TP-Link T1600-28TS Cli Reference Manual Download Page 117 | Manualshive

Page: 117 / 365

background image

101

Chapter 15

IEEE 802.1X Commands

IEEE 802.1X function is to provide an access control for LAN ports via the authentication. An
802.1X system include three entities: supplicant, authenticator and authentication server.



Supplicant: the device that requests access to the LAN.



Authentication server: performs the actual authentication of the supplicant. It validates the
identity of the supplicant and notifies the authenticator whether or not the supplicant is
authorized to access the LAN.



Authenticator: controls the physical access to the network based on the authentication
status of the supplicant. It is usually an 802.1X-supported network device, such as this
TP-Link switch. It acts as an intermediary (proxy) between the supplicant and the
authentication server, requesting identity information from the supplicant, verifying that
information with the authentication server, and relaying a response to the supplicant.

This chapter handles with the authentication process between the supplicant and the switch.
To realize the authentication and accounting function, you should also enbable the AAA
function and configure the RADIUS server. Go to

Chapter 34 AAA Commands

for more details.

15.1

dot1x system-auth-control

Description

The

dot1x

system-auth-control

command is used to enable the IEEE 802.1X

function globally. To disable the IEEE 802.1X function, please use

no dot1x

system-auth-control

command.

Syntax

dot1x system-auth-control
no dot1x system-auth-control

Command Mode

Global Configuration Mode

Privilege Requirement

Only Admin, Operator and Power User level users have access to these
commands.

Example

Enable the IEEE 802.1X function:

«
...
115
116
117
118
119
...
»

Summary of Contents for T1600-28TS

Page 1: ...CLI Reference Guide T1600G Series Switches REV2 0 0 1910011957...

Page 2: ...e trademarks or registered trademarks of their respective holders No part of the specifications may be reproduced in any form or by any means or used to make any derivative such as translation transfo...

Page 3: ...terface 15 2 1 enable 15 2 2 service password encryption 15 2 3 enable password 16 2 4 enable secret 17 2 5 configure 18 2 6 exit 19 2 7 end 19 2 8 history 20 2 9 history clear 20 Chapter 3 IEEE 802 1...

Page 4: ...e 38 6 6 switchport voice vlan security 38 6 7 show voice vlan 39 6 8 show voice vlan oui 39 6 9 show voice vlan switchport 40 Chapter 7 Etherchannel Commands 42 7 1 channel group 42 7 2 port channel...

Page 5: ...ding 66 10 2 ip dhcp snooping 67 10 3 ip dhcp snooping vlan 68 10 4 ip dhcp snooping information option 69 10 5 ip dhcp snooping information strategy 69 10 6 ip dhcp snooping information remote id 70...

Page 6: ...3 5 logging file flash level 90 13 6 logging host index 90 13 7 logging monitor 91 13 8 logging monitor level 92 13 9 clear logging 93 13 10 show logging local config 93 13 11 show logging loghost 94...

Page 7: ...ddress table max mac count 116 16 7 mac address table security 118 16 8 show mac address table 119 16 9 clear mac address table 119 16 10 show mac address table aging time 120 16 11 show mac address t...

Page 8: ...show startup config 144 17 27 show system time 144 17 28 show system time dst 145 17 29 show system time ntp 145 17 30 show cable diagnostics interface gigabitEthernet 146 17 31 show cpu utilization 1...

Page 9: ...qos queue cos map 167 20 4 qos queue dscp map 168 20 5 qos queue mode 169 20 6 qos queue weight 170 20 7 show qos interface 172 20 8 show qos cos map 172 20 9 show qos dscp map 173 20 10 show qos queu...

Page 10: ...92 24 9 access list bind acl interface 193 24 10 access list bind acl vlan 193 24 11 access list bind interface 194 24 12 access list bind vlan 195 24 13 show access list 195 24 14 show access list po...

Page 11: ...ority 217 26 13 spanning tree tc defend 218 26 14 spanning tree timer 219 26 15 spanning tree hold count 220 26 16 spanning tree max hops 220 26 17 spanning tree bpdufilter 221 26 18 spanning tree bpd...

Page 12: ...entication 242 27 19 ip igmp snooping accounting 243 27 20 ip igmp profile 244 27 21 deny 244 27 22 permit 245 27 23 range 245 27 24 ip igmp filter 246 27 25 clear ip igmp snooping statistics 247 27 2...

Page 13: ...statistics 269 28 24 show ipv6 mld snooping 269 28 25 show ipv6 mld snooping interface 270 28 26 show ipv6 mld snooping vlan 270 28 27 show ipv6 mld snooping multi vlan 271 28 28 show ipv6 mld snoopin...

Page 14: ...99 30 5 lldp transmit 300 30 6 lldp snmp trap 300 30 7 lldp tlv select 301 30 8 lldp med fast count 302 30 9 lldp med status 302 30 10 lldp med tlv select 303 30 11 lldp med location 304 30 12 show ll...

Page 15: ...route 323 32 19 show ipv6 route summary 323 Chapter 33 SDM Template Commands 325 33 1 sdm prefer 325 33 2 show sdm prefer 326 Chapter 34 AAA Commands 327 34 1 aaa enable 327 34 2 tacacas server host 3...

Page 16: ...tp enable authentication 342 34 23 show aaa global 343 Chapter 35 DHCP Relay Commands 344 35 1 service dhcp relay 344 35 2 ip helper address 344 35 3 ip dhcp relay information 345 35 4 ip dhcp relay i...

Page 17: ...C based VLAN Commands Provide information about the commands used for configuring MAC based VLAN Chapter 5 Protocol VLAN Commands Provide information about the commands used for configuring Protocol V...

Page 18: ...dress Configuration Commands Provide information about the commands used for configuring the System IPv6 addresses Chapter 19 Ethernet Configuration Commands Provide information about the commands use...

Page 19: ...Protocol functions Chapter 30 LLDP Commands Provide information about the commands used for configuring LLDP function Chapter 31 ARP Commands Provide information about the commands used for configuri...

Page 20: ...an Ethernet port 1 1 1 Logon by Telnet To log on to the switch by a Telnet connection please take the following steps 1 Click Start and type in cmd in the Search programs and files window and press t...

Page 21: ...log on by SSH a Putty client software is recommended There are two authentication modes to set up an SSH connection Password Authentication Mode It requires username and password which are both admin...

Page 22: ...Authentication Mode 1 Open the software to log on to the interface of PuTTY Enter the IP address of the switch into Host Name field keep the default value 22 in the Port field select SSH as the Connec...

Page 23: ...r Privileged EXEC Mode so you can continue to configure the switch Figure 1 6 Log on the Switch Key Authentication Mode 1 Select the key type and key length and generate SSH key Figure 1 7 Generate SS...

Page 24: ...ave the public key and private key to a TFTP server Figure 1 8 Save the Generated Key 3 Log on to the switch by Telnet and download the public key file from the TFTP server to the switch as the follow...

Page 25: ...ccord with the type of the key file 2 The SSH key downloading can not be interrupted 4 After the public key is downloaded please log on to the interface of PuTTY and enter the IP address for login Fig...

Page 26: ...ease enter the login user name If you log on to the switch without entering password it indicates that the key has been successfully downloaded Figure 1 12 Log on the Switch 1 2 CLI Command Modes The...

Page 27: ...o enter this mode from User EXEC mode T1600G 52TS Enter the exit command to return to User EXEC mode Enter configure command to access Global Configuration mode Global Configuration Mode Use the confi...

Page 28: ...l Configuration mode Use the interface loopback id command to enter Loopback Interface mode from Global Configuration mode T1600G 52TS config if or T1600G 52TS config if rang e Use the switchport comm...

Page 29: ...lobal that means they can be performed in all modes show display all information of switch for example statistic information port information VLAN information history Display the commands history 1 3...

Page 30: ...l Characters You should pay attentions to the description below if the variable is a character string These six characters can not be input If a blank is contained in a character string single or doub...

Page 31: ...S enable Enter password T1600G 52TS 2 2 service password encryption Description The service password encryption command is used to encrypt the password when the password is defined or when the configu...

Page 32: ...enable password Parameter 0 Specify the encryption type 0 indicates that an unencrypted password will follow By default the encryption type is 0 password Super password a string from 1 to 31 alphanum...

Page 33: ...rom User EXEC Mode To return to the default configuration please use no enable secret command This command uses the MD5 encryption Syntax enable secret 0 password 5 encrypted password no enable secret...

Page 34: ...the secret password as admin and unencrypted to access Privileged EXEC Mode from User EXEC Mode The password will be displayed in the encrypted form T1600G 52TS config enable secret 0 admin 2 5 config...

Page 35: ...e Configuration Mode and then return to Privileged EXEC Mode T1600G 52TS config if exit T1600G 52TS config exit T1600G 52TS 2 7 end Description The end command is used to return to Privileged EXEC Mod...

Page 36: ...ommands you have entered in the current mode T1600G 52TS config history 1 history 2 9 history clear Description The history clear command is used to clear the commands you have entered in the current...

Page 37: ...21 Example Clear the commands you have entered in the current mode T1600G 52TS config history clear...

Page 38: ...1 vlan Description The vlan command is used to create IEEE 802 1Q VLAN and enter VLAN Configuration Mode To delete the IEEE 802 1Q VLAN please use no vlan command Syntax vlan vlan list no vlan vlan li...

Page 39: ...to 4094 Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Create VLAN Interface 2 T1600G 52TS config in...

Page 40: ...ed vlan vlan list Parameter vlan list Specify IEEE 802 1Q VLAN ID list ranging from 2 to 4094 in the format of 2 3 5 It is multi optional tagged untagged Egress rule untagged or tagged Tagged All pack...

Page 41: ...annel interface range port channel Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Specify the PVID of port 1 0 2 as 2 T1600G 52TS config int...

Page 42: ...n Mode Privilege Requirement None Example Display the brief information of IEEE 802 1Q VLAN T1600G 52TS config show vlan brief 3 8 show vlan Description The show vlan command is used to display the in...

Page 43: ...he IEEE 802 1Q VLAN configuration information of the specified port LAG Syntax show interface switchport gigabitEthernet port port channel lagid Parameter port The port number lagid The ID of the LAG...

Page 44: ...vlan mac address command Syntax mac vlan mac address mac addr vlan vlan id description descript no mac vlan mac address mac addr Parameter mac addr MAC address in the format of XX XX XX XX XX XX vlan...

Page 45: ...gabitEthernet interface ten gigabitEthernet interface range ten gigabitEthernet Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Enable the Gi...

Page 46: ...MAC based VLAN entry T1600G 52TS config show mac vlan all 4 4 show mac vlan interface Description The show mac vlan interface command is used to display the port state of MAC based VLAN Syntax show ma...

Page 47: ...name protocol name frame ether_2 ether type type snap ether type type llc dsap dsap_type ssap ssap_type no protocol vlan template template idx Parameter protocol name Give a name for the Protocol bas...

Page 48: ...vlan vid Specify IEEE 802 1Q VLAN ID ranging from 1 4094 template idx The number of the Protocol based VLAN Template You can get the template corresponding to the number by the show protocol vlan temp...

Page 49: ...gabitEthernet interface range gigabitEthernet interface ten gigabitEthernet interface range ten gigabitEthernet Privilege Requirement Only Admin Operator and Power User level users have access to thes...

Page 50: ...rotocol vlan vlan Description The show protocol vlan vlan command is used to display the information about Protocol based VLAN entry Syntax show protocol vlan vlan Command Mode Privileged EXEC Mode an...

Page 51: ...n To disable Voice VLAN function please use no voice vlan command Syntax voice vlan vlan id no voice vlan Parameter vlan id Specify IEEE 802 1Q VLAN ID ranging from 2 to 4094 Command Mode Global Confi...

Page 52: ...e aging time for the Voice VLAN as 1 minute T1600G 52TS config voice vlan aging 1 6 3 voice vlan priority Description The voice vlan priority command is used to configure the priority for the Voice VL...

Page 53: ...OUI address of the voice device in the format of XX XX XX XX XX XX mask The OUI address mask of the voice device in the format of XX XX XX XX XX XX descript Give a description to the OUI for identific...

Page 54: ...vilege Requirement Only Admin Operator and Power User level users have access to these commands Example Configure the port 1 0 3 to operate in the auto voice VLAN mode T1600G 52TS config interface gig...

Page 55: ...if switchport voice vlan security 6 7 show voice vlan Description The show voice vlan command is used to display the global configuration information of Voice VLAN Syntax show voice vlan Command Mode...

Page 56: ...nd is used to display the Voice VLAN configuration information of a specified port LAG Syntax show voice vlan switchport gigabitEthernet port port channel lagid Parameter port The Ethernet port number...

Page 57: ...41 T1600G 52TS config show voice vlan switchport gigabitEthernet 1 0 2...

Page 58: ...rts into a single logical link which will highly extend the bandwidth and flexibly balance the load 7 1 channel group Description The channel group command is used to add a port to the EtherChannel Gr...

Page 59: ...f the packets dst mac The destination MAC address When this option is selected the Aggregate Arithmetic will be based on the destination MAC address of the packets src dst mac The source and destinati...

Page 60: ...ommand is used to configure the LACP system priority globally To return to the default configurations please use no lacp system priority command Syntax lacp system priority pri no lacp system priority...

Page 61: ...terface gigabitEthernet interface range gigabitEthernet Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Configure the LACP port priority as 1...

Page 62: ...EXEC Mode and Any Configuration Mode Privilege Requirement None Example Display the detailed information of EtherChannel Group 1 T1600G 52TS config show etherchannel 1 detail 7 6 show etherchannel lo...

Page 63: ...ll LACP groups internal The internal LACP information neighbor The neighbor LACP information Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None Example Display the...

Page 64: ...48 Example Display the LACP system priority T1600G 52TS config show lacp sys id...

Page 65: ...of different functions operator means that you can edit modify and view most of the settings of different functions power user means that you can edit modify and view some of the settings of differen...

Page 66: ...nk privilege admin password 0 admin 8 2 user name secret Description The user name command is used to add a new user or modify the existed users information To delete the existed users please use no u...

Page 67: ...ncrypted password An MD5 encrypted password with fixed length which you can copy from another switch s configuration file Command Mode Global Configuration Mode Privilege Requirement Only Admin level...

Page 68: ...ilege Requirement Only Admin and Operator level users have access to these commands Example Enable the access control of the user whose IP address is 192 168 0 148 T1600G 52TS config user access contr...

Page 69: ...ac based 00 00 13 0A 00 01 8 5 user access control port based Description The user access control port based command is used to limit the ports for accessing Only the users connected to these ports yo...

Page 70: ...o enable the Telnet function To disable the Telnet function please use the telnet disable command This function is enabled by default Syntax telnet enable telnet disable Command Mode Global Configurat...

Page 71: ...used to display the security configuration information of the user authentication information and the access interface Syntax show user configuration Command Mode Privileged EXEC Mode and Any Configur...

Page 72: ...56 Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None Example Display whether the Telnet function is enabled T1600G 52TS config show telnet status...

Page 73: ...icate and its corresponding private key By default the switch has a certificate self signed certificate and a corresponding private key The Certificate Key Download function enables the user to replac...

Page 74: ...ximum number of the users logging on to the HTTP server as Guest ranging from 0 to 15 The total number of Admin and Guest should be less than 16 Command Mode Global Configuration Mode Privilege Requir...

Page 75: ...9 4 ip http secure server Description The ip http secure server command is used to enable the HTTPS server within the switch To disable the HTTPS function please use no ip http secure server command T...

Page 76: ...and Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Configure the protocol of SSL connection as SSL 3 0 T1600G...

Page 77: ...secure ciphersuite 3des ede cbc sha 9 7 ip http secure max users Description The ip http secure max users command is used to configure the maximum number of users that are allowed to connect to the H...

Page 78: ...to configure the connection timeout of the HTTPS server To restore to the default timeout time please use no ip http secure session timeout command Syntax ip http secure session timeout minutes no ip...

Page 79: ...ip addr The IP address of the TFTP server Both IPv4 and IPv6 addresses are supported for example 192 168 0 1 or fe80 1234 Command Mode Global Configuration Mode Privilege Requirement Only Admin Opera...

Page 80: ...addr The IP address of the TFTP server Both IPv4 and IPv6 addresses are supported for example 192 168 0 1 or fe80 1234 Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator...

Page 81: ...d Any Configuration Mode Privilege Requirement None Example Display the configuration information of the HTTP server T1600G 52TS config show ip http configuration 9 12 show ip http secure server Descr...

Page 82: ...ame ip addr mac addr vlan vlan id interface gigabitEthernet port none arp detection forced source arp scanning dhcp snooping no ip source binding index idx Parameter hostname The Host Name which conta...

Page 83: ...1600G 52TS config no ip source binding index 5 10 2 ip dhcp snooping Description The ip dhcp snooping command is used to enable DHCP Snooping function globally To disable DHCP Snooping function global...

Page 84: ...VLAN To disable DHCP Snooping function on this VLAN please use no ip dhcp snooping vlan command Syntax ip dhcp snooping vlan vlan range no ip dhcp snooping vlan vlan range Parameter vlan range Specif...

Page 85: ...t channel Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Enable the Option 82 function of DHCP Snooping on port 1 0 1 T1600G 52TS config int...

Page 86: ...and Power User level users have access to these commands Example Replace the Option 82 field of the packets with the switch defined one and then send out on port 1 0 1 T1600G 52TS config interface gig...

Page 87: ...n The ip dhcp snooping information circuit id command is used to enable and configure the customized sub option Circuit ID for the Option 82 on a specified port port channel To return to the default C...

Page 88: ...ip dhcp snooping trust no ip dhcp snooping trust Command Mode Interface Configuration Mode interface gigabitEthernet interface range gigabitEthernet interface port channel interface range port channe...

Page 89: ...0G 52TS config interface gigabitEthernet 1 0 2 T1600G 52TS config if ip dhcp snooping mac verify 10 10 ip dhcp snooping limit rate Description The ip dhcp snooping limit rate command is used to enable...

Page 90: ...otect feature please use no ip dhcp snooping decline rate command Syntax ip dhcp snooping decline rate value no ip dhcp snooping decline rate Parameter value Specify the rate limit of DHCP Decline pac...

Page 91: ...ode and Any Configuration Mode Privilege Requirement None Example Display the IP MAC VID PORT binding table T1600G 52TS config show ip source binding 10 13 show ip dhcp snooping Description The show i...

Page 92: ...ode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None Example Display the DHCP Snooping configuration of all Ethernet ports and LAGs T1600G 52TS show ip dhcp snooping interfac...

Page 93: ...port The Ethernet port number port channel id The ID of the port channel Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None Example Display the DHCP snooping optio...

Page 94: ...ration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Enable the ARP Detection function globally T1600G 52TS config ip arp inspection 1...

Page 95: ...spection interface Description The ip arp inspection command is used to enable the ARP Defend function To disable the ARP detection function please use no ip arp inspection command ARP Attack flood pr...

Page 96: ...ection limit rate command Syntax ip arp inspection limit rate value no ip arp inspection limit rate Parameter value The value to specify the maximum amount of the received ARP packets per second rangi...

Page 97: ...and Power User level users have access to these commands Example Restore Gigabit Ethernet port 1 0 5 to the ARP transmit status T1600G 52TS config interface gigabitEthernet 1 0 5 T1600G 52TS config if...

Page 98: ...net port number Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None Example Display the configuration of Gigabit Ethernet port 1 0 1 T1600G 52TS config show ip arp...

Page 99: ...Description The clear ip arp inspection statistics command is used to clear the statistic of the illegal ARP packets received Syntax clear ip arp inspection statistics Command Mode Privileged EXEC Mo...

Page 100: ...tion The ip dos prevent command is used to enable the DoS defend function globally To disable the DoS defend function please use no ip dos prevent command Syntax ip dos prevent no ip dos prevent Comma...

Page 101: ...ping flood Ping flooding attack With the ping flood attack enabled the switch will limit automatically the forwarding speed of ping packets to 512K when attacked by ping flood syn flood SYN SYN ACK f...

Page 102: ...cted DoS attack including enable disable status the DoS Defend Type the count of the attack etc Syntax show ip dos prevent Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requir...

Page 103: ...itions log buffer and log flash memory The log buffer indicates the RAM for saving system log and the information in the log buffer can be got by show logging buffer command It will be lost when the s...

Page 104: ...d Operator level users have access to these commands Example Set the severity level as 5 T1600G 52TS config logging buffer level 5 13 3 logging file flash Description The logging file flash command is...

Page 105: ...lash frequency periodic periodic immediate no logging file flash frequency Parameter periodic The frequency to synchronize the system log file in the log buffer to the flash ranging from 1 to 48 hours...

Page 106: ...r severity level value will be saved to the flash By default it is 3 indicating that the log message marked with 0 3 will be saved in the log flash Command Mode Global Configuration Mode Privilege Req...

Page 107: ...it is 6 indicating that the log information marked with 0 6 will be sent to the log host Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access t...

Page 108: ...or level command Syntax logging monitor level level no logging monitor level Parameter level Severity level of the log information output to the terminal devices There are 8 severity levels marked wit...

Page 109: ...uirement Only Admin and Operator level users have access to these commands Example Clear the information in the log file T1600G 52TS config clear logging buffer 13 10 show logging local config Descrip...

Page 110: ...ed EXEC Mode and Any Configuration Mode Privilege Requirement None Example Display the configuration of the log host 2 T1600G 52TS config show logging loghost 2 13 12 show logging buffer Description T...

Page 111: ...in the log file according to the severity level Syntax show logging flash level level Parameter level Severity level There are 8 severity levels marked with values 0 7 The information of levels with p...

Page 112: ...please use no ip ssh server command Syntax ip ssh server no ip ssh server Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to th...

Page 113: ...e algorithm in SSH function To disable the specified algorithm please use no ip ssh algorithm command Syntax ip ssh algorithm AES128 CBC AES192 CBC AES256 CBC Blowfish CBC Cast128 CBC 3DES CBC HMAC SH...

Page 114: ...is 120 seconds Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Specify the idle timeout time of SSH as...

Page 115: ...nload v1 represents SSH 1 v2 represents SSH 2 key file The name of the key file which is selected to download The length of the name ranges from 1 to 25 characters The key length of the downloaded fil...

Page 116: ...f SSH public key v1 represents SSH 1 v2 represents SSH 2 Command Mode Privileged EXEC Mode Privilege Requirement Only Admin level users have access to these commands Example Remove the SSH 1 type publ...

Page 117: ...supplicant and the authentication server requesting identity information from the supplicant verifying that information with the authentication server and relaying a response to the supplicant This c...

Page 118: ...ault Syntax dot1x handshake no dot1x handshake Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Disable...

Page 119: ...t The EAP protocol packets with authentication data are encapsulated in the advanced protocol such as RADIUS packets and transmitted to the authentication server Command Mode Global Configuration Mode...

Page 120: ...globally To disable the Guest VLAN function please use no dot1x guest vlan command Syntax dot1x guest vlan vid no dot1x guest vlan Parameter vid The VLAN ID needed to enable the Guest VLAN function ra...

Page 121: ...from 1 to 999 seconds and the default value is 10 seconds Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Exa...

Page 122: ...t1x timeout supplicant timeout 5 15 8 dot1x max reauth req Description The dot1x max reauth req command is used to configure the maximum transfer times of the repeated authentication request when the...

Page 123: ...ge gigabitEthernet Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Enable the IEEE 802 1X function for the Gigabit Ethernet port 1 0 1 T1600G...

Page 124: ...dot1x port control Description The dot1x port control command is used to configure the Control Mode of IEEE 802 1X for the specified port By default the control mode is auto To restore to the default...

Page 125: ...port control authorized force 15 12 dot1x port method Description The dot1x port method command is used to configure the control type of IEEE 802 1X for the specified port By default the control type...

Page 126: ...T1600G 52TS config if dot1x port method port based 15 13 show dot1x global Description The show dot1x global command is used to display the global configuration of 802 1X Syntax show dot1x global Com...

Page 127: ...ayed Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None Example Display the configuration information of 802 1X for Gigabit Ethernet port 1 0 20 T1600G 52TS config...

Page 128: ...cast packets and enhance the efficiency of packets forwarding remarkably Syntax mac address table static mac addr vid vid interface gigabitEthernet port no mac address table static mac addr vid vid ma...

Page 129: ...t is 300 by default Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Configure the aging time as 500 se...

Page 130: ...s table notification command is used to configure global settings of MAC address table notification Syntax mac address table notification global status enable disable table full status enable disable...

Page 131: ...e disable Enable Disable the learn mode change notification With this feature enabled a SNMP notification is generated and sent to the network management system NMS when the learning mode of this port...

Page 132: ...e default configurations please use no mac address table max mac count command Port Security is to protect the switch from the malicious MAC address attack by limiting the maximum number of the MAC ad...

Page 133: ...esses reaches the maximum learning number on the port By default this function is disabled forward The packets will be forward but not be learned when learned MAC number exceeds the the maximum MAC ad...

Page 134: ...he MAC address table in this VLAN Drop The packets will be dropped when learned MAC number exceeds the threshold of the MAC address table in this VLAN Forward The packets will be forward but not be le...

Page 135: ...figuration Mode Privilege Requirement None Example Display the information of all address entries T1600G 52TS config show mac address table 16 9 clear mac address table Description The show mac addres...

Page 136: ...Requirement None Example Display the Aging Time of the MAC address T1600G 52TS config show mac address table aging time 16 11 show mac address table max mac count Description The show mac address tab...

Page 137: ...s used to display the address configuration of the specified port LAG Syntax show mac address table interface gigabitEthernet port port channel lagid Parameter port The Ethernet port number lagid The...

Page 138: ...ss table address command is used to display the information of the specified MAC address Syntax show mac address table address mac addr interface gigabitEthernet port port channel lagid vid vlan id Pa...

Page 139: ...w mac address table vlan 1 16 16 show mac address table notification Description The show mac address table notification command is used to display the MAC notificaiton configuration globally or on th...

Page 140: ...display the MAC address security configuration of the specified vlan Syntax show mac address table security vid vid Parameter vid The specified VLAN id Command Mode Privileged EXEC Mode and Any Confi...

Page 141: ...m 2000 to 2037 Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access to these commands Example Configure the system mode as manual and the time i...

Page 142: ...ockholm Vienna UTC 02 00 TimeZone for Cairo Athens Bucharest Amman Beirut Jerusalem UTC 03 00 TimeZone for Kuwait Riyadh Baghdad UTC 03 30 TimeZone for Tehran UTC 04 00 TimeZone for Moscow St Petersbu...

Page 143: ...used to select a daylight saving time configuration from the predefined mode The configuration can be used recurrently To disable DST function please use no system time dst command Syntax system time...

Page 144: ...t saving time There are 12 values showing as follows Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec sday The start day of the daylight saving time ranging from 1 to 31 Here you should show special at...

Page 145: ...month etime offset no system time dst Parameter sweek The start week of the daylight saving time There are 5 values showing as follows first second third fourth last sday The start day of the daylight...

Page 146: ...T1600G 52TS config system time dst recurringfirst Sun May 02 00 last Sun Oct 02 00 45 17 6 hostname Description The hostname command is used to configure the system name To clear the system name infor...

Page 147: ...Requirement Only Admin and Operator level users have access to these commands Example Configure the system location as SHENZHEN T1600G 52TS config location SHENZHEN 17 8 contact info Description The c...

Page 148: ...dress ip addr mask Parameter ip addr The IP address of the Layer 3 interface mask The subnet mask of the Layer 3 interface secondary Specify the interface s secondary IP address If this parameter is o...

Page 149: ...no ip address Parameter dhcp Specify the Layer 3 interface to obtain IP address from the DHCP Server bootp Specify the Layer 3 interface to obtain IP address from the BOOTP Server Command Mode Interfa...

Page 150: ...EC Mode Privilege Requirement Only Admin level users have access to these commands Example Reset the software of the switch T1600G 52TS reset 17 12 reboot Description The reboot command is used to reb...

Page 151: ...re_reboot Save the configuration file before the switch reboots interval Specify a time period after which the switch reboots It ranges from 1 to 43200 minutes cancel Delete the reboot schedule settin...

Page 152: ...tftp Description The copy startup config tftp command is used to backup the configuration file to TFTP server Syntax copy startup config tftp ip address ip addr filename name Parameter ip addr IP Add...

Page 153: ...ter ip addr IP Address of the TFTP server Both IPv4 and IPv6 addresses are supported for example 192 168 0 1 or fe80 1234 name Specify the name for the configuration file which would be downloaded Com...

Page 154: ...p image startup backup Specify the property of the image either startup image or backup image Command Mode Global Configuration Mode Privilege Requirement Only Admin level users have access to these c...

Page 155: ...rted for example 192 168 0 1 or fe80 1234 name Specify the name for the firmware file Command Mode Privileged EXEC Mode Privilege Requirement Only Admin level users have access to these commands Examp...

Page 156: ...ddresses are supported for example 192 168 0 100 or fe80 1234 n count The amount of times to send test data during Ping testing It ranges from 1 to 10 By default this value is 4 l count The size of th...

Page 157: ...tracert test should be IPv4 ipv6 The type of the IP address for tracert test should be IPv6 ip_addr The IP address of the destination device If the parameter ip ipv6 is not selected both IPv4 and IPv6...

Page 158: ...evice Name Device Location System Contact Hardware Version Firmware Version System Time Run Time and so on Syntax show system info Command Mode Privileged EXEC Mode and Any Configuration Mode Privileg...

Page 159: ...ege Requirement Only Admin level users have access to these commands Example Display the system boot configuration information T1600G 52TS show boot 17 25 show running config Description The show runn...

Page 160: ...ntax show startup config Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement Only Admin level users have access to these commands Example Display the saved configuration...

Page 161: ...lege Requirement None Example Display the DST information of the switch T1600G 52TS show system time dst 17 29 show system time ntp Description The show system time ntp command is used to display the...

Page 162: ...interface gigabitEthernet port Parameter port The number of the port which is selected for Cable test Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None Example Sh...

Page 163: ...ow memory utilization command is used to display the current system s memory utilization in the last 5 seconds 1minute 5minutes Syntax show memory utilization Command Mode Privileged EXEC Mode and Any...

Page 164: ...on is disabled the corresponding IPv6 netstack and IPv6 based modules will be invalid for example SSHv6 SSLv6 TFTPv6 etc To disable the IPv6 function please use no ipv6 enable command Syntax ipv6 enab...

Page 165: ...dress on VLAN interface 1 T1600G 52TS config interface vlan 1 T1600G 52TS config if ipv6 address autoconfig 18 3 ipv6 address link local Description The ipv6 address link local command is used to conf...

Page 166: ...use no ipv6 address dhcp command Syntax ipv6 address dhcp no ipv6 address dhcp Configuration Mode Interface Configuration Mode Privilege Requirement Only Admin Operator and Power User level users hav...

Page 167: ...ith an extended unique identifier EUI in the low order 64 bits on the interface Specify only the network prefix The last 64 bits are automatically computed from the switch MAC address To remove an EUI...

Page 168: ...3ffe 1 64 Configuration Mode Interface Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Configure the global address 3001 1...

Page 169: ...153 Privilege Requirement None Example Display the ipv6 information of the management interface T1600G 52TS config show ipv6 interface...

Page 170: ...thernet port Parameter port The Ethernet port number Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example T...

Page 171: ...orts 1 2 3 6 7 and 9 at the same time by adding them to one port list T1600G 52TS config interface range gigabitEthernet 1 0 1 3 1 0 6 7 1 0 9 19 3 description Description The description command is u...

Page 172: ...ort channel interface range port channel Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Disable port 1 0 3 T1600G 52TS config interface giga...

Page 173: ...n to the default configuration please use no duplex command Syntax duplex auto full half no duplex Parameter auto full half The duplex mode of the Ethernet port There are three options auto negotiatio...

Page 174: ...cess to these commands Example Allow jumbo frame on port 1 0 3 T1600G 52TS config interface gigabitEthernet 1 0 3 T1600G 52TS config if jumbo 19 8 speed Description The speed command is used to config...

Page 175: ...control pps command Syntax storm control pps no storm control pps Command Mode Interface Configuration Mode interface gigabitEthernet interface range gigabitEthernet interface port channel interface r...

Page 176: ...r second rate Specify the bandwidth for receiving packets on the port The specified type of packet traffic exceeding the bandwidth will be discarded For kbps the rate ranges from 1 to 1000000 kbps For...

Page 177: ...d Mode Interface Configuration Mode interface gigabitEthernet interface range gigabitEthernet interface port channel interface range port channel Privilege Requirement Only Admin Operator and Power Us...

Page 178: ...Description The show interface status command is used to display the connection status of the Ethernet port LAG Syntax show interface status gigabitEthernet port port channel lagid Parameter port The...

Page 179: ...of all Ethernet ports and LAGs T1600G 52TS config show interface counters Display the statistics information of port 1 0 2 T1600G 52TS config show interface counters gigabitEthernet 1 0 2 19 15 show...

Page 180: ...m control information of Ethernet ports Syntax show storm control interface gigabitEthernet port list port channel lagid list Parameter port list The list of Ethernet ports lagid list The list of LAGs...

Page 181: ...rameter port list The list of Ethernet ports lagid list The list of LAGs Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None Example Display the bandwidth limit inf...

Page 182: ...default the priority is 0 Command Mode Interface Configuration Mode interface gigabitEthernet interface range gigabitEthernet interface port channel interface range port channel Privilege Requirement...

Page 183: ...ll be classified into the egress queue based on the mapping relation between DSCP priority and CoS value Example Enable the mapping relation between DSCP Priority and CoS value T1600G 52TS config qos...

Page 184: ...7 the bigger value the higher priority Example Map CoS 5 to TC 2 T1600G 52TS config qos queue cos map 5 2 20 4 qos queue dscp map Description The qos queue dscp map command is used to configure the ma...

Page 185: ...the egress queue is 0 7 CoS 0 8 15 CoS 1 16 23 CoS 2 24 31 CoS 3 32 39 CoS 4 40 47 CoS 5 48 55 CoS 6 56 63 CoS 7 Example Map DSCP values 10 12 to CoS 2 T1600G 52TS config qos queue dscp map 10 12 2 20...

Page 186: ...WRR mode In SP WRR mode TC7 and the queue with its weight value set as 0 are in the SP group other queues with none zero weight value belong to the WRR group and the weight value can be customized in...

Page 187: ...o weight value belong to the WRR group In this SP WRR scheduling mode the queues in the SP group is scheduled preferentially TC6 TC5 TC4 TC3 TC2 TC1 TC0 in strict priority When there is no packets to...

Page 188: ...isplay the configuration of QoS for all ports and LAGs T1600G 52TS show qos interface Display the configuration of QoS for ports 1 0 1 4 T1600G 52TS show qos interface gigabitEthernet 1 0 1 4 20 8 sho...

Page 189: ...Privilege Requirement None Example Display the configuration of DSCP Priority T1600G 52TS show qos dscp map 20 10 show qos queue mode Description The show qos queue mode command is used to display the...

Page 190: ...to display the status of IEEE 802 1P priority and DSCP priority Syntax show qos status Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None Example Display the stat...

Page 191: ...terface command by changing the port value The no monitor session command is used to delete the corresponding monitoring port or monitor session Syntax monitor session session_num destination interfac...

Page 192: ...r session number can only be specified as 1 port list The list of monitored port It is multi optional lagid list The list of monitored LAG mode The monitor mode There are three options rx tx and both...

Page 193: ...bitEthernet 1 0 4 5 1 0 7 rx Delete port 4 in monitor session 1 and its configuration T1600G 52TS config no monitor session 1 source interface gigabitEthernet 1 0 4 rx 21 3 show monitor session Descri...

Page 194: ...ard list po forward list no port isolation Parameter gi forward list The list of Ethernet ports po forward list The list of LAGs Command Mode Interface Configuration Mode interface gigabitEthernet int...

Page 195: ...Ethernet port you want to show its forward port list in the format of 1 0 2 lagid The ID of LAG you want to show its forward port list ranging from 1 to 6 Command Mode Privileged EXEC Mode and Any Co...

Page 196: ...etection no loopback detection Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Enable the loopback det...

Page 197: ...ld automatically recover to normal status Syntax loopback detection recovery time recovery time Parameter recovery time The time after which the blocked port would automatically recover to normal stat...

Page 198: ...52TS config interface range gigabitEthernet 1 0 1 3 T1600G 52TS Config if range loopback detection 23 5 loopback detection config Description The loopback detection config command is used to configur...

Page 199: ...pback detection config process mode port based recovery mode manual 23 6 loopback detection recover Description The loopback detection recover command is used to remove the block status of selected po...

Page 200: ...mple Display the global configuration of loopback detection function T1600G 52TS show loopback detection global 23 8 show loopback detection interface Description The show loopback detection interface...

Page 201: ...185 T1600G 52TS show loopback detection interface Display the configuration of loopback detection function and the status of port 5 T1600G 52TS show loopback detection interface gigabitEthernet 1 0 5...

Page 202: ...and Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Create a standard IP ACL whose ID is 523 T1600G 52TS confi...

Page 203: ...he source IP addresses and destination IP addresses carried in the packets Syntax access list standard acl id rule rule id deny permit sip source ip smask source ip mask dip destination ip dmask desti...

Page 204: ...list extended command is used to add Extended IP ACL rule To delete the corresponding rule please use no access list extended command Syntax access list extended acl id rule rule id deny permit sip s...

Page 205: ...ig access list create 2220 T1600G 52TS config access list extended 2220 rule 10 permit sip 192 168 0 100 smask 255 255 255 0 24 5 access list ipv6 Description The access list ipv6 command is used to a...

Page 206: ...e Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands User Guidelines Before binding an IPv6 ACL to a VLAN or interface you sho...

Page 207: ...MAC address Command Mode Mac Access list Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Create a MAC ACL whose ID is 20...

Page 208: ...st policy action command is used to add ACLs for the policy To delete the corresponding actions please use no access list policy action command Syntax access list policy action policy name acl id no a...

Page 209: ...ernet interface range gigabitEthernet Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Bind ACL 100 to port 1 0 2 T1600G 52TS config interface...

Page 210: ...ncel the bind relation please use no access list bind command Syntax access list bind policy name no access list bind policy name Parameter policy name The name of the policy desired to bind Command M...

Page 211: ...ent Only Admin Operator and Power User level users have access to these commands Example Bind policy1 to VLAN 2 T1600G 52TS config interface vlan 2 T1600G 52TS config if access list bind policy1 24 13...

Page 212: ...and Any Configuration Mode Privilege Requirement None Example Display the information of a policy named policy1 T1600G 52TS config show access list policy policy1 24 15 show access list bind Descripti...

Page 213: ...power the PoE switch can supply globally Syntax power inline consumption power limit Parameter power limit The max power the PoE switch can supply For T1600G 28PS it ranges from 1 to 192W and for T16...

Page 214: ...d class4 power limit indicates you can manually enter a value It ranges from 1 to 300 The value is in the unit of 0 1 watt For instance if you want to configure the max power as 5w you should enter 50...

Page 215: ...olute Description The absolute command is used to create an absolute mode time range for the Time range of the switch The Time range takes affect only when both Absolute Time and Periodic Time are in...

Page 216: ...range for the PoE time range of the switch The periodic time range reccurs every week The Time range takes affect only when both Absolute Time and Periodic Time are in effect Repeat this command to c...

Page 217: ...fig time range periodic start 08 00 end 18 00 day of the week 1 5 T1600G 52PS config time range periodic start 10 00 end 16 00 day of the week 6 7 25 6 power holiday Description The power holiday comm...

Page 218: ...e and the Periodic Time with Holiday excluded include The Holiday has no effect on the Time range which means the final Time range will be the intersection of the Absolute Time and Periodic Time Comma...

Page 219: ...t as 5w for port 2 T1600G 52PS config interface gigabitEthernet 1 0 2 T1600G 52PS config if power inline consumption 50 25 9 power inline priority Description The power inline priority command is used...

Page 220: ...rt 2 T1600G 52PS config interface gigabitEthernet 1 0 2 T1600G 52PS config if power inline supply enable 25 11 power inline profile Description The power inline profile command is used to bind a PoE p...

Page 221: ...ange command Syntax power inline time range name no power inline time range Parameter name The name of the PoE time range to be bound to the port Command Mode Interface Configuration Mode Example Bind...

Page 222: ...Privileged EXEC Mode and Any Configuration Mode Example Display the PoE configuration of all ports T1600G 52PS show power inline configuration interface 25 15 show power inline information interface D...

Page 223: ...er holiday command is used to display the defined PoE holiday Syntax show power holiday Command Mode Privileged EXEC Mode and Any Configuration Mode Example Display the defined PoE holiday T1600G 52PS...

Page 224: ...208 Command Mode Privileged EXEC Mode and Any Configuration Mode Example Display the configuration of PoE time range T1600G 52PS show power time range...

Page 225: ...rors flush init migration proposals roles state tc Parameters all Display all the spanning tree debug messages bpdu receive Display the debug messages of the received spanning tree bridge protocol dat...

Page 226: ...ree Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Enable the STP function T1600G 52TS config spannin...

Page 227: ...enable disable point to point auto open close no spanning tree common config Parameter pri Port Priority which must be multiple of 16 ranging from 0 to 240 By default the port priority is 128 Port Pri...

Page 228: ...interface range port channel Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Enable the STP function of port 1 and configure the Port Priori...

Page 229: ...name and revision level To return to the default configuration of the corresponding Instance please use no spanning tree mst configuration command Syntax spanning tree mst configuration no spanning t...

Page 230: ...User level users have access to these commands Example Map the VLANs 1 100 to Instance 1 T1600G 52TS config spanning tree mst configuration T1600G 52TS config mst instance 1 vlan 1 100 Disable Instan...

Page 231: ...on T1600G 52TS config mst name region1 26 9 revision Description The revision command is used to configure the revision level of MST instance Syntax revision revision Parameters revision The revision...

Page 232: ...n the specific instance Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Enable the MST Instance 1 and...

Page 233: ...ace port channel interface range port channel Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Configure the priority of port 1 in MST Instanc...

Page 234: ...witch will be busy with removing MAC address entries which may decrease the performance and stability of the network Syntax spanning tree tc defend threshold threshold period period no spanning tree t...

Page 235: ...default Otherwise 2 Forward Delay 1 Max Age hello time Hello Time which is the interval to send BPDU packets and used to test the links Hello Time ranges from 1 to 10 in seconds and it is 2 by defaul...

Page 236: ...uration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Configure the hold count of STP as 8pps T1600G 52TS config spanning tree hold co...

Page 237: ...ease use no spanning tree bpdufilter command Syntax spanning tree bpdufilter no spanning tree bpdufilter Command Mode Interface Configuration Mode interface gigabitEthernet interface range gigabitEthe...

Page 238: ...port 1 0 2 T1600G 52TS config interface gigabitEthernet 1 0 2 T1600G 52TS config if spanning tree bpduguard 26 19 spanning tree guard loop Description The spanning tree guard loop command is used to e...

Page 239: ...tree guard root Command Mode Interface Configuration Mode interface gigabitEthernet interface range gigabitEthernet interface port channel interface range port channel Privilege Requirement Only Admin...

Page 240: ...tor and Power User level users have access to these commands Example Enable the TC Protect of Spanning Tree for port 2 T1600G 52TS config interface gigabitEthernet 1 0 2 T1600G 52TS config if spanning...

Page 241: ...he active information of spanning tree T1600G 52TS config show spanning tree active 26 24 show spanning tree bridge Description The show spanning tree bridge command is used to display the bridge para...

Page 242: ...le Display the spanning tree information of all ports T1600G 52TS config show spanning tree interface Display the spanning tree information of port 1 0 2 T1600G 52TS config show spanning tree interfac...

Page 243: ...splay the interface security bpdufilter information T1600G 52TS config show spanning tree interface security bpdufilter 26 27 show spanning tree mst Description The show spanning tree mst command is u...

Page 244: ...Instance T1600G 52TS config show spanning tree mst configuration Display the related information of MST Instance 1 T1600G 52TS config show spanning tree mst instance 1 Display all the ports informatio...

Page 245: ...oping function please use no ip igmp snooping command Syntax ip igmp snooping no ip igmp snooping Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level...

Page 246: ...ing rtime Description The ip igmp snooping rtime command is used to specify router port aging time globally To restore the default timer please use no ip igmp snooping rtime command Syntax ip igmp sno...

Page 247: ...IGMP Snooping member port aging time as 100 seconds globally T1600G 52TS config ip igmp snooping mtime 100 27 5 ip igmp snooping report suppression Description The ip igmp snooping report suppression...

Page 248: ...snooping immediate leave Command Mode Interface Configuration Mode interface gigabitEthernet interface range gigabitEthernet interface port channel interface range port channel Privilege Requirement O...

Page 249: ...pecify the interval to send Specific Query Message The default value is 1 second To restore the default interval please use no ip igmp snooping last listener query inteval command Syntax ip igmp snoop...

Page 250: ...e access to these commands Example Specify the number of Specific Query Message to 3 T1600G 52TS config ip igmp snooping last listener query count 3 27 10 ip igmp snooping vlan config Description The...

Page 251: ...report message from the member port it will consider this port is not a member port any more Member Port Time ranges from 60 to 600 in seconds By default it is 0 and the global member time will be use...

Page 252: ...bidden interface gigabitEthernet port list port channel port channel id Parameter vlan id list The ID list of the VLAN desired to modify configuration ranging from 1 to 4094 in the format of 1 3 5 por...

Page 253: ...ified the default multicast VLAN will be selected router time Router Port Time Within this time if the switch does not receive IGMP query message from the router port it will consider this port is not...

Page 254: ...t port list port channel port channel id no ip igmp snooping multi vlan config router ports forbidden interface gigabitEthernet port list port channel port channel id Parameter vlan id The ID of the m...

Page 255: ...IP address The switch will use this IP address to replace the source IP address of the IGMP packets Command Mode Global Configuration Mode Privilege Requirement Only Admin level users have access to t...

Page 256: ...ooping Querier to send a general query frame To return to the default configuration please use no ip igmp snooping querier vlan command Syntax ip igmp snooping querier vlan vlan id query interval inte...

Page 257: ...umber of groups that a port can join in The ip igmp snooping max groups action is used to configure the action that the port takes when it receives an IGMP report message and the maximum number of ent...

Page 258: ...ds Example Specify the maximum numbers of groups that ports 1 0 2 5 can join as 10 and configure the throttling action as replace T1600G 52TS config interface range gigabitEthernet 1 0 2 5 T1600G 52TS...

Page 259: ...0G 52TS config interface gigabitEthernet 1 0 3 T1600G 52TS config if ip igmp snooping authentication 27 19 ip igmp snooping accounting Description The ip igmp snooping accounting command is used to en...

Page 260: ...rofile ranging from 1 to 999 Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Create the profile 1 T160...

Page 261: ...Admin Operator and Power User level users have access to these commands Example Configure the filtering mode of profile 1 as permit T1600G 52TS config ip igmp profile 1 T1600G 52TS config igmp profil...

Page 262: ...7 24 ip igmp filter Description The ip igmp filter command is used to bind the specified profile to the interface To delete the binding please use no ip igmp filter command Syntax ip igmp filter profi...

Page 263: ...t Only Admin Operator and Power User level users have access to these commands Example Clear the statistics of the IGMP packets T1600G 52TS config clear ip igmp snooping statistics 27 26 show ip igmp...

Page 264: ...Ethernet ports basic config max groups packet stat The related configuration information selected to display Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None Ex...

Page 265: ...ilege Requirement None Example Display the IGMP snooping configuration information of VLAN 2 T1600G 52TS show ip igmp snooping vlan 2 27 29 show ip igmp snooping multi vlan Description The show ip igm...

Page 266: ...entries in VLAN 5 T1600G 52TS show ip igmp snooping groups vlan 5 Display information of the multicast group with the IP address 225 1 1 1 in VLAN 5 T1600G 52TS show ip igmp snooping groups vlan 5 22...

Page 267: ...n 5 Display the count of multicast entries in VLAN 5 T1600G 52TS config show ip igmp snooping groups vlan 5 count Display the dynamic multicast groups of VLAN 5 T1600G 52TS config show ip igmp snoopin...

Page 268: ...ow ip igmp snooping querier 27 33 show ip igmp profile Description The show ip igmp profile command is used to display the configuration information of all the profiles or a specific profile Syntax sh...

Page 269: ...no ipv6 mld snooping command Syntax ipv6 mld snooping no ipv6 mld snooping Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access to these command...

Page 270: ...ooping rtime Parameter rtime Specify the aging time in seconds ranging from 60 to 600 The default aging time is 300 seconds Command Mode Global Configuration Mode Privilege Requirement Only Admin and...

Page 271: ...ction When it is enabled the switch forwards only the first MLD report message per mulicast group to the Layer 3 device and the subsequent MLD reports from the same multicast group are discarded To di...

Page 272: ...cess to these commands Example Enable the Fast Leave function for port 1 0 3 T1600G 52TS config interface gigabitEthernet 1 0 3 T1600G 52TS config if ipv6 mld snooping immediate leave 28 7 ipv6 mld sn...

Page 273: ...Mode Privilege Requirement Only Admin and Operator level users have access to these commands Example Specify the interval of Specific Query Message to 3 seconds T1600G 52TS config ipv6 mld snooping l...

Page 274: ...t channel lagid no ipv6 mld snooping vlan config vlan id list rtime router time mtime member time rport interface gigabitEthernet port list port channel lagid no ipv6 mld snooping vlan config vlan id...

Page 275: ...thernet 1 0 1 Add static multicast IP address ff01 1234 01 which corresponds to VLAN 2 and configure the forward ports as ports 1 0 1 3 T1600G 52TS config ipv6 mld snooping vlan config 2 static ff01 1...

Page 276: ...config 1 router ports forbidden interface gigabitEthernet 1 0 1 3 28 12 ipv6 mld snooping multi vlan config Description The ipv6 mld snooping multi vlan config command is used to create Multicast VLAN...

Page 277: ...ge Requirement Only Admin level users have access to these commands Example Enable Multicast VLAN 3 and configure Router Port Time as 100 seconds Member Port Time 100 seconds and Static Router Port po...

Page 278: ...ports 1 0 1 3 as being router ports in multicast VLAN 2 T1600G 52TS config ipv6 mld snooping multi vlan config 2 router ports forbidden interface gigabitEthernet 1 0 1 3 28 14 ipv6 mld snooping multi...

Page 279: ...e use no ipv6 mld snooping querier vlan command Syntax ipv6 mld snooping querier vlan vlan id no ipv6 mld snooping querier vlan vlan id Parameter vlan id The VLAN that enables the MLD querier function...

Page 280: ...default it is 10 seconds ip addr The source IP of the general query frame sent by MLD Snooping Querier It should not be a multicast IP or a broadcast IP By default it is fe80 02ff ffff fe00 0001 Comm...

Page 281: ...1000 drop When the number of the dynamic multicast groups that a port joins has exceeded the max group the port will not join any new multicast group replace When the number of the dynamic multicast...

Page 282: ...rom 1 to 999 Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access to these commands Example Create the profile 1 T1600G 52TS config ipv6 mld pro...

Page 283: ...iltering mode of profile 1 as permit T1600G 52TS config ipv6 mld profile 1 T1600G 52TS config mld profile permit 28 21 range Description The range command is used to configure the range of the profile...

Page 284: ...d the specified profile to the interface To delete the binding please use no ipv6 mld filter command Syntax ipv6 mld filter profile id no ipv6 mld filter Parameter profile id Specify the profile ID ra...

Page 285: ...wer User level users have access to these commands Example Clear the statistics of the MLD packets T1600G 52TS config clear ipv6 mld snooping statistics 28 24 show ipv6 mld snooping Description The sh...

Page 286: ...figuration information selected to display Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None Example Display the MLD baisic configuration configuration of all por...

Page 287: ...ipv6 mld snooping multi vlan command is used to display the Multicast VLAN configuration Syntax show ipv6 mld snooping multi vlan Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege...

Page 288: ...w ipv6 mld snooping groups command is used to display the information of all MLD snooping groups It can be extended to some other commands to display the dynamic and static multicast information of a...

Page 289: ...ups of VLAN 5 T1600G 52TS config show ipv6 mld snooping groups vlan 5 static Display the count of dynamic multicast entries of VLAN 5 T1600G 52TS config show ipv6 mld snooping groups vlan 5 dynamic co...

Page 290: ...ed to display the configuration information of all the profiles or a specific profile Syntax show ipv6 mld profile id Parameter id Specify the ID of the profile ranging from 1 to 999 Command Mode Priv...

Page 291: ...p server Command Mode Global Configuration Mode Privilege Requirement Only Admin level users have access to these commands Example Enable the SNMP function T1600G 52TS config snmp server 29 2 snmp ser...

Page 292: ...0G 52TS config snmp server view view1 1 3 6 1 6 3 20 include 29 3 snmp server group Description The snmp server group command is used to manage and configure the SNMP group To delete the corresponding...

Page 293: ...e view Select the View to be the Write View The management access is writing only and changes can be made to the assigned SNMP View The View defined both as the Read View and the Write View can be rea...

Page 294: ...Security Model of the User with v1 v2c and v3 options By default the option is v1 The Security Model of the User must be the same with that of the Group which the User belongs to slev The Security Le...

Page 295: ...user as MD5 the Authentication Password as 11111 the Privacy Mode as DES and the Privacy Password as 22222 T1600G 52TS config snmp server user admin local group2 smode v3 slev authPriv cmode MD5 cpwd...

Page 296: ...name Parameter ip The IP Address of the management Host Both IPv4 and IPv6 addresses are supported for example 192 168 0 100 or fe80 1234 udp port UDP port which is used to send notifications The UDP...

Page 297: ...uirement Only Admin level users have access to these commands Example Add a Notification entry and configure the IP address of the management Host as 192 168 0 146 the UDP port as 162 the User name of...

Page 298: ...the switch The Engine ID is a unique alphanumeric string used to identify the SNMP engine on the remote device which receives informs from the switch Its length ranges from 10 to 64 hexadecimal chara...

Page 299: ...enabled coldstart Enable coldstart trap It is sent upon switch reboot By default it is enabled auth failure Enable the auth failure trap It is sent when a received SNMP request fails the authenticatio...

Page 300: ...p server traps bandwidth control cpu flash lldp loopback detection storm control spanning tree memory Parameter bandwidth control Enable bandwidth control trap It is sent when the rate limit function...

Page 301: ...n Description The snmp server traps vlan command is used to enable SNMP extended VLAN related traps which include two types create and delete To disable this function please use no snmp server traps v...

Page 302: ...ory index interface gigabitEthernet port interval seconds owner owner name buckets number no rmon history index Parameter index The index number of the entry ranging from 1 to 12 in the format of 1 3...

Page 303: ...e The name of the User to which the event belongs ranging from 1 to 16 characters By default it is public descript The description of the event ranging from 1 to 16 characters By default it is empty t...

Page 304: ...rising event index r event falling threshold f hold falling event index f event a type rise fall all owner owner name interval interval no rmon alarm index Parameter index The index number of the Ala...

Page 305: ...Threshold and all indicates that the alarm event will be triggered either the sampled value exceeds the Rising Threshold or is under the Falling Threshold By default the Alarm Type is all owner name T...

Page 306: ...e effect until it is modified to valid valid means this entry takes effect immediately after it is created Command Mode Global Configuration Mode Privilege Requirement Only Admin level users have acce...

Page 307: ...ilege Requirement Only Admin level users have access to these commands Example Display the View table T1600G 52TS show snmp server view 29 18 show snmp server group Description The show snmp server gr...

Page 308: ...1600G 52TS show snmp server user 29 20 show snmp server community Description The show snmp server community command is used to display the Community table Syntax show snmp server community Command Mo...

Page 309: ...he show snmp server engineID command is used to display the engineID of the SNMP Syntax show snmp server engineID Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement Onl...

Page 310: ...s T1600G 52TS show rmon history 29 24 show rmon event Description The show rmon event command is used to display the configuration of SNMP RMON Event Syntax show rmon event index Parameter index The i...

Page 311: ...d EXEC Mode and Any Configuration Mode Privilege Requirement Only Admin level users have access to these commands Example Display the configuration of the Alarm Management entry 1 2 T1600G 52TS show r...

Page 312: ...296 Privilege Requirement Only Admin level users have access to these commands Example Display the configuration of the statistics entry 1 T1600G 52TS show rmon statistics 1...

Page 313: ...dp command Syntax lldp no lldp Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Enable LLDP function gl...

Page 314: ...ldp timer tx interval tx delay reinit delay notify interval fast count Parameter tx interval Configure the interval for the local device to transmit LLDPDU to its neighbors The value ranges from 5 to...

Page 315: ...of LLDPDU as 45 seconds and Trap message to NMS as 120 seconds T1600G 52TS config lldp timer tx interval 45 T1600G 52TS config lldp timer notify interval 120 30 4 lldp receive Description The lldp rec...

Page 316: ...ers have access to these commands Example Enable Gigabit Ethernet port 1 0 1 to transmit LLDPDU T1600G 52TS config interface gigabitEthernet 1 0 1 T1600G 52TS config if lldp transmit 30 6 lldp snmp tr...

Page 317: ...description system name management address port vlan protocol vlan vlan name link aggregation mac phy cfg max frame size power all no lldp tlv select port description system capability system descript...

Page 318: ...Configure the Fast Start Count parameter It ranges from 1 to 10 By default it is 4 Command Mode Global Configuration Mode Privilege Requirement Only Admin and Operator level users have access to thes...

Page 319: ...ng LLDPDU for the corresponding port To exclude LLDP MED TLVs please use no lldp med tlv select command By default All TLVs are included in outgoing LLDPDU Syntax lldp med tlv select inventory managem...

Page 320: ...Service ELIN identifier which is used during emergency call setup to a traditional CAMA or ISDN trunk based PSAP The length of this field ranges from 10 to 25 characters civic address The civic addres...

Page 321: ...lldp interface Description The show lldp interface command is used to display LLDP configuration of the corresponding port By default the LLDP configuration of all the ports will be displayed Syntax s...

Page 322: ...vilege Requirement None Example Display the LLDP information of Gigabit Ethernet port 1 0 1 T1600G 52TS show lldp local information interface gigabitEthernet 1 0 1 30 15 show lldp neighbor information...

Page 323: ...mation between the local device and neighbor device of the corresponding port By default the LLDP statistic information of all the ports will be displayed Syntax show lldp traffic interface gigabitEth...

Page 324: ...gured and maintained 31 1 arp Description This arp command is used to add a static ARP entry To delete the specified ARP entry please use the no arp command Syntax arp ip mac type no arp ip type Param...

Page 325: ...ple Clear all the dynamic ARP entries T1600G 52TS config clear arp cache 31 3 arp timeout Description This arp timeout command is used to configure the ARP aging time of the interface Syntax arp timeo...

Page 326: ...p mac show ip arp ip mac Parameter ip Specify the IP address of your desired ARP entry mac Specify the MAC address of your desired ARP entry Command Mode Privileged EXEC Mode and Any Configuration Mod...

Page 327: ...Display the ARP entry associated with VLAN interface 2 T1600G 52TS config show ip arp vlan 2 31 6 show ip arp summary Description This show ip arp summary command is used to display the number of the...

Page 328: ...he ID of the VLAN Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Create the VLAN interface 2 T1600G 5...

Page 329: ...er 3 interface into the Layer 2 port To switch the Layer 2 port into the Layer 3 routed port please use the no switchport command Syntax switchport no switchport Command Mode Interface Configuration M...

Page 330: ...Operator and Power User level users have access to these commands Example Create the port channel interfaces 1 3 4 and 5 T1600G 52TS config interface port channel 1 3 5 32 5 description Description Th...

Page 331: ...This shutdown command is used to shut down the specified interface The interface type include routed port port channel interface loopback interface and VLAN interface To enable the specified interface...

Page 332: ...ranging from 1 to 14 Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these commands Example Create the port channel interfac...

Page 333: ...dress as 192 168 2 0 the subnet mask as 255 255 255 0 and the next hop address as 192 168 0 2 T1600G 52TS config ip route 192 168 2 0 255 255 255 0 192 168 0 2 32 9 ipv6 routing Description This ipv6...

Page 334: ...distance metric of this route ranging from 1 to 255 The smaller the distance is the higher the priority is Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power U...

Page 335: ...er 3 interface Syntax show ip interface gigabitEthernet port port channel port channel id loopback id vlan vlan id Parameter port The port number port channel id The ID of the port channel Member port...

Page 336: ...ry information of the Layer 3 interfaces T1600G 52TS config show ip interface brief 32 14 show ip route Description This show ip route command is used to display the route entries of the specified typ...

Page 337: ...parameter ip longer prefixes Specify the destination subnets that match the network segment determined by the ip and mask parameters Command Mode Privileged EXEC Mode and Any Configuration Mode Privi...

Page 338: ...information of route entries T1600G 52TS config show ip route summary 32 17 show ipv6 interface Description This command is used to display the configured IPv6 information of the management interface...

Page 339: ...routes connected The connected routes Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement None Example Display the IPv6 static routes T1600G 52TS config show ipv6 route...

Page 340: ...324 Example Display the summary information of IPv6 route entries T1600G 52TS config show ipv6 route summary...

Page 341: ...to use the default template please use the sdm prefer default command The template change will takes effect after a reboot Syntax sdm prefer default enterpriseV4 enterpriseV6 Parameter default Specify...

Page 342: ...become active after a reboot default Display the resource allocation of the default template enterpriseV4 Display the resource allocation of the enterpriseV4 template enterpriseV6 Display the resource...

Page 343: ...S servers for the connection between the switch and the server Server Group User can define the authentication server group with up to several servers running the same secure protocols either RADIUS o...

Page 344: ...ranges from 1 to 9 seconds The default is 5 seconds 0 string 7 encrypted string 0 and 7 are the encryption type 0 indicates that an unencrypted key will follow 7 indicates that a symmetric encrypted k...

Page 345: ...ption This show ip tacacs server command is used to display the summary information of the TACACS servers Syntax show tacacs server Command Mode Privileged EXEC Mode and Any Configuration Mode Privile...

Page 346: ...me By default it is 2 times 0 string 7 encrypted string 0 and 7 are the encryption type 0 indicates that an unencrypted key will follow 7 indicates that a symmetric encrypted key with a fixed length w...

Page 347: ...rmation of the RADIUS servers Syntax show radius server Command Mode Privileged EXEC Mode and Any Configuration Mode Privilege Requirement Only Admin level users have access to these commands Example...

Page 348: ...with the name radius1 T1600G 52TS config aaa group radius radius1 34 7 server Description This server command is used to add the existing server in the defined server group To remove the specified ser...

Page 349: ...ion Mode Privilege Requirement Only Admin level users have access to these commands Example Display the information of all the server groups T1600G 52TS config show aaa group 34 9 aaa authentication l...

Page 350: ...Admin level users have access to these commands User Guidelines By default the login authentication method list is default with local as method1 Example Configure a login authentication method list l...

Page 351: ...rivilege Requirement Only Admin level users have access to these commands User Guidelines By default the enable authentication method is default with none as method1 Example Configure a privilege auth...

Page 352: ...aa accounting dot1x default command is used to configure an 802 1X accounting method list To delete the default accounting method list please use the no aaa accounting dot1x default command Syntax aaa...

Page 353: ...de Privilege Requirement Only Admin level users have access to these commands Example Display the information of all the authentication method lists T1600G 52TS config show aaa authentication 34 14 sh...

Page 354: ...in level users have access to these commands Example Enter the telnet terminal line configuration mode T1600G 52TS config line telnet 34 16 login authentication telnet Description The login authentica...

Page 355: ...iguration Mode to configure the ssh terminal line to which you want to apply the authentication list Syntax line ssh Command Mode Global Configuration Mode Privilege Requirement Only Admin level users...

Page 356: ...s list1 T1600G 52TS config line ssh T1600G 52TS config line login authentication list1 34 19 enable authentication telnet Description The enable authentication command is used to apply the privilege a...

Page 357: ...sh terminal line To restore to the default authentication method list please use the no enable authentication command Syntax enable authentication method list no enable authentication Parameter method...

Page 358: ...ult which contains the method local Command Mode Global Configuration Mode Privilege Requirement Only Admin level users have access to these commands Example Configure the login authentication method...

Page 359: ...600G 52TS config ip http enable authentication list2 34 23 show aaa global Description This show aaa global command is used to display global status of AAA function and the login enable method lists o...

Page 360: ...ction please use no service dhcp relay command Syntax service dhcp relay no service dhcp relay Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level use...

Page 361: ...address 192 168 2 1 35 3 ip dhcp relay information Description The ip dhcp relay information command is used to enable option 82 support in DHCP Relay To disable this function please use no ip dhcp r...

Page 362: ...on 82 field keep Keep the Option 82 field in the packet replace Replace the option 82 field with the system option defined by the switch Command Mode Global Configuration Mode Privilege Requirement On...

Page 363: ...command is used to specify the custom circuit ID when option 82 customization is enabled To clear the circuit ID please use no ip dhcp relay information circuit id command Syntax ip dhcp relay informa...

Page 364: ...remoteID Specify the remote ID ranging from 1 to 64 characters Command Mode Global Configuration Mode Privilege Requirement Only Admin Operator and Power User level users have access to these command...

Page 365: ...349 Example Display the configuration of DHCP Relay T1600G 52TS config show ip dhcp relay...

Reviews:

No comments

Related manuals for T1600-28TS

Brand: S&C Pages: 26

Brand: S&C Pages: 37

Brand: S&C Pages: 28

Brand: D-Link Pages: 2

Brand: NETGEAR Pages: 15

Brand: tbs electronics Pages: 2

Brand: EtherWAN Pages: 2

Link Power LPS2400-T1

Brand: Inscape Data Pages: 8

3C17205 - SuperStack 3 Switch 4400 PWR

Brand: 3Com Pages: 90

BNI EIP-950-000-Z009

Brand: Balluff Pages: 12

Brand: Zamel Pages: 4

Brand: e+p Pages: 2

Brand: Davey Pages: 2

Brand: Bühler technologies Pages: 20

Brand: H3C Pages: 57

Brand: Avid Technology Pages: 34

Brand: Intellinet Pages: 48

Brand: Hubner Pages: 23

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands