ...al parameter problem host isolated host precedence unreachable host redirect host tos redirect host tos unreachable host unknown host unreachable information reply information request mask reply mask...

Page 1297: ...as follows A port can be specified by port name and port number bgp chargen cmd daytime discard domain echo exec finger ftp ftp data gopher hostname ident irc klogin kshell ldp login nntp pim auto rp...

Page 1298: ...dgm netbios ns netbios ss ntp pim auto rp rip snmp snmptrap sunrpc syslog tacacs talk tftp time who xdmcp The Ethernet types are as below aarp appletalk decnet iv diagnostic etype 6000 etype 8042 lat...

Page 1299: ...c0c any aarp Ruijie config interface gigabitethernet 1 1 Ruijie config if mac access group 702 in 4 Example of the extended expert ACL The following example shows how to create and display an extended...

Page 1300: ...168 4 12 for ACL100 Ruijie config ip access list extended 100 Ruijie config access list 100 list remark this acl is to filter the host 192 168 4 12 Related Commands Command Description show access li...

Page 1301: ...lowing example writes a comment for an entry in ACL102 Ruijie config access list 102 remark deny host 10 1 1 1 Related Commands Command Description show access lists Displays all access lists includin...

Page 1302: ...ltered After configuration Ruijie end Ruijie clear access list counters Ruijie show access lists ip access list standard 1 10 deny host 50 1 1 2 10 matches 20 permit host 60 1 1 2 15 matches Related C...

Page 1303: ...mand Description expert access list Defines an expert ACL deny Defines a deny ACL entry permit Defines a permits ACL entry Platform Description N A 1 7 deny One or multiple deny conditions are used to...

Page 1304: ...out inner in source source wildcard host source any host source mac address any destinationdestination wildcard host destination any host destination mac address any precedence precedence tos tos fra...

Page 1305: ...low label fragment range lower upper time range time range name match all tcp flag established User Datagram Protocol UDP sn deny udp source ipv6 prefix prefix length host source ipv6 address any oper...

Page 1306: ...eny tcp host 192 168 4 12 eq 100 any Ruijie config ext nacl show access lists ip access list extended ip ext acl 10 deny tcp host 192 168 4 12 eq 100 any Ruijie config ext nacl exit Ruijie config inte...

Page 1307: ...Ruijie config if ipv6 traffic filter v6 acl in Related Commands Command Description show access lists Displays all ACLs ipv6 traffic filter Applies the extended IPv6 ACL on the interface ip access gr...

Page 1308: ...interface 0 1 Ruijie config interface GigaEthernet 0 1 Ruijie config if expert access group accept_00d0f8xxxxxx_only in Related Commands Command Description show access group Displays the ACL configu...

Page 1309: ...Description Parameter Description id Expert access list number 2700 to 2899 name Name of the access list Defaults The counter of the packets matching the expert access list is disabled Command mode Gl...

Page 1310: ...d name no expert access list extended id name Parameter Description Parameter Description id Extended expert access list number 2700 to 2899 name Name of the extended expert access list Defaults N A C...

Page 1311: ...rule is tagged with fragment it will match all packets except for the first fragmentation packet If the access rule is not tagged with fragment all packets including the first and all subsequent frag...

Page 1312: ...Configuration Examples The following example resequences entries of expert access list exp acl Before the configuration Ruijie show access lists expert access list extended exp acl 10 permit ip any a...

Page 1313: ...0 0 Ruijie config if GigabitEthernet 0 0 global ip access group Related Commands Command Description N A N A Platform Description N A 1 15 ip access group Use this command to apply a specific access l...

Page 1314: ...st or extended IP access list Use the no form of the command to remove the access list ip access list extended standard id name no ip access list extended standard id name Parameter Description Parame...

Page 1315: ...IP access list Use the no form of this command to disable the counter ip access list counter id name no ip access list counter id name Parameter Description Parameter Description id IP access list nu...

Page 1316: ...cess list log update interval Parameter Description Parameter Description time For the access rule with the log option a packet hit is output at the interval of ACL logging output The interval ranges...

Page 1317: ...list 1 to 99 1300 to 1999 Extended IP access list 100 to 199 2000 to 2699 name Name of the standard or extended IP access list Defaults Use the default matching mode of fragmentation packets By defaul...

Page 1318: ...ded IP access list start sn Start sequence number Range 1 to 2147483647 inc sn Increment of the sequence number Range 1 to 2147483647 Defaults start sn 10 inc sn 10 Command mode Global configuration m...

Page 1319: ...filter the IPv6 packets through the access list you need to define an IPv6 access list by using the ipv6 access list command Configuration Examples The following example creates an IPv6 access list na...

Page 1320: ...any 7 matches The following example disables the counter of packets matching the IPv6 access list named v6 acl Ruijie config no ipv6 access list v6 acl counter Ruijie config ipv6 nacl show access lis...

Page 1321: ...ommands one per line End with CNTL Z Ruijie config ipv6 access list log update interval 9 Related Commands Command Description ipv6 access list Defines an IPv6 access list deny Defines the deny access...

Page 1322: ...g exit Ruijie show access lists ipv6 access list v6 acl 21 permit ipv6 any any 64 deny ipv6 any any Related Commands Command Description show access lists Displays all access lists Platform Descriptio...

Page 1323: ...l comment remark for an access list Use the no form of this command to remove the remark list remark text no list remark Parameter Description Parameter Description text Comment that describes the acc...

Page 1324: ...ption id MAC access list number The range is from 700 to 799 name Name of the MAC access list in Specifies filtering on the inbound packets out Specifies filtering on the outbound packets Defaults No...

Page 1325: ...s matching the MAC access list to monitor the packets matching and filtering Configuration Examples The following example enables the counter of packet matching the extended MAC access list named mac...

Page 1326: ...address you need to define a MAC access list by using the mac access list extended command Configuration Examples The following command creates an extended MAC access list named mac acl Ruijie config...

Page 1327: ...l configuration mode Usage Guide Use this command to change the order of the access entries Configuration Examples The following example resequences entries of extended MAC access list mac acl Before...

Page 1328: ...dcard host source any operator port port destination destination wildcard host destination any operator port port precedence precedence tos tos fragment range lower upper time range time range name 11...

Page 1329: ...der mac sender mac wildcard host sender mac any target ip target ip wildcard host target ip any 13 Extended IPv6 ACL sn permit protocol source ipv6 prefix prefix length any host source ipv6 address de...

Page 1330: ...figuration procedure is as below Ruijie config ip access list extended 102 Ruijie config ext nacl permit tcp host 192 168 4 12 eq 100 any Ruijie config ext nacl show access lists ip access list extend...

Page 1331: ...e config ipv6 nacl exit Ruijie config interface gigabitethernet 1 1 Ruijie config if ipv6 traffic filter v6 acl in Related Commands Command Description show access lists Displays all access lists ipv6...

Page 1332: ...using this command Configuration Examples The following example configures access redirection Ruijie config interface gigabitEthernet 0 3 Ruijie config if GigabitEthernet 0 3 redirect destination inte...

Page 1333: ...3 3 3 3 0 0 0 0 4 4 4 4 0 0 0 0 Ruijie config ext nacl end Ruijie Related Commands Command Description show access lists Displays all access lists ip access list Defines an IP access list Platform De...

Page 1334: ...access group Parameter Description Parameter Description id Access list number name Name of the access list Defaults Command mode Global configuration mode Usage Guide If a device is configured authe...

Page 1335: ...re the interface as exceptional Configuration Examples The following example configures interface GigaEthernet 1 1 as an exceptional interface of the secure channel Ruijie config interface GigaEtherne...

Page 1336: ...access lists Use this command to display all access lists or the specified access list show access lists id name summary Parameter Description Parameter Description id Access list number name Name of...

Page 1337: ...up Use this command to display the expert access list applied to the interface show expert access group interface interface Parameter Description Parameter Description interface Interface name wlan id...

Page 1338: ...are displayed Configuration Examples Ruijie show ip access group interface gigabitethernet 0 1 ip access group aaa in Applied On interface GigabitEthernet 0 1 Related Commands Command Description ip a...

Page 1339: ...arameter Description interface Interface name Defaults N A Command mode Privileged EXEC mode Usage Guide Use this command to display the MAC access list configured on the interface If no interface is...

Page 1340: ...nterface gigabitEthernet 0 3 acl redirect configuration on interface gigabitEthernet 0 3 redirect destination interface gigabitEthernet 0 3 acl 1 in Related Commands Command Description N A N A Platfo...

Page 1341: ...ACL Commands Configuration Examples The following example enables the SVI filter only for the Layer3 packets Ruijie config svi router acls enable Related Commands Command Description N A N A Platform...

Page 1342: ...ration mode Usage Guide N A Configuration Examples The following example adds reference to the class map named cmap1 Ruijie config class map cmap1 Ruijie config cmap match ip dscp 5 Ruijie config cmap...

Page 1343: ...d me Ruijie config ext macl permit host 1111 2222 3333 any Ruijie config ext macl exit Ruijie config class map cm_acl Ruijie config cmap match access group me Ruijie config cmap exit The following exa...

Page 1344: ...ed Commands Command Description show mls qos queuing Displays information about the queue Platform Description N A 2 4 match Use this command to define a match criteria in class map configuration mode...

Page 1345: ...nterface Use the no form of this command to restore the default setting mls qos cos default cos no mls qos cos Parameter Description Parameter Description default cos CoS value of the interface The ra...

Page 1346: ...onfiguration mode Usage Guide N A Configuration Examples Ruijie config mls qo map cos dscp 8 10 16 18 24 26 32 34 Related Commands Command Description show mls qos maps cos dscp Displays the CoS DSCP...

Page 1347: ...e Use the no or default form of this command to restore the default IP precedence to DSCP mapping mls qos map ip precedence dscp dscp1 dscp8 no mls qos map ip precedence dscp default mls qos map ip pr...

Page 1348: ...ighted round robin scheduling wfq Specifies the weighted fair queuing Defaults The default queue scheduling is wrr Command Mode Global configuration mode Usage Guide N A Configuration Examples The fol...

Page 1349: ...A 2 11 police Use this command to configure traffic policing for a class map in a policy map Use the no form of this command to remove traffic policing for the class map police rate bps burst byte ex...

Page 1350: ...g pmap c police 102400 4096 exceed action dscp 16 Related Commands Command Description show policy map policy map name class class map name Displays the policy map configuration Platform Description N...

Page 1351: ...configure the output queue scheduling policy to SP Use the no or default form of this command to restore the default queue scheduling policy priority queue no priority queue Parameter Description Par...

Page 1352: ...lobal configuration mode Usage Guide N A Configuration Examples The following example maps the CoS 3 5 to the output queue 1 Ruijie config priority queue cos map 1 3 5 Related Commands Command Descrip...

Page 1353: ...n mode Usage Guide N A Configuration Examples The following example configures the minimum interface bandwidth of unicast queue 1 to 5 Mbps and the maximum to 10 Mbps Ruijie config interface gigabitEt...

Page 1354: ...es output rate limiting bps Bandwidth limit value per second The unit is KBits This value depends on the specific product burst size Burst traffic limit value The unit is KBytes This value depends on...

Page 1355: ...on mode Usage Guide N A Configuration Examples The following example applies policy map po to the input direction of interface GigabitEthernet 1 3 Ruijie config interface gigabitethernet 1 3 Ruijie co...

Page 1356: ...age Guide N A Configuration Examples The following example creates policy map pmap1 and adds a reference to class map cmap1 Ruijie config policy map pmap1 Ruijie config pmap class cmap1 The following...

Page 1357: ...N A N A Platform Description N A 2 20 show mls qos interface Use this command to display the QoS configuration of the interface show mls qos interface interface id policers Parameter Description Param...

Page 1358: ...policy map Default trust Indicates the trust mode of the interface Default cos Indicates the default CoS value The following example displays the QoS configuration of all interfaces Ruijie show mls qo...

Page 1359: ...uijie show mls qos maps cos dscp cos dscp 0 0 1 8 2 16 3 24 4 32 5 40 6 48 7 56 The fields in the output of this command are described in the following table Field Description cos Indicates the CoS va...

Page 1360: ...ribed in the following table Field Description dscp Indicates the DSCP value cos Indicates the CoS value mapped The following example displays the IP PRE DSCP mapping Ruijie show mls qos maps ip prec...

Page 1361: ...ription Parameter Description interface interface id ID of interface Defaults N A Command Mode Privileged EXEC mode global configuration mode interface configuration mode Usage Guide N A Configuration...

Page 1362: ...dth weights qid weights 1 3 2 3 3 3 4 3 5 3 6 3 7 3 8 3 wfq bandwidth weights qid weights 1 3 2 4 3 5 4 6 5 7 6 8 7 9 8 10 Interface GigabitEthernet 0 1 Wrr queue bandwidth 1 1 1 1 2 2 2 2 Drr queue b...

Page 1363: ...erface GigabitEthernet 0 1 Wrr queue bandwidth 1 1 1 1 2 2 2 2 Drr queue bandwidth 1 1 2 2 2 2 4 4 Wfq queue bandwidth 1 1 2 2 4 4 4 4 Related Commands Command Description N A N A Platform Description...

Page 1364: ...d Description N A N A Platform Description N A 2 24 show mls qos scheduler Use this command to display the queue scheduling policy show mls qos scheduler interface interface id Parameter Description P...

Page 1365: ...ion virtual group number Virtual group number The range is from 1 to 128 policers Displays the policy map configuration on all virtual groups Defaults None Command Mode Privileged EXEC mode global con...

Page 1366: ...ass map name Parameter Description Parameter Description policy map name Policy map name class map name Class map name Defaults None Command Mode Privileged EXEC mode global configuration mode interfa...

Page 1367: ...Commands Command Description N A N A Platform Description N A 2 27 show qos bandwidth Use this command to display the bandwidth configuration show qos bandwidth interfaces interface id Parameter Desc...

Page 1368: ...minimum bandwidth maximum bandwidth 1 1024 5120 2 0 0 3 0 0 4 0 2048 Total mcast queue minimum bandwidth 1024 Total mcast queue maximum bandwidth 5120 The fields in the output of this command are des...

Page 1369: ...andwidth of minimum and maximum when only multicast queue is displayed Related Commands Command Description N A N A Platform Description N A 2 28 show virtual group Use this command to display the mem...

Page 1370: ...rtual group in interface configuration mode virtual group virtual group number no virtual group virtual group number default virtual group virtual group number Parameter Description Parameter Descript...

Page 1371: ...ts not supporting the SP scheduling policy the weight range is from 1 to 15 Defaults The default queue weight ratio is 1 1 1 1 1 1 1 1 Command Mode Global configuration mode Usage Guide If the weight...

Page 1372: ...Defaults The default queue weight ratio is 1 1 1 1 1 1 1 1 Command Mode Global configuration mode Usage Guide If the weight value is 0 the SP scheduling policy is applied Configuration Examples The fo...

Page 1373: ...Reliability Configuration Commands 1 REUP Commands 2 RLDP Commands 3 DLDP Commands 4 VRRP Commands 5 VRRP Plus Commands 6 IP Event Dampening Commands 7 VSU Commands...

Page 1374: ...tate track group Defaults The port is not added into any link state track group Command Mode Interface configuration mode Usage Guide First create a link state track group and then add a port into the...

Page 1375: ...escription N A 1 3 mac address table move update max update rate Use this command to configure the maximum number of MAC address update packets sent per second mac address table move update max update...

Page 1376: ...Description Parameter Description N A N A Defaults Disabled Command Mode Global configuration mode Usage Guide The dual link backup switchover will lead to the loss of downstream data flow for the MA...

Page 1377: ...ocessing MAC address update packets can still recover downlink data transmission of the uplink device using MAC address update packets but the capability to provide convergence on link failure will be...

Page 1378: ...mac address update messages mac address table move update transit vlan vid no mac address table move update transit vlan Parameter Description Parameter Description vid ID of the VLAN transmitting MA...

Page 1379: ...ijie products add a configuration of MAC address update group Only if all the interfaces are added to a MAC address update group the downstream data transmission be restored rapidly Configuration Exam...

Page 1380: ...Mode Off Preemption Delay 35 seconds Bandwidth Gi0 23 1000 Mbits Gi0 24 1000 Mbits Related Commands Command Description N A N A Platform Description N A 1 10 show link state group Use this command to...

Page 1381: ...e Use this command to display the statistics about the MAC address updates tranceived on the interface show mac address table move update Parameter Description Parameter Description N A N A Defaults N...

Page 1382: ...le update group Use this command to display the mac address table update group information show mac address table update group detail Parameter Description Parameter Description detail Displays the de...

Page 1383: ...rface id no switchport backup Parameter Description Parameter Description interface id Interface ID of the backup link Defaults N A Command Mode Interface configuration mode Usage Guide Enter the prim...

Page 1384: ...igh bandwidth has priority over other interfaces to transmit the data In the forced preemption mode the primary has priority over backup interfaces to transmit the data No preemption event occurs in t...

Page 1385: ...e range Instance range of loading on the backup interface Defaults No VLAN load on the backup interface Command Mode Interface configuration mode Usage Guide MSTP instance mapping can be used to modif...

Page 1386: ...e product of interval multiplying the maximum number of detections is less than the topology convergence time of STP Configuration Examples The following example shows how to set the detection interva...

Page 1387: ...nd Description rldp detect interval Sets the detection interval Platform Description N A 2 3 rldp enable Use this command to enable RLDP globally Use the no form of this command to disable the functio...

Page 1388: ...ction starts only after the neighbor negotiation is successful Receiving the Prob message from the neighbor indicates the neighbor negotiation is successful Configuration Examples The following exampl...

Page 1389: ...t only when the global RLDP is enabled Configuration Examples The following example shows how to configure RLDP detection on fas 0 1 specify the detection type as loop detection and troubleshooting me...

Page 1390: ...dp enable Enables RLDP globally Platform Description N A 2 7 show rldp Use this command to display the RLDP information show rldp interface interface id Parameter Description Parameter Description int...

Page 1391: ...ss is specified statistics about the times that DLDP is down or up on the interface at one or all monitoring points will be cleared If no L3 interface or IP address is specified statistics about the t...

Page 1392: ...e detected indicating the number of consecutive packets received before a down link turns up The value range is from 1 to 200 Defaults By default tick is 100 indicating that the detection interval is...

Page 1393: ...iple of 5 1tick 10 milliseconds Defaults The default is 10 ticks 100 ms Command Mode Global configuration mode Usage Guide This command is used to set the DLDP detection interval If a device does not...

Page 1394: ...are configured the peer device can detect whether the packets arrive in time and whether the link between them is normal This method saves bandwidth and CPU resources You can set DLDP to the active mo...

Page 1395: ...ollowing example sets the DLDP recovery count to 4 Ruijie config Ruijie config dldp resume 4 Related Commands Command Description N A N A Platform Description N A 3 6 dldp retry Use this command to se...

Page 1396: ...a specific Layer 3 interface If a Layer 3 interface is specified this command displays DLDP configuration and statistics at all monitoring points on the Layer 3 interface Configuration Examples The fo...

Page 1397: ...erface Type Ip record time Up count Down count Vl2 Passive 192 168 6 3 2h34m5s 10 9 Field Description record time Time length for recording the number of times that DLDP is up or down The time is disp...

Page 1398: ...les The following example displays the information of all VRRP groups Ruijie show vrrp FastEthernet 0 0 Group 1 State is Backup Virtual IP address is 192 168 201 1 configured Virtual MAC address is 00...

Page 1399: ...e virtual device Platform Description N A 4 2 show vrrp interface Use this command to display the information of the VRRP on the interface show ipv6 vrrp interface type number brief Parameter Descript...

Page 1400: ...wn interval is 9 sec Related Commands Command Description vrrp group ip ip address secondary Enables the VRRP function and set the IP address for the virtual device Platform Description N A 4 3 show v...

Page 1401: ...cription N A 4 4 vrrp accept_mode Use this command to enable the packet accepting function on the IPv6 VRRP virtual router Use the no form of this command to disable this function vrrp ipv6 group acce...

Page 1402: ...cation string no vrrp group authentication Parameter Description Parameter Description group VRRP group number string String for the VRRP group authentication within 8 bytes plaintext password Default...

Page 1403: ...will be min seconds Defaults This function is disabled by default Command Mode Interface configuration mode Usage Guide Use this command to set the reload latency of the VRRP group on the interface wh...

Page 1404: ...to facilitate the identification of the VRRP group Configuration Examples The following example labels the VRRP group 1 on Ethernet interface E0 as Building A Marketing and Administration Ruijie conf...

Page 1405: ...enables the VRRP function on Ethernet interface 0 The VRRP group number is 1 primary IP address of the virtual device is 10 0 1 20 and secondary IP address is 10 0 2 20 Ruijie configure terminal Ruiji...

Page 1406: ...address FE80 1 and 2001 1 Ruijie configure terminal Ruijie config interface GigabitEthernet 0 0 Ruijie config if GigabitEthernet 0 0 no switchport used on the switch Ruijie config if GigabitEthernet...

Page 1407: ...rminal Ruijie config interface GigabitEthernet 0 0 Ruijie config if GigabitEthernet 0 0 no switchport used on the switch Ruijie config if GigabitEthernet 0 0 ip address 10 0 1 1 255 255 255 0 Ruijie c...

Page 1408: ...g if GigabitEthernet 0 0 no switchport used on the switch Ruijie config if GigabitEthernet 0 0 ip address 10 0 1 1 255 255 255 0 Ruijie config if GigabitEthernet 0 0 vrrp 1 ip 10 0 1 20 Ruijie config...

Page 1409: ...one second Command Mode Interface configuration mode Usage Guide If the current device becomes the master device in the VRRP group it will notify its VRRP status priority and other information by sen...

Page 1410: ...config interface GigabitEthernet 0 0 Ruijie config if GigabitEthernet 0 0 no switchport used on the switch Ruijie config if GigabitEthernet 0 0 ipv6 enable Ruijie config if GigabitEthernet 0 0 ipv6 ad...

Page 1411: ...VRRP group 1 vrrp ipv6 1 timers learn Ruijie configure terminal Ruijie config interface GigabitEthernet 0 0 Ruijie config if GigabitEthernet 0 0 no switchport used on the switch Ruijie config if Gigab...

Page 1412: ...IPv6 VRRP ipv4 address Monitored IPv4 address With BFD configured it refers to the neighbor IP address interval interval value The interval of time to probe whether the monitored ip address is reacha...

Page 1413: ...vrrp 1 ip 10 0 1 20 Ruijie config if GigabitEthernet 0 0 vrrp 1 priority 254 Ruijie config if GigabitEthernet 0 0 vrrp 1 track GigabitEthernet 1 1 30 Related Commands Command Description vrrp group i...

Page 1414: ...uijie config interface GigabitEthernet 0 0 Ruijie config if GigabitEthernet 0 0 no switchport used on the switch Ruijie config if GigabitEthernet 0 0 ip address 10 0 1 1 255 255 255 0 Ruijie config if...

Page 1415: ...Examples The following example displays the details of all VRRP Plus groups Ruijie show vrrp balance VLAN 1 Group 1 State is BVG Virtual IP address is 192 168 1 54 Hello time 1 sec hold time 3 sec Loa...

Page 1416: ...ription interface type number Specifies the interface type and number brief Optional Displays the brief information Defaults N A Command Mode Privileged EXEC mode Global configuration mode Interface c...

Page 1417: ...d to disable this function vrrp group balance no vrrp group balance Parameter Description Parameter Description group Enables the VRRP Plus function on the VRRP of specified group ID Defaults VRRP Plu...

Page 1418: ...preemption is enabled Command Mode Interface configuration mode Usage Guide N A Configuration Examples The following example enables the forwarding preemption function of the VRRP Plus backup group o...

Page 1419: ...weighted Sets the weight balancing policy so as to perform the ARP reply based on the device weight of the backup group Defaults The default is round robin Command Mode Interface configuration mode Us...

Page 1420: ...14 400 seconds Command Mode Interface configuration mode Usage Guide The VRRP Plus function should be enabled before setting the redirection interval and timeout of the proxy virtual MAC address for t...

Page 1421: ...Weight upper 100 Command Mode Interface configuration mode Usage Guide The VRRP Plus function should be enabled before setting the weight and threshold of the VRRP Plus backup group Configuration Exa...

Page 1422: ...start penalty Configures the initial penalty value on the interface The range is from 1 to 20 000 The default value is 2 000 Defaults IP event dampening is disabled by default Command mode Interface c...

Page 1423: ...command to show the statistics of the dampening interface show dampening interface Parameter Description Parameter Description N A N A Defaults N A Command mode Privileged EXEC mode global configurati...

Page 1424: ...figuration Ruijie show interface dampening Ethernet1 0 Flaps Penalty Supp ReuseTm HalfL ReuseV SuppV MaxSTm MaxP Restart 0 0 FALSE 0 5 1000 2000 20 16000 0 Domain Description Flaps Interface flapping...

Page 1425: ...nterface aggregateport 1 Ruijie config if AggregatePort 1 dad relay enable The following example disables the AP based DAD relay function Ruijie config interface aggregateport 1 Ruijie config if Aggre...

Page 1426: ...config if GigabitEthernet 2 1 1 no switchport Ruijie config switch virtual domain 1 Ruijie config vs domain dual active bfd interface GigabitEthernet 1 1 1 Ruijie config vs domain dual active bfd int...

Page 1427: ...figures a DAD interface dual active exclude interface Configures an exclude interface of DAD show switch virtual dual active Displays the configuration and status of DAD Platform Description N A 7 4 d...

Page 1428: ...erface Parameter Description Parameter Description interface name Interface type and interface number An AP based DAD interface must be specified Defaults N A Command Mode config vs domain configurati...

Page 1429: ...ace you must specify its optical or copper interface attribute For chassis devices VSL interfaces must be optical interfaces of 10 Gigabit or higher for box devices VSL interfaces can be optical and c...

Page 1430: ...g example displays the device ID in the standalone mode Ruijie show switch id Switch ID is 2 The following example displays the device ID in the VSU device Ruijie show switch id Switch ID is 1 Related...

Page 1431: ...1 1 1 1 100 100 OK ACTIVE switch 1 2 2 1 1 100 100 OK CANDIDATE switch 2 3 3 1 1 100 100 OK STANDBY switch 3 Related Commands Command Description switch Modifies the device ID in standalone mode swit...

Page 1432: ...isplay the VSU configuration of the device in standalone or VSU mode show switch virtual config switch_id Parameter Description Parameter Description switch_id Displays the VSU configuration of the sp...

Page 1433: ...onvert mode virtual switch_id 2 mac 00d0 f810 2222 switch virtual domain 1 switch 2 switch 2 priority 100 vsl port port member interface GigabitEthernet Ethernet 0 1 port member interface GigabitEther...

Page 1434: ...ples The following example displays the configuration and status of DAD Ruijie show switch virtual dual active summary BFD dual active detection enabled Yes Aggregateport dual active detection enabled...

Page 1435: ...switch virtual link Use this command to display the status of a virtual switch link VSL show switch virtual link port Parameter Description Parameter Description port Displays the port status of a VS...

Page 1436: ...stem show switch virtual role Displays the ID role and priority of each device Platform Description N A 7 13 show switch virtual role Use this command to display the ID role and priority of each chass...

Page 1437: ...mation Platform Description N A 7 14 show switch virtual topology Use this command to display the VSU topology connection status show switch virtual topology Parameter Description Parameter Descriptio...

Page 1438: ...the role of the just started chassis is uncertain and both have the same priority the chassis with a smaller ID is elected as the active one This command can be only used to modify the device ID in s...

Page 1439: ...g text file The active chassis also prompts you whether to use the standalone text file to overwrite the config text file and restart the device The switch convert mode command can be used in standalo...

Page 1440: ...num When the error count exceeds the time_num the device will take actions prompting a message or disabling the port Defaults The default error_num is 3 The default time_num is 10 Command Mode config...

Page 1441: ...nfig vs domain exit Related Commands Command Description N A N A Platform Description N A 7 19 switch domain Use this command to modify the domain ID of a device in VSU mode Use the no form of this co...

Page 1442: ...ription N A 7 20 switch priority Use this command to configure the priority of a device in the VSU system Use the no form of this command to restore the default setting switch switch_id priority prior...

Page 1443: ...as the ID and role of each chassis Platform Description N A 7 21 switch renumber Use this command to modify the ID of any device in VSU mode Use the no form of this command to restore the default set...

Page 1444: ...this command to enable the locally preferred forwarding function on the AP in VSU mode Use the no form of this command to disable this function switch virtual aggregateport lff enable no switch virtua...

Page 1445: ...thin the local area network LAN Configuration Examples The following example sets the domain ID of the VSU to 1 in standalone mode Ruijie config switch virtual domain 1 Ruijie config vs domain Related...

Page 1446: ...sl port Use this command to enter VSL PORT mode vsl port Parameter Description Parameter Description N A N A Defaults N A Command Mode Global configuration mode Usage Guide This command is configured...

Page 1447: ...Network Management Monitoring Commands 1 SNMP Commands 2 RMON Commands 3 NTP Commands 4 SNTP Commands 5 SPAN RSPAN Commands 6 sFlow Commands 7 ERSPAN Commands...

Page 1448: ...ollowing example disables the SNMP agent Ruijie config no snmp server Related Commands Command Description N A N A Platform Description N A 1 2 show snmp Use this command to display the SNMP configura...

Page 1449: ...e supplied 0 Encoding errors 0 Number of requested variables 0 Number of altered variables 0 Get request PDUs 0 Get next PDUs 0 Set request PDUs 0 SNMP packets output 0 Too big errors Maximum packet s...

Page 1450: ...isables the interface to send link traps Ruijie config interface gigabitEthernet 1 1 Ruijie config if GigabitEthernet 1 1 no snmp trap link status The following example enables the interface to send l...

Page 1451: ...6 ipv6 aclname aclnum aclname no snmp server community 0 7 string Parameter Description Parameter Description 0 Indicates that the community string is in plaintext 7 Indicates that the community strin...

Page 1452: ...an access list Platform Description N A 1 6 snmp server contact Use this command to specify the system contact string Use the no form of this command to remove the system contact string snmp server c...

Page 1453: ...cation trap message Defaults Sending trap message to the NMS is disabled by default Command mode Global configuration mode Usage Guide This command must be used together with the snmp server host comm...

Page 1454: ...mp server group Use this command to configure a new SNMP group Use the no form of this command to remove a specified SNMP group snmp server group groupname v1 v2c v3 auth noauth priv read readview wri...

Page 1455: ...ser v3 priv read mib2 Related Commands Command Description show snmp group Displays the SNMP group configuration Platform Description N A 1 10 snmp server host Use this command to specify the SNMP hos...

Page 1456: ...ame host different combination of SNMP trap messages can be configured Configuration Examples The following example specifies an SNMP host to receive the SNMP event trap Ruijie config snmp server host...

Page 1457: ...e system location string Use the no form of this command to remove the system location string snmp server location text no snmp server location Parameter Description Parameter Description text String...

Page 1458: ...rk element coding information is configured by default Command mode Global configuration mode Usage Guide N A Configuration Examples The following example configures the network element coding text to...

Page 1459: ...Use the no form of this command to restore the default value snmp server queue length length no snmp server queue length Parameter Description Parameter Description length Queue length The range is fr...

Page 1460: ...reload function which may enable the system to send the device reload traps to the NMS before the device is reloaded or rebooted Configuration Examples The following example enables the SNMP message r...

Page 1461: ...mp server trap source Use this command to specify the source interface of the SNMP trap message Use the no form of this command to restore the default value snmp server trap source interface no snmp s...

Page 1462: ...nmp server trap timeout Parameter Description Parameter Description seconds Timeout in seconds of retransmit the SNMP trap message The range is from 1 to 1 000 Defaults The default is 30 seconds Comma...

Page 1463: ...eter Description port number Specifies a port to receive the SNMP packets Defaults The default is 161 Command mode Global configuration mode Usage Guide N A Configuration Examples The following exampl...

Page 1464: ...ch authentication level should be used auth password Password string no more than 32 characters used by the authentication protocol The system will change the password to the corresponding authenticat...

Page 1465: ...Description view name View name oid tree Specifies the MIB object to associate with the view include Includes the sub trees of the MIB object in the view exclude Excludes the sub trees of the MIB obj...

Page 1466: ...the system invokes the delta value of the variable within the sampling interval rising threshold value Rising threshold and the corresponding event number when the threshold is reached The threshold r...

Page 1467: ...buckets bucket number Capacity of a history entry that is the maximum number of history entries The value ranges from 1 to 65 535 The default value is 10 interval seconds Statistics period The unit i...

Page 1468: ...he interface where the entry configured Examples The example below enables monitoring the statistics of interface GigabitEthernet 0 1 Ruijie configure terminal Enter configuration commands one per lin...

Page 1469: ...orresponding events However the modification does not take effect immediately until the system triggers the monitoring event at the next time Examples The example below defines the event actions log e...

Page 1470: ...o127Octets 1833370 packets128To255Octets 2098146 packets256To511Octets 126716 packets512To1023Octets 363621 packets1024To1518Octets 1077865 rmon history control table index 1 interface GigabitEthernet...

Page 1471: ...wner UserA status 1 rmon event table index 1 description ifInNUcastPkts is abnormal type 4 community public lastTimeSent 0d 0h 0m 0s owner UserA status 1 rmon log table eventIndex 1 index 1 logTime 6...

Page 1472: ...UserA status 1 Related commands Command Description rmon alarm number variable interval absolute delta rising threshold value event number falling threshold value event number owner ownername Adds an...

Page 1473: ...ownername Adds an event entry 2 8 show rmon history Use this command to display the history information show rmon history Default N A Command mode Privileged EXEC mode Usage guidelines N A Examples T...

Page 1474: ...nds Adds a history control entry 2 9 show rmon statistics Use this command to display the RMON statistics show rmon statistics Default N A Command mode Privileged EXEC mode Usage guidelines N A Exampl...

Page 1475: ...4Octets 3254668 packets65To127Octets 1833370 packets128To255Octets 2098146 packets256To511Octets 126716 packets512To1023Octets 363621 packets1024To1518Octets 1077865 Related commands Command Descripti...

Page 1476: ...g example disables NTP Ruijie config no ntp Related Commands Command Description ntp server Specifies an NTP server Platform Description N A 3 2 ntp access group Use this command to configure an acces...

Page 1477: ...use the NTP authentication mechanism The NTP service enables the access group options to be scanned in the following order from least restrictive to most restrictive peer serve serve only query only I...

Page 1478: ...mples After an authentication key is configured and specified as the global trusted key enable NTP authentication Ruijie config ntp authentication key 6 md5 wooooop Ruijie config ntp trusted key 6 Rui...

Page 1479: ...t only one key Configuration Examples The following example configures an NTP authentication key Ruijie config ntp authentication key 6 md5 wooooop Related Commands Command Description ntp authenticat...

Page 1480: ...ange is from 1 to 15 The default is 8 Defaults N A Command mode Global configuration mode Usage Guide In general the local device synchronizes time from the external time source directly or indirectly...

Page 1481: ...6 format domain Sets the domain name of the NTP server supporting IPv4 and IPv6 version Optional Specifies the NTP version 1 3 The default is NTPv3 if name Optional Specifies the source interface from...

Page 1482: ...cription no ntp Disables NTP Platform Description N A 3 8 ntp trusted key Use this command to set a global trusted key Use the no form of this command to remove the global trusted key ntp trusted key...

Page 1483: ...ption N A N A Defaults By default update the calendar periodically is not configured Command mode Global configuration mode Usage Guide By default the NTP update calendar is not configured After confi...

Page 1484: ...on 10 2 None None FALSE 3 192 168 210 222 None None FALSE 3 Related Commands Command Description N A N A Platform Description N A 3 11 show ntp status Use this command to display the NTP configuration...

Page 1485: ...d stratum 8 reference is 127 127 1 1 nominal freq is 250 0000 Hz actual freq is 250 0000 Hz precision is 2 24 reference time is D4BD819B 433892EE 01 27 55 000 UTC clock offset is 0 00000 sec root dela...

Page 1486: ...sage Guide N A Configuration Examples The following example displays the SNTP configuration Ruijie show sntp SNTP state Enable SNTP server 192 168 4 12 SNTP sync interval 60 Time zone 8 Related Comman...

Page 1487: ...mand to restore the default synchronization interval sntp interval seconds no sntp interval Parameter Description Parameter Description seconds Synchronization interval The unit is second and the rang...

Page 1488: ...he domain name of the SNTP server source ip address Optional Indicates the specified source IP address Defaults No SNTP server is configured by default Command mode Global configuration mode Usage Gui...

Page 1489: ...igures a remote VLAN Ruijie config vlan 100 Ruijie config vlan remote span Ruijie config vlan exit The following example configures a session and specifies the mirrored port Ruijie config monitor sess...

Page 1490: ...command to configure the remote SPAN session ID on the destination device monitor session session num remote destination Use this command to configure the remote SPAN session and specify the remote S...

Page 1491: ...id list VLAN list remote VLAN excluded rx Monitors the only received traffic tx Monitors the only transmitted traffic both Monitors both received and transmitted traffic This is the default switch Ena...

Page 1492: ...e following example removes the source port and destination port of the SPAN session Ruijie config no monitor session 1 source interface gigabitEthernet 0 18 Ruijie config no monitor session 1 destina...

Page 1493: ...ommands Command Description show vlan Displays VLAN configuration Platform Description N A 5 4 show monitor Use this command to display the SPAN configurations show monitor session session_number Para...

Page 1494: ...pe LOCAL_SPAN src intf TenGigabitEthernet 0 3 frame type Both dest intf The following example displays SPAN session 1 Ruijie config show monitor session 1 sess num 1 span type LOCAL_SPAN src intf TenG...

Page 1495: ...d EXEC mode enter the end command or the Ctrl C key combination To return to global configuration mode enter the exit command Configuration Examples The following example configures the destination IP...

Page 1496: ...sessions Platform Description N A 6 3 ip ttl Use this command to configure the TTL value of the IP packets Use the no form of this command to restore the default setting ip ttl ttl value no ip ttl Par...

Page 1497: ...tion mode Usage Guide To return to privileged EXEC mode enter the end command or the Ctrl C key combination To return to global configuration mode enter the exit command Configuration Examples The fol...

Page 1498: ...fig monitor session 2 erspan source Ruijie config mon erspan src origin ip address 11 1 1 2 Related Commands Command Description show monitor Displays the mirror sessions Platform Description N A 6 6...

Page 1499: ...interface source interface single interface rx acl acl name Parameter Description Parameter Description single interface Source interface of the mirror rx Receives only the traffic of Rx direction tx...

Page 1500: ...Command Reference ERSPAN Commands Related Commands Command Description show monitor Displays the mirror sessions Platform Description N A...

Page 1501: ...ipv6 interface name Interface of IPv6 address Defaults Command Mode Global configuration mode Default Level 14 Usage Guide This command is used to configure the Agent IP address field in the output s...

Page 1502: ...ption collector id sFlow Collector ID The range is from 1 to 2 ip address sFlow Collector IPv4 address ipv6 ipv6 address sFlow Collector IPv6 address udp port sFlow Collector listening port number Def...

Page 1503: ...sflow collector collector id max datagram size Parameter Description Parameter Description collector id sFlow Collector ID The range is from 1 to 2 max datagram size datagram size The maximum length o...

Page 1504: ...Description collector id sFlow Collector ID The range is from 1 to 2 Defaults Command Mode Interface configuration mode Default Level 14 Usage Guide This command can be used for physical ports SVI po...

Page 1505: ...d Defaults The default sFLow counter sampling interval is 30 seconds Command Mode Global configuration mode Default Level 14 Usage Guide This command is used to configure the global sFlow counter samp...

Page 1506: ...ted ports and aggregate ports sFlow datagram can be output only when an IP address is configured for the corresponding sFlow Collector If the direction parameter is not specified sampling on both dire...

Page 1507: ...nding sFlow Collector Configuration Examples The following example enables interface TenGigabitEthernet 0 5 to send flow samples to sFlow Collector 2 Ruijie config if TenGigabitEthernet 0 5 sflow flow...

Page 1508: ...e Configuration Examples The following example sets the maximum length of the packet header copied during sFlow flow sampling to 128 bytes Ruijie config sflow flow max header 128 Verification Use the...

Page 1509: ...of sFlow flow sampling and sFlow flow sampling of all interfaces uses this sampling rate Configuration Examples The following example sets the sFlow flow sampling rate to 4 096 Ruijie config sflow sa...

Page 1510: ...can be configured by using the sflow Agent address ip address ipv6 ipv6 address command sflow counter interval Counter sampling interval sflow flow max header The maximum length of bytes of the packet...

Search results

Summary of Contents for RG-S29 Series

Reviews:

Related manuals for RG-S29 Series

Brands by name

Popular brands

Ruijie RG-S29 Series, Command Reference Manual

Search results

Summary of Contents for RG-S29 Series

Reviews:

Related manuals for RG-S29 Series

Brands by name

Popular brands