Allied Telesis x510-28GPX Скачать руководство пользователя страница 2397

Страница: 2397 / 2822

C613-50170-01 Rev B

Command Reference for x510 Series

2397

AlliedWare Plus™ Operating System - Version 5.4.7-1.x

LLIED

ELESIS

ANAGEMENT

RAMEWORK

™ (AMF) C

OMMANDS

SHOW

ATMF

SECURE

MODE

AUDIT

show atmf secure-mode audit

Overview

Use this command to detect security vulnerabilities on a node.

Syntax

show atmf secure-mode audit

Mode

Privileged Exec

Example

To display AMF secure mode link audits for a node, use the command

awplus#

show atmf secure-mode audit

Output

Figure 54-27: Example output from

show atmf secure-mode audit

Related

Commands

show atmf secure-mode

Command

changes

Version 5.4.7-0.3: command added

ATMF Secure Mode Audit:



Warning : The default username and password is enabled.



Good : SNMP V1 or V2 is disabled.



Warning : Telnet server is enabled.



Good : ATMF is enabled. Secure-Mode is on.



Good : ATMF Topology-GUI is disabled. No trustpoints configured.



ATMF Secure Mode Log Events:



-------------------------------------------------------------------------



2017 Feb 2 00:59:25 user.notice node1 ATMF[848]: Sec_Audit - ATMF Secure



Mode is enabled.



2017 Feb 2 01:30:00 user.notice node1 ATMF[848]: Sec_Audit - Established



secure connection to area_1_node_1 on interface vlink1.

Table 54-3: Parameters in the output from

show atmf secure-mode audit link

Parameter

Description

ATMF Secure Mode
Audit

A list of security recommendations to secure the AMF
network. Items prefaced with

Warning

need to be fixed.

In the sample above the default username and password,
and telnet, should be disabled.

ATMF Secure Mode
Log Events

A list of recorded secure mode log events.

«
...
2395
2396
2397
2398
2399
...
»

Содержание x510-28GPX

Страница 1: ...es STACKABLE GIGABIT EDGE SWITCHES Command Reference for AlliedWare Plus Version 5 4 7 1 x x510 28GTX x510 28GPX x510 52GTX x510 52GPX x510 28GSX x510 28GSX 80 x510DP 28GTX x510DP 52GTX x510L 28GT x51...

Страница 2: ...uction and shipping costs and a CD with the GPL code will be mailed to you GPL Code Request Allied Telesis Labs Ltd PO Box 8011 Christchurch New Zealand Allied Telesis AlliedWare Plus Allied Telesis M...

Страница 3: ...Privileged Exec mode 99 end 101 exit 102 help 103 logout 104 show history 105 Chapter 2 File and Configuration Management Commands 106 Introduction 106 autoboot enable 110 boot config file 111 boot co...

Страница 4: ...clear line console 162 clear line vty 163 enable password 164 enable secret 167 exec timeout 170 flowcontrol hardware asyn console 172 length asyn 174 line 175 privilege level 177 security password hi...

Страница 5: ...6 GUI Commands 220 Introduction 220 atmf topology gui enable 221 gui timeout 222 log event host 224 service http 225 show http 226 Chapter 7 System Configuration and Monitoring Commands 227 Introduct...

Страница 6: ...ggables and Cabling Commands 299 Introduction 299 clear test cable diagnostics tdr 300 debug fiber monitoring 301 fiber monitoring action 303 fiber monitoring baseline 304 fiber monitoring enable 306...

Страница 7: ...ent log 377 default log buffered 378 default log console 379 default log email 380 default log external 381 default log host 382 default log monitor 383 default log permanent 384 log buffered 385 log...

Страница 8: ...interface to configure 467 mru 469 mtu 471 show interface 473 show interface brief 476 show interface memory 477 show interface status 479 shutdown 481 Chapter 13 Port Mirroring and Remote Mirroring...

Страница 9: ...eg mc flooding 532 platform vlan stacking tpid 534 polarity 535 show debugging loopprot 536 show debugging platform packet 537 show flowcontrol interface 538 show interface err disabled 539 show inter...

Страница 10: ...witchport private vlan mapping 596 switchport trunk allowed vlan 597 switchport trunk native vlan 600 switchport vlan translation 601 switchport vlan translation default drop 602 switchport vlan stack...

Страница 11: ...force version 670 spanning tree forward time 671 spanning tree guard root 672 spanning tree hello time 673 spanning tree link type 674 spanning tree max age 675 spanning tree max hops MSTP 676 spanni...

Страница 12: ...ower inline enable 732 power inline max 733 power inline priority 735 power inline usage threshold 737 service power inline 738 show debugging power inline 739 show power inline 740 show power inline...

Страница 13: ...4 show ip interface 806 show ip sockets 807 show ip traffic 810 tcpdump 812 traceroute 813 undebug ip packet interface 814 Chapter 22 Domain Name Service DNS Commands 815 Introduction 815 clear ip dns...

Страница 14: ...me 860 ipv6 nd suppress ra 861 ipv6 neighbor 862 ipv6 opportunistic nd 863 ipv6 route 864 ipv6 unreachables 865 ping ipv6 866 show ipv6 forwarding 867 show ipv6 interface brief 868 show ipv6 neighbors...

Страница 15: ...size RIP 927 redistribute RIP 928 restart rip graceful 929 rip restart grace period 930 route RIP 931 router rip 932 send lifetime 933 show debugging rip 935 show ip protocols rip 936 show ip rip 937...

Страница 16: ...start 987 clear ip ospf process 988 compatible rfc1583 989 debug ospf events 990 debug ospf ifsm 991 debug ospf lsa 992 debug ospf nfsm 993 debug ospf nsm 994 debug ospf packet 995 debug ospf route 99...

Страница 17: ...how ip ospf database opaque area 1052 show ip ospf database opaque as 1053 show ip ospf database opaque link 1054 show ip ospf database router 1055 show ip ospf database summary 1057 show ip ospf inte...

Страница 18: ...nterval 1124 ipv6 ospf transmit delay 1125 ipv6 router ospf area 1126 max concurrent dd IPv6 OSPF 1128 passive interface IPv6 OSPF 1129 redistribute IPv6 OSPF 1130 restart ipv6 ospf graceful 1132 rout...

Страница 19: ...group 1193 clear ip igmp interface 1194 debug igmp 1195 ip igmp 1196 ip igmp access group 1197 ip igmp flood specific query 1198 ip igmp immediate leave 1199 ip igmp last member query count 1200 ip i...

Страница 20: ...251 clear ipv6 mld group 1252 clear ipv6 mld interface 1253 debug mld 1254 ipv6 mld 1255 ipv6 mld access group 1256 ipv6 mld immediate leave 1257 ipv6 mld last member query count 1258 ipv6 mld last me...

Страница 21: ...ng 1316 show ipv6 mif 1317 Chapter 33 PIM SM Commands 1318 Introduction 1318 clear ip pim sparse mode bsr rp set 1320 clear ip pim sparse mode packet statistics 1321 clear ip mroute pim sparse mode 13...

Страница 22: ...Chapter 34 PIM SMv6 Commands 1371 Introduction 1371 clear ipv6 mroute pim 1374 clear ipv6 mroute pim sparse mode 1375 clear ipv6 pim sparse mode bsr rp set 1376 debug ipv6 pim sparse mode 1377 debug i...

Страница 23: ...ter 35 PIM DM Commands 1433 Introduction 1433 debug pim dense mode all 1435 debug pim dense mode context 1436 debug pim dense mode decode 1437 debug pim dense mode encode 1438 debug pim dense mode fsm...

Страница 24: ...1517 access list extended numbered 1525 access list extended ICMP filter 1527 access list extended IP filter 1529 access list extended IP protocol filter 1532 access list extended TCP UDP filter 1536...

Страница 25: ...8 match access group 1620 match cos 1622 match dscp 1623 match eth format protocol 1624 match inner cos 1627 match inner vlan 1628 match ip precedence 1629 match mac type 1630 match tcp flags 1631 mat...

Страница 26: ...eauth req 1690 dot1x port control 1692 dot1x timeout tx period 1694 show debugging dot1x 1696 show dot1x 1697 show dot1x diagnostics 1700 show dot1x interface 1702 show dot1x sessionstatistics 1707 sh...

Страница 27: ...b server ipaddress 1784 auth web server page language 1785 auth web server login url 1786 auth web server page logo 1787 auth web server page sub title 1788 auth web server page success message 1789 a...

Страница 28: ...default group tacacs 1848 aaa authentication enable default local 1850 aaa authentication login 1851 aaa authorization commands 1853 aaa authorization config commands 1855 aaa group server 1856 aaa l...

Страница 29: ...db to file 1919 crypto pki enroll local deleted 1920 crypto pki enroll local local radius all users deleted 1921 crypto pki enroll local user deleted 1922 crypto pki export local pem deleted 1923 cry...

Страница 30: ...er 47 TACACS Commands 1976 Introduction 1976 authorization commands 1977 aaa authorization commands 1979 aaa authorization config commands 1981 ip tacacs source interface 1982 show tacacs 1983 tacacs...

Страница 31: ...Chapter 49 OpenFlow Commands 2038 Introduction 2038 openflow 2039 openflow controller 2040 openflow datapath id 2042 openflow failmode standalone 2043 openflow inactivity 2044 openflow native vlan 20...

Страница 32: ...debug stack 2106 Chapter 51 VRRP Commands 2107 Introduction 2107 advertisement interval 2109 alternate checksum mode 2111 circuit failover 2112 debug vrrp 2114 debug vrrp events 2115 debug vrrp packet...

Страница 33: ...Chapter 53 G 8032 Ethernet Ring Protection Switching Commands 2175 Introduction 2175 cfm sf notify 2177 clear g8032 erp instance 2179 clear g8032 erp instance statistics 2180 data traffic 2181 debug...

Страница 34: ...now 2245 atmf backup redundancy enable 2247 atmf backup server 2248 atmf backup stop 2250 atmf backup synchronize 2251 atmf cleanup 2252 atmf container 2253 atmf container login 2254 atmf controller...

Страница 35: ...ost 2329 modeltype 2330 show atmf 2331 show atmf area 2335 show atmf area guests 2338 show atmf area guests detail 2340 show atmf area nodes 2342 show atmf area nodes detail 2344 show atmf area summar...

Страница 36: ...router 2436 dns server 2437 domain name 2438 host DHCP 2439 ip address dhcp 2440 ip dhcp bootp ignore 2442 ip dhcp leasequery enable 2443 ip dhcp option 2444 ip dhcp pool 2446 ip dhcp client default r...

Страница 37: ...v6 PD 2508 ipv6 address dhcp 2511 ipv6 dhcp client pd 2513 ipv6 dhcp option 2515 ipv6 dhcp pool 2517 ipv6 dhcp server 2519 ipv6 local pool 2520 ipv6 nd prefix DHCPv6 2522 link address 2524 option DHCP...

Страница 38: ...2589 snmp server engineID local 2592 snmp server engineID local reset 2594 snmp server group 2595 snmp server host 2597 snmp server legacy ifadminstatus 2599 snmp server location 2600 snmp server sou...

Страница 39: ...interface 2663 show location 2665 Chapter 60 SMTP Commands 2667 Introduction 2667 debug mail 2668 delete mail 2669 mail 2670 mail from 2671 mail smtpserver 2672 show counter mail 2673 show mail 2674 u...

Страница 40: ...ation 2729 ssh server deny users 2731 ssh server max auth tries 2733 ssh server resolve host 2734 ssh server scp 2735 ssh server sftp 2736 undebug ssh client 2737 undebug ssh server 2738 Chapter 63 Tr...

Страница 41: ...87 normal interval 2788 ping poll 2789 sample size 2790 show counter ping poll 2792 show ping poll 2794 source ip 2798 timeout ping polling 2800 up count 2801 undebug ping poll 2802 Chapter 65 sFlow C...

Страница 42: ...tended TCP UDP filter 1599 ipv6 access list standard filter 1603 named hardware ACL ICMP entry 1489 named hardware ACL IP packet entry 1493 named hardware ACL IP protocol entry 1497 named hardware ACL...

Страница 43: ...s max fail 1859 aaa login fail delay 1860 abr type 1078 accept lifetime 892 access group 1467 access list extended numbered 1525 access list numbered hardware ACL for ICMP 1469 access list numbered ha...

Страница 44: ...l link IPv6 OSPF 1088 area virtual link authentication ipsec spi 1090 area virtual link encryption ipsec spi 1092 area virtual link 980 area link 2223 arp IP address MAC 773 arp log 774 arp opportunis...

Страница 45: ...52 atmf container login 2254 atmf container 2253 atmf controller 2255 atmf distribute firmware 2256 atmf domain vlan 2258 atmf enable 2261 atmf group membership 2262 atmf guest class 2264 atmf log ver...

Страница 46: ...gui enable 221 atmf topology gui enable 2307 atmf virtual crosslink 2308 atmf virtual link 2310 atmf working set 2312 attribute 1906 auth auth fail vlan 1718 auth critical 1720 auth dynamic vlan crea...

Страница 47: ...mands 1862 authorization commands 1977 auth web accounting 1768 auth web authentication 1769 auth web enable 1770 auth web forward 1772 auth web max auth fail 1775 auth web method 1777 auth web server...

Страница 48: ...r redirect url 1799 auth web server session keep 1800 auth web server ssl intercept port 1802 auth web server ssl 1801 autoboot enable 110 auto cost reference bandwidth IPv6 OSPF 1095 auto cost refere...

Страница 49: ...r 2500 clear counter stack 2064 clear ethernet cfm errorlog 329 clear exception log 371 clear g8032 erp instance statistics 2180 clear g8032 erp instance 2179 clear gvrp statistics 752 clear ip dhcp b...

Страница 50: ...counters 703 clear line console 162 clear line vty 163 clear lldp statistics 2610 clear lldp table 2611 clear log buffered 373 clear log external 374 clear log permanent 375 clear log 372 clear loop p...

Страница 51: ...83 989 configure terminal 96 continuous reboot prevention 241 copy filename 118 copy buffered log 376 copy current software 120 copy debug 121 copy fdb radius users to file 1916 copy local radius user...

Страница 52: ...rt local pem deleted 1923 crypto pki export local pkcs12 deleted 1924 crypto pki export pem 1957 crypto pki export pkcs12 1958 crypto pki import pem 1960 crypto pki import pkcs12 1962 crypto pki trust...

Страница 53: ...g loopprot 512 debug mail 2668 debug mld 1254 debug mstp RSTP and STP 627 debug nsm mcast 1291 debug nsm mcast6 1292 debug ospf events 990 debug ospf ifsm 991 debug ospf lsa 992 debug ospf nfsm 993 de...

Страница 54: ...debug vrrp packet 2116 debug vrrp 2114 default log buffered 378 default log console 379 default log email 380 default log external 381 default log host 382 default log monitor 383 default log permane...

Страница 55: ...17 discovery 2323 distance IPv6 OSPF 1107 distance OSPF 999 distance RIP 901 distribute list IPv6 OSPF 1109 distribute list IPv6 RIPng 950 distribute list OSPF 1001 distribute list RIP 902 dns server...

Страница 56: ...ode 99 enable VRRP 2118 enable db summary opt 1003 enable password 164 enable secret 167 end 101 enrollment trustpoint configuration mode 1964 epsr configuration 2153 epsr datavlan 2154 epsr enhancedr...

Страница 57: ...nsitivity 308 findme trigger 248 findme 246 fingerprint trustpoint configuration mode 1965 flowcontrol switch port 517 flowcontrol hardware asyn console 172 fullupdate RIP 903 g8032 erp instance 2186...

Страница 58: ...ng 2004 ip dhcp snooping database 2005 ip dhcp snooping delete by client 2006 ip dhcp snooping delete by linkdown 2007 ip dhcp snooping max bindings 2008 ip dhcp snooping subscriber id 2009 ip dhcp sn...

Страница 59: ...st member query count 1200 ip igmp last member query interval 1201 ip igmp limit 1202 ip igmp maximum groups 1203 ip igmp mroute proxy 1205 ip igmp proxy service 1206 ip igmp querier timeout 1207 ip i...

Страница 60: ...st allow register fragments 1326 ip multicast forward first packet 1296 ip multicast route 1297 ip multicast route limit 1299 ip multicast wrong vif suppression 1300 ip multicast routing 1301 ip name...

Страница 61: ...time PIM DM 1447 ip pim hello holdtime PIM SM 1337 ip pim hello interval PIM DM 1448 ip pim hello interval PIM SM 1338 ip pim ignore rp set priority 1339 ip pim jp timer 1340 ip pim max graft retries...

Страница 62: ...rip send packet 913 ip rip split horizon 918 ip route 875 ip source binding 2013 ip tacacs source interface 1982 ip tcp synack retries 796 ip tftp source interface 134 ip unreachables 797 ipv6 access...

Страница 63: ...ld snooping querier 1271 ipv6 mld snooping report suppression 1272 ipv6 mld snooping 1266 ipv6 mld ssm map enable 1274 ipv6 mld ssm map static 1275 ipv6 mld static group 1276 ipv6 mld version 1278 ipv...

Страница 64: ...smit interval 1124 ipv6 ospf transmit delay 1125 ipv6 pim accept register 1382 ipv6 pim anycast rp 1383 ipv6 pim bsr border 1384 ipv6 pim bsr candidate 1385 ipv6 pim cisco register checksum group list...

Страница 65: ...bsm 1412 ipv6 prefix list 1605 ipv6 rip metric offset 951 ipv6 rip split horizon 953 ipv6 route 864 ipv6 route 877 ipv6 router ospf area 1126 ipv6 router rip 954 ipv6 tftp source interface 135 ipv6 t...

Страница 66: ...reinit 2625 lldp run 2626 lldp timer 2627 lldp tlv select 2628 lldp transmit receive 2630 lldp tx delay 2631 local proxy arp 799 location civic location configuration 2632 location civic location ide...

Страница 67: ...log host time 431 log host 422 log monitor filter 433 log monitor exclude 436 log permanent filter 440 log permanent exclude 443 log permanent size 446 log permanent 439 log trustpoint 449 login auth...

Страница 68: ...dress 1172 match ip next hop 1175 match ip precedence 1629 match ipv6 address 1177 match mac type 1630 match metric 1178 match route type 1179 match tag 1180 match tcp flags 1631 match vlan 1632 max c...

Страница 69: ...9 nas 1933 neighbor IPv6 RIPng 955 neighbor OSPF 1023 neighbor RIP 923 network DHCP 2462 network RIP 924 network area 1024 next server 2463 no crypto pki certificate 1967 no debug all 253 no police 16...

Страница 70: ...Pv6 2526 option 2464 ospf abr type 1026 ospf restart grace period 1027 ospf restart helper 1028 ospf router id 1030 overflow database external 1032 overflow database 1031 passive interface IPv6 OSPF 1...

Страница 71: ...ine usage threshold 737 preempt mode 2119 prefix delegation pool 2528 priority 2121 priority queue 1644 private vlan association 574 private vlan 573 privilege level 177 probe enable 2466 probe packet...

Страница 72: ...56 remark new cos 1647 remark map 1645 remote command deleted 2070 remote login 2071 remote mirror interface 485 repeat 2746 restart ipv6 ospf graceful 1132 restart ospf graceful 1036 restart rip grac...

Страница 73: ...sword minimum length 183 security password min lifetime enforce 181 security password reject expired pwd 184 security password warning 185 send lifetime 933 server radsecproxy aaa 1869 server Server G...

Страница 74: ...te 2815 show aaa local user locked 1875 show aaa server group 1876 show access list IPv4 Hardware ACLs 1511 show access list IPv4 Software ACLs 1554 show arp security interface 2018 show arp security...

Страница 75: ...ure mode certificates 2399 show atmf secure mode sa 2402 show atmf secure mode statistics 2405 show atmf secure mode 2395 show atmf tech 2407 show atmf virtual links 2410 show atmf working set 2412 sh...

Страница 76: ...pubkey rsa 1969 show crypto key pubkey chain knownhosts 2709 show crypto key pubkey chain userkey 2710 show crypto key userkey 2711 show crypto pki certificates deleted 1938 show crypto pki certificat...

Страница 77: ...e 1454 show debugging pim sparse mode 1355 show debugging platform packet 537 show debugging power inline 739 show debugging radius 1898 show debugging rip 935 show debugging sflow 2816 show debugging...

Страница 78: ...show ethernet cfm maintenance points local mep 356 show ethernet cfm maintenance points remote mep 362 show ethernet cfm service 365 show exception log 451 show file systems 145 show file 144 show flo...

Страница 79: ...p dhcp snooping interface 2032 show ip dhcp snooping statistics 2034 show ip dhcp snooping 2024 show ip dhcp relay 2488 show ip dns forwarding cache 832 show ip dns forwarding server 833 show ip dns f...

Страница 80: ...7 show ip pim dense mode interface 1455 show ip pim dense mode mroute 1458 show ip pim dense mode neighbor detail 1460 show ip pim dense mode neighbor 1459 show ip pim dense mode nexthop 1461 show ip...

Страница 81: ...ow ipv6 forwarding 867 show ipv6 interface brief 868 show ipv6 mif 1317 show ipv6 mld groups 1280 show ipv6 mld interface 1281 show ipv6 mld snooping mrouter 1282 show ipv6 mld snooping statistics 128...

Страница 82: ...w ipv6 pim sparse mode nexthop 1425 show ipv6 pim sparse mode rp mapping 1427 show ipv6 pim sparse mode rp nexthop 1428 show ipv6 pim sparse mode rp hash 1426 show ipv6 prefix list 1609 show ipv6 prot...

Страница 83: ...how memory pools 277 show memory shared 278 show memory 271 show mep alarm status 368 show mirror interface 488 show mirror 487 show mls qos interface policer counters 1657 show mls qos interface queu...

Страница 84: ...ity 575 show power inline counters 743 show power inline interface detail 747 show power inline interface 745 show power inline 740 show privilege 190 show process 279 show provisioning stack 2078 sho...

Страница 85: ...low 2819 show snmp server community 2577 show snmp server group 2578 show snmp server user 2579 show snmp server view 2580 show snmp server 2576 show spanning tree brief 641 show spanning tree mst con...

Страница 86: ...ring 310 show system interrupts 287 show system mac 288 show system pci device 289 show system pci tree 290 show system pluggable detail 315 show system pluggable diagnostics 318 show system pluggable...

Страница 87: ...D local 2592 snmp server group 2595 snmp server host 2597 snmp server legacy ifadminstatus 2599 snmp server location 2600 snmp server source interface 2601 snmp server startup trap delay 2602 snmp ser...

Страница 88: ...instance 679 spanning tree path cost 686 spanning tree portfast STP 687 spanning tree portfast bpdu filter 689 spanning tree portfast bpdu guard 691 spanning tree priority bridge priority 693 spanning...

Страница 89: ...on 1668 storm rate 1669 storm window 1670 subject name trustpoint configuration 1974 subnet mask 2492 sub ring 2210 summary address IPv6 OSPF 1160 summary address 1066 switch provision stack 2102 swit...

Страница 90: ...ort vlan translation default drop 602 switchport vlan translation 601 switchport vlan stacking double tagging 603 switchport voice dscp 604 switchport voice vlan priority 608 switchport voice vlan 605...

Страница 91: ...71 type atmf node 2426 type atmf node 2762 type cpu 2765 type interface 2766 type memory 2767 type periodic 2768 type ping poll 2769 type reboot 2770 type stack disabled master 2771 type stack link 27...

Страница 92: ...ipv6 rip 968 undebug lacp 724 undebug loopprot 565 undebug mail 2675 undebug mstp 698 undebug ospf events 1068 undebug ospf ifsm 1069 undebug ospf lsa 1070 undebug ospf nfsm 1071 undebug ospf nsm 1072...

Страница 93: ...e 611 vlan classifier group 612 vlan classifier rule ipv4 613 vlan classifier rule proto 614 vlan database 617 vlan filter 618 vlan mode remote mirror vlan 492 vlan mode stack local vlan 2104 vlan mod...

Страница 94: ...C613 50170 01 Rev B Command Reference for x510 Series 94 AlliedWare Plus Operating System Version 5 4 7 1 x Part 1 Setup and Troubleshooting...

Страница 95: ...ence for the commands used to navigate between different modes This chapter also provides a reference for the help and show commands used to help navigate within the CLI Command List configure termina...

Страница 96: ...ATION COMMANDS CONFIGURE TERMINAL configure terminal Overview This command enters the Global Configuration command mode Syntax configure terminal Mode Privileged Exec Example To enter the Global Confi...

Страница 97: ...GED EXEC MODE disable Privileged Exec mode Overview This command exits the Privileged Exec mode returning the prompt to the User Exec mode To end a session use the exit command Syntax disable Mode Pri...

Страница 98: ...ON COMMANDS DO do Overview This command lets you to run User Exec and Privileged Exec mode commands when you are in any configuration mode Syntax do command Mode Any configuration mode Example awplus...

Страница 99: ...r privilege levels with the enable Privileged Exec mode command If the privilege level specified is higher than the users configured privilege level specified by the username command then the user is...

Страница 100: ...N COMMANDS ENABLE PRIVILEGED EXEC MODE Privilege Exec mode Use the enable password command or the enable secret commands to set the password to enable access to Privileged Exec mode awplus enable 7 aw...

Страница 101: ...ther advanced command mode Syntax end Mode All advanced command modes including Global Configuration and Interface Configuration modes Example The following example shows the use of the end command to...

Страница 102: ...used in User Exec mode the exit command terminates the session Syntax exit Mode All command modes including Global Configuration and Interface Configuration modes Example The following example shows...

Страница 103: ...display a description on how to use the system help use the command awplus help Output Figure 1 1 Example output from the help command When you need help at the command line press If nothing matches...

Страница 104: ...Operating System Version 5 4 7 1 x CLI NAVIGATION COMMANDS LOGOUT logout Overview This command exits the User Exec or Privileged Exec modes and ends the session Syntax logout Mode User Exec and Privil...

Страница 105: ...lists all command line entries including commands that returned an error For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Config...

Страница 106: ...his syntax Example Copying in local Flash memory flash directory filename To specify a file in the configs directory in Flash flash configs example cfg Copyingtoorfrom a USB storage device usb directo...

Страница 107: ...Use hyphens or underscores instead Syntax for directory listings A leading slash indicates the root of the current filesystem location In commands where you need to specify the local filesystem s Fla...

Страница 108: ...er use the remote login command Command List autoboot enable on page 110 boot config file on page 111 boot config file backup on page 113 boot system on page 114 boot system backup on page 116 cd on p...

Страница 109: ...ATION MANAGEMENT COMMANDS show boot on page 142 show file on page 144 show file systems on page 145 show running config on page 147 show running config interface on page 151 show startup config on pag...

Страница 110: ...n file from the external media An example of a valid autoboot txt file is shown in the following figure Figure 2 1 Example autoboot txt file Use the no variant of this command to disable the Autoboot...

Страница 111: ...llback order see the File Management Feature Overview and Configuration Guide Examples To run the configuration file branch cfg stored on the device s Flash filesystem the next time the device boots u...

Страница 112: ...AGEMENT COMMANDS BOOT CONFIG FILE To stop running the configuration file branch cfg stored on the switch s USB storage device filesystem when the device boots up use the commands awplus configure term...

Страница 113: ...nagement Feature Overview and Configuration Guide Examples To set the configuration file backup cfg as the backup to the main configuration file use the commands awplus configure terminal awplus confi...

Страница 114: ...ts a release file on a USB storage device if a USB storage device is inserted in all stack members and all stack members have a bootloader version that supports booting from it If a stack member has a...

Страница 115: ...1 1 rel Answering y at the prompt will cause the system to delete the specified file awplus config y Related Commands boot config file boot config file backup boot system backup show boot Insufficien...

Страница 116: ...Configuration Examples To specify the file x510 5 4 7 0 1 rel as the backup to the main release file use the commands awplus configure terminal awplus config boot system backup flash x510 5 4 7 0 1 r...

Страница 117: ...ION MANAGEMENT COMMANDS CD cd Overview This command changes the current working directory Syntax cd directory name Mode Privileged Exec Example To change to the directory called images use the command...

Страница 118: ...and awplus copy sftp 10 0 1 2 new cfg bob key To use SCP with the username beth to copy the file old cfg into the directory config_files on a remote server that is listening on TCP port 2000 use the c...

Страница 119: ...onfig cfg configtest cfg To copy the file test txt from the top level of Flash on stack member 2 to the current directory in the stack master use the command awplus copy awplus 2 flash test txt test t...

Страница 120: ...ystem Syntax copy current software destination name Mode Privileged Exec Example To copy the current software as installed in the working directory with the file name my release rel use the command aw...

Страница 121: ...Mode Privileged Exec Example To copy debug output to a USB storage device with a filename my debug use the following command awplus copy debug usb my debug Output Figure 2 2 CLI prompt after entering...

Страница 122: ...py the running config as current cfg to the remote server listening on TCP port 2000 use the command awplus copy running config scp user server 2000 config_files current cfg Related Commands copy star...

Страница 123: ...as the file oldconfig cfg in the current directory use the command awplus copy startup config oldconfig cfg Related Commands copy running config Parameter Description source name The filename and path...

Страница 124: ...inicom ZMODEM works over a serial connection and does not need any interfaces configured to do a file transfer Syntax copy source name zmodem copy zmodem Mode Privileged Exec Example To copy the local...

Страница 125: ...ys and values that are expected in this file are correct After the file is created the create autoboot command will copy the current release and configuration files across to the external media The ex...

Страница 126: ...rrent directory use the command awplus delete force one cfg To delete the directory old_configs which is not empty use the command awplus delete recursive old_configs To delete the directory new_confi...

Страница 127: ...ied debug output file Syntax delete debug source name Mode Privileged Exec Example To delete debug output use the following command awplus delete debug Output Figure 2 3 CLI prompt after entering the...

Страница 128: ...ename For example to specify a file in the configs directory on member 2 of a stack enter awplus 2 flash configs example cfg Examples To list the files in the current working directory use the command...

Страница 129: ...wplus dir sort name To list the files by size smallest to largest use the command awplus dir sort reverse size To sort the files by modification time oldest to newest use the command awplus dir sort r...

Страница 130: ...itor make sure your terminal terminal emulation program or Telnet client is 100 compatible with a VT100 terminal The editor uses VT100 control sequences to display text on the terminal For more inform...

Страница 131: ...e your terminal terminal emulation program or Telnet client is 100 compatible with a VT100 terminal The editor uses VT100 control sequences to display text on the terminal Syntax edit filename Mode Pr...

Страница 132: ...vice is then rebooted and returned to its factory default condition The device can then be used for AMF automatic node recovery Syntax erase factory default Mode Privileged Exec Usage This command is...

Страница 133: ...when it boots up At the next restart the device loads the default configuration file default cfg If default cfg no longer exists then the device loads with the factory default configuration This prov...

Страница 134: ...is helpful in network configurations where TFTP traffic needs to traverse point to point links or subnets within your network and you do not want to propagate those point to point links through your...

Страница 135: ...configurations where TFTP traffic needs to traverse point to point links or subnets within your network and you do not want to propagate those point to point links through your routing tables In those...

Страница 136: ...ir name Mode Privileged Exec Usage You cannot name a directory or subdirectory flash nvs usb card tftp scp sftp or http These keywords are reserved for tab completion when using various file commands...

Страница 137: ...cfg to startup cfg use the command awplus move temp cfg startup cfg To move the file temp cfg from the root of the Flash filesystem to the directory myconfigs use the command awplus move temp cfg myc...

Страница 138: ...tination name debug nvs flash usb Mode Privileged Exec Example To movedebug output onto a USB storagedevicewith a filename my debug use the following command awplus move debug usb my debug Output Figu...

Страница 139: ...s Operating System Version 5 4 7 1 x FILE AND CONFIGURATION MANAGEMENT COMMANDS PWD pwd Overview This command prints the current working directory Syntax pwd Mode Privileged Exec Example To print the...

Страница 140: ...ve the directory images from the top level of the Flash filesystem use the command awplus rmdir flash images To create a directory called level1 containing a subdirectory called level2 and then force...

Страница 141: ...igure 2 6 Example output from the show autoboot command Figure 2 7 Example output from the show autoboot command when an external media source is not present Related Commands autoboot enable create au...

Страница 142: ...boot image flash x510 5 4 7 0 1 rel Default boot config flash default cfg Current boot config usb my cfg file exists Backup boot config flash backup cfg file not found Autoboot status enabled Table 2...

Страница 143: ...ated Commands autoboot enable boot config file backup boot system backup show autoboot Backup boot config The configuration file to use during the next boot cycle if the main configuration file cannot...

Страница 144: ...displays the contents of a specified file Syntax show file filename Mode Privileged Exec Example To display the contents of the file oldconfig cfg which is in the current directory use the command awp...

Страница 145: ...M flash rw flash static local Y system rw system virtual local 10 0M 9 8M debug rw debug static local Y 499 0K 431 0K nvs rw nvs static local Y tftp rw tftp network scp rw scp network sftp ro sftp net...

Страница 146: ...ow file Prefixes The prefixes used when entering commands to access the filesystems one of flash system nvs usb tftp scp sftp http S V D The memory type static virtual dynamic Lcl Ntwk Whether the mem...

Страница 147: ...on full Display the running config for all features This is the default setting so it is the same as entering show running config feature Display only the configuration for a single feature The featur...

Страница 148: ...route IPv6 static route configuration isakmp Internet Security Association Key Management Protocol ISAKMP configuration key chain Authentication key management configuration l2tp profile L2TP tunnel...

Страница 149: ...g switch Switch configuration web control Web Control configuration Parameter Description awplus show running config service password encryption hostname MyNode no banner motd username manager privile...

Страница 150: ...g config show running config interface switch 1 provision x510 28 vlan database vlan 2 15 state enable interface port1 0 1 1 0 6 switchport switchport mode access interface port1 0 25 1 0 26 switchpor...

Страница 151: ...in a list The specified interfaces must exist dot1x Displays running configuration for 802 1X port authentication for the specified interfaces lacp Displays running configuration for LACP Link Aggrega...

Страница 152: ...vlan1 To display the current running configuration of a device for VLANs 1 and 3 5 use the command awplus show running config interface vlan1 vlan3 vlan5 To display the current OSPF configuration of y...

Страница 153: ...eature Overview and Configuration Guide Syntax show startup config Mode Privileged Exec Example To display the contents of the current start up configuration file use the command awplus show startup c...

Страница 154: ...ll rights reserved c 2001 2003 Cambridge Broadband Ltd All rights reserved c 2003 Sun Microsystems Inc All rights reserved c 2003 2006 Sparta Inc All rights reserved c 2004 Cisco Inc and Information N...

Страница 155: ...2002 2004 MontaVista Software Inc All rights reserved Copyright c 2005 2010 Red Hat Inc File Utility Library Copyright c Ian F Darwin 1986 1987 1989 1992 1994 1995 Software written by Ian F Darwin an...

Страница 156: ...ant if files may be automatically written to the storage device such as external log files or AMF backup files Syntax unmount usb unmount usb member stack ID Mode Privileged Exec Example To unmount a...

Страница 157: ...copies the running config into the file that is set as the current startup config file This command is a synonym of the write memory and copy running config startup config commands Syntax write file...

Страница 158: ...nd copies the running config into the file that is set as the current startup config file This command is a synonym of the write file and copy running config startup config commands Syntax write memor...

Страница 159: ...MANDS WRITE TERMINAL write terminal Overview This command displays the current configuration of the device This command is a synonym of the show running config command Syntax write terminal Mode Privi...

Страница 160: ...on page 170 flowcontrol hardware asyn console on page 172 length asyn on page 174 line on page 175 privilege level on page 177 security password history on page 178 security password forced change on...

Страница 161: ...service terminal length deleted on page 189 show privilege on page 190 show security password configuration on page 191 show security password user on page 192 show telnet on page 193 show users on p...

Страница 162: ...minal session exists on the line then the terminal session is terminated If console line settings have changed then the new settings are applied Syntax clear line console 0 Mode Privileged Exec Exampl...

Страница 163: ...INE VTY clear line vty Overview This command resets a VTY line If a session exists on the line then it is closed Syntax clear line vty 0 32 Mode Privileged Exec Example To reset the first VTY line use...

Страница 164: ...5 by default Previously the default was level 1 Mode Global Configuration Usage This command enables the Network Administrator to set a password for entering the Privileged Exec mode when using the en...

Страница 165: ...and First use the enable password command to specify the string that you want to use as a password mypasswd Then use the service password encryption command to encrypt the specified string mypasswd Th...

Страница 166: ...onfiguration file will show only the encrypted string and not the text string awplus configure terminal awplus config enable password 8 fU7zHzuutY2SA awplus config end This results in the following sh...

Страница 167: ...is level 15 by default Mode Global Configuration Usage This command enables the Network Administrator to set a password for entering the Privileged Exec mode when using the enable Privileged Exec mod...

Страница 168: ...st use the enable password command to specify the string that you want to use as a password mypasswd Then use the service password encryption command to encrypt the specified string mypasswd The advan...

Страница 169: ...ration file will show only the encrypted string and not the text string awplus configure terminal awplus config enable secret 8 fU7zHzuutY2SA awplus config end This results in the following show outpu...

Страница 170: ...re it times out An exec timeout 0 0 setting will cause the telnet session to wait indefinitely The command exec timeout 0 0 is useful while configuring a device but reduces device security If no input...

Страница 171: ...C613 50170 01 Rev B Command Reference for x510 Series 171 AlliedWare Plus Operating System Version 5 4 7 1 x USER ACCESS COMMANDS EXEC TIMEOUT Related Commands line service telnet...

Страница 172: ...message is sent to the sending device to suspend the transmission until the data in the buffers has been processed Hardware flow control can be configured on terminal console lines e g asyn0 For Rever...

Страница 173: ...control on terminal console line asyn0 use the commands awplus configure terminal awplus config line console 0 awplus config line flowcontrol hardware To disable hardware flow control on terminal cons...

Страница 174: ...r than the length of the line the output will be paused and the More prompt allows you to move to the next screen full of data A length of 0 will turn off pausing and data will be displayed to the con...

Страница 175: ...To change the console asyn port speed use this line command to enter Line Configuration mode before using the speed asyn command Set the console speed Baud rate to match the transmission rate of the d...

Страница 176: ...o enter Line Configuration mode to configure the console asyn 0 port terminal line use the commands awplus configure terminal awplus config line console 0 awplus config line Related Commands accountin...

Страница 177: ...ec and all User Exec commands However intermediate CLI security will not show configuration commands in Privileged Exec Examples To set the console connection to have the maximum privilege level use t...

Страница 178: ...ommand awplus configure terminal awplus config security password history 3 To allow the reuse of recent passwords use the command awplus configure terminal awplus config no security password history R...

Страница 179: ...xpired pwd feature must be disabled with the security password reject expired pwd command The no variant of the command disables this feature Syntax security password forced change no security passwor...

Страница 180: ...fetime is 0 which will disable the lifetime functionality Mode Global Configuration Example To configure the password lifetime to 10 days use the command awplus configure terminal awplus config securi...

Страница 181: ...from re using old passwords For example if you do not allow people to re use any of their last 5 passwords a person can bypass that restriction by changing their password 5 times in quick succession...

Страница 182: ...ld align with the lifetime selected i e the fewer categories specified the shorter the lifetime specified Syntax security password minimum categories 1 4 Default The default number of categories that...

Страница 183: ...mum password length is 1 Mode Global Configuration Example To configure the required minimum password length as 8 use the command awplus configure terminal awplus config security password minimum leng...

Страница 184: ...config file Note that when the reject expired pwd functionality is disabled and a user logs on with an expired password if the forced change feature is enabled with security password forced change com...

Страница 185: ...y Mode Global Configuration Example To configure a warning period of three days use the command awplus configure terminal awplus config security password warning 3 Related Commands security password f...

Страница 186: ...re displays the possible options The no service advanced vty command disables the advanced vty help feature Syntax service advanced vty no service advanced vty Default The advanced vty help feature is...

Страница 187: ...ain text Use the no service password encryption command to stop the device from displaying newly entered passwords in encrypted form This does not change the display of existing passwords NOTE Do not...

Страница 188: ...ng telnet sessions will still be active Syntax service telnet ip ipv6 no service telnet ip ipv6 Default The IPv4 and IPv6 telnet servers are enabled by default The configured telnet port is TCP port 2...

Страница 189: ...e for x510 Series 189 AlliedWare Plus Operating System Version 5 4 7 1 x USER ACCESS COMMANDS SERVICE TERMINAL LENGTH DELETED service terminal length deleted Overview This command has been deleted in...

Страница 190: ...15 gives full user access to all Privileged Exec commands Syntax show privilege Mode User Exec and Privileged Exec Usage A user can have an intermediate CLI security level set with this command for pr...

Страница 191: ...put Figure 3 2 Example output from the show security password configuration command Related Commands security password forced change security password history security password lifetime security passw...

Страница 192: ...w security password user Output Figure 3 3 Example output from the show security password user command Related Commands security password forced change security password history security password life...

Страница 193: ...shows the Telnet server settings Syntax show telnet Mode User Exec and Privileged Exec Example To show the Telnet server settings use the command awplus show telnet Output Figure 3 4 Example output fr...

Страница 194: ...command Line User Host s Idle Location Priv Idletime Timeout con 0 manager idle 00 00 00 ttyS0 15 10 N A vty 0 bob idle 00 00 03 172 16 11 3 1 0 5 Table 1 Parameters in the output of the show users c...

Страница 195: ...t example use the command awplus telnet host example To connect to the telnet server host example on TCP port 100 use the command awplus telnet host example 100 Parameter Description hostname The host...

Страница 196: ...enabled then it will be restarted on the new port Changing the port number does not affect the port used by existing sessions Syntax telnet server 1 65535 default Mode Global Configuration Example To...

Страница 197: ...pecified by this command The default length will apply unless you have changed the length for some or all lines by using the length asyn command Syntax terminal length length terminal no length length...

Страница 198: ...d on the user s terminal Syntax terminal resize Mode User Exec and Privileged Exec Usage When the user s terminal size is changed then a remote session via SSH or TELNET adjusts the terminal size auto...

Страница 199: ...ege levels if an enable password has been configured for the level the user tries to access and the user enters that password A user at privilege level 1 can access the majority of show commands A use...

Страница 200: ...To create the user bob with a privilege level of 15 for all show commands including show running configuration and show startup configuration and to access configuration commands in Privileged Exec c...

Страница 201: ...ion 5 4 6 1 x and later new installations of Allied Telesis Management Framework AMF require a Subscription License instead of a Feature License For information about Subscription Licensing commands s...

Страница 202: ...specific to you when you initially add a license Once a license is added any change to the license label first requires removal of the license before adding a license again with a new license label Th...

Страница 203: ...network traffic Only install licenses in scheduled maintenance periods for devices in a live environment Examples To activate the license called IPv6 that has the key 12345678ABCDE123456789ABCDE use t...

Страница 204: ...on about all enabled licenses use the command awplus show license To display full information about the licenses with index number 1 use the command awplus show license index 1 Output Figure 4 2 Examp...

Страница 205: ...ion Name of the region for the Base License features Index Index identifying entry The index is assigned automatically by the software It is not configured License name Name of the license key bundle...

Страница 206: ...display a brief summary of information about all feature licenses use the command awplus show license feature brief Output Figure 4 3 Example output from show license brief Parameter Description featu...

Страница 207: ...ief Parameter Description Board region Name of the region for the Base License features Index Index identifying entry The index is assigned automatically by the software It is not configured License n...

Страница 208: ...on stack member 2 use the command awplus show license brief member 2 To display a briefsummary aboutall enabledlicenses on all stack members use the command awplus show license brief member all To di...

Страница 209: ...ief member Parameter Description Board region Name of the region for the Base License features Index Index identifying entry The index is assigned automatically by the software It is not configured Li...

Страница 210: ...show license member all command to display full list output of all licenses per stack member Examples To display full information about all enabled licenses on all stack members use the command awplus...

Страница 211: ...P Index 2 License name PIM Trial Customer name PIM Trial Quantity of licenses 10 Type of license 30 day trial License issue date 12 Jul 2014 License expiry date 12 Jul 2014 Features included PIM PIM 1...

Страница 212: ...subscription for each AMF master or controller node in your AMF network To see the AMF subscriptions for your device see the AlliedWare Plus Datasheet For Software Version 5 4 6 2 x and later Subscri...

Страница 213: ...tion license for a stack member and later have to permanently replace that stack member you can transfer the license to another stack member To do this 1 Check which stack member the license entitleme...

Страница 214: ...pdate online instead Syntax license update filename Mode Privileged Exec Usage You can download subscription licenses from the Allied Telesis Download Center in order to copy them onto the device Exam...

Страница 215: ...ximately 5 seconds If the console does not respond for 10 or more seconds after typing the command a network routing or firewall configuration error is probably preventing the connection from establis...

Страница 216: ...nd Reference for x510 Series 216 AlliedWare Plus Operating System Version 5 4 7 1 x SUBSCRIPTION LICENSING COMMANDS LICENSE UPDATE ONLINE Related Commands show license external Command changes Version...

Страница 217: ...CRF When you load the license onto the stack the software checks that the CRF is valid for one of the stack members the source stack member The software then applies the license entitlement to all me...

Страница 218: ...piry date 19 Apr 2017 23 59 Maximum AMF nodes 20 Start date 20 Apr 2017 00 00 Expiry date 20 Apr 2018 23 59 Maximum AMF nodes 50 awplus show license external Features with installed entitlements AMF M...

Страница 219: ...613 50170 01 Rev B Command Reference for x510 Series 219 AlliedWare Plus Operating System Version 5 4 7 1 x SUBSCRIPTION LICENSING COMMANDS SHOW LICENSE EXTERNAL Related Commands license update online...

Страница 220: ...ew This chapter provides an alphabetical reference of commands used to configure the GUI For more information see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Comm...

Страница 221: ...by default on Controllers Mode Global Configuration mode Usage To use Vista Manager EX you must also enable the HTTP service on all AMF nodes including all AMF masters and controllers The HTTP servic...

Страница 222: ...ce and then enter the seconds If the GUI timeout is disabled a GUI session will remain active until you terminate it No idle time will be configured The same timeout period will apply to all GUI sessi...

Страница 223: ...C613 50170 01 Rev B Command Reference for x510 Series 223 AlliedWare Plus Operating System Version 5 4 7 1 x GUI COMMANDS GUI TIMEOUT Related Commands show running config...

Страница 224: ...og sends the messages out as they come NOTE There is a difference between log event and log host messages Log event messages are sent out as they come by syslog Log host messages are set to wait for a...

Страница 225: ...Vista Manager EX and theAlliedWarePlus GUI Java applet Use the no variant of this command to disable the HTTP feature Syntax service http no service http Default Enabled Mode Global Configuration Exa...

Страница 226: ...ew This command shows the HTTP server settings Syntax show http Mode User Exec and Privileged Exec Example To show the HTTP server settings use the command awplus show http Output Figure 6 2 Example o...

Страница 227: ...ogin system on page 231 banner motd on page 233 clock set on page 235 clock summer time date on page 236 clock summer time recurring on page 238 clock timezone on page 240 continuous reboot prevention...

Страница 228: ...3 show memory history on page 275 show memory pools on page 277 show memory shared on page 278 show process on page 279 show reboot history on page 282 show router id on page 284 show system on page 2...

Страница 229: ...Ware Plus version and build date is displayed at console login such as Mode Global Configuration Examples To configure a User Exec mode banner after login in this example to tell people to use the ena...

Страница 230: ...x SYSTEM CONFIGURATION AND MONITORING COMMANDS BANNER EXEC To remove the User Exec mode banner after login enter the following commands Related Commands banner login system banner motd awplus configur...

Страница 231: ...e login banner Syntax banner login no banner login Default By default no login banner is displayed at console login Mode Global Configuration Examples To configure a login banner of Authorised users o...

Страница 232: ...170 01 Rev B Command Reference for x510 Series 232 AlliedWare Plus Operating System Version 5 4 7 1 x SYSTEM CONFIGURATION AND MONITORING COMMANDS BANNER LOGIN SYSTEM Related Commands banner exec bann...

Страница 233: ...x banner motd motd text no banner motd Default By default the device displays the AlliedWare Plus OS version and build date when you login Mode Global Configuration Examples To configure a MotD banner...

Страница 234: ...ION AND MONITORING COMMANDS BANNER MOTD Related Commands banner exec banner login system awplus enable awplus configure terminal Enter configuration commands one per line End with CNTL Z awplus config...

Страница 235: ...fset to the local time NOTE If Network Time Protocol NTP is enabled then you cannot change the time or date using this command NTP maintains the clock automatically using an external time source If yo...

Страница 236: ...ndard time and NZDT UTC 13 00 assummertime with thesummertimesetto begin on the 25th of September 2016 and end on the 2nd of April 2017 awplus config clock summer time NZDT date 25 sep 2 00 2016 2 apr...

Страница 237: ...B Command Reference for x510 Series 237 AlliedWare Plus Operating System Version 5 4 7 1 x SYSTEM CONFIGURATION AND MONITORING COMMANDS CLOCK SUMMER TIME DATE Related Commands clock summer time recurr...

Страница 238: ...very year from now on start week Week of the month when summertime starts in the range 1 5 The value 5 indicates the last week that has the specified day in it for the specified month For example to s...

Страница 239: ...ition for New Zealand using NZST UTC 12 00 as the standard time and NZDT UTC 13 00 as summertime with summertime set to start on the last Sunday in September and end on the 1st Sunday in April use the...

Страница 240: ...t to the local time Examples To set the timezone to New Zealand Standard Time with an offset from UTC of 12 hours use the command awplus config clock timezone NZST plus 12 To set the timezone to India...

Страница 241: ...ontinuous reboot prevention period threshold action Default Continuous reboot prevention is disabled by default The default period value is 600 the default threshold value is 1 and the default action...

Страница 242: ...o stopreboot use the commands awplus configure terminal awplus config continuous reboot prevention period 500 action stopreboot To return the period and action to the defaults and keep the continuous...

Страница 243: ...ED feature is enabled a change in port status will not affect the display of the associated LED When the eco friendly LED feature is disabled and power is returned to port LEDs the LEDs will correctly...

Страница 244: ...endly lpi no ecofriendly lpi Default The eco friendly LPI feature is disabled by default Mode Interface Configuration for a switch port or Interface Configuration for a range of switch ports Usage For...

Страница 245: ...and Reference for x510 Series 245 AlliedWare Plus Operating System Version 5 4 7 1 x SYSTEM CONFIGURATION AND MONITORING COMMANDS ECOFRIENDLY LPI Related Commands duplex ecofriendly led show ecofriend...

Страница 246: ...stored automatically after either the default time or a specified timehas elapsed or a no findme command is used You can specify which interface or interfaces are flashed with the optional interface p...

Страница 247: ...twice Each alternate flash will be amber if that device has amber LEDs This pattern will repeat until timeout default or set or no findme commands are used To deactivate the Find Me feature use the fo...

Страница 248: ...ig Usage Note that findme trigger is not available if you have set the switch to take the following actions in response to an event For loop detection the actions log only and none For MAC address thr...

Страница 249: ...ith a numeric suffix For example awplus 1 awplus 2 and so on The hostname command can then be used to change the stack name and the stack master s host name For example for the hostname Lab the stack...

Страница 250: ...awplus configure terminal awplus config hostname HQ Sales This changes the prompt to HQ Sales config To revert to the default hostname awplus use the command HQ Sales config no hostname This changes t...

Страница 251: ...following commands awplus config terminal awplus config max fib routes 2000 75 Parameter Description max fib routes This is the maximum number of routes that can be stored in the device s Forwarding...

Страница 252: ...d to set the maximum number of static routes to the default of 1000 static routes Syntax max static routes 1 1000 no max static routes Default The default number of static routes is the maximum number...

Страница 253: ...gging use the command awplus no debug all ipv6 To disable all NSM debugging use the command awplus no debug all nsm To disable all OSPF debugging use the command awplus no debug all ospf To disable al...

Страница 254: ...e Mode debugging use the command awplus no debug all pim sparse mode To disable all RIP debugging use the command awplus no debug all rip To disable all VRRP debugging use the command awplus no debug...

Страница 255: ...he whole stack you can either use this reboot command to reboot all stack members immediately or to minimize downtime reboot the stack members in a rolling sequence by using the reboot rolling command...

Страница 256: ...Command Reference for x510 Series 256 AlliedWare Plus Operating System Version 5 4 7 1 x SYSTEM CONFIGURATION AND MONITORING COMMANDS RELOAD reload Overview This command performs the same function as...

Страница 257: ...ct 2016 01 56 06 0000 Timezone NZST Timezone Offset 12 00 Summer time zone NZDT Summer time starts Last Sunday in September at 02 00 00 Summer time ends First Sunday in April at 02 00 00 Summer time o...

Страница 258: ...eference for x510 Series 258 AlliedWare Plus Operating System Version 5 4 7 1 x SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW CLOCK Related Commands clock set clock summer time date clock summer t...

Страница 259: ...us reboot prevention configuration Syntax show continuous reboot prevention Mode User Exec and Privileged Exec Examples To show the current continuous reboot prevention configuration use the command a...

Страница 260: ...and Privileged Exec Examples To show the CPU utilization of current processes sorting them by the number of threads the processes are using use the command awplus show cpu sort thrds To show CPU util...

Страница 261: ...corerotate 1 0 0 20 sleep 0 0 853 syslog ng 1 0 0 20 sleep 0 356 859 klogd 1 0 0 20 sleep 0 1 910 inetd 1 0 0 20 sleep 0 3 920 portmap 1 0 0 20 sleep 0 0 931 crond 1 0 0 20 sleep 0 1 1090 openhpid 11...

Страница 262: ...allocations show memory history show memory pools show process state Process state one of run sleep zombie and dead sleep Percentage of time that the process is in the sleep state runtime The time tha...

Страница 263: ...utput displays three graphs of the percentage CPU utilization per second for the last minute then per minute for the last hour then per 30 minutes for the last 30 hours If this command is entered on t...

Страница 264: ...istory command Per second CPU load history 100 90 80 70 60 50 40 30 20 10 Oldest Newest CPU load per second last 60 seconds average CPU load Per minute CPU load history 100 90 80 70 60 50 40 30 20 10...

Страница 265: ...Reference for x510 Series 265 AlliedWare Plus Operating System Version 5 4 7 1 x SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW CPU HISTORY Related Commands show memory show memory allocations sho...

Страница 266: ...ed Exec Usage This command displays all debugging information similar to the way the show tech support command displays all show output for use by Allied Telesis authorized service personnel only Exam...

Страница 267: ...d awplus show ecofriendly Front panel port LEDs normal Energy efficient ethernet Port Name Configured Status port1 0 1 Port 1 lpi lpi port1 0 2 lpi lpi port1 0 3 lpi lpi port1 0 4 off off port1 0 5 lp...

Страница 268: ...riding the configuration set with the ecofriendly led command Power to the port LEDs is disabled Port Displays the port number as assigned by the switch Name Displays the port name if a name is config...

Страница 269: ...interface port list memory Mode User Exec and Privileged Exec Example To display the shared memory used by all interfaces use the command awplus show interface memory To display the shared memory use...

Страница 270: ...f show interface status show interface switchport awplus show interface memory Vlan blocking state shared memory usage Interface shmid Bytes Used nattch Status port1 0 1 393228 512 1 port1 0 2 458766...

Страница 271: ...processes use the command awplus show memory Output Figure 7 9 Example output from show memory Parameter Description stack ID Stack member number from 1 to 8 sort Changes the sorting order for the li...

Страница 272: ...he show memory command Parameter Description Stack member Stack member number RAM total Total amount of RAM memory free free Available memory size buffers Memory allocated kernel buffers pid Identifie...

Страница 273: ...the memory allocations used by all processes on your device use the command awplus show memory allocations Output Figure 7 10 Example output from the show memory allocations command Parameter Descript...

Страница 274: ...x510 Series 274 AlliedWare Plus Operating System Version 5 4 7 1 x SYSTEM CONFIGURATION AND MONITORING COMMANDS SHOW MEMORY ALLOCATIONS Related Commands show memory show memory history show memory po...

Страница 275: ...tack ID Mode User Exec and Privileged Exec Usage This command s output displays three graphs of the percentage memory utilization per second for the last minute then per minute for the last hour then...

Страница 276: ...OW MEMORY HISTORY Output Figure 7 11 Example output from the show memory history command Related Commands show memory allocations show memory pools show memory shared show tech support STACK member 1...

Страница 277: ...he memory pools used by processes use the command awplus show memory pools Output Figure 7 12 Example output from the show memory pools command Related Commands show memory allocations show memory his...

Страница 278: ...are Plus Feature Overview and Configuration Guide Syntax show memory shared Mode User Exec and Privileged Exec Example To display information about the shared memory allocation used on the device use...

Страница 279: ...nd Privileged Exec Usage This command displays a snapshot of currently running processes If you want to see CPU or memory utilization history instead use the commands show cpu history or show memory h...

Страница 280: ...ng 1 0 0 16 sleep 88 kernel threads pid name cpu pri state sleep 71 aio 0 0 20 sleep 0 3 events 0 0 10 sleep 98 Table 5 Parameters in the output from the show process command Parameter Description St...

Страница 281: ...NFIGURATION AND MONITORING COMMANDS SHOW PROCESS Related Commands show cpu show cpu history pri Process priority state Process state one of run sleep stop zombie or dead sleep Percentage of time the p...

Страница 282: ...quest 2016 10 10 01 35 31 Expected User Request 2016 10 10 01 16 25 Unexpected Rebooting due to critical process network nsm failure 2016 10 10 01 11 04 Unexpected Rebooting due to critical process ne...

Страница 283: ...oot prevention show tech support Continuous reboot prevention A continuous reboot prevention event has occurred The action taken is configured with the continuous reboot prevention command The next ti...

Страница 284: ...UTER ID show router id Overview Use this command to show the Router ID of the current system Syntax show router id Mode User Exec and Privileged Exec Example To display the Router ID of the current sy...

Страница 285: ...ide Syntax show system Mode User Exec and Privileged Exec Example To display configuration information use the command awplus show system Output Figure 7 17 Example output from show system Related Com...

Страница 286: ...Overview and Configuration Guide Syntax show system environment Mode User Exec and Privileged Exec Example To display the system s environmental status use the command awplus show system environment...

Страница 287: ...Example To display information about the number of interrupts for each IRQ in your device use the command awplus show system interrupts Output Figure 7 19 Example output from the show system interrupt...

Страница 288: ...o display the physical MAC address enter the following command awplus show system mac Output Figure 7 20 Example output from the show system mac command Output Figure 7 21 Example output showing how t...

Страница 289: ...se the command awplus show system pci device Output Figure 7 22 Example output from the show system pci device command Related Commands show system environment show system pci tree awplus show system...

Страница 290: ...ommand to display the PCI tree on your device Syntax show system pci tree Mode User Exec and Privileged Exec Example To display information about the PCI tree on your device use the command awplus sho...

Страница 291: ...ion for the device For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show system serialnumber Mode Use...

Страница 292: ...cpsn epsr firewall igmp ip ipv6 mld openflow ospf ospf6 pim rip ripng stack stp system tacacs update outfile filename Parameter Description all Display full information atmf Display ATMF specific info...

Страница 293: ...already exists a newfilenameis generated withthe current timestamp If the output filename does not end with gz then gz is appended to the filename Since output files may be too large for Flash on the...

Страница 294: ...iguration Usage This command is used to change the console asyn port speed Set the console speed to matchthetransmissionrateofthe device connectedto theconsole asyn port on your device Example To set...

Страница 295: ...d Reference for x510 Series 295 AlliedWare Plus Operating System Version 5 4 7 1 x SYSTEM CONFIGURATION AND MONITORING COMMANDS SPEED ASYN Related Commands clear line console line show running config...

Страница 296: ...4 7 1 x SYSTEM CONFIGURATION AND MONITORING COMMANDS SYSTEM TERRITORY DEPRECATED system territory deprecated Overview This command has been deprecated in Software Version 5 4 4 0 1 and later It now h...

Страница 297: ...minal or use the timeout option to stop displaying debugging output on the terminal after a set time Syntax terminal monitor 1 60 terminal no monitor Default Disabled Mode User Exec and Privileged Exe...

Страница 298: ...Reference for x510 Series 298 AlliedWare Plus Operating System Version 5 4 7 1 x SYSTEM CONFIGURATION AND MONITORING COMMANDS UNDEBUG ALL undebug all Overview This command applies the functionality o...

Страница 299: ...s in optical power received over fiber cables For more information see the Pluggables and Cabling Feature Overview and Configuration Guide Command List clear test cable diagnostics tdr on page 300 deb...

Страница 300: ...cable diagnostics tdr Overview Use this command to clear the results of the last cable test that was run Syntax clear test cable diagnostics tdr Mode Privileged Exec Examples To clear the results of a...

Страница 301: ...c Privileged Exec Usage While debugging is enabled by this command for a port all the optical power readings for the port are sent to the console Example To enable debugging messages for active fiber...

Страница 302: ...522 Fiber monitor port2 0 1 Channel 1 Reading 1748 Baseline 1708 Threshold 1356 01 42 52 awplus Pluggable 522 Fiber monitor port2 0 1 Channel 1 Reading 1717 Baseline 1709 Threshold 1357 01 42 54 awplu...

Страница 303: ...nly generates a log message Example To set the device to send an SNMP notification when ports 1 0 1 or 1 0 2 receive reduced power use the commands awplus config interface port1 0 1 1 0 2 awplus confi...

Страница 304: ...aused by temperature fluctuations etc could lead to unnecessary alarms There are two ways to configure the baseline The first is to choose a number of readings to average This is the default and recom...

Страница 305: ...Command Reference for x510 Series 305 AlliedWare Plus Operating System Version 5 4 7 1 x PLUGGABLES AND CABLING COMMANDS FIBER MONITORING BASELINE Related Commands fiber monitoring interval fiber mon...

Страница 306: ...e or to remove all the configuration and state for the ports respectively Syntax fiber monitoring enable no fiber monitoring enable no fiber monitoring Default Active fiber monitoring is disabled by d...

Страница 307: ...polling interval to the default 5 seconds Syntax fiber monitoring interval 2 60 no fiber monitoring interval Default The interval is set to 5 seconds by default Mode Interface configuration mode for...

Страница 308: ...ined levels in decibels or to a fixed absolute delta in units of 0 0001mW The alarm thresholds can be seen in the show system fiber monitoring output The maximum absolute sensitivity configurable is 0...

Страница 309: ...ence for x510 Series 309 AlliedWare Plus Operating System Version 5 4 7 1 x PLUGGABLES AND CABLING COMMANDS FIBER MONITORING SENSITIVITY Related Commands fiber monitoring action fiber monitoring basel...

Страница 310: ...onitoring awplus show sys fiber monitoring Fiber Monitoring Status Reading units 0 0001mW Stack member 1 Interface port1 0 1 Status enabled Supported Supported pluggable Debugging disabled Interval 2...

Страница 311: ...sensitivity threshold for optical power changes on this port Baseline type How the baseline optical power level is calculated either the average of the specified number of previous readings or a spec...

Страница 312: ...1 Rev B Command Reference for x510 Series 312 AlliedWare Plus Operating System Version 5 4 7 1 x PLUGGABLES AND CABLING COMMANDS SHOW SYSTEM FIBER MONITORING fiber monitoring interval fiber monitoring...

Страница 313: ...luggable Example To display brief information about pluggable transceivers installed in port1 0 25 through port1 0 26 use the command awplus show system pluggable port1 0 25 1 0 26 Output Figure 8 3 E...

Страница 314: ...nsceiver Serial Number Specifies the serial number for the installed pluggable transceiver Datecode Specifies the manufacturing datecode for the installed pluggable transceiver Checking the manufactur...

Страница 315: ...detail command displays the following information SFP Laser Wavelength Specifies the laser wavelength of the installed pluggable transceiver Single mode Fiber Specifies the link length supported by t...

Страница 316: ...plus show system pluggable detail Output Figure 8 4 Example output from show system pluggable detail for a specific port on a device awplus show system pluggable port1 0 25 detail System Pluggable Inf...

Страница 317: ...AlliedWare Plus Feature Overview and Configuration Guide SFP Laser Wavelength Specifies the laser wavelength of the installed pluggable transceiver Single Mode Fiber Specifies the link length supporte...

Страница 318: ...n optical SFP and SFP transceivers support Digital Diagnostics Monitoring DDM functions Diagnostic monitoring features allow you to monitor real time parameters of the pluggable transceiver such as op...

Страница 319: ...Low 12 589 0 040 Rx LOS Rx Down Port1 0 26 Status Alarms Warnings Reading Alarm Max Min Warning Max Min Temp Degrees C 29 387 100 00 40 00 85 000 10 00 Vcc Volts 3 378 3 630 2 970 3 465 3 135 Tx Bias...

Страница 320: ...ometer on a fixed copper cable port The displayed status of the cable can be either OK Open Short within pair Short across pair Error Syntax show test cable diagnostics tdr Mode Privileged Exec Exampl...

Страница 321: ...displayed status of the cable can be either OK Short within pair or Open The Open or Short status is accompanied with the distance from the source port to the incorrect termination Syntax test cable...

Страница 322: ...al on page 324 cc multicast on page 326 cc unicast on page 327 clear MEP Attribute on page 328 clear ethernet cfm errorlog on page 329 clear mep counter on page 330 ethernet cfm domain name on page 33...

Страница 323: ...01 Rev B Command Reference for x510 Series 323 AlliedWare Plus Operating System Version 5 4 7 1 x CONNECTIVITY FAULT MANAGEMENT COMMANDS show ethernet cfm service on page 365 show mep alarm status on...

Страница 324: ...s that MEP declares a connectivity fault This is known as a defect Upon detecting a defect the detecting MEP will also set the Remote Defect Indicator RDI bit for its outgoing CCM messages to its peer...

Страница 325: ...1 Rev B Command Reference for x510 Series 325 AlliedWare Plus Operating System Version 5 4 7 1 x CONNECTIVITY FAULT MANAGEMENT COMMANDS CC INTERVAL service ma name Command changes Version 5 4 7 1 1 co...

Страница 326: ...faults across a link using Link Level MEPs or across a segment of a VLAN using VLAN aware MEPs both of which are used within an MD MA CCMs are sent using multicast or unicast but not both In order to...

Страница 327: ...a segment of a VLAN using VLAN aware MEPs both of which are used within an MD MA CCMs are sent using multicast or unicast but not both In order to enable a Local MEP to send theLocal MEP s active adm...

Страница 328: ...ernet cfm domain name ethernet cfm mep mep FNG attributes service ma name Command changes Version 5 4 7 1 1 command added Parameter Description ccm ltm priority Set the queuing and p bit priority for...

Страница 329: ...net cfm errorlog domain domain name Mode Privileged Exec Usage When a new error is detected for an MA that is associated with an MD and the error is due to an error from a received or missing CCM from...

Страница 330: ...th the MEP ID 12 use the command awplus clear mep counter domain MD INST1 service MA INST1 1 mep 12 Related Commands show ethernet cfm maintenance points local mep Command changes Version 5 4 7 1 1 co...

Страница 331: ...main name Parameter Description domain name The name that identifies this Maintenance Domain instance If creating this instance specify the remaining parameters If re entering configuration mode for t...

Страница 332: ...D INST2 with a character string based name of MD 12L3 and a level of 3 use the command awplus config ethernet cfm domain name MD INST2 md type character string md type name MD 12L3 level 3 To enter Et...

Страница 333: ...ULT MANAGEMENT COMMANDS ETHERNET CFM DOMAIN NAME cfm sf notify clear MEP Attribute ethernet cfm mep mep FNG attributes mep crosscheck service ma name show ethernet cfm domain show ethernet cfm errorlo...

Страница 334: ...ion ports On a bridge port there are two types An Up Maintenance Entity is considered an inward MP It communicates across the inside of the bridge to the other side and this allows it to reach the out...

Страница 335: ...in name of MD INST2 and an MA name of MA INST2 1 use the commands awplus config interface port1 0 2 awplus config if ethernet cfm mep down mpid 12 domain name MD INST2 ma name MA INST2 1 To re enter a...

Страница 336: ...be generated Use this command to configure the following attributes of a Local MEP Fault Notification Generation Lowest Alarm Priority Defect the lowest defect priority that can cause an alarm to be r...

Страница 337: ...r the defect has been abated for 6 seconds use the commands awplus config interface port1 0 2 awplus config if ethernet cfm mep down mpid 12 domain name MD INST2 ma name MA INST2 1 awplus config if et...

Страница 338: ...ity Check Messages CCM by sending and receiving CCMs with Remote MEP peers Any defects detected locally can also be conveyed to Remote MEP peers by sending a Remote Defect Indicator RDI to the peers w...

Страница 339: ...3 50170 01 Rev B Command Reference for x510 Series 339 AlliedWare Plus Operating System Version 5 4 7 1 x CONNECTIVITY FAULT MANAGEMENT COMMANDS MEP ACTIVE Command changes Version 5 4 7 1 1 command ad...

Страница 340: ...f a VLAN or a local link using Continuity Check Messages CCM by sending and receiving CCMs with Remote MEP peers CCMs are high priority messages by default but the priority is configurable although we...

Страница 341: ...s across the inside of the bridge to the other side and this allows it to reach the outside world It lives on a bridge port for a given VLAN but it does not use this port to send or receive to get to...

Страница 342: ...n MEP is allowed to be link local VLAN unaware and its scope is that of the entire link Example To create a remote MEP instance named MA INST2 1 with an MEP ID of 21 use the command awplus config ethe...

Страница 343: ...haracter Unique MEGID UMC code for the name Any remaining characters are padding out with NULLs by the system to fill out the 13 bytes This can only be used with Maintenance Domain whose name md type...

Страница 344: ...essages carry the MA name within the MAID field Within an MD instance context this command is used to configure the MA name which can be chosen from a variety of format types Example To create a Maint...

Страница 345: ...0170 01 Rev B Command Reference for x510 Series 345 AlliedWare Plus Operating System Version 5 4 7 1 x CONNECTIVITY FAULT MANAGEMENT COMMANDS SERVICE MA NAME Command changes Version 5 4 7 1 1 command...

Страница 346: ...hy of MDs then MAs within each MD then local MEPs within that MA and finally remote MEPs within that MA Output Figure 9 1 Example output from show ethernet cfm details awplus show ethernet cfm details...

Страница 347: ...urrent Defects Current Highest Defect Alarm Alarm Minimum Defect 2 someMACstatusDefect Alarm Trip Time AUTO 2 5 seconds Alarm Reset Time AUTO 10 seconds Configured Remote MEPs 102 Missing Remote MEPs...

Страница 348: ...e Local Maintenance End Point Domain Name MD INST1 MA Service Name MA INST1 2 MA Primary VLAN 300 MEP ID 1 Direction Down Interface port1 0 1 MEP Active State True CC State Enabled CC Type Multicast P...

Страница 349: ...meMACstatusDefect Alarm Trip Time AUTO 2 5 seconds Alarm Reset Time AUTO 10 seconds Configured Remote MEPs 101 1001 Missing Remote MEPs 101 1001 Error CCM Reason N A Last Error CCM N A Cross connect D...

Страница 350: ...ersion 5 4 7 1 x CONNECTIVITY FAULT MANAGEMENT COMMANDS SHOW ETHERNET CFM DETAILS Related Commands show ethernet cfm domain show ethernet cfm maintenance points local mep show ethernet cfm maintenance...

Страница 351: ...o show all domain configurations in summary format use the command awplus show ethernet cfm domain To show all domains in detail use the command awplus show ethernet cfm domain details To show a speci...

Страница 352: ...e Domain Name Format character string Maintenance Domain Name Value MD 12L3 Level 3 Associated CFM Services Link Level MA INST2 1 MIP Creation None awplus show ethernet cfm domain MD INST1 details Mai...

Страница 353: ...erence for x510 Series 353 AlliedWare Plus Operating System Version 5 4 7 1 x CONNECTIVITY FAULT MANAGEMENT COMMANDS SHOW ETHERNET CFM DOMAIN service ma name show ethernet cfm details Command changes...

Страница 354: ...s logged to the CFM Errors Event List Example To show the list of errors for an MD named MD INST2 use the command awplus show ethernet cfm errorlog domain MD INST2 Output Figure 9 5 Example output fro...

Страница 355: ...emote MEP has the same MEP ID as the local MEP that received the CCM For unicast remote MEPs this error can also indicate that even though the CCM received from the remote MEP has an MEP ID that match...

Страница 356: ...ethernet cfm maintenance points local mep domain domain name service ma name mep mep id details counters Mode User Exec Privileged Exec Examples To showthe configurationand status of all theLocal MEP...

Страница 357: ...nts local mep interface port1 0 2 Service Name MEPID Dir Interface State Defect MA INST1 1 12 D port1 0 2 En 3 Table 9 4 Parameters in the output from show ethernet cfm maintenance points local mep in...

Страница 358: ...rent Highest Defect Alarm 4 someRMEPCCMdefect Alarm Minimum Defect 2 someMACstatusDefect Alarm Trip Time AUTO 2 5 seconds Alarm Reset Time AUTO 10 seconds Configured Remote MEPs 21 Missing Remote MEPs...

Страница 359: ...ng It shows the defect s as both a defect priority and name Current Highest Defect Alarm The highest defect priority that has been encountered while the local MEP has been in an alarm state Alarm Mini...

Страница 360: ...or this MA MAC address mismatch for a configured unicast RMEP via crosscheck the MAC address did not match the provisioned value in the associated MA N A indicates there is no error CCM defect being d...

Страница 361: ...ommand Reference for x510 Series 361 AlliedWare Plus Operating System Version 5 4 7 1 x CONNECTIVITY FAULT MANAGEMENT COMMANDS SHOW ETHERNET CFM MAINTENANCE POINTS LOCAL MEP Command changes Version 5...

Страница 362: ...intenance points remote mep domain MD INST1 service MA INST1 1 To show a specific remote MEP by its ID in detail use the command awplus show ethernet cfm maintenance points remote mep domain MD INST1...

Страница 363: ...000c 2526 95bf details awplus show ethernet cfm maintenance points remote mep domain MD INST1 service MA INST1 1 CFM Domain Name MD INST1 CFM Service Name MA INST1 1 RX RX Port Intf MEPID CCM RDI Sta...

Страница 364: ...ine Yes RMEP_OK CCMs are being received without any error Wait RMEP_START Still preparing to receive remote MEP CCMs without a timeout occurring Failed RMEP_FAILED While waiting to receive CCMs from a...

Страница 365: ...To show a specified MA in detailed form use the command awplus show ethernet cfm service MA INST2 1 domain MD INST2 details Output Figure 9 11 Example output from show ethernet cfm service Parameter D...

Страница 366: ...CFM Service Name MA INST2 1 CFM Domain Name MD INST2 CFM Domain Level 3 Primary VLAN Maintenance Assoc Name Format string Maintenance Assoc Name Value MA 12V100 CCM Transmission Interval 1 second Loca...

Страница 367: ...igured for this MA It can be one of the following 3 CCI of 100 milliseconds 4 CCI of 1 second default 5 CCI of 10 seconds 6 CCI of 1 minute 7 CCI of 10 minutes Local MEPs A list of the Local MEPs conf...

Страница 368: ...s and if these defects persist for a long enough period of time typically 2 5 seconds then an alarm is declared Example To show the alarms on local MEPs use the command awplus show mep alarm status Ou...

Страница 369: ...nd List clear exception log on page 371 clear log on page 372 clear log buffered on page 373 clear log external on page 374 clear log permanent on page 375 copy buffered log on page 376 copy permanent...

Страница 370: ...n page 419 log facility on page 420 log host on page 422 log host filter on page 424 log host exclude on page 427 log host source on page 430 log host time on page 431 log monitor filter on page 433 l...

Страница 371: ...G clear exception log Overview This command resets the contents of the exception log but does not remove the associated core files NOTE When this command is used within a stacked environment it will r...

Страница 372: ...ents of the buffered and permanent logs NOTE When this command is used within a stacked environment it will remove the contents of the buffered and permanent logs in all stack members Syntax clear log...

Страница 373: ...d log NOTE When this command is used within a stacked environment it will remove the contents of the buffered logs in all stack members Syntax clear log buffered Mode Privileged Exec Example To delete...

Страница 374: ...his command deletes all those files not just the most recent one When this command is used within a stacked environment it will delete the external logs on all stack members Syntax clear log external...

Страница 375: ...TE When this command is used within a stacked environment it will remove the contents of the permanent logs in all stack members Syntax clear log permanent Mode Privileged Exec Example To delete the c...

Страница 376: ...ax copy buffered log destination name Mode Privileged Exec Example To copy the buffered log file onto a USB storage device and name the file buffered log log use the command awplus copy buffered log u...

Страница 377: ...permanent log destination name Mode Privileged Exec Example To copy the permanent log file onto a USB storage device and name the file permanent log log use the command awplus copy permanent log usb...

Страница 378: ...the buffered log is 50 kB and it accepts messages with the severity level of warnings and above Syntax default log buffered Default The buffered log is enabled by default Mode Global Configuration Exa...

Страница 379: ...ages sent to the terminal when a log console command is issued By default all messages are sent to the console when a log console command is issued Syntax default log console Mode Global Configuration...

Страница 380: ...ll be sent This command also restores the remote syslog server time offset value to local no offset Syntax default log email email address Mode Global Configuration Example To restore the default sett...

Страница 381: ...messages with a severity level of notices and above Note that this command does not clear the configured filename for the external log Syntax default log external Mode Global Configuration Example To...

Страница 382: ...es will be sent This command also restores the remote syslog server time offset value to local no offset Syntax default log host ip addr Mode Global Configuration Example To restore the default settin...

Страница 383: ...sent to the terminal when a terminal monitor command is used Syntax default log monitor Default All messages are sent to the terminal when a terminal monitor command is used Mode Global Configuration...

Страница 384: ...anent log is 50 kB and it accepts messages with the severity level of warnings and above Syntax default log permanent Default The permanent log is enabled by default Mode Global Configuration Example...

Страница 385: ...d to make way for new ones Syntax log buffered no log buffered Default The buffered log is configured by default Mode Global Configuration Examples To configured the device to store log messages in RA...

Страница 386: ...to send to the buffered log The level can be specified as one of the following numbers or level names where 0 is the highest severity and 7 is the lowest severity 0 emergencies System is unusable 1 a...

Страница 387: ...MISH epsr Ethernet Protection Switched Rings EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Filter messages to the buffe...

Страница 388: ...llowing commands awplus configure terminal awplus config log buffered msgtext Bridging initialization To remove a filter that sends all messages generated by EPSR that have a severity of notices or hi...

Страница 389: ...the specified severity level level The severity level to exclude The level can be specified as one of the following numbers or level names where 0 is the highest severity and 7 is the lowest severity...

Страница 390: ...ection Switched Rings EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Exclude messages from a syslog facility facility Sp...

Страница 391: ...UDE Example To remove messages that contain the string example of irrelevant message use the following commands awplus configure terminal awplus config log buffered exclude msgtext example of irreleva...

Страница 392: ...en filled old messages will be deleted to make room for new messages Syntax log buffered size 50 250 Mode Global Configuration Example To allow the buffered log to use up to 100 kB of RAM use the foll...

Страница 393: ...the no variant of this command to configure the device not to send log messages to consoles Syntax log console no log console Mode Global Configuration Examples To configure the device to send log mes...

Страница 394: ...highest severity and 7 is the lowest severity 0 emergencies System is unusable 1 alerts Action must be taken immediately 2 critical Critical conditions 3 errors Error conditions 4 warnings Warning co...

Страница 395: ...epsr Ethernet Protection Switched Rings EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Filter messages by syslog facilit...

Страница 396: ...config log console msgtext Bridging initialization To remove a filter that sends all messages generated by EPSR that have a severity of notices or higher to consoles use the following commands awplus...

Страница 397: ...arameter Description level Exclude messages of the specified severity level level The severity level to exclude The level can be specified as one of the following numbers or level names where 0 is the...

Страница 398: ...Ethernet Protection Switched Rings EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Exclude messages from a syslog facili...

Страница 399: ...ONSOLE EXCLUDE Mode Global configuration Example To remove messages that contain the string example of irrelevant message use the following commands awplus configure terminal awplus config log console...

Страница 400: ...s Default By default no filters are defined for email log targets Filters must be defined before messages will be sent Mode Global Configuration Example To have log messages emailed to the email addre...

Страница 401: ...o send logging messages to level Filter messages by severity level level The minimum severity of message to send The level can be specified as one of the following numbers or level names where 0 is th...

Страница 402: ...ngs EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Filter messages by syslog facility facility Specify one of the follow...

Страница 403: ...address admin alliedtelesis com use the following commands awplus configure terminal awplus config log email admin alliedtelesis com level informational To stop the device emailing log messages emaile...

Страница 404: ...string Parameter Description level Exclude messages of the specified severity level level The severity level to exclude The level can be specified as one of the following numbers or level names where...

Страница 405: ...Ethernet Protection Switched Rings EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Exclude messages from a syslog facilit...

Страница 406: ...IL EXCLUDE Mode Global configuration Example To remove messages that contain the string example of irrelevant message use the following commands awplus configure terminal awplus config log email exclu...

Страница 407: ...Use the offset option if the email recipient is in a different time zone to this device Specify the time offset of the email recipient in hours Messages will display the time they were generated on t...

Страница 408: ...information converted to the time zone of the email recipient which is 3 hours ahead of the device s local time zone use the following commands awplus configure terminal awplus config log email admin...

Страница 409: ...ile systems have a lower risk of file corruption occurring if the switch or firewall loses power You should also unmount the storage device before removing it from the switch or firewall to avoid corr...

Страница 410: ...0170 01 Rev B Command Reference for x510 Series 410 AlliedWare Plus Operating System Version 5 4 7 1 x LOGGING COMMANDS LOG EXTERNAL show log external unmount Command changes Version 5 4 7 1 1 command...

Страница 411: ...scription level Filter messages to the external log by severity level level The minimum severity of message to send to the external log The level can be specified as one of the following numbers or le...

Страница 412: ...Shell IMISH epsr Ethernet Protection Switched Rings EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Filter messages to th...

Страница 413: ...ext Bridging initialization to the external log use the following commands awplus configure terminal awplus config log external msgtext Bridging initialization To remove a filter that sends all messag...

Страница 414: ...the specified severity level level The severity level to exclude The level can be specified as one of the following numbers or level names where 0 is the highest severity and 7 is the lowest severity...

Страница 415: ...ection Switched Rings EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Exclude messages from a syslog facility facility Sp...

Страница 416: ...the string example of irrelevant message use the following commands awplus configure terminal awplus config log external exclude msgtext example of irrelevant message Related Commands clear log exter...

Страница 417: ...etting rotate to 2 makes the device rotate through 3 files Note that if you set rotate to 0 and the external log file becomes full then the device deletes the full log file and creates a new empty fil...

Страница 418: ...g System Version 5 4 7 1 x LOGGING COMMANDS LOG EXTERNAL ROTATE Related Commands clear log external default log external log external log external filter log external exclude log external size show lo...

Страница 419: ...rnal rotate 1 each file will have a maximum size of 25 kBytes by default Use the no variant of this command to return to the default size Syntax log external size 50 4194304 no log external size Defau...

Страница 420: ...Configuration Usage Specifying different facilities for log messages generated on different devices can allow messages from multiple devices sent to a common server to be distinguished from each othe...

Страница 421: ...ity local6 Related Commands show log config ftp FTP daemon local 0 7 The facility labels above have specific meanings while the local facility labels are intended to be put to local use In AlliedWare...

Страница 422: ...ate for any of the trustpoints that are associated with the application The remote server may also request that a certificate is transmitted from the local device In this situation the first trustpoin...

Страница 423: ...0170 01 Rev B Command Reference for x510 Series 423 AlliedWare Plus Operating System Version 5 4 7 1 x LOGGING COMMANDS LOG HOST log host exclude log host source log host time log trustpoint show log...

Страница 424: ...og server level Filter messages by severity level level The minimum severity of message to send The level can be specified as one of the following numbers or level names where 0 is the highest severit...

Страница 425: ...ng loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Filter messages by syslog facility facility Specify one of the following syslog facilities to incl...

Страница 426: ...1 use the following commands awplus configure terminal awplus config log host 10 32 16 21 level informational To remove a filter that sends all messages generated by EPSR that have a severity of notic...

Страница 427: ...eter Description level Exclude messages of the specified severity level level The severity level to exclude The level can be specified as one of the following numbers or level names where 0 is the hig...

Страница 428: ...Ethernet Protection Switched Rings EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Exclude messages from a syslog facilit...

Страница 429: ...LUDE Mode Global configuration Example To remove messages that contain the string example of irrelevant message use the following commands awplus configure terminal awplus config log host exclude msgt...

Страница 430: ...o variant of this command to stop specifying a source interface or address Syntax log host source interface name ipv4 addr ipv6 addr no log host source Default None no source is configured Mode Global...

Страница 431: ...remote syslog server in hours Messages will display the time they were generated on this device but converted to the time zone of the remote syslog server Examples To send messages to the remote syslo...

Страница 432: ...me zone use the following commands awplus configure terminal awplus config log host 10 32 16 12 time local offset plus 3 To send messages to the remote syslog server with the IP address 10 32 16 02 wi...

Страница 433: ...evel names where 0 is the highest severity and 7 is the lowest severity 0 emergencies System is unusable 1 alerts Action must be taken immediately 2 critical Critical conditions 3 errors Error conditi...

Страница 434: ...ings EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Filter messages by syslog facility facility Specify one of the follo...

Страница 435: ...awplus configure terminal awplus config log monitor level info program auth To remove a filter that sends all messages generated by EPSR that have a severity of notices or higher to the terminal use t...

Страница 436: ...Parameter Description level Exclude messages of the specified severity level level The severity level to exclude The level can be specified as one of the following numbers or level names where 0 is t...

Страница 437: ...Ethernet Protection Switched Rings EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Exclude messages from a syslog facili...

Страница 438: ...ITOR EXCLUDE Mode Global configuration Example To remove messages that contain the string example of irrelevant message use the following commands awplus configure terminal awplus config log monitor e...

Страница 439: ...ay for new messages The no variant of this command configures the device not to send any messages to the permanent log Log messages will not be retained over a restart Syntax log permanent no log perm...

Страница 440: ...rity of message to send The level can be specified as one of the following numbers or level names where 0 is the highest severity and 7 is the lowest severity 0 emergencies System is unusable 1 alerts...

Страница 441: ...l IMISH epsr Ethernet Protection Switched Rings EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Filter messages by syslog...

Страница 442: ...use the following commands awplus configure terminal awplus config log permanent level notices program epsr To create a filter to send all messages containing the text Bridging initialization to the...

Страница 443: ...sages of the specified severity level level The severity level to exclude The level can be specified as one of the following numbers or level names where 0 is the highest severity and 7 is the lowest...

Страница 444: ...ection Switched Rings EPSR rmon Remote Monitoring loopprot Loop Protection poe Power inline Power over Ethernet dhcpsn DHCP snooping DHCPSN facility Exclude messages from a syslog facility facility Sp...

Страница 445: ...ple To remove messages that contain the string example of irrelevant message use the following commands awplus configure terminal awplus config log permanent exclude msgtext example of irrelevant mess...

Страница 446: ...ld messages will be deleted to make room for new messages Syntax log permanent size 50 250 Mode Global Configuration Example To allow the permanent log to use up to 100 kB of NVS use the following com...

Страница 447: ...is log rate limiting feature constrains the rate that log messages are generated by the device Notethatif withinthe giventimeinterval thenumberoflogmessages exceeds the limit then any excess log messa...

Страница 448: ...liedWare Plus Operating System Version 5 4 7 1 x LOGGING COMMANDS LOG RATE LIMIT NSM To return the device the default setting to generate up to 200 log messages per second use the following commands a...

Страница 449: ...e certificate received from the remote server must have an issuer chain that terminates with the root CA certificate for any of the trustpoints that are associated with the application If no trustpoin...

Страница 450: ...eived P4 32 Total Received P5 312 Total Received P6 1602 Total Received P7 372 Table 11 Parameters in output of the show counter log command Parameter Description Total Received Total number of messag...

Страница 451: ...g Mode User Exec and Privileged Exec Example To display the exception log use the command awplus show exception log Output Figure 10 2 Example output from the show exception log command on a device aw...

Страница 452: ...ion Usage If the optional tail parameter is specified only the latest 10 messages in the buffered log are displayed A numerical value can be specified after the tail parameter to select how many of th...

Страница 453: ...ern notice awplus kernel Linux version 2 6 32 12 at1 mak er awpmaker03 dl gcc version 4 3 3 Gentoo 4 3 3 r3 p1 2 pie 10 1 5 1 Wed Dec 8 11 53 40 NZDT 2010 2011 Aug 29 07 55 22 kern warning awplus kern...

Страница 454: ...Example To display the logging configuration use the command awplus show log config Output Figure 10 4 Example output from show log config Facility default PKI trustpoints example_trustpoint Buffered...

Страница 455: ...nnot be set at the same time If console logging is enabled then the terminal logging is turned off Related Commands show counter log show log show log permanent Host 10 32 16 21 Time offset 2 00 Offse...

Страница 456: ...latest 10 messages in the permanent log are displayed A numerical value can be specified after the tail parameter to change how many of the latest messages should be displayed Example To display the...

Страница 457: ...fault log permanent Parameter Description stack ID Stack member number from 1 to 8 tail Display only the latest log entries 10 250 Specify the number of log entries to display awplus show log permanen...

Страница 458: ...B Command Reference for x510 Series 458 AlliedWare Plus Operating System Version 5 4 7 1 x LOGGING COMMANDS SHOW LOG PERMANENT log permanent log permanent filter log permanent exclude log permanent si...

Страница 459: ...G LOG show running config log Overview This command displays the current running configuration of the Log utility Syntax show running config log Mode Privileged Exec and Global Configuration Example T...

Страница 460: ...may be automatically written to the storage device such as external log files or AMF backup files Syntax unmount usb unmount usb member stack ID Mode Privileged Exec Example To unmount a USB storage d...

Страница 461: ...ce for x510 Series 461 AlliedWare Plus Operating System Version 5 4 7 1 x Scripting Commands Introduction Overview This chapter provides commands used for command scripts Command List activate on page...

Страница 462: ...filename extension of either sh or scp only for the AlliedWare Plus CLI to activate the script file The sh filename extension indicates the file is an ASH script and the scp filename extension indicat...

Страница 463: ...o the terminal followed by a blank line Syntax echo line Mode User Exec and Privileged Exec Usage This command may be useful in CLI scripts to make the script print user visible comments Example To ec...

Страница 464: ...the command line Usage Use this command to pause script execution in an scp AlliedWare Plus script or an sh ASH script file executed by the activate command The script must contain an enable command...

Страница 465: ...chapter provides an alphabetical reference of commands used to configure and display interfaces Command List description interface on page 466 interface to configure on page 467 mru on page 469 mtu on...

Страница 466: ...ption Mode Interface Configuration Example The following example uses this command to describe the device that a switch port is connected to awplus configure terminal awplus config interface port1 0 2...

Страница 467: ...ility and simplify management information gathering and filtering One example of this increased reliability is for OSPF to advertise a local loopback interface as an interface route into the network i...

Страница 468: ...1 x INTERFACE COMMANDS INTERFACE TO CONFIGURE The following example shows how to enter Interface mode to configure the local loopback interface awplus configure terminal awplus config interface lo awp...

Страница 469: ...additional components Source and Destination addresses EtherType field Priority and VLAN tag fields FCS These additional components increase the frame size internally to 1522 bytes Syntax mru mru siz...

Страница 470: ...AlliedWare Plus Operating System Version 5 4 7 1 x INTERFACE COMMANDS MRU To restore the MRU size of 1500 bytes on port1 0 2 use the commands awplus configure terminal awplus config interface port1 0...

Страница 471: ...device will send an ICMP destination unreachable 3 packet type and a fragmentation needed and DF set 4 code back to the source For IPv6 packets bigger than the MTU size of the transmitting VLAN interf...

Страница 472: ...C613 50170 01 Rev B Command Reference for x510 Series 472 AlliedWare Plus Operating System Version 5 4 7 1 x INTERFACE COMMANDS MTU Related Commands show interface...

Страница 473: ...ze for VLAN interfaces and MRU Maximum Received Unit size for switch ports Example To display configuration and status information for all interfaces use the command awplus show interface Parameter De...

Страница 474: ...dware is Ethernet address is 0000 cd24 daeb index 5001 metric 1 mru 1500 UP BROADCAST RUNNING MULTICAST current duplex full current speed 1000 configured duplex auto configured speed auto configured p...

Страница 475: ...ST RUNNING MULTICAST SNMP link status traps Disabled Bandwidth 1g input packets 295606 bytes 56993106 dropped 5 multicast packets 156 output packets 299172 bytes 67379392 multicast packets 0 broadcast...

Страница 476: ...e User Exec and Privileged Exec Output Figure 12 4 Example output from show interface brief Related Commands show interface show interface memory awplus show int brief Interface Status Protocol port1...

Страница 477: ...rt list memory Mode User Exec and Privileged Exec Example To display the shared memory used by all interfaces use the command awplus show interface memory To display the shared memory used by port1 0...

Страница 478: ...face status show interface switchport awplus show interface memory Vlan blocking state shared memory usage Interface shmid Bytes Used nattch Status port1 0 1 393228 512 1 port1 0 2 458766 512 1 port1...

Страница 479: ...eparated by a hyphen e g port1 0 1 1 0 6 or sa1 2 or po1 2 a comma separated list of ports and port ranges e g port1 0 1 port1 0 4 1 0 6 Do not mix switch ports static channel groups and dynamic LACP...

Страница 480: ...te promiscuous it displays the primary VLAN ID if it has one and promiscuous if it does not have a VLAN ID When the VLAN mode is private host it displays the primary and secondary VLAN IDs When the po...

Страница 481: ...egator and its component ports as admin down While the aggregator is down the device accepts shutdown and no shutdown commands on component ports but these have no effect on port status Ports will not...

Страница 482: ...ence of commands used to configure Port Mirroring and Remote Mirroring also known as RSPAN For more information see the Mirroring Feature Overview and Configuration Guide Command List mirror interface...

Страница 483: ...source switch ports to mirror A port list can be a port e g port1 0 2 a continuous range of ports separated by a hyphen e g port1 0 1 1 0 2 a comma separated list of ports and port ranges e g port1 0...

Страница 484: ...to mirror a subset of traffic from the mirrored port by using the copy to mirror parameter in hardware ACL commands Example To mirror traffic received and transmitted on port1 0 4 and port1 0 5 to de...

Страница 485: ...remote mirror interface port list direction receive transmit no remote mirror interface none Default No ports are set to be remote mirrored by default Mode Interface Configuration Usage To prevent un...

Страница 486: ...e source device for remote mirroring remote mirror interface command All mirrored ports on a single device must use the same remote mirror VLAN and priority Access control lists can be used to mirror...

Страница 487: ...put Figure 13 1 Example output from the show mirror command Mirror Test Port Name port1 0 1 Mirror option Enabled Mirror direction both Monitored Port Name port1 0 2 Mirror Test Port Name port1 0 3 Mi...

Страница 488: ...e port Mode User Exec Privileged Exec and Interface Configuration Example To display port mirroring configuration for the port1 0 4 use the following commands awplus configure terminal awplus config i...

Страница 489: ...User priority 0 Monitored ports port1 0 1 direction both Remote mirror egress ports Remote mirror VLANs VLAN 259 Table 13 1 Parameters in the output from show remote mirror Parameter Description Remot...

Страница 490: ...or vlan Remote mirror egress ports On the destination device this displays the remote mirror egress ports the remote mirror VLANs they are associated with Remote mirror VLANs On source destination and...

Страница 491: ...ored traffic we recommend configuring remote monitoring on the receiving device before configuring it on the source device This command would typically be used for the port that transmits the remote m...

Страница 492: ...nfiguring the source device The remote mirror VLAN operates in a special mode all traffic on the remote mirror VLAN is flooded and no learning or CPU processing is done for packets in the VLAN BPDU pa...

Страница 493: ...170 01 Rev B Command Reference for x510 Series 493 AlliedWare Plus Operating System Version 5 4 7 1 x PORT MIRRORING AND REMOTE MIRRORING COMMANDS VLAN MODE REMOTE MIRROR VLAN switchport remote mirror...

Страница 494: ...lus Operating System Version 5 4 7 1 x Interface Testing Commands Introduction Overview This chapter provides an alphabetical reference of commands used for testing interfaces Command List clear test...

Страница 495: ...x clear test interface port list all Mode Privileged Exec Examples To clear the counters for port1 0 1 use the command awplus clear test interface port1 0 1 To clear the counters for all interfaces us...

Страница 496: ...er entering this command enter Interface Configuration mode for the desired interfaces and enter the command test interface Do not test interfaces on a device that is part of a live network disconnect...

Страница 497: ...ed 100 NOTE Do not run test interface on live networks because this will degrade network performance Syntax test interface port list all time 1 60 cont no test interface port list all Mode Privileged...

Страница 498: ...enter the following commands awplus config service test awplus config no spanning tree rstp enable bridge forward awplus config interface vlan1 awplus config if shutdown awplus config if end awplus t...

Страница 499: ...C613 50170 01 Rev B Command Reference for x510 Series 499 AlliedWare Plus Operating System Version 5 4 7 1 x Part 2 Interfaces and Layer 2...

Страница 500: ...on page 504 clear mac address table dynamic on page 505 clear mac address table static on page 507 clear port counter on page 508 clear port security intrusion on page 509 debug loopprot on page 512 d...

Страница 501: ...sabled on page 539 show interface switchport on page 540 show loop protection on page 541 show mac address table on page 543 show mac address table thrash limit on page 545 show platform on page 546 s...

Страница 502: ...lex mode The flow control applied by the flowcontrol switch port command operates only on full duplex links whereas back pressure operates only on half duplex links If a port has insufficient capacity...

Страница 503: ...on 5 4 7 1 x SWITCHING COMMANDS BACKPRESSURE Todisablebackpressureflowcontroloninterfaceport1 0 2enterthefollowing commands awplus configure terminal awplus config interface port1 0 2 awplus config if...

Страница 504: ...Loop Protection counters Syntax clear loop protection interface port list counters Mode Privileged Exec Examples To clear the counter information for all interfaces awplus clear loop protection count...

Страница 505: ...ac address table static command Note that an MSTP instance cannot be specified with the command clear mac address table static Examples This example shows how to clear all dynamically learned filterin...

Страница 506: ...ADDRESS TABLE DYNAMIC This example shows how to clear all dynamically learned filtering database entries whenlearnedthroughdeviceoperationforagivenMSTP instance1 on switchport interface port1 0 2 awp...

Страница 507: ...all filtering database entries for a specific interface configured through the CLI awplus clear mac address table static interface port1 0 3 This example shows how to clear filtering database entries...

Страница 508: ...T COUNTER clear port counter Overview Use this command to clear the packet counters of the port Syntax clear port counter port Mode Privileged Exec Example To clear the packet counter for port1 0 1 us...

Страница 509: ...intrusion interface port Mode Privileged Exec Examples To see the port security status on port1 0 1 use the following command awplus show port security interface port1 0 1 To see the intrusion list o...

Страница 510: ...ng command awplus show port security intrusion interface port1 0 1 Table 15 2 Example output from show port security intrusion awplus show port security intrusion interface port1 0 1 Port Security Int...

Страница 511: ...ating System Version 5 4 7 1 x SWITCHING COMMANDS CLEAR PORT SECURITY INTRUSION Related Commands show port security interface show port security intrusion switchport port security switchport port secu...

Страница 512: ...pprot info msg pkt state nsm all Mode Privileged Exec and Global Configuration Example To enable debug for all state transitions use the command awplus debug loopprot state Related Commands show debug...

Страница 513: ...ce packets sent and received by the CPU If a timeout is not specified then a default 5 minute timeout will be applied If a timeout of 0 is specified packet debug will be generated until the no variant...

Страница 514: ...5 minutes enter awplus debug platform packet sflow To enable send packet debug with no timeout enter awplus debug platform packet send timeout 0 To enable VLAN packet debug for VLAN 2 with a timeout...

Страница 515: ...LACP channel group must have the same port speed and be in full duplex mode Once switch ports have been aggregated into a channel group you can set the duplex mode of all the switch ports in the chann...

Страница 516: ...C613 50170 01 Rev B Command Reference for x510 Series 516 AlliedWare Plus Operating System Version 5 4 7 1 x SWITCHING COMMANDS DUPLEX Related Commands backpressure polarity speed show interface...

Страница 517: ...nd cannot receive any more traffic it notifies the other port to stop sending until the condition clears When the local device detects congestion at its end it notifies the remote device by sending a...

Страница 518: ...terface port1 0 2 awplus config if flowcontrol receive on awplus configure terminal awplus config interface port1 0 2 awplus config if flowcontrol send on awplus configure terminal awplus config inter...

Страница 519: ...l shut down Use the no variant of this command to disable flapping detection at this rate Syntax linkflap action shutdown no linkflap action Default Linkflap action is disabled by default Mode Global...

Страница 520: ...erview and Configuration Guide for relevant conceptual configuration and overview information prior to applying this command Example To enable the loop detect mechanism on the switch and generate loop...

Страница 521: ...d overview information prior to applying this command Example To disable the interface port1 0 4 and bring the link down when a network loop is detected use the commands awplus configure terminal awpl...

Страница 522: ...variant of this command to reset the loop protection action delay time for an interface to default Syntax loop protection action delay time 0 86400 no loop protection action Default Action delay time...

Страница 523: ...otection section in the Switching Feature Overview and Configuration Guide for relevant conceptual configuration and overview information prior to applying this command Example To configure a loop pro...

Страница 524: ...ess table acquire Overview Use this command to enable MAC address learning on the device Use the no variant of this command to disable learning Syntax mac address table acquire no mac address table ac...

Страница 525: ...ault of 300 seconds 5 minutes Syntax mac address table ageing time ageing timer none no mac address table ageing time Default The default ageing time is 300 seconds Mode Global Configuration Examples...

Страница 526: ...address table logging no mac address table logging Default MAC address table logging is disabled by default Mode User Exec Privileged Exec Usage When MAC address table logging is enabled the switch p...

Страница 527: ...ed traffic within a single VLAN Do not apply the mac address table static command to Layer 3 switched traffic passing from one VLAN to another VLAN Frames will not be discarded across VLANs because pa...

Страница 528: ...disable thrash limiting Syntax mac address table thrash limit rate no mac address table thrash limit Default No thrash limiting Mode Global Configuration Usage Use this command to limit thrashing on t...

Страница 529: ...tax platform hwfilter size ipv4 limited ipv6 ipv4 full ipv6 Default The default mode is ipv4 limited ipv6 Mode Global Configuration Example To configure hardware ACLs to filter IPv4 and IPv6 traffic u...

Страница 530: ...of inputs you must turn off the inputs you do not want Useful combinations of inputs include all four inputs MAC address IP address and Layer 4 port number MAC address and Ethertype MAC address only I...

Страница 531: ...ove Ethertype by entering awplus configure terminal awplus config no platform load balancing ethertype To use MAC addresses and Ethertype remove the IP inputs by entering awplus configure terminal awp...

Страница 532: ...mc flooding no platform stop unreg mc flooding Default This feature is disabled by default Mode Global Configuration Usage This command stops the periodic flooding of unknown or unregistered multicas...

Страница 533: ...To enable this feature and stop multicast packet flooding use the following commands awplus configure terminal awplus config platform stop unreg mc flooding To disable this feature and allow multicast...

Страница 534: ...d 1522 bytes you must increase the MRU size to activate VLAN stacking Go into interface mode for the appropriate ports and use the mru command Syntax platform vlan stacking tpid tpid no platform vlan...

Страница 535: ...y applies to copper 10BASE T 100BASE T and 1000BASE T switch ports it does not apply to fiber ports See the MDI MDIX Connection Modes section in the Switching Feature Overview and Configuration Guide...

Страница 536: ...DS SHOW DEBUGGING LOOPPROT show debugging loopprot Overview This command shows Loop Protection debugging information Syntax show debugging loopprot Mode User Exec and Privileged Exec Example To displa...

Страница 537: ...how debugging platform packet Overview This command shows platform to CPU level packet debugging information Syntax show debugging platform packet Mode User Exec and Privileged Exec Example To display...

Страница 538: ...lowcontrol interface port Mode User Exec and Privileged Exec Example To display the flow control for the port1 0 5 use the command awplus show flowcontrol interface port1 0 5 Output Figure 15 1 Exampl...

Страница 539: ...cols responsible for the shutdown Syntax show interface interface range err disabled Mode User Exec and Privileged Exec Example To show which protocols have shut down ports use the commands awplus sho...

Страница 540: ...vileged Exec Example To display VLAN information about each switch port enter the command awplus show interface switchport Output Figure 15 3 Example output from the show interface switchport command...

Страница 541: ...uration status use the command awplus show loop protection Figure 15 4 Example output from the show loop protection command To display the counter information use the command awplus show loop protecti...

Страница 542: ...iedWare Plus Operating System Version 5 4 7 1 x SWITCHING COMMANDS SHOW LOOP PROTECTION awplus show loop protection counters Switch Loop Detection Counter Interface Tx Rx Rx Invalid Last LDF Rx port1...

Страница 543: ...mple output captured when packets were switched and mac addresses were learned Note the new mac addresses learned for port1 0 4 and port1 0 6 added as dynamic entries Note the first column of the outp...

Страница 544: ...table static mac address table static mac address table vcs sync mode awplus config mac address table static 0000 1111 2222 for int port1 0 3 vlan 2 awplus config end awplus awplus show mac address ta...

Страница 545: ...d to display the current thrash limit set for all interfaces on the device Syntax show mac address table thrash limit Mode User Exec and Privileged Exec Example To display the current use the followin...

Страница 546: ...c32l stop unreg mc flooding off Vlan stacking TPID 0x8100 Hardware Filter Size ipv4 limited ipv6 Table 16 Parameters in the output of the show platform command Parameter Description MAC vlan hashing a...

Страница 547: ...e TPID set in the Ethernet type field when a frame has a double VLAN tag set with the platform vlan stacking tpid command Hardware Filter Size Whether hardware ACLs can filter on IPv6 addresses ipv4 f...

Страница 548: ...represents of the total available Syntax show platform classifier statistics utilization brief Mode Privileged Exec Example To display the platform classifier utilization statistics use the following...

Страница 549: ...les To display port registers for port1 0 1 and port1 0 2 use the following command awplus show platform port port1 0 1 port1 0 2 To display platform counters for port1 0 1 and port1 0 2 use the follo...

Страница 550: ...for lport 0x08002003 Phy Driver 54680 Gigabit PHY Driver enabled 1 loopback 0 link 1 speed 1000 max speed 1000 duplex 1 linkscan 2 autonegotiate 1 master 2 tx pause 0 rx pause 0 untagged vlan 4000 vl...

Страница 551: ...et packets received and transmitted General Counters Receive Counters for traffic received Octets Number of octets received Pkts Number of packets received FCSErrors Number of FCS Frame Check Sequence...

Страница 552: ...al Frame counter FrmWExcesDefer Transmit Multiple Deferral Frame counter SingleCollsnFrm Transmit Single Collision Frame counter MultCollsnFrm Transmit Multiple Collision Frame counter LateCollisions...

Страница 553: ...Figure 15 10 Example output from the show port security interface command Related Commands clear port security intrusion show port security intrusion switchport port security switchport port security...

Страница 554: ...security intrusion interface port1 0 1 Output Figure 15 11 Example output from the show port security intrusion command for port 1 0 1 Related Commands clear port security intrusion show port security...

Страница 555: ...r Exec and Privileged Exec Example To display storm control information for port1 0 2 use the following command awplus show storm control port1 0 2 Output Figure 15 12 Example output from the show sto...

Страница 556: ...or 100Base FX ports which do not support auto negotiation so default to 100Mbps Usage Switch ports in a static or dynamic LACP channel group must have the same port speed and be in full duplex mode On...

Страница 557: ...ed enter the following commands awplus configure terminal awplus config interface port1 0 49 awplus config if speed auto To set the port to auto negotiate its speed at 1000Mbps only enter the followin...

Страница 558: ...de Interface Configuration Usage Flooding techniques are used to block the forwarding of unnecessary flooded traffic A packet storm occurs when a large number of broadcast packets are received on a po...

Страница 559: ...tax switchport port security no switchport port security Mode Interface Configuration Examples To enable the port security feature on port1 0 4 use the following commands awplus configure terminal awp...

Страница 560: ...Examples To set port1 0 4 so that the MAC addresses that have been learned by port security age out use the following commands awplus configure terminal awplus config interface port1 0 4 awplus config...

Страница 561: ...t will be ignored and the specified intrusion action for the port will be carried out Syntax switchport port security maximum 0 256 no switchport port security maximum Mode Interface Configuration Exa...

Страница 562: ...olation action to default The default violation action is protect Syntax switchport port security violation shutdown restrict protect no switchport port security violation Mode Interface Configuration...

Страница 563: ...ng this command Examples To set the action to learn disable for port1 0 4 use the following commands awplus configure terminal awplus config interface port1 0 4 awplus config if thrash limiting action...

Страница 564: ...set the thrash limiting action to its default use the following command awplus config if no thrash limiting action To set the thrash limiting timeout to its default use the following command awplus co...

Страница 565: ...ommand Reference for x510 Series 565 AlliedWare Plus Operating System Version 5 4 7 1 x SWITCHING COMMANDS UNDEBUG LOOPPROT undebug loopprot Overview This command applies the functionality of the no d...

Страница 566: ...rence for x510 Series 566 AlliedWare Plus Operating System Version 5 4 7 1 x SWITCHING COMMANDS UNDEBUG PLATFORM PACKET undebug platform packet Overview This command applies the functionality of the n...

Страница 567: ...573 private vlan association on page 574 show port vlan forwarding priority on page 575 show interface switchport vlan translation on page 576 show vlan on page 577 show vlan access map on page 578 s...

Страница 568: ...97 switchport trunk native vlan on page 600 switchport vlan translation on page 601 switchport vlan translation default drop on page 602 switchport vlan stacking double tagging on page 603 switchport...

Страница 569: ...d interchangeably Syntax clear vlan statistics name instance_name Mode Privileged Exec Examples To reset all packet counters for the packet counter instance vlan2 data awplus clear vlan statistics nam...

Страница 570: ...onfiguration_Guide Syntax port vlan forwarding priority epsr loop protection none no port vlan forwarding priority Default By default the highest priority protocol is EPSR Mode Global Configuration Us...

Страница 571: ...data VLAN configured to VLAN interface vlan30 Initially the EPSR ring is complete with port1 0 2 blocking data VLANs vlan20 and vlan30 and some broadcast traffic flowing through If the user removes vl...

Страница 572: ...re terminal awplus config port vlan forwarding priority loop protection To set EPSR Loop Protection and MAC Thrashing protection protocols to have equal priority for port forwarding and blocking which...

Страница 573: ...ed primary Mode VLAN Configuration Examples awplus configure terminal awplus config vlan database awplus config vlan vlan 2 name vlan2 state enable awplus config vlan vlan 3 name vlan3 state enable aw...

Страница 574: ...vlan id remove secondary vlan id no private vlan primary vlan id association Mode VLAN Configuration Examples The following commands associate primary VLAN 2 with secondary VLAN 3 awplus configure ter...

Страница 575: ...tection is set as the highest priority for determining whether a port forwards a VLAN as set by the port vlan forwarding priority command For more information about EPSR see the EPSR Feature Overview...

Страница 576: ...1 Related Commands switchport vlan translation switchport vlan translation default drop Parameter Description interface int The interface to display information about An interface can be a switch por...

Страница 577: ...d awplus show vlan 2 Output Figure 16 3 Example output from the show vlan command Related Commands vlan Parameter Description 1 4094 Display information about the VLAN specified by the VLAN ID all Dis...

Страница 578: ...LANs Syntax show vlan access map name Mode User Exec Privileged Exec Example To display the ACLs in all access maps use the command awplus show vlan access map Output Figure 16 4 Example output from s...

Страница 579: ...r a specific group Syntax show vlan classifier group 1 16 Mode User Exec and Privileged Exec Usage If a group ID is not specified all configured VLAN classifier groups are shown If a group ID is speci...

Страница 580: ...t Mode User Exec and Privileged Exec Usage All configured VLAN classifier groups are shown for a single interface Example TodisplayVLANclassifiergroupinformationforswitchportinterface port1 0 2 enter...

Страница 581: ...all interfaces configured for all VLAN groups enter the command awplus show vlan classifier interface group To display information about all interfaces configured for VLAN group 1 enter the command aw...

Страница 582: ...ged Exec Usage If a rule ID is not specified all configured VLAN classifier rules are shown If a rule ID is specified a specific configured VLAN classifier rule is shown Example To display information...

Страница 583: ...de User Exec Privileged Exec Example To display information about the filter that uses the access map named deny_all use the command awplus show vlan filter deny_all Output Figure 16 9 Example output...

Страница 584: ...ion and associations Syntax show vlan private vlan Mode User Exec and Privileged Exec Example To display the private VLAN configuration and associations enter the command awplus show vlan private vlan...

Страница 585: ...nces Syntax show vlan statistics name instance_name Mode User Exec and Privileged Exec Examples To display all packet counters for the packet counter instance vlan2 data awplus show vlan statistics na...

Страница 586: ...itchports using the negated form of this command Mode Interface Configuration Usage Any untagged frame received on this port will be associated with the specified VLAN Examples To change the port base...

Страница 587: ...orm Protection or EPSR Ethernet Protection Switching Ring Note that if the VID is not given all disabled VLANs are re enabled Syntax switchport enable vlan 1 4094 Mode Interface Configuration Example...

Страница 588: ...ccess ingress filter enable disable Default By default ports are in access mode with ingress filtering on Usage Use access mode to send untagged frames only Mode Interface Configuration Example awplus...

Страница 589: ...ce port1 0 2 awplus config if switchport mode private vlan host awplus config interface port1 0 3 awplus config if switchport mode private vlan promiscuous awplus config interface port1 0 4 awplus con...

Страница 590: ...private vlan trunk promiscuous Default By default a port in trunk mode is disabled as a promiscuous port Mode Interface Configuration Usage A port must be put in trunk mode with switchport mode trunk...

Страница 591: ...config vlan exit awplus config interface port1 0 2 awplus config if switchport mode trunk awplus config if switchport trunk allowed vlan add 2 4 awplus config if switchport mode private vlan trunk pr...

Страница 592: ...fault a port in trunk mode is disabled as a secondary port When a port in trunk mode is enabled to be a secondary port for isolated VLANs by default it will have a native VLAN of none no native VLAN s...

Страница 593: ...us config vlan private vlan 2 isolated awplus config vlan exit awplus config interface port1 0 3 awplus config if switchport mode trunk awplus config if switchport trunk allowed vlan add 2 awplus conf...

Страница 594: ...the default VLAN vlan1 and have ingress filtering on Mode Interface Configuration Usage Aportin trunkmodecan be a tagged member ofmultipleVLANs and anuntagged member of one native VLAN To configure wh...

Страница 595: ...ommand to remove the association Syntax switchport private vlan host association primary vlan id add secondary vlan id no switchport private vlan host association Mode Interface Configuration Examples...

Страница 596: ...switchport private vlan mapping Mode Interface Configuration Usage This command can be applied to a switch port or a static channel group but not a dynamic LACP channel group LACP channel groups dynam...

Страница 597: ...and receive through the port add Add a VLAN to the list of VLANs that are allowed to transmit and receive through the port Only use this parameter if a list of VLANs is already configured on a port r...

Страница 598: ...configuration is currently switchport trunk allowed vlan all then you should remove VLAN3 5 by entering the except parameter instead of using the remove parameter This means using the following comma...

Страница 599: ...wplus config interface port1 0 2 awplus config if switchport trunk allowed vlan add 2 The following shows adding a range of VLANs to the port s member set awplus configure terminal awplus config inter...

Страница 600: ...ollowing commands show configuration of VLAN 2 as the native VLAN for port1 0 2 awplus configure terminal awplus config interface port1 0 2 awplus config if switchport trunk native vlan 2 The followin...

Страница 601: ...translation vlan wire vid vlan vid no switchport vlan translation all vlan wire vid Default None by default no translation entries exist Mode Interface Configuration for a switch port or a static cha...

Страница 602: ...lation default drop Default Do not drop packets Mode Interface Configuration for a switch port or a static channel group or a dynamic LACP channel group The interface must be in a mode that supports t...

Страница 603: ...Interface Configuration Usage Use VLAN stacking to separate traffic from different customers to that they can be managed over a provider network Note that you must also set an MRU of 1504 or higher o...

Страница 604: ...advertised Mode Interface Configuration Usage LLDP MED advertisements including Network Policy TLVs are transmitted via a port if LLDP is enabled lldp run command Voice VLAN is configured for the por...

Страница 605: ...network policy is advertised for voice devices Mode Interface Configuration Usage LLDP MED advertisements including Network Policy TLVs are transmitted via a port if LLDP is enabled lldp run command V...

Страница 606: ...ged for VLAN 10 use the commands awplus configure terminal awplus config interface port1 0 5 awplus config if switchport voice vlan 10 To tell IP phones connected to ports 1 0 2 1 0 6 to send priority...

Страница 607: ...AlliedWare Plus Operating System Version 5 4 7 1 x VLAN COMMANDS SWITCHPORT VOICE VLAN Related Commands egress vlan id egress vlan name lldp med tlv select spanning tree edgeport RSTP and MSTP switch...

Страница 608: ...Usage LLDP MED advertisements including Network Policy TLVs are transmitted via a port if LLDP is enabled lldp run command Voice VLAN is configured for the port switchport voice vlan command The porti...

Страница 609: ...mtu Default By default VLANs are enabled when they are created Mode VLAN Configuration Examples To enable vlan 45 use the commands awplus configure terminal awplus config vlan database awplus config...

Страница 610: ...AN ACLs and ACL processing order Use the no variant of this command to delete a VLAN access map Syntax vlan access map name no vlan access map name Default By default no VLAN access maps exist Mode Gl...

Страница 611: ...r Usage See the protocol based VLAN configuration example in the VLAN Feature Overview and Configuration Guide for configuration details Example To associate VLAN classifier group 3 with switch port1...

Страница 612: ...VLAN classifier rules Syntax vlan classifier group 1 16 add delete rule vlan class rule id no vlan classifier group 1 16 Mode Global Configuration Example awplus configure terminal awplus config vlan...

Страница 613: ...classifier only matches IPv4 packets It does not match ARP packets To ensure ARP traffic is classified into the correct subnet VLAN you can use a hardwarebasedpolicymapthatsendsARPpacketstotheCPU whic...

Страница 614: ...decimal values The no variant of this command removes a previously set rule Syntax vlan classifier rule 1 256 proto protocol encap ethv2 nosnapllc snapllc vlan 1 4094 no vlan classifier rule 1 256 Par...

Страница 615: ...rotocol g8bpqx25 2303 G8BPQ AX 25 protocol ieeeaddrtrans 2561 Xerox IEEE802 3 PUP Address ieeepup 2560 Xerox IEEE802 3 PUP protocol ip 2048 IP protocol ipv6 34525 IPv6 protocol ipx 33079 IPX protocol...

Страница 616: ...proto 2056 encap ethv2 vlan 2 awplus config vlan classifier rule 4 proto 2054 encap ethv2 vlan 2 Validation Output awplus show vlan classifier rule Related Commands show vlan classifier rule vlan clas...

Страница 617: ...er the VLAN Configuration mode Syntax vlan database Mode Global Configuration Usage Use this command to enter the VLAN configuration mode You can then add or delete a VLAN or modify its values Example...

Страница 618: ...fault no VLAN filters exist Mode Global Configuration Example To apply ACL 3001 to VLAN 48 where the ACL drops IP traffic from any source to any destination use the commands awplus configure terminal...

Страница 619: ...nected to a Microsoft Windows PC To avoid this we recommend disabling IGMP snooping on stack local VLANs by using the command no ip igmp snooping Examples To add a stack local VLAN with the VID of 400...

Страница 620: ...e Plus Operating System Version 5 4 7 1 x VLAN COMMANDS VLAN MODE STACK LOCAL VLAN To remove VLAN 4002 use the following commands awplus configure terminal awplus config vlan database awplus config vl...

Страница 621: ...support 128 packet counter instances These resources are also shared with other features such as QoS and ACLs Where the remaining resources are insufficient to support the VLAN Statistics feature the...

Страница 622: ...move the remaining ports 1 0 2 to 1 0 4 from the packet counter instance named vlan2 data Note that because there are no ports associated with the vlan2 data this instance will be removed awplus confi...

Страница 623: ...nd MSTP on page 626 debug mstp RSTP and STP on page 627 instance priority MSTP on page 631 instance vlan MSTP on page 633 region MSTP on page 635 revision MSTP on page 636 show debugging mstp on page...

Страница 624: ...page 671 spanning tree guard root on page 672 spanning tree hello time on page 673 spanning tree link type on page 674 spanning tree max age on page 675 spanning tree max hops MSTP on page 676 spanni...

Страница 625: ...ge Use this command with the instance parameter in MSTP mode Specifying this command with the interface parameter only not the instance parameter will work in STP and RSTP mode Examples awplus clear s...

Страница 626: ...w Use this command to clear the detected protocols for a specific port or all ports Use this command in RSTP or MSTP mode only Syntax clear spanning tree detected protocols interface port Mode Privile...

Страница 627: ...1 Use the debug mstp topology change interface command to generate debugging messageswhen the device receives an indicationof a topology change in a BPDU from another device The debugging can be activ...

Страница 628: ...is command uses the keyword mstp it displays debugging output for RSTP and STP protocols as well as the MSTP protocol Due to the likely volume of output these debug messages are best viewed using the...

Страница 629: ...ST int pathcost 0 17 23 42 awplus MSTP 1417 CIST bridge id 0000 0000cd1000fe 17 23 42 awplus MSTP 1417 CIST hops remaining 20 17 23 42 awplus MSTP 1417 MSTI flags Agree Forward Learn role Desig 17 23...

Страница 630: ...bugging mstp terminal monitor undebug mstp awplus terminal monitor awplus debug mstp packet rx decode interface port1 0 4 awplus 17 30 17 awplus MSTP 1417 port1 0 4 xSTP BPDU rx start 17 30 17 awplus...

Страница 631: ...instance MSTP selects the device with the lowest MAC address to be the root bridge Give the device a higher priority for becoming the root bridge for a particular instance by assigning it a lower prio...

Страница 632: ...0 Series 632 AlliedWare Plus Operating System Version 5 4 7 1 x SPANNING TREE COMMANDS INSTANCE PRIORITY MSTP Related Commands region MSTP revision MSTP show spanning tree mst config spanning tree mst...

Страница 633: ...MST Configuration Usage The VLANs must be created before being associated with an MST instance MSTI If the VLAN range is not specified the MSTI will not be created This command removes the specified V...

Страница 634: ...Reference for x510 Series 634 AlliedWare Plus Operating System Version 5 4 7 1 x SPANNING TREE COMMANDS INSTANCE VLAN MSTP Related Commands region MSTP revision MSTP show spanning tree mst config span...

Страница 635: ...to the default Syntax region region name no region Default By default the region name is My Name Mode MST Configuration Usage The region name the revision number and the digest of the VLAN to MSTI co...

Страница 636: ...revision number Default The default of revision number is 0 Mode MST Configuration Usage The region name the revision number and the digest of the VLAN to MSTI configuration table must be the same on...

Страница 637: ...on on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show debugging mstp Mode User Exec and Privileged Exec mode Examp...

Страница 638: ...ter has been included for RSTP and MSTP You can see the topology change counter for RSTP by using the show spanning tree command You can see the topology change counter for MSTP by using the show span...

Страница 639: ...imer 0 topo change timer 0 port1 0 1 forward transitions 0 port1 0 1 Version Rapid Spanning Tree Protocol Received None Send STP port1 0 1 No portfast configured Current portfast off port1 0 1 portfas...

Страница 640: ...1 0 3 Designated Path Cost 0 port1 0 3 Configured Path Cost 200000 Add type Explicit ref count 1 port1 0 3 Designated Port Id 839f Priority 128 port1 0 3 Root 80000000cd20f093 port1 0 3 Designated Bri...

Страница 641: ...he topology change counter for MSTP by using the show spanning tree mst instance command Example To display a summary of spanning tree status information use the command awplus show spanning tree brie...

Страница 642: ...e Configuration Example To display bridge level information about the CIST and VLAN to MSTI mappings enter the command awplus show spanning tree mst Output Figure 17 5 Example output from show spannin...

Страница 643: ...age The region name the revision number and the digest of the VLAN to MSTI configuration table must be the same on all devices that are intended to be in the same MST region Example To display MSTP co...

Страница 644: ...f2d 1 CIST Reg Root Id 80000000cd24ff2d 1 CIST Bridge Id 80000000cd24ff2d 1 portfast bpdu filter disabled 1 portfast bpdu guard disabled 1 portfast errdisable timeout disabled 1 portfast errdisable ti...

Страница 645: ...gional Root 80000000cd24ff2d port1 0 3 Designated Bridge 80000000cd24ff2d port1 0 3 Message Age 0 Max Age 20 port1 0 3 CIST Hello Time 2 Forward Delay 15 port1 0 3 CIST Forward Timer 0 Msg Age Timer 0...

Страница 646: ...rt e g port1 0 4 a static channel group e g sa2 or a dynamic LACP channel group e g po2 1 Bridge up Spanning Tree Enabled 1 CIST Root Path Cost 0 CIST Root Port 0 CIST Bridge Priority 32768 1 Forward...

Страница 647: ...point Current shared Instance 2 Vlans 2 1 MSTI Root Path Cost 0 MSTI Root Port 0 MSTI Bridge Priority 32768 1 MSTI Root Id 80020000cd24ff2d 1 MSTI Bridge Id 80020000cd24ff2d port1 0 2 Port 5002 Id 83...

Страница 648: ...xec Privileged Exec and Interface Configuration Example To display detailed information for instance 2 and all switch ports associated with that instance use the command awplus show spanning tree mst...

Страница 649: ...e mst instance 2 interface port1 0 2 Output Figure 17 10 Example output from show spanning tree mst instance Parameter Description instance id Specify an MSTP instance in the range 1 15 port The port...

Страница 650: ...instance and all interfaces associated with them for port1 0 4 use the command awplus show spanning tree mst interface port1 0 4 Output Figure 17 11 Example output from show spanning tree mst interfac...

Страница 651: ...rt e g port1 0 4 a static channel group e g sa2 or a dynamic LACP channel group e g po2 1 Bridge up Spanning Tree Enabled 1 CIST Root Path Cost 0 CIST Root Port 0 CIST Bridge Priority 32768 1 Forward...

Страница 652: ...point Current shared Instance 2 Vlans 2 1 MSTI Root Path Cost 0 MSTI Root Port 0 MSTI Bridge Priority 32768 1 MSTI Root Id 80020000cd24ff2d 1 MSTI Bridge Id 80020000cd24ff2d port1 0 2 Port 5002 Id 83...

Страница 653: ...isplay BPDU statistics for all spanning tree instances and all switch ports associated with all spanning tree instances use the command awplus show spanning tree statistics Output Figure 17 13 Example...

Страница 654: ...lo timer INACTIVE Hello Time Value 0 Forward Delay Timer INACTIVE Forward Delay Timer Value 0 Message Age Timer INACTIVE Message Age Timer Value 0 Topology Change Timer INACTIVE Topology Change Timer...

Страница 655: ...panning tree statistics instance instance id Mode Privileged Exec Example To display BPDU statistics information for MST instance 2 and all switch ports associated with that MST instance use the comma...

Страница 656: ...rmation on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show spanning tree statistics instance instance id interface...

Страница 657: ...for Instance 1 INST_PORT port1 0 2 Information Statistics Config Bpdu s xmitted port inst 0 0 Config Bpdu s received port inst 0 0 TCN Bpdu s xmitted port inst 0 0 TCN Bpdu s received port inst 0 0 M...

Страница 658: ...bout each MST instance for port1 0 2 use the command awplus show spanning tree statistics interface port1 0 2 Output Figure 17 16 Example output from show spanning tree statistics interface Parameter...

Страница 659: ...0 Message Age Timer INACTIVE Message Age Timer Value 0 Topology Change Timer INACTIVE Topology Change Timer Value 0 Hold Timer INACTIVE Hold Timer Value 0 Other Port Specific Info Max Age Transitions...

Страница 660: ...them including the VLAN range index value for the device Syntax show spanning tree vlan range index Mode Privileged Exec Example To display information about MST instances and the VLANs associated wit...

Страница 661: ...an edge port If it does not receive any BPDUs in the first three seconds after linkup enabling or entering RSTP or MSTP mode it sets itself to be an edgeport and enters the forwarding state Use this c...

Страница 662: ...oprietary STP protocols with unsupported BPDUs by forwarding BDPU Bridge Protocol Data Unit frames unchanged through the switch You must disable RSTP with the no spanning tree rstp enable command befo...

Страница 663: ...untagged frames in Global Configuration mode with STP disabled which forwards any ingress STP BPDU frames to all ports that are untagged members of the ingress port s native VLAN enter the commands aw...

Страница 664: ...the switched LAN running the AlliedWare Plus Operating System must have Cisco interoperability enabled When the AlliedWare Plus Operating System is interoperating with Cisco the only criteria used to...

Страница 665: ...tput of some show commands Use the no variant of this command to set a port to its default state not an edge port Syntax spanning tree edgeport no spanning tree edgeport Default Not an edge port Mode...

Страница 666: ...the spanning tree mode is set to RSTP To change the mode see spanning tree mode command Examples To enable STP in Global Configuration mode enter the below commands awplus configure terminal awplus co...

Страница 667: ...Operating System Version 5 4 7 1 x SPANNING TREE COMMANDS SPANNING TREE ENABLE To disable RSTP in Global Configuration mode enter the below commands awplus configure terminal awplus config no spannin...

Страница 668: ...tree errdisable timeout enable no spanning tree errdisable timeout enable Default By default the errdisable timeout is disabled Mode Global Configuration Usage The BPDU guard feature shuts down the po...

Страница 669: ...y the BPDU guard feature Use this command for RSTP or MSTP Syntax spanning tree errdisable timeout interval 10 1000000 no spanning tree errdisable timeout interval Default By default the port is re en...

Страница 670: ...ode Interface Configuration mode for a switch port interface only Examples Set the value to enforce the spanning tree protocol STP awplus configure terminal awplus config interface port1 0 2 awplus co...

Страница 671: ...ng to learning and from learning to forwarding This value is used only when the device is acting as the root bridge Devices not acting asthe RootBridgeuse adynamic valuefor the forwarddelayset by ther...

Страница 672: ...se this command for RSTP STP or MSTP Use the no variant of this command to disable the root guard feature for the port Syntax spanning tree guard root no spanning tree guard root Mode Interface Config...

Страница 673: ...restore the default of the hello time Syntax spanning tree hello time hello time no spanning tree hello time Default Default is 2 seconds Mode Global Configuration and Interface Configuration for swi...

Страница 674: ...ariant of this command to return the port to the default link type Syntax spanning tree link type point to point shared no spanning tree link type Default The default link type is point to point Mode...

Страница 675: ...fault of spanning tree max age is 20 seconds Mode Global Configuration Usage Max age is the maximum time in seconds for which a message is considered valid Configure this value sufficiently high so th...

Страница 676: ...ax spanning tree max hops hop count no spanning tree max hops hop count Default The default max hops in a MST region is 20 Mode Global Configuration Usage Specifying the max hops for a BPDU prevents t...

Страница 677: ...anning tree protocol mode on the device is RSTP Mode Global Configuration Usage With no configuration the device will have spanning tree enabled and the spanning tree mode will be set to RSTP Use this...

Страница 678: ...figuration Overview Use this command to enter the MST Configuration mode to configure the Multiple Spanning Tree Protocol Syntax spanning tree mst configuration Mode Global Configuration Examples Thef...

Страница 679: ...tion mode for a switch port or channel group Usage You can disable automatic configuration of member ports of a VLAN to an associated MSTI by using a no spanning tree mst instance command to remove th...

Страница 680: ...om the IEEE 802 1q 2003 standard Mode Interface Configuration mode for a switch port interface only Usage Before you can use this command to set a path cost in a VLAN configuration you must explicitly...

Страница 681: ...turn the path cost to its default value on instance 3 use the commands awplus configure terminal awplus config interface port1 0 2 awplus config if no spanning tree mst instance 3 path cost Related Co...

Страница 682: ...STI The port with the lowest value has the highest priority so it will be chosen as root port over a port that is equivalent in all other aspects but with a higher priority value Examples To set the p...

Страница 683: ...ce instance id restricted role Default The restricted role for an MSTI instance on a switch port is disabled by default Mode Interface Configuration mode for a switch port interface only Usage The roo...

Страница 684: ...rating System Version 5 4 7 1 x SPANNING TREE COMMANDS SPANNING TREE MST INSTANCE RESTRICTED ROLE Related Commands instance vlan MSTP spanning tree priority port priority spanning tree mst instance sp...

Страница 685: ...instance id restricted tcn no spanning tree mst instance instance id restricted tcn Default Disabled By default switch ports propagate TCNs Mode Interface Configuration mode for a switch port interfa...

Страница 686: ...o the port s path cost for the CIST Syntax spanning tree path cost pathcost no spanning tree path cost Default The default path cost values and the range of recommended path cost values depend on the...

Страница 687: ...x spanning tree portfast no spanning tree portfast Default Not an edge port Mode Interface Configuration mode for a switch port interface only Usage Portfast makes a port move from a blocking state to...

Страница 688: ...1 x SPANNING TREE COMMANDS SPANNING TREE PORTFAST STP Example awplus configure terminal awplus config interface port1 0 2 awplus config if spanning tree portfast Related Commands spanning tree edgepo...

Страница 689: ...er Default BPDU Filter is not enabled on any ports by default Mode Global Configuration and Interface Configuration Usage This command filters the BPDUs and passes only data to continue to act as an e...

Страница 690: ...FAST BPDU FILTER To enable STP BPDU filtering in Interface Configuration mode enter the commands awplus configure terminal awplus config interface port1 0 2 awplus config if spanning tree portfast bpd...

Страница 691: ...by default Mode Global Configuration or Interface Configuration Usage This command blocks the port s to all devices and data when enabled BPDU Guard is a port security feature that changes how a port...

Страница 692: ...ntly running values of bpdu guard Example To enable STP BPDU guard in Global Configuration mode enter the below commands awplus configure terminal awplus config spanning tree portfast bpdu guard To en...

Страница 693: ...MSTP mode is configured this will apply to the CIST Use the no variant of this command to reset it to the default Syntax spanning tree priority priority no spanning tree priority Default The default...

Страница 694: ...to the default Syntax spanning tree priority priority no spanning tree priority Default The default priority is 128 Mode Interface Configuration mode for a switch port interface only Usage To force a...

Страница 695: ...or a switch port interface only to restrict the port from becoming a root port Use the no variant of this command to disable the restricted role functionality Syntax spanning tree restricted role no s...

Страница 696: ...dge Protocol Data Units from being sent on a port If this command is enabled after a topology change a bridge is prevented from sending a TCN to its designated bridge Use the no variant of this comman...

Страница 697: ...verview Use this command to set the maximum number of BPDU transmissions that are held back Use the no variant of this command to restore the default transmit hold count value Syntax spanning tree tra...

Страница 698: ...and Reference for x510 Series 698 AlliedWare Plus Operating System Version 5 4 7 1 x SPANNING TREE COMMANDS UNDEBUG MSTP undebug mstp Overview This command applies the functionality of the no debug ms...

Страница 699: ...ws across the links as evenly as possible Link aggregation hashes one or more of the source and destination MAC address IP address and UDP TCP ports to select a link on which to send a packet So packe...

Страница 700: ...rm load balancing on page 710 show debugging lacp on page 712 show diagnostic channel group on page 713 show etherchannel on page 715 show etherchannel detail on page 716 show etherchannel summary on...

Страница 701: ...same port speed and be in full duplex mode Once the LACP channel group has been created it is treated as a device port and can be referred to in most other commands that apply to device ports To refer...

Страница 702: ...ace port1 0 6 awplus config if channel group 2 mode active To remove device port1 0 6 from any created LACP channel groups use the command below awplus configure terminal awplus config interface port1...

Страница 703: ...REGATION COMMANDS CLEAR LACP COUNTERS clear lacp counters Overview Use this command to clear all counters of all present LACP aggregators channel groups or a given LACP aggregator Syntax clear lacp 1...

Страница 704: ...lacp all Related Commands show debugging lacp undebug lacp Parameter Description all Turn on all debugging for LACP cli Specifies debugging for CLI messages Echoes commands to the console event Speci...

Страница 705: ...Global Configuration Usage Do not mix LACP configurations manual and dynamic When LACP global passive mode is turned on by using the lacp global passive mode enable command we do not recommend using...

Страница 706: ...ggregation based on their priority with the higher priority numerically lower ports selected first Use the no variant of this command to reset the priority of port to the default Syntax lacp port prio...

Страница 707: ...ing the system responsible for resolving conflicts in the choice of aggregation groups Use the no variant of this command to reset the system priority of the local system to the default Syntax lacp sy...

Страница 708: ...tion if no updates are seen for 3 seconds i e 3 consecutive updates are lost The device indicates its preference by means of the Timeout field in the Actor section of its LACPDUs If the Timeout field...

Страница 709: ...liedWare Plus Operating System Version 5 4 7 1 x LINK AGGREGATION COMMANDS LACP TIMEOUT The following commands set the LACP short timeout for 1 second on port1 0 2 awplus configure terminal awplus con...

Страница 710: ...set of inputs you must turn off the inputs you do not want Useful combinations of inputs include all four inputs MAC address IP address and Layer 4 port number MAC address and Ethertype MAC address on...

Страница 711: ...remove Ethertype by entering awplus configure terminal awplus config no platform load balancing ethertype To use MAC addresses and Ethertype remove the IP inputs by entering awplus configure terminal...

Страница 712: ...mmand output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show debugging lacp Mode User Exec and Privileged Exec Example awplus show debugging lacp Outp...

Страница 713: ...nnel group Mode User Exec and Privileged Exec Example awplus show diagnostic channel group Output Figure 18 2 Example output from the show diagnostic channel group command awplus show diagnostic chann...

Страница 714: ...7 1 x LINK AGGREGATION COMMANDS SHOW DIAGNOSTIC CHANNEL GROUP Related Commands show tech support Channel Group Info based on HW Note Pos position in hardware table Only entries from first device are d...

Страница 715: ...ation Guide which is available on our website at alliedtelesis com Syntax show etherchannel 1 32 Mode User Exec and Privileged Exec Example awplus show etherchannel Output Figure 18 3 Example output f...

Страница 716: ...Exec and Privileged Exec Example awplus show etherchannel detail Output Example output from show etherchannel detail awplus show etherchannel detail Aggregator po1 IfIndex 4601 Mac address 00 00 cd 37...

Страница 717: ...the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide which is available on our website at alliedtelesis com Syntax show etherchannel summary Mode User Exec and Privileged...

Страница 718: ...CP system ID and priority For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide which is available on our website...

Страница 719: ...mation on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide which is available on our website at alliedtelesis com Syntax show l...

Страница 720: ...etherchannel Parameter Description port Name of the device port to display LACP information about awplus show port etherchannel port1 0 2 LACP link info port1 0 2 7007 Link port1 0 2 IfIndex 7007 Aggr...

Страница 721: ...iting command is set to vlan disable the output will also show the VLANs on which thrashing is detected For information on filtering and saving command output see the Getting Started with AlliedWare P...

Страница 722: ...to be removed the static channel group is deleted All the ports in a channel group must have the same VLAN configuration they must belong to the same VLANs and have the same tagging status and can onl...

Страница 723: ...the commands awplus configure terminal awplus config interface sa2 awplus config if To make it possible to use QoS Storm Protection on static channel group 2 on port1 0 6 with an ACL named test acl us...

Страница 724: ...Command Reference for x510 Series 724 AlliedWare Plus Operating System Version 5 4 7 1 x LINK AGGREGATION COMMANDS UNDEBUG LACP undebug lacp Overview This command applies the functionality of the no...

Страница 725: ...he PoE Feature Overview and Configuration_Guide the Support for Allied Telesis Enterprise_MIBs_in AlliedWare Plus for information about which PoE MIB objects are supported theSNMPFeatureOverviewand Co...

Страница 726: ...e Plus Operating System Version 5 4 7 1 x POWER OVER ETHERNET COMMANDS show debugging power inline on page 739 show power inline on page 740 show power inline counters on page 743 show power inline in...

Страница 727: ...21 Syntax clear power inline counters interface port list Mode Privileged Exec Usage The PoE counters are displayed with the show power inline counters command Examples To clear the PoE counters for p...

Страница 728: ...PoE event and info debug messages on the console use the following commands awplus terminal monitor awplus debug power inline event info To enable PoE debugging and start the display of all PoE debug...

Страница 729: ...0 01 Rev B Command Reference for x510 Series 729 AlliedWare Plus Operating System Version 5 4 7 1 x POWER OVER ETHERNET COMMANDS DEBUG POWER INLINE Related Commands show debugging power inline termina...

Страница 730: ...f pre IEEE 802 3af Power Ethernet standard legacy Powered Devices PDs Syntax power inline allow legacy no power inline allow legacy Default Detection of legacy PDs is enabled on all ports Mode Global...

Страница 731: ...orts with the preceding interface to configure command If you specify a range or list of ports they must all be PoE capable ports In a VCStack of switches this command is supported on all PoE capable...

Страница 732: ...abled Syntax power inline enable no power inline enable Default PoE is enabled by default on all ports Mode Interface Configuration for one or more ports Usage No PoE log messages are generated for po...

Страница 733: ...variant of this command sets the maximum power supplied to a PoE port to the default which is set to the maximum power limit for the class of the connected Powered Device PD Syntax power inline max 4...

Страница 734: ...at the PD Examples To set the maximum power supplied to ports in the range port1 0 1 to port1 0 4 to 6450mW per port use the following commands awplus configure terminal awplus config interface port1...

Страница 735: ...cify a range or list of ports they must all be PoE capable ports PoE ports with higher priorities are given power before PoE ports with lower priorities If the priorities for two PoE ports are the sam...

Страница 736: ...awplus configure terminal awplus config interface port1 0 1 port1 0 4 awplus config if power inline priority high To reset the priority level to the default of low on port1 0 1 to port1 0 4 use the f...

Страница 737: ...r usage threshold is 80 of the nominal power rating Mode Global Configuration Usage Use the snmp server enable trap command to configure SNMP notification An SNMP notification is sent when the usage t...

Страница 738: ...is enabled by default Mode Global Configuration Usage In a stack issuing this command enables PoE globally for all PoE ports In a stack configuration only stack members containing PoE hardware will h...

Страница 739: ...ing power inline Mode User Exec and Privileged Exec Example To display PoE debug settings use the following command awplus show debugging power inline Output Figure 19 1 Example output from the show d...

Страница 740: ...70W Power Allocated 246W Actual Power Consumption 151W Operational Status On Power Usage Threshold 80 296W PoE Interface Interface Admin Pri Oper Power Device Class Max mW port1 0 1 Enabled Low Powere...

Страница 741: ...r inline priority command Low is the lowest priority this is the default High is the second highest priority Crit critical is the highest priority If the switch cannot supply all ports it will supply...

Страница 742: ...ription is shown for PDs not configured with the power inline description command Class The class of the connected PD if power is being supplied to the PD Max mW The power in milliwatts mW allocated f...

Страница 743: ...Configuration Guide Syntax show power inline counters port list Mode User Exec and Privileged Exec Examples To display all PoE event counters for all PoE ports use the command awplus show power inlin...

Страница 744: ...ignal has been lost The PoE MPS signal is lost when a PD is disconnected from the PSE Also increments pethPsePortMPSAbsentCounter in the PoE MIB Overload The number of instances when a PD exceeds its...

Страница 745: ...E port specific information for the port range1 0 1 to 1 0 4 use the following command awplus show power inline interface port1 0 1 port1 0 4 Output Figure 19 4 Example output from show power inline i...

Страница 746: ...are not connected to a PD Disabled displays if the PoE port is administratively disabled Syncing displays if PoE is still initializing the port when you issue the command Fault displays if there is a...

Страница 747: ...w and is limited by the maximum power per Powered Device PD class or a user configured power limit Examples To display detailed PoE port specific information for the port range 1 0 1 to 1 0 3 use the...

Страница 748: ...the PSE Denied displays when supplying power would make the PSE go over the power budget Disabled displays when the PoE port is administratively disabled Off displays when PoE has been disabled for t...

Страница 749: ...B Command Reference for x510 Series 749 AlliedWare Plus Operating System Version 5 4 7 1 x POWER OVER ETHERNET COMMANDS SHOW POWER INLINE INTERFACE DETAIL Related Commands show power inline show power...

Страница 750: ...re Plus GVRP implementation GVRP and MSTP are mutually exclusive STP and RSTP are supported by GVRP VCStack is not supported by the current AlliedWare Plus GVRP implementation This chapter provides an...

Страница 751: ...C613 50170 01 Rev B Command Reference for x510 Series 751 AlliedWare Plus Operating System Version 5 4 7 1 x GVRP COMMANDS show gvrp timer on page 765...

Страница 752: ...Privileged Exec Usage Use this command together with the show gvrp statistics command to troubleshoot GVRP Examples To clear all GVRP statistics for all switchport on the switch enter the command awp...

Страница 753: ...interface port1 0 1 port1 0 2 awplus config if gvrp To disable GVRP on interfaces port1 0 1 port1 0 2 enter the commands awplus configure terminal awplus config interface port1 0 1 port1 0 2 awplus co...

Страница 754: ...er the commands awplus terminal monitor awplus configure terminal awplus config debug gvrp cli To stop sending debug output for GVRP packets and GVRP commands to the console and to stop the display of...

Страница 755: ...rface command You must enable GVRP on both ends of a link for GVRP to propagate VLANs between links NOTE MSTP is not supported by the current AlliedWare Plus GVRP implementation GVRP and MSTP are mutu...

Страница 756: ...interface in Interface Configuration mode Both of these tasks must occur to create VLANs NOTE There is limit of 400 VLANs supported by the AlliedWare Plus GVRP implementation VLANsmaybenumbered1 4094...

Страница 757: ...nd before issuing a gvrp interface command You must enable GVRP on both ends of a link for GVRP to propagate VLANs between links NOTE MSTP is not supported by the current AlliedWare Plus GVRP implemen...

Страница 758: ...show gvrp configuration command Configuring a trunk port in fixed registration mode allows manual creation of VLANs Configuring a trunk port in forbidden registration mode prevents VLAN creation on th...

Страница 759: ...abled switches See also the section Setting the GVRP Timers in the GVRP Feature Overview and Configuration Guide Use the show gvrp timer command to confirm GVRP timers set with this command Examples T...

Страница 760: ...m Version 5 4 7 1 x GVRP COMMANDS GVRP TIMER To reset the GVRP join timer to its default of 20 hundredths of a second for interface port1 0 1 enter the commands awplus configure terminal awplus config...

Страница 761: ...ure Overview and Configuration Guide Syntax show debugging gvrp Mode User Exec and Privileged Exec Example Enter the following commands to display GVRP debugging output on the console awplus configure...

Страница 762: ...n Guide Syntax show gvrp configuration Mode User Exec and Privileged Exec Example To show GVRP configuration for the switch enter the command awplus show gvrp configuration Output The following is an...

Страница 763: ...ommand output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show gvrp machine Mode User Exec and Privileged Exec Example To show the GVRP state machine f...

Страница 764: ...gether with the clear gvrp statistics command to troubleshoot GVRP Examples To show the GVRP statistics for all switchport interfaces enter the command awplus show gvrp statistics To show the GVRP sta...

Страница 765: ...ion Guide Syntax show gvrp timer interface Mode User Exec and Privileged Exec Examples To show the GVRP timers for all switchport interfaces enter the command awplus show gvrp timer To show the GVRP t...

Страница 766: ...C613 50170 01 Rev B Command Reference for x510 Series 766 AlliedWare Plus Operating System Version 5 4 7 1 x Part 3 Layer 3 Switching...

Страница 767: ...e IP Feature Overview and Configuration Guide Command List arp aging timeout on page 769 arp mac disparity on page 770 arp IP address MAC on page 773 arp log on page 774 arp opportunistic nd on page 7...

Страница 768: ...synack retries on page 796 ip unreachables on page 797 local proxy arp on page 799 optimistic nd on page 800 ping on page 801 show arp on page 802 show debugging ip packet on page 804 show ip interfac...

Страница 769: ...es not fill with entries for hosts that are no longer active Static ARP entries are not aged or automatically deleted By default the time limit for dynamic ARP entries is 300 seconds on all interfaces...

Страница 770: ...he disparate ARP has a multicast MAC address in the ARP reply the switch drops the ARP reply and does not learn any associated addresses If the disparate ARP has a unicast MAC address in the ARP reply...

Страница 771: ...a disparate ARP response an ARP entry is created for the IP MAC in the content of the ARP packet The difference with the arp mac disparity multicast igmp command is that the egress port is set to the...

Страница 772: ...IP ADDRESSING AND PROTOCOL COMMANDS ARP MAC DISPARITY To disable support for MS NLB in unicast mode on interface vlan2 use the following commands awplus configure terminal awplus config interface vlan...

Страница 773: ...dress port number alias no arp ip addr Mode Global Configuration Examples To add the IP address 10 10 10 9 with the MAC address 0010 2533 4655 into the ARP cache and have your device respond to ARP re...

Страница 774: ...e the option to change how the MAC address is displayed in the ARP log message The output can either use the notation HHHH HHHH HHHH or HH HH HH HH HH HH Enter arp log to use HHHH HHHH HHHH notation E...

Страница 775: ...plus configure terminal awplus config arp log awplus config exit awplus show log include ARP_LOG 2016 Oct 6 06 21 01 user notice awplus HSL 1007 ARP_LOG port1 0 1 vlan1 add 0013 4078 3b98 192 168 2 4...

Страница 776: ...log include ARP_LOG Parameter Description ARP_LOG Indicates that ARP log entry information follows port number Indicates device port number for the ARP log entry vid Indicates the VLAN ID for the ARP...

Страница 777: ...uration Usage When opportunistic neighbor discovery is enabled the device will reply to any received unsolicited ARP packets but not gratuitous ARP packets The source MAC address for the unsolicited A...

Страница 778: ...nses that contain a broadcast destination MAC Use the no variant of this command to turn off processing of ARP replies that arrive with a broadcast destination MAC Syntax arp reply bc dmac no arp repl...

Страница 779: ...p address Mode Privileged Exec Usage To display the entries in the ARP cache use the show arp command To remove static ARP entries use the no variant of the arp IP address MAC command Example To clear...

Страница 780: ...face to show debugging for either all interfaces or a single interface all Specify all Layer 3 interfaces on the device ip address Specify an IPv4 address If this keyword is specified then only packet...

Страница 781: ...se the command awplus debug ip packet interface all To turn on TCP packet debugging on vlan1 and IP address 192 168 2 4 use the command awplus debug ip packet interface vlan1 address 192 168 2 4 tcp T...

Страница 782: ...onfigure a primary address on the interface before configuring a secondary address NOTE Use show running config interface not show ip interface brief when you need to view a secondary address configur...

Страница 783: ...OL COMMANDS IP ADDRESS IP ADDRESSING AND PROTOCOL To add the IP address 10 10 11 50 24 to the local loopback interface lo use the following commands awplus configure terminal awplus config interface l...

Страница 784: ...on address is a broadcast address for some IP subnet but originates from a node that is not itself part of that destination subnet When a directed broadcast packet reaches a device that is directly co...

Страница 785: ...mand Reference for x510 Series 785 AlliedWare Plus Operating System Version 5 4 7 1 x IP ADDRESSING AND PROTOCOL COMMANDS IP DIRECTED BROADCAST Related Commands ip forward protocol udp ip helper addre...

Страница 786: ...not enabled by default Mode Global Configuration Usage Combined with the ip helper address command in interface mode the ip forward protocol udp command in Global Configuration mode allows control of...

Страница 787: ...1 x IP ADDRESSING AND PROTOCOL COMMANDS IP FORWARD PROTOCOL UDP To delete a UDP port from the UDP ports that the device forwards use the following commands awplus configure terminal awplus config no i...

Страница 788: ...efault The default Gratuitous ARP time limit for all switchports is 8 seconds Mode Global Configuration Usage Every switchport will send a sequence of 3 Gratuitous ARP packets to each VLAN that the sw...

Страница 789: ...g System Version 5 4 7 1 x IP ADDRESSING AND PROTOCOL COMMANDS IP GRATUITOUS ARP LINK To restrict the sending of Gratuitous ARP packets to one every 20 seconds use the commands awplus configure termin...

Страница 790: ...destination address es The destination address can be a unicast address or a subnet broadcast address The UDP destination port is configured separately with the ip forward protocol udp command If mul...

Страница 791: ...LPER ADDRESS The following example removes IPv4 address 192 168 1 100 as an IP Helper destination address to which to forward UDP broadcasts received on vlan2 awplus configure terminal awplus config i...

Страница 792: ...y arp Default Limited local proxy ARP is disabled by default Mode Interface Configuration Usage This command allows you to stop MAC address resolution for specified hosts Limited local proxy ARP works...

Страница 793: ...does not generate or forward any ICMP Redirect messages on that interface This command does not enable proxy ARP on the interface see the ip proxy arp command for more information on enabling proxy A...

Страница 794: ...ute that the ARP request arrived from It ignores all other ARP requests See the ip local proxy arp command about enabling your device to respond to other ARP messages The no variant of this command di...

Страница 795: ...e Usage ICMP redirect messages are used to notify hosts that a better route is available to a destination ICMP redirects are used when a packet is routed into the device on the same interface that the...

Страница 796: ...ng of 5 retries Syntax ip tcp synack retries 0 255 no ip tcp synack retries Default 5 retries Mode Global Configuration Usage The following table shows the approximate correlation between the number o...

Страница 797: ...e these messages to obtain information regarding the topology of a network Disabling destination unreachable messages using the no ip unreachables command secures your network against this type of pro...

Страница 798: ...destination unreachable messages use the commands awplus configure terminal awplus config no ip unreachables To enable destination unreachable messages use the commands awplus configure terminal awpl...

Страница 799: ...ariant of this command to stop specifying a subnet for use with limited local proxy ARP Syntax local proxy arp ip add mask no local proxy arp ip add mask Default No subnets are specified for use with...

Страница 800: ...stale neighbors are deleted from the hardware L3 switching table The optimistic neighbor discovery feature enables the device to sustain L3 traffic switching to a neighbor without interruption Without...

Страница 801: ...t in the IP header interval 0 128 Specify the time interval in seconds between sending ping packets The default is 1 You can use decimal places to specify fractions of a second For example to ping eve...

Страница 802: ...er Exec and Privileged Exec Usage Running this command with no additional parameters will display all entries in the ARP routing and forwarding table Example To display all ARP entries in the ARP cach...

Страница 803: ...ow arp command Parameter Meaning IP Address IP address of the network device this entry maps to MAC Address Hardware address of the network device Interface Interface over which the network device is...

Страница 804: ...ay theIP interface debugging statuswhen theterminal monitoroff use the command awplus terminal no monitor awplus show debug ip packet Output Figure 21 4 Example output from the show debugging ip packe...

Страница 805: ...ev B Command Reference for x510 Series 805 AlliedWare Plus Operating System Version 5 4 7 1 x IP ADDRESSING AND PROTOCOL COMMANDS SHOW DEBUGGING IP PACKET Related Commands debug ip packet interface te...

Страница 806: ...mation for the assigned IP address for interface port1 0 2 use the command awplus show ip interface port1 0 2 brief To show the IP addresses assigned to vlan2 and vlan3 use the command awplus show ip...

Страница 807: ...d to verify that the socket being used is opening correctly If there is a local and remote endpoint a connection is established with the ports indicated Note that this command does not display sockets...

Страница 808: ...are tcp IP Protocol 6 udp IP Protocol 17 raw Indicates that socket is for a non port orientated protocol i e a protocol other than TCP or UDP where all packets of a specified IP protocol type are acce...

Страница 809: ...ny source port will be accepted This is indicated by For active TCP sessions the IP address will display the remote address and port the session was established with For raw sockets the entry in this...

Страница 810: ...de Privileged Exec Example To display IP traffic statistics use the command awplus show ip traffic Output Figure 21 8 Example output from the show ip traffic command IP 261998 packets received 261998...

Страница 811: ...811 AlliedWare Plus Operating System Version 5 4 7 1 x IP ADDRESSING AND PROTOCOL COMMANDS SHOW IP TRAFFIC 155 delayed acks sent 21187 headers predicted 736 pure ACKs 80497 pure ACKs predicted UDP 13...

Страница 812: ...mp Syntax tcpdump line Mode Privileged Exec Example To start a tcpdump running to capture IP packets enter the command awplus tcpdump ip Output Figure 21 9 Example output from the tcpdump command Rela...

Страница 813: ...MANDS TRACEROUTE traceroute Overview Use this command to trace the route to the specified IPv4 host Syntax traceroute ip addr hostname Mode User Exec and Privileged Exec Example awplus traceroute 10 1...

Страница 814: ...Series 814 AlliedWare Plus Operating System Version 5 4 7 1 x IP ADDRESSING AND PROTOCOL COMMANDS UNDEBUG IP PACKET INTERFACE undebug ip packet interface Overview This command applies the functionali...

Страница 815: ...Plus Switches Feature Overview and Configuration Guide Command List clear ip dns forwarding cache on page 817 debug ip dns forwarding on page 818 ip dns forwarding on page 819 ip dns forwarding cache...

Страница 816: ...r x510 Series 816 AlliedWare Plus Operating System Version 5 4 7 1 x DOMAIN NAME SERVICE DNS COMMANDS show ip dns forwarding server on page 833 show ip domain list on page 834 show ip domain name on p...

Страница 817: ...DNS COMMANDS CLEAR IP DNS FORWARDING CACHE clear ip dns forwarding cache Overview Use this command to clear the DNS Relay name resolver cache Syntax clear ip dns forwarding cache Mode Privileged Exec...

Страница 818: ...g Use the no variant of this command to disable DNS Relay debugging Syntax debug ip dns forwarding no debug ip dns forwarding Default DNS Relay debugging is disabled by default Mode Privileged Exec Ex...

Страница 819: ...at IP domain lookup is enabled IP domain lookup is enabled by default but if it has been disabled you can re enable it by using the command ip domain lookup See the ip dns forwarding dead time command...

Страница 820: ...time out period of the cache entry will only be used when the time out period of the DNS reply from the DNS server is bigger than the time out period configured on the device Syntax ip dns forwarding...

Страница 821: ...fault time to stop sending DNS requests to an unresponsive server is 3600 seconds Mode Global Configuration Usage See the ip dns forwarding retry command used with this command Examples To set the DNS...

Страница 822: ...es is 2 DNS requests to an unresponsive server Mode Global Configuration Usage See the ip dns forwarding dead time command used with this command Examples To set the DNS forwarding retry count to 50 a...

Страница 823: ...no ip dns forwarding source interface Default The default is that no interface is set and the device selects the appropriate source IP address automatically Mode Global Configuration Examples To set v...

Страница 824: ...the default of 3 seconds Syntax ip dns forwarding timeout 0 3600 no ip dns forwarding timeout Default The default timeout value is 3 seconds Mode Global Configuration Examples To set the timeout value...

Страница 825: ...deletes a domain from the list Syntax ip domain list domain name no ip domain list domain name Mode Global Configuration Usage If there are no domains in the DNS list then your device uses the domain...

Страница 826: ...empt to resolve domain names You must use IP addresses to specify hosts in commands Syntax ip domain lookup no ip domain lookup Mode Global Configuration Usage The client is enabled by default However...

Страница 827: ...f there are no domains in the DNS list created using the ip domain list command then your device uses the domain specified with this command If any domain exists in the DNS list then the device does n...

Страница 828: ...r to forward requests to Name servers can be learned through the following means Manual configuration using the ip name server command Learned from DHCP server with Option 6 This command is used to st...

Страница 829: ...command For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show debugging ip dns forwarding Mode User E...

Страница 830: ...d output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show hosts Mode User Exec and Privileged Exec Example To display the default domain use the comman...

Страница 831: ...lay the DNS Relay status Syntax show ip dns forwarding Mode User Exec and Privileged Exec Examples To display the DNS Relay status use the command awplus show ip dns forwarding Output Figure 22 3 Exam...

Страница 832: ...rding cache Mode User Exec and Privileged Exec Example To display the DNS Relay name resolver cache use the command awplus show ip dns forwarding cache Output Figure 22 4 Example output from the show...

Страница 833: ...g server Mode User Exec and Privileged Exec Examples To display the status of DNS Relay name servers use the command awplus show ip dns forwarding server Output Figure 22 5 Example output from the sho...

Страница 834: ...when sending a DNS inquiry to a DNS server For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip...

Страница 835: ...complete hostnames when sending a DNS inquiry to a DNS server For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Gui...

Страница 836: ...he ip name server command For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip name server Mode U...

Страница 837: ...pv6 address autoconfig on page 842 ipv6 enable on page 844 ipv6 eui64 linklocal on page 846 ipv6 forwarding on page 847 ipv6 multicast forward slow path packet on page 848 ipv6 nd accept ra pinfo on p...

Страница 838: ...COMMANDS ipv6 opportunistic nd on page 863 ipv6 route on page 864 ipv6 unreachables on page 865 ping ipv6 on page 866 show ipv6 forwarding on page 867 show ipv6 interface brief on page 868 show ipv6...

Страница 839: ...lliedWare Plus Operating System Version 5 4 7 1 x IPV6 COMMANDS CLEAR IPV6 NEIGHBORS clear ipv6 neighbors Overview Use this command to clear all dynamic IPv6 neighbor entries Syntax clear ipv6 neighbo...

Страница 840: ...prefix length Mode Interface Configuration for a VLAN interface Usage Note that link local addresses are retained in the system until they are negated by using the no variant of the command that estab...

Страница 841: ...ddress 2001 0db8 a2 64 from the VLAN interface vlan2 use the following commands awplus configure terminal awplus config interface vlan2 awplus config if no ipv6 address 2001 0db8 a2 64 Related Command...

Страница 842: ...ration parameters for IPv6 hosts The SLAAC process derives the interface identifier of the IPv6 address from the MAC address of the interface When applying SLAAC to an interface note that the MAC addr...

Страница 843: ...V6 COMMANDS IPV6 ADDRESS AUTOCONFIG To disable SLAAC on the VLAN interface vlan2 use the following commands awplus configure terminal awplus config interface vlan2 awplus config if no ipv6 address aut...

Страница 844: ...on Routing does not forward packets with link local addresses IPv6 requires that a link local address is assigned to each interface that has the IPv6 protocol enabled and when addresses are assigned t...

Страница 845: ...dWare Plus Operating System Version 5 4 7 1 x IPV6 COMMANDS IPV6 ENABLE Related Commands ipv6 address ipv6 address autoconfig ipv6 address dhcp ipv6 address DHCPv6 PD ipv6 dhcp client pd ipv6 nd prefi...

Страница 846: ...cal address on an IPv6 enabled interface Syntax ipv6 eui64 linklocal no ipv6 eui64 linklocal Default The command ipv6 eui64 linklocal is enabled by default on any IPv6 enabled interface Mode Interface...

Страница 847: ...ulticast routing command before using PIM SMv6 commands Syntax ipv6 forwarding no ipv6 forwarding Mode Global Configuration Default IPv6 unicast forwarding is disabled by default Usage Enable IPv6 uni...

Страница 848: ...e smallest MTU among the outgoing interfaces for the multicast group It will also ensure that a received packet that is larger than the MTU value will result in the generation of an ICMP Too Big messa...

Страница 849: ...ed on an interface SLAAC is also enabled SLAAC addressing along with the EUI 64 process uses the prefix information included in a received RA to generate an automatic link local address on the IPv6 in...

Страница 850: ...s to use a stateless autoconfiguration mechanism to establish their IPv6 addresses The default is flag unset Use the no variant of this command to reset this command to its default of flag unset Synta...

Страница 851: ...r a VLAN interface is unset by default Mode Interface Configuration for a VLAN interface Examples To set the minimum RA interval for the VLAN interface vlan2 use the following commands awplus configur...

Страница 852: ...the ipv6 nd other config flag will also be set Use no variant of this command to reset the value to the default Syntax ipv6 nd other config flag no ipv6 nd other config flag Default Unset Mode Interf...

Страница 853: ...advertised by the router advertisement message The IPv6 address prefix uses the format X X prefix length The prefix length is usually set between 0 and 64 The default is X X 64 valid lifetime The the...

Страница 854: ...awplus config interface vlan4 awplus config if ipv6 nd prefix 2001 0db8 64 864000 432000 Thefollowing exampleconfiguresthedevice toissuerouteradvertisementsonthe VLAN interface vlan4 and advertises th...

Страница 855: ...Configuration for a VLAN interface Usage Advertisement flags will not be transmitted unless you have applied the ipv6 nd suppress ra command as shown in the example below Example To set the advertise...

Страница 856: ...ies the lifetime of the current router to be announced in IPv6 Router Advertisements Advertisement flags will not be transmitted unless you have applied the ipv6 nd suppress ra command This instructio...

Страница 857: ...d blocks RAs from untrusted hosts Blocking RAs stops untrusted hosts from flooding malicious RAs and stops any misconfigured hosts from disrupting traffic on the local network Enabling RA Guard on a p...

Страница 858: ...Ware Plus Operating System Version 5 4 7 1 x IPV6 COMMANDS IPV6 ND RAGUARD Output Exampleoutputfromusing showrunning configinterfaceport1 0 2toverify RA Guard Related Commands show running config inte...

Страница 859: ...nsmitted unless you have applied the ipv6 nd suppress ra command This instruction is included in the example shown below Example To set the reachable time in router advertisements on the VLAN interfac...

Страница 860: ...d Mode Interface Configuration for a VLAN interface Examples To set the retransmission time of Neighbor Solicitation on the VLAN interface vlan2 to be 800000 milliseconds enter the following commands...

Страница 861: ...iguration Use no parameter with this command to enable Router Advertisement transmission Syntax ipv6 nd suppress ra no ipv6 nd suppress ra Default Router Advertisement RA transmission is suppressed by...

Страница 862: ...a specific IPv6 neighbor entry To clear all dynamic address entries use the clear ipv6 neighbors command Example To create a static neighbor entry for IPv6 address 2001 0db8 a2 on vlan 4 MAC address...

Страница 863: ...figuration Usage When opportunistic neighbor discovery is enabled the device will reply to any received unsolicited ICMPv6 ND packets The source MAC address for the unsolicited ICMPv6 ND packet is add...

Страница 864: ...teway ip gateway name distvalue Mode Global Configuration Usage Administrative distance can be modified so static routes do not take priority over other routes Example awplus configure terminal awplus...

Страница 865: ...es to obtain information regarding the topology of a network Disabling destination unreachable messages using the no ipv6 unreachables command secures your network against this type of probing NOTE Di...

Страница 866: ...The number of data bytes to send excluding the 8 byte ICMP header The default is 56 64 ICMP data bytes interface interface list The interface or range of configured IP interfaces to use as the source...

Страница 867: ...IPV6 COMMANDS SHOW IPV6 FORWARDING show ipv6 forwarding Overview Use this command to display IPv6 forwarding status Syntax show ipv6 forwarding Mode User Exec and Privileged Exec Example awplus show i...

Страница 868: ...rted with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ipv6 interface brief Mode User Exec and Privileged Exec Examples awplus show ipv6 interface brief Output Figure 23 2 Exam...

Страница 869: ...V6 COMMANDS SHOW IPV6 NEIGHBORS show ipv6 neighbors Overview Use this command to display all IPv6 neighbors For information on filtering and saving command output see the Getting Started with AlliedWa...

Страница 870: ...ers turned on use the following command awplus show ipv6 route Parameter Description connected Displays only the routes learned from connected interfaces database Displays only the IPv6 routing inform...

Страница 871: ...Pv6 Routing Table Codes C connected S static R RIP O OSPF B BGP S 0 1 0 via 2001 a 0 0 c0a8 a6 vlan10 C 2001 db8 a 0 0 0 0 64 via vlan10 C 2001 db8 14 0 0 0 0 64 via vlan20 C 2001 db8 0 0 0 0 64 via v...

Страница 872: ...see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ipv6 route summary Mode User Exec and Privileged Exec Example To display IP route summary use the foll...

Страница 873: ...oute to the specified IPv6 host Syntax traceroute ipv6 ipv6 addr hostname Mode User Exec and Privileged Exec Example To run a traceroute for the IPv6 address 2001 0db8 a2 use the following command awp...

Страница 874: ...e common across the routing IP protocols For more information see the Route Selection Feature Overview and Configuration Guide Command List ip route on page 875 ipv6 route on page 877 max fib routes o...

Страница 875: ...tes Specify a Null interface to add a null or blackhole route to the switch A null or blackhole route is a routing table entry that does not forward packets so any packets sent to it are dropped Param...

Страница 876: ...available through the device at 10 10 0 2 with the default administrative distance use the commands awplus configure terminal awplus config no ip route 192 168 3 0 255 255 255 0 10 10 0 2 To specify a...

Страница 877: ...gateway ip gateway name distvalue Mode Global Configuration Usage Administrative distance can be modified so static routes do not take priority over other routes Example awplus configure terminal awpl...

Страница 878: ...mands awplus config terminal awplus config max fib routes 2000 75 Parameter Description max fib routes This is the maximum number of routes that can be stored in the device s Forwarding Information da...

Страница 879: ...aximum number of static routes to the default of 1000 static routes Syntax max static routes 1 1000 no max static routes Default The default number of static routes is the maximum number of static rou...

Страница 880: ...of this command sets the maximum paths to the default of 4 Syntax maximum paths 1 8 no maximum paths Default By default the maximum number of paths is 4 Mode Global Configuration Examples To set the m...

Страница 881: ...he OSPF routes in the FIB use the command awplus show ip route ospf Output Eachentry inthe outputfromthiscommandhasa codepreceding it indicating the source of the routing entry For example O indicates...

Страница 882: ...reachable via next hop 10 10 31 16 The outgoing local interface for this route is vlan2 This route was added 20 minutes and 54 seconds ago OSPF External Route The OSPF external route entry consists o...

Страница 883: ...613 50170 01 Rev B Command Reference for x510 Series 883 AlliedWare Plus Operating System Version 5 4 7 1 x ROUTING COMMANDS SHOW IP ROUTE Related Commands ip route maximum paths show ip route databas...

Страница 884: ...nly the routes learned from connected interfaces ospf Displays only the routes learned from OSPF rip Displays only the routes learned from RIP static Displays only the static routes you have configure...

Страница 885: ...C613 50170 01 Rev B Command Reference for x510 Series 885 AlliedWare Plus Operating System Version 5 4 7 1 x ROUTING COMMANDS SHOW IP ROUTE DATABASE Related Commands maximum paths show ip route...

Страница 886: ...t modifiertoken to save the output to a file use the output redirection token Syntax show ip route summary Mode User Exec and Privileged Exec Example To display a summary of the current RIB entries us...

Страница 887: ...eters turned on use the following command awplus show ipv6 route Parameter Description connected Displays only the routes learned from connected interfaces database Displays only the IPv6 routing info...

Страница 888: ...IPv6 Routing Table Codes C connected S static R RIP O OSPF B BGP S 0 1 0 via 2001 a 0 0 c0a8 a6 vlan10 C 2001 db8 a 0 0 0 0 64 via vlan10 C 2001 db8 14 0 0 0 0 64 via vlan20 C 2001 db8 0 0 0 0 64 via...

Страница 889: ...see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ipv6 route summary Mode User Exec and Privileged Exec Example To display IP route summary use the fol...

Страница 890: ...ehavior on page 894 cisco metric behavior RIP on page 896 clear ip rip route on page 897 debug rip on page 898 default information originate RIP on page 899 default metric RIP on page 900 distance RIP...

Страница 891: ...offset list RIP on page 925 passive interface RIP on page 926 recv buffer size RIP on page 927 redistribute RIP on page 928 restart rip graceful on page 929 rip restart grace period on page 930 route...

Страница 892: ...configure terminal awplus config key chain mychain awplus config keychain key 1 awplus config keychain key accept lifetime 03 03 01 Sep 3 2016 04 04 02 Oct 6 2016 Parameter Description start date Spe...

Страница 893: ...System Version 5 4 7 1 x RIP COMMANDS ACCEPT LIFETIME or awplus configure terminal awplus config key chain mychain awplus config keychain key 1 awplus config keychain key accept lifetime 03 03 01 3 S...

Страница 894: ...RIP being advertised does not match the subnetting used on the outgoing RIPv1 interface it will be filtered The alliedware behavior command returns your router s RIPv1 behavior to the AlliedWare forma...

Страница 895: ...vice to AlliedWare Plus like behavior when sending and receiving RIPv1 update messages enter the commands awplus configure terminal awplus config router rip awplus config router no alliedware behavior...

Страница 896: ...ehavior enable disable no cisco metric behavior Default By default the Cisco metric behavior is disabled Mode Router Configuration Examples To enable the routing metric update to behave as per the Cis...

Страница 897: ...ting table use the following command awplus clear ip rip route 10 0 0 0 8 Parameter Description ip dest network prefix length Removes entries which exactly match this destination address from RIP rout...

Страница 898: ...Mode Privileged Exec and Global Configuration Example The following example displays information about the RIP packets that are received and sent out from the device awplus debug rip packet Related Co...

Страница 899: ...re being redistributed the RIP protocol will advertise this default route irrespective of whether the default information originate command has been configured or not However if the router has not red...

Страница 900: ...1 Mode RIP Router Configuration Usage This command is used with the redistribute RIP command to make the routing protocol use the specified metric value for all redistributed routes regardless of the...

Страница 901: ...p addr prefix length access list Mode RIP Router Configuration Examples To set the administrative distance to 8 for the RIP routes within the 10 0 0 0 8 network that match the access list mylist use t...

Страница 902: ...ng access list or prefix list If you do not specify the name of the interface the filter will be applied to all interfaces Examples In this example the following commands are used to apply an access l...

Страница 903: ...update is configured the device advertises the full RIP route table in outgoing triggered updates including routes that have not changed This enables faster convergence times or allows inter operation...

Страница 904: ...d for single key authentication Use the ip rip authentication key chain command for multiple keys authentication See the RIP Feature Overview and Configuration Guide for illustrated RIP configuration...

Страница 905: ...config keychain key key string toyota awplus config keychain key accept lifetime 10 00 00 Oct 08 2016 duration 43200 awplus config keychain key send lifetime 10 00 00 Oct 08 2016 duration 43200 awplu...

Страница 906: ...ation string command for single key authentication Use the ip rip authentication key chain command for multiple keys authentication See the RIP Feature Overview and Configuration Guide for illustrated...

Страница 907: ...n for the given interface text or MD5 using the following commands awplus config if ip rip authentication mode md5 text Example 1 In the following example of a configuration for multiple keys authenti...

Страница 908: ...3 The following example specifies mykey as the authentication string with MD5 authentication for the VLAN interface vlan2 awplus configure terminal awplus config interface vlan2 awplus config if ip r...

Страница 909: ...configuring RIP see the RIP Feature Overview and Configuration Guide Use the following steps to configure a route to enable RIPv2 authentication using a single key or password 1 Define the authentica...

Страница 910: ...following example the VLAN interface vlan2 is configured to have an authentication string as guest Any received RIP packet in that interface should have the same string as password awplus configure t...

Страница 911: ...variant of this command to disable this feature Syntax ip rip receive packet no ip rip receive packet Default Receive packet is enabled Mode Interface Configuration for a VLAN interface Usage This co...

Страница 912: ...mmand applies to a specific VLAN interface and overrides any the version specified by the version RIP command RIP can be run in version 1 or version 2 mode Version 2 has more features than version 1 i...

Страница 913: ...variant of this command to disable this feature Syntax ip rip send packet no ip rip send packet Default Send packet is enabled Mode Interface Configuration for a VLAN interface Usage This command can...

Страница 914: ...ore features than version 1 in particular RIP version 2 supports authentication and classless routing Once the RIP version is set RIP packets of that version will be received and sent on all the RIP e...

Страница 915: ...to send RIP version 1 packets only awplus configure terminal awplus config interface vlan4 awplus config if ip rip send version 1 In the following example the VLAN interface vlan4 is configured to se...

Страница 916: ...e version RIP command RIP can be run in version 1 compatible mode Version 2 has more features than version 1 in particular RIP version 2 supports authentication and classless routing Once the RIP vers...

Страница 917: ...13 50170 01 Rev B Command Reference for x510 Series 917 AlliedWare Plus Operating System Version 5 4 7 1 x RIP COMMANDS IP RIP SEND VERSION 1 COMPATIBLE Related Commands ip rip send version version RI...

Страница 918: ...uding routes in updates sent to the same gateway from which they were learned Without the poisoned parameter using this command causes routes learned from a neighbor to be omitted from updates sent to...

Страница 919: ...o key keyid Mode Keychain Configuration Usage This command allows you to enter the keychain key mode where a password can be set for the key Example The following example configures a key number 1 and...

Страница 920: ...ys Syntax key chain key chain name no key chain key chain name Mode Global Configuration Usage This command allows you to enter the keychain mode from which you can specify keys on this key chain Exam...

Страница 921: ...mples In the following example the password for key1 in the key chain named mychain is set to password prime awplus configure terminal awplus config key chain mychain awplus config keychain key 1 awpl...

Страница 922: ...imiting of the number of RIP routes stored in the routing table Syntax maximum prefix maxprefix threshold no maximum prefix Mode Router Configuration Example To configure the maximum number of RIP rou...

Страница 923: ...and to exchange nonbroadcast routing information It can be used multiple times for additional neighbors The passive interface RIP command disables sending routing updates on an interface Use the neigh...

Страница 924: ...d network or VLANs will be automatically advertised in RIP updates RIP updates will be sent and received within the specified network or VLAN Example Use the following commands to activate RIP routing...

Страница 925: ...etworks match the access list the offset is applied to the metrics No change occurs if the offset value is zero Examples In this example the router examines the RIP updates being sent out from interfa...

Страница 926: ...e Use the no variant of this command to disable this function Syntax passive interface interface no passive interface interface Default Disabled Mode RIP Router Configuration Example Use the following...

Страница 927: ...fer size to the system default 196608 bits Syntax recv buffer size 8192 2147483647 no recv buffer size 8192 2147483647 Default 196608 bits is the system default when reset using the no variant of this...

Страница 928: ...de RIP Router Configuration Example To apply the metric value 15 to static routes being redistributed into RIP use the commands awplus configure terminal awplus config router rip awplus config router...

Страница 929: ...IP has performed a graceful shutdown Routes that have been installed into the route table by RIP are preserved until the specified grace period expires When a restart rip graceful command is issued th...

Страница 930: ...e default RIP grace period is 60 seconds Usage Use this command to enable the Graceful Restart feature on the RIP process Entering this command configures a grace period for RIP When a master failover...

Страница 931: ...gth Default No static RIP route is added by default Mode RIP Router Configuration Usage Use this command to add a static RIP route After adding the RIP route the route can be checked in the RIP routin...

Страница 932: ...ss Use the no variant of this command to disable the RIP routing process Syntax router rip no router rip Mode Global Configuration Example This command is used to begin the RIP routing process awplus...

Страница 933: ...onfig keychain key send lifetime 03 03 01 Jan 3 2016 04 04 02 Dec 6 2016 Parameter Description start date Specifies the start time and date in the format hh mm ss day month year or hh mm ss month day...

Страница 934: ...C613 50170 01 Rev B Command Reference for x510 Series 934 AlliedWare Plus Operating System Version 5 4 7 1 x RIP COMMANDS SEND LIFETIME Related Commands key key string key chain accept lifetime...

Страница 935: ...gging status for these debugging options nsmdebugging RIP eventdebugging RIP packet debugging and RIP nsm debugging For information on filtering and saving command output see the Getting Started with...

Страница 936: ...s show ip protocols rip Output Figure 25 1 Example output from the show ip protocols rip command Routing Protocol is rip Sending updates every 30 seconds with 50 next due in 12 seconds Timeout after 1...

Страница 937: ...Feature Overview and Configuration Guide Syntax show ip rip Mode User Exec and Privileged Exec Example awplus show ip rip Output Figure 25 2 Example output from the show ip rip command Related Command...

Страница 938: ...ut the RIP database For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip rip database full Mode U...

Страница 939: ...e Overview Use this command to display information about the RIP interfaces You can specify an interface name to display information about a specific interface Syntax show ip rip interface interface M...

Страница 940: ...specified by the garbage parameter expires the metric 16 route is finally removed from the routing table Until the garbage time expires the route is included in all updates sent by the router All the...

Страница 941: ...ts nsm packet Mode Privileged Exec Example To disable the options set for debugging RIP information events use the following command awplus undebug rip packet Related Commands debug rip Parameter Desc...

Страница 942: ...on will be received and sent on all the RIP enabled interfaces Setting the version command has no impact on receiving updates only on sending them The ip rip send version command overrides the value s...

Страница 943: ...es the encoding of the next hop for a set of routes For more information see the RIPng Feature Overview and Configuration Guide Command List aggregate address IPv6 RIPng on page 945 clear ipv6 rip rou...

Страница 944: ...sion 5 4 7 1 x RIPNG FOR IPV6 COMMANDS router ipv6 rip on page 961 show debugging ipv6 rip on page 962 show ipv6 protocols rip on page 963 show ipv6 rip on page 964 show ipv6 rip database on page 965...

Страница 945: ...ange covered by the aggregate route are retained in the RIPng database but are marked as suppressed routes The aggregate route will be advertised in RIPng updates and the component route will no longe...

Страница 946: ...us clear ipv6 rip route 2001 db8 32 Parameter Description ipv6 addr prefix length Specify the IPv6 Address in format X X X X Prefix Length The prefix length is a decimal integer between 1 and 128 Remo...

Страница 947: ...v detail send detail Default RIPng debugging is disabled by default Mode Privileged Exec and Global Configuration Example awplus debug ipv6 rip events awplus debug ipv6 rip packet send detail awplus d...

Страница 948: ...nformation originate IPv6 RIPng Overview Use this command to generate a default route into RIPng Use the no variant of this command to disable this feature Syntax default information originate no defa...

Страница 949: ...d metric value for all redistributed RIPng routes regardless of the original protocol that the route has been redistributed from Note this metric is not applied to routes that are brought into RIPng b...

Страница 950: ...Configuration Usage Filter out incoming or outgoing route updates using the access list or the prefix list If you do not specify the name of the interface the filter is applied to all the interfaces E...

Страница 951: ...route in the routing table Note this command only increments the metric for incoming routes on a specified interface Increasing the metric value for a VLAN interface increases the metric value of rou...

Страница 952: ...ands awplus configure terminal awplus config router ipv6 rip awplus config router exit awplus config interface vlan2 awplus config if ipv6 rip metric offset 1 To reset the metric offset on the VLAN in...

Страница 953: ...horizon command omits routes learned from one neighbor in updates sent to that neighbor Using the poisoned parameter with this command includes such routes in updates but sets their metrics to infinit...

Страница 954: ...t RIPng routing is disabled by default Mode Interface Configuration for a VLAN interface only Usage This command can only be configured on VLAN interfaces Examples To enable RIPng routing on the VLAN...

Страница 955: ...dditional neighbors The passive interface IPv6 RIPng command disables sending routing updates on an interface Use the neighbor command in conjunction with the passive interface IPv6 RIPng command to s...

Страница 956: ...metric When the networks match the access list the offset is applied to the metrics No change occurs if the offset value is zero Example In this example the router examines the RIPng updates being se...

Страница 957: ...this command to disable this function Syntax passive interface interface no passive interface interface Default Disabled Mode Router Configuration Examples To enable suppression of routing updates us...

Страница 958: ...set it back to the system default of 196608 bits Syntax recv buffer size 8192 2147483647 no recv buffer size 8192 2147483647 Default The RIPng UDP receive buffer size is 196608 bits by default and is...

Страница 959: ...Png metric value is set to 1 Mode Router Configuration Example To redistribute information from other routing protocols into RIPng use the following commands awplus configure terminal awplus config ro...

Страница 960: ...fix length Mode Router Configuration Usage Use this command to add a static RIPng route After adding the RIPng route the route can be checked in the RIPng routing table Example To configure static RIP...

Страница 961: ...e this global command to enter Router Configuration mode to enable a RIPng routing process Use the no variant of this command to disable the RIPng routing process Syntax router ipv6 rip no router ipv6...

Страница 962: ...options of nsm debugging RIPng eventdebugging RIPng packetdebugging and RIPng nsm debugging For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature...

Страница 963: ...tax show ipv6 protocols rip Mode User Exec and Privileged Exec Example To display RIPng process parameters and statistics use the following command awplus show ipv6 protocols rip Output awplus show ip...

Страница 964: ...ration Guide Syntax show ipv6 rip Mode User Exec and Privileged Exec Example To display RIPng routes use the following command awplus show ipv6 rip Output Related Commands show ipv6 rip database Codes...

Страница 965: ...Mode User Exec and Privileged Exec Example To display information about the RIPng database use the following command awplus show ipv6 rip database Output Related Commands show ipv6 rip Parameter Desc...

Страница 966: ...ide Syntax show ipv6 rip interface interface Mode User Exec and Privileged Exec Example To display RIPng interface information use the following command awplus show ipv6 rip interface Output Parameter...

Страница 967: ...mer is 120 seconds The no variant of this command restores the default RIPng routing timers Mode Router Configuration Example To adjust the RIPng routing network timers use the following commands awpl...

Страница 968: ...bugging options use the following command awplus undebug ipv6 rip events awplus undebug ipv6 rip all awplus undebug ipv6 rip packet send awplus undebug ipv6 rip packet recv detail Related Commands deb...

Страница 969: ...ost on page 972 area authentication on page 973 area filter list on page 974 area nssa on page 975 area range on page 977 area stub on page 979 area virtual link on page 980 auto cost reference bandwi...

Страница 970: ...all on page 1010 ip ospf hello interval on page 1011 ip ospf message digest key on page 1012 ip ospf mtu on page 1014 ip ospf mtu ignore on page 1015 ip ospf network on page 1016 ip ospf priority on...

Страница 971: ...1050 show ip ospf database opaque area on page 1052 show ip ospf database opaque as on page 1053 show ip ospf database opaque link on page 1054 show ip ospf database router on page 1055 show ip ospf d...

Страница 972: ...SSA or stub area Refer to the RFC 3101 for information on NSSA Example To set the default cost to 10 in area 1 for the OSPF instance 100 use the commands awplus configure terminal awplus config router...

Страница 973: ...the correct password may join the routing domain Give all routers that are to communicate with each other through OSPF the same authentication password Use the ip ospf authentication key command to sp...

Страница 974: ...gure filters to advertise summary routes use the following commands awplus configure terminal awplus config access list 1 deny 172 22 0 0 awplus config router ospf 100 awplus config router area 1 filt...

Страница 975: ...an NSSA not both The no variant of this command removes this designation Syntax area area id nssa default information originate metric no redistribution no summary translator role role no area area id...

Страница 976: ...g router area 0 0 0 51 nssa awplus config router area 3 nssa translator role candidate no redistribution default information originate metric 34 metric type 2 Related Commands area default cost role T...

Страница 977: ...s function and restores default behavior Syntax area area id range ip addr prefix length advertise not advertise no area area id range ip addr prefix length Default The area range is not configured by...

Страница 978: ...rsion 5 4 7 1 x OSPF COMMANDS AREA RANGE Ensure OSPF IPv4 routes exist in the area range for advertisement before using this command Example awplus configure terminal awplus config router ospf 100 awp...

Страница 979: ...the area default cost command The no variant of this command removes this definition Syntax area area id stub no summary no area area id stub no summary Mode Router Configuration Example awplus confi...

Страница 980: ...retransmit interval 1 3600 transmit delay 1 3600 no area area id virtual link ip addr authentication dead interval hello interval retransmit interval transmit delay Parameter Description area id The...

Страница 981: ...ansmissions The transmit delay is the time taken to transmit a link state update packet on the interface Before transmission the link state advertisements in the update packet are incremented by this...

Страница 982: ...0 01 Rev B Command Reference for x510 Series 982 AlliedWare Plus Operating System Version 5 4 7 1 x OSPF COMMANDS AREA VIRTUAL LINK Related Commands area authentication show ip ospf show ip ospf virtu...

Страница 983: ...ference bandwidth value to differentiate the costs on those links Cost is calculated by dividing the reference bandwidth Mbps by the layer 3 interface Switched Virtual Interface SVI Loopback or Ethern...

Страница 984: ...ger 1 Interface cost is 1 The auto cost reference bandwidth value should be consistent across all OSPF routers in the OSPF process Note that using the ip ospf cost command on a layer 3 interface will...

Страница 985: ...t VLAN Syntax bandwidth bandwidth setting no bandwidth Mode Interface Configuration for a VLAN interface Example To set the bandwidth on VLAN2 to be 1 Mbps use the following commands awplus configure...

Страница 986: ...lesopaque LSAs Opaque LSAs are Type9 10and11LSAs that deliver information used by external applications Use the no variant of this command to disable opaque LSAs Syntax capability opaque no capability...

Страница 987: ...ult this is enabled Use the no variant of this command to disable OSPF Graceful Restart and restart signaling features Syntax capability restart graceful signaling no capability restart Default Gracef...

Страница 988: ...rocess Overview This command clears and restarts the OSPF routing process Specify the Process ID to clear one particular OSPF process When no Process ID is specified this command clears all running OS...

Страница 989: ...metric of the component paths available RFC 2328 specifies a method for calculating metrics based on maximum cost It is possible that some ABRs in an area might conform to RFC 1583 and others support...

Страница 990: ...command disable OSPF debugging Use this command without parameters to disable all the options Syntax debug ospf events abr asbr lsa nssa os router vlink no debug ospf events abr asbr lsa nssa os rout...

Страница 991: ...and undebug variant of this command disable OSPF IFSM debugging Use this command without parameters to disable all the options Syntax debug ospf ifsm status events timers no debug ospf ifsm status ev...

Страница 992: ...refresh Mode Privileged Exec and Global Configuration Examples awplus undebug ospf lsa refresh Output Figure 27 1 Example output from the debug ospf lsa command Related Commands terminal monitor unde...

Страница 993: ...undebug variantof this commanddisableOSPF NFSMdebugging Use this command without parameters to disable all the options Syntax debug ospf nfsm events status timers no debug ospf nfsm events status time...

Страница 994: ...undebug variant of this command disable OSPF NSM debugging Use this command without parameters to disable both options Syntax debug ospf nsm interface redistribute no debug ospf nsm interface redistr...

Страница 995: ...est ls update recv send Mode Privileged Exec and Global Configuration Examples awplus debug ospf packet detail awplus debug ospf packet dd send detail awplus no debug ospf packet ls request recv detai...

Страница 996: ...route debugging Use this command without parameters to disable all options Syntax debug ospf route ase ia install spf no debug ospf route ase ia install spf Mode Privileged Exec and Global Configurati...

Страница 997: ...either Type 1 or 2 The default is Type 2 The no variant of this command disables this feature Syntax default information originate always metric metric metric type 1 2 route map route map no default...

Страница 998: ...facilitates redistributing routes even with incompatible metrics If the metrics do not convert the default metric provides an alternative and enables the redistribution to continue The effect of this...

Страница 999: ...ospf 1 255 Default The default OSPF administrative distance is 110 The default Administrative Distance for each type of route intra inter or external is 110 Mode Router Configuration Usage The admini...

Страница 1000: ...for intra area routes 40 for external routes use the commands awplus config router ospf 100 awplus config router distance ospf inter area 20 intra area 10 external 40 To set the administrative distanc...

Страница 1001: ...are being transferred For information about ACLs and route maps see the ACL Feature Overview and Configuration Guide and the Routemaps Feature Overview and Configuration Guide The no variant of this...

Страница 1002: ...distribution is configured and an out distribute list is also configured then routes that match deny entries in the distribute list will not be redistributed into OSPF Examples The following example s...

Страница 1003: ...s enabled the database exchange process is optimized by removing the LSA from the database summary list for the neighbor if the LSA instance in the database summary list is the same as or less recent...

Страница 1004: ...st ip address area area id cost 0 65535 no host ip address area area id cost 0 65535 Default By default no host entry is configured Mode Router Configuration Example awplus configure terminal awplus c...

Страница 1005: ...uthentication Mode Interface Configuration for a VLAN interface Usage Use the ip ospf authentication command to specify a Simple Text password Use the ip ospf message digest key command to specify MD5...

Страница 1006: ...twork with the same password exchange OSPF routing data The key can be used only when authentication is enabled for an area Use the area authentication command to enable authentication Simple password...

Страница 1007: ...the cost value calculated automatically with the auto cost reference bandwidth feature The interface cost indicates the overhead required to send packets across a certain VLAN interface This cost is...

Страница 1008: ...terface Mode Interface Configuration for a VLAN interface Usage OSPF floods new LSAs over all interfaces in an area except the interface on which the LSA arrives This redundancy ensures robust floodin...

Страница 1009: ...e no variant of this command returns the interval to the default of 40 seconds If you have configured this command specifying the IP address of the interface and want to remove the configuration speci...

Страница 1010: ...ssing on a VLAN interface It overrides the network area command and disables the processing of packets on the specific interface Use the no variant of this command to restore OSPF packet processing on...

Страница 1011: ...traffic The no variant of this command returns the interval to the default of 10 seconds Syntax ip ospf ip address hello interval 1 65535 no ip ospf ip address hello interval Default The default inte...

Страница 1012: ...duplicate one copy of the packet will be transmitted for each of the current keys This is helpful for administrators who want to change the OSPF password without disrupting communication The system b...

Страница 1013: ...config if ip ospf authentication message digest awplus config if ip ospf message digest key 1 md5 yourpass The following example shows configuring OSPF authentication on the VLAN interface vlan2 for t...

Страница 1014: ...of this command to return the MTU size to the default Syntax ip ospf mtu 576 65535 no ip ospf mtu Default By default OSPF uses interface MTU derived from the VLAN interface Mode Interface Configurati...

Страница 1015: ...e no ip ospf ip address mtu ignore Mode Interface Configuration for a VLAN interface Usage By default during the DD exchange process OSPF checks the MTU size described in the DD packets received from...

Страница 1016: ...t OSPF network type for a VLAN interface Mode Interface Configuration for a VLAN interface Usage This command forces the interface network type to the specified type Depending on the network type OSPF...

Страница 1017: ...OSPF Designated Router DR for a network If two routers attempt to become the DR the router with the higher router priority becomes the DR If the router priority is the same for two routers the router...

Страница 1018: ...eighbor Use the no variant of this command to return to the default Syntax ip ospf ip address resync timeout 1 65535 no ip ospf ip address resync timeout Mode Interface Configuration for a VLAN interf...

Страница 1019: ...uration for a VLAN interface Usage After sending an LSA to a neighbor the router keeps the LSA until it receives an acknowledgment In case the router does not receive an acknowledgment during the set...

Страница 1020: ...terface Configuration for a VLAN interface Usage The transmit delay value adds a specified time to the age field of an update If the delay is not added the time in which the LSA transmits over the lin...

Страница 1021: ...rent dd 1 65535 no max concurrent dd Mode Router Configuration Usage This command is useful when a router s performance is affected from simultaneously bringing up several OSPF adjacencies This comman...

Страница 1022: ...the maximum number of OSPF areas is 4294967294 Mode Router Configuration Usage Use this command in router OSPF mode to specify the maximum number of OSPF areas Examples The following example sets the...

Страница 1023: ...s the reduced rate at which routers continue to send hello packets when a neighboring router has become inactive Setthe poll interval to be much larger than hello interval Examples This example shows...

Страница 1024: ...ork bits and consecutive 1 s as host bits Examples The following commands show the use of the network area command with OSPF multiple instance support disabled awplus configure terminal awplus config...

Страница 1025: ...AlliedWare Plus Operating System Version 5 4 7 1 x OSPF COMMANDS NETWORK AREA The following commands disable OSPF routing with Area ID 3 on all interfaces awplus configure terminal awplus config route...

Страница 1026: ...BR Type By this definition a router is considered an ABR if it has more than one area actively attached and one of them is the backbone area IBM ABR Type By this definition a router is considered an A...

Страница 1027: ...running config The restart grace period is not displayed in the running config if it has been reset to the default using the no variant of this command When a master failover happens on a VCStack the...

Страница 1028: ...the OSPF restart helper while the no ospf restart helper max grace period command resets the max grace period rather than the helper policy itself Example awplus configure terminal awplus config ospf...

Страница 1029: ...50170 01 Rev B Command Reference for x510 Series 1029 AlliedWare Plus Operating System Version 5 4 7 1 x OSPF COMMANDS OSPF RESTART HELPER Related Commands ospf restart grace period restart ospf grac...

Страница 1030: ...dress no ospf router id Mode Router Configuration Usage Configure each router with a unique router id In an OSPF router process that has active neighbors a new router id takes effect at the next reloa...

Страница 1031: ...ard with this command if a shutdown is required if the number of LSAs exceeds the specified number Use soft with this command if a shutdown is not required but a warning message is required if the num...

Страница 1032: ...SAs a router can receive once it is in the wait state It takes the number of seconds specified as the recover time to recover from this state Example The following example shows setting the maximum nu...

Страница 1033: ...address no passive interface interface ip address Mode Router Configuration Usage Configure an interface to be passive if you wish its connected route to be treated as an OSPF route rather than an AS...

Страница 1034: ...m other routing protocols into the OSPF domain to generate AS external LSAs If a route map is configured by this command then that route map is used to control which routes are redistributed and can s...

Страница 1035: ...lus config route map rmap2 permit 3 awplus config route map match interface vlan1 awplus config route map set metric type 1 awplus config route map exit awplus config router ospf 100 awplus config rou...

Страница 1036: ...utes installed by OSPF are preserved until the grace period expires When a restart ospf graceful command is issued the OSPF configuration is reloaded from the last saved configuration Ensure you first...

Страница 1037: ...ommand then all OSPF routing processes are terminated and all OSPF configuration is removed Syntax router ospf process id no router ospf process id Default No routing process is defined by default Mod...

Страница 1038: ...outer id ip address no router id Mode Router Configuration Usage Configure each router with a unique router id In an OSPF router process that has active neighbors a new router id is used at the next r...

Страница 1039: ...are currently enabled For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show debugging ospf Mode User...

Страница 1040: ...ow ip ospf 100 Parameter Description process id 0 65535 The ID of the router process for which information will be displayed If this parameter is included only the information for the specified routin...

Страница 1041: ...SPF algorithm executed 0 times Number of LSA 0 Checksum 0x000000 Table 1 Example output from the show ip ospf command cont Table 2 Example output from the show ip ospf process id command Routing Proce...

Страница 1042: ...icence Route Limit The maximum number of OSPF routes which may be used for forwarding Allocate d The current total number of OSPF routes allocated in the OSPF module Visible The current number of OSPF...

Страница 1043: ...mand output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip ospf border routers show ip ospf process id border routers Mode User Exec and Privilege...

Страница 1044: ...and awplus show ip ospf 721 border routers Output Figure 27 4 Example output from the show ip ospf database command Parameter Description process id 0 65535 The ID of the router process for which info...

Страница 1045: ...output from the show ip ospf database self originate command OSPF Router process 100 with ID 10 10 11 50 Router Link States Area 0 0 0 1 NSSA Link ID ADV Router Age Seq CkSum Link count 10 10 11 50 10...

Страница 1046: ...ted with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip ospf database asbr summary ip addr self originate advrouter Mode User Exec and Privileged Exec Examples awplus show ip...

Страница 1047: ...how ip ospf database external 1 2 3 4 adv router 2 3 4 5 Output Figure 27 6 Example output from the show ip ospf database external self originate command Parameter Description adv router Displays all...

Страница 1048: ...tabase external adv router command awplus show ip ospf database external adv router 1 1 1 1 AS External Link States LS age 273 Options 0x2 E LS Type AS external LSA Link State ID 172 16 0 0 External N...

Страница 1049: ...originate awplus show ip ospf database network 1 2 3 4 adv router 2 3 4 5 Output Figure 27 8 Example output from the show ip ospf database network command Parameter Description adv router id The rout...

Страница 1050: ...database nssa external self originate awplus show ip ospf database nssa external 1 2 3 4 adv router 2 3 4 5 Output Figure 27 9 Example output from the show ip ospf database nssa external adv router c...

Страница 1051: ...Link States Area 0 0 0 0 NSSA external Link States Area 0 0 0 1 NSSA LS age 78 Options 0x0 LS Type AS NSSA LSA Link State ID 0 0 0 0 External Network Number For NSSA Advertising Router 10 10 11 50 LS...

Страница 1052: ...and Privileged Exec Examples awplus show ip ospf database opaque area 1 2 3 4 self originate awplus show ip ospf database opaque area self originate awplus show ip ospf database opaque area 1 2 3 4 ad...

Страница 1053: ...xec and Privileged Exec Examples awplus show ip ospf database opaque as 1 2 3 4 self originate awplus show ip ospf database opaque as self originate awplus show ip ospf database opaque as 1 2 3 4 adv...

Страница 1054: ...us show ip ospf database opaque link 1 2 3 4 self originate awplus show ip ospf database opaque link self originate awplus show ip ospf database opaque link 1 2 3 4 adv router 2 3 4 5 Output Figure 27...

Страница 1055: ...nate awplus show ip ospf database router 1 2 3 4 adv router 2 3 4 5 Output Figure 27 13 Example output from the show ip ospf database router command Parameter Description adv router Displays all the L...

Страница 1056: ...Link States Area 0 0 0 1 LS age 877 Options 0x2 E Flags 0x3 ABR ASBR LS Type router LSA Link State ID 10 10 11 50 Advertising Router 10 10 11 50 LS Seq Number 80000003 Checksum 0xee93 Length 36 Number...

Страница 1057: ...ary 1 2 3 4 self originate awplus show ip ospf database summary self originate awplus show ip ospf database summary 1 2 3 4 adv router 2 3 4 5 Output Figure 27 14 Example output from the show ip ospf...

Страница 1058: ...twork Number Advertising Router 10 10 11 50 LS Seq Number 80000001 Checksum 0x36ac Length 28 Network Mask 24 TOS 0 Metric 10 Summary Link States Area 0 0 0 1 LS age 1061 Options 0x2 E LS Type summary...

Страница 1059: ...10 11 50 Summary Link States Area 0 0 0 0 LS age 989 Options 0x2 E LS Type summary LSA Link State ID 10 10 11 0 summary Network Number Advertising Router 10 10 11 50 LS Seq Number 80000001 Checksum 0...

Страница 1060: ...17 Example output from the show ip ospf interface command Parameter Description interface name The VLAN name for example vlan3 vlan2 is up line protocol is up Internet Address 1 1 1 1 24 Area 0 0 0 0...

Страница 1061: ...0 10 10 50 detail all Output Note that before a device enters OSPF Graceful Restart it first informs its OSPF neighbors In the show output the symbol beside the Dead Time parameter indicates that the...

Страница 1062: ...n 00 00 38 Neighbor is up for 00 53 07 Database Summary List 0 Link State Request List 0 Link State Retransmission List 0 Crypt Sequence Number is 0 Thread Inactivity Timer on Thread Database Descript...

Страница 1063: ...p ospf route Output Figure 27 21 Example output from the show ip ospf route command for a specific process Parameter Description ospf id 0 65535 The ID of the router process for which information will...

Страница 1064: ...xec Examples To display virtual link information use the command awplus show ip ospf virtual links Output Figure 27 22 Example output from the show ip ospf virtual links command Virtual Link VLINK0 to...

Страница 1065: ...Mode User Exec and Privileged Exec Examples To display OSPF process parameters and statistics use the command awplus show ip protocols ospf Output Figure 27 23 Example output from the show ip protocol...

Страница 1066: ...ach route individually in an external LSA Use the summary address command to advertise one summary route for all redistributed routes covered by a specified network address and mask This helps decreas...

Страница 1067: ...the calculation of the Shortest Path First SPF Examples To set the minimum delay time to 5 milliseconds and maximum delay time to 10 milliseconds use the commands awplus configure terminal awplus con...

Страница 1068: ...and Reference for x510 Series 1068 AlliedWare Plus Operating System Version 5 4 7 1 x OSPF COMMANDS UNDEBUG OSPF EVENTS undebug ospf events Overview This command applies the functionality of the no de...

Страница 1069: ...ommand Reference for x510 Series 1069 AlliedWare Plus Operating System Version 5 4 7 1 x OSPF COMMANDS UNDEBUG OSPF IFSM undebug ospf ifsm Overview This command applies the functionality of the no deb...

Страница 1070: ...Command Reference for x510 Series 1070 AlliedWare Plus Operating System Version 5 4 7 1 x OSPF COMMANDS UNDEBUG OSPF LSA undebug ospf lsa Overview This command applies the functionality of the no deb...

Страница 1071: ...ommand Reference for x510 Series 1071 AlliedWare Plus Operating System Version 5 4 7 1 x OSPF COMMANDS UNDEBUG OSPF NFSM undebug ospf nfsm Overview This command applies the functionality of the no deb...

Страница 1072: ...Command Reference for x510 Series 1072 AlliedWare Plus Operating System Version 5 4 7 1 x OSPF COMMANDS UNDEBUG OSPF NSM undebug ospf nsm Overview This command applies the functionality of the no deb...

Страница 1073: ...and Reference for x510 Series 1073 AlliedWare Plus Operating System Version 5 4 7 1 x OSPF COMMANDS UNDEBUG OSPF PACKET undebug ospf packet Overview This command applies the functionality of the no de...

Страница 1074: ...mmand Reference for x510 Series 1074 AlliedWare Plus Operating System Version 5 4 7 1 x OSPF COMMANDS UNDEBUG OSPF ROUTE undebug ospf route Overview This command applies the functionality of the no de...

Страница 1075: ...on page 1081 area encryption ipsec spi esp on page 1082 area range IPv6 OSPF on page 1085 area stub IPv6 OSPF on page 1087 area virtual link IPv6 OSPF on page 1088 area virtual link authentication ip...

Страница 1076: ...age 1125 ipv6 router ospf area on page 1126 max concurrent dd IPv6 OSPF on page 1128 passive interface IPv6 OSPF on page 1129 redistribute IPv6 OSPF on page 1130 restart ipv6 ospf graceful on page 113...

Страница 1077: ...inks on page 1159 summary address IPv6 OSPF on page 1160 timers spf IPv6 OSPF deprecated on page 1162 timers spf exp IPv6 OSPF on page 1163 undebug ipv6 ospf events on page 1164 undebug ipv6 ospf ifsm...

Страница 1078: ...ter is considered an ABR if it has more than one area actively attached and one of them is the backbone area IBM ABR Type By this definition a router is considered an ABR if it has more than one area...

Страница 1079: ...link interfaces Use the sha1 keyword to choose SHA 1 authentication instead of entering the md5 keyword to use MD5 authentication The SHA 1 algorithm is more secure than the MD5 algorithm SHA 1 uses...

Страница 1080: ...partofarea authentication not being authenticated So neighbors time out Example To enable MD5 authentication with a 32 hexadecimal character key for OPSPF area 1 use the commands awplus configure term...

Страница 1081: ...area border router that is attached to the stub area Example To set the default cost to 10 in area 1 for the OSPF process P2 use the commands awplus configure terminal awplus config router ipv6 ospf...

Страница 1082: ...decimal format Use one of the following formats ip addr OSPF area ID expressed in IPv4 address format A B C D 0 4294967295 OSPF area ID expressed as a decimal number within the range shown For exampl...

Страница 1083: ...authentication See the OSPFv3 Feature Overview and Configuration Guide for more information and examples NOTE You can configure an encryption security policy SPI on an OSPFv3 area with this command o...

Страница 1084: ...e ESP encryption with a 32 hexadecimal character AES CBC key and a 40 hexadecimal character SHA 1 authentication key for OPSPF area 1 use the commands awplus configure terminal awplus config router ip...

Страница 1085: ...estores default behavior Syntax area area id range ipv6address prefix length advertise not advertise no area area id range ipv6address prefix length Default The area range is not configured by default...

Страница 1086: ...ating System Version 5 4 7 1 x OSPFV3 FOR IPV6 COMMANDS AREA RANGE IPV6 OSPF Ensure OSPFv3 IPv6 routes exist in the area range for advertisement before using this command Example awplus configure term...

Страница 1087: ...all routers attached to the stub area configure the area by using the area stub command For an area border router ABR attached to the stub area also use the area default cost command Example awplus c...

Страница 1088: ...rval retransmit interval transmit delay Parameter Description area id The area ID of the transit area that the virtual link passes through This can be entered in either dotted decimal format or normal...

Страница 1089: ...erdetectingtopologicalchanges faster but also an increase in the routing traffic The retransmit interval is the expected round trip delay between any two routersin anetwork Setthevaluetobegreaterthant...

Страница 1090: ...ter Description area id The OSPF area that you are specifying the summary route default cost for This can be entered in either dotted decimal format or normal decimal format Use one of the following f...

Страница 1091: ...OSPFv3 Feature Overview and Configuration Guide for more information and examples Example To enable MD5 authentication with a 32 hexadecimal character key for virtual links in OPSPF area 1 use the com...

Страница 1092: ...ormat or normal decimal format Use one of the following formats ip addr OSPF area ID expressed in IPv4 address format A B C D 0 4294967295 OSPF area ID expressed as a decimal number within the range s...

Страница 1093: ...nfiguration If an interface configuration is removed then an area configuration is applied to an interface instead Use the sha1 keyword to choose SHA 1 authentication instead of entering the md5 keywo...

Страница 1094: ...outer ipv6 ospf awplus config router area 1 virtual link 10 0 0 1 encryption ipsec spi 1000 esp aes cbc 1234567890ABCDEF1234567890ABCDEF sha1 1234567890ABCDEF1234567890ABCDEF12345678 To enable ESP enc...

Страница 1095: ...fy a larger reference bandwidth value to differentiate the costs on those links Cost is calculated by dividing the reference bandwidth Mbps by the layer 3 interface Switched Virtual Interface SVI Loop...

Страница 1096: ...st integer 1 Interface cost is 1 The auto cost reference bandwidth value should be consistent across all OSPF routers in the OSPF process Note that using the ipv6 ospf cost command on a layer 3 interf...

Страница 1097: ...in that VLAN Syntax bandwidth bandwidth setting no bandwidth Mode Interface Configuration for a VLAN interface Example To set the bandwidth on VLAN2 to be 1 Mbps use the following commands awplus conf...

Страница 1098: ...f process Overview This command clears and restarts the IPv6 OSPF routing process Specify the Process ID to clear one particular OSPF process When no Process ID is specified this command clears all ru...

Страница 1099: ...g variants of this command disable OSPF debugging Using this command with no parameters entered will disable debugging for all parameter options Syntax debug ipv6 ospf events abr asbr os router vlink...

Страница 1100: ...nts of this command disable IPv6 OSPF IFSM debugging Use these commands without parameters to disable all the options Syntax debug ipv6 ospf ifsm events status timers no debug ipv6 ospf ifsm events st...

Страница 1101: ...iants of this command disable IPv6 OSPF LSA debugging Use this command without parameters to disable all the options Syntax debug ipv6 ospf lsa flooding generate install maxage refresh no debug ipv6 o...

Страница 1102: ...ariants of this command disable IPv6 OSPF NFSM debugging Use this command without parameters to disable all the options Syntax debug ipv6 ospf nfsm events status timers no debug ipv6 ospf nfsm events...

Страница 1103: ...v6 ospf packet dd detail hello ls ack ls request ls update recv send Mode Privileged Exec and Global Configuration Examples To enable debugging for hello packets use the following command awplus debug...

Страница 1104: ...ut parameters to disable all options Syntax debug ipv6 ospf route ase ia install spf no debug ipv6 ospf route ase ia install spf Mode Privileged Exec and Global Configuration Examples To enable IPv6 r...

Страница 1105: ...uld be either Type 1 or 2 The default is Type 2 The no variant of this command disables this feature Syntax default information originate always metric metric metric type 1 2 route map route map no de...

Страница 1106: ...age A default metric facilitates redistributing routes even with incompatible metrics If the metrics do not convert the default metric provides an alternative and enables theredistributionto continue...

Страница 1107: ...area 1 254 no distance ospfv3 1 254 Default The default OSPFv3 administrative distance is 110 The default Administrative Distance for each type of route intra inter or external is 110 Mode Router Conf...

Страница 1108: ...ea routes 10 for intra area routes 40 for external routes use the commands awplus config router ipv6 ospf 100 awplus config router distance ospfv3 inter area 20 intra area 10 external 40 To set the ad...

Страница 1109: ...d applies filtering to the transfer of routing information between OSPFv3 and the IPv6 route table You can apply filtering in either direction from OSPFv3 to the IPv6 route table using an in distribut...

Страница 1110: ...deny entries in the distribute list will not be redistributed into OSPFv3 Example Thebelowcommandsredistributeincomingroute updatesfromnetworksdefined with the standard named access list called myacl...

Страница 1111: ...ord to choose SHA 1 authentication instead of entering the md5 keyword to use MD5 authentication The SHA 1 algorithm is more secure than the MD5 algorithm SHA 1 uses a 40 hexadecimal character key ins...

Страница 1112: ...v3 area ThisisduetoOSPFv3hellomessagesingressingVLANinterfaces whicharepartofarea authentication not being authenticated So neighbors time out Example To enable MD5 authentication with a 32 hexadecima...

Страница 1113: ...packets out the interface Using this command overrides the cost value calculated automatically with the auto cost reference bandwidth IPv6 OSPF feature The link state metric cost is stated in the Rout...

Страница 1114: ...s hello packets It must be a multiple of the hello interval and be the same for all routers on a specific network The no variant of this command returns the interval to the default of 40 seconds Synta...

Страница 1115: ...line Overview Use this command to change the result of the show ipv6 route command to display each route entry on a single line Syntax ipv6 ospf display route single line no ipv6 ospf display route si...

Страница 1116: ...value on all interfaces that connect to the same link SPI values are used by link interfaces Use a different SPI value for a different link interface when using OSPFv3 with link interfaces Parameter...

Страница 1117: ...gure an encryption security policy SPI on a VLAN interface with this command or an OSPFv3 area with the area encryption ipsec spi esp command When you configure encryption for an area the security pol...

Страница 1118: ...ecimal character key and SHA 1 authentication with a 40 hexadecimal character key for interface VLAN 2 use the commands awplus configure terminal awplus config interface vlan2 awplus config if ipv6 os...

Страница 1119: ...ical changes but results in more routing traffic The no variant of this command returns the interval to the default of 10 seconds Syntax ipv6 ospf hello interval 1 65535 no ipv6 ospf hello interval De...

Страница 1120: ...e neighbor s primary IPv6 address on the interface where that neighbor connects to the NBMA network The poll interval is the reduced rate at which routers continue to send hello packets when a neighbo...

Страница 1121: ...NEIGHBOR Examples This example shows a neighbor configured with a priority value poll interval time and cost awplus configure terminal awplus config interface eth1 awplus config if ipv6 ospf neighbor...

Страница 1122: ...broadcast OSPF network type for a VLAN interface Mode Interface Configuration for a VLAN interface Usage This command forces the interface network type to the specified type Depending on the network t...

Страница 1123: ...e OSPF Designated Router DR for a link If two routers attempt to become the DR the router with the higher router priority becomes the DR If the router priority is the same for two routers the router w...

Страница 1124: ...de Interface Configuration for a VLAN interface Usage After sending an LSA to a neighbor the router keeps the LSA until it receives an acknowledgment In case the router does not receive an acknowledgm...

Страница 1125: ...1 second Mode Interface Configuration for a VLAN interface Usage The transmit delay value adds a specified time to the age field of an update If the delay is not added the time in which the LSA trans...

Страница 1126: ...ure Overview and Configuration Guide for more information and examples Examples The following commands enable IPv6 OSPF on VLAN interface vlan2 OSPF area 1 tag PT2 and instance 2 awplus configure term...

Страница 1127: ...Plus Operating System Version 5 4 7 1 x OSPFV3 FOR IPV6 COMMANDS IPV6 ROUTER OSPF AREA The following commands disable IPv6 OSPF on VLAN interface vlan2 and OSPF area 1 awplus configure terminal awplu...

Страница 1128: ...m number of LSAs Syntax max concurrent dd max neighbors no max concurrent dd Mode Router Configuration Usage This command is useful where bringing up several adjacencies on a router is affecting perfo...

Страница 1129: ...guration Usage Configure an interface to be passive if you wish its connected route to be treated as an OSPF route rather than an AS external route but do not wish to actually exchange any OSPF packet...

Страница 1130: ...l which routes are redistributed and can set metric and tag values on particular routes The metric metric type and tag values specified on this command are applied to any redistributed routes that are...

Страница 1131: ...SPFV3 FOR IPV6 COMMANDS REDISTRIBUTE IPV6 OSPF Example The following example shows the redistribution of RIP routes into the IPv6 OSPF routing table with a metric of 10 and a metric type of 1 awplus c...

Страница 1132: ...F grace period is 120 seconds Mode Privileged Exec Usage After this command is executed the OSPFv3 process immediately shuts down It notifies the system that OSPF has performed a graceful shutdown Rou...

Страница 1133: ...and LSAs issued from each process will appear as if coming from a separate physical router To a large extent the requirement for multiple processes has been replaced by the ability within IPv6 OSPF of...

Страница 1134: ...ter id router id no router id Mode Router Configuration Usage Configure each router with a unique router id In an IPv6 OSPF router process that has active neighbors a new router id takes effect at the...

Страница 1135: ...command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show debugging ipv6 ospf Mode User Exec and Privileged Exec Example awplus show debugging ip...

Страница 1136: ...es For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ipv6 ospf show ipv6 ospf process id Mode Use...

Страница 1137: ...nternal 0 Route Licence Breach Current 0 Watermark 0 Process uptime is 6 minutes Current grace period is 120 secs default SPF schedule delay min 0 500 secs SPF schedule delay max 50 0 secs Minimum LSA...

Страница 1138: ...uter adv router id Mode User Exec and Privileged Exec Example To display the database summary for IPv6 OSPF information on process P10 use the command awplus show ipv6 ospf P10 database Output Figure...

Страница 1139: ...0 1 2 979 0x800000d8 0xad2b 1 0 0 0 0 0 0 1 3 1005 0x800000cf 0xefed 1 Network LSA Area 0 0 0 0 Link State ID ADV Router Age Seq CkSum 0 0 0 202 0 0 1 2 1764 0x800000c2 0x94c3 0 0 0 203 0 0 1 3 1010 0...

Страница 1140: ...information about the external LSAs use the following command awplus show ipv6 ospf database external adv router 10 10 10 1 Output Figure 28 4 Example output from the show ipv6 ospf database external...

Страница 1141: ...nformation about the grace LSAs use the following command awplus show ipv6 ospf database grace adv router 10 10 10 1 Output Figure 28 5 Example output from the show ipv6 ospf database grace command Pa...

Страница 1142: ...lay information about the inter prefix LSAs use the following command awplus show ipv6 ospf database external adv router 10 10 10 1 Output Figure 28 6 Example output from the show ipv6 ospf database i...

Страница 1143: ...y information about the inter router LSAs use the following command awplus show ipv6 ospf database inter router adv router 10 10 10 1 Output Figure 28 7 Example output from the show ipv6 ospf database...

Страница 1144: ...y information about the intra prefix LSAs use the following command awplus show ipv6 ospf database intra prefix adv router 10 10 10 1 Output Figure 28 8 Example output from the show ipv6 ospf database...

Страница 1145: ...formation about the link LSAs use the following command awplus show ipv6 ospf database link adv router 10 10 10 1 Output Figure 28 9 Example output from the show ipv6 ospf database link command Parame...

Страница 1146: ...Exec and Privileged Exec Examples To display information about the OSPFv3 network LSAs use the following command awplus show ipv6 ospf database network Output Figure 28 10 Example output from the sho...

Страница 1147: ...ystem Version 5 4 7 1 x OSPFV3 FOR IPV6 COMMANDS SHOW IPV6 OSPF DATABASE NETWORK LS age 1144 LS Type Network LSA Link State ID 0 0 0 203 Advertising Router 0 0 1 3 LS Seq Number 0x800000C4 Checksum 0x...

Страница 1148: ...v router id Mode User Exec and Privileged Exec Examples To display information about the OSPFv3 router LSAs use the following command awplus show ipv6 ospf database router Output Figure 28 11 Example...

Страница 1149: ...LS Type Router LSA Link State ID 0 0 0 0 Advertising Router 0 0 1 2 LS Seq Number 0x800000D5 Checksum 0xB328 Length 40 Flags 0x00 Options 0x000013 R E V6 Link connected to a Transit Network Metric 1 I...

Страница 1150: ...0 0 1 1 LS Seq Number 0x80000009 Checksum 0xD696 Length 52 Metric Type 2 Larger than any link state path Metric 20 Prefix 2011 2222 64 Prefix Options 0 Forwarding Address 2003 1111 1 LS age 1384 LS Ty...

Страница 1151: ...0 0 1 1 LS Seq Number 0x8000000C Checksum 0xD295 Length 52 Metric Type 2 Larger than any link state path Metric 20 Prefix 2012 2222 64 Prefix Options 0 Forwarding Address 2003 1111 1 LS age 1087 LS Ty...

Страница 1152: ...FV3 FOR IPV6 COMMANDS SHOW IPV6 OSPF DATABASE ROUTER LS age 1087 LS Type AS External LSA Link State ID 0 0 0 18 Advertising Router 0 0 1 1 LS Seq Number 0x8000000C Checksum 0xD889 Length 52 Metric Typ...

Страница 1153: ...rom the show ipv6 ospf interface command showing OSPFv3 Authentication configuration information highlighted in bold Parameter Description interface name An alphanumeric string that is the interface n...

Страница 1154: ...ospf interface vlan3 vlan3 is up line protocol is up Interface ID 203 IPv6 Prefixes fe80 200 cdff fe24 daae 64 Link Local Address 2003 1111 2 64 OSPFv3 Process P1 Area 0 0 0 0 Instance ID 0 Router ID...

Страница 1155: ...nfiguration Guide Syntax show ipv6 ospf process id neighbor neighbor id show ipv6 ospf process id neighbor detail show ipv6 ospf process id neighbor interface detail Mode User Exec and Privileged Exec...

Страница 1156: ...om show ipv6 ospf neighbor detail awplus show ipv6 ospf neighbor detail Neighbor 0 0 1 2 interface address fe80 215 77ff fec9 7472 In the area 0 0 0 0 via interface vlan2 Neighbor priority is 1 State...

Страница 1157: ...y the OSPF routing table for specified processes For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax sho...

Страница 1158: ...1 E2 OSPF external type 2 Destination Metric Next hop O 2002 1111 64 2 via fe80 200 cdff fe24 daae vlan3 Area 0 0 0 0 C 2003 1111 64 1 directly connected vlan3 Area 0 0 0 0 O 2004 1111 64 3 via fe80 2...

Страница 1159: ...Overview and Configuration Guide for more information and examples Examples To display virtual link information use the command awplus show ipv6 ospf virtual links Output Figure 28 17 Example output f...

Страница 1160: ...3 requires the router to advertise each route individually in an external LSA Use this command to advertise one summary route for all redistributed routes covered by a specified prefix to decrease the...

Страница 1161: ...that match the IPv6 prefix 2001 0db8 32 and assigns a tag value of 3 awplus configure terminal awplus config router ipv6 ospf awplus config router summary address 2001 0db8 32 tag 3 The following exa...

Страница 1162: ...n 5 4 7 1 x OSPFV3 FOR IPV6 COMMANDS TIMERS SPF IPV6 OSPF DEPRECATED timers spf IPv6 OSPF deprecated Overview This command has been deprecated because SPF timers have been replaced by exponential SPF...

Страница 1163: ...s and triggers a new SPF run before the last SPF holdtimer has finished The time between runs may increase up to the max holdtime value This increase in holdtime prevents too many SPF runs from occurr...

Страница 1164: ...for x510 Series 1164 AlliedWare Plus Operating System Version 5 4 7 1 x OSPFV3 FOR IPV6 COMMANDS UNDEBUG IPV6 OSPF EVENTS undebug ipv6 ospf events Overview This command applies the functionality of t...

Страница 1165: ...nce for x510 Series 1165 AlliedWare Plus Operating System Version 5 4 7 1 x OSPFV3 FOR IPV6 COMMANDS UNDEBUG IPV6 OSPF IFSM undebug ipv6 ospf ifsm Overview This command applies the functionality of th...

Страница 1166: ...rence for x510 Series 1166 AlliedWare Plus Operating System Version 5 4 7 1 x OSPFV3 FOR IPV6 COMMANDS UNDEBUG IPV6 OSPF LSA undebug ipv6 ospf lsa Overview This command applies the functionality of th...

Страница 1167: ...nce for x510 Series 1167 AlliedWare Plus Operating System Version 5 4 7 1 x OSPFV3 FOR IPV6 COMMANDS UNDEBUG IPV6 OSPF NFSM undebug ipv6 ospf nfsm Overview This command applies the functionality of th...

Страница 1168: ...for x510 Series 1168 AlliedWare Plus Operating System Version 5 4 7 1 x OSPFV3 FOR IPV6 COMMANDS UNDEBUG IPV6 OSPF PACKET undebug ipv6 ospf packet Overview This command applies the functionality of t...

Страница 1169: ...ce for x510 Series 1169 AlliedWare Plus Operating System Version 5 4 7 1 x OSPFV3 FOR IPV6 COMMANDS UNDEBUG IPV6 OSPF ROUTE undebug ipv6 ospf route Overview This command applies the functionality of t...

Страница 1170: ...is used to create a route map and or route map entry and to put you into route map mode match commands used to determine which routes the route map applies to set commands used to modify matching rou...

Страница 1171: ...the route map entry Use the no variant of this command without a specified interface to remove all interfaces Syntax match interface interface no match interface interface Mode Route map Configuratio...

Страница 1172: ...ecify the prefix or prefixes to match by either specifying the name of an access list To create the access list enter Global Configuration mode and use the access list command specifying the name of a...

Страница 1173: ...ations This command is valid for OSPF routes RIP routes Examples To add entry 3 to the route map called myroute which will process routes that match the ACL called List1 use the commands awplus config...

Страница 1174: ...x510 Series 1174 AlliedWare Plus Operating System Version 5 4 7 1 x ROUTE MAP COMMANDS MATCH IP ADDRESS Related Commands access list extended numbered access list standard numbered ip prefix list rou...

Страница 1175: ...ote that access lists prefix lists and route map entries all specify an action of deny or permit The action in the access list or prefix list determines whether the route map checks update messages an...

Страница 1176: ...erminal awplus config route map rmap1 permit 3 awplus config route map match ip next hop mylist To add entry 3 to the route map called mymap which will process routes whose next hop matches the prefix...

Страница 1177: ...accepted nor forwarded irrespective of permit or deny specifications The match ipv6 address prefix list command specifies the entries of prefix lists to be matched If there is a match for the specifi...

Страница 1178: ...etric match clause entering this command replaces that match clause with the new clause Use the no variant of this command to remove the metric match clause from the route map entry Syntax match metri...

Страница 1179: ...e type match clause from the route map entry Syntax match route type external type 1 type 2 no match route type external type 1 type 2 Mode Route map Configuration Usage Use the match route type exter...

Страница 1180: ...lause If the route map entry already has a tag match clause entering this command replaces that match clause with the new clause Use the no variant of this command to remove the tag match clause from...

Страница 1181: ...mit seq Mode Global Configuration Usage Route maps allow you to control and modify routing information by filtering routes and setting route attributes You can apply route maps when the device redistr...

Страница 1182: ...ntry 2 of the route map called route1 and then add a match and set clause to it use the commands awplus configure terminal awplus config route map route1 permit 2 awplus config route map match interfa...

Страница 1183: ...e set clause Syntax set ip next hop ip address no set ip next hop ip address Mode Route map Configuration Usage Use this command to set the next hop IP address to the routes This command is valid for...

Страница 1184: ...The default metric value for routes redistributed into OSPF and OSPFv3 is 20 Mode Route map Configuration Usage This command is valid for OSPF routes RIP routes Note that defining the OSPF metric in a...

Страница 1185: ...7 1 x ROUTE MAP COMMANDS SET METRIC To use entry 3 of the route map called rmap1 to increase the metric of matching routes by 2 use the commands awplus configure terminal awplus config route map rmap...

Страница 1186: ...2 no set metric type type 1 type 2 Mode Route map Configuration Usage This command is valid for OSPF routes only Example To use entry 3 of the route map called rmap1 to redistribute matching routes in...

Страница 1187: ...is command to remove the set clause Syntax set tag tag value no set tag tag value Mode Route map Configuration Usage This command is valid only when redistributing routes into OSPF Example To use entr...

Страница 1188: ...ec and Privileged Exec Example To display information about the route map named example map use the command awplus show route map example map Output Figure 29 1 Example output from the show route map...

Страница 1189: ...C613 50170 01 Rev B Command Reference for x510 Series 1189 AlliedWare Plus Operating System Version 5 4 7 1 x Part 4 Multicast Applications...

Страница 1190: ...ng This chapter describes the commands to configure IGMP Querier behaviour and selection IGMP Snooping and IGMP Proxy Command List clear ip igmp on page 1192 clear ip igmp group on page 1193 clear ip...

Страница 1191: ...oping source timeout on page 1223 ip igmp snooping tcn query solicit on page 1224 ip igmp source address check on page 1226 ip igmp ssm on page 1227 ip igmp ssm map enable on page 1228 ip igmp ssm map...

Страница 1192: ...IGMP SNOOPING COMMANDS CLEAR IP IGMP clear ip igmp Overview Use this command to clear all IGMP group membership records on all VLAN interfaces Syntax clear ip igmp Mode Privileged Exec Example awplus...

Страница 1193: ...an interface can be specified Specifying this will mean that only entries with the group learned on the interface will be deleted Examples To delete all group records use the command awplus clear ip...

Страница 1194: ...ular interface Syntax clear ip igmp interface interface Mode Privileged Exec Usage This command applies to interfaces configured for IGMP IGMP Snooping or IGMP Proxy Example To delete records for vlan...

Страница 1195: ...omponent of IGMP Syntax debug igmp all decode encode events fsm tib no debug igmp all decode encode events fsm tib Modes Privileged Exec and Global Configuration Example awplus configure terminal awpl...

Страница 1196: ...of this command to return all IGMP related configuration to the default on this interface Syntax ip igmp no ip igmp Default Disabled Mode Interface Configuration for a VLAN interface Usage An IP addr...

Страница 1197: ...yntax ip igmp access group access list number access list name no ip igmp access group Default By default there are no access lists configured on any interface Mode Interface Configuration for a VLAN...

Страница 1198: ...L2 switched network running IGMP it is considered more robust to flood all specific queries In most cases the benefit of flooding specific queries to all VLAN member ports outweighs the disadvantages...

Страница 1199: ...no ip igmp immediate leave Default Disabled by default Mode Interface Configuration for a VLAN interface Usage This command applies to VLAN interfaces configured for IGMP IGMP Snooping or IGMP Proxy E...

Страница 1200: ...unt 2 7 no ip igmp last member query count Default The default last member query count value is 2 Mode Interface Configuration for a VLAN interface Usage This command applies to VLAN interfaces config...

Страница 1201: ...ry interval Default 1000 milliseconds Mode Interface Configuration for a VLAN interface Usage This command applies to VLAN interfaces configured for IGMP IGMP Snooping or IGMP Proxy Example To change...

Страница 1202: ...ult limit which is reset by the no variant of this command is 512 Mode Global Configuration and Interface Configuration for a VLAN interface Usage This command applies to VLAN interfaces configured fo...

Страница 1203: ...IGMP snooping fast leave on the relevant VLANs To enable fast leave use the command awplus config if ip igmp snooping fast leave Thedevicekeepscountofthe numberofgroups learned byeachport This counter...

Страница 1204: ...nts to 10 groups on port 1 0 1 which is in vlan1 use the commands awplus configure terminal awplus config interface port1 0 1 awplus config if ip igmp maximum groups 10 awplus config if exit awplus co...

Страница 1205: ...for IGMP Proxy You must also enable the IGMP proxy service on the upstream interface using the ip igmp proxy service command You can associate one or more downstream mroute proxy interfaces on the dev...

Страница 1206: ...s on this device using the command ip igmp mroute proxy IGMP Proxy does not work with other multicast routing protocols such as PIM SM or PIM DM From version 5 4 7 1 1 onwards IGMP mroute proxy interf...

Страница 1207: ...t The default timeout interval is 255 seconds Mode Interface Configuration for a VLAN interface Usage This command applies to VLAN interfaces configured for IGMP The timeout value should not be less t...

Страница 1208: ...DoS Denial of Service attack if a stream of Query Solicitation QS packets are sent to the IGMP Querier eliciting a rapid stream of IGMP Queries This command applies to interfaces on which the device i...

Страница 1209: ...NDS IP IGMP QUERY HOLDTIME To reset the IGMP query holdtime to the default 500 ms for vlan10 use the following commands awplus configure terminal awplus config interface vlan10 awplus config if no ip...

Страница 1210: ...d for IGMP Note that the IGMP query interval is automatically set to a greater value than the IGMP query max response time For example if you set the IGMP query max response time to 2 seconds using th...

Страница 1211: ...reset the period between sending IGMP host query messages to the default 125 seconds for vlan10 use the following commands awplus configure terminal awplus config interface vlan10 awplus config if no...

Страница 1212: ...ple if you set the IGMP query interval to 3 seconds using the ip igmp query interval command and the current IGMP query interval is less than 3 seconds then the IGMP query maximum response time will b...

Страница 1213: ...Reference for x510 Series 1213 AlliedWare Plus Operating System Version 5 4 7 1 x IGMP AND IGMP SNOOPING COMMANDS IP IGMP QUERY MAX RESPONSE TIME Related Commands ip igmp query interval show ip igmp i...

Страница 1214: ...options are ignored Use the no variant of this command to disable strict RA option validation Syntax ip igmp ra option no ip igmp ra option Default The default state of RA validation is unset Mode Int...

Страница 1215: ...e Syntax ip igmp robustness variable 1 7 no ip igmp robustness variable Default The default robustness variable value is 2 Mode Interface Configuration for a VLAN interface Usage This command applies...

Страница 1216: ...isabled globally Syntax ip igmp snooping no ip igmp snooping Default By default IGMP Snooping is enabled both globally and on all VLANs Mode Global Configuration and Interface Configuration for a VLAN...

Страница 1217: ...p message is received without sending out a group specific query Use the no variant of this command to disable fast leave processing Syntax ip igmp snooping fast leave no ip igmp snooping fast leave D...

Страница 1218: ...to remove the static configuration of the port as a multicast router port Syntax ip igmp snooping mrouter interface port no ip igmp snooping mrouter interface port Mode Interface Configuration for a V...

Страница 1219: ...IP address because it only masquerades as a proxy IGMP querier for faster network convergence It does not start or automatically cease the IGMP Querier operation if it detects query message s from a m...

Страница 1220: ...e already downstream ports for this group on this interface Use the no variant of this command to disable report suppression Syntax ip igmp snooping report suppression no ip igmp snooping report suppr...

Страница 1221: ...guration Parameter Description all All reserved multicast addresses 224 0 0 x Packets from all possible addresses in range 224 0 0 x are treated as coming from routers default Default set of reserved...

Страница 1222: ...ERMODE Examples To set ip igmp snooping routermode for all default reserved addresses enter awplus config ip igmp snooping routermode default To remove the multicast address 224 0 0 5 from the custom...

Страница 1223: ...like normal entries Interface IGMP Snooping source timeout is disabled by default and unregistered multicast will be timed out like normal entries Mode Interface Global Configuration Usage The timeout...

Страница 1224: ...enabled by default and cannot be disabled using the Global Configuration mode command However Query Solicitation can be disabled for specified interfaces using the no variant of this command from the...

Страница 1225: ...t To disable Query Solicitation on a device use the commands awplus configure terminal awplus config no ip igmp snooping tcn query solicit To enable Query Solicitation for vlan2 use the commands awplu...

Страница 1226: ...guration for a VLAN interface Usage This is a security feature and should be enabled unless IGMP Reports from outside the local subnet are expected for example if Multicast VLAN Registration is active...

Страница 1227: ...st parameter options Use the no variant of this command to change the SSM range in IGMP back to the default Syntax ip igmp ssm range access list number access list name no ip igmp ssm Default By defau...

Страница 1228: ...ble Source Specific Multicast SSM mapping on the device Use the no variant of this command to disable SSM mapping Syntax ip igmp ssm map enable no ip igmp ssm map enable Mode Global Configuration Usag...

Страница 1229: ...plies to VLAN interfaces configured for IGMP You can use Standard numbered and Standard named ACLs plus Expanded Numbered ACLs Examples This example shows how to configure an SSM static mapping for gr...

Страница 1230: ...COMMANDS IP IGMP SSM MAP STATIC This example shows how to configure an SSM static mapping for group address 224 1 1 1 using a standard named ACL shown as sales awplus configure terminal awplus config...

Страница 1231: ...c group ip address source ip source addr ssm map interface port no ip igmp static group ip address source ip source addr ssm map interface port Mode Interface Configuration for a VLAN interface Usage...

Страница 1232: ...7 1 x IGMP AND IGMP SNOOPING COMMANDS IP IGMP STATIC GROUP Example The following example show how to statically add group and source records for IGMP on vlan3 awplus configure terminal awplus config i...

Страница 1233: ...ariant of this command to return an interface s configured IGMP startup query count to the default Syntax ip igmp startup query count startup query count no ip igmp startup query count Default The def...

Страница 1234: ...val startup query interval no ip igmp startup query interval Default The default IGMP startup query interval is one quarter of the IGMP query interval value NOTE The IGMP startup query interval must b...

Страница 1235: ...switch ports or aggregators Usage Because all ports are trusted by default use this command in its no variant to stop IGMP processing packets on ports you do not trust For example you can use this co...

Страница 1236: ...face Use the no variant of this command to return to the default version Syntax ip igmp version 1 3 no ip igmp version Default The default IGMP version is 3 Mode Interface Configuration for a VLAN int...

Страница 1237: ...he Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show debugging igmp Mode User Exec and Privileged Exec Example To display the IGMP debugging options set enter t...

Страница 1238: ...B C D interface Interface name for which to display local information IGMP Connected Group Membership Group Address Interface Uptime Expires Last Reporter 224 0 1 1 port1 0 1 00 00 09 00 04 17 10 10...

Страница 1239: ...ersion 5 4 7 1 x IGMP AND IGMP SNOOPING COMMANDS SHOW IP IGMP GROUPS Expires Time in hours minutes and seconds until the entry expires Last Reporter Last host to report being a member of the multicast...

Страница 1240: ...erface If you specify a switch port number the output displays the number of groups the port belongs to and the port s group membership limit if a limit has been set with the command ip igmp maximum g...

Страница 1241: ...me is 500 milliseconds IGMP querier timeout is 255 seconds IGMP max query response time is 10 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 260 seconds...

Страница 1242: ...ip igmp proxy groups vlan multicast group detail Mode User Exec and Privileged Exec Example To display the state of IGMP Proxy services for all interfaces enter the command awplus show ip igmp proxy...

Страница 1243: ...ode User Exec and Privileged Exec Example To show all multicast router interfaces use the command awplus show ip igmp snooping mrouter To show the multicast router interfaces in vlan1 use the command...

Страница 1244: ...d saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip igmp snooping routermode Mode User Exec and Privileged Exec Example To show...

Страница 1245: ...the configured IGMP snooping source timeouts for all VLANs use the command awplus show ip igmp snooping source timeout Output Figure 30 6 Example output from show ip igmp snooping source timeout Relat...

Страница 1246: ...vlan1 vlan2 Output Figure 30 7 Example output from the show ip igmp snooping statistics command for VLANs Parameter Description ip address Optionally specify the address of the multicast group entere...

Страница 1247: ...4 7 1 x IGMP AND IGMP SNOOPING COMMANDS SHOW IP IGMP SNOOPING STATISTICS Figure 30 8 Example output from the show ip igmp snooping statistics command for a switch port awplus show ip igmp interface po...

Страница 1248: ...mmand Reference for x510 Series 1248 AlliedWare Plus Operating System Version 5 4 7 1 x IGMP AND IGMP SNOOPING COMMANDS UNDEBUG IGMP undebug igmp Overview This command applies the functionality of the...

Страница 1249: ...ticast routing The IPv6 Multicast addresses shown can be derived from IPv6 unicast prefixes as per RFC 3306 The IPv6 unicast prefix reserved for documentation is 2001 0db8 32 as per RFC 3849 Using the...

Страница 1250: ...ut on page 1262 ipv6 mld query interval on page 1263 ipv6 mld query max response time on page 1264 ipv6 mld robustness variable on page 1265 ipv6 mld snooping on page 1266 ipv6 mld snooping fast leave...

Страница 1251: ...MLD clear ipv6 mld Overview Use this command to clear all MLD local memberships on all interfaces Syntax clear ipv6 mld Mode Privileged Exec Usage This command applies to interfaces configured for ML...

Страница 1252: ...ress Mode Privileged Exec Usage This command applies to interfaces configured for MLD Layer 3 multicast protocols and learned by MLD Snooping Example awplus clear ipv6 mld group Related Commands clear...

Страница 1253: ...lear MLD interface entries Syntax clear ipv6 mld interface interface Mode Privileged Exec Usage This command applies to interfaces configured for MLD Layer 3 multicast protocols and learned by MLD Sno...

Страница 1254: ...ents fsm tib Mode Privileged Exec and Global Configuration Usage This command applies to interfaces configured for MLD Layer 3 multicast protocols and learned by MLD Snooping Examples awplus configure...

Страница 1255: ...no ipv6 mld Default MLD is disabled by default Mode Interface Configuration for a specified VLAN interface or a range of VLAN interfaces Usage MLD requires memory for storing data structures as well a...

Страница 1256: ...ff1e 0db8 0001 64 awplus configure terminal awplus config ipv6 forwarding awplus config ipv6 multicast routing awplus config ipv6 access list standard group1 permit ff1e 0db8 0001 64 awplus config int...

Страница 1257: ...nable the immediate leave feature on an interface for a specific range of multicast groups In this example the router assumes that the group access list consists of groups that have only one node memb...

Страница 1258: ...ault on an interface Syntax ipv6 mld last member query count value no ipv6 mld last member query count Default The default last member query count value is 2 Mode Interface Configuration for a specifi...

Страница 1259: ...no ipv6 mld last member query interval Default 1000 milliseconds Mode Interface Configuration for a specified VLAN interface or a range of VLAN interfaces Example The following example changes the MLD...

Страница 1260: ...n be learned with the ipv6 mld limit command The default limit of group membership entries that can be learned is 512 entries Mode Global Configuration and Interface Configuration for a specified VLAN...

Страница 1261: ...warding awplus config ipv6 multicast routing awplus config interface vlan2 awplus config if ipv6 enable awplus config if ipv6 mld limit 100 The following example configures an MLD limit of 100 group m...

Страница 1262: ...ecified VLAN interface or a range of VLAN interfaces Usage This command applies to interfaces configured for MLD Layer 3 multicast protocols Example The following example configures the router to wait...

Страница 1263: ...rface Configuration for a specified VLAN interface or a range of VLAN interfaces Usage This command applies to interfaces configured for MLD Layer 3 multicast protocols Example The following example c...

Страница 1264: ...max response time Default 10 seconds Mode Interface Configuration for a specified VLAN interface or a range of VLAN interfaces Usage This command applies to interfaces configured for MLD Layer 3 mult...

Страница 1265: ...ipv6 mld robustness variable value no ipv6 mld robustness variable Default The default robustness variable value is 2 Mode Interface Configuration for a specified VLAN interface or a range of VLAN in...

Страница 1266: ...VLANs Mode Global Configuration and Interface Configuration for a specified VLAN interface or a range of VLAN interfaces Usage For MLD Snooping to operate on particular VLAN interfaces it must be enab...

Страница 1267: ...n2 vlan4 enter the following commands awplus configure terminal awplus config interface vlan2 vlan4 awplus config no ipv6 mld snooping To configure MLD Snooping globally for the device enter the follo...

Страница 1268: ...able fast leave processing Syntax ipv6 mld snooping fast leave no ipv6 mld snooping fast leave Default MLD Snooping fast leave processing is disabled Mode Interface Configuration for a specified VLAN...

Страница 1269: ...er interface Note that if static IPv6 multicast routing is being used with EPSR and the destination VLAN is an EPSR data VLAN then multicast router mrouter ports must be statically configured This min...

Страница 1270: ...multicast router for VLAN interface vlan2 awplus configure terminal awplus config interface vlan2 awplus config if ipv6 mld snooping mrouter interface port1 0 5 This example shows how to specify the...

Страница 1271: ...e Configuration for a specified VLAN interface Usage This command can only be configured on a single VLAN interface not on multiple VLANs The MLD Snooping querier uses the 0 0 0 0 Source IP address be...

Страница 1272: ...ng maybe configured to suppress reports from hosts When a querier sends a query only the first report for particular set of group s from a host will be forwarded to the querier by the MLD Snooping dev...

Страница 1273: ...n 5 4 7 1 x MLD AND MLD SNOOPING COMMANDS IPV6 MLD SNOOPING REPORT SUPPRESSION This example shows how to disable report suppression for MLD reports on VLAN interfaces vlan2 vlan4 awplus configure term...

Страница 1274: ...is command to disable the SSM mapping feature on the device Syntax ipv6 mld ssm map enable no ipv6 mld ssm map enable Mode Global Configuration Usage This command enables the SSM mapping feature for g...

Страница 1275: ...list name X X X X no ipv6 mld ssm map static access list name X X X X Mode Global Configuration Usage Use this command to configure SSM mappings after enabling SSM mapping with the ipv6 mld ssm map e...

Страница 1276: ...nal awplus config interface vlan2 awplus config if ipv6 mld static group ff1e 10 To add a static group and source record use the following commands awplus configure terminal awplus config interface vl...

Страница 1277: ...specific port on vlan2 use the following commands awplus configure terminal awplus config interface vlan2 awplus config if ipv6 mld static group ff1e 10 interface port1 0 4 To add an SSM mapping reco...

Страница 1278: ...iguration for a VLAN interface Usage This command applies to interfaces configured for MLD Layer 3 multicast protocols and MLD Snooping Note this command is intended for use where there is another que...

Страница 1279: ...bug mld command For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show debugging mld Mode Privileged E...

Страница 1280: ...output for show ipv6 mld groups The following command displays local membership information for all interfaces awplus show ipv6 mld groups detail Output Figure 31 3 Example output for show ipv6 mld gr...

Страница 1281: ...interfaces enabled for MLD awplus show ipv6 mld interface Output Parameter Description interface Interface name awplus show ipv6 mld interface Interface vlan1 Index 301 MLD Enabled Active Querier Vers...

Страница 1282: ...Exec and Privileged Exec Examples The following command displays the multicast router interfaces in vlan2 awplus show ipv6 mld snooping mrouter vlan2 Output The following command displays the multica...

Страница 1283: ...nooping statistics interface interface Mode User Exec and Privileged Exec Example The following command displays MLDv2 statistical information for vlan1 awplus show ipv6 mld snooping statistics interf...

Страница 1284: ...he ipv6 multicast routing command Static IPv6 multicast routes take priority over dynamic IPv6 multicast routes Use the clear ipv6 mroute command to clear static IPv6 multicast routes and ensure dynam...

Страница 1285: ...9 ipv6 multicast forward slow path packet on page 1290 debug nsm mcast on page 1291 debug nsm mcast6 on page 1292 ip mroute on page 1293 ip multicast allow register fragments on page 1295 ip multicast...

Страница 1286: ...n its IPv4 multicast route table and removes the entries from the multicast forwarder The MRIB sends a clear message to the multicast protocols Each multicast protocol has its own clear multicast rout...

Страница 1287: ...tries from the IP multicast routing table Syntax clear ip mroute statistics ipv4 group addr ipv4 source addr Mode Privileged Exec Example awplus clear ip mroute statistics 225 1 1 2 192 168 4 4 awplus...

Страница 1288: ...levant IPv6 multicast route entries in its IPv6 multicast route table and removes the entries from the multicast forwarder The MRIB sends a clear message to the multicast protocols Each multicast prot...

Страница 1289: ...e the clear ipv6 mroute command to clear static IPv6 multicast routes and ensure dynamic IPv6 multicast routes cantake over from previous static IPv6 multicast routes Syntax clear ipv6 mroute statisti...

Страница 1290: ...the smallest MTU among the outgoing interfaces for the multicast group It will also ensure that a received packet that is larger than the MTU value will result in the generation of an ICMP Too Big me...

Страница 1291: ...ister stats vif Mode Privileged Exec and Global Configuration Examples To enable debugging of all multicast route events use the commands awplus configure terminal awplus config debug nsm mcast all To...

Страница 1292: ...ister stats vif no debug nsm mcast6 all fib msg mrt register stats vif Mode Privileged Exec and Global Configuration Examples To enable debugging of all multicast route events use the commands awplus...

Страница 1293: ...hat source This command enables the user to statically configure the device with multicast routes back to given sources When performing the RPF check on a stream from a given IPv4 source the multicast...

Страница 1294: ...aversed in order to arrive at the current router Examples The following example creates a static multicast IPv4 route back to the sources in the 10 10 3 0 24 subnet The multicast route is via the host...

Страница 1295: ...necessary By default when IP multicast packets are fragmented the switch attempts to reassemble them before registering the packets This is necessary for tasks such as network address translation or a...

Страница 1296: ...that create the multicast route possibly causing degradation in the quality of the multicast stream such as the pixelation of video and audio data NOTE If you use this command ensure that the ip igmp...

Страница 1297: ...is configured PIM will not be able to update this multicast route in any way If a dynamic multicast route exists you cannot create a static multicast route with same source IPv4 address group IPv4 add...

Страница 1298: ...ress 2 2 2 2 and group IPv4 address 224 9 10 11 specifying the upstream VLAN interface as vlan10 use the following commands awplus configure terminal awplus config ip multicast route 2 2 2 2 224 9 10...

Страница 1299: ...onfiguration Usage This command limits the number of multicast IPv4 routes mroutes that can be added to a router and generates an error message when the limit is exceeded If the threshold parameter is...

Страница 1300: ...ng vif suppression no ip multicast wrong vif suppression Default By default this feature is disabled Mode Global Configuration Usage Use this command if there is excessive CPU load and multicast traff...

Страница 1301: ...t routing no ip multicast routing Default By default IPv4 multicast routing is off Mode Global Configuration Usage When the no variant of this command is used the Multicast Routing Information Base MR...

Страница 1302: ...ia different paths to those used for unicast In this case the interface via which a multicast stream from a given source enters a router may not be the same as the interface that connects to the best...

Страница 1303: ...current router will forward multicast instead it refers to the route the multicast will have traversed in order to arrive at the current router Examples The following example creates a static multica...

Страница 1304: ...am vlan id downstream vlan id Default By default no static routes exist Mode Global Configuration Usage Only one multicast route entry per IPv6 address and multicast group can be specified Therefore i...

Страница 1305: ...or restoration When configuring the EPSR data VLAN statically configure mrouter ports so that the multicast router can be reached in either direction around the EPSR ring For example if port1 0 1 and...

Страница 1306: ...pecifying the upstream VLAN interface as vlan10 and the downstream VLAN range as vlan20 25 use the following commands awplus configure terminal awplus config ipv6 multicast route 2001 1 ff08 1 vlan10...

Страница 1307: ...Configuration Usage This command limits the number of multicast IPv6 routes mroutes that can be added to a router and generates an error message when the limit is exceeded If the threshold parameter...

Страница 1308: ...icast routing Default By default IPv6 multicast routing is off Mode Global Configuration Usage When the no variant of this command is used the Multicast Routing Information Base MRIB cleans up Multica...

Страница 1309: ...ut ports in the same VLANs as the receiving port will still receive the multicast packets CAUTION We do not recommend disabling multicast routing in a live network Some non multicast protocols use mul...

Страница 1310: ...up and source IPv4 address Figure 32 2 Example output from the show ip mroute command Parameter Description ipv4 group addr Group IPv4 address in dotted decimal notation in the format A B C D ipv4 sou...

Страница 1311: ...3 uptime 00 03 24 stat expires 00 01 28 Owner PIM SM Flags TF Incoming interface vlan2 Outgoing interface list vlan3 1 awplus show ip mroute count IP Multicast Statistics Total 1 routes using 132 byte...

Страница 1312: ...utput Figure 32 6 Example output from the show ip mvif command Figure 32 7 Example output from the show ip mvif command with the interface parameter vlan2 specified Parameter Description interface The...

Страница 1313: ...PF show ip rpf Overview Use this command to display Reverse Path Forwarding RPF information for the specified IPv4 source address Syntax show ip rpf source addr Mode User Exec and Privileged Exec Exam...

Страница 1314: ...mple output of this command displaying the IPv6 multicast routing table for a single static IPv6 Multicast route Figure 32 8 Example output from the show ipv6 mroute command Parameter Description ipv6...

Страница 1315: ...tistics Total 1 routes using 152 bytes memory Route limit Route threshold 1024 1024 Total NOCACHE WRONGmif WHOLEPKT recv from fwd 6 0 0 Total NOCACHE WRONGmif WHOLEPKT sent to clients 6 0 0 Immediate...

Страница 1316: ...tatus of multicast forwarding slow path packet setting Syntax show ipv6 multicast forwarding Mode User Exec Example To show the status of the multicast forwarding slow path packet setting use the foll...

Страница 1317: ...ow ipv6 mif awplus show ipv6 mif vlan2 Output Figure 32 12 Example output from the show ipv6 mif command Figure 32 13 Example output from the show ipv6 mif command with the interface parameter vlan2 s...

Страница 1318: ...ge 1322 debug pim sparse mode on page 1323 debug pim sparse mode timer on page 1324 ip multicast allow register fragments on page 1326 ip pim accept register list on page 1327 ip pim anycast rp on pag...

Страница 1319: ...1351 ip pim spt threshold on page 1352 ip pim spt threshold group list on page 1353 ip pim ssm on page 1354 show debugging pim sparse mode on page 1355 show ip pim sparse mode bsr router on page 1356...

Страница 1320: ...multicast clients note that one router will be automatically or statically designated as the RP and all routers must explicitly join through the RP A Designated Router DR sends periodic Join Prune me...

Страница 1321: ...llowing command clears the current packet receive counts for PIM sparse mode awplus configure terminal awplus config clear ip pim sparse mode statistics Output Figure 33 1 Example output from clear ip...

Страница 1322: ...up address and optionally a specified multicast source address Syntax clear ip mroute Group IP address pim sparse mode clear ip mroute Group IP address Source IP address pim sparse mode Mode Privilege...

Страница 1323: ...ation Example awplus configure terminal awplus config debug pim sparse mode all Related Commands show debugging pim sparse mode Parameter Description all Activates deactivates all PIM SM debugging eve...

Страница 1324: ...er rst Parameter Description assert Enable or disable debugging for the Assert timers at Enable or disable debugging for the Assert Timer bsr Enable or disable debugging for the specified Bootstrap Ro...

Страница 1325: ...the command awplus config debug pim sparse mode timer hello ht To enable debugging for the PIM SM Joinprune expiry timer use the command awplus debug pim sparse mode timer joinprune et To disable deb...

Страница 1326: ...cessary By default when IP multicast packets are fragmented the switch attempts to reassemble them before registering the packets This is necessary for tasks such as network address translation or a f...

Страница 1327: ...r the packets sent by the specified sources By default the RP accepts register packets from all multicast sources Use the no variant of this command to revert to default Syntax ip pim accept register...

Страница 1328: ...dress identifies a set of receiver endpoints from which only one receiver endpoint is chosen Use this command to specify the Anycast RP configuration in the Anycast RP set Use the no variant of this c...

Страница 1329: ...ages will be sent or received through the interface Configure an interface bordering another PIM domain with this command to avoid BSR messages from being exchanged between the two PIM domains BSR mes...

Страница 1330: ...lt priority parameter value is 64 Examples To set the BSR candidate to the VLAN interface vlan2 with the optional mask length and BSR priority parameters enter the commands shown below awplus configur...

Страница 1331: ...e Register checksum over the whole packet This command is used to inter operate with older Cisco IOS versions Use the no variant of this command to disable this option Syntax ip pim cisco register che...

Страница 1332: ...on multicast groups specified by the access list This command is used to inter operate with older Cisco IOS versions Use the no variant of this command to revert to default settings Syntax ip pim cisc...

Страница 1333: ...the default IPv4 multicast group range 224 4 are sent with a prefix of 1 Use the no variant of this command to revert to the default settings Syntax ip pim crp cisco prefix no ip pim crp cisco prefix...

Страница 1334: ...lt Mode Interface Configuration for a VLAN interface Examples To set the Designated Router priority value to 11234 for the VLAN interface vlan2 apply the commands as shown below awplus configure termi...

Страница 1335: ...the PIM module on a particular interface This command is used to inter operate with older Cisco IOS versions Use the no variant of this command to revert to default settings Syntax ip pim exclude gen...

Страница 1336: ...nected Syntax ip pim ext srcs directly connected no ip pim ext srcs directly connected Default The no variant of this command is the default behavior Mode Interface Configuration for a VLAN interface...

Страница 1337: ...o holdtime value is 3 5 the current hello interval The default hello holdtime is restored using the negated form of this command Mode Interface Configuration for a VLAN interface Usage Each time the h...

Страница 1338: ...alue is 30 seconds The default is restored using the negated form of this command Mode Interface Configuration for a VLAN interface Usage When the hello interval is configured and the hello holdtime i...

Страница 1339: ...his command to ignore the RP SET priority value and use only the hashing mechanism for RP selection This command is used to inter operate with older Cisco IOS versions Use the no variant of this comma...

Страница 1340: ...e PIM SM join prune timer to its default value of 60 seconds which corresponds to a join prune packet holdtime of 210 seconds Syntax ip pim jp timer 1 65535 no ip pim jp timer 1 65535 Default The defa...

Страница 1341: ...e neighbor or terminate adjacency with the existing neighbors if denied by the filtering access list Use the no variant of this command to disable this function Syntax ip pim neighbor filter number ac...

Страница 1342: ...igure the rate of register packets sent by this DR in units of packets per second Use the no variant of this command to remove the limit Syntax ip pim register rate limit 1 65535 no ip pim register ra...

Страница 1343: ...chability check for PIM Register processing at the DR The default setting is no checking for RP reachability Use the no variant of this command to disable this processing Syntax ip pim register rp rea...

Страница 1344: ...d the source host Syntax ip pim register source source_address interface no ip pim register source Usage The configured address must be a reachable address to be used by the RP to send corresponding R...

Страница 1345: ...default of 60 seconds Configuring this value modifies register suppression time at the DR Configuring this value at the RP modifies the RP keepalive period value if the ip pim rp register kat command...

Страница 1346: ...ple group ranges using Access Lists However configuring multiple static RPs using ip pim rp address command with the same RP address is not allowed The static RP can either be configured for the whole...

Страница 1347: ...ed by removing the static RP from all the existing group ranges and recalculating the RPs for existing TIB states if required Group mode and RP address mappings learned through BSR take precedence ove...

Страница 1348: ...toptional priority interval or grouplist parameters will configure the candidate RP with a priority value of 0 Examples To specify a priority of 3 use the following commands awplus configure terminal...

Страница 1349: ...nt of this command to return the PIM SM KAT timer to its default value of 210 seconds Syntax ip pim rp register kat 1 65535 no ip pim rp register kat Mode Global Configuration Default The default PIM...

Страница 1350: ...PIM SM on the VLAN interface Use the no variant of this command to disable PIM SM on the VLAN interface Syntax ip pim sparse mode no ip pim sparse mode Mode Interface Configuration for a VLAN interfa...

Страница 1351: ...im sparse mode passive no ip pim sparse mode passive Mode Interface Configuration for a VLAN interface Usage Passive mode essentially stops PIM transactions on the interface allowing only IGMP mechani...

Страница 1352: ...h to SPT NOTE The switching to SPT happens either at the receiving of the first data packet or not at all it is not rate based Syntax ip pim spt threshold no ip pim spt threshold Mode Global Configura...

Страница 1353: ...iving of the first data packet or not at all it is not rate based Use the no variant of this command to turn off switching to the SPT Syntax ip pim spt threshold group list acl no ip pim spt threshold...

Страница 1354: ...on Usage When an SSM range of IP multicast addresses is defined by the ip pim ssm command the no G or S G rpt state will be initiated for groups in the SSM range The messages corresponding to these st...

Страница 1355: ...Feature Overview and Configuration Guide Syntax show debugging pim sparse mode Mode User Exec and Privileged Exec Example To display PIM SM debugging settings use the command awplus show debugging pim...

Страница 1356: ...command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip pim sparse mode bsr router Mode User Exec and Privileged Exec Output Figure 33 3 Out...

Страница 1357: ...erface Total configured interfaces 16 Maximum allowed 31 Total active interfaces 12 Address Interface VIFindex Ver Nbr DR DR Mode Count Prior 192 168 1 53 vlan2 0 v2 S 2 2 192 168 1 53 192 168 10 53 v...

Страница 1358: ...W IP PIM SPARSE MODE INTERFACE Related Commands ip pim sparse mode show ip pim sparse mode rp mapping show ip pim sparse mode neighbor DR Priority Designated Router priority DR The IP address of the D...

Страница 1359: ...g Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip pim sparse mode interface detail Mode User Exec and Privileged Exec Output Figure 33 5 Example output from the sh...

Страница 1360: ...er Exec and Privileged Exec Example To show detailed PIM SM information for all PIM SM configured VLAN interfaces use the command awplus show ip pim sparse mode local members Output Figure 33 6 Exampl...

Страница 1361: ...Exec Usage Note that when a feature license is enabled the output for the show ip pim sparse mode mroute command will only show 32 interfaces because of the terminal display width limit Use the show...

Страница 1362: ...m sparse mode mroute Related Commands show ip pim sparse mode mroute detail awplus show ip pim sparse mode mroute IP Multicast Routing Table RP Entries 0 G Entries 1 S G Entries 0 S G rpt Entries 0 FC...

Страница 1363: ...address detail show ip pim sparse mode mroute group address source address detail show ip pim sparse mode mroute source address group address detail Usage Based on the group and source address the out...

Страница 1364: ...command IP Multicast Routing Table RP Entries 0 G Entries 4 S G Entries 0 S G rpt Entries 0 FCR Entries 0 224 0 1 24 Uptime 00 06 42 RP 0 0 0 0 RPF nbr None RPF idx None Upstream State JOINED SPT Swi...

Страница 1365: ...le output from the show ip pim sparse mode neighbor command Figure 33 11 Example output from the show ip pim sparse mode neighbor interface detail command Parameter Description interface Interface nam...

Страница 1366: ...p Nexthop Nexthop Nexthop Metric Pref Refcnt Num Addr Ifindex Name ____________________________________________________________________________ 10 10 0 9 RS 1 0 0 0 0 4 0 0 1 Table 2 Parameters in out...

Страница 1367: ...ollowing command displays the current packet receive counts for PIM sparse mode awplus configure terminal awplus config show ip pim sparse mode statistics Output Figure 33 13 Example output from show...

Страница 1368: ...aving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip pim sparse mode rp hash group addr Mode User Exec and Privileged Exec Example...

Страница 1369: ...on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip pim sparse mode rp mapping Mode Privileged Exec Example awpl...

Страница 1370: ...em Version 5 4 7 1 x PIM SM COMMANDS UNDEBUG ALL PIM SPARSE MODE undebug all pim sparse mode Overview Use this command to disable all PIM SM debugging Syntax undebug all pim sparse mode Mode Privilege...

Страница 1371: ...6 Multicast addresses showncanbederivedfromIPv6unicastprefixes as per RFC 3306 The IPv6 unicast prefix reserved for documentation is 2001 0db8 32 as per RFC 3849 Using the base 32 prefix the IPv6 mult...

Страница 1372: ...lo interval on page 1393 ipv6 pim ignore rp set priority on page 1394 ipv6 pim jp timer on page 1395 ipv6 pim neighbor filter on page 1396 ipv6 pim register rate limit on page 1397 ipv6 pim register r...

Страница 1373: ...e mroute on page 1420 show ipv6 pim sparse mode mroute detail on page 1422 show ipv6 pim sparse mode neighbor on page 1424 show ipv6 pim sparse mode nexthop on page 1425 show ipv6 pim sparse mode rp h...

Страница 1374: ...erdynamicIPv6multicastroutes Use the clear ipv6 mroute command to clear static IPv6 multicast routes and ensure dynamic IPv6 multicast routes cantake over from previous static IPv6 multicast routes Sy...

Страница 1375: ...icIPv6multicastroutes Use the clear ipv6 mroute command to clear static IPv6 multicast routes and ensure dynamic IPv6 multicast routes cantake over from previous static IPv6 multicast routes Syntax cl...

Страница 1376: ...ke over from previous static IPv6 multicast routes Syntax clear ipv6 pim sparse mode bsr rp set Mode Privileged Exec Usage For multicast clients note that one router will be automatically or staticall...

Страница 1377: ...us configure terminal awplus config terminal monitor awplus config debug ipv6 pim sparse mode all awplus configure terminal awplus config terminal monitor awplus config debug ipv6 pim sparse mode even...

Страница 1378: ...ode packet awplus show debugging ipv6 pim sparse mode PIM SMv6 debugging status PIM event debugging is on PIM MFC debugging is off PIM state debugging is on PIM packet debugging is on PIM Hello HT tim...

Страница 1379: ...nfigure terminal awplus config terminal monitor awplus config debug ipv6 pim sparse mode packet in awplus configure terminal awplus config terminal monitor awplus config debug ipv6 pim sparse mode pac...

Страница 1380: ...pim ipv6 sparse mode timer register rst Parameter Description assert Enable or disable debugging for the Assert timers at Enable or disable debugging for the Assert Timer bsr Enable or disable debuggi...

Страница 1381: ...command awplus config debug ipv6 pim sparse mode timer hello ht To enable debugging for the PIM SMv6 Joinprune expiry timer use the command awplus debug ipv6 pim sparse mode timer joinprune et To dis...

Страница 1382: ...e RP accepts register packets from all multicast sources Use the no variant of this command to revert to default Syntax ipv6 pim accept register list access list no ipv6 pim accept register Mode Globa...

Страница 1383: ...nts from which only one receiver endpoint is chosen Use this command to specify the Anycast RP configuration in the Anycast RP set Use the no variant of this command to remove the Anycast RP configura...

Страница 1384: ...igure an interface bordering another PIM SMv6 domain with this command to avoid BSR messages from being exchanged between the two PIM SMv6 domains BSR messages should not be exchanged between differen...

Страница 1385: ...set the BSR candidate to the VLAN interface vlan2 with the optional mask length and BSR priority parameters enter the commands shown below awplus configure terminal awplus config ipv6 forwarding awplu...

Страница 1386: ...operate with older Cisco IOS versions Use the no variant of this command to disable this option Syntax ipv6 pim cisco register checksum no ipv6 pim cisco register checksum Default This command is dis...

Страница 1387: ...no ipv6 pim cisco register checksum group list IPv6 access list Mode Global Configuration Default This command is disabled by default By default Register Checksum is calculated only over the header E...

Страница 1388: ...variant of this command to revert to the default settings Syntax ipv6 pim crp cisco prefix no ipv6 pim crp cisco prefix Mode Global Configuration Usage Cisco s BSR code does not conform to the latest...

Страница 1389: ...To set the Designated Router priority value to 11234 for the VLAN interface vlan2 apply the commands as shown below awplus configure terminal awplus config ipv6 forwarding awplus config ipv6 multicas...

Страница 1390: ...o IOS versions Use the no variant of this command to revert to default settings Syntax ipv6 pim exclude genid no ipv6 pim exclude genid Default By default this command is disabled the GenID option is...

Страница 1391: ...d no ipv6 pim ext srcs directly connected Default The no variant of this command is the default behavior Mode Interface Configuration for a VLAN interface Example To configure PIM SMv6 to treat all so...

Страница 1392: ...The default hello holdtime is restored using the negated form of this command Mode Interface Configuration for a VLAN interface Usage Each time the hello interval is updated the hello holdtime is also...

Страница 1393: ...ored using the negated form of this command Mode Interface Configuration for a VLAN interface Usage When the hello interval is configured and the hello holdtime is not configured or when the configure...

Страница 1394: ...echanism for RP selection Use the no variant of this command to disable this setting Syntax ipv6 pim ignore rp set priority no ipv6 pim ignore rp set priority Mode Global Configuration Usage This comm...

Страница 1395: ...neighbors Use the no variant of this command to return the PIM SMv6 join prune timer to its default value of 210 seconds Syntax ipv6 pim jp timer 1 65535 no ipv6 pim jp timer 1 65535 Default The defa...

Страница 1396: ...ipv6 pim neighbor filter IPv6 accesslist Default By default there is no neighbor filtering applied to an interface Mode Interface Configuration for a VLAN interface Example awplus configure terminal a...

Страница 1397: ...is command to remove the limit and reset to the default rate limit Syntax ipv6 pim register rate limit 1 65535 no ipv6 pim register rate limit Mode Global Configuration Default The default is 0 as res...

Страница 1398: ...ng is no checking for RP reachability Use the no variant of this command to disable this processing Syntax ipv6 pim register rp reachability no ipv6 pim register rp reachability Default This command i...

Страница 1399: ...by the RP to send corresponding Register Stop messages in response It is normally the local loopback IPv6 interface address but can also be a physical IPv6 address This IPv6 addressmustbeadvertised b...

Страница 1400: ...r suppression Mode Global Configuration Default The default PIM SMv6 register suppression time is 60 seconds and is restored with the no variant of this command Usage Configuring this value modifies r...

Страница 1401: ...BSR is chosen over the statically configured RP address A single static RP can be configured for multiple group ranges using software IPv6 access lists ACLs However configuring multiple static RPs usi...

Страница 1402: ...s the static RP with highest IPv6 address is chosen RP address deletion is handled by removing the static RP from all the existing group ranges and recalculating the RPs for existing TIB states if req...

Страница 1403: ...re the candidate RP with a priority value of 192 Examples To specify a priority of 3 use the following commands awplus configure terminal awplus config ipv6 forwarding awplus config ipv6 multicast rou...

Страница 1404: ...ng System Version 5 4 7 1 x PIM SMV6 COMMANDS IPV6 PIM RP CANDIDATE To stop the device from being an RP candidate on vlan2 use the following commands awplus configure terminal awplus config no ipv6 pi...

Страница 1405: ...rt is enabled by default use the no variant of this command to disable the default Syntax ipv6 pim rp embedded no ipv6 pim rp embedded Mode Global Configuration Default Embedded RP is enabled by defau...

Страница 1406: ...SMv6 KAT timer to its default value of 210 seconds Syntax ipv6 pim rp register kat 1 65535 no ipv6 pim rp register kat Mode Global Configuration Default The default PIM SMv6 KAT timer value is 210 sec...

Страница 1407: ...of this command to disable PIM SMv6 on a VLAN interface Syntax ipv6 pim sparse mode no ipv6 pim sparse mode Mode Interface Configuration for a VLAN interface Examples awplus configure terminal awplus...

Страница 1408: ...local members on a VLAN interface Syntax ipv6 pim sparse mode passive no ipv6 pim sparse mode passive Mode Interface Configuration for a VLAN interface Usage Passive mode essentially stops PIM SMv6 t...

Страница 1409: ...PT happens either at the receiving of the first data packet or not at all it is not rate based Syntax ipv6 pim spt threshold no ipv6 pim spt threshold Mode Global Configuration Examples To enable the...

Страница 1410: ...spt threshold group list IPv6 access list Mode Global Configuration Examples To enable the last hop PIM SMv6 router to switch to SPT for groups specified by the ACL named G1 use the following commands...

Страница 1411: ...lticast groups addresses within the range are not installed in PIM SMv6 mroute table Examples The following example shows how to configure SSM service for the IPv6 address range defined by IPv6 access...

Страница 1412: ...face Configuration for a VLAN interface Default Unicast BSM is disabled by default on an interface Usage This command provides backward compatibility with older versions of the Boot Strap Router BSR s...

Страница 1413: ...m sparse mode Figure 34 2 Example output from the show debugging ipv6 pim sparse mode command Related commands debug ipv6 pim sparse mode undebug ipv6 pim sparse mode awplus show debugging ipv6 pim sp...

Страница 1414: ...m sparse mode bsr router Mode User Exec and Privileged Exec Example To display the BSR IPv6 address use the command awplus show ipv6 pim sparse mode bsr router Output Figure 34 3 Example output from t...

Страница 1415: ...Mode User Exec and Privileged Exec Examples To display information about all PIM SMv6 interfaces use the command awplus show ipv6 pim sparse mode interface awplus show ipv6 pim sparse mode interface I...

Страница 1416: ...for x510 Series 1416 AlliedWare Plus Operating System Version 5 4 7 1 x PIM SMV6 COMMANDS SHOW IPV6 PIM SPARSE MODE INTERFACE Related commands ipv6 pim sparse mode show ipv6 pim sparse mode rp mappin...

Страница 1417: ...Example To show detailed PIM SMv6 information for all PIM SMv6 configured interfaces use the command awplus show ipv6 pim sparse mode interface detail Output Figure 34 4 Example output from the show i...

Страница 1418: ...Overview and Configuration Guide Syntax show ipv6 pim sparse mode local members interface Mode User Exec and Privileged Exec Example To show detailed PIM SMv6 information for all PIM SMv6 configured V...

Страница 1419: ...Version 5 4 7 1 x PIM SMV6 COMMANDS SHOW IPV6 PIM SPARSE MODE LOCAL MEMBERS Output Figure 34 6 Example output from the show ipv6 pim sparse mode local members vlan1 command awplus show ipv6 pim spars...

Страница 1420: ...w ipv6 pim sparse mode mroute source IPv6 address group IPv6 address Mode User Exec and Privileged Exec Usage Note that when a feature license is enabled the output for the show ipv6 pim sparse mode m...

Страница 1421: ...P Entries 0 G Entries 2 S G Entries 0 S G rpt Entries 0 FCR Entries 2 ff0x db8 0 0 96 RP 3ffe 10 10 5 153 RPF nbr fe80 202 b3ff fed4 69fe RPF idx wm0 Upstream State JOINED Local l Joined Asserted FCR...

Страница 1422: ...s source IPv6 address detail show ipv6 pim sparse mode mroute group IPv6 address source IPv6 address detail show ipv6 pim sparse mode mroute source IPv6 address group IPv6 address detail Usage Based o...

Страница 1423: ...IPv6 Multicast Routing Table RP Entries 0 G Entries 1 S G Entries 0 S G rpt Entries 0 FCR Entries 0 ff13 10 Uptime 00 00 09 RP RPF nbr None RPF idx None Upstream State JOINED SPT Switch Enabled JT of...

Страница 1424: ...put from the show ipv6 pim sparse mode neighbor command Figure 34 10 Example output from the show ipv6 pim sparse mode neighbor interface detail command Parameter Description interface Interface name...

Страница 1425: ...e Nexthop Nexthop Nexthop Nexthop Metric Pref Refcnt Num Addr Ifindex Name _____________________________________________________________________________________ 3ffe 10 10 5 153 RS 1 fe80 20e cff fe01...

Страница 1426: ...Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ipv6 pim sparse mode rp hash IPv6 group addr Mode User Exec and Privileged Exec Example awplus show ipv6 pim...

Страница 1427: ...mmand output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ipv6 pim sparse mode rp mapping Mode User Exec and Privileged Exec Example awplus show ip...

Страница 1428: ...o display next hop RP information entered in the form X X X X awplus show ipv6 pim sparse mode rp nexthop 3ffe 10 10 5 153 Flags N New R RP S Source U Unreachable Destination Type Nexthop Nexthop Next...

Страница 1429: ...PIM SMV6 COMMANDS SHOW IPV6 PIM SPARSE MODE RP NEXTHOP Metric The metric of the route towards the destination Preference The preference of the route towards destination Refcnt Only used for debugging...

Страница 1430: ...7 1 x PIM SMV6 COMMANDS UNDEBUG ALL IPV6 PIM SPARSE MODE undebug all ipv6 pim sparse mode Overview Use this command to disable all PIM SMv6 debugging Syntax undebug all ipv6 pim sparse mode Mode Priv...

Страница 1431: ...bug ipv6 pim sparse mode all awplus configure terminal awplus config terminal monitor awplus config undebug ipv6 pim sparse mode events awplus configure terminal awplus config terminal monitor awplus...

Страница 1432: ...sparse mode PIM SMv6 debugging status PIM event debugging is off PIM MFC debugging is off PIM state debugging is off PIM packet debugging is off PIM Hello HT timer debugging is off PIM Hello NLT timer...

Страница 1433: ...ebug pim dense mode fsm on page 1439 debug pim dense mode mrt on page 1440 debug pim dense mode nexthop on page 1441 debug pim dense mode nsm on page 1442 debug pim dense mode vif on page 1443 ip pim...

Страница 1434: ...4 7 1 x PIM DM COMMANDS show ip pim dense mode interface detail on page 1457 show ip pim dense mode mroute on page 1458 show ip pim dense mode neighbor on page 1459 show ip pim dense mode neighbor de...

Страница 1435: ...wplus configure terminal awplus config debug pim dense mode all Output Figure 35 1 Example output from the debug pim dense mode all command Validation Commands show debugging pim dense mode Related Co...

Страница 1436: ...command disables debugging of general configuration context Syntax debug pim dense mode context no debug pim dense mode context Mode Privileged Exec and Global Configuration Example awplus configure...

Страница 1437: ...command disables debugging of the PIM DM message decoder Syntax debug pim dense mode decode no debug pim dense mode decode Mode Privileged Exec and Global Configuration Example awplus configure termi...

Страница 1438: ...command disables debugging of the PIM DM message encoder Syntax debug pim dense mode encode no debug pim dense mode encode Mode Privileged Exec and Global Configuration Example awplus configure termi...

Страница 1439: ...command disables debugging of Finite State Machine FSM specific information of all Multicast Routing Table MRT and MRT Virtual Multicast Interface MRT VIF entries Syntax debug pim dense mode fsm no d...

Страница 1440: ...no variant of this command disables debugging of MRT and MRT VIF entry handling Syntax debug pim dense mode mrt no debug pim dense mode mrt Mode Privileged Exec and Global Configuration Example awplu...

Страница 1441: ...command disables debugging of Reverse Path Forwarding RPF neighbor next hop cache handling Syntax debug pim dense mode nexthop no debug pim dense mode nexthop Mode Privileged Exec and Global Configur...

Страница 1442: ...command disables debugging of PIM DM interface with NSM Syntax debug pim dense mode nsm no debug pim dense mode nsm Mode Privileged Exec and Global Configuration Example awplus configure terminal awp...

Страница 1443: ...command disables debugging of VIF handling Syntax debug pim dense mode vif no debug pim dense mode vif Mode Privileged Exec and Global Configuration Example awplus configure terminal awplus config de...

Страница 1444: ...on the current VLAN interface This command also disables passive mode on the VLAN interface if passive mode has been enabled using an ip pim dense mode passive command The no variant of this command d...

Страница 1445: ...sive no ip pim dense mode passive Mode Interface Configuration for a VLAN interface Usage Configuring a VLAN interface as a passive PIM DM interface indicates that the VLAN interface is connected to a...

Страница 1446: ...nected Syntax ip pim ext srcs directly connected no ip pim ext srcs directly connected Default The no variant of this command is the default behavior Mode Interface Configuration for a VLAN interface...

Страница 1447: ...is less than the current hello interval Eachtimethehello intervalisupdated the hello holdtimeisalso updated according to the following rules If the hello holdtime is not configured or if the hello hol...

Страница 1448: ...figured or when the configured hello holdtime value is less than the new hello interval value the hello holdtime value is modified to 3 5 times the hello interval value Otherwise the hello holdtime va...

Страница 1449: ...atency when a previously pruned branch of the source tree must be grafted back when a member joins the group after the PIM DM device has sent a Prune message to prune unwanted traffic Graft messages a...

Страница 1450: ...FT RETRIES To configure PIM DM on the VLAN interface vlan2 to send Graft message retries forever which is the default behavior use the following commands awplus configure terminal awplus config interf...

Страница 1451: ...bor or terminate adjacency with the existing neighbors if denied by the filtering access list Use the no variant of this command to disable this function Syntax ip pim neighbor filter number accesslis...

Страница 1452: ...ariant of this command to return the propagation delay to the default 1000 milliseconds Syntax ip pim propagation delay delay no ip pim propagation delay Default The propagation delay is set to 1000 m...

Страница 1453: ...o variant of this command to return the origination interval to the default Syntax ip pim state refresh origination interval interval no ip pim state refresh origination interval Default The state ref...

Страница 1454: ...t see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show debugging pim dense mode Mode User Exec and Privileged Exec Output Figure 35 2 Example output from t...

Страница 1455: ...otal configured interfaces 24 Maximum allowed 32 Total active interfaces 22 Address Interface VIFIndex Ver Nbr Mode Count 192 168 1 53 24 vlan2 0 v2 D 2 192 168 2 1 vlan3 2 v2 D 0 Note that this scree...

Страница 1456: ...Rev B Command Reference for x510 Series 1456 AlliedWare Plus Operating System Version 5 4 7 1 x PIM DM COMMANDS SHOW IP PIM DENSE MODE INTERFACE Related Commands ip pim dense mode show ip pim dense m...

Страница 1457: ...Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip pim dense mode interface detail Mode User Exec and Privileged Exec Example awplus show ip pim dense mode i...

Страница 1458: ...etting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip pim dense mode mroute Mode User Exec and Privileged Exec Example awplus show ip pim dense mode mroute Output...

Страница 1459: ...ghbors is restricted to 500 PIM DM neighbors When the 500 PIM DM neighbor limit is reached as a result of receiving hello packets from new PIM DM neighbors a log entry will be issued to the log file i...

Страница 1460: ...n on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show ip pim dense mode neighbor detail Mode User Exec and Privileg...

Страница 1461: ...e nexthop Mode User Exec and Privileged Exec Example awplus show ip pim dense mode nexthop Output Figure 35 7 Example output from the show ip pim dense mode neighbor nexthop command Destination Nextho...

Страница 1462: ...ion mode to disable all PIM DM debugging Syntax undebug all pim dense mode Mode Global Configuration Example awplus configure terminal awplus config undebug all pim dense mode Related Commands debug p...

Страница 1463: ...C613 50170 01 Rev B Command Reference for x510 Series 1463 AlliedWare Plus Operating System Version 5 4 7 1 x Part 5 Access and Security...

Страница 1464: ...he command title ends with words in parentheses these words indicate usage instead of keywords to enter into the CLI For example the title access list numbered hardware ACL for ICMP indicates that the...

Страница 1465: ...us access list numbered hardware ACL for IP packets Global Configuration awplus config access list numbered hardware ACL for ICMP Global Configuration awplus config access list numbered hardware ACL f...

Страница 1466: ...n page 1480 access list numbered hardware ACL for TCP or UDP on page 1483 access list hardware named hardware ACL on page 1487 named hardware ACL ICMP entry on page 1489 named hardware ACL IP packet e...

Страница 1467: ...a filter is permitted Usage FirstcreateanIPaccess listthatappliestheappropriatepermit denyrequirements with the access list numbered hardware ACL for IP packets command the access list numbered hardw...

Страница 1468: ...w acl to switch port interface port1 0 2 enter the following commands awplus configure terminal awplus config interface port1 0 2 awplus config if access group hw acl To apply an ACL to static channel...

Страница 1469: ...specified access list Syntax access list 3000 3699 action icmp source ip dest ip icmp type number vlan 1 4094 no access list 3000 3699 Parameter Description 3000 3699 An ID number for this hardware IP...

Страница 1470: ...0 255 is the same as entering 192 168 1 1 24 dest ip The destination addresses to match against You can specify a single host a subnet or all destination addresses The following are the valid formats...

Страница 1471: ...them to the CPU the mirror port or a specific VLAN on a specific port Use such ACLs with caution They could prevent control packets from reaching the correct destination such as EPSR healthcheck messa...

Страница 1472: ...Operating System Version 5 4 7 1 x IPV4 HARDWARE ACCESS CONTROL LIST ACL COMMANDS ACCESS LIST NUMBERED HARDWARE ACL FOR ICMP match access group show running config show access list IPv4 Hardware ACLs...

Страница 1473: ...cess list Syntax access list 3000 3699 action ip source ip dest ip vlan 1 4094 no access list 3000 3699 Table 36 2 IP and ICMP parameters in access list hardware IP numbered Parameter Description 3000...

Страница 1474: ...he specified subnet Specify the subnet by entering a reverse mask in dotted decimal format For example entering 192 168 1 1 0 0 0 255 is the same as entering 192 168 1 1 24 dest ip The destination add...

Страница 1475: ...c VLAN on a specific port Use such ACLs with caution They could prevent control packets from reaching the correct destination such as EPSR healthcheck messages and VCStack messages Hardware ACLs will...

Страница 1476: ...IP hardware access list Syntax access list 3000 3699 action proto 1 255 source ip dest ip vlan 1 4094 no access list 3000 3699 Table 36 3 Parameters in access list hardware IP numbered Parameter Desc...

Страница 1477: ...source IP address within the specified subnet Specify the subnet by entering a reverse mask in dotted decimal format For example entering 192 168 1 1 0 0 0 255 is the same as entering 192 168 1 1 24...

Страница 1478: ...monitoring RFC869 27 RDP Reliable Data Protocol RFC908 28 IRTP Internet Reliable Transaction Protocol RFC938 29 ISO TP4 ISO Transport Protocol Class 4 RFC905 30 Bulk Data Transfer Protocol RFC969 33...

Страница 1479: ...nt control packets from reaching the correct destination such as EPSR healthcheck messages and VCStack messages Hardware ACLs will permit access unless explicitly denied by an ACL action Examples To c...

Страница 1480: ...ess list Syntax access list 4000 4699 action source mac any dest mac any vlan 1 4094 inner vlan 1 4094 no access list 4000 4699 Parameter Description 4000 4699 Hardware MAC access list action The acti...

Страница 1481: ...access list that will permit packets with a source MAC address of 0000 00ab 1234 and any destination address use the commands awplus configure terminal awplus config access list 4000 permit 0000 00ab...

Страница 1482: ...access list that will send a copy of packets to the mirror port if their source MAC address starts with 0000 00ab use the commands awplus configure terminal awplus config access list 4001 copy to mirr...

Страница 1483: ...re access list Syntax access list 3000 3699 action tcp udp source ip source ports dest ip dest ports vlan 1 4094 no access list 3000 3699 Parameter Description 3000 3699 An ID number for this hardware...

Страница 1484: ...1 0 0 0 255 is the same as entering 192 168 1 1 24 source ports Match source TCP or UDP port numbers Port numbers are specified as integers between 0 and 65535 You can specify one or more port number...

Страница 1485: ...ss unless explicitly denied by an ACL action Examples To create an access list that will permit TCP packets with a destination address of 192 168 1 1 a destination port of 80 and any source address an...

Страница 1486: ...hey have a destination addressof 192 168 1 1 adestinationport of80 and anysourceaddress and source port enter the commands awplus configure terminal awplus config access list 3000 copy to mirror tcp a...

Страница 1487: ...IPv4 Hardware ACL Configuration mode If the named hardware ACL does not exist it will be created after entry If the named hardware ACL already exists then this command puts you into IPv4 Hardware ACL...

Страница 1488: ...5 4 7 1 x IPV4 HARDWARE ACCESS CONTROL LIST ACL COMMANDS ACCESS LIST HARDWARE NAMED HARDWARE ACL Related Commands access group named hardware ACL ICMP entry named hardware ACL IP protocol entry named...

Страница 1489: ...itssequencenumber e g nopermiticmp192 168 1 0 24any icmp type 11 You can find the sequence number by running the show access list IPv4 Hardware ACLs command Hardware ACLs will permit access unless exp...

Страница 1490: ...urce host with the IP address given by ip addr in dotted decimal notation ip addr prefix Match any source IP address within the specified subnet Specify the subnet by entering the IPv4 address then a...

Страница 1491: ...st by specifying the appropriate sequence number If you do not specify a sequence number the switch puts the entry at the end of the ACL and assigns it the next available multiple of 10 as its sequenc...

Страница 1492: ...ages Examples To add an access list filter entry with a sequence number of 100 to the access list named my list that will permit ICMP packets with a source address of 192 168 1 0 24 any destination ad...

Страница 1493: ...sequence number e g no deny ip 192 168 0 0 16 any You can find the sequence number by running the show access list IPv4 Hardware ACLs command Hardware ACLs will permit access unless explicitly denied...

Страница 1494: ...ding database host ip addr Match a single source host with the IP address given by ip addr in dotted decimal notation ip addr prefix Match any source IP address within the specified subnet Specify the...

Страница 1495: ...ainst any source MAC address source mac The source MAC address to match against followed by the mask Enter the address in the format HHHH HHHH HHHH where each H is a hexadecimal number Enter the mask...

Страница 1496: ...a specific port Use such ACLs with caution They could prevent control packets from reaching the correct destination such as EPSR healthcheck messages and VCStack messages Examples To add a filter ent...

Страница 1497: ...mber e g no deny proto 2 192 168 0 0 16 any You can find the sequence number by running the show access list IPv4 Hardware ACLs command Hardware ACLs will permit access unless explicitly denied by an...

Страница 1498: ...are the valid formats for specifying the source any Match any source IP address dhcpsnooping Match the source address learned from the DHCP Snooping binding database host ip addr Match a single source...

Страница 1499: ...ddress to match against followed by the mask Enter the address in the format HHHH HHHH HHHH where each H is a hexadecimal number Enter the mask in the format HHHH HHHH HHHH where each H is a hexadecim...

Страница 1500: ...ring RFC869 27 RDP Reliable Data Protocol RFC908 28 IRTP Internet Reliable Transaction Protocol RFC938 29 ISO TP4 ISO Transport Protocol Class 4 RFC905 30 Bulk Data Transfer Protocol RFC969 33 DCCP Da...

Страница 1501: ...e multiple of 10 as its sequence number Then use the access group or the match access group command to apply this ACL to a port VLAN or QoS class map Note that the ACL will only apply to incoming data...

Страница 1502: ...us Operating System Version 5 4 7 1 x IPV4 HARDWARE ACCESS CONTROL LIST ACL COMMANDS NAMED HARDWARE ACL IP PROTOCOL ENTRY match access group show running config show access list IPv4 Hardware ACLs Com...

Страница 1503: ...its filter profile without specifying its sequence number e g no permit mac aaaa bbbb cccc 0000 0000 0000 any You can find the sequence number by running the show access list IPv4 Hardware ACLs comma...

Страница 1504: ...that the ACL will only apply to incoming data packets send to vlan port vlan vid port port number Send matching packets to the specified port tagged with the specified VLAN The specified port must bel...

Страница 1505: ...packets with a source MAC address of 0000 00ab 1234 and any destination MAC address use the commands awplus configure terminal awplus config access list hardware my list awplus config ip hw acl permi...

Страница 1506: ...pecifying its sequence number e g no permit udp 192 168 0 0 16 any You can find the sequence number by running the show access list IPv4 Hardware ACLs command Hardware ACLs will permit access unless e...

Страница 1507: ...ip addr Match a single source host with the IP address given by ip addr in dotted decimal notation ip addr prefix Match any source IP address within the specified subnet Specify the subnet by enterin...

Страница 1508: ...y destination IP address host ip addr Match a single destination host with the IP address given by ip addr in dotted decimal notation ip addr prefix Match any destination IP address within the specifi...

Страница 1509: ...ckets You can use ACLs to redirect packets by sending them to the CPU the mirror port or a specific VLAN on a specific port Use such ACLs with caution They could prevent control packets from reaching...

Страница 1510: ...ACL is not written to hardware until you exit IPv4 Hardware ACL Configuration mode By entering this command you can ensure that the current state of a hardware access list that is being edited is writ...

Страница 1511: ...show access list To show the access list with an ID of 20 awplus show access list 20 Parameter Description 1 99 IP standard access list 100 199 IP extended access list 1300 1999 IP standard access li...

Страница 1512: ...ONTROL LIST ACL COMMANDS SHOW ACCESS LIST IPV4 HARDWARE ACLS The following error message is displayed if you try to show an undefined access list awplus show access list 2 Related Commands access list...

Страница 1513: ...t access group 3000 3699 4000 4699 Mode User Exec and Privileged Exec Example To show all access lists attached to port1 0 1 use the command awplus show interface port1 0 1 access group Output Figure...

Страница 1514: ...lf For more information on link aggregation see the following references the Link Aggregation Feature Overview_and Configuration Guide Link Aggregation Commands NOTE Text in parenthesis in command nam...

Страница 1515: ...ivileged Exec awplus access group Global Configuration awplus config access list extended named Global Configuration awplus config access list extended numbered Global Configuration awplus config acce...

Страница 1516: ...ESS CONTROL LIST ACL COMMANDS clear ip prefix list on page 1547 dos on page 1548 ip prefix list on page 1551 maximum access list on page 1553 show access list IPv4 Software ACLs on page 1554 show dos...

Страница 1517: ...list extended list name no access list extended list name Syntax icmp access list extended list name deny permit icmp source destination icmp type type number log no access list extended list name de...

Страница 1518: ...enter a reverse mask in dotted decimal format For example entering 192 168 1 1 0 0 0 255 is the same as entering 192 168 1 1 24 destination The destination address of the packets You can specify a si...

Страница 1519: ...Echo replies 3 Destination unreachable messages 4 Source quench messages 5 Redirect change route messages 8 Echo requests 11 Time exceeded messages 12 Parameter problem messages 13 Timestamp requests...

Страница 1520: ...all destinations The following are the valid formats for specifying the destination any Matches any destination IP address host ip addr Matches a single destination host with the IP address given by...

Страница 1521: ...jects packets that match the type source and destination filtering specified with this command permit The access list permits packets that match the type source and destination filtering specified wit...

Страница 1522: ...rmat For example entering 192 168 1 1 0 0 0 255 is the same as entering 192 168 1 1 24 log Logs the results ip protocol The IP protocol number as defined by IANA Internet Assigned Numbers Authority ww...

Страница 1523: ...gram Congestion Control Protocol RFC4340 48 DSR Dynamic Source Routing Protocol RFC4728 50 ESP Encap Security Payload RFC2406 51 AH Authentication Header RFC2402 54 NARP NBMA Address Resolution Protoc...

Страница 1524: ...ware ACLs will deny access unless explicitly permitted by an ACL action Examples You can enter the extended named ACL in the Global Configuration mode together with the ACL filter entry on the same li...

Страница 1525: ...nation no access list 100 199 2000 2699 deny permit ip source destination Parameter Description 100 199 IP extended access list 2000 2699 IP extended access list expanded range Parameter Description 1...

Страница 1526: ...rmitted by an ACL action Examples You can enter the extended ACL in the Global Configuration mode together with the ACL filter entry on the same line as shown below awplus configure terminal awplus co...

Страница 1527: ...ermit icmp source destination icmp type icmp value log no sequence number Parameter Description sequence number 1 65535 The sequence number for the filter entry of the selected access control list den...

Страница 1528: ...red command or the access list extended named command with the required access control list number or name but with no further parameters selected Software ACLs will deny access unless explicitly perm...

Страница 1529: ...found by running theshowaccess list IPv4 Software ACLs command Syntax ip sequence number deny permit ip source destination no deny permit ip source destination no sequence number Parameter Description...

Страница 1530: ...e following commands to enter the IPv4 Extended ACL Configuration mode and define a numbered extended access list 101 awplus configure terminal awplus config access list 101 awplus config ip ext acl T...

Страница 1531: ...st 10 0 0 1 host 192 168 1 1 awplus config ip ext acl 20 permit ip any any Example 3 list number Use the following commands to remove the access list filter entry with sequence number 20 from extended...

Страница 1532: ...s command Syntax proto sequence number deny permit proto ip protocol source destination log no deny permit proto ip protocol source destination log no sequence number Parameter Description sequence nu...

Страница 1533: ...escription RFC 1 Internet Control Message RFC792 2 Internet Group Management RFC1112 3 Gateway to Gateway RFC823 4 IP in IP RFC2003 5 Stream RFC1190 RFC1819 6 TCP Transmission Control Protocol RFC793...

Страница 1534: ...elected Software ACLs will deny access unless explicitly permitted by an ACL action Example 1 creating a list Use the following commands to add a new access list filter entry to the access list named...

Страница 1535: ...OL FILTER Example 2 adding to a list Use the following commands to add a new access list filter entry at sequence position 5 in the access list named my list that will accept packets from source addre...

Страница 1536: ...rt lt sourceport gt sourceport ne sourceport destination eq destport lt destport gt destport ne destport log no sequence number deny permit tcp udp source eq sourceport lt sourceport gt sourceport ne...

Страница 1537: ...creating a list To add a new entry to the access list named my list that will reject TCP packets from 10 0 0 1on TCP port 10 to 192 168 1 1 on TCP port 20 use the commands awplus configure terminal aw...

Страница 1538: ...ED TCP UDP FILTER Example 2 adding to a list To insert a new entry with sequence number 5 of the access list named my list that will accept UDP packets from 10 1 1 0 24 network to 192 168 1 0 24 netwo...

Страница 1539: ...ermit access list standard standard access list name deny permit source no access list standard standard access list name deny permit source Mode Global Configuration Default Any traffic controlled by...

Страница 1540: ...you can configure your access lists by using the command access list standard named filter NOTE Software ACLs will deny access unless explicitly permitted by an ACL action Examples To define a standar...

Страница 1541: ...99 deny permit source no access list 1 99 1300 1999 deny permit source Mode Global Configuration Default Any traffic controlled by a software ACL that does not explicitly match a filter is denied Usag...

Страница 1542: ...access list standard numbered filter NOTE Software ACLs will deny access unless explicitly permitted by an ACL action Examples To create ACL number 67 that will deny packets from subnet 172 16 10 use...

Страница 1543: ...equence numbercanbefound by running theshowaccess list IPv4 Software ACLs command Syntax sequence number deny permit source exact match any no deny permit source exact match any no sequence number Mod...

Страница 1544: ...he access list standard named command with the required access control list name but with no further parameters selected Software ACLs will deny access unless explicitly permitted by an ACL action Exa...

Страница 1545: ...nce numbercanbefound by running theshowaccess list IPv4 Software ACLs command Syntax sequence number deny permit source host host address any no deny permit source host host address any no sequence nu...

Страница 1546: ...an existing list by specifying the appropriate sequence number NOTE The access control list being configured is selected by running the access list standard numbered command with the required access...

Страница 1547: ...EFIX LIST clear ip prefix list Overview Use this command to reset the hit count to zero in the prefix list entries Syntax clear ip prefix list list name ip address mask Mode Privileged Exec Example To...

Страница 1548: ...os ipoptions land ping of death smurf broadcast ip address synflood teardrop action shutdown trap mirror Mode Interface Configuration for a switch port interface Default DoS attack detection is not co...

Страница 1549: ...ct normal traffic switching between ports but other protocols such as IGMP and STP may be affected This defense is not recommended where a large number of fragmented packets are expected smurf This ty...

Страница 1550: ...he interface if an attack is detected use the commands awplus configure terminal awplus config interface port1 0 1 awplus config if dos ipoptions action shutdown To configure ping of death DoS detecti...

Страница 1551: ...rated in a sequence of 5 The parameters ge and le specify the range of the prefix lengths to be matched When setting these parameters set the levalueto be less than 32 and the gevalue to be less than...

Страница 1552: ...OL LIST ACL COMMANDS IP PREFIX LIST Example To deny the IP addresses between 10 0 0 0 14 10 0 0 0 255 252 0 0 and 10 0 0 0 22 10 0 0 0 255 255 252 0 within the 10 0 0 0 8 10 0 0 0 255 0 0 0 addressing...

Страница 1553: ...e access lists within the ranges 1 199 1300 1999 and 2000 2699 and named standard and extended access lists The no variant of this command removes the limit on the number of filters that can be added...

Страница 1554: ...o show all access lists configured on the switch awplus show access list To show the access list with an ID of 20 awplus show access list 20 Parameter Description 1 99 IP standard access list 100 199...

Страница 1555: ...V4 SOFTWARE ACLS Note the following error message is displayed if you attempt to show an undefined access list awplus show access list 2 Related Commands access list standard named access list standar...

Страница 1556: ...1 Example output from the show dos interface command prior to a DoS attack Parameter Description port list Specify the switch port or port list to display DoS configuration options set with the dos co...

Страница 1557: ...down with the shutdown command ipoptions Displays Enabled when the ipoptions parameter is configured with thedos command plus the action Shutdown port Mirror port or Trap port and the number of insta...

Страница 1558: ...s Enabled when the synflood parameter is configured with the dos command plus the action Shutdown port Mirror port or Trap port and the number of instances of any synflood DoS attacks that have occurr...

Страница 1559: ...2000 2699 access list name Mode User Exec and Privileged Exec Example awplus show ip access list Output Figure 37 3 Example output from the show ip access list command Parameter Description 1 99 IP s...

Страница 1560: ...RIP and BGP routing protocols only Syntax show ip prefix list name detail summary Mode User Exec and Privileged Exec Example awplus show ip prefix list awplus show ip prefix list 10 10 0 98 8 awplus s...

Страница 1561: ...ld be to permit a specific address or range of addresses and rely on the deny all filter to block all other access Use the no variant of this command to remove the access list Syntax vty access class...

Страница 1562: ...a static channel group apply it to the static channel group itself For more information on link aggregation see the following references Link Aggregation Feature Overview_and Configuration Guide Link...

Страница 1563: ...le 38 1 IPv6 Hardware Access List Commands and Prompts Command Name Command Mode Prompt show ipv6 access list IPv6 Hardware ACLs Privileged Exec awplus ipv6 access list named IPv6 hardware ACL Global...

Страница 1564: ...IPv6 ACL is not written to hardware until you exit IPv6 Hardware ACL Configuration mode By entering this command you can ensure that the current state of a hardware access list that is being edited i...

Страница 1565: ...sion of IPv6 packets on an interface and restrict the content of routing updates The switch stops checking the IPv6 hardware named access list when a match is encountered This command moves you to the...

Страница 1566: ...4 7 1 x IPV6 HARDWARE ACCESS CONTROL LIST ACL COMMANDS IPV6 ACCESS LIST NAMED IPV6 HARDWARE ACL named IPv6 hardware ACL IPv6 packet entry named IPv6 hardware ACL IP protocol entry named IPv6 hardware...

Страница 1567: ...ou can find the sequence number by running the show ipv6 access list IPv6 Hardware ACLs command Hardware ACLs will permit access unless explicitly denied by an ACL action Syntax sequence number action...

Страница 1568: ...lly set between 0 and 64 ipv6 src address ipv6 src wildcard Match the specified IPv6 source address masked using wildcard bits The IPv6 address uses the format X X X X In the wildcard bits 1 represent...

Страница 1569: ...tion If you do not specify a sequence number the switch puts the entry at the end of the ACL and assigns it the next available multiple of 10 as its sequence number Once you have configured the ACL us...

Страница 1570: ...inal awplus config ipv6 access list my acl awplus config ipv6 hw acl no deny icmp 2001 0db8 0 64 any To specify anACL named my acl1 and add a filter entry that blocks all ICMP6echo requests enter the...

Страница 1571: ...y ipv6 2001 0db8 0 64 any You can find the sequence number by running the show ipv6 access list IPv6 Hardware ACLs command Hardware ACLs will permit access unless explicitly denied by an ACL action Sy...

Страница 1572: ...sually set between 0 and 64 ipv6 src address ipv6 src wildcard Match the specified IPv6 source address masked using wildcard bits The IPv6 address uses the format X X X X In the wildcard bits 1 repres...

Страница 1573: ...you have configured the ACL use the ipv6 traffic filter or the match access group command to apply this ACL to a port VLAN or QoS class map Note that the ACL will only apply to incoming data packets...

Страница 1574: ...1 x IPV6 HARDWARE ACCESS CONTROL LIST ACL COMMANDS NAMED IPV6 HARDWARE ACL IPV6 PACKET ENTRY Related Commands ipv6 access list named IPv6 hardware ACL ipv6 traffic filter match access group show ipv6...

Страница 1575: ...u can find the sequence number by running the show ipv6 access list IPv6 Hardware ACLs command Hardware ACLs will permit access unless explicitly denied by an ACL action Syntax sequence number action...

Страница 1576: ...y source host ipv6 src address prefix length Match the specified source address and prefix length The IPv6 address prefix uses the format X X prefix length The prefix length is usually set between 0 a...

Страница 1577: ...ol number and description Protocol Number Protocol Description RFC 1 Internet Control Message RFC792 2 Internet Group Management RFC1112 3 Gateway to Gateway RFC823 4 IP in IP RFC2003 5 Stream RFC1190...

Страница 1578: ...witch puts the entry at the end of the ACL and assigns it the next available multiple of 10 as its sequence number Once you have configured the ACL use the ipv6 traffic filter or the match access grou...

Страница 1579: ...add a filter entry to the ACL named my acl to deny IGMP packets from 2001 0db8 0 64 use the commands awplus configure terminal awplus config ipv6 access list my acl awplus config ipv6 hw acl deny pro...

Страница 1580: ...Hardware ACLs command Hardware ACLs will permit access unless explicitly denied by an ACL action Syntax sequence number action tcp udp source addr source ports dest addr dest ports vlan 1 4094 no seq...

Страница 1581: ...et Specify the subnet by entering the IPv4 address then a forward slash then the prefix length ip addr reverse mask Match any source IP address within the specified subnet Specify the subnet by enteri...

Страница 1582: ...iple of 10 as its sequence number host ip addr Match a single destination host with the IP address given by ip addr in dotted decimal notation ip addr prefix Match any destination IP address within th...

Страница 1583: ...hardware IPv6 access list named my acl use the commands awplus configure terminal awplus config ipv6 access list my acl awplus config ipv6 hw acl deny tcp 2001 0db8 0 64 any eq 22 To add a filter entr...

Страница 1584: ...e number of access lists that can be added is determined by the amount of available space in the hardware based packet classification tables To apply the access list to all ports on the switch execute...

Страница 1585: ...ing System Version 5 4 7 1 x IPV6 HARDWARE ACCESS CONTROL LIST ACL COMMANDS IPV6 TRAFFIC FILTER named IPv6 hardware ACL IPv6 packet entry named IPv6 hardware ACL IP protocol entry named IPv6 hardware...

Страница 1586: ...show ipv6 access list name Mode User Exec and Privileged Exec Example To show all configured IPv6 access lists use the command awplus show ipv6 access list Output Figure 38 1 Example output from the s...

Страница 1587: ...more information on link aggregation see the following references the Link Aggregation Feature Overview_and_Configuration Guide Link Aggregation Commands Note that text in parenthesis in command names...

Страница 1588: ...ccess list IPv6 Software ACLs on page 1607 show ipv6 prefix list on page 1609 vty ipv6 access class named on page 1610 Table 39 1 IPv6 Software Access List Commands and Prompts Command Name Command Mo...

Страница 1589: ...s prefix length any ipv6 destination address prefix length any icmp type icmp type log Syntax tcp udp ipv6 access list extended list name deny permit tcp udp ipv6 source address prefix length any eq s...

Страница 1590: ...stination address prefix length Specifies a destination address and prefix length The IPv6 address uses the format X X X X Prefix Length The prefix length is usually set between 0 and 64 any Matches a...

Страница 1591: ...ss list extended followed by only the IPv6 extended access list name This latter and preferred method moves you to the config ipv6 ext acl prompt for the selected IPv6 extended access list number and...

Страница 1592: ...insert a new filter at sequence number 5 of the access list named my listthat will accept ICMP type 8 packets from the 2001 0db8 0 64 network to the 2001 0db8 f 64 network use the commands awplus con...

Страница 1593: ...user defined name for the IPv6 software extended access list deny Specifies the packets to reject permit Specifies the packets to accept proto The IP Protocol type specified by its protocol number in...

Страница 1594: ...ta Transfer Protocol RFC969 33 DCCP Datagram Congestion Control Protocol RFC4340 48 DSR Dynamic Source Routing Protocol RFC4728 50 ESP Encap Security Payload RFC2406 51 AH Authentication Header RFC240...

Страница 1595: ...CLs will deny access unless explicitly permitted by an ACL action Examples To create the IPv6 access list named ACL 1 to deny IP protocol 9 packets from 2001 0db8 1 1 128 to 2001 0db8 f 1 128 use the...

Страница 1596: ...p any proto ip protocol ipv6 source address prefix any ipv6 destination address prefix any log no deny permit ip any proto ip protocol ipv6 source address prefix any ipv6 destination address prefix an...

Страница 1597: ...nitoring RFC869 27 RDP Reliable Data Protocol RFC908 28 IRTP Internet Reliable Transaction Protocol RFC938 29 ISO TP4 ISO Transport Protocol Class 4 RFC905 30 Bulk Data Transfer Protocol RFC969 33 DCC...

Страница 1598: ...access list named my list with sequence number 5 rejecting the IPv6 packet from 2001 db8 1 1 to 2001 db8 f 1 use the commands awplus configure terminal awplus config ipv6 access list extended my list...

Страница 1599: ...moval by entering either its sequence number or its filter entry profile Syntax tcp udp sequence number deny permit tcp udp ipv6 source address prefix any eq sourceport lt sourceport gt sourceport ne...

Страница 1600: ...ss list extended my list awplus config ipv6 ext acl 5 deny tcp 2001 0db8 0 64 eq 10 2001 0db8 f 64 eq 20 To add a new filter entry with sequence number 5 to the extended IPv6 access list named my list...

Страница 1601: ...ed by a software ACL that does not explicitly match a filter is denied Usage Use IPv6 standard access lists to control the transmission of IPv6 packets on an interface and restrict the content of rout...

Страница 1602: ...and preferred method moves you to the config ipv6 std acl prompt for the selected IPv6 standard access list and from here you can configure the filters for this selected IPv6 standard access list NOTE...

Страница 1603: ...ipv6 source address prefix length any no sequence number Mode IPv6 Standard ACL Configuration Default Any traffic controlled by a software ACL that does not explicitly match a filter is denied Usage...

Страница 1604: ...ed my list enter the commands awplus configure terminal awplus config ipv6 access list standard my list awplus config ipv6 std acl no deny any Alternately to remove the ACL filter entry with sequence...

Страница 1605: ...The parameters ge and le specify the range of the prefix lengths to be matched The parameters ge and le are only used if an ip prefix is stated When setting these parameters set the le value to be le...

Страница 1606: ...Example To check the first 32 bits of the prefix 2001 db8 and the subnet mask must be greater than or equal to 34 and less than or equal to 40 enter the following commands awplus configure terminal a...

Страница 1607: ...w all configured IPv6 access lists use the following command awplus show ipv6 access list Output Figure 39 1 Example output from show ipv6 access list Example To show the IPv6 access list named deny_i...

Страница 1608: ...5 4 7 1 x IPV6 SOFTWARE ACCESS CONTROL LIST ACL COMMANDS SHOW IPV6 ACCESS LIST IPV6 SOFTWARE ACLS Related Commands ipv6 access list extended named ipv6 access list extended IP protocol filter ipv6 ac...

Страница 1609: ...and BGP4 routing protocols only Syntax show ipv6 prefix list name detail summary Mode User Exec and Privileged Exec Example awplus show ipv6 prefix list awplus show ipv6 prefix list 10 10 0 98 8 awpl...

Страница 1610: ...ddress or range of addresses and rely on the deny all filter to block all other access Use the no variant of this command to remove the access list Syntax vty ipv6 access class access name no vty ipv6...

Страница 1611: ...class map on page 1614 clear mls qos interface policer counters on page 1615 default action on page 1616 description QoS policy map on page 1617 egress rate limit on page 1618 match access group on p...

Страница 1612: ...s qos on page 1653 show mls qos interface on page 1654 show mls qos interface policer counters on page 1657 show mls qos interface queue counters on page 1659 show mls qos interface storm status on pa...

Страница 1613: ...ss map If your class map does not exist you can create it by using the class map command Syntax class name default no class name Mode Policy Map Configuration Example The following example creates the...

Страница 1614: ...and to create a class map Use the no variant of this command to delete the named class map Syntax class map name no class map name Mode Global Configuration Example This example creates a class map ca...

Страница 1615: ...ps by not specifying a class map Syntax clear mls qos interface port policer counters class map class map Mode Privileged Exec Example To reset the policy counters to zero for all class maps for port1...

Страница 1616: ...lt action of permit Syntax default action permit deny send to cpu copy to cpu copy to mirror send to mirror no default action Default The default is permit Mode Policy Map Configuration Examples To se...

Страница 1617: ...l description of the policy map This can be up to 80 characters long Use the no variant of this command to remove the current description from the policy map Syntax description line no description Mod...

Страница 1618: ...awplus config if egress rate limit 64k Egress rate limit has been set to 64 Kb Parameter Description rate limit Bandwidth 1 10000000 units per second usable units k m g The egress rate limit can be c...

Страница 1619: ...ate limit 5m max burst size 200k When maximum burst size is 200KB a burst of up to approximately 200KB can be sent at line rate 100 or 1000Mbps if there are packets in the queues to send If traffic is...

Страница 1620: ...ming data packets Examples To configure a class map named cmap1 which matches traffic against access list 3001 which allows IP traffic from any source to any destination use the commands awplus config...

Страница 1621: ...g ip hw acl permit ip any any awplus config class map cmap3 awplus config cmap match access group hw_acl To apply ACL 3001 to VLAN 48 where the ACL drops IP traffic from any source to any destination...

Страница 1622: ...variant of this command to remove CoS Syntax match cos 0 7 no match cos Mode Class Map Configuration Examples To set the class map s CoS to 4 use the commands awplus configure terminal awplus config c...

Страница 1623: ...ion Usage Use the match dscp command to define the match criterion after creating a class map Examples To configure a class map named cmap1 with criterion that matches DSCP 56 use the commands awplus...

Страница 1624: ...enter the parameter name ethii untagged EthII Untagged Packets enter the parameter name ethii any EthII Tagged or Untagged Packets enter the parameter name netwareraw tagged Netware Raw Tagged Packet...

Страница 1625: ...ber 0807 enter the parameter name or its number banyan systems Protocol Number 0BAD enter the parameter name or its number bbn simnet Protocol Number 5208 enter the parameter name or its number dec mo...

Страница 1626: ...ss map cmap1 awplus config cmap no match eth format protocol appletalk Protocol Number 809B enter the parameter name or its number ibm sna Protocol Number 80D5 enter the parameter name or its number a...

Страница 1627: ...to remove CoS Syntax match inner cos 0 7 no match inner cos Mode Class Map Configuration Examples To set the class map s inner cos to 4 use the commands awplus configure terminal awplus config class...

Страница 1628: ...d in double tagged networks to match on a VLAN ID belonging to the client network For more information on VLAN double tagged networks see the VLAN Feature Overview and Configuration Guide Examples To...

Страница 1629: ...Use the no variant of this command to remove IP precedence values from a class map Syntax match ip precedence 0 7 no match ip precedence Mode Class Map Configuration Example To configure a class map n...

Страница 1630: ...cast l2mcast l2ucast no match mac type Mode Class Map Configuration Examples To set the class map s MAC type to Layer 2 multicast use the commands awplus configure terminal awplus config class map cma...

Страница 1631: ...yntax match tcp flags ack fin psh rst syn urg no match tcp flags ack fin psh rst syn urg Mode Class Map Configuration Examples To set the class map s TCP flags to ack and syn use the commands awplus c...

Страница 1632: ...ria Syntax match vlan 1 4094 no match vlan Mode Class Map Configuration Examples To configure a class map named cmap1 to include traffic from VLAN 3 use the commands awplus configure terminal awplus c...

Страница 1633: ...nterface to the default CoS setting for untagged frames entering the interface Syntax mls qos cos 0 7 no mls qos cos Default By default all untagged frames are assigned a CoS value of 0 Note that for...

Страница 1634: ...of this command to globally disable QoS and remove all QoS configuration The no variant of this command removes all class maps policy maps and policers that have been created Running the no mls qos co...

Страница 1635: ...setting The default mappings for this command are Syntax mls qos map cos queue cos priority to queue number no mls qos map cos queue Mode Global Configuration Examples To map CoS 2 to queue 0 use the...

Страница 1636: ...p command set this command mls qos map premark dscp enables you to make the following changes remap the DSCP leaving the other settings unchanged remap any or all of CoS outputqueue or bandwidth class...

Страница 1637: ...use a new DSCP of 2 a new CoS of 3 and a new bandwidth class of yellow use the command awplus configure terminal awplus config mls qos map premark dscp 1 to new dscp 2 new cos 3 new bandwidth class y...

Страница 1638: ...nfigured on the class map Syntax no police Mode Policy Map Class Configuration Usage This command disables any policer previously configured on the class map Example To disable policing on a class map...

Страница 1639: ...does not only apply to red traffic If a remark map is configured on the same class map as the policer then the remark map will apply to green colored and yellow colored traffic irrespectiveof the val...

Страница 1640: ...ction of the remark map applied to it and is then transmitted Example To configure a single rate meter measuring traffic of 10 Mbps that drops a sustained burst of traffic over this rate use the comma...

Страница 1641: ...ckets classed as red will be discarded Parameter Description cir Specify the Committed Information Rate CIR 1 40000000 kbps pir Specify the Peak Information Rate PIR 1 40000000 kbps cbs Specify the Co...

Страница 1642: ...arameter of the policer So even if action is configured to drop red the remark map will be applied to green and yellow traffic So the action parameter only applies to red colored traffic If action is...

Страница 1643: ...y Map Configuration mode to configure the specified policy map Use the no variant of this command to delete an existing policy map Syntax policy map name no policy map name Mode Global Configuration E...

Страница 1644: ...You can then use the priority queue command to reset the selected queues to priority queuing Note that the emptying sequence for priority queuing is always highest queue number to lowest queue number...

Страница 1645: ...s Syntax remark map bandwidth class green yellow red to new dscp 0 63 new bandwidth class green yellow red no remark map bandwidth class green yellow red to new dscp 0 63 new bandwidth class green yel...

Страница 1646: ...configure terminal awplus config policy map pmap1 awplus config pmap class cmap1 awplus config pmap c remark map bandwidth class green to new dscp 2 To reset the DSCP for all bandwidth classes use th...

Страница 1647: ...ew cos internal external both Mode Policy Map Class Configuration Usage The default CoS to Queue mappings are shown in the following table The relationship between this command and the CoS to queue ma...

Страница 1648: ...INPUT FROM THE XISTING O3 VALUE 7ITH THE REMARK NEW COS COMMAND SET TO INTERNAL OR BOTH THE QUEUE MAPPING TAKES ITS INPUT FROM THE VALUE SET BY THE COMMAND REMARK NEW COS OTE THAT ALTHOUGH THE O3 TO 1...

Страница 1649: ...terface association Syntax service policy input policy map no service policy input policy map Mode Interface Configuration Usage This command can be applied to switch ports or static channel groups bu...

Страница 1650: ...is make a policy map that contains one or more class maps that match the traffic to be policy routed Then configure their next hop with this command set ip next hop The remaining traffic will be conve...

Страница 1651: ...7 1 x QOS COMMANDS SET IP NEXT HOP PBR Example To forward packets to 192 168 1 1 if they match the class map called cmap1 use the commands awplus configure terminal awplus config policy map pmap1 awp...

Страница 1652: ...or classifying traffic Syntax show class map class map name Mode User Exec and Privileged Exec Example To display a QoS class map s match criteria for classifying traffic use the command awplus show c...

Страница 1653: ...erview Use this command to display whether QoS is enabled or disabled on the switch Syntax show mls qos Mode User Exec and Privileged Exec Example To display whether QoS is enabled or disabled use the...

Страница 1654: ...qos interface port Mode User Exec and Privileged Exec Example To display current CoS and queue settings for interface port1 0 1 use the command awplus show mls qos interface port1 0 1 Output Figure 40...

Страница 1655: ...Queue 6 Status Enabled Scheduler Strict Priority Queue Limit 12 Egress Rate Limit 0 Kb Egress Queue 7 Status Enabled Scheduler Strict Priority Queue Limit 12 Egress Rate Limit 0 Kb Table 41 Parameters...

Страница 1656: ...INTERFACE Queue Limit The percentage of the port s buffers that have been allocated to this queue Egress Rate Limit The amount of traffic that can be transmitted via this queue per second 0 Kb means t...

Страница 1657: ...e counters are based on metering performed on the specified class map Therefore the Dropped Bytes counter is the number of bytes dropped due to metering This is different from packets dropped via a de...

Страница 1658: ...ersion 5 4 7 1 x QOS COMMANDS SHOW MLS QOS INTERFACE POLICER COUNTERS This output shows a policer configured with remarking through action remark transmit so although bytes are marked as Red none are...

Страница 1659: ...port s queue which will be a sum of all egress queues Syntax show mls qos interface port queue counters queue number Mode User Exec and Privileged Exec Example To show the counters for all queues on p...

Страница 1660: ...HOW MLS QOS INTERFACE QUEUE COUNTERS Port queue length Number of frames in the port s queue This will be the sum of all egress queues on the port Egress Queue length Number of frames in a specific egr...

Страница 1661: ...ode User Exec and Privileged Exec Example To see the QSP status on port1 0 1 use the command awplus show mls qos interface port1 0 1 storm status Output Figure 40 7 Example output from show mls qos in...

Страница 1662: ...current configuration of the cos queue map Syntax show mls qos maps cos queue Mode User Exec and Privileged Exec Example To display the current configuration of the cos queue map use the command awplu...

Страница 1663: ...CP CoS and or bandwidth class of a packet matching the class map based on a lookup DSCP value Syntax show mls qos maps premark dscp 0 63 Mode User Exec and Privileged Exec Example To display the prema...

Страница 1664: ...resents of the total available Syntax show platform classifier statistics utilization brief Mode Privileged Exec Example To display the platform classifier utilization statistics use the following com...

Страница 1665: ...s their associated class maps Syntax show policy map name Mode User Exec and Privileged Exec Example To display a listing of the policy maps configured on the switch use the command awplus show policy...

Страница 1666: ...action portdisable vlandisable linkdown no storm action Mode Policy Map Class Configuration Examples To apply the storm protection of vlandisable to the policy map named pmap2 and the class map named...

Страница 1667: ...0 seconds Syntax storm downtime 1 86400 no storm downtime Default 10 seconds Mode Policy Map Class Configuration Examples To re enable the port in 1 minute use the following commands awplus configure...

Страница 1668: ...riant of this command disables Policy Based Storm Protection Syntax storm protection no storm protection Default By default storm protection is disabled Mode Policy Map Class Configuration Examples To...

Страница 1669: ...e Default No default Mode Policy Map Class Configuration Usage This setting is made in conjunction with the storm window command Examples To limit the data rate to 100Mbps use the following commands a...

Страница 1670: ...efault Mode Policy Map Class Configuration Usage This command should be set in conjunction with the storm rate command Examples To set the QSP window size to 5000 ms use the following commands awplus...

Страница 1671: ...nts of the packet existing either at ingress or applied by the class map will pass unchanged Syntax trust dscp no trust Mode Policy Map Configuration Because policy maps are applied to ports you can t...

Страница 1672: ...ble queues 0 1 2 3 4 5 6 7 no wrr queue disable queues 0 1 2 3 4 5 6 7 Mode Interface Configuration Examples To disable queue 1 from transmitting traffic use the commands awplus configure terminal awp...

Страница 1673: ...ified The minimum is 651Kb Syntax wrr queue egress rate limit bandwidth queues 0 1 2 3 4 5 6 7 no wrr queue egress rate limit bandwidth queues 0 1 2 3 4 5 6 7 Mode Interface Configuration Example To l...

Страница 1674: ...ted round robin based scheduling to static aggregated interfaces for example awplus config interface sa2 Attempting to apply weighted round robin based scheduling on aggregated interfaces will display...

Страница 1675: ...hentication on page 1678 debug dot1x on page 1679 dot1x control direction on page 1680 dot1x eap on page 1682 dot1x eapol version on page 1683 dot1x initialize interface on page 1685 dot1x initialize...

Страница 1676: ...v B Command Reference for x510 Series 1676 AlliedWare Plus Operating System Version 5 4 7 1 x 802 1X COMMANDS show dot1x supplicant on page 1709 show dot1x supplicant interface on page 1711 undebug do...

Страница 1677: ...fault list name no dot1x accounting Default The default method list is applied to an interface by default Mode Interface Mode Example To apply the named list vlan10_acct on the vlan10 interface use th...

Страница 1678: ...x authentication Default The default method list is applied to an interface by default Mode Interface Mode Example To apply the named list vlan10_auth on the vlan10 interface use the commands awplus c...

Страница 1679: ...aware that this is a very verbose output It is mostly useful to capture this as part of escalating an issue to ATI support Examples Use this command without any parameters to turn on normal 802 1X deb...

Страница 1680: ...ntax dot1x control direction in both no dot1x control direction Default The authentication port direction is set to both by default Mode Interface Configuration for a static channel a dynamic LACP cha...

Страница 1681: ...ONTROL DIRECTION To set the port direction to the default both for authentication profile student use the commands awplus configure terminal awplus config auth profile student awplus config auth profi...

Страница 1682: ...e commands awplus configure terminal awplus config dot1x eap forward To set the transmit mode of EAP packet to discard to discard EAP packets use the commands awplus configure terminal awplus config d...

Страница 1683: ...Examples To set the EAPOL protocol version to 2 for port1 0 2 use the commands awplus configure terminal awplus config interface port1 0 2 awplus config if dot1x eapol version 2 To set the EAPOL proto...

Страница 1684: ...v B Command Reference for x510 Series 1684 AlliedWare Plus Operating System Version 5 4 7 1 x 802 1X COMMANDS DOT1X EAPOL VERSION Validation Commands auth profile Global Configuration show dot1x show...

Страница 1685: ...ommand awplus dot1x initialize interface port1 0 2 To unauthorize switch port1 0 1 and attempt reauthentication on switch port1 0 1 use the command awplus dot1x initialize interface port1 0 1 To unaut...

Страница 1686: ...iscommand Theattemptistriggered by the first packet from the supplicant trying to access the network resources Syntax dot1x initialize supplicant macadd username Mode Privileged Exec Example To initia...

Страница 1687: ...LACP channel group or a switch port Usage Use this command to enable key transmission over an Extensible Authentication Protocol EAP packet between the authenticator and supplicant Use the no variant...

Страница 1688: ...aximum number of login attempts for supplicants on an interface The supplicant is moved to the auth fail VLAN from the Guest VLAN after the number of failed login attempts using 802 1X authentication...

Страница 1689: ...l awplus config auth profile student awplus config auth profile dot1x max auth fail 1 To configure the maximum number of login attempts for a supplicant on authentication profile student to the defaul...

Страница 1690: ...ication attempts after failure Examples To configure the maximum number of reauthentication attempts for interface port1 0 2 to a single 1 reauthentication request use the commands awplus configure te...

Страница 1691: ...authentication attempts for authentication profile student to the default maximum number of two 2 reauthentication attempts use the commands awplus configure terminal awplus config auth profile studen...

Страница 1692: ...t controlis set to auto the 802 1X authentication feature is executed on the interface but only if the aaa authentication dot1x command has been issued Examples To enable port authentication on the in...

Страница 1693: ...inal awplus config auth profile student awplus config auth profile dot1x port control auto To enable port authentication force authorized on authentication profile student use the commands awplus conf...

Страница 1694: ...tempts to request an ID Examples To set the transmit timeout period to 5 seconds on interface port1 0 2 use the commands awplus configure terminal awplus config interface port1 0 2 awplus config if do...

Страница 1695: ...B Command Reference for x510 Series 1695 AlliedWare Plus Operating System Version 5 4 7 1 x 802 1X COMMANDS DOT1X TIMEOUT TX PERIOD Validation Commands auth profile Global Configuration show dot1x sho...

Страница 1696: ...ng and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Syntax show debugging dot1x Mode User Exec and Privileged Exec Usage This is a sample...

Страница 1697: ...ow dot1x all Parameter Description all Displays all authentication information for each port available on the switch Table 1 Example output from the show dot1x all command awplus show dot1x all 802 1X...

Страница 1698: ...false KR rxKey false KT keyAvailable false keyTxEnabled false criticalState off dynamicVlanId 2 802 1X statistics for interface port1 0 6 EAPOL Frames Rx 5 EAPOL Frames Tx 16 EAPOL Start Frames Rx 0...

Страница 1699: ...SHOW DOT1X authEaplogoggWhileAuthenticating 0 authReauthsWhileAuthenticated 0 authEapstartWhileAuthenticated 0 authEaplogoffWhileAuthenticated 0 BackendResponses 2 BackendAccessChallenges 1 BackendOt...

Страница 1700: ...iguration Guide Syntax show dot1x diagnostics interface interface list Mode Privileged Exec Example See the sample output below showing 802 1X authentication diagnostics for port1 0 5 awplus show dot1...

Страница 1701: ...upplicant address 00d0 59ab 7037 authEnterConnecting 2 authEaplogoffWhileConnecting 1 authEnterAuthenticating 2 authSuccessWhileAuthenticating 1 authTimeoutWhileAuthenticating 1 authFailWhileAuthentic...

Страница 1702: ...saving command output see the Getting Started with AlliedWare_Plus Feature Overview and Configuration Guide Syntax show dot1x interface interface list diagnostics sessionstatistics statistics supplica...

Страница 1703: ...ized reAuthenticate disabled reAuthPeriod 3600 PAE quietPeriod 60 maxReauthReq 2 txPeriod 30 PAE connectTimeout 30 BE suppTimeout 30 serverTimeout 30 CD adminControlledDirections in KT keyTxEnabled fa...

Страница 1704: ...aplogoggWhileAuthenticating 0 authReauthsWhileAuthenticated 0 authEapstartWhileAuthenticated 0 authEaplogoffWhileAuthenticated 0 BackendResponses 2 BackendAccessChallenges 1 BackendOtherrequestToSuppl...

Страница 1705: ...status of the port for 802 1X control portStatus 802 1X status of the port authorized unauthorized reAuthenticate Reauthentication enabled disabled status on port reAuthPeriod Value holds meaning only...

Страница 1706: ...t CD Controlled Directions State machine adminControlledDi r ections Administrative value Both In operControlledDir e ctions Operational Value Both In KR Key receive state machine rxKey True when EAPO...

Страница 1707: ...authentication session statistics for port1 0 6 awplus show dot1x sessionstatistics interface port1 0 6 Parameter Description interface Specify a port to show interface list The interfaces or ports to...

Страница 1708: ...statistics interface port1 0 6 Parameter Description interface list The interfaces or ports to configure An interface list can be an interface e g vlan2 a switch port e g port1 0 6 a static channel g...

Страница 1709: ...eter awplus show dot1x supplicant 00d0 59ab 7037 brief Parameter Description macadd MAC hardware address of the Supplicant brief Brief summary of the Supplicant state authenticationMethod dot1x totalS...

Страница 1710: ...cationMethod dot1x totalSupplicantNum 1 authorizedSupplicantNum 1 macBasedAuthenticationSupplicantNum 0 dot1xAuthenticationSupplicantNum 1 webBasedAuthenticationSupplicantNum 0 Interface VID Mode MAC...

Страница 1711: ...onfiguration Guide Syntax show dot1x supplicant interface interface list brief Mode Privileged Exec Examples See sample output below showing the supplicant on the interface port1 0 6 awplus show dot1x...

Страница 1712: ...ant address 0000 cd07 7b60 authenticationMethod 802 1X Two Step Authentication firstAuthentication Pass Method mac secondAuthentication Pass Method dot1x portStatus Authorized currentId 3 abort F fail...

Страница 1713: ...face sa1 supplicant brief Interface sa1 authenticationMethod dot1x Two Step Authentication firstMethod mac secondMethod dot1x totalSupplicantNum 1 authorizedSupplicantNum 1 macBasedAuthenticationSuppl...

Страница 1714: ...mand Reference for x510 Series 1714 AlliedWare Plus Operating System Version 5 4 7 1 x 802 1X COMMANDS UNDEBUG DOT1X undebug dot1x Overview This command applies the functionality of the no variant of...

Страница 1715: ...namic vlan creation on page 1721 auth guest vlan on page 1724 auth guest vlan forward on page 1727 auth host mode on page 1729 auth log on page 1731 auth max supplicant on page 1733 auth profile Globa...

Страница 1716: ...ode on page 1778 auth web server dhcp ipaddress on page 1779 auth web server dhcp lease on page 1780 auth web server dhcp wpad option on page 1781 auth web server host name on page 1782 auth web serve...

Страница 1717: ...tion Authentication Profile on page 1805 erase proxy autoconfig file on page 1806 erase web auth https file on page 1807 platform l3 vlan hashing algorithm on page 1808 platform mac vlan hashing algor...

Страница 1718: ...feature enables assignment to a different VLAN if a supplicant fails authentication To enable the auth fail vlan feature with Web Authentication you need to set the Web Authentication Server virtual...

Страница 1719: ...following commands awplus configure terminal awplus config interface port1 0 2 awplus config if auth auth fail vlan 100 To disable the auth fail vlan feature for port1 0 2 use the following commands a...

Страница 1720: ...de Examples To enable the critical port feature on interface port1 0 2 use the following commands awplus configure terminal awplus config interface port1 0 2 awplus config if auth critical To disable...

Страница 1721: ...signed to ports Dynamic VLANs may be associated with authenticated MAC addresses if the type parameter is applied with the rule parameter The rule parameter deals with the case where there are multipl...

Страница 1722: ...LAN ID assigned for the MAC Base VLAN is displayed using the show platform table vlan command To configure Dynamic Vlan with Web Authentication you need to set Web Authentication Server virtual IP add...

Страница 1723: ...able the Dynamic VLAN assignment feature on authentication profile student use the commands awplus configure terminal awplus config auth profile student awplus config auth profile auth dynamic vlan cr...

Страница 1724: ...a port is in multi supplicant mode with per port dynamic VLAN configuration after the first successful authentication subsequent hosts cannot use the guest VLAN due to the change in VLAN ID This may...

Страница 1725: ...nds awplus configure terminal awplus config vlan database awplus config vlan vlan 100 awplus config vlan exit awplus config interface port1 0 2 awplus config if dot1x port control auto awplus config i...

Страница 1726: ...mmand Reference for x510 Series 1726 AlliedWare Plus Operating System Version 5 4 7 1 x AUTHENTICATION COMMANDS AUTH GUEST VLAN auth guest vlan forward dot1x port control show dot1x show dot1x interfa...

Страница 1727: ...g is disabled by default Mode Interface Configuration mode for a specified switch port or Authentication Profile mode Usage Before using this command you must configure the guest VLAN with the auth gu...

Страница 1728: ...h guest vlan forward 10 0 0 1 dns To enable the tcp forwarding port 137 on authentication profile student use the commands awplus configure terminal awplus config auth profile student awplus config au...

Страница 1729: ...se the following commands awplus configure terminal awplus config interface port1 0 2 awplus config if auth host mode multi supplicant Parameter Description single host Single host mode In this mode o...

Страница 1730: ...host mode To set the host mode to multi supplicant on authentication profile student use the commands awplus configure terminal awplus config auth profile student awplus config auth profile auth host...

Страница 1731: ...ing of MAC authentication failures to the log file for supplicants client devices connected to interface port1 0 2 use the following commands awplus configure terminal awplus config interface port1 0...

Страница 1732: ...ure the logging of web authentication failures to the log file for supplicants client devices connected to authentication profile student use the commands awplus configure terminal awplus config auth...

Страница 1733: ...ofile mode Examples To set the maximum number of supplicants to 10 on interface port1 0 2 use the following commands awplus configure terminal awplus config interface port1 0 2 awplus config if auth m...

Страница 1734: ...Reference for x510 Series 1734 AlliedWare Plus Operating System Version 5 4 7 1 x AUTHENTICATION COMMANDS AUTH MAX SUPPLICANT Related Commands auth profile Global Configuration show dot1x show dot1x i...

Страница 1735: ...o port authentication profiles are created by default Mode Global Configuration Usage A port authentication profile is a configuration object that aggregates multiple port authentication commands Thes...

Страница 1736: ...a authentication profile created using the auth profile Global Configuration command to a static channel a dynamic LACP channel group or a switch port You can only attach one profile to an interface...

Страница 1737: ...or Authentication Profile mode Examples To enable reauthentication on interface port1 0 2 use the following commands awplus configure terminal awplus config interface port1 0 2 awplus config if auth...

Страница 1738: ...ce goes down so supplicants must reauthenticate Mode Interface Configuration for a static channel a dynamic LACP channel group or a switch port or Authentication Profile mode Usage Note that 802 1X po...

Страница 1739: ...al awplus config auth profile student awplus config auth profile auth roaming disconnected To require supplicants using authentication profile student to reauthenticate when moving between ports if th...

Страница 1740: ...ion MAC authentication or Web authentication must be configured before using this feature The port that the supplicant is moving to must have the same authentication configuration as the port the supp...

Страница 1741: ...ng authentication for authentication profile student use the commands awplus configure terminal awplus config auth profile student awplus config auth profile no auth roaming enable Related Commands au...

Страница 1742: ...entry in A B C D P format max reauth req The number of reauthentication attempts before becoming unauthorized 1 10 Count of reauthentication attempts default 2 port control Port control commands auto...

Страница 1743: ...terface port1 0 2 use the commands awplus configure terminal awplus config interface port1 0 2 awplus config if no auth supplicant ip 192 168 10 0 24 To disable reauthentication for the supplicant s I...

Страница 1744: ...ntaining a specific string mac addr mask The mask comprises a string of three period separated bytes where each byte comprises four hexadecimal characters that will generally be either 1or 0 When the...

Страница 1745: ...for port 1 0 2 use the commands awplus configure terminal awplus config interface port1 0 2 awplus config if auth supplicant mac 0000 5E00 0000 mask ffff ff00 0000 port control force authorized To del...

Страница 1746: ...3 port control force authorized To delete the supplicant MAC address 0000 5E00 5343 for authentication profile student use the commands awplus configure terminal awplus config auth profile student awp...

Страница 1747: ...nt has the state connecting then the supplicant is deleted When auth web server session keep or auth two step enableis enabled we recommend you configure a longer connect timeout period Examples To se...

Страница 1748: ...IMEOUT CONNECT TIMEOUT To reset the connect timeout period to the default 30 seconds for authentication profile student use the commands awplus configure terminal awplus config auth profile student aw...

Страница 1749: ...seconds for interface port1 0 2 use the following commands awplus configure terminal awplus config interface port1 0 2 awplus config if auth timeout quiet period 10 To reset the quiet period to the d...

Страница 1750: ...switch port or Authentication Profile mode Examples To set the reauthentication period to 1 day for interface port1 0 2 use the following commands awplus configure terminal awplus config interface po...

Страница 1751: ...510 Series 1751 AlliedWare Plus Operating System Version 5 4 7 1 x AUTHENTICATION COMMANDS AUTH TIMEOUT REAUTH PERIOD Related Commands auth profile Global Configuration auth reauthentication show dot1...

Страница 1752: ...o 120 seconds for interface port1 0 2 use the following commands awplus configure terminal awplus config interface port1 0 2 awplus config if auth timeout server timeout 120 To set the server timeout...

Страница 1753: ...rence for x510 Series 1753 AlliedWare Plus Operating System Version 5 4 7 1 x AUTHENTICATION COMMANDS AUTH TIMEOUT SERVER TIMEOUT Related Commands auth profile Global Configuration show dot1x show dot...

Страница 1754: ...timeout to 2 seconds for interface port1 0 2 use the following commands awplus configure terminal awplus config interface port1 0 2 awplus config if auth timeout supp timeout 2 To reset the server ti...

Страница 1755: ...erence for x510 Series 1755 AlliedWare Plus Operating System Version 5 4 7 1 x AUTHENTICATION COMMANDS AUTH TIMEOUT SUPP TIMEOUT Related Commands auth profile Global Configuration show dot1x show dot1...

Страница 1756: ...ecurity risk an unauthorized user can access the network with an authorized device or an authorized user can access the network with an unauthorized device Two step authentication solves this problem...

Страница 1757: ...ng commands awplus configure terminal awplus config interface port1 0 2 awplus config if switchport mode access awplus config if auth web enable awplus config if dot1x port control auto awplus config...

Страница 1758: ...Operating System Version 5 4 7 1 x AUTHENTICATION COMMANDS AUTH TWO STEP ENABLE Relat ed Commands auth profile Global Configuration show auth two step supplicant brief show auth show auth interface s...

Страница 1759: ...list name no auth mac accounting Default The default method list is applied to an interface by default Mode Interface Mode Example To apply the named list vlan10_acct on the vlan10 interface use the...

Страница 1760: ...th mac authentication Default The default method list is applied to an interface by default Mode Interface Mode Example To apply the named list vlan10_auth on the vlan10 interface use the commands awp...

Страница 1761: ...s enabled Note that re authentication is correct behavior without spanning tree edgeport enabled Applying switchport mode access on ports is also good practice to set the ports to access mode with ing...

Страница 1762: ...ATION COMMANDS AUTH MAC ENABLE To disable MAC authentication on authentication profile student use the commands awplus configure terminal awplus config auth profile student awplus config auth profile...

Страница 1763: ...e Configuration for a static channel a dynamic LACP channel group or a switch port or Authentication Profile mode Examples To set the MAC Authentication method to pap on interface port1 0 2 use the fo...

Страница 1764: ...ATION COMMANDS AUTH MAC METHOD To disable MAC authentication on authentication profile student use the commands awplus configure terminal awplus config auth profile student awplus config auth profile...

Страница 1765: ...particularly important if some MAC based supplicants on the network are intelligent devices such as computers and or you are using two step authentication see the Ensuring Authentication Methods Requ...

Страница 1766: ...tication re learning feature on interface port1 0 2 use the following commands awplus configure terminal awplus config interface port1 0 2 awplus config if auth mac reauth relearning To disable the re...

Страница 1767: ...provided to allow other vendors AlliedWare and AlliedWare Plus switches to share the same format on the RADIUS server Example To configure the format of the MAC address in the username and password f...

Страница 1768: ...ist name no auth web accounting Default The default method list is applied to an interface by default Mode Interface Mode Example To apply the named list vlan10_acct on the vlan10 interface use the co...

Страница 1769: ...h web authentication Default The default method list is applied to an interface by default Mode Interface Mode Example To apply the named list vlan10_auth on the vlan10 interface use the commands awpl...

Страница 1770: ...nds awplus configure terminal awplus config interface port1 0 2 awplus config if static channel group 2 awplus config if exit awplus config interface sa2 awplus config if auth web enable To disable We...

Страница 1771: ...nd Reference for x510 Series 1771 AlliedWare Plus Operating System Version 5 4 7 1 x AUTHENTICATION COMMANDS AUTH WEB ENABLE Related Commands auth profile Global Configuration show auth show auth inte...

Страница 1772: ...address ip address prefix length dns tcp 1 65535 udp 1 65535 Or no auth web forward arp dhcp dns tcp 1 65535 udp 1 65535 Default Packet forwarding for port authentication is enabled by default for ar...

Страница 1773: ...port mode access awplus config if auth web enable awplus config if auth dynamic vlan creation awplus config if auth web forward 192 168 1 10 dns To disable the ARP forwarding feature on interface port...

Страница 1774: ...student use the commands awplus configure terminal awplus config auth profile student awplus config auth profile no auth web forward arp To delete the tcp forwarding port 137 on authentication profile...

Страница 1775: ...channel group or a switch port or Authentication Profile mode Examples To set the lock count to 5 on interface port1 0 2 use the following commands awplus configure terminal awplus config interface po...

Страница 1776: ...x510 Series 1776 AlliedWare Plus Operating System Version 5 4 7 1 x AUTHENTICATION COMMANDS AUTH WEB MAX AUTH FAIL Related Commands auth profile Global Configuration auth timeout quiet period show aut...

Страница 1777: ...tication Profile mode Example To set the Web Authentication method to eap md5 on interface port1 0 2 use the following commands awplus configure terminal awplus config interface port1 0 2 awplus confi...

Страница 1778: ...isable blocking mode for the Web Authentication server Syntax auth web server blocking mode no auth web server blocking mode Default By default blocking mode is disabled for the Web Authentication ser...

Страница 1779: ...cation Feature Overview and Configuration Guide for information about using DHCP with web authentication and restrictions regarding combinations of authentication enhancements working together You can...

Страница 1780: ...See the AAA and Port Authentication Feature Overview and Configuration Guide for information about using DHCP with web authentication and restrictions regarding combinations of authentication enhancem...

Страница 1781: ...d to use WPAD the supplicant s web browser will use TCP port 80 as usual Therefore the packet can be intercepted by Web Authentication as normal and the Web Authentication Login page can be sent Howev...

Страница 1782: ...TPS protocol the web browser will validate the certificate If the certificate is invalid the web page gives a warning message before displaying server content However the web page will not give warnin...

Страница 1783: ...port number In this case Web Authentication cannot intercept the connection To overcome this limitation you can use this command to tell the switch which additional port it should intercept and then s...

Страница 1784: ...web server ipaddress ip address no auth web server ipaddress Default The Web Authentication server address on the system is not set by default Mode Global Configuration Examples To set the IP address...

Страница 1785: ...English by default Mode Global Configuration Examples To set Japanese as the presentation language of Web authentication pages use the following commands awplus configure terminal awplus config auth w...

Страница 1786: ...onfiguration Guide for details Use the no variant of this command to delete the URL Syntax auth web server login url URL no auth web server login url Default The built in login page is set by default...

Страница 1787: ...nd Port Authentication Feature Overview and Configuration Guide Syntax auth web server page logo auto default hidden no auth web server page logo Default Logo type is auto by default Mode Global Confi...

Страница 1788: ...e Overview and Configuration Guide Syntax auth web server page sub title hidden text sub title no auth web server page sub title Default Allied Telesis is displayed by default Mode Global Configuratio...

Страница 1789: ...nd Port Authentication Feature Overview and Configuration Guide Syntax auth web server page success message text success message no auth web server page success message Default No success message is s...

Страница 1790: ...Syntax auth web server page title hidden text title no auth web server page title Default Web Access Authentication Gateway is displayed by default Mode Global Configuration Examples To set the custo...

Страница 1791: ...and Port Authentication Feature Overview and Configuration Guide Syntax auth web server page welcome message text welcome message no auth web server page welcome message Default No welcome message is...

Страница 1792: ...nticated by Web Authentication Syntax auth web server ping poll enable no auth web server ping poll enable Default The ping polling feature for Web Authentication is disabled by default Mode Global Co...

Страница 1793: ...se the no variant of this command to resets the fail count for the ping polling feature to the default 5 pings Syntax auth web server ping poll failcount 1 100 no auth web server ping poll failcount D...

Страница 1794: ...ng polling 30 seconds Syntax auth web server ping poll interval 1 65535 no auth web server ping poll interval Default The interval for ping polling is 30 seconds by default Mode Global Configuration E...

Страница 1795: ...no variant of this command to reset the reauth timer refresh parameter to the default setting disabled Syntax auth web server ping poll reauth timer refresh no auth web server ping poll reauth timer r...

Страница 1796: ...reset the timeout of ping polling to the default 1 second Syntax auth web server ping poll timeout 1 30 no auth web server ping poll timeout Default The default timeout for ping polling is 1 second Mo...

Страница 1797: ...Authentication server HTTP port number is set to 80 by default Mode Global Configuration Examples To set the HTTP port number 8080 for the Web Authentication server use the following commands awplus c...

Страница 1798: ...rect delay time Default The default redirect delay time is 5 seconds Mode Global Configuration Examples To set the delay time to 60 seconds for the Web Authentication server use the following commands...

Страница 1799: ...tax auth web server redirect url url no auth web server redirect url Default The redirect URL for the Web Authentication server feature is not set by default null Mode Global Configuration Examples To...

Страница 1800: ...is disabled by default Mode Global Configuration Usage This function doesn t ensure to keep session information in all cases Authenticated supplicant may be redirected to unexpected page when session...

Страница 1801: ...ntax auth web server ssl no auth web server ssl Default HTTPS functionality for the Web Authentication server feature is disabled by default Mode Global Configuration Examples To enable HTTPS function...

Страница 1802: ...ariant of this command to delete registered port number Syntax auth web server ssl intercept port 1 65535 no auth web server ssl intercept port 1 65535 Default 443 TCP is registered by default Mode Gl...

Страница 1803: ...o configuration PAC file to your switch The Web Authentication supplicant can get the downloaded file from the system web server Syntax copy filename proxy autoconfig file Mode Privileged Exec Example...

Страница 1804: ...be in PEM Privacy Enhanced Mail format and contain the private key and the server certificate Syntax copy filename web auth https file Mode Privileged Exec Example To download the server certificate f...

Страница 1805: ...ult No description configured by default Mode Authentication Profile Example To add a description to the authentication profile student use the following commands awplus configure terminal awplus conf...

Страница 1806: ...AUTOCONFIG FILE erase proxy autoconfig file Overview Use this command to remove the proxy auto configuration file Syntax erase proxy autoconfig file Mode Privileged Exec Example To remove the proxy a...

Страница 1807: ...uth https file Overview Use this command to remove the SSL server certificate for web based authentication Syntax erase web auth https file Mode Privileged Exec Example To remove the SSL server certif...

Страница 1808: ...re than four different IP addresses produce the same hash key When this situation occurs collisions can sometimes be avoided by changing the hashing algorithm from its default of crc32l Several differ...

Страница 1809: ...more than four different MAC addresses produce the same hash key When this situation occurs collisions can sometimes be avoided by changing the hashing algorithm from its default of crc32l Several dif...

Страница 1810: ...amic or LACP channel group or a switch port awplus show auth all 802 1X Port Based Authentication Enabled MAC based Port Authentication Disabled WEB based Port Authentication Enabled RADIUS server add...

Страница 1811: ...uthenticationMethod WEB based Authentication Two Step Authentication firstAuthentication Pass Method dot1x secondAuthentication Pass Method web portStatus Authorized currentId 3 abort F fail F start F...

Страница 1812: ...ace list Mode Privileged Exec Example To display authentication diagnostics for port1 0 6 enter the command awplus show auth diagnostics interface port1 0 6 Parameter Description interface Specify por...

Страница 1813: ...interface port1 0 6 Supplicant address 00d0 59ab 7037 authEnterConnecting 2 authEaplogoffWhileConnecting 1 authEnterAuthenticating 2 authSuccessWhileAuthenticating 1 authTimeoutWhileAuthenticating 1...

Страница 1814: ...terface interface list diagnostics sessionstatistics statistics supplicant brief Mode Privileged Exec Example To display the Web based authentication status for port1 0 6 enter the command awplus show...

Страница 1815: ...1 0 1 Authentication Info for interface port1 0 1 portEnabled true portControl Auto portStatus Authorized reAuthenticate disabled reAuthPeriod 3600 PAE quietPeriod 60 maxReauthReq 2 txPeriod 30 BE sup...

Страница 1816: ...onstatistics show dot1x statistics interface show dot1x supplicant interface Authentication Diagnostics for interface port1 0 6 Supplicant address 00d0 59ab 7037 authEnterConnecting 2 authEaplogoffWhi...

Страница 1817: ...3 Example output from the show auth sessionstatistics command Parameter Description interface Specify ports to show interface list The interfaces or ports to configure An interface list can be an int...

Страница 1818: ...lay Web Authentication statistics for port1 0 4 enter the command awplus show auth statistics interface port1 0 4 Related Commands show dot1x interface Parameter Description interface list The interfa...

Страница 1819: ...t To display authenticated supplicant information for device with MAC address 0000 5E00 5301 enter the command awplus show auth supplicant 0000 5E00 5301 Output Figure 42 4 Example output from show au...

Страница 1820: ...F start F timeout F success T PAE state Authenticated portMode Auto PAE reAuthCount 0 rxRespId 0 PAE quietPeriod 60 maxReauthReq 2 BE state Idle reqCount 0 idFromServer 0 CD adminControlledDirections...

Страница 1821: ...liedWare Plus Operating System Version 5 4 7 1 x AUTHENTICATION COMMANDS SHOW AUTH SUPPLICANT Related Commands aaa accounting auth mac aaa accounting auth web aaa accounting dot1x aaa authentication a...

Страница 1822: ...thenticated supplicant on the interface port1 0 3 enter the command awplus show auth supplicant interface port1 0 3 To display brief summary output for the authenticated supplicant enter the command a...

Страница 1823: ...tep supplicant interface port1 0 6 brief Output Figure 42 7 Example output from show auth two step supplicant brief Related Commands auth two step enable Parameter Description interface The interface...

Страница 1824: ...8 Example output from the show auth web server command Related Commands auth web server ipaddress auth web server port auth web server redirect delay time auth web server redirect url auth web server...

Страница 1825: ...ow the web authentication page information use the command awplus show auth web server page Figure 42 9 Example output from the show auth web server page command Related Commands auth web forward auth...

Страница 1826: ...Syntax show proxy autoconfig file Mode Privileged Exec Example To display the contents of the proxy auto configuration PAC file enter the command awplus show auth proxy autoconfig file Output Figure...

Страница 1827: ...1833 aaa accounting dot1x on page 1835 aaa accounting login on page 1837 aaa accounting update on page 1840 aaa authentication auth mac on page 1842 aaa authentication auth web on page 1844 aaa authe...

Страница 1828: ...page 1865 login authentication on page 1866 proxy port on page 1867 radius secure proxy aaa on page 1868 server radsecproxy aaa on page 1869 server mutual authentication on page 1871 server name check...

Страница 1829: ...y none group group name radius no aaa accounting auth mac default list name Default RADIUS accounting for MAC based Authentication is disabled by default Mode Global Configuration Usage This command c...

Страница 1830: ...IUS servers use the commands awplus configure terminal awplus config aaa accounting auth mac default start stop group radius To disable RADIUS accounting for MAC based Authentication use the commands...

Страница 1831: ...y none group group name radius no aaa accounting auth web default list name Default RADIUS accounting for Web based authentication is disabled by default Mode Global Configuration Usage This command c...

Страница 1832: ...rvers use the commands awplus configure terminal awplus config aaa accounting auth web default start stop group radius To disable the default RADIUS accounting method for Web based authentication use...

Страница 1833: ...ed by default Mode Global Configuration Usage This command only supports a default method list this means that it is applied to every console and VTY line The stop only parameter indicates that the co...

Страница 1834: ...rivilege levels 1 7 and 15 use the following commands awplus configure terminal awplus config aaa accounting commands 1 default stop only group tacacs awplus config aaa accounting commands 7 default s...

Страница 1835: ...e start stop stop only none group group name radius no aaa accounting dot1x default list name Default RADIUS accounting for 802 1X based authentication is disabled by default there is no default serve...

Страница 1836: ...nd use all available RADIUS Servers use the commands awplus configure terminal awplus config aaa accounting dot1x default start stop group radius To disable RADIUS accounting for 802 1X based authenti...

Страница 1837: ...ccounting method list for login shell sessions configured by an aaa accounting login command If the method list being deleted is already applied to a console or VTY line accounting on that line will b...

Страница 1838: ...name use the specified RADIUS server group configured with the aaa group server command There is one way to define servers where TACACS accounting messages are sent group tacacs use all TACACS server...

Страница 1839: ...1839 AlliedWare Plus Operating System Version 5 4 7 1 x AAA COMMANDS AAA ACCOUNTING LOGIN Related Commands aaa accounting commands aaa authentication login aaa accounting login aaa accounting update a...

Страница 1840: ...de Global Configuration Usage Use this command to enable the device to send periodic AAA login accounting reports to the accounting server When periodic accounting report is enabled interim accounting...

Страница 1841: ...AA COMMANDS AAA ACCOUNTING UPDATE To disable periodic accounting update wherever accounting has been configured use the following commands awplus configure terminal awplus config no aaa accounting upd...

Страница 1842: ...ed Port Authentication is disabled by default Mode Global Configuration Usage This command can be used to configure either the default authentication method list or a named authentication method list...

Страница 1843: ...commands awplus configure terminal awplus config no aaa authentication auth mac default To enable MAC based authentication for named list vlan10_auth with RADIUS server group rad_group_vlan10 use the...

Страница 1844: ...eb default list name Default Web based authentication is disabled by default Mode Global Configuration Usage This command can be used to configure either the default authentication method list or a na...

Страница 1845: ...ication use the commands awplus configure terminal awplus config no aaa authentication auth web default To enable Web based authentication for named list vlan10_auth with RADIUS server group rad_group...

Страница 1846: ...tion is disabled by default Mode Global Configuration Usage This command can be used to configure either the default authentication method list or a named authentication method list default the defaul...

Страница 1847: ...authentication for named list vlan10_auth with RADIUS server group rad_group_vlan10 use the commands awplus configure terminal awplus config aaa authentication dot1x vlan10_auth group rad_group_vlan1...

Страница 1848: ...fied privilege level is equal to or less than the users maximum privilege level then they are granted access to that level If the user attempts to access a privilege level that is higher than their ma...

Страница 1849: ...I Examples To enable a privilege level authentication method that will not allow the user to access Privileged Exec mode if the TACACS server goes offline or is not reachable during enable password au...

Страница 1850: ...ion Usage The privilege level configured for a particular user in the local user database is the privilege threshold above which the user is prompted for an enable Privileged Exec mode command Example...

Страница 1851: ...default method list This will return the default method list to its default state local is the default Syntax aaa authentication login default list name local group radius tacacs group name no aaa au...

Страница 1852: ...for user login to first use all available RADIUS servers for user login authentication and then use the local user database use the following commands awplus configure terminal awplus config aaa authe...

Страница 1853: ...ent to the first available configured TACACS server the first server configured for authorization Parameter Description privilege level The privilege level of the set of commands the method list will...

Страница 1854: ...fallback is not configured and all servers become unreachable then all commands except logout exit and quit will be denied The default method list is defined with a local fallback unless configured di...

Страница 1855: ...on Usage If authorization of configuration mode commands is not enabled then all configuration commands are accepted by default including command authorization commands NOTE Authorization of configura...

Страница 1856: ...al Configuration Usage Use this command to create an AAA group of RADIUS servers and to enter Server Group Configurationmode inwhich you canadd servers to thegroup Use a server groupto specify a subse...

Страница 1857: ...x AAA COMMANDS AAA GROUP SERVER Related Commands aaa accounting auth mac aaa accounting auth web aaa accounting dot1x aaa accounting login aaa authentication auth mac aaa authentication auth web aaa a...

Страница 1858: ...guration Default The default for the lockout time is 300 seconds 5 minutes Usage While locked out all attempts to login with the locked account will fail The lockout can be manually cleared by another...

Страница 1859: ...d login counter reaches the limit configured by this command that user account is locked out for a specified duration configured by the aaa local authentication attempts lockout time command When a su...

Страница 1860: ...he console SSH and Telnet Use the novariantof this commandtoresetthe minimumtimeperiod to itsdefault value Syntax aaa login fail delay 1 10 no aaa login fail delay 1 10 Default 1 second Mode Global co...

Страница 1861: ...f this command resets AAA Accounting applied to console or VTY lines for local or remote login default login accounting is applied after issuing the no accounting login command Accounting is disabled...

Страница 1862: ...d list with privilege level 15 to VTY lines 0 to 5 use the following commands awplus configure terminal awplus config line vty 0 5 awplus config line authorization commands 15 TAC15 To reset the comma...

Страница 1863: ...mand Reference for x510 Series 1863 AlliedWare Plus Operating System Version 5 4 7 1 x AAA COMMANDS AUTHORIZATION COMMANDS aaa authorization config commands tacacs server host Command changes Version...

Страница 1864: ...ar aaa local user lockout username username all Mode Privileged Exec Examples To unlock the user account bob use the following command awplus clear aaa local user lockout username bob To unlock all us...

Страница 1865: ...ccounting all authentication authorization Default AAA debugging is disabled by default Mode Privileged Exec Examples To enable authentication debugging for AAA use the command awplus debug aaa authen...

Страница 1866: ...ication on these console or VTY lines Command Syntax login authentication default list name no login authentication Default The default login authentication method list as specified by the aaa authent...

Страница 1867: ...proxy port Default The default port is 1645 Mode RadSecProxy AAA Configuration Mode Usage It is not necessary to change the value from the default unless UDP port 1645 is required for another purpose...

Страница 1868: ...iguration mode This application allows local RADIUS based clients on system to communicate with remote RadSec servers via a secure TLS proxy Syntax radius secure proxy aaa Mode Global Configuration Mo...

Страница 1869: ...t value for RADIUS servers will be used The global timeout may be changed using the radius server timeout command The default global timeout is 5 seconds Each server may be configured to use certifica...

Страница 1870: ...RVER RADSECPROXY AAA Example To add a server which waits 3 seconds before receiving replies use the commands awplus configure terminal awplus config radius secure proxy aaa awplus config radsecproxy a...

Страница 1871: ...ing the RadSecProxy AAA application to not transmit a certificate to the server NOTE Ifmutualauthenticationisdisabledontheclient AAA applicationbutenabled on the server a connection will not be establ...

Страница 1872: ...ubject field of the client s X 509 certificate must match the domain name or IP address specified in the server radsecproxy aaa command Use the no variant of this command to set the global behavior fo...

Страница 1873: ...erver must have an issuer chain that terminates with the root CA certificate for any of the trustpoints that are associated with the application If no trustpoints are specified in the command the trus...

Страница 1874: ...C613 50170 01 Rev B Command Reference for x510 Series 1874 AlliedWare Plus Operating System Version 5 4 7 1 x AAA COMMANDS SERVER TRUSTPOINT server radsecproxy aaa server name check...

Страница 1875: ...cked account successfully logs into the system after waiting for the lockout time this command will display nothing for that particular account Syntax show aaa local user locked Mode User Exec and Pri...

Страница 1876: ...aa accounting auth mac aaa authentication auth web aaa authentication dot1x awplus show aaa server group User List Name Method Acct Event login auth default local login acct dot1x auth default radius...

Страница 1877: ...isplays the current debugging status for AAA Authentication Authorization Accounting Syntax show debugging aaa Mode User Exec and Privileged Exec Example To display the current debugging status of AAA...

Страница 1878: ...r groups use the command awplus show radius server group To display a information for a RADIUS server group named rad_group_list1 use the command awplus show radius server group rad_group_list1 Output...

Страница 1879: ...IUS SERVER GROUP Figure 43 5 Example output from show radius server group rad_group_list1 Related Commands aaa group server awplus show radius server group rad_group_list1 RADIUS Group Configuration G...

Страница 1880: ...01 Rev B Command Reference for x510 Series 1880 AlliedWare Plus Operating System Version 5 4 7 1 x AAA COMMANDS UNDEBUG AAA undebug aaa Overview This command applies the functionality of the no debug...

Страница 1881: ...Command List auth radius send nas identifier on page 1882 auth radius send service type on page 1883 deadtime RADIUS server group on page 1884 debug radius on page 1885 ip radius source interface on...

Страница 1882: ...ntifierof NASID100 as the NAS Identifier attribute use the commands awplus configure terminal awplus config auth radius send nas identifier NASID100 To use the VLAN ID as the NAS Identifier attribute...

Страница 1883: ...requests The Service Type attribute has a value of Framed 2 for 802 1x Call Check 10 for MAC authentication Unbound 5 for Web authentication Use the no variant of this command to stop including the S...

Страница 1884: ...ADIUS server is set to 0 minutes by default Syntax deadtime 0 1440 no deadtime Default The deadtime is set to 0 minutes by default Mode Server Group Configuration Usage If the RADIUS server does not r...

Страница 1885: ...all Default RADIUS debugging is disabled by default Mode Privileged Exec Examples To enable debugging for RADIUS packets use the command awplus debug radius packet To enable debugging for RADIUS event...

Страница 1886: ...e interface interface ip address no ip radius source interface Default Source IP address of outgoing RADIUS packets depends on the interface the packets leave Mode Global Configuration Examples To con...

Страница 1887: ...deadtime configured on the system is 0 seconds Mode Global Configuration Usage The RADIUS client considers a RADIUS server to be dead if it fails to respond to a request after it has been retransmitt...

Страница 1888: ...65535 auth port 0 65535 key key string retransmit 0 100 timeout 1 1000 no radius server host host name ip address acct port 0 65535 auth port 0 65535 Parameter Description host name Server host name...

Страница 1889: ...he time interval in seconds to wait for the RADIUS server to reply before retransmitting a request or considering the server dead This setting overrides the global value set by the radius server timeo...

Страница 1890: ...r 10 0 0 20 use the following commands awplus configure terminal awplus config no radius server host 10 0 0 20 To configure rad1 company com for authentication only use the following commands awplus c...

Страница 1891: ...key shared between this client and its RADIUS servers If no secret key is specified for a particular RADIUS server using the radius server host c ommand this global key is used After enabling AAA aut...

Страница 1892: ...ult RADIUS retransmit count on the device is 3 Mode Global Configuration Examples To set the RADIUS retransmit count to 1 use the following commands awplus configure terminal awplus config radius serv...

Страница 1893: ...v B Command Reference for x510 Series 1893 AlliedWare Plus Operating System Version 5 4 7 1 x RADIUS COMMANDS RADIUS SERVER RETRANSMIT Related Commands radius server deadtime radius server host show r...

Страница 1894: ...s 5 seconds Mode Global Configuration Examples To globally set the device to wait 20 seconds before retransmitting a RADIUS request to unresponsive RADIUS servers use the following commands awplus con...

Страница 1895: ...x RADIUS COMMANDS RADIUS SERVER TIMEOUT To reset the global timeout period for RADIUS servers to the default use the following command awplus configure terminal awplus config no radius server timeout...

Страница 1896: ...n port for accounting requests to the server To disable accounting for the server set acct port to 0 If the accounting port is missing the default port number is 1812 Use the no variant of this comman...

Страница 1897: ...inal awplus config aaa group server radius RAD_AUTH1 awplus config sg server 192 168 1 1 acct port 0 awplus config sg server 192 168 2 1 auth port 1000 acct port 0 To create a RADIUS server group RAD_...

Страница 1898: ...isplays the current debugging status for the RADIUS servers Syntax show debugging radius Mode User Exec and Privileged Exec Example To display the current debugging status of RADIUS servers use the co...

Страница 1899: ...e show radius command showing RADIUS servers Example See the sample output below showing RADIUS client status and RADIUS configuration awplus show radius RADIUS Global Configuration Source Interface n...

Страница 1900: ...Interface The interface name or IP address to be used for the source address of all outgoing RADIUS packets Secret Key A shared secret key to a radius server Timeout A time interval in seconds Retran...

Страница 1901: ...s been dead for Alive The server is alive Error The server is not responding Dead The server is detected as dead and it will not be used for deadtime period The time displayed in the output shows the...

Страница 1902: ...ileged Exec Example See the sample output below showing RADIUS client statistics and RADIUS configuration awplus show radius statistics Output Figure 44 4 Example output from the show radius statistic...

Страница 1903: ...B Command Reference for x510 Series 1903 AlliedWare Plus Operating System Version 5 4 7 1 x RADIUS COMMANDS UNDEBUG RADIUS undebug radius Overview This command applies the functionality of the no deb...

Страница 1904: ...authentication on page 1912 client name check on page 1913 client trustpoint on page 1914 clear radius local server statistics on page 1915 copy fdb radius users to file on page 1916 copy local radiu...

Страница 1905: ...age 1936 server enable on page 1937 show crypto pki certificates deleted on page 1938 show crypto pki certificates local radius all users deleted on page 1939 show crypto pki certificates user deleted...

Страница 1906: ...group If the specified attribute is already defined then it is replaced with the new value Use the no variant of this command to delete an attribute from the local RADIUS server user group Syntax att...

Страница 1907: ...es use the following commands awplus configure terminal awplus config radius server local awplus config radsrv group Admin awplus config radsrv group attribute help A list of Vendor specific Attribute...

Страница 1908: ...following commands awplus configure terminal awplus config radius server local awplus config radsrv group Admin awplus config radsrv group attribute Service Type 6 To delete the attribute Service Typ...

Страница 1909: ...enabled by default Mode RADIUS Server Configuration Examples The following commands enable EAP MD5 authentication methods on the local RADIUS server awplus configure terminal awplus config radius serv...

Страница 1910: ...e global behavior defined by client name check or no client name check will be used If name checking is enabled the Common Name portion of the subject field of the client s X 509 certificate must matc...

Страница 1911: ...0170 01 Rev B Command Reference for x510 Series 1911 AlliedWare Plus Operating System Version 5 4 7 1 x LOCAL RADIUS SERVER COMMANDS CLIENT RADSECPROXY SRV client trustpoint radius secure proxy local...

Страница 1912: ...ual certificate validation The local server application will still transmit the local server certificate to the client but will not expect or validate a certificate from the client Syntax client mutua...

Страница 1913: ...on of the subject field of the client s X 509 certificate must match the domain name or IP address specified in the client radsecproxy aaa command Use the no variant of this command to set the global...

Страница 1914: ...with the root CA certificate for any of the trustpoints that are associated with the application If no trustpoints are specified in the command the trustpoint list will be unchanged If no client trust...

Страница 1915: ...ears the number of successful and failed logins for each local RADIUS server user Examples To clear the NAS Network Access Server statistics stored on the device use the command awplus clear radius lo...

Страница 1916: ...al RADIUS server users created to NVS memory flash Copy the local RADIUS server users created to Flash memory usb Copy the local RADIUS server users created to USB storage device debug Copy the local...

Страница 1917: ...the specified VLAN Examples To register the local RADIUS server users from the local FDB directly to the local RADIUS server use the command awplus copy fdb radius users local radius user db To regis...

Страница 1918: ...al RADIUS server user database before copying the contents of specified file Syntax copy source url local radius user db add replace Default When no copy method is specified with this command the repl...

Страница 1919: ...Values format Syntax copy local radius user db nvs flash usb tftp scp destination url Mode Privileged Exec Example Copy the current local RADIUS server user data to http datahost user csv awplus copy...

Страница 1920: ...RADIUS SERVER COMMANDS CRYPTO PKI ENROLL LOCAL DELETED crypto pki enroll local deleted Overview This command is no longer available Please use the following command instead crypto pki enroll trustpoi...

Страница 1921: ...ENROLL LOCAL LOCAL RADIUS ALL USERS DELETED crypto pki enroll local local radius all users deleted Overview This command is no longer available Please use the following command instead crypto pki enro...

Страница 1922: ...ER COMMANDS CRYPTO PKI ENROLL LOCAL USER DELETED crypto pki enroll local user deleted Overview This command is no longer available Please use the following command instead crypto pki enroll trustpoint...

Страница 1923: ...ANDS CRYPTO PKI EXPORT LOCAL PEM DELETED crypto pki export local pem deleted Overview This command is no longer available Please use the crypto pki export pem command instead crypto pki export trustpo...

Страница 1924: ...PKI EXPORT LOCAL PKCS12 DELETED crypto pki export local pkcs12 deleted Overview This command is no longer available Please use the crypto pki export pkcs12 command instead crypto pki export trustpoin...

Страница 1925: ...S SERVER COMMANDS CRYPTO PKI TRUSTPOINT LOCAL DELETED crypto pki trustpoint local deleted Overview This command is no longer available Please use the following command instead crypto pki trustpoint tr...

Страница 1926: ...B Command Reference for x510 Series 1926 AlliedWare Plus Operating System Version 5 4 7 1 x LOCAL RADIUS SERVER COMMANDS DEBUG CRYPTO PKI DELETED debug crypto pki deleted Overview This command is no...

Страница 1927: ...ration Usage When both domain styles are enabled the first domain style configured has the highest priority A username login string is matched against the first domain style enabled Then if the userna...

Страница 1928: ...command or the egress vlan name command and specify the tagged parameter Examples To set the Egress VLANID attribute for the NormalUsers local RADIUS server user group to VLAN identifier 200 with tag...

Страница 1929: ...01 Rev B Command Reference for x510 Series 1929 AlliedWare Plus Operating System Version 5 4 7 1 x LOCAL RADIUS SERVER COMMANDS EGRESS VLAN ID Related Commands attribute egress vlan name switchport v...

Страница 1930: ...he egress vlan id command or the egress vlan name command and specify the tagged parameter Examples To configure the Egress VLAN Name attribute for the RADIUS server user group NormalUsers with the VL...

Страница 1931: ...01 Rev B Command Reference for x510 Series 1931 AlliedWare Plus Operating System Version 5 4 7 1 x LOCAL RADIUS SERVER COMMANDS EGRESS VLAN NAME Related Commands attribute egress vlan id switchport v...

Страница 1932: ...oup Syntax group user group name no group user group name Mode RADIUS Server Configuration Examples The following command creates the user group NormalUsers awplus configure terminal awplus config rad...

Страница 1933: ...address key nas keystring no nas ip address Mode RADIUS Server Configuration Examples The following commands add the NAS with an IP address of 192 168 1 2 to the list of clients that may send authent...

Страница 1934: ...on mode This application allows remote RadSec clients to communicate with the local RADIUS server process via a secure TLS proxy Syntax radius secure proxy local server Mode Global Configuration Mode...

Страница 1935: ...ion Example Local RADIUS Server commands are available from config radsrv configuration mode To change mode from User Exec mode to the Local RADIUS Server mode config radsrv use the commands awplus co...

Страница 1936: ...rt Default The default local RADIUS server UDP authentication port number is 1812 Mode RADIUS Server Configuration Examples The following commands set the RADIUS server authentication port to 10000 aw...

Страница 1937: ...e local RADIUS server stops operating Syntax server enable no server enable Default The local RADIUS server is disabled by default and must be enabled for use with this command Mode RADIUS Server Conf...

Страница 1938: ...rsion 5 4 7 1 x LOCAL RADIUS SERVER COMMANDS SHOW CRYPTO PKI CERTIFICATES DELETED show crypto pki certificates deleted Overview This command is no longer available Please use the following command ins...

Страница 1939: ...5 4 7 1 x LOCAL RADIUS SERVER COMMANDS SHOW CRYPTO PKI CERTIFICATES LOCAL RADIUS ALL USERS DELETED show crypto pki certificates local radius all users deleted Overview This command is no longeravaila...

Страница 1940: ...ing System Version 5 4 7 1 x LOCAL RADIUS SERVER COMMANDS SHOW CRYPTO PKI CERTIFICATES USER DELETED show crypto pki certificates user deleted Overview This command is no longeravailablebecause usercer...

Страница 1941: ...Version 5 4 7 1 x LOCAL RADIUS SERVER COMMANDS SHOW CRYPTO PKI TRUSTPOINTS DELETED show crypto pki trustpoints deleted Overview This command is no longer available Please use the following command ins...

Страница 1942: ...iguration Guide Syntax show radius local server group user group name Mode User Exec and Privileged Exec Example The following command displays Local RADIUS server user group information awplus show r...

Страница 1943: ...ature Overview and Configuration Guide Syntax show radius local server nas ip address Mode User Exec and Privileged Exec Example The following command displays NAS information awplus show radius local...

Страница 1944: ...command displays Local RADIUS server statistics awplus show radius local server statistics Output Related Commands clear radius local server statistics radius server local server enable server auth po...

Страница 1945: ...S server user information for user Tom awplus show radius local server user Tom The following command displays all Local RADIUS server information for all users awplus show radius local server user Th...

Страница 1946: ...RADIUS SERVER COMMANDS SHOW RADIUS LOCAL SERVER USER Related Commands group user RADIUS server Table 8 Parameters in the output from the show radius local server user command Parameter Description Us...

Страница 1947: ...plicant MAC address to configure the user name and user password parameters to use local RADIUS server for MAC Authentication See the AAA and Port_Authentication Feature Overview and Configuration_Gui...

Страница 1948: ...nfigure terminal awplus config radius server local awplus config radsrv user Tom password QwerSD group NormalUsers The following commands remove user Tom from the local RADIUS server awplus configure...

Страница 1949: ...Syntax vlan vid vlan name no vlan Default VLAN information is not set by default Mode RADIUS Server Group Configuration Examples The following commands set VLAN ID 200 to the group named NormalUsers...

Страница 1950: ...1952 crypto pki authenticate on page 1953 crypto pki enroll on page 1954 crypto pki enroll user on page 1955 crypto pki export pem on page 1957 crypto pki export pkcs12 on page 1958 crypto pki import...

Страница 1951: ...bit lengths are more secure but require more computation time The specified key must not already exist Example To create a key with the label example server key and a bit length of 2048 use the comman...

Страница 1952: ...ith zeros The specified key must exist but must not be in use for any existing server certificates A key may not be deleted if it is associated with the server certificate or server certificate signin...

Страница 1953: ...llment setting is terminal then this command prompts the user to paste a certificate Privacy Enhanced Mail PEM file at the CLI terminal If the certificate is a valid selfsigned CA certificate then it...

Страница 1954: ...s command results in the direct generation of the server certificate signed by the root CA for the trustpoint If the trustpoint represents an external certificate authority then this command results i...

Страница 1955: ...IUS server The specified trustpoint must represent a locally self signed certificate authority The private key and certificate are packaged into a PKCS 12 formatted file suitable for export using the...

Страница 1956: ...sion 5 4 7 1 x PUBLIC KEY INFRASTRUCTURE COMMANDS CRYPTO PKI ENROLL USER To enroll all local RADIUS users with the trustpoint example use the following commands awplus enable awplus crypto pki enroll...

Страница 1957: ...ed Exec Usage The specified trustpoint must already exist and it must already be authenticated Example To display the PEM file for the trustpoint example to the terminal use the following commands awp...

Страница 1958: ...server certificate and thecorrespondingprivatekey iftheserverhasbeen enrolledtothetrustpoint The command prompts for a passphrase to encrypt the private key If a RADIUS username is specified this com...

Страница 1959: ...URE COMMANDS CRYPTO PKI EXPORT PKCS12 Example To export the PKCS 12 file example pk12 for the trustpoint example to the URL tftp backup use the following commands awplus enable awplus crypto pki expor...

Страница 1960: ...ure they are proper CA certificates and that the issuer chain ends in a root CA certificate already installed for the trustpoint If there is no root CA certificate for the trustpoint i e if the trustp...

Страница 1961: ...KEY INFRASTRUCTURE COMMANDS CRYPTO PKI IMPORT PEM To import the PEM file for the trustpoint example from the URL tftp server_a use the following commands awplus enable awplus crypto pki import exampl...

Страница 1962: ...here N is a non negative integer This operation is only valid if the server certificate does not already exist for the trustpoint i e if the server is not enrolled to the trustpoint PKCS 12 files for...

Страница 1963: ...cate the trustpoint as a local self signed certificate authority The no variant of this command destroys the trustpoint by removing all CA and server certificates associated with the trustpoint as wel...

Страница 1964: ...the root CA certificate Privacy Enhanced Mail PEM file at the terminal when the crypto pki authenticate command is issued It will create a Certificate Signing Request CSR file for the local server whe...

Страница 1965: ...ch any pre accepted value then the user will be prompted to verify the certificate contents and fingerprint visually This command is useful when certificates from an external certificate authority are...

Страница 1966: ...50170 01 Rev B Command Reference for x510 Series 1966 AlliedWare Plus Operating System Version 5 4 7 1 x PUBLIC KEY INFRASTRUCTURE COMMANDS FINGERPRINT TRUSTPOINT CONFIGURATION MODE crypto pki import...

Страница 1967: ...ed by the specified certificate the command will be rejected If the specified certificate is the root CA certificate and the trustpoint represents a locally selfsigned CA then the corresponding privat...

Страница 1968: ...equest The optional numeric parameter defines the bit length for the key and is only applicable for keys that are implicitly created during enrollment This command does not affect server certificates...

Страница 1969: ...erprint a hash of the key contents to help uniquely identify a key and a list of trustpoints in which the server certificate is using the key The specified keys must exist Example To show all keys use...

Страница 1970: ...with the server certificate and then displays its issuer and continues up the issuer chain until the root CA certificate is reached For each certificate the command displays the certificate type the...

Страница 1971: ...CN local loc lc Issuer C NZ CN local_Signing_CA Valid From Nov 11 15 35 21 2015 GMT Valid To Aug 31 15 35 21 2018 GMT Fingerprint 5A81D34C 759CC4DA CFCA9F65 0303AD83 410B03AF Intermediate CA certifica...

Страница 1972: ...rustpoints using the crypto pki export pkcs12 command Syntax crypto pki enrollment user username Mode Privileged Exec Example To show the list of trustpoints to which user exampleuser1 is enrolled use...

Страница 1973: ...nfigured to use the trustpoint and the trustpoint parameters that were configured from trustpoint configuration mode The specified trustpoints must already exist Example To show the details of the tru...

Страница 1974: ...ion Usage The subject name is specified as a variable number of fields where each field begins with a forward slash character Each field is of the form XX value where XX is the abbreviation of the nod...

Страница 1975: ...0 01 Rev B Command Reference for x510 Series 1975 AlliedWare Plus Operating System Version 5 4 7 1 x PUBLIC KEY INFRASTRUCTURE COMMANDS SUBJECT NAME TRUSTPOINT CONFIGURATION Related Commands crypto pk...

Страница 1976: ...ure the device to use TACACS servers For more information about TACACS see the TACACS Feature Overview and Configuration Guide Command List authorization commands on page 1977 aaa authorization comman...

Страница 1977: ...hod list with privilege level 15 to VTY lines 0 to 5 use the following commands awplus configure terminal awplus config line vty 0 5 awplus config line authorization commands 15 TAC15 To reset the com...

Страница 1978: ...nd Reference for x510 Series 1978 AlliedWare Plus Operating System Version 5 4 7 1 x TACACS COMMANDS AUTHORIZATION COMMANDS aaa authorization config commands tacacs server host Command changes Version...

Страница 1979: ...sent to the first available configured TACACS server the first server configured for authorization Parameter Description privilege level The privilege level of the set of commands the method list will...

Страница 1980: ...l fallback is not configured and all servers become unreachable then all commands except logout exit and quit will be denied The default method list is defined with a local fallback unless configured...

Страница 1981: ...tion Usage If authorization of configuration mode commands is not enabled then all configuration commands are accepted by default including command authorization commands NOTE Authorization of configu...

Страница 1982: ...ures that all TACACS packets sent from the device will have the same source IP address Once configured this affects all TACACS packets namely accounting authentication and authorization If the specifi...

Страница 1983: ...ured Timeout 5 sec Server Host Server IP Address Status 192 168 1 10 Alive 192 168 1 11 Unknown Table 1 Parameters in the output of the show tacacs command Output Parameter Meaning Source Interface IP...

Страница 1984: ...13 50170 01 Rev B Command Reference for x510 Series 1984 AlliedWare Plus Operating System Version 5 4 7 1 x TACACS COMMANDS SHOW TACACS Command changes Version 5 4 6 2 1 Source Interface parameter add...

Страница 1985: ...onfigured is regarded as the primary server and if the primary server fails then the backup servers are consulted in turn A backup server is consulted if the primary server fails not if a login authen...

Страница 1986: ...lowing commands awplus configure terminal awplus config tacacs server host tac1 company com To set the secret key to secret on the TACACS server 192 168 1 1 use the following commands awplus configure...

Страница 1987: ...s client and its TACACS servers If no secret key is specified for a particular TACACS server using the tacacs server host command this global key is used Examples To set the global secret key to secre...

Страница 1988: ...he no variant of this command resets the transmit timeout to the default 5 seconds Syntax tacacs server timeout seconds no tacacs server timeout Default The default timeout value is 5 seconds Mode Glo...

Страница 1989: ...itch ports e g port1 0 2 Command List arp security on page 1991 arp security violation on page 1992 clear arp security statistics on page 1994 clear ip dhcp snooping binding on page 1995 clear ip dhcp...

Страница 1990: ...13 service dhcp snooping on page 2015 show arp security on page 2017 show arp security interface on page 2018 show arp security statistics on page 2020 show debugging arp security on page 2022 show de...

Страница 1991: ...to disable ARP security on the VLANs Syntax arp security no arp security Default Disabled Mode Interface Configuration VLANs Usage Enable ARP security to provide protection against ARP spoofing DHCP s...

Страница 1992: ...has ARP security enabled it drops the packet This command sets the switch to perform additional actions in response to ARP violations If a port has been shut down in response to a violation to bring i...

Страница 1993: ...for x510 Series 1993 AlliedWare Plus Operating System Version 5 4 7 1 x DHCP SNOOPING COMMANDS ARP SECURITY VIOLATION Related Commands arp security show arp security interface show arp security statis...

Страница 1994: ...x clear arp security statistics interface port list Mode Privileged Exec Example To clear statistics for ARP security on interface port1 0 1 use the command awplus clear arp security statistics interf...

Страница 1995: ...t Mode Privileged Exec Usage This command removes dynamic entries from the database Note that dynamic entries can also be deleted by using the novariant of theip dhcp snooping binding command Dynamic...

Страница 1996: ...p snooping statistics interface port list Mode Privileged Exec Example To clear statistics for the DHCP snooping on interface port1 0 1 use the command awplus clear ip dhcp snooping statistics interfa...

Страница 1997: ...verview Use this command to enable ARP security debugging Use the no variant of this command to disable debugging for ARP security Syntax debug arp security no debug arp security Default Disabled Mode...

Страница 1998: ...t detail no debug ip dhcp snooping all acl db packet detail Default Disabled Mode Privileged Exec Example To enable access list debugging for DHCP snooping use the commands awplus debug ip dhcp snoopi...

Страница 1999: ...one port connected to a DHCP server configured as a trusted port by using the ip dhcp snooping trust command Any ACLs on a port that permit traffic matching DHCP snooping entries and block other traf...

Страница 2000: ...oping agent option no ip dhcp snooping agent option Default DHCP Relay Agent Option 82 insertion is enabled by default when DHCP snooping is enabled Mode Global Configuration Usage DHCP snooping must...

Страница 2001: ...If the switch is connected via untrusted ports to edge switches that insert DHCP Relay Agent Option 82 information into DHCP packets you may need to allow these DHCP packets through the untrusted por...

Страница 2002: ...number Mode Interface Configuration for a VLAN interface Usage The Circuit ID sub option is included in the DHCP Relay Agent Option 82 field of forwarded client DHCP packets DHCP snooping Option 82 in...

Страница 2003: ...DHCP Relay Agent Option 82 field of forwarded client DHCP packets DHCP snooping Option 82 information insertion is enabled ip dhcp snooping agent option command enabled by default and DHCPsnoopingise...

Страница 2004: ...g binding ipaddr macaddr vlan vid interface port expiry expiry time no ip dhcp snooping binding ipaddr Mode Privileged Exec Usage Note that dynamic entries can also be deleted from the DHCP snooping d...

Страница 2005: ...master it is only synchronized across stack members that also have USB storage devices installed If the location of the backup file is changed by using this command a new file is created in the new lo...

Страница 2006: ...ed from the DHCP snooping database when matching DHCP release messages are received Mode Global Configuration Usage DHCP clients send a release message when they no longer wish to use the IP address t...

Страница 2007: ...lete by linkdown Default Disabled by default DHCP Snooping bindings are not deleted when an interface goes down Mode Global Configuration Usage If this command is enabled in a stack and the master goe...

Страница 2008: ...hcp snooping acl command In general the default 1 will work well on an edge port with a single directly connected DHCP client If the port is on an aggregation switch that is connected to an edge switc...

Страница 2009: ...nooping Option 82 information insertion is enabled ip dhcp snooping agent option command enabled by default and DHCPsnoopingisenabled onthe switch servicedhcp snooping and onthe VLAN to which the port...

Страница 2010: ...p snooping trust Default All ports are untrusted by default Mode Interface Configuration port Usage Typically ports connecting the switch to trusted elements in the network towards the core are set as...

Страница 2011: ...Enabled source MAC addresses are verified by default Mode Global Configuration Usage When MAC address verification is enabled the switch treats DHCP packets with source MAC address and client hardwar...

Страница 2012: ...command IP packets dropped by DHCP snooping filters do not resultin other DHCP snooping violation actions Example To set the switch to send an SNMP notification and set the link status to link down if...

Страница 2013: ...amples To add a static entry to the DHCP snooping database for a client with the IP address 192 168 1 2 MAC address 0001 0002 0003 on port1 0 6 of vlan6 use the command awplus configure terminal awplu...

Страница 2014: ...for x510 Series 2014 AlliedWare Plus Operating System Version 5 4 7 1 x DHCP SNOOPING COMMANDS IP SOURCE BINDING Related Commands clear ip dhcp snooping binding ip dhcp snooping binding show ip dhcp s...

Страница 2015: ...ing this command be enabled on the particular VLAN by using the ip dhcp snooping command have at least one port connected to a DHCP server configured as a trusted port by using the ip dhcp snooping tr...

Страница 2016: ...ntain connectivity no access group command Examples To enable DHCP snooping on the switch use the command awplus configure terminal awplus config service dhcp snooping To disable DHCP snooping on the...

Страница 2017: ...y interface show arp security statistics Table 1 Example output from the show arp security command awplus show arp security ARP Security Information Total VLANs enabled 2 Total VLANs disabled 11 vlan1...

Страница 2018: ...security configuration for ports use the command awplus show arp security interface Parameter Description port list The ports to display ARP security information about The port list can include switc...

Страница 2019: ...p security statistics show log snmp server enable trap Table 4 Parameters in the output from the show arp security interface command Parameter Description Action The action the switch takes when it de...

Страница 2020: ...scription detail Display detailed statistics interface port list Display statistics for the specified ports Table 5 Example output from the show arp security statistics command awplus show arp securit...

Страница 2021: ...how log Table 7 Example output from the show arp security statistics detail command awplus show arp security statistics detail DHCP Snooping ARP Security Statistics Interface port1 0 3 In Packets 20 I...

Страница 2022: ...ity debugging configuration Syntax show debugging arp security Mode User and Privileged Exec Example To display the debugging settings for ARP security on the switch use the command awplus show debugg...

Страница 2023: ...ed Exec Example To display the DHCP snooping debugging configuration use the command awplus show debugging ip dhcp snooping Related Commands debug ip dhcp snooping show log Table 9 Example output from...

Страница 2024: ...ng acl show ip dhcp snooping agent option show ip dhcp snooping binding show ip dhcp snooping interface Table 48 1 Example output from show ip dhcp snooping DHCP Snooping Information DHCP Snooping ser...

Страница 2025: ...hardware ACL information use the command awplus show ip dhcp snooping acl hardware Parameter Description detail Detailed DHCP Snooping ACL information hardware DHCP Snooping hardware ACL information i...

Страница 2026: ...0 20 0000 aaaa bbbb port1 0 2 dhcpsn1 0 0 0 0 0000 0000 0000 port1 0 2 dhcpsn1 0 0 0 0 0000 0000 0000 port1 0 2 dhcpsn1 0 0 0 0 0000 0000 0000 port1 0 2 dhcpsn1 0 0 0 0 0000 0000 0000 port1 0 3 dhcpsn...

Страница 2027: ...imum Bindings 2 port1 0 4 Template filters 7 port1 0 4 Attached hardware filters 14 port1 0 4 Current bindings 1 1 free port1 0 4 Client 1 120 120 120 120 port1 0 4 Templates cheese via class map cmap...

Страница 2028: ...ption interface interface list Mode User Exec and Privileged Exec Examples To display DHCP snooping Option 82 information for all interfaces use the command awplus show ip dhcp snooping agent option T...

Страница 2029: ...p snooping show ip dhcp snooping interface awplus show ip dhcp snooping agent option DHCP Snooping Option 82 Configuration Key C Id Circuit Id Format R Id Remote Id S Id Subscriber Id Option 82 insert...

Страница 2030: ...1 2 3 4 aaaa bbbb cccc 7 1 0 6 Infinite Stat 1 2 3 6 any 4077 1 0 6 Infinite Stat 1 3 4 5 any 1 sa1 Infinite Stat 111 111 100 101 0000 0000 0001 111 112 1 1 1 1 0 6 4076 Dyna 111 111 101 108 0000 000...

Страница 2031: ...ng Type The source of the entry Dyna dynamically entered by snooping DHCP traffic configured by the ip dhcp snooping binding command or loaded from the database backup file Stat added statically by th...

Страница 2032: ...configuration information for If no ports are specified information for all ports is displayed Table 54 Example output from the show ip dhcp snooping interface command awplus show ip dhcp snooping int...

Страница 2033: ...nd Parameter Description Port The port interface name Status The port status untrusted default or trusted Full Leases The number of entries in the DHCP snooping database for the port Max Leases The ma...

Страница 2034: ...ces use the command awplus show ip dhcp snooping statistics Parameter Description detail Display detailed statistics interface interface list Display statistics for the specified interfaces The interf...

Страница 2035: ...ived Invalid 0 Option 82 Received On Untrusted Port 0 Option 82 Transmit On Untrusted Port 0 Reply Received On Untrusted Port 0 Source MAC CHADDR Mismatch 0 Static Entry Already Exists 0 Interface por...

Страница 2036: ...ile trying to insert DHCP Relay Agent Option 82 information Option 82 Received Invalid The DHCP Relay Agent Option 82 information received did not match the information inserted by DHCP Snooping Optio...

Страница 2037: ...Related Commands ip source binding show ip dhcp snooping binding Table 59 Example output from the show ip source binding command awplus show ip source binding IP Source Bindings Client MAC Expires IP...

Страница 2038: ...openflow controller on page 2040 openflow datapath id on page 2042 openflow failmode standalone on page 2043 openflow inactivity on page 2044 openflow native vlan on page 2045 openflow ssl peer certi...

Страница 2039: ...OpenFlow Controller A data plane port number is assigned to the port automatically Use the no variant of this command to cancel the setting of a port as a data plane port Syntax openflow no openflow D...

Страница 2040: ...e IANA assigned port number of 6653 awplus configure terminal awplus config openflow controller tcp 10 1 1 1 6653 To add an OpenFlow Controller with the address 10 1 1 1 using the SSL protocol awplus...

Страница 2041: ...C613 50170 01 Rev B Command Reference for x510 Series 2041 AlliedWare Plus Operating System Version 5 4 7 1 x OPENFLOW COMMANDS OPENFLOW CONTROLLER Command changes Version 5 4 7 1 1 command added...

Страница 2042: ...r 48 bits are configured based on the switch MAC address The top 16 bits are padded with zeros Mode Global Configuration Usage This command changes the DPID which is used as the OpenFlow switch ID in...

Страница 2043: ...OpenFlow Controller for three times the inactivity probe interval then OpenFlow will take over responsibility for setting up flows OpenFlow will cause the switch to act like an ordinary MAC learning...

Страница 2044: ...s connection to Controller s If no message is received from any Controller for three times the inactivity probe interval then OpenFlow will take over responsibility for setting up flows if in standalo...

Страница 2045: ...ntrol plane native VLAN The VLAN used as the OpenFlow native VLAN should not be used on non OpenFlow ports Use the no variant of this command to change the native VLAN for the data plane ports back to...

Страница 2046: ...eer certificate using the bootstrap mode use the commands awplus configure terminal awplus config openflow ssl peer certificate bootstrap To disable peer certificate validation use the commands awplus...

Страница 2047: ...local Default There is no trustpoint configured by default Mode Global Configuration mode Usage Use this command to specify a local self signed certificate authority trustpoint for authentication You...

Страница 2048: ...3 Syntax openflow version version list no openflow version Default The OpenFlow version is set to 1 3 by default Mode Global Configuration Usage This command overwrites any previously configured OpenF...

Страница 2049: ...d349 4d18 9d75 09ab66e19d81 Bridge of0 Controller tcp 192 168 1 2 6653 is_connected true fail_mode standalone Port of0 Interface of0 type internal Port port1 0 12 Interface port1 0 12 type system opti...

Страница 2050: ...When the fail mode is secure OpenFlow on the switch does not set up flows when the OpenFlow Controller fails When the fail mode is standalone OpenFlow on the switch sets up flows to work as a Layer 2...

Страница 2051: ...0 000 sec 0 4594 sec total 1768 vconn_open 0 4 sec 0 267 sec 0 2372 sec total 876 util_xalloc 370 2 sec 354 183 sec 416 7711 sec total 1590959 unixctl_replied 0 0 sec 0 017 sec 0 0028 sec total 10 uni...

Страница 2052: ...c total 521 handler_duplicate_upcall 0 0 sec 0 000 sec 0 1258 sec total 483 ofproto_update_port 0 0 sec 0 000 sec 0 0000 sec total 29 ofproto_recv_openflow 0 0 sec 0 000 sec 0 4111 sec total 1573 ofpr...

Страница 2053: ...of how the switch puts entries into the software and silicon flow tables Thiscommand displaysflowsinboththesoftwareandsiliconflow tables Asymbol at the start of each flow output indicates whether it...

Страница 2054: ...79 pcp 0 encap eth_type 0x0800 ipv4 frag no packets 1 bytes 346 used 3 938s actions pop_vlan 3 recirc_id 0 in_port 6 eth dst ff ff ff ff ff ff 01 00 00 00 00 00 eth_type 0x080 0 ipv4 frag no packets...

Страница 2055: ...drop duration 14s n_packets 0 n_bytes 0 priority 399 in_port 3 dl_src ec cd 6d c4 21 bd actions drop duration 14s n_packets 0 n_bytes 0 priority 399 in_port 4 dl_src ec cd 6d c4 21 bd actions drop du...

Страница 2056: ...n 85668s n_packets 736 n_bytes 144050 priority 0 reg0 0x1 actions controller reason no_match table_id 254 duration 85668s n_packets 19 n_bytes 5668 priority 0 reg0 0x2 actions drop Table 49 4 Paramete...

Страница 2057: ...ys the current SSL configuration for OpenFlow Example To display the current SSL configuration for OpenFlow use the command awplus show openflow ssl Output Figure 49 5 Example output from show openflo...

Страница 2058: ...d 0000eccd6dc421bd n_tables 254 n_buffers 0 capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATS QUEUE_STATS OFPST_PORT_DESC reply OF1 3 xid 0x3 1 port1 0 1 addr ec cd 6d c4 21 bd config 0 state...

Страница 2059: ...agments reassemble QUEUE_STATS queue statistics and GROUP_STATS group statistics OFPST_PORT_DESC replay OF1 3 xid 0x3 Indicates that the following information is from the OpenFlow version 1 3 Port Des...

Страница 2060: ...openflow config frags The action for the IP fragments normal dropped or reassembled Normal means that an attempt should be made to pass the fragments through the OpenFlow tables miss_send_len 0 The n...

Страница 2061: ...C613 50170 01 Rev B Command Reference for x510 Series 2061 AlliedWare Plus Operating System Version 5 4 7 1 x Part 6 Network Availability...

Страница 2062: ...cking see VCStack Feature Overview and Configuration Guide Also note the following stacking trigger commands that are documented in the Triggers chapter type stack disabled master type stack master fa...

Страница 2063: ...nter stack on page 2072 show debugging stack on page 2076 show running config stack on page 2077 show provisioning stack on page 2078 show stack on page 2079 show stack detail on page 2081 show stack...

Страница 2064: ...7 1 x VIRTUAL CHASSIS STACKING VCSTACK COMMANDS CLEAR COUNTER STACK clear counter stack Overview This command clears all stack counters for all stack members Syntax clear counter stack Mode Privileged...

Страница 2065: ...g link events topology discovery messages and all notable stacking events If link parameter is specified only the link events debugging information will be displayed Examples To enable debugging enter...

Страница 2066: ...r You can use this command within an AMF working set Examples To delete a file test scp that is located in Flash memory on all stack members use the following command awplus delete stack wide force te...

Страница 2067: ...ible for the path taken by packets travelling from host A to B to traverse different stack members than packets travelling from host B to A In this case the MAC addresses may not be learnt and traffic...

Страница 2068: ...Exec Usage If you are upgrading to a new software version the new version must also support rolling reboot NOTE When stacking is used with EPSR the EPSR failovertime must be set to at least 5 seconds...

Страница 2069: ...ference for x510 Series 2069 AlliedWare Plus Operating System Version 5 4 7 1 x VIRTUAL CHASSIS STACKING VCSTACK COMMANDS RELOAD ROLLING reload rolling Overview This command performs the same function...

Страница 2070: ...System Version 5 4 7 1 x VIRTUAL CHASSIS STACKING VCSTACK COMMANDS REMOTE COMMAND DELETED remote command deleted Overview This command has been deleted in Software Version 5 4 4 1 1 and later Instead...

Страница 2071: ...commands are still applied to all stack members but show commands and commands that access the file system are executed locally The specific output obtained will vary greatly depending on the show co...

Страница 2072: ...ples To display the stacking counter information about the whole stack use the following command awplus show counter stack Figure 50 1 Example output from the show counter stack command Virtual Chassi...

Страница 2073: ...1 Rx Layer 2 transport 0 Topology Error counters Version unsupported 0 Product unsupported 0 XEM unsupported 0 Too many units 0 Invalid messages 0 Resiliency Link counters Health status good 1 Health...

Страница 2074: ...that this unit s physical stack link has come down Nbr re init Number of times that the neighbor is detected as having reinitialized Nbr incompatible Number of times that the neighbor is detected as i...

Страница 2075: ...M unsupported Number of XEM unsupported errors Too many units Number of too many units errors Invalid messages Number of invalid messages Health status good The number of times that the resiliency lin...

Страница 2076: ...h debugging modes are currently enabled for stacking Syntax show debugging stack Mode User Exec and Privileged Exec Example To display the stack debugging mode status use the command awplus show debug...

Страница 2077: ...stack show running config stack Mode Privileged Exec and Global Configuration Example To display the stacking running configuration information use the command awplus show running config stack Output...

Страница 2078: ...o show provisioning use the following command awplus show provisioning Output Figure 50 4 Example output from show provisioning Related Commands show stack switch provision stack Switch provisioning s...

Страница 2079: ...y Backup Member 3 0015 77c9 7464 128 Syncing Backup Member 4 Provisioned Operational Status Normal operation Stack MAC address 0000 cd28 07e1 Table 3 Parameters in the output from the show stack comma...

Страница 2080: ...dWare Plus Operating System Version 5 4 7 1 x VIRTUAL CHASSIS STACKING VCSTACK COMMANDS SHOW STACK Related Commands show stack detail show counter stack show stack resiliencylink stack disabled master...

Страница 2081: ...ation about the stack s overall status awplus show stack detail Figure 50 6 Example output from show stack detail Virtual Chassis Stacking detailed information Stack Status Operational Status Not all...

Страница 2082: ...Down Stack port2 0 21 status Learnt neighbor 1 Virtual Chassis Stacking detailed information Stack Status Operational Status Normal operation Management VLAN ID 4094 Management VLAN subnet address 19...

Страница 2083: ...Member Priority 3 Host name awplus 3 S W version auto synchronizaion On Resiliency link status Successful Stack port 3 0 51 status learned neighbor 1 Stack port 3 0 52 status learned neighbor 2 Table...

Страница 2084: ...other stack members are present Not all stack ports are up One or more stacking ports may be down or stacking discovery may not have detected the neighbor successfully Stack Status The stack s overall...

Страница 2085: ...Master Monitoring feature is not used Role Stack member s role in the stack this can be one of Active Master DisabledMaster The temporary master when there is a communication break within the stack bu...

Страница 2086: ...show stack resiliencylink Mode User Exec and Privileged Exec Example To display information about the current status of the resiliency link across the stack members use the command awplus show stack r...

Страница 2087: ...iency link Can be one of Not configured Master or Member Configured Master only Successful Successfully receiving healthchecks from the Active Master Failed Member only Not receiving any healthchecks...

Страница 2088: ...oming a disabled master which has the configuration as a normal stack master except that all its switchports are shutdown For more information about the disabled master state see the VCStack Feature O...

Страница 2089: ...mand will remove the selected stack member from the stack At this point the removed member will act as a stand alone master and will disable all of its ports The switch can then only be accessed via i...

Страница 2090: ...edWare Plus Operating System Version 5 4 7 1 x VIRTUAL CHASSIS STACKING VCSTACK COMMANDS STACK ENABLE Example To turn on stacking on a stackable stand alone unit use the command awplus configure termi...

Страница 2091: ...command enables you to change the IP address command the subnet mask must always remain as shown The stack management IP subnet is solely used internally to the stacked devices and cannot be reached...

Страница 2092: ...gement VLAN is created and configured automatically so that the stack VLAN cannot be used in the stack s VLAN configuration commands This means you cannot enter commands such as awplus config vlan vla...

Страница 2093: ...master Where two stack members both have the same lowest priority value then the stack member with the lowest MAC address will be elected as master NOTE Assigning a new priority value will not immedi...

Страница 2094: ...k member 2 The existing stack ID must already be assigned to an existing stack member To avoid duplicating IDs a warning message will appear if you assign a new stack ID that is currently assigned to...

Страница 2095: ...sequentially This would normally be done either when the stack is initially configured or following a major reconfiguration The renumber will start on the specified stack member If that stack ID is no...

Страница 2096: ...Command Reference for x510 Series 2096 AlliedWare Plus Operating System Version 5 4 7 1 x VIRTUAL CHASSIS STACKING VCSTACK COMMANDS STACK RENUMBER CASCADE Related Commands show stack switch provision...

Страница 2097: ...master is still online but the stack will now split into two different stubs The stub containing the existing master will continue operating as normal The members in the masterless stub will now use a...

Страница 2098: ...ency link to be VLAN 4093 first create VLAN 4093 awplus configure terminal awplus config stack resiliencylink vlan4093 Then assign VLAN 4093 to the interface port in this case port1 0 1 awplus config...

Страница 2099: ...vice attempts to join a stack but is running a software release that is different to the other stack members the software version auto synchronization feature will copy the master s software release o...

Страница 2100: ...virtual chassis id entered will form the last 12 bits of a pre selected MAC prefix component that is 0000 cd37 0xxx If you enable the stack virtual MAC address feature by using the stack virtual mac c...

Страница 2101: ...me the VCStack master Before enabling the virtual MAC address feature you should check that the stack s virtual chassis id is not already used by another stack in the network Otherwise the duplicate M...

Страница 2102: ...ld be run to provision any stack member within this range and we advise this procedure In effect the syntax then becomes switch 1 4 provision x510 28 x510 52 However you could number the stack units w...

Страница 2103: ...rom the resiliency link VLAN Syntax switchport resiliencylink no switchport resiliencylink Mode Interface Configuration Usage Note that a resiliency link cannot be part of a static or dynamic aggregat...

Страница 2104: ...N if it is connected to a Microsoft Windows PC To avoid this we recommend disabling IGMP snooping on stack local VLANs by using the command no ip igmp snooping Examples To add a stack local VLAN with...

Страница 2105: ...ng System Version 5 4 7 1 x VIRTUAL CHASSIS STACKING VCSTACK COMMANDS VLAN MODE STACK LOCAL VLAN To remove VLAN 4002 use the following commands awplus configure terminal awplus config vlan database aw...

Страница 2106: ...eference for x510 Series 2106 AlliedWare Plus Operating System Version 5 4 7 1 x VIRTUAL CHASSIS STACKING VCSTACK COMMANDS UNDEBUG STACK undebug stack Overview This command applies the functionality o...

Страница 2107: ...Ware Plus Feature Overview and Configuration Guide Command List advertisement interval on page 2109 alternate checksum mode on page 2111 circuit failover on page 2112 debug vrrp on page 2114 debug vrr...

Страница 2108: ...Operating System Version 5 4 7 1 x VRRP COMMANDS show vrrp session on page 2136 transition mode on page 2138 undebug vrrp on page 2140 undebug vrrp events on page 2141 undebug vrrp packet on page 214...

Страница 2109: ...t interval is 1 second Mode Router Configuration Usage Note when using VRRP with VCStacking ensure the VRRP advertisement interval is larger than the VCStacking failover time to avoid VCStacking failo...

Страница 2110: ...interval 6 The example below shows you how to reset the advertisement interval to the default of 1 second for the VRRP IPv4 session with VR ID 5 on interface vlan2 awplus configure terminal awplus co...

Страница 2111: ...s sent by AlliedWare Plus devices Use the no variant of this command to disable the alternate checksum mode Syntax alternate checksum mode no alternate checksum mode Default Disabled Mode Router Confi...

Страница 2112: ...f VRRP is configured to monitor VLAN2 and VLAN3 with the commands awplus configure terminal awplus config interface vlan1 awplus config if ip address 192 168 1 1 24 awplus config if exit awplus config...

Страница 2113: ...above zero if all the interfaces go down Examples To configure circuit failover on an IPv4 VRRP instance so that if interface VLAN3 goes down then the priority of VRRP instance 1 is reduced by 30 use...

Страница 2114: ...s function Syntax debug vrrp all no debug vrrp all Mode Privileged Exec and Global Configuration Usage See the VRRP Feature Overview and Configuration Guide for more information about VRRPv3 debugging...

Страница 2115: ...Exec and Global Configuration Usage The debug vrrp events command enables the display of debug information related to VRRP internal events See the VRRP Feature Overview and Configuration Guide for mo...

Страница 2116: ...formation about VRRPv3 debugging details Examples The example belowshows youhow to enablereceived and sentpacket debugging for VRRP awplus configure terminal awplus config debug vrrp packet The exampl...

Страница 2117: ...on or a VRRPv3 IPv6 session on the router Syntax disable Mode Router Configuration Usage See the VRRP Feature Overview and Configuration Guide for more information about VRRPv3 IPv4 and IPv6 configura...

Страница 2118: ...RRP session using the virtual ip or virtual ipv6 and the router vrrp interface or router ipv6 vrrp interface commands before using this command See the VRRP Feature Overview and Configuration Guide fo...

Страница 2119: ...up router to relieve a lower priority backup router By default a preemptive scheme is enabled whereby a higher priority backup virtual router that becomes available take over for the backup virtual ro...

Страница 2120: ...preempt mode false The example below shows you how to configure preempt mode as true for VRRPv3 VR ID 3 on vlan1 awplus configure terminal awplus config router ipv6 vrrp 3 vlan1 awplus config router...

Страница 2121: ...ce then this VRRP router functions as the master virtual router Priority also determines whether a VRRP router functions as a backup virtual router and the order of ascendancy to becoming a master vir...

Страница 2122: ...as the priority for VRRPv3 VR ID 3 on vlan1 awplus configure terminal awplus config router ipv6 vrrp 3 vlan1 awplus config router priority 101 The example below shows you how to remove the configured...

Страница 2123: ...the virtual router when in master state NOTE Configuring a high number of instances may adversely affect the device s performance depending on the device CPU the other protocols it is running and whet...

Страница 2124: ...50170 01 Rev B Command Reference for x510 Series 2124 AlliedWare Plus Operating System Version 5 4 7 1 x VRRP COMMANDS ROUTER IPV6 VRRP INTERFACE Related Commands advertisement interval circuit failo...

Страница 2125: ...to forward on behalf of the virtual router when in master state NOTE Configuring a high number of instances may adversely affect the device s performance depending on the device CPU the other protoco...

Страница 2126: ...Rev B Command Reference for x510 Series 2126 AlliedWare Plus Operating System Version 5 4 7 1 x VRRP COMMANDS ROUTER VRRP INTERFACE Related Commands advertisement interval circuit failover disable VRR...

Страница 2127: ...wise debug output is in the log file For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide See the VRRP Feature O...

Страница 2128: ...Guide See the VRRP Feature Overview and Configuration Guide for more information about VRRPv3 IPv6 configuration details Syntax show running config router vrrp Mode Privileged Exec Global Configuratio...

Страница 2129: ...rview and Configuration Guide See the VRRP Feature Overview and Configuration Guide for more information about VRRPv3 IPv4 configuration details Syntax show running config router vrrp Mode Privileged...

Страница 2130: ...p To display brief summary output about VRRP IPv4 sessions enter the command awplus show vrrp brief Output Figure 51 3 Example output from the show vrrp command Figure 51 4 Example output from the sho...

Страница 2131: ...C613 50170 01 Rev B Command Reference for x510 Series 2131 AlliedWare Plus Operating System Version 5 4 7 1 x VRRP COMMANDS SHOW VRRP Related Commands enable VRRP disable VRRP...

Страница 2132: ...the counters below the sample output as per RFC2787 NOTE Note that the counters displayed with this commands are the same counters as described in RFC 2787 Copyright C The Internet Society 2000 All Ri...

Страница 2133: ...ith descriptions for the show vrrp counters command Counter Description Master Transitions The total number of times that this virtual router s state has transitioned to MASTER Received Advertisements...

Страница 2134: ...of packets received with a packet length less than the length of the VRRP header Monitored Circuit Up The total number of times the monitored circuit has generated the UP event Monitored Circuit Down...

Страница 2135: ...information about VRRPv3 IPv6 configuration details Syntax show vrrp ipv6 interface Mode User Exec and Privileged Exec Example To display information about all VRRPv3 IPv6 sessions enter the command a...

Страница 2136: ...e See the below sample output from the show vrrp command displaying information about VRRP session 1 configured on vlan2 Output shows that a Virtual IP address has been set awplus show vrrp 1 vlan2 Se...

Страница 2137: ...S SHOW VRRP SESSION Example The following command shows information about VRRP session 5 for interface vlan2 awplus show vrrp 5 vlan2 awplus show vrrp 1 vlan3 Address family IPv4 VrId 1 Interface is v...

Страница 2138: ...hen using transition mode VRRPv2 can only use advertisements in whole second intervals Syntax transition mode true false Default The default is false Mode Router Configuration Usage See the VRRP Featu...

Страница 2139: ...Version 5 4 7 1 x VRRP COMMANDS TRANSITION MODE The example below shows you how to configure IPv4 transition mode as false for VRRP VR ID 5 on vlan2 awplus configure terminal awplus config router vrr...

Страница 2140: ...ystem Version 5 4 7 1 x VRRP COMMANDS UNDEBUG VRRP undebug vrrp Overview Use this command to disable all VRRP debugging Syntax undebug vrrp all Mode Privileged Exec Example The example below shows you...

Страница 2141: ...OMMANDS UNDEBUG VRRP EVENTS undebug vrrp events Overview Use this command to disable debugging options for VRRP event troubleshooting Syntax undebug vrrp events Mode Privileged Exec Example The exampl...

Страница 2142: ...ged Exec Examples The example below shows you how to disable VRRP sent packet debugging awplus undebug vrrp packet send The example below shows you how to disable VRRP received packet debugging awplus...

Страница 2143: ...VRRP Feature Overview and Configuration Guide for more information about VRRPv3 IPv4 configuration details Examples The example below shows you how to set the virtual IP address for VRRP VR ID 5 and t...

Страница 2144: ...R ID 5 and the router as owner of the virtual IPv4 address awplus configure terminal awplus config router vrrp 5 vlan2 awplus config router virtual ip 192 0 2 30 owner The example below shows you how...

Страница 2145: ...link local addresses are used by IPv6 ND Neighbor Discovery A host s default route to a router points to the IPv6 link local address not a specific global IPv6 address for the router For the host s tr...

Страница 2146: ...awplus config router virtual ipv6 fe80 1 master The example below shows you how to set the virtual IPv6 address for VRRPv3 VR ID 3 and the router as the VRRPv3 backup awplus configure terminal awplus...

Страница 2147: ...s for any ARP responses associated with the virtual IP address or any gratuitous ARPs sent on behalf of the virtual IP address All VRRP advertisements are sent using this virtual MAC address as the so...

Страница 2148: ...AlliedWare Plus Feature Overview and Configuration Guide Command List debug epsr on page 2150 epsr on page 2151 epsr configuration on page 2153 epsr datavlan on page 2154 epsr enhancedrecovery enable...

Страница 2149: ...0 01 Rev B Command Reference for x510 Series 2149 AlliedWare Plus Operating System Version 5 4 7 1 x ETHERNET PROTECTION SWITCHED RING EPSRING COMMANDS show epsr summary on page 2173 undebug epsr on p...

Страница 2150: ...n from being sent to the console msg Send the decoded received and transmitted EPSR packets to the console Using this parameter with the no debug epsr command will explicitly exclude the above packets...

Страница 2151: ...nstance called blue use the command awplus config epsr epsr blue hellotime 5 NOTE When stacking is used with EPSR the EPSR failovertime should be at least 5 seconds To delete the EPSR instance called...

Страница 2152: ...re Plus Operating System Version 5 4 7 1 x ETHERNET PROTECTION SWITCHED RING EPSRING COMMANDS EPSR Related Commands epsr mode master controlvlan primary port epsr mode transit controlvlan epsr configu...

Страница 2153: ...RING COMMANDS EPSR CONFIGURATION epsr configuration Overview Use this command to enter EPSR Configuration mode so that EPSR can be configured Syntax epsr configuration Mode Global Configuration Exampl...

Страница 2154: ...94 using the epsr datavlan command Examples To add vlan3 to the EPSR instance called blue use the command awplus config epsr epsr blue datavlan vlan3 To add vlan2 and vlan3 to the EPSR instance called...

Страница 2155: ...e than one break partially mends For more information see the EPSR Feature Overview and Configuration Guide The no variant of this command disables the enhanced recovery mode Syntax epsr epsr instance...

Страница 2156: ...gainst this because in certain situations it can produce unpredictable results Mode EPSR Configuration Example To create a master EPSR instance called blue with vlan2 as the control VLAN and port1 0 1...

Страница 2157: ...r static channels an algorithm selects the two ports or channels with the lowest number to be the ring ports However if the switch has only one channel group is defined to the control vlan EPSR will n...

Страница 2158: ...on Syntax epsr epsr instance priority 0 127 no epsr instance priority Default The default priority of an EPSR instance on an EPSR node is 0 The negated form of this command resets the priority of an E...

Страница 2159: ...Syntax epsr epsr instance state enabled disabled Mode EPSR Configuration Example To enable the EPSR instance called blue use the command awplus config epsr epsr blue state enabled Related Commands eps...

Страница 2160: ...mand is to allow EPSR to accept notifications from other topology protocols namely G 8032 about Topology Change Notifications TCN Once EPSR accepts the TCN it will in turn notify the other nodes on th...

Страница 2161: ...stance The traps will no longer be sent when the EPSR instance changes state Syntax epsr epsr instance trap no epsr epsr instance trap Mode EPSR Configuration Example To enable traps for the EPSR inst...

Страница 2162: ...OTECTION SWITCHED RING EPSRING COMMANDS SHOW DEBUGGING EPSR show debugging epsr Overview This command shows the debugging modes enabled for EPSR Syntax show debugging epsr Mode User Exec and Privilege...

Страница 2163: ...es use the command awplus show epsr Output non superloop topology The following examples show the output display for a non superloop topology network Table 1 Example output from the show epsr command...

Страница 2164: ...Control Vlan 4 Data VLAN s 20 Interface Mode Ports Only Primary Port port1 0 3 Primary Port Status Forwarding Secondary Port port1 0 4 Secondary Port Status Forwarding Hello Time 1 s Failover Time 2...

Страница 2165: ...Priority 12 Table 5 Parameters displayed in the output of the show epsr command Parameter on Master Node Parameter on Transit Node Description Name Name The name of the EPSR instance Mode Mode The mod...

Страница 2166: ...physical control of it Note that on a master configured for SuperLoop Prevention non zero priority its secondary ring port can be physically forwarding but logically blocking This situation arises whe...

Страница 2167: ...e master controlvlan primary port epsr mode transit controlvlan show epsr counters Enhanced Recovery Enhanced Recovery Whether the EPSR instance has enhanced recovery mode enabled SLP Priority SLP Pri...

Страница 2168: ...orts on the switch use the command awplus show epsr common segments Related Commands show epsr show epsr summary show epsr counters Table 6 Example output from the show epsr common segments command EP...

Страница 2169: ...less than 5 seconds for a stacked device The instance is a master with its secondary port on a common segment Syntax show epsr instance config check Mode User Exec and Privileged Exec Example To chec...

Страница 2170: ...ew This command displays information about the specified EPSR instance Syntax show epsr epsr instance Mode User Exec and Privileged Exec Example To show the current settings of the EPSR instance calle...

Страница 2171: ...verview This command displays counter information about the specified EPSR instance Syntax show epsr epsr instance counters Mode User Exec and Privileged Exec Example To show the counters of the EPSR...

Страница 2172: ...W EPSR COUNTERS show epsr counters Overview This command displays counter information about all EPSR instances Syntax show epsr counters Mode User Exec and Privileged Exec Example To show the counters...

Страница 2173: ...ut from the show epsr summary command EPSR Summary Information Abbreviations M Master node T Transit node C is on a common segment with other instances P instance on a common segment has physical cont...

Страница 2174: ...or x510 Series 2174 AlliedWare Plus Operating System Version 5 4 7 1 x ETHERNET PROTECTION SWITCHED RING EPSRING COMMANDS UNDEBUG EPSR undebug epsr Overview This command applies the functionality of t...

Страница 2175: ...Configuration Guide Command List cfm sf notify on page 2177 clear g8032 erp instance on page 2179 clear g8032 erp instance statistics on page 2180 data traffic on page 2181 debug g8032 on page 2182 e...

Страница 2176: ...ON SWITCHING COMMANDS show debugging g8032 on page 2199 show g8032 erp instance on page 2200 show g8032 erp instance statistics on page 2205 show g8032 physical ring on page 2207 show g8032 profile on...

Страница 2177: ...SF for that East or West ring port Similarly CFM Local MEPs can notify G 8032 that the fault has cleared When this command is used this G 8032 ERP instance will ensure that the specified Local MEP is...

Страница 2178: ...Plus Operating System Version 5 4 7 1 x G 8032 ETHERNET RING PROTECTION SWITCHING COMMANDS CFM SF NOTIFY Related Commands ethernet cfm domain name ethernet cfm mep g8032 erp instance service ma name s...

Страница 2179: ...used on an ERP instance where a forced switch or manual switch command has been successfully entered to clear that action The command will be ignored if a force switch or manual switch command had not...

Страница 2180: ...Exec Usage A G 8032 ERP instance keeps statistical data as counts on a variety of data such as the number of certain types of Ring Automatic Protection Switching R APS messages sent and received over...

Страница 2181: ...ce The data VLAN s must already exist The data VLAN s port members should be members of the ring interface s but it is not enforced When a data traffic VLAN s is removed any blocks that were in place...

Страница 2182: ...sable G 8032 debugging Syntax debug g8032 all event rx tx no debug g8032 all event rx tx Mode Privileged Exec Example To enable all G 8032 debugging use the following command awplus debug g8032 all Re...

Страница 2183: ...e modes of operation Once a ring failure has abated a G 8032 ring instance will check its mode of operation and if the mode is revertive it will attempt to revert back to where the RPL Owner controls...

Страница 2184: ...mand is to allow EPSR to accept notifications from other topology protocols namely G 8032 about Topology Change Notifications TCN Once EPSR accepts the TCN it will in turn notify the other nodes on th...

Страница 2185: ...ked Otherwise the node will block one of its ring ports All the nodes will send Ring Automatic Protection Switching R APS messages initially The G 8032 protocol and state machines will transition the...

Страница 2186: ...ERP instance is made up of two ERP ring ports a Control VLAN that carries Ring Automatic Protection Switching R APS messages and zero one or more Protected traffic data VLANs that the instance protec...

Страница 2187: ...lliedWare Plus Operating System Version 5 4 7 1 x G 8032 ETHERNET RING PROTECTION SWITCHING COMMANDS G8032 ERP INSTANCE rpl role show g8032 erp instance show g8032 erp instance statistics sub ring top...

Страница 2188: ...r the clearing of a failure If a node that was issued a Force Switch command later fails then it becomes difficult to remove the Force Switch condition from the ring In this situation the operator has...

Страница 2189: ...difference between a Manual switch and a Forced switch is that the Manual Switch will be ignored under various conditions In particular only one Manual Switch is allowed on a G 8032 ring at a time If...

Страница 2190: ...s When only a single port is used it is referred to as a Terminating port Example To create a physical ring profile named red where the East interface port is port1 0 5 and the West interface port is...

Страница 2191: ...Command Reference for x510 Series 2191 AlliedWare Plus Operating System Version 5 4 7 1 x G 8032 ETHERNET RING PROTECTION SWITCHING COMMANDS G8032 PHYSICAL RING sub ring Command changes Version 5 4 7...

Страница 2192: ...the name default profile will exist in the system and is used by default by an ERP instance All the parameters in the default profile take on the default values Mode Global Configuration Example To e...

Страница 2193: ...tance will use the configured level for sending R APS messages and is the level that the instance expects to receive If the node receives an R APS message with the improper level then the message will...

Страница 2194: ...has two ring ports unless it is at the end of a sub ring in which case it has only one ring port Ring port s are specified using a G 8032 physical ring instance This command can only be accepted when...

Страница 2195: ...ses a profile which contains timer configurations and configurations for revertive modes of operation This configuration can be accepted regardless of the ERP instance being disabled or enabled Any pa...

Страница 2196: ...or carrying an R APS message This VLAN is also used to identify the proper ring instance to all the other nodes in the ring The VLAN must be tagged members of the G 8032 physical ring instance associa...

Страница 2197: ...for the other ring port When using this command to set the RPL role to none an interface need not be specified as this command will set all the ring ports RPL role to none The command can onlybe acce...

Страница 2198: ...erence for x510 Series 2198 AlliedWare Plus Operating System Version 5 4 7 1 x G 8032 ETHERNET RING PROTECTION SWITCHING COMMANDS RPL ROLE g8032 physical ring show g8032 erp instance Command changes V...

Страница 2199: ...r G 8032 Syntax show debugging g8032 Mode User Exec and Privileged Exec Example To show the debugging modes enabled for G 8032 use the following command awplus show debugging g8032 Output Figure 53 1...

Страница 2200: ...ow g8032 erp instance blue Output Figure 53 2 Example output from the show g8032 erp instance command Parameter Description erp instance name The name of a specific G 8032 ERP instance all Use this to...

Страница 2201: ...tance name for this instance Admin State The configured administrative state of this instance either enabled or disabled When the ERP instance is disabled all dynamic data for other parameters in this...

Страница 2202: ...d in which case will be displayed if no target instances have been identified Otherwise a is displayed anyway Identifies the protocol to notify Only G8032 will be supported initially instance name Ide...

Страница 2203: ...the protection switch request being sent or received in the R APS message Consists of one of NR No Request for protection switching SF Signal Fail MS Manual Switch request FS Force Switch request Eve...

Страница 2204: ...m Version 5 4 7 1 x G 8032 ETHERNET RING PROTECTION SWITCHING COMMANDS SHOW G8032 ERP INSTANCE Related Commands data traffic erp instance g8032 erp instance level G 8032 physical ring profile name rpl...

Страница 2205: ...g8032 erp instance blue statistics Output Figure 53 3 Example output from the show g8032 erp instance statistics command Parameter Description erp instance name The name of a specific G 8032 ERP inst...

Страница 2206: ...ved or sent RAPS NR RB The number of R APS messages with a No Request RPL Blocked NR RB being received or sent RAPS SF The number of R APS messages with Signal Fail SF being received or sent RAPS FS T...

Страница 2207: ...Example output from the show g8032 physical ring command Related Commands g8032 physical ring Command changes Version 5 4 7 0 1 command added Parameter Description physical ring name The name of the p...

Страница 2208: ...ription erp profile name The name of the G 8032 profile that was created by the user default profile The default name of the G 8032 profile that was created automatically by the system all Using this...

Страница 2209: ...510 Series 2209 AlliedWare Plus Operating System Version 5 4 7 1 x G 8032 ETHERNET RING PROTECTION SWITCHING COMMANDS SHOW G8032 PROFILE Related Commands enable G 8032 g8032 profile timer G 8032 Comma...

Страница 2210: ...gs must be attached to either a major ring one that is fully closed or to other sub rings where one of the other sub rings itself is attached to a major ring Setting the mode to sub ring should also b...

Страница 2211: ...me for the G 8032 defect to clear A classic example is when the ERP Physical ring port is carried over a SONET SDH transmission system that itself has 50ms recovery times If G 8032 detects a failure t...

Страница 2212: ...e for x510 Series 2212 AlliedWare Plus Operating System Version 5 4 7 1 x G 8032 ETHERNET RING PROTECTION SWITCHING COMMANDS TIMER G 8032 Related Commands g8032 profile show g8032 profile Command chan...

Страница 2213: ...as a sub ring with a Terminating interface it is protecting the same data VLANs as the target instance and the target ERP instance must have two ring ports When the detecting ERP instance detects a t...

Страница 2214: ...SWITCHING COMMANDS TOPOLOGY CHANGE Example To enable sending of R APS flush event messages on an ERP instance named blue use the following commands awplus config g8032 erp instance blue awplus g8032 c...

Страница 2215: ...ed Mode G8032 Configure Switch Usage Globally ERP traps are disabled by default but can be enabled globally using the snmp server enable trap command Example To disable the SNMP traps for an ERP insta...

Страница 2216: ...or various G 8032 debug attributes Syntax undebug g8032 all event rx tx Mode Privileged Exec Example To turn off all G 8032 debugging use the following command awplus undebug g8032 all Related Command...

Страница 2217: ...C613 50170 01 Rev B Command Reference for x510 Series 2217 AlliedWare Plus Operating System Version 5 4 7 1 x Part 7 Network Management...

Страница 2218: ...only link to one other AMF node They cannot form cross links or virtual links AMF naming convention When AMF is enabled on a device it will automatically be assigned a host name If a host name has alr...

Страница 2219: ...backup guests synchronize on page 2244 atmf backup now on page 2245 atmf backup redundancy enable on page 2247 atmf backup server on page 2248 atmf backup stop on page 2250 atmf backup synchronize on...

Страница 2220: ...299 atmf secure mode certificate expire on page 2301 atmf secure mode certificate expiry on page 2302 atmf secure mode certificate renew on page 2303 atmf secure mode enable all on page 2304 atmf sele...

Страница 2221: ...e 2365 show atmf guests on page 2367 show atmf guests detail on page 2369 show atmf links on page 2372 show atmf links detail on page 2374 show atmf links guest on page 2383 show atmf links guest deta...

Страница 2222: ...ELESIS MANAGEMENT FRAMEWORK AMF COMMANDS switchport atmf agentlink on page 2418 switchport atmf arealink remote area on page 2419 switchport atmf crosslink on page 2421 switchport atmf guestlink on pa...

Страница 2223: ...de AMF Container Configuration Usage The AMF area link connects the AMF controller on a VAA host to the AMF container Once a container has been created with the atmf container command and an area link...

Страница 2224: ...ESIS MANAGEMENT FRAMEWORK AMF COMMANDS AREA LINK To remove an area link from container vac wlg 1 use the commands awplus configure terminal awplus config atmf container vac wlg 1 awplus config atmf co...

Страница 2225: ...ber of areas supported on a controller depends on the license installed on that controller You must give each area in an AMF network a unique name and ID number Only one local area can be configured o...

Страница 2226: ...ies 2226 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS ATMF AREA Related Commands atmf area password show atmf area show atmf area summary show at...

Страница 2227: ...ally on both of the area that locally contains the controller and the remote AMF area masters The command show running config atmf will display the encrypted version of this password The encryption ke...

Страница 2228: ...ies 2228 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS ATMF AREA PASSWORD Related Commands atmf area show atmf area show atmf area summary show at...

Страница 2229: ...sters must be authorized by the controller and the AMF remote area masters will also need to authorized access from the AMF controller Example To authorize all AMF nodes in the pending authorization q...

Страница 2230: ...0 Series 2230 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS ATMF AUTHORIZE show atmf secure mode certificates show atmf secure mode statistics Com...

Страница 2231: ...f authorize provision mac mac address no atmf authorize provision all Default The default timeout is 60 minutes Mode Privileged Exec Example To provisionally authorize all non secure AMF nodes use the...

Страница 2232: ...ROVISION To authorize a node with a MAC address of 0000 cd28 0880 for 2 hours use the command awplus authorize provision timeout 120 mac 0000 cd28 0880 To remove all provisional authorization on an AM...

Страница 2233: ...schedule backup requests to begin at 11 am and execute twice per day 11 am and 11 pm use the following command node_1 configure terminal node_1 config atmf backup 11 00 frequency 2 CAUTION File names...

Страница 2234: ...Note that this command can only be run on an AMF controller Syntax atmf backup area masters delete area area name node node name Mode Privileged Exec Example To delete the backup of the remote area m...

Страница 2235: ...lt Remote area backups are disabled by default Usage Use the following commands to configure the remote area master backups atmf backup to configure when the backups begin and how often they run atmf...

Страница 2236: ...eged Exec Example To back up all local master nodes in all areas controlled by controller 1 use the command controller 1 atmf backup area masters now To back up all local masters in the AMF area named...

Страница 2237: ...en the active remote file server and the backup remote file server Files are copied from the active server to the remote server Note that this command is only valid on AMF controllers Syntax atmf back...

Страница 2238: ...the maximum configurable speed of 1000 kBps In effect zero means unlimited Use the no variant of this command to reset to its default value of zero the maximum bandwidth in kilobytes per second kBps a...

Страница 2239: ...ackup file from the external media of a specified AMF node Note that this command can only be run from an AMF master node Syntax atmf backup delete node name Mode Privileged Exec Example To delete the...

Страница 2240: ...up enable Default Automatic AMF backup functionality is enabled on the AMF master when it is configured and external media i e an SD card or a USB storage device or remote server is detected Mode Glob...

Страница 2241: ...Syntax atmf backup guests delete node name guest port Mode User Exec Privileged Exec Example On a parent node named node1 which in this case the user has a direct console connection to usethefollowing...

Страница 2242: ...isable the ability of the guest nodes to be backed up Syntax atmf backup guests enable no atmf backup guests enable Default Guest node backups are enabled by default Mode Global Config Usage We recomm...

Страница 2243: ...now node name guest port Default N A Mode Privileged Exec Example Use the following command to manually trigger the backup of all guests in the AMF network awplus atmf backup guests now Example To ma...

Страница 2244: ...ndancy backup media such as USB storage devices This facility ensures that each device contains the same backup image files Note that this backup synchronization process will occur as part of the regu...

Страница 2245: ...nt backups on both masters you can apply the backup now command to the master working set This is shown in Example 4 below Example 1 In this example an AMF member has not been assigned a host name The...

Страница 2246: ...nex and store the configuration on both masters use the following process From the AMF_master_1 set the working set to comprise only of the automatic group master nodes AMF_Master_1 atmf working set g...

Страница 2247: ...r supports any removable media SD card USB it uses the removable media as the redundant backup for the AMF data backup This feature is valid only if remote file servers are configured on the AMF Maste...

Страница 2248: ...mmands AMF_Master_1 configure terminal AMF_Master_1 config atmf backup server id 1 192 168 1 1 username backup1 Parameter Description id Remote server backup server identifier 1 2 The backup server id...

Страница 2249: ...2 with a hostname and username use the command AMF_Master_1 configure terminal AMF_Master_1 config atmf backup server id 2 www example com username backup2 To configure server 2 with a hostname and us...

Страница 2250: ...is command separately on each master node or add both masters to a working set and issue this command to the working set Note that this command can only be run on a master node Syntax atmf backup stop...

Страница 2251: ...o its backup remote file server Note that this process happens automatically each time the network is backed up Note that this command can only be run from a master node Syntax atmf backup synchronize...

Страница 2252: ...t then reboots to put the device in a clean state ready to be used as a replacement node on a provisioned port Syntax atmf cleanup Mode Privileged Exec Usage This command is an alias to the erase fact...

Страница 2253: ...nfiguration Guide for more information on running multiple tenants on a single VAA host Use the no variant of this command to remove an AMF container Syntax atmf container container name no atmf conta...

Страница 2254: ...ation Guide for more information on running multiple tenants on a single VAA host Syntax atmf container login container name Mode Privileged Exec Usage If you try to login to a AMF container that has...

Страница 2255: ...valid AMF controller license is not available on the device the device will accept this command but will not act as a controller until you install a valid license The following message will warn you...

Страница 2256: ...nameisupdatedusingthe bootsystemcommand Theoldrelease will become the backup release file If a release file exists in a remote device such as TFTP or HTTP for example then the URL should specify the e...

Страница 2257: ...e File Status Team1 x510 5 4 7 1 1 rel Release ready Team2 x930 5 4 7 1 1 rel Release ready Team3 x930 5 4 7 1 1 rel Release ready Continue the rolling reboot y n y Copying Release x510 5 4 7 1 1 rel...

Страница 2258: ...in VLANs each having the same VID and each being applied to a horizontal slice domain of the AMF It follows therefore thatthedomain VLANsare only applied to ports that form cross links and not to port...

Страница 2259: ...execute the command in parallel leave the AMF network and attempt to rejoin through the new VLAN 4 Create the working set again using the commands master config exit master atmf working set group all...

Страница 2260: ...MMANDS ATMF DOMAIN VLAN To reset the AMF domain VLAN to its default of 4091in an existing AMF network use the following commands master atmf working set group all test 10 configure terminal test confi...

Страница 2261: ...configured the AMF feature starts automatically when the device starts up Mode Global Configuration Usage The device does not auto negotiate AMF domain specific settings such as the Network Name You...

Страница 2262: ...are automatically assigned to the master group Use the no variant of this command to remove the membership Syntax atmf group group list no atmf group group list Mode Global Configuration Usage You ca...

Страница 2263: ...d sales first add the nodes to the working set master_node atmf working set member_node_1 member_node_2 This command returns the following output confirming that the nodes member_node_1 and member_nod...

Страница 2264: ...mode discovery method model type http enable setting guest port user name and password The no variant of this command removes the guest class Note that you cannot remove a guest class that is assigned...

Страница 2265: ...170 01 Rev B Command Reference for x510 Series 2265 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS ATMF GUEST CLASS show atmf links guest show atmf...

Страница 2266: ...mand to reset to the default Syntax atmf log verbose 1 3 no atmf log verbose Default The default log display is 3 Usage This command is intended for use in large networks where verbose output can make...

Страница 2267: ...ll devices the same setting so they can all rejoin the AMF network Use the no variant of this command to remove the assigned subnet Syntax atmf management subnet a b 0 0 no atmf management subnet Defa...

Страница 2268: ...10 nodes test 10 3 Enter the new subnet address using the commands test 10 configure terminal test config 10 atmf management subnet a b 0 0 The nodes will execute the command in parallel leave the AM...

Страница 2269: ...NAGEMENT SUBNET To reset the AMF management subnet address to its default of 172 31 0 0 in an existing AMF network use the following commands master atmf working set group all test 10 configure termin...

Страница 2270: ...d try to rejoin it The AMF network will not be complete until you have given all devices the same setting so they can all rejoin the AMF network Use the no variant of this command to restore the VID t...

Страница 2271: ...ogging into their consoles directly NOTE The management VLAN will automatically be assigned an IP subnet address based on the value configured by the command atmf management subnet The default VLAN ID...

Страница 2272: ...r nodes may exist in a network and they must be connected by an AMF crosslink NOTE Master nodes are an essential component of an AMF network In order to run AMF an AMF License is required for each mas...

Страница 2273: ...de Global Configuration Usage The default value of 1300 will work for all AMF networks including those that involve virtual links over IPsec tunnels If there are virtual links over IPsec tunnels anywh...

Страница 2274: ...ring an AMF master node see the command atmf master Use the no variant of this command to remove the AMF network name Syntax atmf network name name no atmf network name Mode Global Configuration Usage...

Страница 2275: ...ision nodename no atmf provision Default No AMF provisioning Mode Interface Configuration for a switchport a static aggregator or a dynamic channel group Usage The port should be configured as an AMF...

Страница 2276: ...st delete it before using the atmf provision node clone command When using this command it is important to be aware of the following A copy of media atmf atmf_name nodes source_node flash will be made...

Страница 2277: ...he new provisioned node device3 Figure 54 2 Sample output from the show atmf backup command device1 atmf provision node device3 clone device2 Copying Successful operation device1 show atmf backup Sche...

Страница 2278: ...ng this command to set a backup configuration file the specified AMF provisioned node must exist The specified file must exist in the flash directory created for the provisioned node in the AMF remote...

Страница 2279: ...Usage When using this command to set a backup release file the specified AMF provisioned node must exist The specified file must exist in the flash directory created for the provisioned node in the A...

Страница 2280: ...rovision node clone must be executed before you can use other atmf provision node commands with the specified node name If a backup or provisioned node already exists for the specified node name then...

Страница 2281: ...AMF Feature Overview and Configuration Guide Related commands atmf provision node clone device1 show atmf backup Scheduled Backup Enabled Schedule 1 per day starting at 03 00 Next Backup Time 01 Oct 2...

Страница 2282: ...want to use the atmf provision node delete command to delete a provisioned node that was created in error or that is no longer needed This command cannot be used to delete backups created by the AMF...

Страница 2283: ...provision node create device1 show atmf backup Scheduled Backup Enabled Schedule 1 per day starting at 03 00 Next Backup Time 01 Oct 2016 03 00 Backup Bandwidth Unlimited Backup Media USB Total 7446...

Страница 2284: ...copy of the certificate file is deleted from AMF backup media Use the no variant of this command to set it back to the default This command can only be run on AMF master nodes Syntax atmf provision no...

Страница 2285: ...mf provision nodes command Related commands show atmf provision nodes device1 show atmf provision nodes ATMF Provisioned Node Information Backup Media SD Total 3827 0MB Free 3481 1MB Node Name device2...

Страница 2286: ...n the command has already been set up Otherwise an error message is shown when the command is run NOTE We advise that after running this command you return to a known working directory typically flash...

Страница 2287: ...reboot the next node in the sequence This command can take a significant amount of time to complete Syntax atmf reboot rolling force url Mode Privileged Exec Usage You can load the software from a var...

Страница 2288: ...ecify the exact release filename without using wild card characters On bootup the software release is verified Should an upgrade fail the upgrading unit will revert back to its previous software versi...

Страница 2289: ...m3 Working set join ATMF_NETWORK 3 atmf reboot rolling ATMF Rolling Reboot Nodes Timeout Node Name Minutes SW_Team1 14 SW_Team2 8 SW_Team3 8 Continue the rolling reboot y n y ATMF Rolling Reboot Reboo...

Страница 2290: ...lling Reboot Nodes Timeout Node Name Minutes New Release File Status SW_Team1 8 x510 5 4 6 0 1 rel Release Ready SW_Team2 10 x510 5 4 6 0 1 rel Release Ready SW_Team3 8 Not Supported HW_Team1 6 Incomp...

Страница 2291: ...ice will poll all known AMF masters and controllers and execute an election process based on the last successful backup and its timestamp to determine which to use If no valid backup master or control...

Страница 2292: ...sion 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS ATMF RECOVER Example To recover the AMF node named Node_10 from the AMF master node named Master_2 use the following command Master_2 at...

Страница 2293: ...ent by reloading its backup file set that is located within the AMF backup system Note that this command must be run on the edge node device that connects to the guest node Syntax atmf recover guest g...

Страница 2294: ...nction to their normal operational mode and in doing so assists with resolving the recovery problem You can repeat this process until the recovery failure has been resolved For more information see th...

Страница 2295: ...er account that does not exist on the second node provided that atmf restricted login is disabled and the user account on the first node has privilege level 15 Moreover it is possible to use a RADIUS...

Страница 2296: ...ssion on Node20 and return to Node10 s command line use the following command Node20 exit Node10 In this example user User1 is a valid user of node5 They can remotely login from node5 to node3 by usin...

Страница 2297: ...rk This allows access to the atmf working set command from any node in the AMF network Syntax atmf restricted login no atmf restricted login Mode Privileged Exec Default Master nodes operate with atmf...

Страница 2298: ...Reference for x510 Series 2298 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS ATMF RESTRICTED LOGIN Command changes Version 5 4 6 2 1 changes to AM...

Страница 2299: ...network Use the no variant of this command to disable AMF secure mode on an AMF node Syntax atmf secure mode no atmf secure mode Default Secure mode is disabled by default Mode Global Configuration U...

Страница 2300: ...SIS MANAGEMENT FRAMEWORK AMF COMMANDS ATMF SECURE MODE clear atmf secure mode certificates clear atmf secure mode statistics show atmf show atmf authorization show atmf secure mode show atmf secure mo...

Страница 2301: ...ileged Exec Example To remove an AMF node named node3 from an AMF network use the following command on the AMF master awplus atmf secure mode certificate expire node3 To remove an AMF node named node2...

Страница 2302: ...bal Configuration Example To set AMF secure mode certificate expiry to 7 days use the commands awplus configure terminal awplus config atmf secure mode certificate expiry 7 To set AMF secure mode cert...

Страница 2303: ...network Secure mode certificates renew automatically but this command could be used to renew a certificate in a situation where the automatic renewal may happen while the device is not attached to the...

Страница 2304: ...t of this command to disable AMF secure mode on an entire network Syntax atmf secure mode enable all no atmf secure mode enable all Default Secure mode is disabled by default Mode Privileged Exec Usag...

Страница 2305: ...hat ticks every 10 seconds for a maximum of 10 times and checks if all the secure mode capable nodes rejoin the AMF network NOTE Enabling or disabling secure mode on the network saves the running conf...

Страница 2306: ...Privileged Exec Usage After running this command use the atmf working set command to select the set of nodes you want to access in the remote area Example To access nodes in the area Canterbury use t...

Страница 2307: ...mber nodes Enabled by default on Controllers Mode Global Configuration mode Usage To use Vista Manager EX you must also enable the HTTP service on all AMF nodes including all AMF masters and controlle...

Страница 2308: ...command allows a virtual tunnel to be created between two remote sites over a layer 3 link The tunnel encapsulates AMF packets and allows them to be sent transparently across a Wide Area Network WAN...

Страница 2309: ...virtual crosslink id 10 ip 192 168 200 1 remote id 5 remote ip 192 168 100 1 To remove this virtual crosslink run the following commands on the local site siteA configure terminal siteA config no atm...

Страница 2310: ...If the tunnel is configured to connect a head office and branch office over the Internet typically this would involve using some type of managed WAN service such as a site to site VPN Tunnels are onl...

Страница 2311: ...2 168 1 1 remote id 2 remote ip 192 168 2 1 Node_20 config atmf virtual link id 2 ip 192 168 2 1 remote id 1 remote ip 192 168 1 1 Example 2 To set up an area virtual link to a remote site assuming IP...

Страница 2312: ...ything other than the local device the prompt will change to the AMF network name followed by the size of the working set shown in square brackets This command has to be run at privilege level 15 In a...

Страница 2313: ...ng set use the command node1 atmf working set group all NOTE This command adds the implicit group all to the working set where all comprises all nodes in the AMF This command displays an output screen...

Страница 2314: ...he no variant of this command to remove a bridge group from an AMF container Syntax bridge group bridge id no bridge group Mode AMF Container Configuration Usage Each container has two virtual interfa...

Страница 2315: ...MMANDS CLEAR ATMF LINKS STATISTICS clear atmf links statistics Overview This command resets the values of all AMF link port and global statistics to zero Syntax clear atmf links statistics Mode Privil...

Страница 2316: ...atmf secure mode certificates If this is the only master on the network you will see the following warning On an AMF member you will see the following message Related Commands atmf authorize atmf secu...

Страница 2317: ...ar atmf secure mode statistics Overview Use this command to reset all secure mode statistics to 0 Syntax clear atmf secure mode statistics Mode Privileged Exec Example To reset the AMF secure mode sta...

Страница 2318: ...osslink arealink database neighbor error all Default All debugging facilities are disabled Mode User Exec and Global Configuration Usage If no additional parameters are specified then the command outp...

Страница 2319: ...C613 50170 01 Rev B Command Reference for x510 Series 2319 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS DEBUG ATMF Related Commands no debug all...

Страница 2320: ...of 60 seconds with no filters applied NOTE An alias to the no variant of this command undebug atmf can be found elsewhere in this chapter Mode User Exec and Global Configuration Usage If no additiona...

Страница 2321: ...o dump packets from an interface portx x x on the local node ifname Interface port or virtual link pkt type Sets the filter on packets with a particular AMF packet type 1 Crosslink Hello BPDU packet w...

Страница 2322: ...ystem Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS DEBUG ATMF PACKET This example applies the debug atmf packet command and combines many of its options node_1 debug atmf packet...

Страница 2323: ...tchport atmf guestlink command to separately assign an individual switch port to each of the guest nodes The MAC addresses of each of the guests of that class can then be learned from ARP or Neighbor...

Страница 2324: ...F COMMANDS DISCOVERY Example 2 To return the discovery method for the guest class TQ4600 1 to its default of dynamic use the following commands Node1 conf t Node1 config atmf guest class TQ4600 1 Node...

Страница 2325: ...AA host See the AMF Feature Overview and Configuration Guide for more information on running multiple tenants on a single VAA host Use the no variant of this command to remove the description from an...

Страница 2326: ...device is then rebooted and returned to its factory default condition The device can then be used for AMF automatic node recovery Syntax erase factory default Mode Privileged Exec Usage This command...

Страница 2327: ...port number no http enable Default http enable is off If http enable is selected without a port parameter the port number will default to 80 Mode ATMF Guest Configuration Mode Example 1 To enable HTTP...

Страница 2328: ...nce for x510 Series 2328 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS HTTP ENABLE Related Commands atmf guest class switchport atmf guestlink sho...

Страница 2329: ...sts are set so syslog sends the messages out as they come NOTE There is a difference between log event and log host messages Log event messages are sent out as they come by syslog Log host messages ar...

Страница 2330: ...pe tq to the guest class called tq_device use the following commands node1 conf t node1 config atmf guest class tq_device node1 config atmf guest modeltype tq node1 config atmf guest end Example 2 To...

Страница 2331: ...tarted with AlliedWare Plus Feature Overview and Configuration Guide Example 1 To show summary information on AMF node_1 use the following command node_1 show atmf summary Example 2 To show informatio...

Страница 2332: ...node_1 show atmf tech Table 2 Output from the show atmf session command node_1 show atmf session CLI Session Neighbors Session ID 73518 Node Name node_1 PID 7982 Link type Broadcast cli MAC Address 00...

Страница 2333: ...MAC 0014 2299 137d Parent Domain Parent Domain Controller Parent Domain Controller MAC 0000 0000 0000 Number of Domain Events 0 Crosslink Ports Blocking 0 Uplink Ports Waiting on Sync 0 Crosslink Sequ...

Страница 2334: ...The VLAN created for traffic between Nodes of different domain up down links VLAN ID In this example VLAN 4092 is configured as the Management VLAN Management Subnet Network prefix for the subnet Man...

Страница 2335: ...roller 1 show atmf area The following figure shows example output from running this command on a controller The following figure shows example output from running this command on a remote master Param...

Страница 2336: ...a has not been established This could meanthat a port or vlan is down or that inconsistent VLANs have been configured using the switchport atmf arealink remote area command N A for the area of the con...

Страница 2337: ...atmf area summary show atmf area nodes show atmf area nodes detail Table 8 Output from the show atmf area detail command controller 1 show atmf area detail ATMF Area Detail Information Controller dis...

Страница 2338: ...The area name for guest information node name The name of the node that connects to the guests main building Area Guest Node Information Device MAC IP IPv6 Type Address Parent Port Address 0008 5d10 7...

Страница 2339: ...510 Series 2339 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS SHOW ATMF AREA GUESTS Related Commands show atmf area show atmf area nodes show atmf...

Страница 2340: ...tail northern node1 Output Figure 54 9 Example output from the show atmf guest detail command Parameter Description area name The name assigned to the AMF area An area is an AMF network that is under...

Страница 2341: ...t number on the parent node Guest Description A brief description of the guest node as manually entered into the description interface command for the guest node port on the parent node Device Type Th...

Страница 2342: ...xample To show summarized information about all the nodes the controller is aware of use the command controller 1 show atmf area nodes The following figure shows partial example output from running th...

Страница 2343: ...es detail ATMF Master Whether the node is an AMF master node for its area Y if it is and N if it is not SC The device configuration one of C Chassis SBx8100 series S Stackable VCS or N Standalone Pare...

Страница 2344: ...Example To show information about all the nodes the controller is aware of use the command controller 1 show atmf area nodes detail The following figure shows partial example output from running this...

Страница 2345: ...rom the show atmf area nodes detail command Parameter Definition Node name The name assigned to a particular node Parent node name The node to which the current node has an active uplink Domain id Boa...

Страница 2346: ...area summary The following figure shows example output from running this command Related Commands show atmf area show atmf area nodes show atmf area nodes detail Parameter Description area name Displ...

Страница 2347: ...AMF nodes which are requesting authorization on an AMF controller or AMF master use the command awplus show atmf authorization pending To display AMF nodes which have provisional authorization use th...

Страница 2348: ...authorization Authorization expiry time is set using atmf secure mode certificate expiry Pending Authorizations NZ Requests Node Name Product Parent Node Interface area_1_node_3 x230 18GP master_1 por...

Страница 2349: ...f show atmf secure mode show atmf secure mode certificates Command changes Version 5 4 7 0 3 command added Table 54 3 Parameters in the output from show atmf authorization provisional Parameter Descri...

Страница 2350: ...logs Displays detailed log information server status Displays connectivity diagnostics information for each configured remote file server synchronize Display the file server synchronization status lo...

Страница 2351: ...p logs Backup Redundancy Enabled Local media SD Total 3788 0MB Free 1792 8MB State Inactive Remote file server is not available Log File Location card atmf ATMF logs rsync_ node name log Node Name Log...

Страница 2352: ...e a combination of either Idle Starting Doing Stopping or manual scheduled Started The date and time that the currently executing task was initiated in the format DD MMM YYYY HH MM Current Node The na...

Страница 2353: ...sues note that the backup may still be deemed successful depending on the errors Stopped meaning that the backup attempt was manually aborted Good meaning that the backup was completed successfully In...

Страница 2354: ...master nodes in one or more areas Note that this command is only available on AMF controllers Syntax show atmf backup area area name node name logs Mode Privileged Exec Example To show information ab...

Страница 2355: ...ime 15 Oct 2016 04 30 Backup Bandwidth Unlimited Backup Media FILE SERVER 1 Total 128886 5MB Free 26234 2MB Server Config 1 Configured Mounted Active Host 10 37 74 1 Username root Path tftpboot backup...

Страница 2356: ...t status use the command x930 master show atmf backup guest Output Figure 54 13 Example output from show atmf backup guest Parameter Description node name The name of parent guest node guest port The...

Страница 2357: ...21 46 Good USB 19 Jan 2016 22 21 46 Good Table 54 1 Parameters in the output from show atmf backup guest Parameter Description Guest Backup The status of the guest node backup process Scheduled Backu...

Страница 2358: ...a single VAA host See the AMF Feature Overview and_Configuration Guide for more information on running multiple tenants on a single VAA host Syntax show atmf container detail container name Mode Privi...

Страница 2359: ...e command Memory The amount of memory the container is using on the VAA host CPU The percentage of CPU time the container is using on the VAA at the time the show command is run awplus show atmf conta...

Страница 2360: ...AMF management IP address CPU use The CPU usage of the container since it was enabled Memory use Container memory usage Link Each container has two links 1 An AMF area link this connects the container...

Страница 2361: ...t screen from this command is shown below Parameter Description detail Displays output in greater depth atmf 1 show atmf detail ATMF Detail Information Network Name Test_network Network Mtu 1300 Node...

Страница 2362: ...AMF root node Domain State The state of Node in a Domain in AMF network as Controller Backup Recovery State The AMF node recovery status Indicates whether a node recovery is in progress on this device...

Страница 2363: ...of these groups Syntax show atmf group user defined automatic Default All groups are displayed Mode Privileged Exec Example 1 To display group membership of node2 use the following command node2 show...

Страница 2364: ...on master poe x8100 node1 node2 node3 node4 node5 node6 ATMF group information sysadmin x8100 AMF_NETWORK 6 Table 56 Sample output from the show atmf group command for a working set AMF_NETWORK 6 show...

Страница 2365: ...rs based on their own criteria which can be used to select groups of nodes Syntax show atmf group members user defined automatic Mode Privileged Exec Example To display group membership of all nodes i...

Страница 2366: ...e 59 Parameter definitions from the show atmf group members command Parameter Definition Automatic Groups Lists the Automatic Groups and their nodal composition The sample output shows AMF nodes based...

Страница 2367: ...command awplus show atmf guests Output Figure 54 17 Example output from the show atmf guests command master show atmf guests Guest Information Device Device Parent Guest IP IPv6 Name Type Node Port A...

Страница 2368: ...mf guestlink show atmf backup guest show atmf links guest Parent Node The name of the AMF node that directly connects to the guest node Guest Port The port on the parent node that directly connects to...

Страница 2369: ...and specify the node name or show atmf links guest detail which shows information about the guest nodes and also about their link to their parent node Note that the parameters that are displayed depen...

Страница 2370: ...is discovered from the device or failing that auto assigned by AMF The auto assigned name consists of parent node name attached port number You can change this by configuring a description on the por...

Страница 2371: ...ence for x510 Series 2371 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS SHOW ATMF GUESTS DETAIL Related Commands atmf guest class switchport atmf...

Страница 2372: ...f links brief Figure 54 19 Example output from show atmf links brief Parameter Description brief A brief summary of AMF links their configuration and status Example core show atmf links ATMF Link Brie...

Страница 2373: ...d to ensure link is stable Incompatible Neighbor rejected the link because of inconsistency in AMF configurations OneWay Link is up and has waited the hold down period and now attempting to link to an...

Страница 2374: ...etail The output from this command will display all the internal data held for AMF links The following example gives details of the links that are summarized in the example in show atmf links Paramete...

Страница 2375: ...610 Example core 4610 Transaction ID 2 2 MAC Address eccd 6dd1 64d0 0000 cd37 054b Link State Full Full Domain Nodes Tree Node Building A Links on Node 1 Link 0 Building A 4630 Example core 4630 Forwa...

Страница 2376: ...e Depth 0 Transaction ID 6 Flags 32 Domain Controller Domain Controller MAC 0000 0000 0000 Downlink Domain Information Domain Dept A s domain Domain Controller Dept A Domain Controller MAC eccd 6d20 c...

Страница 2377: ...t Domain Dorm D s domain Node Building A Ifindex 0 Transaction ID 20 Flags 32 Domain Dorm D s domain Node Building B Ifindex 0 Transaction ID 20 Flags 32 Domain Dorm D s domain Node Example core Ifind...

Страница 2378: ...ent MAC eccd 6ddf 6cdf Adjacent Domain Controller Dorm D Adjacent Domain Controller MAC 0000 cd37 082c Port Forwarding State Forwarding Port BPDU Receive Count 95 Port Sequence Number 11 Port Adjacent...

Страница 2379: ...n Link has been shut down by user configuration Port BPDU Receive Count The number of AMF protocol PDU s received Adjacent Node Name The name of the adjacent node connected to this node Adjacent Ifind...

Страница 2380: ...er for the neighbor in crosslink Flags Used in domain messages to exchange the state ATMF_DOMAIN_FLAG_DOWN 0 ATMF_DOMAIN_FLAG_UP 1 ATMF_DOMAIN_FLAG_BLOCK 2 ATMF_DOMAIN_FLAG_NOT_PRESENT 4 ATMF_DOMAIN_F...

Страница 2381: ...irtual router id for the local port Port Status Shows status of the local port on the Node as UP DOWN Port State AMF state of the local port Adjacent Node nodename of the adjacent node Adjacent Intern...

Страница 2382: ...nd Reference for x510 Series 2382 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS SHOW ATMF LINKS DETAIL Related Commands no debug all clear atmf li...

Страница 2383: ...tion about AMF guests that are connectible from node1 use the command node1 show atmf links guest Output Figure 54 20 Example output from show atmf links guest Parameter Description interface interfac...

Страница 2384: ...hport atmf guestlink show atmf backup guest Model Type The model type of the guest node as entered by the modeltype command Can be one of the following alliedware aw tq other DC The discovery method a...

Страница 2385: ...Display details for all ports with guest nodes connected Mode User Exec Privileged Exec Usage Use this command to display the guest nodes connected to a single parent node If you want to see a list o...

Страница 2386: ...n node1 1 0 17 Firmware Version 3 2 1 A02 Table 54 2 Parameters in the output from show atmf links guest detail Parameter Description Interface The port on the parent node that connects to the guest L...

Страница 2387: ...is in the process of retrieving any other available information from the guest firmware version etc The information available depends on what device the guest node is Full The AMF device has retrieve...

Страница 2388: ...guest Serial Number The serial number of the guest node Firmware Name The name of the firmware operating on the guest node Firmware Version The version of the firmware operating on the guest node HTT...

Страница 2389: ...vice1 show atmf links statistics Parameter Description interface Specifies that the command applies to a specific interface port or range of ports Where both the interface and port number are unspecif...

Страница 2390: ...hecksum or type Type7 0 Incarnation is not possible with the data received Type8 0 Discard crosslink hello received not correct state Type9 0 Discard crosslink domain hello received on non crosslink T...

Страница 2391: ...o debug all clear atmf links statistics show atmf device1 show atmf links statistics interface port1 0 5 ATMF Port Statistics Transmit Receive port1 0 5 Crosslink Hello 231 232 port1 0 5 Crosslink Hel...

Страница 2392: ...d other improvements Syntax show atmf nodes guest all Mode Privileged Exec Usage You can use this command to display one of three sets of nodes all nodes except guest nodes by specifying show atmf nod...

Страница 2393: ...age at the end node1 show atmf nodes all Node and Guest Information Local device SC Switch Configuration C Chassis S Stackable N Standalone G Guest Node Guest Device ATMF Parent Node Name Type Master...

Страница 2394: ...d is run Example To show the details of all the provisioned nodes in the backup use the command NodeName show atmf provision nodes Figure 54 24 Sample output from the show atmf provision nodes command...

Страница 2395: ...secure mode Output Figure 54 25 Example output from show atmf secure mode on an AMF master Figure 54 26 Example output from show atmf secure mode on an AMF node ATMF Secure Mode Secure Mode Status Ena...

Страница 2396: ...cate Expiry Certificate expiry time Set with atmf secure mode certificate expiry Certificates Total Total number of certificates Certificates Revoked Certificates that have been revoked by the AMF mas...

Страница 2397: ...rning The default username and password is enabled Good SNMP V1 or V2 is disabled Warning Telnet server is enabled Good ATMF is enabled Secure Mode is on Good ATMF Topology GUI is disabled No trustpoi...

Страница 2398: ...F secure mode link audits for a node use the command awplus show atmf secure mode audit link Output Figure 54 28 Example output from show atmf secure mode audit link Related Commands show atmf show at...

Страница 2399: ...MF secure mode certificates for a node named area_2_node_1 in an area named area 2 use the command awplus show atmf secure mode certificates detail area area 2 node area_2_node_1 Output Figure 54 29 E...

Страница 2400: ...AMF commands Valid statuses are Active Revoked and Rejected Certificates Detail area_2_node_1 area area 2 MAC Address 0000 cd37 0003 Status Active Serial Number A24SC8001 Product x510 28GTX Key Finger...

Страница 2401: ...LLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS SHOW ATMF SECURE MODE CERTIFICATES Related Commands atmf authorize atmf secure mode atmf secure mode certificate expire atmf secure mode certificate ren...

Страница 2402: ...ster or member node use the command awplus show atmf secure mode sa detail neighbor Output Figure 54 31 Example output from show atmf secure mode sa Parameter Description detail Display detailed secur...

Страница 2403: ...eccd 6d82 6c16 Flags 000003c0 Id 83 40000053 Type Neighbor Gateway State Complete Remote MAC Address 001a eb54 e53b Flags 000003c0 Id 175 400000af Type Neighbor Gateway State Complete Remote MAC Addre...

Страница 2404: ...ler master neighbor relationship Broadcast SA for working set broadcast requests State Current state of the Security Association The state must be Complete before a member node is trusted and can be a...

Страница 2405: ...le To display AMF secure mode statistics on a master or member node use the command awplus show atmf secure mode statistics Output Figure 54 33 Example output from show atmf secure mode statistics on...

Страница 2406: ...e mode atmf secure mode certificate renew clear atmf secure mode statistics show atmf secure mode Command changes Version 5 4 7 0 3 command added ATMF Secure Mode Statistics Local Certificates Valid 3...

Страница 2407: ...ow atmf tech Table 55 Sample output from the show atmf tech command node1 show atmf tech ATMF Summary Information ATMF Status Enabled Network Name ATMF_NET Node Name node1 Role Master Current ATMF Nod...

Страница 2408: ...gned to the node within the AMF network Role The role configured on the device within the AMF either master or member Current ATMF Nodes A count of the AMF nodes in the AMF network Node Address The id...

Страница 2409: ...t address used for this traffic Domain IP Address the IP address allocated for this traffic Domain Mask the Netmask used to create a subnet for this traffic 255 255 128 0 prefix 17 Device Type Shows t...

Страница 2410: ...nects to a virtual link The first link has the IP address 192 168 1 1 and has a Local ID of 1 The second has the IP address 192 168 2 1 and has the Local ID of 2 Example 2 To display AMF virtual links...

Страница 2411: ...amed vlink1 equivalent to an L2TP tunnel Local ID The local ID of the virtual link This matches the vlink number State The operational state of the vlink either Up or Down This state is always display...

Страница 2412: ...d displays the nodes that form the current AMF working set Syntax show atmf working set Mode Privileged Exec Example To show current members of the working set use the command ATMF_NETWORK 6 show atmf...

Страница 2413: ...Mode User Exec and Global Configuration Example To display the AMF debugging status use the command node_1 show debugging atmf Figure 54 35 Sample output from the show debugging atmf command Related...

Страница 2414: ...the AMF packet debugging status use the command node_1 show debug atmf packet Figure 54 36 Sample output from the show debugging atmf packet command Related Commands debug atmf debug atmf packet Tabl...

Страница 2415: ...plays the running system information that is specific to AMF Syntax show running config atmf Mode User Exec and Global Configuration Example To display the current configuration of AMF use the followi...

Страница 2416: ...is disabled Mode AMF Container Configuration Usage The first time the state enable command is executed on a container it assigns the container to an area and configures it as an AMF master This is ach...

Страница 2417: ...er vac wlg 1 use the commands awplus configure terminal awplus config atmf container vac wlg 1 awplus config atmf container state enable To stop the AMF container vac wlg 1 use the commands awplus con...

Страница 2418: ...are not visible to AMF networks Mode Interface mode for a switch port Note that the link between the x600 and the AMF network must be a single link not an aggregated link Usage The x600 Series switch...

Страница 2419: ...he same area password must exist on both ends of the link Running this command will automatically place the port or static aggregator into trunk mode i e switchport mode trunk and will synchronize the...

Страница 2420: ...for x510 Series 2420 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS SWITCHPORT ATMF AREALINK REMOTE AREA Related Commands atmf area atmf area passw...

Страница 2421: ...tion for a switchport a static aggregator or a dynamic channel group Usage Crosslinks can be used anywhere within an AMF network They have the effect of separating the AMF network into separate domain...

Страница 2422: ...ure terminal Node_1 config interface sa1 Node_1 config if switchport atmf crosslink Node_1 config if switchport trunk allowed vlan add 2 Node_1 config if switchport trunk native vlan none In this exam...

Страница 2423: ...configure switch port 1 0 44 to be a guest link that will connect to a guest node having a guest class of camera and an IPv4 address of 192 168 3 3 use the following commands node1 configure terminal...

Страница 2424: ...link node1 config if end Example 4 To configure switch ports 1 0 52 to 1 0 54 to be guest links for the guest class camera use the following commands node1 configure terminal node1 config int port1 0...

Страница 2425: ...nterconnected AMF domains This tree must be loop free Therefore you must configure your links so that no rings are formed only from up down links and or virtual links Within each domain cross links be...

Страница 2426: ...leave Example 2 The following commands will configure trigger 5 to activate if an AMF node join event occurs on any node within the working set node1 atmf working set group all This command returns t...

Страница 2427: ...returns the following display node1 TR Type Details Description Ac Te Tr Repeat Scr Days Date 001 Periodic 2 min Periodic Status Chk Y N Y Continuous 1 smtwtfs 005 ATMF node leave E mail on ATMF Exit...

Страница 2428: ...13 50170 01 Rev B Command Reference for x510 Series 2428 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS TYPE ATMF NODE Related Commands show trigge...

Страница 2429: ...rence for x510 Series 2429 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS UNDEBUG ATMF undebug atmf Overview This command is an alias for the no va...

Страница 2430: ...as the guest class of phone1 use the following commands node1 conf t node1 config amf guest class phone1 node1 config atmf guest username reception password secret node1 config atmf guest end Example...

Страница 2431: ...3 50170 01 Rev B Command Reference for x510 Series 2431 AlliedWare Plus Operating System Version 5 4 7 1 x ALLIED TELESIS MANAGEMENT FRAMEWORK AMF COMMANDS USERNAME show atmf links guest show atmf nod...

Страница 2432: ...h AlliedWare Plus Feature Overview and Configuration Guide This guide is available at the above link on alliedtelesis com Command List bootfile on page 2434 clear ip dhcp binding on page 2435 default...

Страница 2433: ...age 2464 probe enable on page 2466 probe packets on page 2467 probe timeout on page 2468 probe type on page 2469 range on page 2470 route on page 2471 service dhcp relay on page 2472 service dhcp serv...

Страница 2434: ...of the boot file that the client should use in its bootstrap process It may need to include a path The no variant of this command removes the boot filename from a DHCP server pool Syntax bootfile fil...

Страница 2435: ...or range are specified and one or more static DHCP bindings exist within those addresses any dynamic entries within those addresses are cleared but any static entries are not cleared Examples To clea...

Страница 2436: ...fault router or all default routers from the DHCP pool Syntax default router ip address no default router ip address Mode DHCP Configuration Examples To add a router with an IP address 192 168 1 2 to...

Страница 2437: ...CP pool Syntax dns server ip address no dns server ip address Mode DHCP Configuration Examples To add the DNS server with the assigned IP address 192 168 1 1 to the DHCP pool named P1 use the followin...

Страница 2438: ...e no variant of this command removes the domain name from the address pool Syntax domain name domain name no domain name Mode DHCP Configuration Examples To add the domain name Nerv_Office to DHCP poo...

Страница 2439: ...ust be configured using a network command before issuing a host command Also note that a host address must match a network to add a static host address Examples To add the host at 192 168 1 5 with the...

Страница 2440: ...e with the ip name server command Option 15 a domain name used to resolve host names This option replaces the domain name set with the ip domain name command Your device ignores this domain name if it...

Страница 2441: ...ONFIGURATION PROTOCOL DHCP COMMANDS IP ADDRESS DHCP To stop the interface vlan10 from using DHCP to obtain its IP address use the commands awplus configure terminal awplus config interface vlan10 awpl...

Страница 2442: ...ts by default The no variant of this command configures the DHCP server to accept BOOTP requests This is the default setting Syntax ip dhcp bootp ignore no ip dhcp bootp ignore Mode Global Configurati...

Страница 2443: ...ges Use the no variant of this command to disable the support of DHCPLEASEQUERY packets For more information see the DHCP Feature Overview and Configuration Guide Syntax ip dhcp leasequery enable no i...

Страница 2444: ...on 1 254 The option number of the option Options with the same number as one of the standard options overrides the standard option definition option name Option name used to identify the option You ca...

Страница 2445: ...defined IP address option as option 175 with the name special address use the commands awplus configure terminal awplus config ip dhcp option 175 name special address ip To remove the specific user de...

Страница 2446: ...ltiple interfaces This allows the device to act as a DHCP server on multiple interfaces to distribute different information to clients on the different networks The no variant of this command deletes...

Страница 2447: ...e is added to the IP routing table This can be problematic if the DHCP client is operating via an interface that is only intended to be used for back up interface redundancy purposes such as a VLAN co...

Страница 2448: ...P COMMANDS IP DHCP CLIENT DEFAULT ROUTE DISTANCE To set the AD for the default route back to the default value of 1 use the commands awplus configure terminal awplus config interface vlan10 awplus con...

Страница 2449: ...gent Option 82 introductory information see the DHCP Feature Overview and Configuration Guide NOTE The DHCP relay service mightalter the content of the DHCP Relay AgentOption 82 field if the commands...

Страница 2450: ...edWare Plus Operating System Version 5 4 7 1 x DYNAMIC HOST CONFIGURATION PROTOCOL DHCP COMMANDS IP DHCP RELAY AGENT OPTION Related Commands ip dhcp relay agent option remote id ip dhcp relay informat...

Страница 2451: ...nabled on the device service dhcp relay For DHCP Relay Agent and DHCP Relay Agent Option 82 introductory information see the DHCP Feature Overview and Configuration Guide Syntax ip dhcp relay agent op...

Страница 2452: ...relay agent option remote id Default The Remote ID is set to the device s MAC address by default Mode Interface Configuration for a VLAN interface Usage The Remote ID sub option is included in the DHC...

Страница 2453: ...g DHCP Relay Agent Option 82 field with its own DHCP Relay Agent field This is equivalent to the functionality of the replace parameter The no variant of this command returns the policy to the default...

Страница 2454: ...contain DHCP Relay Agent Option 82 information use the commands awplus configure terminal awplus config interface vlan15 awplus config if ip dhcp relay information policy drop To reset the DHCP relay...

Страница 2455: ...e no variant of this command to reset the hop count to the default For DHCP Relay Agent and DHCP Relay Agent Option 82 introductory information see the DHCP Feature Overview and Configuration Guide Sy...

Страница 2456: ...sage When a DHCP Relay Agent that has DHCP Relay Agent Option 82 insertion enabled receives a request packet from a DHCP client it will append the DHCP Relay Agent Option 82 component data and forward...

Страница 2457: ...TION PROTOCOL DHCP COMMANDS IP DHCP RELAY MAX MESSAGE LENGTH To reset the maximum DHCP message length to the default of 1400 bytes for packets arriving in interface vlan7 use the commands awplus confi...

Страница 2458: ...e no ip dhcp relay server address ipv4 address ipv6 address server interface no ip dhcp relay Mode Interface Configuration for a VLAN interface Usage For a DHCP server with an IPv6 address you must sp...

Страница 2459: ...an2 awplus config if no ip dhcp relay server address 192 0 2 200 To enable the DHCP Relay Agent on your device to relay DHCP packets on interface vlan10 to the DHCP server with the IPv6 address 2001 0...

Страница 2460: ...set the lease expiry time to infinite leases never expire Use the no variant of this command to return the lease expiration time back to the default of one day Syntax lease days hours minutes seconds...

Страница 2461: ...plus config ip dhcp pool Nerv_Office awplus dhcp config lease 1 5 30 To set the lease expiration time for the address pool P3 to 20 seconds use the commands awplus configure terminal awplus config ip...

Страница 2462: ...the pool You must remove all ranges in the pool before issuing a no network command to remove a network from the pool Examples To configure a network for the address pool P2 where the subnet is 192 0...

Страница 2463: ...t server that the client should use in its bootstrap process The no variant of this command removes the next server address from the DHCP address pool Syntax next server ip address no next server Mode...

Страница 2464: ...oves the specified user defined option from the DHCP pool or all user defined options from the DHCP pool Syntax option 1 254 option name option value no option 1 254 option value Mode DHCP Configurati...

Страница 2465: ...option tcpip node type 08af To add multiple IP addresses for the ip type option 175 use the command awplus dhcp config option 175 192 0 2 6 awplus dhcp config option 175 192 0 2 12 awplus dhcp config...

Страница 2466: ...used by another host The no variant of this command disables probing for a DHCP pool Syntax probe enable no probe enable Default Probing is enabled by default Mode DHCP Pool Configuration Examples To...

Страница 2467: ...er of probe packets sent to the default of 5 Syntax probe packets 0 10 no probe packets Default The default is 5 Mode DHCP Pool Configuration Examples To set the number of probe packets to 2 for pool...

Страница 2468: ...ting 200 milliseconds Syntax probe timeout 50 5000 no probe timeout Default The default timeout interval is 200 milliseconds Mode DHCP Pool Configuration Examples To set the probe timeout value to 500...

Страница 2469: ...ill send an ICMP Echo Request ping The no variant of this command sets the probe type to the default setting ping Syntax probe type arp ping no probe type Default The default probe type is ping Mode D...

Страница 2470: ...l address ranges from the DHCP pool Syntax range ip address ip address no range ip address ip address no range all Mode DHCP Configuration Examples To add an address range of 192 0 2 5 to 192 0 2 16 t...

Страница 2471: ...de DHCP Configuration Examples To distribute static routes for route 0 0 0 0 0 whose next hop is 192 16 1 1 to clients using both opt249 and rfc3442 use the command awplus configure terminal awplus co...

Страница 2472: ...cp relay no service dhcp relay Mode Global Configuration Usage A maximum number of 400 DHCP Relay Agents one per interface can be configured on the device Once this limit has been reached any further...

Страница 2473: ...n your device The server then listens for DHCP requests on all IP interfaces It will not run if there are no IP interfaces configured The no variant of this command disables the DHCP server Syntax ser...

Страница 2474: ...output from the show counter dhcp client command Related Commands ip address dhcp show counter dhcp client DHCPDISCOVER out 10 DHCPREQUEST out 34 DHCPDECLINE out 4 DHCPRELEASE out 0 DHCPOFFER in 22 DH...

Страница 2475: ...lay Output Figure 55 2 Example output from the show counter dhcp relay command awplus show counter dhcp relay DHCP relay counters Requests In 4 Replies In 4 Relayed To Server 4 Relayed To Client 4 Out...

Страница 2476: ...t Option The number of incoming DHCP Reply messages dropped due to a missing relay agent information option field Note that Agent Option counters only increment on errors occurring if the ip dhcp rela...

Страница 2477: ...interface Messages generating the errors are only dropped if the ip dhcp relay agent option checking command is configured on the interface as well as the ip dhcp relay agent option command Option In...

Страница 2478: ...from the show counter dhcp server command DHCP server counters DHCPDISCOVER in 20 DHCPREQUEST in 12 DHCPDECLINE in 1 DHCPRELEASE in 0 DHCPINFORM in 0 DHCPOFFER out 8 DHCPACK out 4 DHCPNAK out 0 BOOTR...

Страница 2479: ...ssages sent by the DHCP server The server sends these after receiving a request that it cannot fulfil because either there are no available IP addresses in the related address pool or the request has...

Страница 2480: ...device For information on filtering and saving command output see Controlling show Command Output in the Getting Started with AlliedWare_Plus Feature Overview and Configuration Guide Syntax show dhcp...

Страница 2481: ...19 Renew 13 Mar 2017 18 37 06 Rebind 13 Mar 2017 19 49 29 Server Options subnet mask 255 255 255 0 routers 19 18 2 100 12 16 2 17 dhcp lease time 3600 dhcp message type 5 domain name servers 192 168...

Страница 2482: ...plus show ip dhcp binding 172 16 2 16 To display the leases from the address pool MyPool use the command awplus show ip dhcp binding MyPool Output Figure 55 5 Example output from the show ip dhcp bind...

Страница 2483: ...x510 Series 2483 AlliedWare Plus Operating System Version 5 4 7 1 x DYNAMIC HOST CONFIGURATION PROTOCOL DHCP COMMANDS SHOW IP DHCP BINDING Related Commands clear ip dhcp binding ip dhcp pool lease ra...

Страница 2484: ...ss pool Mode User Exec and Privileged Exec Example awplus show ip dhcp pool Output Figure 55 6 Example output from the show ip dhcp pool command Parameter Description address pool Name of a specific a...

Страница 2485: ...dresses Total 8 Leased 2 Utilization 25 0 Static host addresses Total 1 Leased 1 Table 3 Parameters in the output of the show ip dhcp pool command Parameter Description Pool Name of the pool network S...

Страница 2486: ...is sent In the range 50 to 5000 dns servers The DNS server addresses sent to by the pool to clients default router s The default router addresses sent by the pool to clients user defined options The l...

Страница 2487: ...ries 2487 AlliedWare Plus Operating System Version 5 4 7 1 x DYNAMIC HOST CONFIGURATION PROTOCOL DHCP COMMANDS SHOW IP DHCP POOL Related Commands ip dhcp pool probe enable probe packets probe timeout...

Страница 2488: ...terface vlan100 use the command awplus show ip dhcp relay interface vlan100 Output Figure 55 8 Example output from the show ip dhcp relay command Related Commands ip dhcp relay agent option ip dhcp re...

Страница 2489: ...vileged Exec Example To display the server statistics use the command awplus show ip dhcp server statistics Output Figure 55 9 Example output from the show ip dhcp server statistics command DHCP serve...

Страница 2490: ...a request that it cannot fulfil because either there are no available IP addresses in the related address pool or the request has come from a client that doesn t fit the network setting for an address...

Страница 2491: ...ls currently configured This show command does not include any configuration details of the address pools You can display these using the show ip dhcp pool command For information on filtering and sav...

Страница 2492: ...en the pool s network mask specified using the next server command is applied The no variant of this command removes a subnet mask option from a DHCP pool The pool reverts to using the pool s network...

Страница 2493: ...prefixes DHCPv6 Prefix Delegation provides automatic configuration of IPv6 addresses and IPv6 prefixes For information on filtering and saving command output see the Getting Started with AlliedWare Pl...

Страница 2494: ...2515 ipv6 dhcp pool on page 2517 ipv6 dhcp server on page 2519 ipv6 local pool on page 2520 ipv6 nd prefix DHCPv6 on page 2522 link address on page 2524 option DHCPv6 on page 2526 prefix delegation p...

Страница 2495: ...nge available allocated by the IPv6 prefix randomly generating the suffix of the IPv6 address with the specified preferred and valid lifetime leases Leased IPv6 address are found in the Parameter Desc...

Страница 2496: ...sent from deprecated addresses or prefixes are delivered as expected An IPv6 address or prefix becomes invalid and is not available to an interface when the valid lifetime timer expires Invalid addres...

Страница 2497: ...n A deprecated address or prefix should not be used as a source address or prefix but packets sent from deprecated addresses or prefixes are delivered as expected Parameter Description first ipv6 addr...

Страница 2498: ...To add the IPv6 address range 2001 0db8 1 1 to 2001 0db8 1fff 1 for DHCPv6 server pool configuration use the following commands awplus configure terminal awplus config ipv6 dhcp pool pool1 awplus con...

Страница 2499: ...OUNTER IPV6 DHCP CLIENT clear counter ipv6 dhcp client Overview Use this command in Privileged Exec mode to clear DHCPv6 client counters Syntax clear counter ipv6 dhcp client Mode Privileged Exec Exam...

Страница 2500: ...OUNTER IPV6 DHCP SERVER clear counter ipv6 dhcp server Overview Use this command in Privileged Exec mode to clear DHCPv6 server counters Syntax clear counter ipv6 dhcp server Mode Privileged Exec Exam...

Страница 2501: ...es are cleared but any static entries are not cleared The clear ipv6 dhcp binding command is used as a server function A binding table entry on the DHCPv6 server is automatically Created whenever a pr...

Страница 2502: ...DHCPV6 COMMANDS CLEAR IPV6 DHCP BINDING Example To clear all dynamic DHCPv6 server binding entries use the command awplus clear ipv6 dhcp binding all Output Figure 56 1 Example output from the clear...

Страница 2503: ...ew Use this command in Privileged Exec mode to restart a DHCPv6 client on an interface Syntax clear ipv6 dhcp client interface Mode Privileged Exec Example To restart a DHCPv6 client on interface vlan...

Страница 2504: ...add the DNS server with the assigned IPv6 address 2001 0db8 3000 3000 32 to the DHCPv6 server pool named P2 use the following commands awplus configure terminal awplus config ipv6 dhcp pool P2 awplus...

Страница 2505: ...1 Rev B Command Reference for x510 Series 2505 AlliedWare Plus Operating System Version 5 4 7 1 x DHCP FOR IPV6 DHCPV6 COMMANDS DNS SERVER DHCPV6 Related Commands ipv6 dhcp pool option DHCPv6 show ipv...

Страница 2506: ...the pre defined option 15 Note that if you add a user defined option 15 using the option DHCPv6 command then you will override any settings created with this command Examples To add the domain name E...

Страница 2507: ...is generated by the operating system when DHCP first starts If the OS is reinstalled the DUID LLT can change and any multiple operating systems on the machine will all have different DUIDs Configuring...

Страница 2508: ...n specifying the eui64 parameter the interface identifier of the IPv6 address is derived from the MAC address of the device For more information about EUI64 see the IPv6 Feature Overview and Configura...

Страница 2509: ...gn the IPv6 address 2001 0db8 a2 48 to the VLAN interface vlan2 use the following commands awplus configure terminal awplus config interface vlan2 awplus config if ipv6 address 2001 0db8 a2 48 To remo...

Страница 2510: ...db8 32 from VLAN interface vlan2 use the following commands awplus configure terminal awplus config interface vlan2 awplus config interface vlan2 awplus config if no ipv6 address 2001 0db8 64 eui64 V...

Страница 2511: ...ault routers Option 6 a list of DNS servers This list appends the DNS servers set on your device with the dns server DHCPv6 command Option 15 a domain name used to resolve host names This option repla...

Страница 2512: ...or x510 Series 2512 AlliedWare Plus Operating System Version 5 4 7 1 x DHCP FOR IPV6 DHCPV6 COMMANDS IPV6 ADDRESS DHCP Related Commands clear ipv6 dhcp client ipv6 address ipv6 address DHCPv6 PD show...

Страница 2513: ...an interface Usage Entering the ipv6 dhcp client pd command starts the DHCPv6 client process if not already running and enables requests for prefix delegation through the interface on which the comma...

Страница 2514: ...V6 DHCP CLIENT PD To disable prefix delegation on the VLAN interface vlan2 use the following commands awplus configure terminal awplus config interface vlan2 awplus config if no ipv6 dhcp client pd Re...

Страница 2515: ...54 The option number of the option Options with the same number as one of the standard options overrides the standard option definition option name Option name used to identify the option You cannot u...

Страница 2516: ...ig ipv6 dhcp option 46 name tcpip node type hex To define a user defined IP address option as option 175 with the name special address use the following commands awplus configure terminal awplus confi...

Страница 2517: ...nd to delete the specific DHCPv6 pool Syntax ipv6 dhcp pool DHCPv6 poolname no ipv6 dhcp pool DHCPv6 poolname Mode Global Configuration Usage All DHCPv6 prefix pool names must be unique IPv6 prefix po...

Страница 2518: ...nce for x510 Series 2518 AlliedWare Plus Operating System Version 5 4 7 1 x DHCP FOR IPV6 DHCPV6 COMMANDS IPV6 DHCP POOL Related Commands ipv6 local pool option DHCPv6 prefix delegation pool show ipv6...

Страница 2519: ...egation and configuration through the specified interface Note that DHCPv6 client DHCPv6 server and DHCPv6 relay are mutually exclusive on an interface When one of the DHCPv6 functions is enabled on a...

Страница 2520: ...dresses an IPv6 address prefix areassignedandnotsingleIPv6addresses IPv6prefixpoolsarenotallowed to overlap Parameter Description DHCPv6 poolname Description used to identify this DHCPv6 server pool V...

Страница 2521: ...fixpool All IPv6prefixesalready allocated are also freed Examples To create alocalDHCPv6 local pool named P2 withtheIPv6 prefixand prefixlength 2001 0db8 32 with an assigned length of 64 use the follo...

Страница 2522: ...s usually set between 0 and 64 valid lifetime The the period during which the specified IPv6 address prefix is valid This can be set to a value between 5 and 315360000 seconds Note that this period sh...

Страница 2523: ...ddresses or prefixes should not appear as the source or destination for a packet Examples The following example configures the device to issue RAs Router Advertisements on the VLAN interface vlan4 and...

Страница 2524: ...eceived via an intermediate relay to a configured delegation pool When an address on the incoming interface of the DHCPv6 server or a link address set in the incoming delegation request packet from th...

Страница 2525: ...0db8 1 48 as the link address for pool P2 use the following commands awplus configure terminal awplus config ipv6 dhcp pool P2 awplus config dhcp6 address prefix 2001 0db8 2 48 awplus config dhcp6 lin...

Страница 2526: ...ddress format so if the option already exists in the pool then the new IP address is added to the list of existing IPv6 prefixes Also note options with the same number as one of the pre defined option...

Страница 2527: ...ue 08af use the following commands awplus configure terminal awplus config ipv6 dhcp pool P2 awplus config dhcp6 option tcpip node type 08af To add multiple IP addresses for the ip type option 175 use...

Страница 2528: ...ain unassignedprefixes fromthe pool After the client releases the previously assigned prefixes the server returns the prefixes to the pool for reassignment Preferred IPv6 addresses or prefixes are ava...

Страница 2529: ...invalid and is not available to an interface when the valid lifetime timer expires Invalid addresses or prefixes should not appear as the source or destination for a packet Example This example adds...

Страница 2530: ...er information use the command awplus show counter ipv6 dhcp client Output Figure 56 2 Example output from the show counter ipv6 dhcp client command awplus show counter ipv6 dhcp client SOLICIT out 20...

Страница 2531: ...s sent by the DHCPv6 client REPLY in Displays the count of REPLY messages received by the DHCPv6 client RELEASE out Displays the count of RELEASE messages sent by the DHCPv6 client DECLINE out Display...

Страница 2532: ...r information use the command awplus show counter ipv6 dhcp server Output Figure 56 3 Example output from the show counter ipv6 dhcp server command awplus show counter ipv6 dhcp server SOLICIT in 20 A...

Страница 2533: ...eived by the DHCPv6 server REPLY out Displays the count of REPLY messages sent by the DHCPv6 server RELEASE in Displays the count of RELEASE messages received by the DHCPv6 server DECLINE in Displays...

Страница 2534: ...age The DUID is based on the link layer address for both DHCPv6 client and DHCPv6 server identifiers The device uses the MAC address from the lowest interface number for the DUID The DUID is used by a...

Страница 2535: ...and Privileged Exec Example 1 To display the total DHCPv6 leasing address entries for all pools use the command awplus show ipv6 dhcp binding summary Output Figure 56 5 Example output from the show i...

Страница 2536: ...ID DHCPv6 unique identifier DUID see RFC 3315 Each DHCPv6 client has as DUID DHCPv6 servers use DUIDs to identify clients for the association of IAs Identity Associations with DHCPv6 clients DHCPv6 cl...

Страница 2537: ...COMMANDS SHOW IPV6 DHCP BINDING Related Commands clear ipv6 dhcp binding ipv6 dhcp pool show ipv6 dhcp pool starts at The date and time at which the valid lifetime expires expires at The date and tim...

Страница 2538: ...information for all interfaces DHCPv6 is configured on use the command awplus show ipv6 dhcp interface Output Figure 56 7 Example output from the show ipv6 dhcp interface command Parameter Description...

Страница 2539: ...efix 2002 0 3c0 42 preferred lifetime 604800 valid lifetime 2592000 starts at 20 Aug 2012 09 21 33 expires at 19 Sep 2012 09 21 33 Table 5 Parameters in the output of the show counter dhcp client comm...

Страница 2540: ...us show ipv6 dhcp pool Output Figure 56 9 Example output from the show ipv6 dhcp pool command Parameter Description DHCPv6 address pool name Name of a specific DHCPv6 address pool This displays the co...

Страница 2541: ...precated address or prefix should not be used as a source address or prefix but packets sent from deprecated addresses or prefixes are delivered as expected An IPv6 address or prefix becomes invalid a...

Страница 2542: ...DHCPv6 Configuration Examples The following example adds an SNTP Server IPv6 address of 2001 0db8 32 to the DHCPv6 pool named P2 awplus configure terminal awplus config ipv6 dhcp pool P2 awplus config...

Страница 2543: ...ion on filtering and saving command output see the Getting Started with AlliedWare_Plus Feature Overview and Configuration Guide Command List ntp access group deprecated on page 2544 ntp authenticate...

Страница 2544: ...Series 2544 AlliedWare Plus Operating System Version 5 4 7 1 x NTP COMMANDS NTP ACCESS GROUP DEPRECATED ntp access group deprecated Overview This command has been deprecated in Software Version 5 4 6...

Страница 2545: ...to authenticate the associations with other systems for security purposes The no variant of this command disables NTP authentication Syntax ntp authenticate no ntp authenticate Mode Global Configurati...

Страница 2546: ...an MD5 authentication key number 134343 and a key value mystring use the commands awplus configure terminal awplus config ntp authentication key 134343 md5 mystring To disable the authentication key n...

Страница 2547: ...roadcastdelay delay no ntp broadcastdelay Default 0 microsecond offset which can only be applied with the no variant of this command Mode Global Configuration Examples To set the estimated round trip...

Страница 2548: ...192 168 1 0 16 subnet if they arrive more frequently than every 5 seconds and also send kiss of death messages use the commands awplus configure terminal awplus config ntp discard minimum 5 awplus co...

Страница 2549: ...istance from the reference clock and exist to prevent cycles in the hierarchy Stratum 1 is used to indicate time servers which are more accurate than Stratum 2 servers For more information on the Netw...

Страница 2550: ...92 0 2 23 awplus configure terminal awplus config ntp peer 192 0 2 23 awplus config ntp peer 192 0 2 23 prefer awplus config ntp peer 192 0 2 23 prefer version 4 awplus config ntp peer 192 0 2 23 pref...

Страница 2551: ...lus config ntp peer 2001 0db8 010d 1 prefer awplus config ntp peer 2001 0db8 010d 1 prefer version 4 awplus config ntp peer 2001 0db8 010d 1 prefer version 4 key 1234 awplus config ntp peer 2001 0db8...

Страница 2552: ...address Apply this restriction to the specified IPv4 or IPv6 host Enter an IPv4 address in the format A B C D Enter an IPv6 address in the format X X X X host subnet Apply this restriction to the spec...

Страница 2553: ...0 2 1 and the subnet 192 168 1 0 16 to authenticate NTP sessions with this device use the commands awplus configure terminal awplus config ntp restrict 192 0 2 1 notrust awplus config ntp restrict 19...

Страница 2554: ...s config ntp server 192 0 1 23 awplus config ntp server 192 0 1 23 prefer awplus config ntp server 192 0 1 23 prefer version 4 awplus config ntp server 192 0 1 23 prefer version 4 key 1234 awplus conf...

Страница 2555: ...awplus config ntp server 2001 0db8 010e 2 prefer awplus config ntp server 2001 0db8 010e 2 prefer version 4 awplus config ntp server 2001 0db8 010e 2 prefer version 4 key 1234 awplus config ntp serve...

Страница 2556: ...using this command is matched to the interface When selecting a source IP address to use for NTP messages to the peer if the configured NTP client source IP address is unavailable then default behavi...

Страница 2557: ...onfigure the NTP source interface with the IPv6 address 2001 0db8 010e 2 enter the commands awplus configure terminal awplus config ntp source 2001 0db8 010e 2 To remove a configured address for the N...

Страница 2558: ...dWare Plus Operating System Version 5 4 7 1 x NTP COMMANDS NTP TRUSTED KEY DEPRECATED ntp trusted key deprecated Overview This command has been deprecated in Software Version 5 4 6 1 1 Please use the...

Страница 2559: ...x510 Series 2559 AlliedWare Plus Operating System Version 5 4 7 1 x NTP COMMANDS SHOW COUNTER NTP DEPRECATED show counter ntp deprecated Overview From version 5 4 6 1 x onwards this command has been...

Страница 2560: ...5 256 377 27 144 0 775 0 193 system peer backup candidate outlier x false ticker Table 2 Parameters in the output from the show ntp associations command Parameter Description system peer The peer that...

Страница 2561: ...when When last polled seconds ago h hours ago or d days ago poll Time between NTP requests from the device to the server reach An indication of whether or not the NTP server is responding to requests...

Страница 2562: ...tricted 0 rate limited 0 KoD responses 0 processed for time 306 Table 57 1 Parameters in the output from show ntp counters Parameter Description uptime How long NTP has been running since it was last...

Страница 2563: ...tch any restrict statements in the NTP restrictions NTP drops these packets See the command ntp restrict for more information rate limited The number of packets dropped because the packet rate exceede...

Страница 2564: ...plicate 0 bad header 0 kod received 0 Table 57 2 Parameters in the output from show ntp counters associations Parameter Description Peer An NTP peer or server that the device is associated with sent T...

Страница 2565: ...r The number of packets where one or more header fields are invalid kod received The number of Kiss of Death packets received from the peer KoD packets indicate that this device is sending NTP packets...

Страница 2566: ...how ntp status For information about the output displayed by this command see ntp org Figure 57 3 Example output from the show ntp status command awplus show ntp status associd 0 status 061b leap_none...

Страница 2567: ...mmand output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Command List debug snmp on page 2569 show counter snmp server on page 2570 show debugging snmp on pag...

Страница 2568: ...eID local reset on page 2594 snmp server group on page 2595 snmp server host on page 2597 snmp server legacy ifadminstatus on page 2599 snmp server location on page 2600 snmp server source interface o...

Страница 2569: ...mp detail To start SNMP debugging showing all SNMP debugging information use the command awplus debug snmp all Related Commands show debugging snmp terminal monitor undebug snmp Parameter Description...

Страница 2570: ...ple output from the show counter snmp server command SNMP SERVER counters inPkts 11 inBadVersions 0 inBadCommunityNames 0 inBadCommunityUses 0 inASNParseErrs 0 inTooBigs 0 inNoSuchNames 0 inBadValues...

Страница 2571: ...ed SNMP Messages inTooBigs The number of SNMP PDUs received by the SNMP agent where the value of the error status field is tooBig This is sent by an SNMP manager to indicate that an exception occurred...

Страница 2572: ...SNMP agent has sent outTooBigs The number of SNMP PDUs that the SNMP agent has generated with the value tooBig in the error status field This is sent to the SNMP manager to indicate that an exception...

Страница 2573: ...P agent s window UnknownUserNames The number of received packets that the SNMP agent has dropped because they referenced an unknown user UnknownEngineIDs The number of received packets that the SNMP a...

Страница 2574: ...ew This command displays whether SNMP debugging is enabled or disabled Syntax show debugging snmp Mode User Exec and Privileged Exec Example To display the status of SNMP debugging use the command awp...

Страница 2575: ...eged Exec Example To display the current configuration of SNMP on your device use the command awplus show running config snmp Output Figure 58 3 Example output from the show running config snmp comman...

Страница 2576: ...show snmp server Mode Privileged Exec Example To display the status of the SNMP server use the command awplus show snmp server Output Figure 58 4 Example output from the show snmp server command Rela...

Страница 2577: ...es configured on the device SNMP communities are specific to v1 and v2c Syntax show snmp server community Mode Privileged Exec Example To display the SNMP server communities use the command awplus sho...

Страница 2578: ...show snmp server group Mode Privileged Exec Example To display the SNMP groups configured on the device use the command awplus show snmp server group Output Figure 58 6 Example output from the show s...

Страница 2579: ...e SNMP server users and is used with SNMP version 3 only Syntax show snmp server user Mode Privileged Exec Example To display the SNMP server users configured on the device use the command awplus show...

Страница 2580: ...he SNMP server views and is used with SNMP version 3 only Syntax show snmp server view Mode Privileged Exec Example To display the SNMP server views configured on the device use the command awplus sho...

Страница 2581: ...regation e g sa2 po2 To specify where notifications are sent use the snmp server host command To configure the device globally to send other notifications use the snmp server enable trap command Examp...

Страница 2582: ...nd Reference for x510 Series 2582 AlliedWare Plus Operating System Version 5 4 7 1 x SNMP COMMANDS SNMP TRAP LINK STATUS Related Commands show interface snmp trap link status suppress snmp server enab...

Страница 2583: ...s started when the first link status notification of a particular type linkUp or linkDown is sent for an interface If the threshold number of notifications of this type is sent before the timerreaches...

Страница 2584: ...1 x SNMP COMMANDS SNMP TRAP LINK STATUS SUPPRESS To disable the suppression link status notifications for port 1 0 2 use following commands awplus configure terminal awplus config interface port1 0 2...

Страница 2585: ...ipv6 no snmp server ip ipv6 Default By default the SNMP agent is enabled for both IPv4 and IPv6 If neither the ip parameter nor the ipv6 parameter is specified for this command then SNMP is enabled or...

Страница 2586: ...Version 5 4 7 1 x SNMP COMMANDS SNMP SERVER Related Commands show snmp server show snmp server community show snmp server user snmp server community snmp server contact snmp server enable trap snmp se...

Страница 2587: ...no snmp server community community name view view name access list Mode Global Configuration Example The following command creates an SNMP community called public with read only access to all MIB vari...

Страница 2588: ...is command removes the contact information from the system Syntax snmp server contact contact info no snmp server contact Mode Global Configuration Example To set the system contact information to sup...

Страница 2589: ...Description atmf AMF traps atmflink AMF Link traps atmfnode AMF Node traps atmfrr AMF Reboot Rolling traps auth Authentication failure dhcpsnooping DHCP snooping and ARP security traps These notifica...

Страница 2590: ...erver enable trap atmfnode To enable the device to send PoE related traps use the following commands awplus configure terminal awplus config snmp server enable trap power inline To disable PoE traps b...

Страница 2591: ...Reference for x510 Series 2591 AlliedWare Plus Operating System Version 5 4 7 1 x SNMP COMMANDS SNMP SERVER ENABLE TRAP Related Commands show snmp server show ip dhcp snooping snmp trap link status s...

Страница 2592: ...hich is permanently set unless it is configured by the user In a stacked environment if the same engine ID was automatically generated for all members of the stack conflicts would occur if the stack w...

Страница 2593: ...values after configuration Related Commands show snmp server snmp server engineID local reset snmp server group awplus config snmp server engineid local asdgdfh231234d awplus config exit awplus show...

Страница 2594: ...v3 engine ID by resetting the SNMPv3 engine If the current engine ID is user defined usethe snmp server engineID local command to set SNMPv3 engineID to a system generated value Syntax snmp server eng...

Страница 2595: ...p server group groupname auth noauth priv Mode Global Configuration Examples To add SNMP group for ordinary users user the following commands awplus configure terminal awplus config snmp server group...

Страница 2596: ...v B Command Reference for x510 Series 2596 AlliedWare Plus Operating System Version 5 4 7 1 x SNMP COMMANDS SNMP SERVER GROUP Related Commands snmp server show snmp server show snmp server group show...

Страница 2597: ...NMP v2c or the authentication encryption parameters and user name SNMP v3 Syntax snmp server host ipv4 address ipv6 address traps version 1 community name snmp server host ipv4 address ipv6 address in...

Страница 2598: ...traps to the IPv6 host destination 2001 db8 8a2e 7334 with the SNMPv2c community name private use the following command awplus configure terminal awplus config snmp server host version 2c private2001...

Страница 2599: ...ct the administrative state of the interface Syntax snmp server legacy ifadminstatus no snmp server legacy ifadminstatus Default Legacy ifAdminStatus is turned off by default so by default the SNMP if...

Страница 2600: ...variant of this command removes the configured location from the system Syntax snmp server location location name no snmp server location Mode Global Configuration Example To set the location to serv...

Страница 2601: ...of the traps and informs messages Mode Global Configuration Usage An SNMP trap or inform message that is sent from an SNMP server carries the notification IP address of its originating interface Use...

Страница 2602: ...delay time no snmp server startup trap delay Default The SNMP server trap delay time is 30 seconds The no variant restores the default Mode Global Configuration Example To delay the device sending SNM...

Страница 2603: ...ords must be the same for both entities Use the encrypted parameter when you want to enter already encrypted passwords in encrypted form as displayed in the running and startup configs stored on the d...

Страница 2604: ...command To enter existing SNMP user authuser with existing passwords as a member of group newusergroup with authentication protocol md5 plus the encrypted authentication password 0x1c74b9c22118291b0ce...

Страница 2605: ...C613 50170 01 Rev B Command Reference for x510 Series 2605 AlliedWare Plus Operating System Version 5 4 7 1 x SNMP COMMANDS SNMP SERVER USER Related Commands show snmp server user snmp server view...

Страница 2606: ...removes the specified view on the device The view must already exist Syntax snmp server view view name mib name included excluded no snmp server view view name Mode Global Configuration Examples The f...

Страница 2607: ...Rev B Command Reference for x510 Series 2607 AlliedWare Plus Operating System Version 5 4 7 1 x SNMP COMMANDS UNDEBUG SNMP undebug snmp Overview This command applies the functionality of the no debug...

Страница 2608: ...etwork information gathered using LLDP is transferred to a Network Management System by SNMP For security reasons we recommend using SNMPv3 for this purpose see the SNMP Feature Overview and Configura...

Страница 2609: ...location identifier on page 2636 location civic location id on page 2637 location coord location configuration on page 2638 location coord location identifier on page 2640 location coord location id o...

Страница 2610: ...plied LLDP statistics for all ports are cleared Syntax clear lldp statistics interface port list Mode Privileged Exec Examples To clear the LLDP statistics on ports 1 0 1 and 1 0 6 use the command awp...

Страница 2611: ...information is cleared for all ports Syntax clear lldp table interface port list Mode Privileged Exec Examples To clear the table of neighbor information received on ports 1 0 1 and 1 0 6 use the com...

Страница 2612: ...eration no debug lldp all Default By default no debug is enabled for any ports Mode Privileged Exec Examples To enable debugging of LLDP receive on ports 1 0 1 and 1 0 6 use the command awplus debug l...

Страница 2613: ...170 01 Rev B Command Reference for x510 Series 2613 AlliedWare Plus Operating System Version 5 4 7 1 x LLDP COMMANDS DEBUG LLDP Related Commands show debugging lldp show running config lldp terminal m...

Страница 2614: ...etects a new LLDP MED capable device The no variant of this command resets the LLDPD MED fast start count to the default 3 Syntax lldp faststart count 1 10 no lldp faststart count Default The default...

Страница 2615: ...multiplier Default The default holdtime multiplier value is 4 Mode Global Configuration Usage The Time To Live defines the period for which the information advertised to the neighbor is valid If the T...

Страница 2616: ...MAC address of the device s baseboard if no VLAN IP addresses are configured for the port Mode Interface Configuration Usage To see the management address that will be advertised use the show lldp in...

Страница 2617: ...cations relating to the specified ports Syntax lldp med notifications no lldp med notifications Default The sending of LLDP MED notifications is disabled by default Mode Interface Configuration Exampl...

Страница 2618: ...v select capabilities network policy location power management ext inventory management no lldp med tlv select all Parameter Description capabilities LLDP MED Capabilities TLV When this is enabled the...

Страница 2619: ...ry TLV Set in advertisements transmitted via ports 1 0 1 and 1 0 6 use the commands awplus configure terminal awplus config interface port1 0 1 port1 0 6 awplus config if lldp med tlv select inventory...

Страница 2620: ...TLV SELECT Related Commands lldp tlv select location elin location id location civic location identifier location civic location configuration location coord location identifier location coord locatio...

Страница 2621: ...ed to LLDP MED advertisements according to ANSI TIA 1057 and LLDP MED TLVs in non standard order are discarded Mode Global Configuration Usage The ANSI TIA 1057 specifies standard order for TLVs in LL...

Страница 2622: ...nt of this command sets the notification interval back to its default Syntax lldp notification interval 5 3600 no lldp notification interval Default The default notification interval is 5 seconds Mode...

Страница 2623: ...tifications Default The sending of LLDP SNMP notifications is disabled by default Mode Interface Configuration Examples To enable sending of LLDP SNMP notifications for ports 1 0 1 and 1 0 6 use the c...

Страница 2624: ...lt port identifier type is number The no variant of this command sets the port identifier type to the default Mode Global Configuration Examples To set the type of port identifier used to enumerate LL...

Страница 2625: ...s command sets the reinitialization delay back to its default setting Syntax lldp reinit 1 10 no lldp reinit Default The default reinitialization delay is 2 seconds Mode Global Configuration Examples...

Страница 2626: ...iant of this command disables the operation of LLDP on the device The LLDP configuration remains unchanged Syntax lldp run no lldp run Default LLDP is disabled by default Mode Global Configuration Exa...

Страница 2627: ...tax lldp timer 5 32768 no lldp timer Default The default transmit interval is 30 seconds Mode Global Configuration Examples To set the transmit interval to 90 seconds use the commands awplus configure...

Страница 2628: ...is command disables the specified optional TLVs or all optional TLVs for transmission in LLDP advertisements via the specified ports Syntax lldp tlv select tlv lldp tlv select all no lldp tlv select t...

Страница 2629: ...ommands awplus configure terminal awplus config interface port1 0 1 port1 0 6 awplus config if lldp tlv select all To exclude the management address and system name TLVs from advertisements transmitte...

Страница 2630: ...ansmission of LLDP advertisements on ports 1 0 1 and 1 0 6 use the commands awplus configure terminal awplus config interface port1 0 1 port1 0 6 awplus config if lldp transmit To enable LLDP advertis...

Страница 2631: ...ts default setting Syntax lldp tx delay 1 8192 no lldp tx delay Default The default transmission delay timer is 2 seconds Mode Global Configuration Examples To set the transmission delay timer to 12 s...

Страница 2632: ...to delete civic address parameters from the location Syntax country country state state no state county county no county city city no city division division no division neighborhood neighborhood no ne...

Страница 2633: ...community name postal community name no postal community name post office box post office box no post office box additional code additional code no additional code seat seat no seat primary road name...

Страница 2634: ...g street direction CA Type 16 trailing street suffix Trailing street suffix CA Type 17 street suffix Street suffix CA Type 18 street suffix or type house number House number CA Type 19 house number su...

Страница 2635: ...ss location For more information about civic address format see the LLDP Feature Overview and Configuration Guide To specify the civic address location use the location civic location identifier comma...

Страница 2636: ...civic address location identifier use the location civic location configuration command To associate this civic location identifier with particular ports use the location elin location id command Up...

Страница 2637: ...port can be transmitted in Location Identification TLVs via the port Before using this command create the location using the following commands location civic location identifier command location civi...

Страница 2638: ...as 34 bit fixed point binary numbers with a 25 bit fractional part irrespective of the number of digits entered by the user Likewise Parameter Description lat resolution Latitude resolution as a numbe...

Страница 2639: ...rch area To specify the coordinate identifier use the location coord location identifier command To remove coordinate information delete the coordinate location by using the no variant of that command...

Страница 2640: ...r each type of location information up to a total of 1200 locations To configure this coordinate location use the location coord location configuration command To associate this coordinate location wi...

Страница 2641: ...an be transmitted in Location Identification TLVs via the port Before using this command configure the location using the following commands location coord location identifier command location coord l...

Страница 2642: ...o a total of 1200 locations To assign this ELIN location to particular ports so that it can be advertised in TLVs from those ports use the location elin location id command Examples To create a new EL...

Страница 2643: ...Configuration Usage An ELIN location associated with a port can be transmitted in Location Identification TLVs via the port Before using this command configure the location using the location elin loc...

Страница 2644: ...gging lldp interface port1 0 1 1 0 6 Output Figure 59 1 Example output from the show debugging lldp command Parameter Description port list The ports for which the LLDP debug settings are shown LLDP D...

Страница 2645: ...C613 50170 01 Rev B Command Reference for x510 Series 2645 AlliedWare Plus Operating System Version 5 4 7 1 x LLDP COMMANDS SHOW DEBUGGING LLDP Related Commands debug lldp...

Страница 2646: ...secs Reinitialization Delay 2 secs 2 Tx Delay 2 secs 2 Port Number Type Ifindex Port Number Fast Start Count 5 3 LLDP Global Status Total Neighbor Count 47 Neighbors table last updated 0 hrs 0 mins 43...

Страница 2647: ...e to a change in LLDP local information Port Number Type The type of port identifier used to enumerate LLDP MIB local port entries as set by the lldp port number type command Fast Start Count The numb...

Страница 2648: ...s inactive on this port because it is a mirror analyser port Notification Abbreviations RC LLDP Remote Tables Change TC LLDP MED Topology Change TLV Abbreviations Base Pd Port Description Sn System Na...

Страница 2649: ...ge Notification Management Addr Management address advertised to neighbors Base TLVs Enabled for Tx List of optional Base TLVs enabled for transmission Pd Port Description Sn System Name Sd System Des...

Страница 2650: ...dp transmit receive command which TLVs it is configured to send lldp tlv select command lldp med tlv select command Examples To display local information transmitted via port 1 0 1 use the command awp...

Страница 2651: ...ility Disabled Power Class Unknown Link Aggregation Supported Disabled Maximum Frame Size 1522 LLDP MED Device Type Network Connectivity LLDP MED Capabilities LLDP MED Capabilities Network Policy Loca...

Страница 2652: ...em description System Capabilities Supported Capabilities that the local port supports System Capabilities Enabled Enabled capabilities on the local port Management Addresses Management address associ...

Страница 2653: ...e capability of the implemented MAC and PHY LLDP MED Device Type LLDP MED device type LLDP MED Capabilities Capabilities LLDP MED capabilities supported on the local port Network Policy List of networ...

Страница 2654: ...description interface hostname lldp transmit receive Power Value The total power the switch can source over a maximum length cable to a PD device on the port The value shows the power value in Watts...

Страница 2655: ...neighbors interface port1 0 1 port1 0 6 Output Figure 59 4 Example output from the show lldp neighbors command Parameter Description port list The ports for which the neighbor information is to be sh...

Страница 2656: ...l Port Local port on which the neighbor information was received Neighbor Chassis ID Chassis ID that uniquely identifies the neighbor Neighbor Port Name Port ID of the neighbor Neighbor Sys Name Syste...

Страница 2657: ...lldp neighbors detail base dot1 dot3 med interface port list Mode User Exec and Privileged Exec Examples To display detailed neighbor information received via all ports use the command awplus show lld...

Страница 2658: ...D 1 Port Protocol VLAN Supported Yes Enabled Yes VIDs 5 VLAN Names default vlan5 Protocol IDs 9000 0026424203000000 888e01 8100 88090101 00540000e302 0800 0806 86dd MAC PHY Auto negotiation Supported...

Страница 2659: ...orted Capabilities that the neighbor supports System Capabilities Enabled Capabilities that are enabled on the neighbor Management Addresses List of neighbor s management addresses Port VLAN ID PVID V...

Страница 2660: ...imum frame size capability LLDP MED Device Type LLDP MED Device type LLDP MED Capabilities LLDP MED capabilities supported Network Policy List of network policies Location Identification Location info...

Страница 2661: ...3 In Errored 0 In Dropped 0 TLVs Unrecognized 0 Discarded 0 Neighbors New Entries 20 Deleted Entries 20 Dropped Entries 0 Entry Age outs 20 Table 63 Parameters in the output of the show lldp statistic...

Страница 2662: ...neighbors has been removed from the neighbor table Neighbors Dropped Entries Number of times the information advertised by neighbors could not be entered into the neighbor table because of insufficien...

Страница 2663: ...istics interface To display LLDP statistics information for ports 1 0 1 and 1 0 6 use the command awplus show lldp statistics interface port1 0 1 port1 0 6 Output Parameter Description port list The p...

Страница 2664: ...gnized Number of LLDP TLVs received that are not recognized but the TLV type is in the range of reserved TLV types TLVs Discarded Number of LLDP TLVs discarded for any reason Neighbors New Entries Num...

Страница 2665: ...ivic location interface port1 0 1 To display coordinate location information configured on the identifier 1 use the command awplus show location coord location identifier 1 Parameter Description civic...

Страница 2666: ...lin location id location civic location identifier location civic location configuration location coord location identifier location coord location configuration location elin location Table 67 Exampl...

Страница 2667: ...nce for commands used to configure SMTP For information on filtering and saving command output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Command List debug...

Страница 2668: ...ing emails The no variant of this command turns off debugging for sending emails Syntax debug mail no debug mail Mode Privileged Exec Examples To turn on debugging for sending emails use the command a...

Страница 2669: ...To delete a unique mail item 20060912142356 1234 from the queue use the command awplus delete mail 20060912142356 1234 To delete all mail from the queue use the command awplus delete mail all Related...

Страница 2670: ...a mail server using the mail smtpserver command Syntax mail to to subject subject file filename Mode Privileged Exec Example To send an email to rei nerv comwith the subject dummy plug configuration...

Страница 2671: ...mand You must specify a sending email address with this command before you can send any email Syntax mail from from Mode Global Configuration Example To set the email address from which you are sendin...

Страница 2672: ...st also ensure that the DNS client on your device is enabled It is enabled by default but if it has been disabled you can re enable it by using the ip domain lookup command Example To specify a mail s...

Страница 2673: ...from the show counter mail command Example To show the emails in the queue use the command awplus show counter mail Related Commands debug mail delete mail mail mail from show mail Mail Client SMTP c...

Страница 2674: ...ng System Version 5 4 7 1 x SMTP COMMANDS SHOW MAIL show mail Overview This command displays the emails in the queue Syntax show mail Mode Privileged Exec Example To display the emails in the queue us...

Страница 2675: ...Rev B Command Reference for x510 Series 2675 AlliedWare Plus Operating System Version 5 4 7 1 x SMTP COMMANDS UNDEBUG MAIL undebug mail Overview This command applies the functionality of the no debug...

Страница 2676: ...Feature Overview and Configuration Guide RMON is disabled by default in AlliedWare Plus No RMON alarms or events are configured For information on filtering and saving command output see the Getting...

Страница 2677: ...The variable SNMP MIB Object Identifier OID name to be monitored in the format etherStatsEntry field stats index For example etherStatsEntry 5 22 is the OID for the etherStatsPkts field in the etherSt...

Страница 2678: ...alue with the form etherStatsEntry field stats index for example etherStatsEntry 22 5 Example To configure an alarm to monitor the change per minute in the etherStatsPkt value for interface 22 defined...

Страница 2679: ...istory index buckets 1 65535 interval 1 3600 owner owner no rmon collection history history index Default The default interval is 1800 seconds and the default buckets is 50 buckets Mode Interface Conf...

Страница 2680: ...ollection stats collection index Default RMON statistics are not enabled by default Mode Interface Configuration Example To enable the collection of RMON statistics with a statistics index of 200 use...

Страница 2681: ...log description description owner owner trap trap rmon event event index log trap description description owner owner no rmon event event index Default No event is configured by default Mode Global C...

Страница 2682: ...larm Overview Use this command to display the alarms and threshold configured for the RMON probe NOTE Only the alarms for switch port interfaces not for VLAN interfaces can be shown Syntax show rmon a...

Страница 2683: ...owing etherStats counters are not currently available for Layer 3 interfaces etherStatsBroadcastPkts etherStatsCRCAlignErrors etherStatsUndersizePkts etherStatsOversizePkts etherStatsFragments etherSt...

Страница 2684: ...nce for x510 Series 2684 AlliedWare Plus Operating System Version 5 4 7 1 x RMON COMMANDS SHOW RMON EVENT Example To display the events configured for the RMON probe use this command awplus show rmon...

Страница 2685: ...tput from the show rmon history command NOTE The following etherStats counters are not currently available for Layer 3 interfaces etherStatsBroadcastPkts etherStatsCRCAlignErrors etherStatsUndersizePk...

Страница 2686: ...perating System Version 5 4 7 1 x RMON COMMANDS SHOW RMON HISTORY etherStatsPkts1024to1518Octets Example To display the parameters specified on all the currently defined RMON history collections us th...

Страница 2687: ...the show rmon statistics command NOTE The following etherStats counters are not currently available for Layer 3 interfaces etherStatsBroadcastPkts etherStatsCRCAlignErrors etherStatsUndersizePkts eth...

Страница 2688: ...170 01 Rev B Command Reference for x510 Series 2688 AlliedWare Plus Operating System Version 5 4 7 1 x RMON COMMANDS SHOW RMON STATISTICS etherStatsPkts1024to1518Octets Related Commands rmon collectio...

Страница 2689: ...hostkey on page 2693 crypto key destroy userkey on page 2694 crypto key generate hostkey on page 2695 crypto key generate userkey on page 2697 crypto key pubkey chain knownhosts on page 2698 crypto ke...

Страница 2690: ...w ssh server deny users on page 2720 ssh on page 2721 ssh client on page 2723 ssh server on page 2725 ssh server allow users on page 2727 ssh server authentication on page 2729 ssh server deny users o...

Страница 2691: ...d of your message to save the text and re enter the normal command line mode The banner message is preserved if the device restarts The no variant of this command deletes the login banner from the dev...

Страница 2692: ...y delete an SSH session if you are a system manager or the user who initiated the session If all is specified then all active SSH sessions are deleted Syntax clear ssh 1 65535 all Mode Privileged Exec...

Страница 2693: ...key generate hostkey command to generate that key before you enable the SSH server Syntax crypto key destroy hostkey dsa ecdsa rsa rsa1 Mode Global Configuration Example To destroy the RSA host key us...

Страница 2694: ...user key for the SSH user remoteuser use the commands awplus configure terminal awplus config crypto key destroy userkey remoteuser rsa Related Commands crypto key generate hostkey show ssh show cryp...

Страница 2695: ...y generate hostkey dsa 768 1024 crypto key generate hostkey rsa rsa1 768 32768 crypto key generate hostkey ecdsa 256 384 Default The default key length for RSA and DSA is 1024 bits The default key siz...

Страница 2696: ...5 4 7 1 x SECURE SHELL SSH COMMANDS CRYPTO KEY GENERATE HOSTKEY To generate an ECDSA host key with an elliptic curve size of 384 bits use the commands awplus configure terminal awplus config crypto ke...

Страница 2697: ...ions for the user bob use the commands awplus configure terminal awplus config crypto key generate userkey bob rsa 2048 To generate a DSA user key for the user lapo use the commands awplus configure t...

Страница 2698: ...pv6 hostname rsa dsa rsa1 no crypto key pubkey chain knownhosts 1 65535 Default If no cryptography algorithm is specified then rsa is used as the default cryptography algorithm Mode Privilege Exec Usa...

Страница 2699: ...he remote server then SSH clients will inform the user that the public key of the server is altered or unknown Examples To add the RSA host key of the remote SSH host IPv4 address 192 0 2 11 to the kn...

Страница 2700: ...s text into the terminal To add a key as text into the terminal first enter the command crypto key pubkey chain userkey username and hit Enter Enter the key as text Note that the key you enter as text...

Страница 2701: ...ain userkey joeType CNTL D to finish AAAAB3NzaC1yc2EAAAABIwAAAIEAr1s7SokW5aW2fcOw1TStpb9J20b WluhnUC768EoWhyPW6FZ2t5360O5M29EpKBmGqlkQaz5V0mU9IQe66 5YyD4Ux OKSDtTI 7jtjDcoGWHb2u4sFwRpXwJZcgYrXW16 6NvN...

Страница 2702: ...the SSH client from generating diagnostic debugging message Syntax debug ssh client brief full no debug ssh client Default SSH client debugging is disabled by default Mode Privileged Exec and Global...

Страница 2703: ...debugging facility This stops the SSH server from generating diagnostic debugging messages Syntax debug ssh server brief full no debug ssh server Default SSH server debugging is disabled by default Mo...

Страница 2704: ...ssions use the clear ssh command Syntax service ssh ip ipv6 no service ssh ip ipv6 Default The Secure Shell server is disabled by default Both IPv4 and IPv6 Secure Shell server are enabled when you is...

Страница 2705: ...or x510 Series 2705 AlliedWare Plus Operating System Version 5 4 7 1 x SECURE SHELL SSH COMMANDS SERVICE SSH Related Commands crypto key generate hostkey show running config ssh show ssh server ssh se...

Страница 2706: ...mand displays the banner message configured on the device The banner message is displayed to the remote user before user authentication starts Syntax show banner login Mode User Exec Privileged Exec G...

Страница 2707: ...y hostkey dsa ecdsa rsa rsa1 Mode User Exec Privileged Exec and Global Configuration Examples To show the public keys generated on the device for SSH server use the command awplus show crypto key host...

Страница 2708: ...ELL SSH COMMANDS SHOW CRYPTO KEY HOSTKEY Related Commands crypto key destroy hostkey crypto key generate hostkey Table 1 Parameters in output of the show crypto key hostkey command Parameter Descripti...

Страница 2709: ...e the command awplus show crypto key pubkey chain knownhosts 1 Output Figure 62 2 Example output from the show crypto key public chain knownhosts command Related Commands crypto key pubkey chain known...

Страница 2710: ...t are registered with the SSH server use the command awplus show crypto key pubkey chain userkey manager Output Figure 62 3 Example output from the show crypto key public chain userkey command Related...

Страница 2711: ...pub Output Figure 62 4 Example output from the show crypto key userkey command Related Commands crypto key generate userkey Parameter Description username User name of the local SSH user whose keys y...

Страница 2712: ...92 168 1 ssh server allow users john ssh server deny user john a company com ssh server Table 5 Parameters in the output of the show running config ssh command Parameter Description ssh server SSH ser...

Страница 2713: ...E SHELL SSH COMMANDS SHOW RUNNING CONFIG SSH Related Commands service ssh show ssh server ssh server allow users Add the user and hostname to the allow list ssh server deny users Add the user and host...

Страница 2714: ...h command Secure Shell Sessions ID Type Mode Peer Host Username State Filename 414 ssh server 172 16 23 1 root open 456 ssh client 172 16 23 10 manager user auth 459 scp client 172 16 23 12 root downl...

Страница 2715: ...e has accepted a new session host auth host to host authentication is in progress user auth User authentication is in progress authenticated User authentication is complete open The session is in prog...

Страница 2716: ...ent Output Figure 62 7 Example output from the show ssh client command Related Commands show ssh server Secure Shell Client Configuration Port 22 Version 2 1 Connect Timeout 30 seconds Session Timeout...

Страница 2717: ...Shell Server Configuration SSH Server Enabled Port 22 Version 2 Services scp sftp User Authentication publickey password Resolve Hosts Disabled Session Timeout 0 Off Login Timeout 60 seconds Maximum...

Страница 2718: ...econds that the SSH server will wait to receive data from the SSH client The server disconnects if this timer limit is reached If set at 0 the idle timer remains off Maximum Startups The maximum numbe...

Страница 2719: ...r use the command awplus show ssh server allow users Output Figure 62 9 Example output from the show ssh server allow users command Related Commands ssh server allow users ssh server deny users Userna...

Страница 2720: ...obal Configuration Example To display the user entries in the deny list of the SSH server use the command awplus show ssh server deny users Output Figure 62 10 Example output from the show ssh server...

Страница 2721: ...ername is used for login to the remote SSH server when user authentication is required Otherwise the current user name is used username User name to login on the remote server port SSH server port If...

Страница 2722: ...the command awplus ssh ip user manager 192 0 2 5 To login to the remote SSH server at 192 0 2 5 that is listening TCP port 2000 use the command awplus ssh port 2000 192 0 2 5 To login to the remote SS...

Страница 2723: ...ession timeout 0 3600 connect timeout 1 600 no ssh client port version session timeout connect timeout Parameter Description port The default TCP port of the remote SSH server If an SSH client specifi...

Страница 2724: ...on timeout 600 To configure the connect timeout of SSH client to 10 seconds use the command awplus ssh client connect timeout 10 To restore the connect timeout to its default use the command awplus no...

Страница 2725: ...orts both SSHv2 and SSHv1client connections Default v1v2 v2only Supports SSHv2 client connections only 1 65535 The TCP port number that the server listens to for incoming SSH sessions Default 22 sessi...

Страница 2726: ...ctions waiting authentication from SSH server to 3 use the commands awplus configure terminal awplus config ssh server max startups To set max startups parameters of SSH server to the default configur...

Страница 2727: ...xisting entry Syntax ssh server allow users username pattern hostname pattern no ssh server allow users username pattern hostname pattern Mode Global Configuration Examples To allow the user john to c...

Страница 2728: ...x SECURE SHELL SSH COMMANDS SSH SERVER ALLOW USERS To delete the existing user entry john 192 168 1 in the allow list use the commands awplus configure terminal awplus config no ssh server allow user...

Страница 2729: ...ver authentication password publickey no ssh server authentication password publickey Default Both RSA public key authentication and password authentication are enabled by default Mode Global Configur...

Страница 2730: ...uthentication for users connecting through SSH use the commands awplus configure terminal awplus config no ssh server authentication password To disable publickey authentication for users connecting t...

Страница 2731: ...ver deny users username pattern hostname pattern Mode Global Configuration Examples To deny the user john to access SSH login from any host use the commands awplus configure terminal awplus config ssh...

Страница 2732: ...1 x SECURE SHELL SSH COMMANDS SSH SERVER DENY USERS To delete the existing user entry john 192 168 2 in the deny list use the commands awplus configure terminal awplus config no ssh server deny users...

Страница 2733: ...its default value of 6 Syntax ssh server max auth tries 1 32 no ssh server max auth tries Default 6 attempts Mode Global Configuration Usage By default users must wait one second after a failed login...

Страница 2734: ...Syntax ssh server resolve hosts no ssh server resolve hosts Default This feature is disabled by default Mode Global Configuration Usage Your device has a DNS Client that is enabled automatically when...

Страница 2735: ...device accepts SCP connections The SCP service is enabled by default as soon as the SSH server is enabled The no variant of this command disables the SCP service on the SSH server Once disabled SCP r...

Страница 2736: ...s The SFTP service is enabled by default as soon as the SSH server is enabled If the SSH server is disabled SFTP service is unavailable The no variant of this command disables SFTP service on the SSH...

Страница 2737: ...Reference for x510 Series 2737 AlliedWare Plus Operating System Version 5 4 7 1 x SECURE SHELL SSH COMMANDS UNDEBUG SSH CLIENT undebug ssh client Overview This command applies the functionality of the...

Страница 2738: ...Reference for x510 Series 2738 AlliedWare Plus Operating System Version 5 4 7 1 x SECURE SHELL SSH COMMANDS UNDEBUG SSH SERVER undebug ssh server Overview This command applies the functionality of the...

Страница 2739: ...utput see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Command List active trigger on page 2741 day on page 2742 debug trigger on page 2744 description trigger on...

Страница 2740: ...x TRIGGER COMMANDS type periodic on page 2768 type ping poll on page 2769 type reboot on page 2770 type stack disabled master on page 2771 type stack link on page 2772 type stack master fail on page 2...

Страница 2741: ...active Mode Trigger Configuration Usage Configure a trigger first before you use this command to activate it Forinformationaboutconfiguringatrigger seethe TriggersFeatureOverviewand Configuration Gui...

Страница 2742: ...Port LEDs in the Triggers Feature Overview and Configuration Guide Examples To permit trigger 55 to activate on the 1 October 2016 use the commands awplus configure terminal awplus config trigger 55 a...

Страница 2743: ...rating System Version 5 4 7 1 x TRIGGER COMMANDS DAY To permit trigger 12 to activate on a Mondays Wednesdays and Fridays use the commands awplus configure terminal awplus config trigger 12 awplus con...

Страница 2744: ...messages about how your device is processing the trigger commands and activating the triggers The no variant of this command disables trigger debugging Syntax debug trigger no debug trigger Mode Priv...

Страница 2745: ...r this trigger Syntax description description no description Mode Trigger Configuration Examples To give trigger 240 the description daily status report use the commands awplus configure terminal awpl...

Страница 2746: ...imited number of times To reset a trigger to this default specify either yes or forever Syntax repeat forever no once yes 1 4294967294 Mode Trigger Configuration Examples To allow trigger 21 to activa...

Страница 2747: ...r position in the script list The all parameter removes all scripts from the trigger Syntax script 1 5 filename no script 1 5 filename all Mode Trigger Configuration Examples To configure trigger 71 t...

Страница 2748: ...h cpu_trig sh from trigger 71 s script list use the commands awplus configure terminal awplus config trigger 71 awplus config trigger no script flash cpu_trig sh To remove all the scripts from trigger...

Страница 2749: ...off from the debug trigger command Syntax show debugging trigger Mode User Exec and Privileged Exec Example To display the current configuration of trigger debugging use the command awplus show debug...

Страница 2750: ...G CONFIG TRIGGER show running config trigger Overview This command displays the current running configuration of the trigger utility Syntax show running config trigger Mode Privileged Exec Example To...

Страница 2751: ...on about all triggers full Displays detailed information about all triggers Table 1 Example output from the show trigger command awplus show trigger TR Type Details Name Ac Te Tr Repeat Scr Days Date...

Страница 2752: ...number of times a trigger has activated use the show trigger 1 250 command Scr Number of scripts associated with the trigger Days Date Days or date when the trigger may be activated For the days opti...

Страница 2753: ...ation not activated Number of scripts 0 1 not configured 2 not configured 3 not configured 4 not configured 5 not configured Trigger 2 Description no description Type and details USB out Days smtwtfs...

Страница 2754: ...ntinuous or for a set number of times When the trigger can repeat only a set number of times then the number of times the trigger has been activated is displayed in brackets Modified The date and time...

Страница 2755: ...has been activated Time triggers activated today Number of times a time trigger has been activated today Periodic triggers activated today Number of times a periodic trigger has been activated today...

Страница 2756: ...activates the scripts associated with the trigger will be run as normal Syntax test no test Mode Trigger Configuration Usage Configure a trigger first before you use this command to diagnose it For in...

Страница 2757: ...midnight during which the trigger may activate By default the value of this parameter is 23 59 59 that is the trigger may activate at any time If the value specified for before is later than the valu...

Страница 2758: ...igger 63 to activate between midnight and 10 30am use the commands awplus configure terminal awplus config trigger 63 awplus config trigger time before 10 30 00 To allow trigger 64 to activate between...

Страница 2759: ...ch MIB objects are supported the SNMP Feature Overview and Configuration_Guide the SNMP Commands chapter Since SNMP traps are enabled by default for all defined triggers a common usage will be for the...

Страница 2760: ...nal parameters can be specified At a minimum the trigger type information must be specified before the trigger can become active The no variant of this command removes a specified trigger and all conf...

Страница 2761: ...This command manually activates a trigger without the normal trigger conditions being met The trigger is activated even if it is configured as inactive The scripts associated with the trigger will be...

Страница 2762: ...onfig trigger 5 node1 config trigger type atmf node leave Example 2 The following commands will configure trigger 5 to activate if an AMF node join event occurs on any node within the working set node...

Страница 2763: ...r This command returns the following display Display the triggers configured on each of the nodes in the AMF Network AMF Net 3 show running config trigger This command returns the following display no...

Страница 2764: ...4 7 1 x TRIGGER COMMANDS TYPE ATMF NODE Related Commands show trigger Node1 trigger 1 type periodic 2 script 1 atmf scp trigger 5 type atmf node leave description E mail on ATMF Exit script 1 email_me...

Страница 2765: ...Activity in the Triggers Feature Overview and Configuration Guide Examples To configure trigger 28 to be a CPU trigger that activates when CPU usage exceeds 80 use the following commands awplus confi...

Страница 2766: ...ne of these events occurs by using the any option Syntax type interface interface up down any Mode Trigger Configuration Example To configure trigger 19 to be an interface trigger that activates when...

Страница 2767: ...emory trigger that activates when memory usage exceeds 50 use the following commands awplus configure terminal awplus config trigger 12 awplus config trigger type memory 50 up To configure trigger 40...

Страница 2768: ...onfigured If you attempt to add more than 10 triggers the following error message is displayed For an example trigger configuration that uses the type periodic command see See Daily Statistics in the...

Страница 2769: ...or unreachable Syntax type ping poll 1 100 up down Mode Trigger Configuration Example To configure trigger 106 to activate when ping poll 12 detects that its target device is now unreachable use the...

Страница 2770: ...Overview This command configures a trigger that activates when your device is rebooted Syntax type reboot Mode Trigger Configuration Example To configure trigger 32 to activate when your device reboot...

Страница 2771: ...rrectly on the device that is connected downstream If the stack virtual mac command command is enabled the stack uses a virtual MAC address The stack will always use this MAC address and the new elect...

Страница 2772: ...er to occur when a stacking link is either activated or deactivated Syntax type stack link up down Mode Trigger Configuration Example To configure trigger 86 to activate when the stack link down event...

Страница 2773: ...re configured trigger to occur when the stack enters the fail over state Syntax type stack master fail Mode Trigger Configuration Example To configure trigger 86 to activate when stack master fail ove...

Страница 2774: ...ck Syntax type stack member join leave Mode Trigger Configuration Example To configure a pre configured trigger number 86 to activate when a new device joins the stack Note that the number 86 has no p...

Страница 2775: ...limit of 10 triggers of the type time and type periodic can be configured If you attempt to add more than 10 triggers the following error message is displayed Example To configure trigger 86 to activ...

Страница 2776: ...ut Mode Trigger Configuration Usage USB triggers cannot execute script files from a USB storage device Examples To configure trigger 1 to activate on the insertion of a USB storage device use the comm...

Страница 2777: ...Command Reference for x510 Series 2777 AlliedWare Plus Operating System Version 5 4 7 1 x TRIGGER COMMANDS UNDEBUG TRIGGER undebug trigger Overview This command applies the functionality of the no de...

Страница 2778: ...ommand output see the Getting Started with AlliedWare Plus Feature Overview and Configuration Guide Command List active ping polling on page 2780 clear ping poll on page 2781 critical interval on page...

Страница 2779: ...ng on page 2784 fail count on page 2785 ip ping polling on page 2786 length ping poll data on page 2787 normal interval on page 2788 ping poll on page 2789 sample size on page 2790 show counter ping p...

Страница 2780: ...lling is unreachable The no variant of this command disables a ping poll instance The polling instance no longer sends ICMP echo requests to the polled device This also resets all counters for this po...

Страница 2781: ...mand The device status changes to reachable once the device responses have reached the up count Syntax clear ping poll 1 100 all Mode Privileged Exec Examples To reset the ping poll instance 12 use th...

Страница 2782: ...f one second Syntax critical interval 1 65536 no critical interval Default The default is 1 second Mode Ping Polling Configuration Examples To set the critical interval to 2 seconds for the ping polli...

Страница 2783: ...or the specified ping poll Syntax debug ping poll 1 100 no debug ping poll 1 100 all Mode Privileged Exec Examples To enable debugging for ping poll instance 88 use the command awplus debug ping poll...

Страница 2784: ...ete the description set Syntax description description no description Mode Ping Polling Configuration Examples To add the text Primary Gateway to describe the ping poll instance 45 use the commands aw...

Страница 2785: ...The no variant of this command resets the fail count to the default Syntax fail count 1 100 no fail count Default The default is 5 Mode Ping Polling Configuration Examples To specify the number of pi...

Страница 2786: ...5 to poll the device with the IP address 192 168 0 1 use the commands awplus configure terminal awplus config ping poll 5 awplus config ping poll ip 192 168 0 1 To set ping poll instance 10 to poll t...

Страница 2787: ...dropping packets of the size you are interested in The no variant of this command resets the data bytes to the default of 32 bytes Syntax length 4 1500 no length Default The default is 32 Mode Ping Po...

Страница 2788: ...g Configuration Examples To specify a time period of 60 seconds between pings when the device is reachable for ping poll instance 45 use the commands awplus configure terminal awplus config ping poll...

Страница 2789: ...t the polling instance to poll It is not necessary to specify any further commands unless you want to change a command s default The no variant of this command deletes the specified ping poll Syntax p...

Страница 2790: ...at does not always reply to pings may be declared unreachable You cannot set this command s value lower than the fail count value The polling instance uses the number of pings specified by the up coun...

Страница 2791: ...ference for x510 Series 2791 AlliedWare Plus Operating System Version 5 4 7 1 x PING POLLING COMMANDS SAMPLE SIZE Related Commands critical interval fail count normal interval ping poll show ping poll...

Страница 2792: ...isplays the counters for the specified ping poll only If you do not specify a ping poll then this command displays counters for all ping polls Ping polling counters Ping poll 1 PingsSent 15 PingsFaile...

Страница 2793: ...ile the target device is in the Up state This is a cumulative counter for multiple occurrences of the Up state PingsFailedDownState Number of unanswered pings while the target device is in the Down st...

Страница 2794: ...e Displays polling instances based on whether the device they are polling is currently reachable or unreachable up Displays polling instance where the device state is reachable down Displays polling i...

Страница 2795: ...he polled device may be going down Critical Down The device is unreachable but the polling instance received a reply to the last ping packet so the polled device may be coming back up Destinatio n The...

Страница 2796: ...e is reachable Down The device is unreachable Critic a l Up The device is reachable but recently the polling instance has not received some ping replies so the polled device may be going down Critic a...

Страница 2797: ...f pings that must be unanswered within the total number of pings specified by the sample size command for the polling instance to consider the device unreachable This is set using the fail count comma...

Страница 2798: ...address no source ip Mode Ping Polling Configuration Examples To configure the ping polling instance 43 to use the source IP address 192 168 0 1 in ping packets use the commands awplus configure termi...

Страница 2799: ...mand Reference for x510 Series 2799 AlliedWare Plus Operating System Version 5 4 7 1 x PING POLLING COMMANDS SOURCE IP Related Commands description ping polling ip ping polling length ping poll data p...

Страница 2800: ...imeout 1 30 no timeout Default The default is 1 second Mode Ping Polling Configuration Examples To specify the timeout as 5 seconds for ping poll instance 43 use the commands awplus configure terminal...

Страница 2801: ...Ping Polling Configuration Examples To set the upcount to 5 consecutive pings for ping polling instance 45 use the commands awplus configure terminal awplus config ping poll 45 awplus config ping pol...

Страница 2802: ...nd Reference for x510 Series 2802 AlliedWare Plus Operating System Version 5 4 7 1 x PING POLLING COMMANDS UNDEBUG PING POLL undebug ping poll Overview This command applies the functionality of the no...

Страница 2803: ...page 2804 debug sflow agent on page 2805 sflow agent address on page 2806 sflow collector address on page 2808 sflow collector max datagram size on page 2810 sflow enable on page 2811 sflow max header...

Страница 2804: ...pling and or polling debug is disabled Mode Privileged Exec Examples To enable sFlow debug messagelogging for polling and sampling on port1 0 1 and port1 0 7 use the commands awplus debug sflow interf...

Страница 2805: ...o particular ports For example sending an sFlow datagram to the collector The no variant of this command applies the command default Syntax debug sflow agent no debug sflow agent Default The sFlow age...

Страница 2806: ...on or deletion of VLAN interfaces each of which will have its own specific IP address Note that sFlow is rendered inactive whenever the agent address is not set The no variant of this command applies...

Страница 2807: ...C613 50170 01 Rev B Command Reference for x510 Series 2807 AlliedWare Plus Operating System Version 5 4 7 1 x SFLOW COMMANDS SFLOW AGENT ADDRESS Related Commands show running config sflow show sflow...

Страница 2808: ...35 no sflow collector ip ipv6 port Default The collector address is 0 0 0 0 which renders sFlow inactive and the UDP port is 6343 Mode Global Configuration Examples To set the sFlow collector address...

Страница 2809: ...mand awplus configure terminal awplus config sflow collector ipv6 2001 0db8 1 To remove the sFlow collector IPv6 address and leave the UDP port unchanged use the command awplus configure terminal awpl...

Страница 2810: ...resets the maximum datagram size to the default Syntax sflow collector max datagram size 200 1500 no sflow collector max datagram size Default 1400 bytes Mode Global Configuration Example To set the...

Страница 2811: ...ional status to active To activate sFlow the following conditions need to be met sFlow is enabled The sFlow agent address is set The sFlow collector address is set to a valid non zero IPv4 or IPv6 add...

Страница 2812: ...ult Syntax sflow max header size 14 200 no sflow max header size Default The max header size is 128 bytes Mode Interface Configuration Usage The header size is measured from the first byte of the Ethe...

Страница 2813: ...this command will be included in the sFlow packet samples For example with the default of 128 applied up to 128 82 46 bytes of user data could be included in the sFlow datagram samples sent between t...

Страница 2814: ...nd The no variant of this command applies the default Syntax sflow polling interval 0 1 16777215 no sflow polling interval Default The polling interval is 0 polling disabled Mode Interface Configurati...

Страница 2815: ...eceived i e one in every 1000 frames sent from the specified port A value of 0 disables sampling on the specified port s The no variant of this command applies the default Syntax sflow sampling rate 0...

Страница 2816: ...nd awplus show debugging sflow interface port1 0 1 1 0 9 Output Figure 65 1 Sample obtained for an sFlow agent To display sFlow debug settings for all ports use the command awplus show debugging sflow...

Страница 2817: ...50170 01 Rev B Command Reference for x510 Series 2817 AlliedWare Plus Operating System Version 5 4 7 1 x SFLOW COMMANDS SHOW DEBUGGING SFLOW Related Commands show running config sflow show sflow inter...

Страница 2818: ...w running config sflow Mode Privileged Exec and Global Configuration Example To display the sFlow running configuration information use the command awplus show running config sflow Output Figure 65 2...

Страница 2819: ...0 Collector UDP Port 6343 6343 Tx Max Datagram Size 1200 1400 sFlow Agent Status Polling sampling Tx Inactive because sFlow is disabled Agent Addr is not set Collector Addr is 0 0 0 0 Polling samplin...

Страница 2820: ...unning config sflow show sflow interface Tx Max Datagram Size The maximum size of the sFlow datagrams sent to the collector Polling sampling Tx Whether sFlow sampling and or polling and hence sFlow da...

Страница 2821: ...ystem Version 5 4 7 1 x SFLOW COMMANDS SHOW SFLOW INTERFACE show sflow interface Overview This command displays sFlow agent sampling and polling configuration for specified ports Syntax show sflow int...

Страница 2822: ...mand Reference for x510 Series 2822 AlliedWare Plus Operating System Version 5 4 7 1 x SFLOW COMMANDS UNDEBUG SFLOW undebug sflow Overview This command applies the functionality of the no variant of t...

Результаты поиска

Содержание x510-28GPX

Отзывы:

Похожие инструкции для x510-28GPX

Бренды по названию

Популярные бренды

Allied Telesis x510-28GPX, Справочник по командам

Результаты поиска

Содержание x510-28GPX

Отзывы:

Похожие инструкции для x510-28GPX

Бренды по названию

Популярные бренды