D-Link DGS-1510 Series Скачать руководство пользователя | Manualshive

Страница: 225 / 711

background image

DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide

222

interfaces from a previous range. No space is allowed before and
after the comma.

-

(Optional) Specifies a range of interfaces. No space is allowed
before and after the hyphen.

static

(Optional) Specifies to drop the packet if the IP-to-Ethernet MAC
binding pair is not permitted by the ARP ACL.

Default

None.

Command Mode

Global Configuration Mode.

Command Default Level

Level: 12.

Usage Guideline

Use this command to specify an ARP access list to be used for ARP inspection checks for the VLAN.
Up to one access list can be specified for a VLAN.

The dynamic ARP inspection checks the ARP packets received on the VLAN to verify that the binding
pair of the source IP and source MAC address of the packet is valid. The validation process will match
the address binding against the entries of the DHCP snooping database. If the command is
configured, the validation process will match the address binding against the access list entries and
the DHCP snooping database.

ARP ACLs take precedence over entries in the DHCP snooping binding database. If the packet is
explicitly denied by the access control list, the packet is dropped. If the packet is denied due to the
implicit deny, the packet will be further matched against the DHCP snooping binding entries if the
keyword “static” is not specified. The implicit denied packet is dropped if the keyword “static” is
specified.

Example

This example shows how to apply the ARP ACL static ARP list to VLAN 10 for DAI.

Switch# configure terminal
Switch(config)# ip arp inspection filter static-arp-list vlan 10
Switch(config)#

26-5 ip arp inspection limit

This command is used to limit the rate of incoming ARP requests and responses on an interface. Use
the

no

form of this command to revert to the default settings.

ip arp inspection limit {rate

VALUE

[burst interval

SECONDS

] | none}

no ip arp inspection limit

Parameters

rate

VALUE

Specifies the maximum number of the ARP packets that can be
processed. The valid range is from 1 to 150 seconds.

burst interval

SECONDS

(Optional) Specifies the length of the burst duration of the ARP
packets that is allowed. The valid range is from 1 to 15. If not
specified, the default setting is one second.

none

Specifies that there is no limit on the ARP packet rate.

Default

«
...
223
224
225
226
227
...
»

Содержание DGS-1510 Series

Страница 1: ...1 0 ...

Страница 2: ...mands 170 19 DHCPv6 Client Commands 188 20 DHCPv6 Guard Commands 190 21 DHCPv6 Relay Commands 194 22 Digital Diagnostics Monitoring DDM Commands 199 23 D Link Discovery Protocol DDP Client Commands 208 24 Domain Name System DNS Commands 211 25 DoS Prevention Commands 216 26 Dynamic ARP Inspection Commands 220 27 Error Recovery Commands 233 28 Ethernet Ring Protection Switching ERPS Commands 236 29...

Страница 3: ...oring RMON Commands 512 58 Router Advertisement RA Guard Commands 519 59 Safeguard Engine Commands 523 60 Secure Shell SSH Commands 530 61 Secure Sockets Layer SSL Commands 537 62 sFlow Commands 544 63 Simple Network Management Protocol SNMP Commands 550 64 Single IP Management SIM Commands 570 65 Spanning Tree Protocol STP Commands 580 66 Stacking Commands 592 67 Storm Control Commands 597 68 Sur...

Страница 4: ...b UI Reference Guide Conventions Convention Description Boldface Font Commands command options and keywords are printed in boldface Keywords in the command line are to be entered exactly as they are displayed UPPERCASE ITALICS Font Parameters or values that must be specified are printed in UPPERCASE ITALICS Parameters in the command line are to be replaced with the actual values that are desired t...

Страница 5: ...f necessary a detailed description of the command and its various utilization scenarios is given here Example s Each command is accompanied by a practical example of the command being issued in a suitable scenario Command Modes There are several command modes available in the command line interface CLI The set of commands available to the user depends on both the mode the user is currently in and ...

Страница 6: ... refer to the chapters relating to these functions The available command modes and privilege levels are described below Command Mode Privilege Level Purpose User EXEC Mode Basic User level This level has the lowest priority of the user accounts It is provided only to check basic system settings Privileged EXEC Mode Operator level For changing both local and global terminal settings monitoring and ...

Страница 7: ...he privileged EXEC mode In the following example the user is logged in as an Administrator in the Privileged EXEC Mode and uses the configure terminal command to access the Global Configuration Mode Switch configure terminal Switch config The exit command is used to exit the global configuration mode and return to the privileged EXEC mode Switch config exit Switch The procedures to enter the diffe...

Страница 8: ...level value of 15 to the user account admin The command line console allows us to access the console interface s Line Configuration Mode The command login local tell the Switch that users need to enter locally configured login credentials to access the console interface Save the running configuration to the start up configuration This means to save the changes made so that when the Switch is reboo...

Страница 9: ...ugged into the open module slot of the Switch The DGS 1510 Series does not support any open modules slots thus this parameters will always by zero for this switch series Lastly the Port s ID is the physical port number of the port being configured In summary the above example will configure the stacked switch with the ID of 1 with the open slot ID of 0 and the physical port number 1 Error Messages...

Страница 10: ... and the remainder of the text will be shifted to the right When off text can be inserted in the line and old text will automatically be replaced with the new text Return Scrolls down to display the next line or used to issue a command Space Scrolls down to display the next page ESC Escapes from the displaying page Display Result Output Modifiers Results displayed by show commands can be filtered ...

Страница 11: ... LEVEL START COMMAND LEVEL END LEVEL START LEVEL END ACCOUNT START ACCOUNT END LOGIN START LOGIN END end CLI BASIC CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All The example below shows how to use the include FILTER STRING parameter in a show command Switch show running config include DEVICE DEVICE Switch The example below shows how to use the exclude FILTER STRING parameter in a show ...

Страница 12: ... DEVICE Building configuration Current configuration 37933 bytes DGS 1510 28XMP Gigabit Ethernet SmartPro Switch Configuration Firmware Build 1 30 003 Copyright C 2015 D Link Corporation All rights reserved STACK end end configure terminal end AAA CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All ...

Страница 13: ...uestion mark at the system prompt To obtain a list of commands that begin with a particular character string enter the abbreviated command entry immediately followed by a question mark This form of help is called word help because it lists only the keywords or arguments that begin with the abbreviation entered To list the keywords and arguments associated with a command enter a question mark in pl...

Страница 14: ...ple shows how to use the word help to display all the Privileged EXEC Mode commands that begin with the letters re The letters entered before the question mark are reprinted on the next command line to allow the user to continue entering the command Switch re reboot rename renew reset Switch re The following example shows how to use the command syntax help to display the next argument of a partial...

Страница 15: ...d Switch 2 3 disable This command is used to downgrade to a level lower user level than the privileged level disable PRIVILEGE LEVEL Parameters PRIVILEGE LEVEL Specifies the privilege level to enter If not specified level 1 is used Default None Command Mode User EXEC Mode Privilege EXEC Mode Command Default Level Level 1 Usage Guideline Use this command to enter the privilege level which is lower ...

Страница 16: ... command is used to configure a login username login Parameters None Default None Command Mode User EXEC Mode Privileged EXEC Mode Command Default Level Level 1 Usage Guideline Use this command to change the login account Three attempts are allowed to login to the Switch s interface When using Telnet if all attempts fail access will return to the command prompt If no information is entered within ...

Страница 17: ... will be closed When the username and password option is selected enter the username and password configured by the username command For SSH access there are three authentication types SSH public key Host based authentication and Password authentication The SSH public key and host based authentication types are independent from the login command in the line mode If the authentication type is passw...

Страница 18: ... a username useraccount with the password of pass123 and use Privilege 12 Switch configure terminal Switch config username useraccount privilege 12 password 0 pass123 Switch config This example shows how to configure the login method as login local Switch configure terminal Switch config line console Switch config line login local Switch config line 2 7 logout This command is used to close an acti...

Страница 19: ...cess to the highest mode in the CLI hierarchy regardless of what configuration mode or configuration sub mode currently located at Example This example shows how to end the Interface Configuration Mode and go back to the Privileged EXEC Mode Switch configure terminal Switch config interface eth1 0 1 Switch config if end Switch 2 9 exit This command is used to end the configuration mode and go back...

Страница 20: ...e or Any Configuration Mode Command Default Level Level 1 Usage Guideline Commands entered are recorded by the system A recorded command can be recalled by pressing CTRL P or the Up Arrow key which will recall previous commands in sequence The history buffer size is fixed at 20 commands The function key instructions below displays how to navigate the command in the history buffer CTRL P or the Up ...

Страница 21: ...nd Default Level Level 1 Usage Guideline If the type is not specified all types of environment information will be displayed Example This example shows how to display fan temperature power availability and status information Switch show environment Detail Temperature Status Unit Temperature Descr ID Current Threshold Range 1 Central Temperature 1 27C 11 79C Status code temperature is out of thresh...

Страница 22: ...rmation about the system modules If no option is specified then all of units information will be displayed Example This example shows how to display the information about units on a system Switch show unit Unit Model Descr Model Name 1 No module description DGS 1510 28P Unit Serial Number Status Up Time 1 ok 0DT6H32M18S Unit Memory Total Used Free 1 DRAM 131072 K 66567 K 64505 K 1 FLASH 29937 K 77...

Страница 23: ... display the information about CPU utilization Switch show cpu utilization CPU Utilization Five seconds 8 One minute 7 Five minutes 7 Switch 2 14 show version This command is used to display the Switch s software version information show version Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays version ...

Страница 24: ...al Specifies to enable the temperature trap state for warning temperature event temperature exceeds the thresholds or temperature recover Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to configure the environment temperature threshold which corresponds to the normal range of the temperature defined for the sensor The low thr...

Страница 25: ...vel Level 12 Usage Guideline This command is used to configure the environment temperature threshold which corresponds to the normal range of the temperature defined for the sensor The low threshold must be smaller than the high threshold The configured range must fall within the operational range which corresponds to the minimum and maximum allowed temperatures defined for the sensor When the con...

Страница 26: ...more than one command begins with the command string specified all of the commands starting with that command string will be changed to the specified command level Example This example shows how to configure the configure terminal command string as a level 1 command Switch configure terminal Switch config privilege exec level 1 configure terminal Switch config 2 18 show privilege This command is u...

Страница 27: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 24 ...

Страница 28: ...wed before and after the comma Optional Specifies a range of interfaces No space is allowed before and after the hyphen Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline This command is used to clear 802 1X counters diagnostics statistics and session statistics Example This example shows how to clear 802 1X counters diagnostics statistics and session sta...

Страница 29: ...traffic is blocked before authentication If the control direction is set to in then in addition to receiving and transmitting EAPOL packets the port can transmit user traffic but not receive user traffic before authentication Example This example shows how to configure the controlled direction of the traffic through Ethernet eth1 0 1 as unidirectional Switch configure terminal Switch config interf...

Страница 30: ...t to the force unauthorized state Default By default this option is set as auto Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command takes effect only when IEEE 802 1X PAE authenticator is globally enabled by the dot1x system auth control command and is enabled for a specific port by using the dot1x PAE authenticator This command is only available f...

Страница 31: ...e VLAN setting Example This example shows how to configure the forwarding of the dot1x PDU Switch configure terminal Switch config interface eth1 0 1 Switch config if dot1x forward pdu Switch config if 3 6 dot1x initialize This command is used to initialize the authenticator state machine on a specific port or associated with a specific MAC address dot1x initialize interface INTERFACE ID mac addre...

Страница 32: ...Use the no form of this command to revert to the default setting dot1x max req TIMES no dot1x max req Parameters TIMES Specifies the number of times that the Switch retransmits an EAP frame to the supplicant before restarting the authentication process The range is 1 to 10 Default By default this value is 2 Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline Th...

Страница 33: ...2 1X user based on the method list configured by the aaa authentication dot1x default command Example This example shows how to configure Ethernet port 1 0 1 as an IEEE 802 1X PAE authenticator Switch configure terminal Switch config interface eth1 0 1 Switch config if dot1x pae authenticator Switch config if This example shows how to disable IEEE 802 1X authentication on Ethernet port 1 0 1 Switc...

Страница 34: ...tication on a switch Use the no form of this command to disable IEEE 802 1X authentication function dot1x system auth control no dot1x system auth control Parameters None Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The 802 1X authentication function restricts unauthorized hosts from accessing the network Use the d...

Страница 35: ... to 65535 tx period SECONDS Specifies the number of seconds that the Switch will wait for a response to an EAP Request Identity frame from the supplicant before retransmitting the request The range is 1 to 65535 Default The server timeout is 30 seconds The supp timeout is 30 seconds The tx period is 30 seconds Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline...

Страница 36: ...figuration or interface configuration If the configuration command is entered without parameters the global configuration will be displayed Otherwise the configuration on the specified interface will be displayed Example This example shows how to display the dot1X global configuration Switch show dot1x 802 1X Enabled Trap State Enabled Switch This example shows how to display the dot1X configurati...

Страница 37: ...l interfaces Otherwise the diagnostics on the specified interface will be displayed Example This example shows how to display the dot1X diagnostics on Ethernet port 1 0 1 Switch show dot1x diagnostics interface eth1 0 1 eth1 0 1 dot1x diagnostic information are following EntersConnecting 20 EAP LogoffsWhileConnecting 0 EntersAuthenticating 0 SuccessesWhileAuthenticating 0 TimeoutsWhileAuthenticati...

Страница 38: ...to display 802 1X statistics Using this command without parameters will display information about all interfaces Otherwise the statistics on the specified interface will be displayed Example This example shows how to display dot1X statistics on Ethernet port 1 0 1 Switch show dot1x statistics interface eth1 0 1 eth1 0 1 dot1x statistics information EAPOL Frames RX 1 EAPOL Frames TX 4 EAPOL Start F...

Страница 39: ...ion statistics Using this command without parameters will display information about all interfaces Otherwise the session statistics on the specified interface will be displayed Example This example shows how to display dot1X session statistics on Ethernet port 1 0 1 Switch show dot1x session statistics interface eth1 0 1 eth6 0 1 session statistic counters are following SessionOctetsRX 0 SessionOc...

Страница 40: ...Configuration Mode Command Default Level Level 12 Usage Guideline This command can be used to enable or disable sending SNMP notifications for 802 1X authentication Example This example shows how to enable sending trap for 802 1X authentication Switch configure terminal Switch config snmp server enable traps dot1x Switch config ...

Страница 41: ... of valid values is from 1 to 32 Default The default start sequence number is 10 The default increment is 10 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This feature allows the user to re sequence the entries of a specified access list with an initial sequence number determined by the STARTING SEQUENCE NUMBER parameter and continuing in the increments dete...

Страница 42: ... 0 0 3 permit tcp any 10 20 0 0 255 255 0 0 5 permit tcp any host 10 100 1 2 7 permit icmp any any Switch config 4 2 acl hardware counter This command is used to enable the ACL hardware counter of the specified access list name for access group functions or access map for the VLAN filter function Use the no form of this command to disable the ACL hardware counter function acl hardware counter acce...

Страница 43: ...ration mode Use the no form of this command to revert to the default setting action forward drop redirect INTERFACE ID no action Parameters forward Specifies to forward the packet when matched drop Specifies to drop the packet when matched redirect INTERFACE ID Specifies the interface ID for the redirection action Only physical ports are allowed to be specified Default By default the action is for...

Страница 44: ...up ACCESS LIST NAME Specifies the name of the access list to be cleared access group ACCESS LIST NUMBER Specifies the number of the access list to be configured vlan filter ACCESS MAP NAME Specifies the name of the access map to be cleared Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline If no access list name or number is specified with the parameter a...

Страница 45: ...applied to the same interface Example This example shows how to apply an expert ACL to an interface The purpose is to apply the ACL exp_acl on the Ethernet port 1 0 2 to filter the incoming packets Switch configure terminal Switch config interface eth1 0 2 Switch config if expert access group exp_acl in Switch config if end Switch show access group interface eth1 0 2 eth1 0 2 Inbound expert access...

Страница 46: ...onfig exp nacl end Switch show access list Access List Name Type exp_acl ID 8999 expert ext acl Total Entries 1 Switch 4 7 ip access group This command is used to specify the IP access list to be applied to an interface Use the no form of this command to remove an IP access list ip access group NAME NUMBER in no ip access group NAME NUMBER in Parameters NAME Specifies the name of the IP access lis...

Страница 47: ...ip access list This command is used to create or modify an IP access list This command will enter into the IP access list configuration mode Use the no form of this command to remove an IP access list ip access list extended NAME NUMBER no ip access list extended NAME NUMBER Parameters extended Optional Specifies that without this option the IP access list is a standard IP access list When using t...

Страница 48: ...erface Configuration Mode Command Default Level Level 12 Usage Guideline Only one access list of the same type can be applied to the same interface but access lists of different types can be applied to the same interface The association of an access group with an interface will consume the filtering entry resource in the switch controller If the resource is insufficient to commit the command then ...

Страница 49: ...and Default Level Level 12 Usage Guideline The name must be unique among all access lists The characters used in the name are case sensitive If the access list number is not specified the biggest unused number in the range of the IPv6 access list numbers will be assigned automatically Example This example shows how to configure an IPv6 extended access list named ip6 control Switch configure termin...

Страница 50: ...g ip ext acl end Switch show access list ip Extended IP access list R D ID 3999 10 permit host 10 2 2 1 any This access list is used to match any IP packets from the host 10 2 2 1 Switch 4 12 mac access group This command is used to specify a MAC access list to be applied to an interface Use the no form of this command to remove the access group control from the interface mac access group NAME NUM...

Страница 51: ...te or modify an MAC access list and this command will enter the MAC access list configuration mode Use the no form of this command to delete a MAC access list mac access list extended NAME NUMBER no mac access list extended NAME NUMBER Parameters NAME Specifies the name of the MAC access list to be configured The maximum length is 32 characters NUMBER Specifies the ID number of the MAC access list...

Страница 52: ...figured sub map One sub map can only be associated with one access list IP access list IPv6 access list or MAC access list IP sub map just checks IP packets The newer command overwrites the previous setting Example This example shows how to configure the match content in the sub map Switch configure terminal Switch config vlan access map vlan map 20 Switch config access map match ip address sp1 Sw...

Страница 53: ...for the configured sub maps The no form of this command removes the match entry match mac address ACL NAME ACL NUMBER no match mac address Parameters ACL NAME Specifies the name of the ACL MAC access list to be configured The name can be up to 32 characters ACL NUMBER Specifies the number of the ACL MAC access list to be configured Default None Command Mode VLAN Access map Sub map Configuration Mo...

Страница 54: ...BER permit deny icmp SRC IP ADDR SRC IP WILDCARD host SRC IP ADDR any SRC MAC ADDR SRC MAC WILDCARD host SRC MAC ADDR any DST IP ADDR DST IP WILDCARD host DST IP ADDR any DST MAC ADDR DST MAC WILDCARD host DST MAC ADDR any ICMP TYPE ICMP CODE ICMP MESSAGE cos OUTER COS vlan OUTER VLAN precedence PRECEDENCE tos TOS dscp DSCP time range PROFILE NAME no SEQUENCE NUMBER Parameters SEQUENCE NUMBER Spec...

Страница 55: ...port number eq PORT Optional Specifies to match if equal to the specified port number neq PORT Optional Specifies to match if not equal to the specified port number range MIN PORT MAX PORT Optional Specifies to match if fall within the range of ports TCP FLAG Optional Specifies the TCP flag fields and the specified TCP header bits called ack acknowledge fin finish psh push rst reset syn synchroniz...

Страница 56: ...9 8272 any any Switch config exp nacl end Switch show access lists Extended Expert access list exp_acl ID 9999 10 deny tcp host 192 168 4 12 host 0013 0049 8272 any any Switch 4 18 permit deny ip access list This command is used to add a permit or a deny entry Use the no form of this command to remove an entry Extended Access List SEQUENCE NUMBER permit deny tcp any host SRC IP ADDR SRC IP ADDR SR...

Страница 57: ...wing DSCP name af11 001010 af12 001100 af13 001110 af21 010010 af22 010100 af23 010110 af31 011010 af32 011100 af33 011110 af41 100010 af42 100100 af43 100110 cs1 001000 cs2 010000 cs3 011000 cs4 100000 cs5 101000 cs6 110000 cs7 111000 default 000000 ef 101110 tos TOS Optional Specifies that packets can be filtered by type of service level as specified by a number from 0 to 15 lt PORT Optional Spe...

Страница 58: ...command access list sequence to change the start sequence number and increment number for the specified access list After the command is applied the new rule without specified sequence number will be assigned sequence based new sequence setting of the specified access list When you manually assign the sequence number it is better to have a reserved interval for future lower sequence number entries...

Страница 59: ...NGTH any host DST IPV6 ADDR DST IPV6 ADDR PREFIX LENGTH ICMP TYPE ICMP CODE ICMP MESSAGE dscp VALUE flow label FLOW LABEL time range PROFILE NAME SEQUENCE NUMBER permit deny esp pcp sctp protocol id PROTOCOL ID any host SRC IPV6 ADDR SRC IPV6 ADDR PREFIX LENGTH any host DST IPV6 ADDR DST IPV6 ADDR PREFIX LENGTH fragments dscp VALUE flow label FLOW LABEL time range PROFILE NAME SEQUENCE NUMBER perm...

Страница 60: ...achable echo reply echo request erroneous_header hop limit multicast listener query multicast listener done multicast listener report nd na nd ns next header no admin no route packet too big parameter option parameter problem port unreachable reassembly timeout redirect renum command renum result renum seq number router advertisement router renumbering router solicitation time exceeded unreachable...

Страница 61: ...control These entries are permit IP packets destined to network ff02 0 2 16 and permit IP packets destined to host ff02 1 2 Switch configure terminal Switch config ipv6 access list ipv6 std control Switch config ipv6 acl permit any ff02 0 2 16 Switch config ipv6 acl permit any host ff02 1 2 Switch config ipv6 acl 4 20 permit deny mac access list This command is used to define the rule for packets ...

Страница 62: ...e to change the start sequence number and increment number for the specified access list After the command is applied the new rule without specified sequence number will be assigned sequence based new sequence setting of the specified access list When you manually assign the sequence number it is better to have a reserved interval for future lower sequence number entries Otherwise it will create e...

Страница 63: ...ss list configuration information show access list ip NAME NUMBER mac NAME NUMBER ipv6 NAME NUMBER expert NAME NUMBER arp NAME Parameters ip Optional Specifies to display a listing of all IP access lists mac Optional Specifies to display a listing of all MAC access lists ipv6 Optional Specifies to display a listing of all IPv6 access lists expert Optional Specifies to display a listing of all expe...

Страница 64: ...R D Switch show access list ip R D IP access list R D ID 3996 10 permit tcp any 10 20 0 0 0 0 255 255 20 permit tcp any host 10 100 1 2 30 permit icmp any any Switch This example shows how to display the content for the access list if its hardware counter is enabled Switch show access list ip simple ip acl IP access list simple ip acl ID 3994 10 permit tcp any 10 20 0 0 0 0 255 255 Ing 12410 packe...

Страница 65: ...map 10 match ip access list stp_ip1 ID 1888 action forward VLAN access map vlan map 20 match mac access list ext_mac ID 6995 action redirect eth1 0 5 Switch This example shows how to display the contents of the VLAN access map if its hardware counter is enabled Switch show vlan access map VLAN access map vlan map 10 match ip access list stp_ip1 ID 1888 action forward Counter enable on VLAN s 1 2 m...

Страница 66: ...play VLAN filter information Switch show vlan filter VLAN Map aa Configured on VLANs 5 127 221 333 VLAN Map bb Configured on VLANs 1111 1222 Switch Switch show vlan filter vlan 5 VLAN ID 5 VLAN Access Map aa Switch 4 25 vlan access map This command is used to create a sub map of a VLAN access map and enter the VLAN access map sub map configure mode The no form of this command used to delete an acc...

Страница 67: ...ck against the next sub maps is done If the packet does not match a sub map then the next sub map will be checked Using the no form of this command without specify sequence numbers will delete all sub map information of the specified access map Example This example shows how to create a VLAN access map Switch configure terminal Switch config vlan access map vlan map 20 Switch config access map 4 2...

Страница 68: ...it Ethernet SmartPro Switch CLI Reference Guide 65 Switch configure terminal Switch config vlan filter vlan map vlan list 5 Switch config access map end Switch show vlan filter VLAN Map vlan map Configured on VLANs 5 Switch ...

Страница 69: ...ss lists are already applied an attempt to apply a new access list will be rejected until an applied access list is removed by the no form of this command Example This example shows how a standard IP access list is created and is specified as the access list to restrict access via Telnet Only the host 226 1 1 1 is allowed to access the server Switch configure terminal Switch config ip access list ...

Страница 70: ...nal Switch config prompt BRANCH sA BRANCH A config This example shows how to set the command prompt back to the default setting BRANCH A configure terminal BRANCH A config no prompt Switch config 5 3 enable password This command is used to setup enable password to enter different privileged levels Use the no form of this command to return the password to the empty string enable password level PRIV...

Страница 71: ...act password for a specific level needs to be used to enter the privilege level Each level has only one password to enter the level Example This example shows how to create an enable password at the privilege level 15 of MyEnablePassword Switch configure terminal Switch config enable password MyEnablePassword Switch disable Switch enable Password Switch show privilege Current privilege level is 15...

Страница 72: ... you have already declared an SSL service policy using the ssl service policy command When no keyword is specified a built in local certificate will be used for HTTPS Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command enables the HTTPS server function and uses the specified SSL service policy for HTTPS Examp...

Страница 73: ...ess the HTTP server Only the host 226 1 1 1 is allowed to access the server Switch configure terminal Switch config ip access list http filter Switch config ip acl permit 226 1 1 1 255 255 255 255 Switch config ip acl exit Switch config ip http access class http filter Switch config 5 7 ip http service port This command is used to specify the HTTP service port Use the no form of this command to re...

Страница 74: ...he idle timeout value This value is between 60 and 36000 Default By default this value is 180 seconds Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is use to configure the idle timeout value of a http server connection in seconds Example This example shows how to configure the idle timeout value to 100 seconds Switch configure terminal Switch co...

Страница 75: ...to revert to the default setting ip telnet service port TCP PORT no ip telnet service port Parameters TCP PORT Specifies the TCP port number TCP ports are numbered between 1 and 65535 The well known TCP port for the TELNET protocol is 23 Default By default this value is 23 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command configures the TCP port num...

Страница 76: ...s class vty filter Switch config line 5 12 service password encryption This command is used to enable the encryption of the password before stored in the configuration file Use the no form of this command to disable the encryption service password encryption 7 15 no service password encryption Parameters 7 Specifies the password in the encrypted form based on SHA 1 15 Specifies the password in the...

Страница 77: ...word before stored in the configuration file Switch configure terminal Switch config service password encryption Switch config 5 13 show terminal This command is used to obtain information about the terminal configuration parameter settings for the current terminal line Use this command in any EXEC mode or any configuration mode show terminal Parameters None Default None Command Mode EXEC Mode or ...

Страница 78: ...et server status Example This example shows how to display information about the Telnet server status Switch show ip telnet server Server State Enabled Switch 5 15 show ip http server This command is used to obtain information about the http server status Use this command in EXEC mode or any configuration mode show ip http server Parameters None Default By default the state is enabled Command Mode...

Страница 79: ...t the state is disabled Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display information about the SSL status Example This example shows how to display information about the SSL status Switch show ip http secure server ip http secure server state disable Switch 5 17 show users This command is used to display information about th...

Страница 80: ... the Telnet client function and can be used to communicate with another device using the Telnet feature The Telnet software supports special Telnet commands in the form of Telnet sequences that map generic terminal control functions to operating system specific functions To issue a special Telnet command enter the escape sequence and then a command character The default escape sequence is CTRL _ p...

Страница 81: ...ation Username 5 19 terminal length The command is used to configure the number of lines displayed on the screen The terminal length command will only affect the current session The terminal length default command will set the default value but it doesn t affect the current session The newly created saved session terminal length will use the default value Use the no form of this command to revert ...

Страница 82: ...ture and causes the entire output to display at once Unless the default keyword is used a change to the terminal length value applies only to the current session When using the no form of this command the number of lines in the terminal display screen is reset to 24 The terminal length default command is available in the global configuration mode The command setting does not affect the current exi...

Страница 83: ... timeout for auto logout sessions established by the line that is being configured Example This example shows how to configure the console session to never timeout Switch configure terminal Switch config line console Switch config line session timeout 0 Switch config line 5 22 terminal width The command is used to set the number of character columns on the terminal screen for the current session l...

Страница 84: ...ommand is available in the global configuration mode The command setting does not affect the current existing terminal sessions but affect the new terminal sessions that are activated later and just the global terminal width value can be saved However for remote CLI session access such as Telnet the auto negotiation terminal width result will take precedence over the default setting if the negotia...

Страница 85: ...me is admin password is admin and the privilege level is 15 Command Mode Global Configuration Mode Command Default Level Level 15 Usage Guideline This command creates user accounts with different access levels When the user login with Level 1 the user will be in the User EXEC Mode The user needs to further use the enable command to enter the Privileged EXEC Mode When the user login with a Level hi...

Страница 86: ...It is case sensitive The password is encrypted If the password syntax is not specified the syntax is plain text 15 Specifies the encrypted password based on MD5 The password length is fixed at 31 bytes It is case sensitive The password is encrypted If the password syntax is not specified the syntax is plain text PASSWORD Specifies the password for the user Default None Command Mode Line Configurat...

Страница 87: ...he line ID to disconnect a connection session The value is from 1 to 22 Default None Command Mode Privilege EXEC Mode Command Default Level Level 15 Usage Guideline This command is used to disconnect an active session on the switch Example This example shows how to disconnect the line session 2 Switch clear line 1 Switch ...

Страница 88: ...evious range No space before and after the comma Optional Specifies a range of interfaces No space before and after the hyphen Default By default no entries exist Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to configure the ARP spoofing prevention ASP entry to prevent spoofing of the MAC address of the protected gateway When an entry i...

Страница 89: ...spoofing prevention show ip arp spoofing prevention Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display all ARP spoofing prevention entries Example This example shows how to display all ARP spoofing prevention entries Switch show ip arp spoofing prevention IP MAC Interfaces 10 254 254 251 00 00 00 1...

Страница 90: ...ic vlan no asymmetric vlan Parameters None Default By default this feature is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to enable or disable the asymmetric VLAN function Example This example shows how to enable asymmetric VLAN Switch configure terminal Switch config asymmetric vlan This example shows how to disable asymmetric VL...

Страница 91: ...s in the given sequence Enter at least one method or enter up to four methods The following are keywords that can be used to specify a method group tacacs Specifies to use the servers defined by the TACACS server host command group GROUP NAME Specifies to use the server groups defined by the aaa group server tacacs command none Specifies no to perform accounting Default No AAA accounting method is...

Страница 92: ... not to perform accounting Default No AAA accounting method is configured Command Mode Global Configuration Mode Command Default Level Level 15 Usage Guideline Use this command to configure the method list for EXEC accounting Example This example shows how to create a method list for accounting of user activities using RADIUS which will send accounting messages at the start and end time of access ...

Страница 93: ...lt method list to take effect enable AAA first by using the aaa new model command The accounting system is disabled if the default method list is not configured Example This example shows how to enable accounting of the network access fees using RADIUS and sends the accounting messages at the start and end time of access Switch configure terminal Switch config aaa accounting network default start ...

Страница 94: ... to enable accounting of the system events using RADIUS and sends the accounting messages while system event occurs Switch configure terminal Switch config aaa accounting system default start stop group radius Switch config 8 5 aaa authentication enable This command is used to configure the default method list used for determining access to the privileged EXEC level Use the no form of this command...

Страница 95: ...p2 Switch config 8 6 aaa authentication dot1x This command is used to configure the default method list used for 802 1X authentication Use the no form of this command to remove the default method list aaa authentication dot1x default METHOD1 METHOD2 no aaa authentication dot1x default Parameters METHOD1 METHOD2 Specifies the list of methods that the authentication algorithm tries in the given sequ...

Страница 96: ...e list of methods that the authentication algorithm tries in the given sequence Enter at least one method or enter up to four methods The following are keywords that can be used to specify a method local Specifies to use the local database for authentication group radius Specifies to use the servers defined by the RADIUS server host command group GROUP NAME Specifies to use the server groups defin...

Страница 97: ...fies to use the server groups defined by the AAA group server command none Normally the method is listed as the last method The user will pass authentication if it is not denied by previous method s authentication Default No AAA authentication method list is configured Command Mode Global Configuration Mode Command Default Level Level 15 Usage Guideline Use this command to configure the authentica...

Страница 98: ...ove the default method list aaa authentication mac auth default METHOD1 METHOD2 no aaa authentication mac auth default Parameters METHOD1 METHOD2 Specifies the list of methods that the authentication algorithm tries in the given sequence Enter at least one method or enter up to four methods The following are keywords that can be used to specify a method local Specifies to use the local database fo...

Страница 99: ...roup GROUP NAME Specifies to use the server groups defined by the AAA group server none Normally the method is listed as the last method The user will pass authentication if it is not denied by previous method authentication Default No AAA authentication method is configured Command Mode Global Configuration Mode Command Default Level Level 15 Usage Guideline Use this command to configure the defa...

Страница 100: ...erver hosts with the RADIUS server group Example This example shows how to create a RADIUS server group with two entries The second host entry acts as backup to the first entry Switch configure terminal Switch config aaa group server radius group1 Switch config sg radius server 172 19 10 100 Switch config sg radius server 172 19 11 20 Switch config sg radius exit Switch config 8 12 aaa group serve...

Страница 101: ...for the authentication or accounting function Use the no form of this command to disable the AAA function aaa new model no aaa new model Parameters None Default By default this feature is disabled Command Mode Global Configuration Mode Command Default Level Level 15 Usage Guideline Use this command to enable AAA before the authentication and accounting via the AAA method lists take effect If AAA i...

Страница 102: ...mand does not take effect The user can specify different method lists to account commands at different levels A level can only have one method list specified Example This example shows how to enable the command accounting level 15 configure command issued via the console using the accounting method list named cmd 15 on the console Switch configure terminal Switch config aaa accounting commands 15 ...

Страница 103: ...rvers This command is used to clear the authentication and accounting AAA server statistic counters clear aaa counters servers all radius IP ADDRESS IPV6 ADDRESS all tacacs IP ADDRESS IPV6 ADDRESS all sg NAME Parameters all Specifies to clear server counter information related to all server hosts radius IP ADDRESS Specifies to clear server counter information related to a RADIUS IPv4 host radius I...

Страница 104: ...ate based on the default method list METHOD LIST Specifies the name of the method list to use Default By default this default option is used Command Mode Global Configuration Mode Command Default Level Level 15 Usage Guideline For authentication via the method list to take effect enable AAA first by using the aaa new model command Create the method list first by using the aaa authentication login ...

Страница 105: ... This example shows how to specify that the method configured for AAA should be used for accounting for HTTP server users The AAA accounting method is configured as the RADIUS accounting method Switch configure terminal Switch config aaa accounting exec list 1 start stop group radius Switch config ip http accounting exec list 1 Switch config 8 19 login authentication This command is used to config...

Страница 106: ...of the time to skip the unresponsive server Use the no form of this command to revert to the default setting radius server deadtime MINUTES no radius server deadtime Parameters MINUTES Specifies the dead time The valid range is 0 to 1440 24 hours When the setting is 0 the unresponsive server will not be marked as dead Default By default this value is 0 Command Mode Global Configuration Mode Comman...

Страница 107: ...he server time out value The range of timeout is between 1 and 255 seconds If not specified the default value is 5 seconds retransmit COUNT Optional Specifies the retransmit times of requests to the server when no response is received The value is from 0 to 20 Use 0 to disable the retransmission If not specified the default value is 2 0 Optional Specifies the password in clear text form This is th...

Страница 108: ...ntication or accounting via the AAA authentication and AAA accounting command Use the radius server host command to create a server host entry A host entry is identified by IP Address Example This example shows how to create two RADIUS server hosts with the different IP addresses A server group is then created with the two server hosts Switch configure terminal Switch config radius server host 172...

Страница 109: ...he tacacs server host command to create a server host entry A host entry is identified by the IP Address Example This example shows how to create two TACACS server hosts A server group is then created with the two server hosts Switch configure terminal Switch config tacacs server host 172 19 10 100 port 1500 timeout 8 key ABCDE Switch config tacacs server host 172 19 122 3 port 1600 timeout 3 key ...

Страница 110: ...ime out value This value must be between 1 and 255 seconds The default value is 5 seconds 0 Optional Specifies the password in the clear text form This is the default option 7 Optional Specifies the password in the encrypted form key KEY STRING Specifies the key used to communicate with the server The key can be from 1 to 254 clear text characters Default No TACACS server host is configured Comman...

Страница 111: ...ip Time 10 10 Access Requests 4 NA Access Accepts 0 NA Access Rejects 4 NA Access Challenges 0 NA Acct Request NA 3 Acct Response NA 3 Retransmissions 0 0 Malformed Responses 0 0 Bad Authenticators 0 0 Pending Requests 0 0 Timeouts 0 0 Unknown Types 0 0 Packets Dropped 0 0 Display Parameters Auth Statistics for authentication packets Acct Statistics for accounting packets Round Trip Time The time ...

Страница 112: ...cators or Signature attributes received from this server Pending Requests The number of RADIUS Request packets destined for this server that have not yet timed out or received a response This variable is incremented when a Request is sent and decremented due to receipt of a Response a timeout or retransmission Timeouts The number of timeouts to this server After a timeout the client may retry to t...

Страница 113: ...ets Sent 0 Total Packets Recv 0 Reference Count 0 Display Parameters TACACS Server IP address of the TACACS server Socket Opens Number of successful TCP socket connections to the TACACS server Socket Closes Number of successfully closed TCP socket attempts Total Packets Sent Number of packets sent to the TACACS server Total Packets Recv Number of packets received from the TACACS server Reference C...

Страница 114: ...l Level 12 Usage Guideline The ARP table keeps the network layer IP address to local data link MAC address association The association is kept so that the addresses will not have to be repeatedly resolved Use this command to add static ARP entries Example This example shows how to add a static ARP entry for a typical Ethernet host Switch configure terminal Switch config arp 10 31 7 19 0800 0900 18...

Страница 115: ...to clear the dynamic ARP entries from the table clear arp cache all interface INTERFACE ID IP ADDRESS Parameters all Specifies to clear the dynamic ARP cache entries associated with all interfaces INTERFACE ID Specifies the interface ID IP ADDRESS Specifies the IP address of the specified dynamic ARP cache entry that will be cleared Default None Command Mode Privileged EXEC Mode Command Default Le...

Страница 116: ...Usage Guideline The IPv4 address of an interface can be either manually assigned by the user or dynamically assigned by the DHCP server For manual assignment the user can assign multiple networks to a VLAN each with an IP address Among these multiple IP addresses one of them must be the primary IP address and the rest are secondary IP address The primary address will be used as the source IP addre...

Страница 117: ...gure terminal Switch config interface vlan100 Switch config if ip proxy arp Switch config if 9 6 ip local proxy arp This command is used to enable the local proxy ARP feature on an interface Use the no form of this command to revert to the default setting ip local proxy arp no ip local proxy arp Parameters None Default By default this option is disabled Command Mode Interface Configuration Mode Co...

Страница 118: ...ork INTERFACE ID Optional Specifies to display ARP entries that are associated with a specific network HARDWARE ADDRESS Optional Specifies to display ARP entries whose hardware address equal to this address Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Used to display a specific ARP entry all ARP entries dynamic entries or static entrie...

Страница 119: ...le This example shows how to display the ARP aging time Switch show arp timeout Interface Timeout minutes vlan1 60 Total Entries 1 Switch 9 9 show ip interface This command is used to display the IP interface information show ip interface INTERFACE ID brief Parameters INTERFACE ID Optional Specifies to display information for the specified IP interface brief Optional Specifies to display a summary...

Страница 120: ...ip interface brief Interface IP Address Link Status vlan1 10 90 90 90 up Total Entries 1 Switch This example shows how to display the IP interface information for VLAN 1 Switch show ip interface Interface vlan1 is enabled Link status is up IP Address is 10 90 90 90 8 Manual ARP timeout is 20 minutes Helper Address is not set Proxy ARP is disabled IP Local Proxy ARP is disabled gratuitous send is d...

Страница 121: ...neighbor cache entries Example This example shows how to clear IPv6 neighbor cache entries associated with interface VLAN 1 Switch enable Switch clear ipv6 neighbors vlan1 Switch 10 2 ipv6 address This command is used to manually configure an IPv6 addresses on the interface Use the no form of this command to delete a manually configured IPv6 address ipv6 address IPV6 ADDRESS PREFIX LENGTH IPV6 ADD...

Страница 122: ...6 address is configured on an interface IPv6 processing is enabled for the interface The prefix of the configured IPv6 address will automatically be advertised as prefix in the RA messages transmitted on the interface Example This example shows how to configure an IPv6 address Switch configure terminal Switch config interface vlan2 Switch config if ipv6 address 3ffe 22 33 44 55 64 This example sho...

Страница 123: ...filled in the Solicit message to request two messages handshake Default None Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to configure the interface to use DHCPv6 to get an IPv6 address When the no ipv6 address dhcp command is used the previous DHCPv6 obtained IP address will be removed If the rapid commit keyword is specified for the co...

Страница 124: ...processing on the interface Example This example shows how to enable IPv6 on interface VLAN 1 which has no IPv6 address explicitly configured Switch configure terminal Switch config interface vlan1 Switch config if ipv6 enable Switch config if 10 6 ipv6 neighbor This command is used to create a static ipv6 neighbor entry Use the no form of this command to delete a static IPv6 neighbor entry ipv6 n...

Страница 125: ... vlan1 00 01 80 11 22 99 Switch config 10 7 show ipv6 interface This command is used to display IPv6 interface information show ipv6 interface INTERFACE ID brief Parameters INTERFACE ID Optional Specifies the interface for display brief Optional Specifies to display brief information Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use thi...

Страница 126: ...TERFACE ID IPV6 ADDRESS Parameters IPV6 ADDRESS Specifies the IPv6 address to display its IPv6 neighbor cache entry INTERFACE ID Specifies the interface to display IPv6 neighbor cache entry Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display the IPv6 neighbor cache entry Example This example shows how to display th...

Страница 127: ...eighbor advertisement message has not yet been received REACH Reachable Corresponding neighbor advertisement message was received and the reachable time in milliseconds has not elapsed yet It indicates that the neighbor was functioning properly STALE More than the reachable time in milliseconds have elapsed since the last confirmation was received PROBE Sending the neighbor solicitation message to...

Страница 128: ...e shows how to enable the BPDU attack protection function globally Switch configure terminal Switch config spanning tree bpdu protection Switch config 11 2 spanning tree bpdu protection interface This command is used to enable the BPDU attack protection function on the port Use the no form of this command to revert to the default setting spanning tree bpdu protection drop block shutdown no spannin...

Страница 129: ...sabled state Example This example shows how to enable the BPDU attack protection with block mode on interface eth1 0 1 Switch configure terminal Switch config interface eth1 0 1 Switch config if spanning tree bpdu protection block Switch config if 11 3 show spanning tree bpdu protection This command is used to display the BPDU protection information show spanning tree bpdu protection interface INT...

Страница 130: ...rmal eth1 0 16 Disabled Shutdown Normal eth1 0 17 Disabled Shutdown Normal eth1 0 18 Disabled Shutdown Normal eth1 0 19 Disabled Shutdown Normal CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All This example shows how to display the BPDU attack protection status of interface eth1 0 1 Switch show spanning tree bpdu protection interface eth1 0 1 Interface State Mode Status eth1 0 1 Enabled ...

Страница 131: ...ne Use this command to enable or disable the sending of the SNMP notifications for BPDU protection Example This example shows how to enable the sending of the SNMP notifications for BPDU protection Switch configure terminal Switch config snmp server enable traps stp bpdu protection Switch config ...

Страница 132: ...Use the test cable diagnostics command to start the test The copper port can be in one of the following status Open The cable in the error pair does not have a connection at the specified position Short The cable in the error pair has a short problem at the specified position Open or Short The cable has an open or short problem but the PHY has no capability to distinguish between them Crosstalk Th...

Страница 133: ...e test results for the cable diagnostics Switch show cable diagnostics Port Type Link Status Test Result Cable Length M eth1 0 1 1000BASE T Link Up OK 65 eth1 0 2 1000BASE T Link Up OK eth1 0 3 1000BASE T Link Down Shutdown 25 eth1 0 4 1000BASE T Link Down Shutdown eth1 0 5 1000BASE T Link Down Unknown eth1 0 6 1000BASE T Link Down Pair 1 Crosstalk at 30M Pair 2 Crosstalk at 30M Pair 3 OK at 110M ...

Страница 134: ...ace before and after the comma Optional Specifies a range of interfaces No space before and after the hyphen Default None Command Mode EXEC Mode Command Default Level Level 1 Usage Guideline This command is used to clear the test results for the cable diagnostics If the test is running on the interface an error message will be displayed Example This example shows how to clear the test results for ...

Страница 135: ... successfully been configured to the Switch via the command line interface The requirement is to log the command itself along with information about the user account that entered the command into the system log Commands that do not cause a change in the Switch configuration or operation such as show will not be logged Information about saving or viewing the system log is described in the sys log f...

Страница 136: ...w to enable and then disable the debug message output option Switch config debug enable Switch config no debug enable Switch config 14 2 debug output This command is used to specify the output for the debug messages of individual modules debug output module MODULE LIST all buffer console no debug output module MODULE LIST all Parameters MODULE LIST Specifies the module list to output the debug mes...

Страница 137: ...the debug buffer Switch debug output all buffer Switch 14 3 debug reboot on error This command is used to set the Switch to reboot when a fatal error occurs Use the no form of this command to set the Switch not to reboot when a fatal error occurs debug reboot on error no debug reboot on error Parameters None Default By default this option is enabled Command Mode Global Configuration Mode Command D...

Страница 138: ...and Mode Privileged EXEC Mode Command Default Level Level 15 Usage Guideline None Example This example shows how to copy debug buffer information to a TFTP server 10 90 90 99 Switch debug copy buffer tftp 10 90 90 99 abc txt Address of remote host 10 90 90 99 Destination filename abc txt Accessing tftp 10 90 90 99 abc txt Transmission starts Finished network upload 65739 bytes Switch 14 5 debug cl...

Страница 139: ...e this command to clear the error log information Example This example shows how to clear the error log information Switch debug clear error log Switch 14 7 debug show buffer This command is used to display the content of the debug buffer or utilization information of the debug buffer debug show buffer utilization Parameters utilization Optional Specifies to display the utilization of the debug bu...

Страница 140: ... debug show buffer utilization Debug buffer is allocated from system memory Total size is 2M Utilization is 30 Switch 14 8 debug show output This command is used to display the debug status and output information of the modules debug show output Parameters None Default None Command Mode Privileged EXEC Mode or Any Configuration Mode Command Default Level Level 15 Usage Guideline Use this command t...

Страница 141: ...r No BGP buffer No VRRP buffer No RIPNG buffer No Switch 14 9 debug show error log This command is used to display error log information debug show error log Parameters None Default None Command Mode Privileged EXEC Mode or Any Configuration Mode Command Default Level Level 15 Usage Guideline Use this command to display the content of the error log Example This example shows how to display error l...

Страница 142: ...814 8028FF44 8028352C 801D703C 8013B8A4 802AE754 802A5E0C 802A5D6C debug log 2 level fatal clock 10000ms time 2013 09 11 15 00 00 SOFTWARE FATAL ERROR CLI_UTL_AllocateMemory Fail Current TASK CLI TASK STACKTRACE 802ACE98 802B4498 802B4B00 802BD140 802BCB08 Total Log 2 Output truncated 14 10 debug show tech support This command is used to display the information required by technical support person...

Страница 143: ...d Default Level Level 15 Usage Guideline Use this command to display technical support information The technical support information is used to collect the Switch s information needed by the engineers to troubleshoot or analyze a problem Example This example shows how to display technical support information of all the modules ...

Страница 144: ...NG 2000 1 1 00 04 26 Topology Information Stable Topology My Box ID 1 Role Master Box Cnt 1 Topology Type Duplex Chain Unit Prio Device Runtime Stacking ID rity Role MAC Type option version version 1 32 32 Master 3C 1E 04 A1 CC 00 DGS 1510 28XMP 0x0001 1 30 003 2 0 1 2 NOT EXIST 3 NOT EXIST 4 NOT EXIST 5 NOT EXIST 6 NOT EXIST S means static box ID Temporary Topology Stable Cnt 48 Hot Swap Type Sta...

Страница 145: ...ow cpu utilization Parameters None Default None Command Mode Privileged EXEC Mode or Any Configuration Mode Command Default Level Level 15 Usage Guideline Use this command to display the information about CPU and task utilization Example This example shows how to display the CPU utilization per process information Switch debug show cpu utilization Five seconds 12 One minute 12 Five minutes 12 Proc...

Страница 146: ...NIT ID sio1 sio2 Parameters UNIT ID Specifies the stacking unit ID sio1 Specifies to represent the lower stacking port sio2 Specifies to represent the higher stacking port Default None Command Mode Privileged EXEC Mode Command Default Level Level 15 Usage Guideline Use this command to display the packet statistics information of the SIO ports Example This example shows how to display the informati...

Страница 147: ...0 txHCTotalPkts 0 0 txHCUnicastPkts 0 0 txHCMulticastPkts 0 0 txHCBroadcastPkts 0 0 txHCOctets 0 0 txHCPkt64Octets 0 0 txHCPkt65to127Octets 0 0 txHCPkt128to255Octets 0 0 txHCPkt256to511Octets 0 0 txHCPkt512to1023Octets 0 0 txHCPkt1024to1518Octets 0 0 txHCPkt1519to2047Octets 0 0 txHCPkt2048to4095Octets 0 0 rxHCPkt4096to9216Octets 0 0 Switch 14 13 debug show error ports unit This command is used to ...

Страница 148: ...ation of the SIO ports Switch debug show error ports unit 1 sio1 UNIT ID 1 SIO 1 RX Frames TX Frames CRC Error 0 CRC Error 0 Undersize 0 STP Drop 0 Oversize 0 HOL Drop 0 Fragment 0 COS0 HOL Drop 0 Jabber 0 COS1 HOL Drop 0 Symbol Error 0 COS2 HOL Drop 0 Buffer Full Drop 0 COS3 HOL Drop 0 ACL Drop 0 COS4 HOL Drop 0 Multicast Drop 0 COS5 HOL Drop 0 VLAN Ingress Drop 0 COS6 HOL Drop 0 Invalid IPv6 Dro...

Страница 149: ...P server IP address from the DHCP server if the DHCP server has the TFTP server IP address and configuration file name and be configured to deliver this information in the data field of the DHCP reply packet The Switch will then download the configuration file from the TFTP server to configure the system if the TFTP server is running and have the requested configuration file in its base directory ...

Страница 150: ... EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display the status of the auto configuration Example This example shows how to display the status of the auto configuration Switch show autoconfig Autoconfig State Disabled Switch ...

Страница 151: ...dentifier Option 60 to be sent with the DHCP discover message This specification only applies to the subsequent sending of the DHCP discover messages The setting only takes effect when the DHCP client is enabled on the interface to acquire the IP address from the DHCP server The vendor class identifier specifies the type of device that is requesting an IP address Example This example shows how to ...

Страница 152: ...h configure terminal Switch config interface vlan 100 Switch config if ip dhcp client client id vlan 100 Switch config if 16 3 ip dhcp client hostname This command is used to specify the value of the host name option to be sent with the DHCP discover message Use the no form of this command to revert the setting to the default ip dhcp client hostname HOST NAME no ip dhcp client hostname Parameters ...

Страница 153: ...cp client lease Parameters DAYS Specifies the day duration of the lease The range is from 0 to 10000 days HOURS Optional Specifies the hour duration of the lease The range is from 0 to 23 hours MINUTES Optional Specifies the minute duration of the lease The range is from 0 to 59 minutes Default The lease option is not sent Command Mode Interface Configuration Mode Command Default Level Level 12 Us...

Страница 154: ...e relayed If there is no class configured in a relay pool the client will be relayed to the relay destination server specified for the matched relay pool when the client matches the relay pool Example This example shows how to a DHCP class Service A is configured defined with DHCP option 60 matching pattern 0x112233 and 0x102030 classified to the relay pool pool1 and is associated with relay targe...

Страница 155: ...p dhcp pool DHCP Relay This command is used to configure a DHCP relay pool on a DHCP relay agent and enter the DHCP pool configuration mode Use the no form of this command to delete a DHCP relay pool ip dhcp pool NAME no ip dhcp pool NAME Parameters NAME Specifies the address pool name with a maximum of 32 characters Default None Command Mode Global Configuration Mode Command Default Level Level 1...

Страница 156: ...y disable the check for Option 82 ip dhcp relay information check no ip dhcp relay information check Parameters None Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command takes effect when the DHCP service is enabled The ip dhcp relay information check command and the ip dhcp relay information check reply comma...

Страница 157: ... global setting takes effect If the ip dhcp relay information check reply command is configured for an interface the interface setting takes effect When the check for Option 82 of the reply packet is enabled the device will check the validity of the Option 82 field in DHCP reply packets it receives from the DHCP server If the Option 82 field in the received packet is not present or the option is n...

Страница 158: ...and to specify a user defined string for the remote ID sub option Example This example shows how to enable the insertion of Option 82 during the relay of DHCP request packets Switch configure terminal Switch config ip dhcp relay information option Switch config 17 7 ip dhcp relay information option insert This command is used to enable or disable the insertion of Option 82 for an interface during ...

Страница 159: ...t the DHCP requests packet that already has the relay option is left unchanged and directly relayed to the DHCP server replace Specifies that the DHCP request packet that already has the relay option will be replaced by a new option Default By default this option is replace Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The command only takes effect when the ...

Страница 160: ...the relay agent option re forwarding policy to keep and set the policy to drop for VLAN 100 The effective relay agent option re forwarding policy for VLAN 100 is drop and the effective relay agent option re forwarding policy for the remaining interfaces are set as keep Switch configure terminal Switch config ip dhcp relay information policy keep Switch config interface vlan 100 Switch config if ip...

Страница 161: ...onfig This example shows how to configure a user defined string switch1 as the remote ID Switch configure terminal Switch config ip dhcp relay information option Switch config ip dhcp relay information option format remote id string switch1 Switch config 17 11 ip dhcp relay information option format type remote id This command is used to configure the DHCP information remote ID sub option of vendo...

Страница 162: ...lt string STRING vendor1 vendor2 vendor3 vendor4 vendor5 vendor6 no ip dhcp relay information option format circuit id Parameters default Specifies to use the default circuit ID sub option STRING Specifies to use a user defined string as the circuit ID Space characters are allowed in the string vendor1 Specifies to use vender1 vendor2 Specifies to use vender2 vendor3 Specifies to use vender3 vendo...

Страница 163: ...aracters STRING Specifies the vendor defined string Default None Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to configure each interface s vendor defined string for option 82 information circuit ID It is available for both physical port and port channel interface configuration Example This example shows how to define vendor3 circuit...

Страница 164: ...g of ip dhcp relay information trusted command Switch configure terminal Switch config ip dhcp relay information trust all Switch config 17 15 ip dhcp relay information trusted This command is used to enable the DHCP relay agent to trust the relay information for the interface Use the no form of this command to disable the trusting of relay information for the interface ip dhcp relay information t...

Страница 165: ...of interfaces or separate a range of interfaces from a previous range No space is allowed before and after the comma Optional Specifies a range of interfaces No space is allowed before and after the hyphen Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The local relay relays the DHCP message to all local VLAN member ...

Страница 166: ...erminal Switch config ip dhcp smart relay Switch config 17 18 option hex DHCP relay This command is used to specify a DHCP option matching pattern for a DHCP class Use the no form of this command to delete the specified matching pattern for a DHCP class option CODE hex PATTERN bitmask MASK no option CODE hex PATTERN bitmask MASK Parameters CODE Specifies the DHCP option number PATTERN Specifies th...

Страница 167: ...0 hex 112233 Switch config dhcp class option 60 hex 102030 Switch config dhcp class 17 19 relay destination This command is used to specify the DHCP relay destination IP address associated with a relay pool Use the no form of this command to delete a DHCP relay destination from the DHCP relay pool relay destination IP ADDRESS no relay destination IP ADDRESS Parameters IP ADDRESS Specifies the rela...

Страница 168: ... MASK Specifies the network mask of the source subnet Default None Command Mode DHCP Pool Configuration Mode Command Default Level Level 12 Usage Guideline The relay destination of DHCP server can be specified in DHCP relay pool To do this use the ip dhcp pool command to enter the DHCP pool configuration mode use the relay source command to specify the source subnet of the client requests and use ...

Страница 169: ... Level 12 Usage Guideline In a DHCP relay pool administrators can further use the class command and the relay target command to associate a list of relay target addresses with a DHCP class When the client request matches a relay pool and the DHCP relay pool is defined with classes the client request must match a class specified in the pool in order to be relayed If the packet does not match any cl...

Страница 170: ... the DHCP relay service on the Switch Use the no form of this command to disable the DHCP relay service service dhcp no service dhcp Parameters None Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to enable the DHCP relay service on the switch Example This example shows how to disables the DHCP server...

Страница 171: ... vlan100 vlan200 vlan300 vlan400 vlan500 Total Entries 5 Switch This example shows how to display when all interfaces are trusted sources Note that the display output does not list the individual interfaces Switch show ip dhcp relay information trusted sources All interfaces are trusted source of relay agent information option Switch 17 24 show ip dhcp relay information option insert This command ...

Страница 172: ...nd is used to display the relay option policy action configuration show ip dhcp relay information policy action Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display the relay information option policy action configuration information Example This example shows how to display relay information Option ...

Страница 173: ...validated and a DHCP binding database will be constructed for the DHCP snooping enabled VLAN The binding database provides IP and MAC binding information that can be further used by the IP source guard and dynamic ARP inspection process Example This example shows how to enable DHCP snooping Switch configure terminal Switch config ip dhcp snooping Switch config 18 2 ip dhcp snooping information opt...

Страница 174: ...te site Use the no form of this command to disable the storing or reset the parameters to the default setting ip dhcp snooping database URL write delay SECONDS no ip dhcp snooping database write delay Parameters URL Specifies the URL in one of the following forms tftp location filename NOTE The flash option only includes the external memory like CF SD USB storage write delay SECONDS Specifies the ...

Страница 175: ... is used to clear the DHCP binding database statistics clear ip dhcp snooping database statistics Parameters None Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline When you enter this command the Switch will clear the database statistics Example This example shows how to clear the snooping database statistics Switch clear ip dhcp snooping database statis...

Страница 176: ...ameters URL Specifies load the bind entry database from the URL and add the entries to the DHCP snooping binding entry table Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline Using this command will cause the system to load the bind entry database from a URL and add the entries to the DHCP snooping binding entry table Example This example shows how to re...

Страница 177: ... entry Example This example shows how to configure a DHCP snooping entry with IP address 10 1 1 1 and MAC address 00 01 02 03 04 05 at VLAN 2 and port eth3 0 10 with an expiry time of 100 seconds Switch ip dhcp snooping binding 00 01 02 03 04 05 vlan 2 10 1 1 1 interface eth3 0 10 expiry 100 Switch This example shows how to disable a DHCP snooping entry with IP address 10 1 1 1 and MAC address 00 ...

Страница 178: ...that includes Option 82 to an untrusted interface The router receives a DHCPRELEASE or DHCPDECLINE message from an untrusted host with an entry in the DHCP snooping binding table and the interface information in the binding table does not match the interface on which the message was received In addition to doing the validation DHCP snooping also create a binding entry based on the IP address assig...

Страница 179: ...mand to reset the DHCP message rate limiting ip dhcp snooping limit rate VALUE no ip dhcp snooping limit rate Parameters rate VALUE Specifies the number of DHCP messages that can be processed per second The valid range is from 1 to 300 Default By default this option is disabled Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline When the rate of the DHCP packet...

Страница 180: ...cp snooping vlan 10 Switch config ip dhcp snooping station move deny Switch config 18 12 ip dhcp snooping verify mac address This command is used to enable the verification that the source MAC address in a DHCP packet matches the client hardware address Use the no form of this command to disable the verification of the MAC address ip dhcp snooping verify mac address no ip dhcp snooping verify mac ...

Страница 181: ...wed before and after the hyphen Default By default DHCP snooping is disabled on all VLANs Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to globally enable DHCP snooping and use the ip dhcp snooping vlan command to enable DHCP snooping for a VLAN The DHCP snooping function snoops the DHCP packets arriving at the untrusted interface on VLAN th...

Страница 182: ...Switch show ip dhcp snooping DHCP Snooping is enabled DHCP Snooping is enabled on VLANs 10 15 18 Verification of MAC address is disabled Information option of allowed on un trusted interface is disabled Interface Trusted Rate Limit eth3 0 1 no 10 eth3 0 8 no 50 eth3 0 9 yes no_limit Switch 18 15 show ip dhcp snooping binding This command is used to display DHCP snooping binding entries show ip dhc...

Страница 183: ...l Level 1 Usage Guideline Use this command to display DHCP snooping binding entries Example This example shows how to display DHCP snooping binding entries Switch show ip dhcp snooping binding MAC Address IP Address Lease seconds Type VLAN Interface 00 01 02 03 04 05 10 1 1 10 1500 dhcp snooping 100 eth3 0 5 00 01 02 00 00 05 10 1 1 11 1495 dhcp snooping 100 eth3 0 5 Total Entries 2 Switch This ex...

Страница 184: ...s 1 Switch This example shows how to display DHCP snooping binding entries by VLAN 100 Switch show ip dhcp snooping binding vlan 100 MAC Address IP Address Lease seconds Type VLAN Interface 00 01 02 03 04 05 10 1 1 10 1500 dhcp snooping 100 eth3 0 5 00 01 02 00 00 05 10 1 1 11 1495 dhcp snooping 100 eth3 0 5 Total Entries 2 Switch This example shows how to display DHCP snooping binding entries by ...

Страница 185: ...mple This example shows how to display DHCP snooping database statistics Switch show ip dhcp snooping database URL tftp 10 0 0 2 store dhcp snp bind Write Delay Time 300 seconds Last ignored bindings counters Binding collisions 0 Expired lease 0 Invalid interfaces 0 Unsupported vlans 0 Parse failures 0 Checksum errors 0 Switch Display Parameters Binding Collisions The number of entries that create...

Страница 186: ...entries restrict that only specific servers are allowed to offer addresses to service specific clients If a binding entry is defined without the client s MAC address then the server message with the specified server IP address in the payload will be permitted These binding entries restrict that only specific servers are allowed to offer DHCP server services Example This example shows how to config...

Страница 187: ...p dhcp snooping server screen log Switch 18 19 dhcp server screen profile This command is used to define a server screen profile and enter the server screen configure mode dhcp server screen profile PROFILE NAME no dhcp server screen profile PROFILE NAME Parameters PROFILE NAME Specifies the profile name with a maximum of 32 characters Default None Command Mode Global Configuration Mode Command De...

Страница 188: ...nly forward trusted server packets If a server screen entry is defined with a profile that contains a client MAC address then the server message with the server IP address and the client addresses contained in the profile is forwarded If an entry is defined without the client s MAC address then the server message with the specified server IP address will be forwarded Each server can only have one ...

Страница 189: ...record in the log buffer is cleared If the log buffer is full but more violation events occur packets will be discarded but the event will not be sent to the syslog module If the user specifies a buffer size less than the current entry number then the log buffer will automatically be cleared Example This example shows how to change the maximum buffer number to 64 Switch configure terminal Switch c...

Страница 190: ...the no form of this command to disable sending SNMP notifications snmp server enable traps dhcp server screen no snmp server enable traps dhcp server screen Parameters None Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline When DHCP Server Screen is enabled and the Switch receives the forge DHCP Server packet the Switch...

Страница 191: ...example shows how to restart the DHCPv6 client for interface VLAN 1 Switch clear ipv6 dhcp client vlan1 Switch 19 2 show ipv6 dhcp This command is used to display the DHCPv6 related settings on the interface show ipv6 dhcp interface INTERFACE ID Parameters INTERFACE ID Optional Specifies the VLAN interface to display the DHCPv6 related settings Default None Command Mode EXEC Mode or Any Configurat...

Страница 192: ...n VLAN 1 is DHCPv6 disabled Switch show ipv6 dhcp interface vlan1 vlan1 is not in DHCPv6 mode Switch This example shows how to display the DHCPv6 setting for all VLANs Only VLANs that are DHCPv6 enabled are displayed Switch show ipv6 dhcp interface vlan1 is in client mode State is OPEN List of known servers Reachable via address FE80 200 11FF FE22 3344 Configuration parameters IA PD IA ID 1 T1 40 ...

Страница 193: ...nfiguration mode DHCPv6 guard policies can be used to block DHCPv6 reply and advertisement messages that come from unauthorized servers Client messages are not blocked After the DHCPv6 guard policy was created use the ipv6 dhcp guard attach policy command to apply the policy on a specific interface Example This example shows how to create a DHCPv6 guard policy Switch configure terminal Switch conf...

Страница 194: ...rd1 Switch config dhcp guard device role server Switch config dhcp guard 20 3 match ipv6 access list This command is used to verify the sender s IPv6 address in server messages Use the no form of this command to disable the verification match ipv6 access list IPV6 ACCESS LIST NAME no match ipv6 access list Parameters IPV6 ACCESS LIST NAME Specifies the IPv6 access list to be matched Default By def...

Страница 195: ...de Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to apply a DHCPv6 policy to an interface DHCPv6 guard policies can be used to block DHCPv6 server messages or filter server messages based on sender IP address If the policy name is not specified the default policy will set the device s role to client Example This example shows how to apply the DHCP...

Страница 196: ...l policies Example This example shows how to displayed for all policies Switch show ipv6 dhcp guard policy DHCP guard policy default Device Role DHCP client Target eth1 0 3 DHCP guard policy test1 Device Role DHCP server Source Address Match Access List acl1 Target eth1 0 1 Switch Display Parameters Device Role The role of the device The role is either client or server Target The name of the targe...

Страница 197: ...sages being relayed can come from a client may be already relayed by a relay agent The destination address to be relayed can be a DHCPv6 server or another DHCPv6 relay agent The destination address can be a unicast or a multicast address both can be a link scoped address or a global scoped address For link scoped addresses the interface where the destination address is located must be specified Fo...

Страница 198: ...onfigure terminal Switch config ipv6 dhcp relay remote id format cid with user define Switch config 21 3 ipv6 dhcp relay remote id option This command is used to enable the insertion of the relay agent remote ID Option 37 during the relay of DHCP for IPv6 request packets Use the no form of this command to disable the insert function ipv6 dhcp relay remote id option no ipv6 dhcp relay remote id opt...

Страница 199: ...iguration Mode Command Default Level Level 12 Usage Guideline Use this command to configure the global policy for packets that already have Option 37 If the drop policy is selected relay agent s Remote ID option that has already been presented in the received packet from client the packet will be dropped If the keep policy is selected the Switch does not check if there is a relay agent Remote ID o...

Страница 200: ...configure terminal Switch config ipv6 dhcp relay remote id udf hex 010c08 Switch config 21 6 show ipv6 dhcp This command is used to display the DHCPv6 related settings on the interface show ipv6 dhcp interface INTERFACE ID Parameters INTERFACE ID Optional Specifies the VLAN interface ID to display Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Gui...

Страница 201: ...7 show ipv6 dhcp relay information option This command is used to display settings of the DHCPv6 relay information options show ipv6 dhcp relay information option Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display the settings of the DHCPv6 relay information options Example This example shows how t...

Страница 202: ...l Level 1 Usage Guideline Use this command to display the current SFP module operating transceiver monitoring parameters values for specified ports Example This example shows how to display current operating parameters for all ports valid for transceiver monitoring Switch show interfaces transceiver high alarm high warning low warning low alarm mA milliamperes mW milliwatts Transceiver Monitoring ...

Страница 203: ... used to send all or the specified level of optical transceiver monitoring SNMP notifications Use the no form of this command to stop sending the notifications snmp server enable traps transceiver monitoring alarm warning no snmp server enable traps transceiver monitoring alarm warning Parameters alarm Optional Specifies to send or stop sending alarm level notification warning Optional Specifies t...

Страница 204: ...threshold or go lower than the low alarm threshold A warning event occurs when the parameters being monitored go higher than the high warning threshold or go lower than the low warning threshold The port shutdown feature is controlled by the Error Disable module without a recover timer Users can manually recover the port by using the shutdown command and then the no shutdown command Example This e...

Страница 205: ...configured threshold is stored in the system and the displayed value will be the user configured threshold If no user configured threshold exists the displayed value will always reflect the factory preset value defined by vendors The no form of this command has the effect to clear the configured threshold stored in the system It does not change the threshold stored in the SFP SFP transceivers Use ...

Страница 206: ... shows how to enable transceiver monitoring on interface eth3 0 1 Switch configure terminal Switch config interface eth3 0 1 Switch config if transceiver monitoring enable Switch config if 22 6 transceiver monitoring rx power This command is used to configure the thresholds of the input power for the specified port Use the no form of this command to remove the configuration transceiver monitoring ...

Страница 207: ...n newly inserted SFP SFP transceivers from being altered Example This example shows how to configure the RX power low warning threshold as 0 135 mW on interface eth3 0 1 Switch configure terminal Switch config transceiver monitoring rx power eth3 0 1 low warning mwatt 0 135 Switch config 22 7 transceiver monitoring temperature This command is used to configure the temperature thresholds for the sp...

Страница 208: ...ow to configure the temperature high alarm threshold as 127 994 on interface eth3 0 1 Switch configure terminal Switch config transceiver monitoring temperature eth3 0 1 high alarm 127 994 WARNING A closest value 127 992 is chosen according to the transceiver monitoring precision definition Switch config 22 8 transceiver monitoring tx power This command is used to configure the output power thresh...

Страница 209: ... newly inserted SFP SFP transceivers from being altered Example This example shows how to configure the TX power low warning threshold to 0 181 mW on interface eth3 0 1 Switch configure terminal Switch config transceiver monitoring tx power eth3 0 1 low warning mwatt 0 181 Switch config 22 9 transceiver monitoring voltage This command is used to configure the threshold voltage of the specified por...

Страница 210: ...eshold is just stored in the system and the displayed value will be the user configured threshold If there is no user configured threshold the displayed value will always reflect the factory preset value defined by the vendor The no form of this command has the effect to clear the configured threshold stored in system It does not change the threshold stored in the SFP SFP transceivers Use the no f...

Страница 211: ...e DDP client function globally or per physical port based When DDP is disabled on a port the port will neither process nor generate DDP message DDP messages received by the port are flooded in VLAN Example This example shows how to enable DDP globally Switch configure terminal Switch config ddp Switch config This example shows how to enable DDP on port 1 0 1 Switch configure terminal Switch config...

Страница 212: ...ge Guideline Use this command to configure interval between two consecutive DDP report messages Example This example shows how to configure interval to 60 seconds Switch configure terminal Switch config ddp report timer 60 Switch config 23 3 show ddp This command is used to display the switch DDP configurations show ddp interfaces INTERFACE ID Parameters INTERFACE ID Specifies to the interface ID ...

Страница 213: ...tch CLI Reference Guide 210 Switch show ddp D Link Discovery Protocol state Enabled Report timer 60 seconds Switch This example shows how to display DDP on port 1 0 1 Switch show ddp interface ethernet 1 0 1 Interface State eth1 0 1 Enabled Switch ...

Страница 214: ...t Level Level 12 Usage Guideline Use this command to delete a host entry or all host entries which are dynamically learned by the DNS resolver or caching server Example This example shows how to delete the dynamically entry www abc com from the host table Switch clear host www abc com Switch 24 2 ip domain lookup This command is used to enable the DNS to carry out the domain name resolution Use th...

Страница 215: ...PV6 ADDRESS no ip host HOST NAME IP ADDRESS IPV6 ADDRESS Parameters HOST NAME Specifies the host name of the equipment IP ADDRESS Specifies the IPv4 address of the equipment IPV6 ADDRESS Specifies the IPv6 address of the equipment Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The host name specified in this command needs to be qualified Use the ...

Страница 216: ...e already configured the servers configured later will be added to the server list The user can configure up to 4 name servers Example This example shows how to configure the domain name server 192 168 5 134 and 5001 5 2 Switch configure terminal Switch config ip name server 192 168 5 134 5001 5 2 Switch config 24 5 ip name server timeout This command is used to configure the timeout value for the...

Страница 217: ...ny Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display DNS related configuration information Example This example shows how to display DNS related configuration information Switch show hosts Number of Static Entries 2 Number of Dynamic Entries 1 Host Name www yes com IP Address 10 0 0 88 IPv6 Address 2001 1 1 Age 1334minutes Host Name www abc com IP Address...

Страница 218: ...y Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display the DNS related configuration information Example This example shows how to display the DNS related configuration information Switch show ip name_server Name servers are 1 1 1 1 Name servers are 1000 1 Name servers are 2 2 2 2 Name servers are 2000 2 Switch ...

Страница 219: ...to itself Land A LAND attack involves with IP packets where the source and destination address are set to address of the target device It may cause the target device reply to itself continuously TCP NULL scan Port scanning by using specific packets which contain a sequence number of 0 and no flags TCP SYN fin Port scanning by using specific packets which contain SYN and FIN flags TCP SYN SRCport l...

Страница 220: ...disable the DoS prevention mechanism for all supported types Switch configure terminal Switch config no dos prevention all Switch config 25 2 show dos prevention This command is used to display the DoS prevention status and related drop counters show dos prevention DOS ATTACK TYPE Parameters DOS ATTACK TYPE Optional Specifies the DoS type to be displayed Default None Command Mode EXEC Mode or Any ...

Страница 221: ...abled Switch 25 3 snmp server enable traps dos prevention This command is used to enable sending SNMP notifications for DoS attacking Use the no form of this command to disable sending SNMP notifications snmp server enable traps dos prevention no snmp server enable traps dos prevention Parameters None Default By default this option is disabled Command Mode Global Configuration Mode Command Default...

Страница 222: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 219 Switch configure terminal Switch config snmp server enable traps dos prevention Switch config ...

Страница 223: ...e Command Default Level Level 12 Usage Guideline The name must be unique among all access lists The characters used in the name are case sensitive There is an implicit deny statement at the end of an access list Example This example shows how to configure an ARP access list with two permit entries Switch configure terminal Switch config arp access list static arp list Switch config arp nacl permit...

Страница 224: ... 12 Usage Guideline This command is used to clear the Dynamic ARP Inspection DAI statistics Example This example shows how to clear the DAI statistics from VLAN 1 Switch clear ip arp inspection statistics vlan 1 Switch 26 4 ip arp inspection filter vlan This command is used to specify an ARP access list to be used for ARP inspection checks for the VLAN Use the no form of this command to remove the...

Страница 225: ...ence over entries in the DHCP snooping binding database If the packet is explicitly denied by the access control list the packet is dropped If the packet is denied due to the implicit deny the packet will be further matched against the DHCP snooping binding entries if the keyword static is not specified The implicit denied packet is dropped if the keyword static is specified Example This example s...

Страница 226: ...fig if 26 6 ip arp inspection log buffer This command is used to configure the ARP inspection log buffer parameter ip arp inspection log buffer entries NUMBER no ip arp inspection log buffer entries Parameters NUMBER Optional Specifies the buffer entry number The maximum number is 1024 Default By default this value is 32 Command Mode Global Configuration Mode Command Default Level Level 12 Usage G...

Страница 227: ...te ARP packets arriving at the port and belongs to the VLAN that is enabled for inspection will be inspected Example This example shows how to configure port 3 0 3 to be trusted for DAI Switch configure terminal Switch config interface eth3 0 3 Switch config if ip arp inspection trust Switch config if 26 8 ip arp inspection validate This command is used to specify the additional checks to be perfo...

Страница 228: ... The specified check will be performed on packets arriving at the untrusted interface and belong to the VLANs that are enabled for IP ARP inspection If no parameters are specified all options are enabled or disabled Use the no form of this command with the specific option to disable the specific type of check Example This example shows how to enable source MAC validation Switch configure terminal ...

Страница 229: ...ing acl match permit all none dhcp bindings permit all none no ip arp inspection vlan VLAN ID logging acl match dhcp bindings Parameters vlan VLAN ID Specifies the VLAN to enable or disable the logging control function Optional Specifies a series of interfaces or separate a range of interfaces from a previous range No space is allowed before and after the comma Optional Specifies a range of interf...

Страница 230: ...K no permit deny ip any host SENDER IP SENDER IP SENDER IP MASK mac any host SENDER MAC SENDER MAC SENDER MAC MASK Parameters ip any Specifies to match any source IP address ip host SENDER IP Specifies to match a single source IP address SENDER IP SENDER IP MASK Specifies to match a group of source IP addresses by using a bitmap mask The bit corresponding to bit value 1 will be checked The input f...

Страница 231: ...previous range No space is allowed before and after the comma Optional Specifies a range of interfaces No space is allowed before and after the hyphen vlan VLAN ID Optional Specifies a VLAN or range of VLANs Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display the status of DAI for a specific range of VLANs Exam...

Страница 232: ...hat are forwarded by ARP inspection Dropped The number of ARP packets that are dropped by ARP inspection DHCP Drops The number of ARP packets that are dropped by DHCP snooping binding database ACL Drops The number of ARP packets that are dropped by ARP ACL rule DHCP Permits The number of ARP packets that are permitted by DHCP snooping binding database ACL Permits The number of ARP packets that are...

Страница 233: ...opped or permitted based on ACL matches None ACL matched packets are not logged Permit Logging when packets are permitted by the configured ACL Deny Logging when packets are dropped by the configured ACL All ACL matched packets are always logged DHCP Logging The state of logging for packets dropped or permitted based on DHCP bindings None Prevent logging when packets are dropped or permitted by th...

Страница 234: ...ARP packet will be legal and not be authorized untrusted This interface is ARP inspection untrusted port all ARP packet will be authorized Rate pps The upper limit on the number of incoming packets processed per second Burst Interval The consecutive interval in seconds over which the interface is monitored for the high rate of the ARP packets 26 13 show ip arp inspection log This command is used t...

Страница 235: ...h1 0 2 100 10 5 10 16 55 66 20 30 40 50 2 2014 04 02 00 11 54 eth1 0 3 100 10 58 2 30 10 22 33 44 50 60 1 2014 03 30 12 01 38 Total Entries 3 Switch Display Parameters Interface The name of interface that logging occurred VLAN The VLAN that logging occurred Sender IP The logging ARP s sender IP address Sender MAC The logging ARP s sender MAC address Occurrence The counter of logging entries occurr...

Страница 236: ...dhcp rate Specifies to enable the auto recovery option for an error port caused by DHCP rate limiting loopback detect Specifies to enable the auto recovery option for an error port caused by loop detection interval SECONDS Specifies the time in seconds to recover the port from the error state caused by the specified module The valid value is 5 to 86400 The default value is 300 seconds Default Auto...

Страница 237: ... Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to verify the settings of the error disable recovery timer Example This example shows how to display the settings of the error disable recovery timer Switch config show errdisable recovery ErrDisable Cause State Interval Port Security enabled 120 seconds Storm Control enabled 120 seconds BPDU A...

Страница 238: ...ge of the error disabled state Default By default all notification types are disabled and there is no limit for the notification rate Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command with the parameters asserted and cleared enables or disables the notifications for the state change of the error disabled state If you enter the command with one of th...

Страница 239: ...or the ERP instances Example This example shows how to configure the description for the ERP instances Switch configure terminal Switch config ethernet ring g8032 major ring Switch config erp instance 1 Switch config erp instance description custom description Switch config erp instance 28 2 ethernet ring g8032 This command is used to create or modify an ITU T G 8032 ERP physical ring and enter th...

Страница 240: ...g g8032 profile PROFILE NAME no ethernet ring g8032 profile PROFILE NAME Parameters PROFILE NAME Specifies the name of the G 8032 profile with the maximum of 32 characters Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to create modify or delete a G 8032 profile and enter the ERP profile configuration mode Example This exampl...

Страница 241: ...y the APS channel VLAN for an ERP instance Use the no form of this command to delete the configuration r aps channel vlan VLAN ID no r aps channel vlan Parameters VLAN ID Specifies the VLAN ID The valid values are from 1 to 4094 Default None Command Mode ERP Instance Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to assign the APS channel VLAN for an ERP ins...

Страница 242: ...RP mechanism The range is 1 to 4094 Optional Specifies a series of VLANs or separate a range of VLANs from a previous range No spaces are required before and after the comma Optional Specifies a range of VLANs No spaces are required before and after the hyphen Default None Command Mode ERP Instance Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to add or del...

Страница 243: ...witch configure terminal Switch config ethernet ring g8032 ring2 Switch config erp instance 1 Switch config erp instance 28 8 level This command is used to configure ring MEL value of an ERP instance Use the no form of this command to revert to the default setting level MEL VALUE no level Parameters MEL VALUE Specifies the ring MEL of the specified ERP instance The valid values are from 0 to 7 Def...

Страница 244: ...E Parameters SUB RING NAME Specifies the name of the sub ring Default None Command Mode ERP Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to specify or delete the sub ring of a physical ring Example This example shows how to configure the sub ring of the physical ring ring2 Switch configure terminal Switch config ethernet ring g8032 ring2 Switch config erp ...

Страница 245: ...itch config erp instance 1 Switch config erp instance profile campus Switch config erp instance 28 11 port0 This command is used to specify the first ring port of a physical ring Use the no form of this command to remove the settings port0 interface INTERFACE ID no port0 Parameters INTERFACE ID Specifies the interface ID of the first ring port The interface s can be a physical interface or a port ...

Страница 246: ...eline This command is used to specify or remove the first ring port of a physical ring Use the port1 none command to indicate that the inter connect node is a local node endpoint of an open ring Example This example shows how to configure the inter connect node as a local end node of the G 8032 ring ring2 Switch configure terminal Switch config ethernet ring g8032 ring2 Switch config erp port1 non...

Страница 247: ...nsport entity immediately and in some cases a second traffic interruption is even avoided by not reverting protect switching Example This example shows how to configure rings in the profile campus to operate in non revertive mode Switch configure terminal Switch config ethernet ring g8032 profile campus Switch config g8032 ring profile no revertive Switch config g8032 ring profile 28 14 rpl This c...

Страница 248: ... to display information of the ERP instances show ethernet ring g8032 status brief Parameters status Specifies to display the status of the ERP instances brief Specifies to display the brief information of the ERP instances Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display information of the ERP instances Exa...

Страница 249: ...q Quit SPACE n Next Page ENTER Next Entry a All This example shows how to display the brief information of the ERP instances Switch show ethernet ring g8032 brief Profile Inst Status Port State ID 0 Deactivated p0 Forwarding p1 Forwarding 0 Deactivated p0 Forwarding p1 Forwarding campus 1 Deactivated p0 eth1 0 1 Forwarding RPL p1 Forwarding 0 Deactivated p0 Forwarding p1 Forwarding Total Entries 4...

Страница 250: ...ances Inst ID Instance identifier of ERP instance RingType Indicates either major ring or sub ring Node Type RPL Owner Status Current status of ERP instance It can be one of the following values Deactivated The ERP instance is deactivated Init The instance is initializing Idle The instance is in normal state The RPL port is blocked Protection The instance detects failure at some ring port The RPL ...

Страница 251: ...NUTES no timer guard hold off wtr Parameters guard MILLI SECONDS Optional Specifies the guard timer in milliseconds The value is range from 10 to 2000 hold off SECONDS Optional Specifies the hold off timer in seconds The value is range from 0 to 10 wtr MINUTES Optional Specifies the WTR timer in minutes The value is range from 1 to 12 Default The default guard timer is 500 milliseconds The default...

Страница 252: ...vel Level 1 Usage Guideline If the URL is not specified then the current directory is not changed Example This example shows how to change the current directory to the directory log on file system c Switch dir Directory of c 1 d 0 Dec 29 2013 17 49 36 images 2 d 0 Jan 02 2013 18 42 53 configurations 3 d 0 Jan 02 2013 18 42 53 log 4 639 Jan 03 2013 12 09 32 new_config cfg 20578304 bytes total 31045...

Страница 253: ...ration file that is specified as the boot up file cannot be deleted Example This example shows how to delete the file named test txt from file system on the local flash Switch delete c test txt Delete test txt y n n y File is deleted Switch 29 3 dir This command is used to display the information for a file or the listing of files in the specified path name dir URL Parameters URL Optional Specifie...

Страница 254: ...ia command Example This example shows how to display the root directory in a standalone switch Switch dir Directory of 1 d 0 Jun 31 2013 17 49 36 c 2 d 0 Jun 31 2013 18 42 53 d 0 bytes total 0 bytes free Switch 29 4 mkdir This command is used to create a directory under the current directory mkdir DIRECTORY NAME Parameters DIRECTORY NAME Specifies the name of the directory Default None Command Mod...

Страница 255: ...able characters the display will feature unreadable characters or even blank spaces Example This example shows how to display the contents of file usr_def conf Switch more c configuration usr_def conf DGS 1510 Firmware Version 1 30 003 Slot Model 1 DGS 1510 28P 2 3 DGS 1510 28P 4 DGS 1510 28P ip igmp snooping vlan 1 end Switch 29 6 rename This command is used to rename a file rename FILE URL1 FILE...

Страница 256: ...ORY NAME Parameters DIRECTORY NAME Specifies the name of the directory Default None Command Mode Privileged EXEC Mode Command Default Level Level 15 Usage Guideline Use this command to remove a directory in the working directory Example This example shows how to remove a directory called newdir under the current directory Switch rmdir newdir Remove directory newdir y n n y The directory is removed...

Страница 257: ... Mode Command Default Level Level 1 Usage Guideline Use this command to display the information of the storage media available on the system Example This example shows how to display the information of the storage media on all units Switch show storage media info Unit Drive Media Type Size FS Type Label 1 c FLASH 29M FFS 2 c FLASH 31M FFS 3 c FLASH 31M FFS Switch ...

Страница 258: ... port or a port channel vlan VLAN ID Specifies the VLAN ID The valid values are from 1 to 4094 Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline Using this command only clears dynamic MAC address entries Only the dynamic unicast address entry will be cleared Example This example shows how to remove the MAC address 00 08 00 70 00 07 from the dynamic MAC a...

Страница 259: ...on is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The source MAC address triggered update function is always enabled The hit bit of MAC address entries corresponding to the port that receives the packet will be updated based on the source MAC address and the VLAN of the packet When the user enables the destination MAC address triggered update func...

Страница 260: ... Guideline Use this commands to enable or disable MAC address learning on a physical port Example This example shows how to enable the MAC address learning option Switch configure terminal Switch config mac address table learning interface eth1 0 5 Switch config 30 5 mac address table notification change This command is used to enable or configure the MAC address notification function Use the no f...

Страница 261: ...ch config mac address table notification change history size 500 Switch config 30 6 mac address table static This command is used to add a static address to the MAC address table Use the no form of this command to remove a static MAC address entry from the table mac address table static MAC ADDR vlan VLAN ID interface INTERFACE ID drop no mac address table static all MAC ADDR vlan VLAN ID interfac...

Страница 262: ...e shows how to add the static address C2 F3 22 0A 22 33 to the MAC address table It also specifies that when any packet received on VLAN 4 that has a destination MAC address of C2 F3 22 0A 22 33 will be forwarded to port channel 2 Switch configure terminal Switch config interface range eth1 0 5 6 Switch config if range channel group 2 mode on Switch config if range exit Switch config mac address t...

Страница 263: ...ddress table dynamic static address MAC ADDR interface INTERFACE ID vlan VLAN ID Parameters dynamic Optional Specifies to display dynamic MAC address table entries only static Optional Specifies to display static MAC address table entries only address MAC ADDR Optional Specifies the 48 bit MAC address interface INTERFACE ID Optional Specifies to display information for a specific interface Valid i...

Страница 264: ...00 04 Static eth1 0 2 4 C2 F3 22 0A 12 F4 Static port channel2 6 00 01 00 02 00 07 Static eth1 0 1 6 00 01 00 02 00 10 Static Drop Total Entries 6 Switch This example shows how to display all the MAC address table entries for VLAN 1 Switch show mac address table vlan 1 VLAN MAC Address Type Ports 1 00 02 4B 28 C4 82 Static CPU 1 00 03 40 11 22 33 Dynamic eth1 0 2 Total Entries 2 Switch 30 9 show m...

Страница 265: ...mac address table learning interface INTERFACE ID Parameters INTERFACE ID Optional Specifies the interface to be display Optional Specifies a series of interfaces or separate a range of interfaces from a previous range No spaces before and after the comma Optional Specifies a range of interfaces No spaces before and after the hyphen Default None Command Mode EXEC Mode or Any Configuration Mode Com...

Страница 266: ...ontent show mac address table notification change interface INTERFACE ID history Parameters interface INTERFACE ID Optional Specifies the interface to display history Optional Specifies to display the MAC address notification change history Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline If no option is specified the global configuration ...

Страница 267: ...16 Disabled Disabled eth1 0 17 Disabled Disabled eth1 0 18 Disabled Disabled eth1 0 19 Disabled Disabled eth1 0 20 Disabled Disabled eth1 0 21 Disabled Disabled eth1 0 22 Disabled Disabled eth1 0 23 Disabled Disabled eth1 0 24 Disabled Disabled eth1 0 25 Disabled Disabled eth1 0 26 Disabled Disabled eth1 0 27 Disabled Disabled eth1 0 28 Disabled Disabled Switch This example shows how to display th...

Страница 268: ... show multicast filtering mode interface VLAN ID Parameters interface VLAN ID Optional Specifies the VLAN to display Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Example This example shows how to display the multicast filtering mode configuration for all VLANs Switch show multicast filtering mode Interface Layer 2 Multicast Filtering M...

Страница 269: ... the no form of this command to revert to the default setting snmp trap mac notification change added removed no snmp trap mac notification change added removed Parameters added Specifies to enable the MAC change notification when a MAC address is added on the interface removed Specifies to enable the MAC change notification when a MAC address is removed from the interface Default By default this ...

Страница 270: ...S 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 267 Switch configure terminal Switch config interface eth1 0 2 Switch config if snmp trap mac notification change added Switch config if ...

Страница 271: ...nterface a range of interfaces separated by a hyphen or a series of interfaces separated by comma Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline Use this command to clear the GVRP counters Example This example shows how to clear statistics for all interfaces Switch clear gvrp statistics all Switch 31 2 gvrp global This command is used to enable the GV...

Страница 272: ...ble Parameters None Default By default this option is disabled Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is available for both physical ports and port channel interface configuration This command only takes effect for hybrid mode and trunk mode Example This example shows how to enable the GVRP function on interface eth1 0 1 Switch configu...

Страница 273: ...e required before and after the hyphen Default By default no VLANs are advertised Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline The command is available for both physical ports and port channel interface configuration Administrators can use the gvrp advertise command to enable the specified VLANs GVRP advertise function on the specified interface The comm...

Страница 274: ...e port as a forbidden member of all VLANs gvrp forbidden all add remove VLAN ID no gvrp forbidden Parameters all Specifies that all VLANs except VLAN 1 are forbidden on the interface add Optional Specifies a VLAN or a list of VLANs to be added to the forbidden VLAN list remove Optional Specifies a VLAN or a list of VLANs to be removed from the forbidden VLAN list VLAN ID Optional Specified the for...

Страница 275: ...sed to configure the GVRP timer value on a port Use the no form of this command to revert the timer to the default setting gvrp timer join TIMER VALUE leave TIMER VALUE leave all TIMER VALUE no gvrp timer join leave leave all Parameters join Optional Specifies to set the timer for joining a group The unit is in a hundredth of a second leave Optional Specifies to set the timer for leaving a group T...

Страница 276: ...figuration If the interface ID is not specified all interfaces are displayed INTERFACE ID Optional Specifies the interfaces used to display the configuration Specify a single interface or a range of interfaces separated by a hyphen or a series of interfaces separated by comma Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command on...

Страница 277: ...AN 1 3 Forbidden VLAN 5 8 Switch 31 9 show gvrp statistics This command is used to display the statistics for a GVRP port show gvrp statistics interface INTERFACE ID Parameters INTERFACE ID Optional Specifies the interfaces Specify a single interface a range of interfaces separated by a hyphen or a series of interfaces separated by commas Default None Command Mode EXEC Mode or Any Configuration Mo...

Страница 278: ...nce Guide 275 Switch show gvrp statistics interface eth3 0 5 3 0 6 Port JoinEmpty JoinIn LeaveEmpty LeaveIn LeaveAll Empty eth3 0 5 RX 0 0 0 0 0 0 TX 4294967296 4294967296 4294967296 4294967296 4294967296 4294967296 eth3 0 6 RX 0 0 0 0 0 0 TX 0 0 0 0 0 0 Switch ...

Страница 279: ...l 12 Usage Guideline The system will learn gratuitous ARP packets in the ARP cache table by default Example This example shows how to disable the learning of gratuitous ARP request packets Switch configure terminal Switch config no ip arp gratuitous switch config 32 2 ip gratuitous arps This command is used to enable the transmission of gratuitous ARP request packets Use the no form of this comman...

Страница 280: ... ARP messages Switch configure terminal Switch config ip gratuitous arps dad reply switch config 32 3 arp gratuitous send This command is used to set the interval for regularly sending of gratuitous ARP request messages on the interface Use the no form of this command to disable this function on the interface arp gratuitous send interval SECONDS no arp gratuitous send Parameters SECONDS Specifies ...

Страница 281: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 278 ...

Страница 282: ...MP snooping statistics Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline This command is used to clear the IGMP snooping related statistics Example This example shows how to clear all IGMP Snooping statistics Switch clear ip igmp snooping statistics all Switch 33 2 ip igmp snooping This command is used to enable the IGMP snooping function on the Switch U...

Страница 283: ... snooping Switch config This example shows how to disable IGMP snooping on VLAN1 Switch configure terminal Switch config vlan 1 Switch config vlan no ip igmp snooping Switch config vlan 33 3 ip igmp snooping fast leave This command is used to configure IGMP Snooping fast leave on the interface Use the no form to disable the fast leave option on the specified interface ip igmp snooping fast leave n...

Страница 284: ...Guideline The command is only available for VLAN interface configuration On receiving an IGMP leave message the IGMP snooping querier will assume that there are no local members on the interface if there are no reports received after the response time Users can lower this interval to reduce the amount of time it takes a switch to detect the loss of the last member of a group Example This example s...

Страница 285: ...icast router port the valid interface can be a physical port or a port channel The specified multicast router port must be member port of the configured VLAN A multicast router port can be either dynamic learned or statically configured With the dynamic learning the IGMP snooping entity will learn IGMP PIM or DVMRP packet to identify a multicast router port Example This example shows how to add an...

Страница 286: ...command is used to enable the capability of the entity as an IGMP querier Use the no form of this command to disable the querier function ip igmp snooping querier no ip igmp snooping querier Parameters None Default By default this option is disabled Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is only available for VLAN interface configurati...

Страница 287: ...ages on the network larger values cause IGMP Queries to be sent less often Example This example shows how to configure the IGMP snooping query interval to 300 seconds on VLAN 1000 Switch configure terminal Switch config vlan 1000 Switch config vlan ip igmp snooping query interval 300 Switch config vlan 33 9 ip igmp snooping query max response time This command is used to configure the maximum resp...

Страница 288: ...ral query sent by the IGMP snooping querier Default By default this value is 3 Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is only available for VLAN interface configuration The query version number setting will affect the querier electing When configured to version 1 IGMP snooping will always act as the querier and will not initiate new qu...

Страница 289: ...time expired For report or leave messages to the same group only one report or leave message is forwarded The remaining report and leave messages are suppressed Example This example shows how to enable report suppression on VLAN 1 Switch configure terminal Switch config vlan 1 Switch config vlan ip igmp snooping report suppression Switch config vlan 33 12 ip igmp snooping robustness variable This ...

Страница 290: ...s expected to be loose Example This example shows how to configure the robustness variable to be 3 on interface VLAN 1000 Switch configure terminal Switch config vlan 1000 Switch config vlan ip igmp snooping robustness variable 3 Switch config vlan 33 13 ip igmp snooping static group This command is used to configure an IGMP snooping static group Use the no form of this command is used to delete a...

Страница 291: ...val of suppressing duplicates IGMP reports The range is from 1 to 300 Default By default this value is 10 seconds Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is only available for VLAN interface configuration The report suppression function will suppress the duplicate IGMP report or leave packets received in the suppression time interval A ...

Страница 292: ...al Switch config vlan 1 Switch config vlan ip igmp snooping minimum version 2 Switch config vlan This example shows how to restrict all IGMPv1 and IGMPv2 hosts disallowed to join VLAN 1 Switch configure terminal Switch config vlan 1 Switch config vlan ip igmp snooping minimum version 3 Switch config vlan This example shows how to remove the restriction configured on VLAN 1 Switch configure termina...

Страница 293: ...rier state Enabled Non active Query version v2 Query interval 300 seconds Max response time 20 seconds Robustness value 2 Last member query interval 3 seconds Proxy reporting Enabled Source 1 2 2 2 Switch 33 17 show ip igmp snooping groups This command is used to display IGMP snooping group information learned on the Switch show ip igmp snooping groups vlan VLAN ID IP ADDRESS Parameters vlan VLAN ...

Страница 294: ...w ip igmp snooping mrouter This command is used to display IGMP snooping router port information learned and configured on the Switch show ip igmp snooping mrouter vlan VLAN ID Parameters vlan VLAN ID Optional Specifies the VLAN If no VLAN is specified IGMP snooping information on all VLANs will be displayed of which IGMP snooping is enabled Default None Command Mode EXEC Mode or Any Configuration...

Страница 295: ...ers GROUP ADDRESS Optional Specifies the group IP address to be displayed vlan VLAN ID Optional Specifies the VLAN ID to be displayed Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays the IGMP snooping static group information Example This example shows how to display IGMP snooping static group information Switch show ...

Страница 296: ... Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays the IGMP snooping related statistics information Example This example shows how to display IGMP snooping statistics information Switch show ip igmp snooping statistics vlan 1 VLAN 1 Statistics IGMPv1 Rx Report 1 Query 0 IGMPv2 Rx Report 0 Query 0 Leave 0 IGMPv3 Rx Report 0 Query 0 ...

Страница 297: ...mand Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline Use this command to clear counters for a physical port interface Example This example shows how to clear the counters of interface eth1 0 1 Switch clear counters interface eth1 0 1 Switch 34 2 description This command is used to add a description to an interface description STRING no description Parameters STRING Specifi...

Страница 298: ...ault None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command enters the interface configuration mode for a specific interface The format of the interface number is dependent on the interface type For physical port interfaces the user cannot enter the interface if the Switch s port does not exist The physical port interface cannot be removed by the no...

Страница 299: ...D Specifies the physical port interface Optional Specifies the interface range by delimiting a list of interface IDs with commas No spaces are allowed before and after the comma Optional Specifies an interface range by delimiting the start and the ending interface numbers with a hyphen No spaces are allowed before and after the hyphen Default None Command Mode Global Configuration Mode Command Def...

Страница 300: ...s INTERFACE ID Specifies that the interface can be a physical port If no interface is specified counters of all interfaces will be displayed Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display the statistic counters for an interface Example This example shows how to display the counters for interface eth1 0 1 ...

Страница 301: ...9to2047Octets 0 rxHCPkt2048to4095Octets 0 rxHCPkt4096to9216Octets 0 txHCPkt64Octets 0 txHCPkt65to127Octets 0 txHCPkt128to255Octets 0 txHCPkt256to511Octets 348 txHCPkt512to1023Octets 0 txHCPkt1024to1518Octets 0 txHCPkt1519to1522Octets 0 txHCPkt1519to2047Octets 0 txHCPkt2048to4095Octets 0 txHCPkt4096to9216Octets 0 rxCRCAlignErrors 0 rxUndersizedPkts 0 rxOversizedPkts 0 rxFragmentPkts 0 rxJabbers 0 r...

Страница 302: ...nge 1 Switch 34 6 show interfaces This command is used to display the interface information show interfaces INTERFACE ID Parameters INTERFACE ID Optional Specifies that the interface can be a physical port VLAN or other Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline If no interface is specified all existing physical ports will be display...

Страница 303: ... duplex 1Gb s Maximum transmit unit 1536 bytes Rx rate 0 bytes sec TX rate 0 bytes sec RX bytes 116316 TX bytes 132495 RX rate 0 packets sec TX rate 0 packets sec RX packets 1213 TX packets 365 RX multicast 774 RX broadcast 439 RX CRC error 0 RX undersize 0 RX oversize 0 RX fragment 0 RX jabber 0 RX dropped Pkts 1212 RX MTU exceeded 0 TX CRC error 0 TX excessive deferral 0 TX single collision 0 TX...

Страница 304: ...interfaces ethernet 1 0 1 8 counters Port InOctets InMcastPkts InUcastPkts InBcastPkts eth1 0 1 1834520 629 9234 338 eth1 0 2 0 0 0 0 eth1 0 3 0 0 0 0 eth1 0 4 0 0 0 0 eth1 0 5 0 0 0 0 eth1 0 6 0 0 0 0 eth1 0 7 0 0 0 0 eth1 0 8 0 0 0 0 Port OutOctets OutMcastPkts OutUcastPkts OutBcastPkts eth1 0 1 5387265 0 9381 0 eth1 0 2 0 0 0 0 eth1 0 3 0 0 0 0 eth1 0 4 0 0 0 0 eth1 0 5 0 0 0 0 eth1 0 6 0 0 0 0...

Страница 305: ...0 0 0 0 0 0 eth2 0 2 0 0 0 0 0 0 0 eth2 0 3 0 0 0 0 0 0 0 eth2 0 4 0 0 0 0 0 0 0 eth2 0 5 0 0 0 0 0 0 0 eth2 0 6 0 0 0 0 0 0 0 eth2 0 7 0 0 0 0 0 0 0 eth2 0 8 0 0 0 0 0 0 0 eth3 0 1 0 0 0 0 0 0 0 eth3 0 2 0 0 0 0 0 0 0 eth3 0 3 0 0 0 0 0 0 0 eth3 0 4 0 0 0 0 0 0 0 Port Giants Symbol Err SQETest Err DeferredTx IntMacTx IntMacRx eth2 0 1 0 0 0 0 0 0 0 eth2 0 2 0 0 0 0 0 0 0 eth2 0 3 0 0 0 0 0 0 0 et...

Страница 306: ... 1000BASE T eth1 0 2 not connected 1 auto auto 1000BASE T eth1 0 3 not connected 1 auto auto 1000BASE T eth1 0 4 not connected 1 auto auto 1000BASE T eth1 0 5 not connected 1 auto auto 1000BASE T eth1 0 6 not connected 1 auto auto 1000BASE T eth1 0 7 not connected 1 auto auto 1000BASE T eth1 0 8 connected trunk a full a 1000 1000BASE T eth3 0 1 connected 2 a full a 1000 1000BASE T eth3 0 2 not con...

Страница 307: ... 5 0 0 0 eth1 0 6 0 0 0 eth1 0 7 0 0 0 eth1 0 8 0 0 0 Total Entries 8 Switch 34 10 show interfaces auto negotiation This command is used to display detailed auto negotiation information of physical port interfaces show interfaces INTERFACE ID auto negotiation Parameters auto negotiation Specifies to display detailed auto negotiation information INTERFACE ID Optional Specifies the interface ID If n...

Страница 308: ...utdown This command is used to disable an interface Use the no form of this command to enable an interface shutdown no shutdown Parameters None Default By default this option is no shutdown Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline The physical port is valid for this configuration This command is also configurable for port channel member ports The com...

Страница 309: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 306 Switch configure terminal Switch config interface eth1 0 1 Switch config if shutdown ...

Страница 310: ...at the port will be validated via the port ACL Port ACL is a hardware mechanism and its entry can come from either a manual configured entry or the DHCP snooping binding database The packet that fails to pass the validation will be dropped There are two types of validations If the option ip mac is not specified the validation is based on the source IP address and VLAN check only If the option ip m...

Страница 311: ... specified for the command must exactly match the configured parameters to be deleted If the MAC address and the VLAN for the configured entry already exist the existing binding entry is updated The interface specified for the command can be a physical port or a port channel interface Example This example shows how to configure an IP Source Guard entry with the IP address 10 1 1 1 and MAC address ...

Страница 312: ...pecifies a series of interfaces or separate a range of interfaces from a previous range No spaces are allowed before and after the comma Optional Specifies a range of interfaces No spaces are allowed before and after the hyphen Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline IP source guard binding entries are either manually configured o...

Страница 313: ...rs MAC Address The client s hardware MAC address IP Address The client s IP address assigned from the DHCP server or configured by the user Lease sec The IP address lease time Type The binding type Static bindings are configured manually Dynamic binding are learned from DHCP snooping VLAN The VLAN number of the client interface Interface The interface that connects to the DHCP client host 35 4 sho...

Страница 314: ... MAC and an existing IP MAC that binds IP address 10 1 1 10 to MAC address 00 01 01 01 01 01 on VLAN 100 and IP address 10 1 1 11 to MAC address 00 01 01 01 01 10 on VLAN 101 Switch show ip verify source interface eth3 0 3 Interface Filter type Filter mode IP address MAC address VLAN eth3 0 3 ip mac active 10 1 1 10 00 01 01 01 01 01 100 eth3 0 3 ip mac active 10 1 1 11 00 01 01 01 01 10 101 eth3 ...

Страница 315: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 312 VLAN The VLAN number of the client interface ...

Страница 316: ...address used for the ping packet The specified IP address must one of the IP address configured for the Switch The destination address and the source IP must be the same type of address both are IPv4 or IPv6 Default If the timeout parameter is not specified the timeout value will be 1 second Command Mode EXEC Mode Command Default Level Level 1 Usage Guideline Use this command to verify the reachab...

Страница 317: ... IPv6 address IPV6 ADDRESS Specifies the IPv6 address of the system to discover HOST NAME Specifies the host name of the system to discover probe NUMBER Optional Specifies to stop after sending the specified number of datagrams The value must be between 1 and 9 timeout SECONDS Optional Specifies response timeout value in seconds max ttl TTL Optional Specifies the maximum TTL value for outgoing UDP...

Страница 318: ...ermine when a datagram has reached its destination traceroute sets the UDP destination port in the datagram to a very large value that the destination host is unlikely to be using When a host receives a datagram with an unrecognized port number it sends an ICMP port unreachable error to the source This message indicates to the traceroute facility that it has reached the destination Example This ex...

Страница 319: ... be greater than or equal to 2 Example This example shows how to add the helper address 172 50 71 123 for VLAN 100 Switch configure terminal Switch config interface vlan 100 Switch config if ip helper address 172 50 71 123 Switch config if 36 4 ip forward protocol This command is used to enable the forwarding of the UDP packets Use the no form of this command to ip forward protocol udp PORT no ip ...

Страница 320: ...ard protocol udp 53 Switch config 36 5 show ip helper address This command is used to display the UDP helper address show ip helper address INTERFACE ID Parameters INTERFACE ID Optional Specifies to display for the specified VLAN interface Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display all target addresses for...

Страница 321: ...XEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to show all specified UDP ports Example This example shows how to display all specified UDP ports Switch show ip forward protocol udp Application UDP Port Time Service 37 IEN 116 Name Service 42 TACACS 49 TFTP 69 NetBIOS NS 137 NetBIOS DS 138 Switch ...

Страница 322: ...d Default Level Level 12 Usage Guideline Use the command to delete the IMPB violation entry from the filtering database Example This example shows how to clear the entry blocked on interface eth1 0 4 Switch clear ip ip mac port binding violation interface eth1 0 4 Switch 37 2 ip ip mac port binding This command is used to enable the IMPB access control for port interfaces Use the no form of this c...

Страница 323: ...ard static binding entry or the DHCP snooping learned dynamic binding entry Example This example shows how to enable the strict mode IMPB access control on eth3 0 10 Switch configure terminal Switch config interface eth3 0 10 Switch config if ip ip mac port binding strict Switch config if 37 3 show ip ip mac port binding This command is used to display the IMPB configuration settings or the entrie...

Страница 324: ...eth3 0 2 Strict eth3 0 3 Loose eth3 0 4 Loose Total Entries 4 Switch 37 4 snmp server enable traps ip mac port binding This command is used to enable the sending of the SNMP notifications for IP MAC Port Binding Use the no form of this command to disable sending SNMP notifications snmp server enable traps ip mac port binding no snmp server enable traps ip mac port binding Parameters None Default B...

Страница 325: ...bit Ethernet SmartPro Switch CLI Reference Guide 322 This example shows how to enable sending traps for IP MAC Port Binding Switch configure terminal Switch config snmp server enable traps ip mac port binding Switch config ...

Страница 326: ...e an IPv6 snooping policy After an IPv6 snooping policy has been created use the ipv6 snooping attach policy command to apply the policy on a specific interface Example This example shows how to create an IPv6 snooping policy named policy1 Switch configure terminal Switch config ipv6 snooping policy policy1 Switch config ipv6 snooping 38 2 protocol This command is used to specify that addresses sh...

Страница 327: ...oping Switch configure terminal Switch config ipv6 snooping policy policy1 Switch config ipv6 snooping protocol dhcp Switch config ipv6 snooping 38 3 limit address count This command is used to limit the maximum number of IPv6 snooping binding entries Use the no form of this command to revert to the default setting limit address count MAXIMUM no limit address count Parameters MAXIMUM Specifies the...

Страница 328: ...ommand to apply the policy on a specific VLAN Example This example shows how to enable IPv6 snooping on VLAN 200 Switch configure terminal Switch config ipv6 snooping policy policy1 Switch config ipv6 snooping limit address count 100 Switch config ipv6 snooping exit Switch config vlan 200 Switch config vlan ipv6 snooping attach policy policy1 Switch config vlan 38 5 ipv6 snooping station move deny...

Страница 329: ...6 show ipv6 snooping policy This command is used to display DHCPv6 guard information show ipv6 snooping policy POLICY NAME Parameters POLICY NAME Optional Specifies the DHCPv6 guard policy name Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline If the policy name is specified only the specified policy information is displayed If the policy n...

Страница 330: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 327 Target VLAN The name of the target The target is a VLAN list ...

Страница 331: ...r of the manual binding entry Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The command is used to set the static manual binding entry of the binding table Example This example shows how to configure an IPv6 Source Guard entry with the IPv6 address of 2000 1 and MAC address of 00 01 02 03 04 05 at VLAN 2 on interface eth3 10 Switch configure ter...

Страница 332: ...gured traffic Use the no form of this command to disable this function deny global autoconfig no deny global autoconfig Parameters None Default By default this option is permitted Command Mode Source guard Policy Configuration Mode Command Default Level Level 12 Usage Guideline The command is used to deny data traffic from auto configured global address It is useful when all global addresses on a ...

Страница 333: ...t is send by the link local address Switch configure terminal Switch config ipv6 source guard policy policy1 Switch config source guard permit link local Switch config source guard 39 5 ipv6 source guard attach policy This command is used to apply IPv6 source guard on an interface Use the no form of this command to remove this source guard from the interface ipv6 source guard attach policy POLICY ...

Страница 334: ...source guard policy This command is used to display the IPv6 source guard policy configuration show ipv6 source guard policy POLICY NAME Parameters POLICY NAME Specifies the name of the source guard policy Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline The command is used to display the IPv6 source guard policy configuration If the polic...

Страница 335: ...fied entries of the binding table Switch show ipv6 neighbor binding Codes D DHCPv6 Snooping S Static N ND Snooping IPv6 address MAC address Interface VLAN Time left N FE80 A8BB CCFF FE01 F500 AABB CC01 F500 eth0 0 100 8850 S FE80 21D 71FF FE99 4900 001D 7199 4900 eth0 1 100 N A N 2001 600 1 AABB CC01 F500 eth0 0 100 3181 D 2001 300 1 AABB CC01 F500 port channel3 100 9559 D 2001 100 2 AABB CC01 F60...

Страница 336: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 333 ...

Страница 337: ...e via a RADIUS server through PAP mschap Specifies that the authentication will be done via a RADIUS server through MS CHAP mschapv2 Specifies that the authentication will be done via a RADIUS server through MS CHAPv2 Default By default the JWAC authentication method is PAP Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to specify the RAD...

Страница 338: ...ath http www website2 com Switch config jwac redirect destination jwac login page Switch config jwac system auth control Switch config interface eth1 0 1 Switch config if jwac enable Switch config if 40 3 jwac forcible logout This command is used to enable the JWAC forcible logout function Use the no form of this command to disable the JWAC forcible logout function jwac forcible logout no jwac for...

Страница 339: ... this value is 100 Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to configure the maximum authenticating user number for JWAC on the specified interface Example This example shows how to configure the maximum authenticating user number for JWAC to 10 on interface eth1 0 1 Switch configure terminal Switch config interface eth1 0 1 Swit...

Страница 340: ...INE NUMBER title STRING no jwac page element japanese english page title login window title username title password title logout window title copyright line Parameters japanese Specifies to configure Japanese page element english Specifies to configure English page element page title STRING Specifies the title of the JWAC authentication page The maximum number can be up to 128 characters login win...

Страница 341: ...any Switch configure terminal Switch config jwac page element english page title Company Switch config This example shows how to configure the two line copyright information at the bottom of the authentication page with Line 1 Copyright 2015 All Rights Reserved Line 2 Site http support website com Switch configure terminal Switch config jwac page element english copyright line 1 title Copyright 20...

Страница 342: ...tch config jwac quarantine server url ipv4 http 10 90 90 88 authpage html Switch config This example shows how to configure the JWAC quarantine server URL to be http 3000 2 authpage html Switch configure terminal Switch config jwac quarantine server url ipv6 http 3000 2 authpage html Switch config 40 8 jwac quarantine server monitor This command is used to enable the JWAC Quarantine server monitor...

Страница 343: ...er monitor is enabled the JWAC switch will periodically check if the Quarantine server works If the switch does not receive any response from the Quarantine server during the configured error timeout period the switch will regard it as working improperly Example This example shows how to configure the JWAC Quarantine server error timeout period to 60 seconds Switch configure terminal Switch config...

Страница 344: ... redirecting to the quarantine server is specified a quarantine server must be configured first before enabling the JWAC function globally When redirect is disabled all Web access is denied except for access to the quarantine server or JWAC login page Example This example shows how to enable the JWAC redirect function Switch configure terminal Switch config jwac redirect Switch config This example...

Страница 345: ...TH tcp NUMBER udp NUMBER Parameters IPV4 PREFIX PREFIX LENGTH Specifies the IPv4 network address for the update server network IPV6 PREFIX PREFIX LENGTH Specifies the IPv6 network address for the update server network tcp NUMBER Optional Specifies the accessible TCP port number for the specified update server network udp NUMBER Optional Specifies the accessible UDP port number for the specified up...

Страница 346: ...Mode Command Default Level Level 12 Usage Guideline When the UDP filtering feature is enabled all UDP and ICMP packets except for DHCP and DNS packets from unauthenticated hosts will be dropped Example This example shows how to enable the JWAC UDP filtering function Switch configure terminal Switch config jwac udp filtering Switch config 40 14 jwac virtual ip This command is used to configure the ...

Страница 347: ...kes effect when the virtual IP address is configured The users get the FQDN URL stored on the DNS server to get the virtual IP address The obtained IP address must match the virtual IP address configured by the command If the IPv4 virtual IP is not configured the IPv4 access cannot start JWAC authentication If the IPv6 virtual IP is not configured the IPv6 access cannot start a JWAC authentication...

Страница 348: ...alue is 1536 bytes Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is available for physical ports configuration Oversize frames will be dropped and checks are carried out on ingress ports Use this command to transfer large frames or jumbo frames through the switch system to optimize server to server performance Example This example shows how t...

Страница 349: ...oins a channel group An interface can only join one channel group If the mode on is specified in the command the channel group type is static If the mode active or passive is specified in the command the channel group type is LACP A channel group can only consist of either static members or LACP members Once the type of channel group has been determined other types of interfaces cannot join the ch...

Страница 350: ... Example This example shows how to configure the port priority to 20000 on interfaces 1 0 4 to 1 0 5 Switch configure terminal Switch config interface range eth1 0 4 1 0 5 Switch config if lacp port priority 20000 Switch config if 42 3 lacp timeout This command is used to configure the LACP long or short timer Use the no form of this command to return to the default value lacp timeout short long n...

Страница 351: ...35 Default The default LACP system priority is 32768 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline During LACP negotiation the system priority and port priority of the local partner will be exchanged with the remote partner When the maximum number of actual members exceeds the limitation the Switch will use port priority to determine whether a port is operat...

Страница 352: ... Switch should examine the MAC source and MAC destination address src ip Specifies that the Switch should examine the IP source address src mac Specifies that the Switch should examine the MAC source address Default The default load balance algorithm is src mac Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to specify the load balance algorit...

Страница 353: ... will be displayed Example This example shows how to display the detailed information of all port channels Switch show channel group channel detail Flag S Port is requesting Slow LACPDUs F Port is requesting fast LACPDU A Port is in active mode P Port is in passive mode LACP state bndl Port is attached to an aggregator and bundled with other ports hot sby Port is in a hot standby state indep Port ...

Страница 354: ...eth1 0 2 32768 00 07 eb 49 5e 80 13 SP 32768 Switch This example shows how to display the load balance information for all channel groups Switch show channel group load balance load balance algorithm src dst mac Switch This example shows how to display the system identifier information Switch show channel group sys id System ID 32765 00 02 4b 29 3a 00 Switch This example shows how to display the s...

Страница 355: ...de Privileged EXEC Mode Command Default Level Level 12 Usage Guideline Use this command with the interface keyword to reset LLDP statistics of the specified interface s If the command clear lldp counters is issued with the all keyword to clear global LLDP statistics and the LLDP statistics on all interfaces When no optional keyword is selected only the LLDP global counters will be cleared Example ...

Страница 356: ...AN ID protocol identity PROTOCOL NAME Parameters port vlan Specifies the port VLAN ID TLV to send The Port VLAN ID TLV is an optional fixed length TLV that allows a VLAN bridge port to advertise the port s VLAN identifier PVID that will be associated with untagged or priority tagged frames protocol vlan Specifies the Port and Protocol VLAN ID PPVID TLV to send The PPVID TLV is an optional TLV that...

Страница 357: ...V optional data type indicates whether to advertise the corresponding local system s protocol identity instance on the port The protocol identity TLV provides a way for devices to advertise protocols that are important to the operation of the network For example protocols like Spanning Tree Protocol Link Aggregation Control Protocol and numerous vendor proprietary variations are responsible for ma...

Страница 358: ...ate settings of the sending IEEE 802 3 LAN node link aggregation Optional Specifies the Link Aggregation TLV to send The Link Aggregation TLV indicates contains the following information Whether the link is capable of being aggregated whether the link is currently in an aggregation and the aggregated port channel ID of the port If the port is not aggregated then the ID is 0 power Optional Specifie...

Страница 359: ...ust be between 1 and 10 Default By default this value is 4 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline When an LLDP MED Capabilities TLV is detected the application layer will start the fast start mechanism This command is used to configure the fast start repeat count which indicates the number of LLDP message transmissions for one complete fast start inte...

Страница 360: ... multiplier 3 Switch config 43 7 lldp management address This command is used to configure the management address that will be advertised on the physical interface Use the no form of this command to remove the settings lldp management address IP ADDRESS IPV6 ADDRESS no lldp management address IP ADDRESS IPV6 ADDRESS Parameters IP ADDRESS Optional Specifies the IPv4 address that is carried in the m...

Страница 361: ...range This example shows how to enable eth3 0 3 and eth3 0 4 for setting the management address entry IPv6 Switch configure terminal Switch config interface range eth3 0 3 3 0 4 Switch config if range lldp management address FE80 250 A2FF FEBF A056 Switch config if range This example shows how to delete the management address 10 1 1 1 from eth3 0 1 and eth3 0 2 If 10 1 1 1 is the last one no Manag...

Страница 362: ...sical port configuration This command is used to enable or disable transmitting LLDP MED TLVs When disabling the transmission of the Capabilities TLV LLDP MED on the physical interface will be disabled at the same time In other words all LLDP MED TLVs will not be sent even when other LLDP MED TLVs are enabled to transmit By default the Switch only sends LLDP packets until it receives LLDP MED pack...

Страница 363: ... lldp reinit This command is used to configure the minimum time of re initialization the delay interval on the Switch Use the no form of this command to revert to the default setting lldp reinit SECONDS no lldp reinit Parameters SECONDS Specifies the delay value for LLDP initialization on an interface This value must be between 1 and 10 seconds Default By default this value is 2 seconds Command Mo...

Страница 364: ...mit command and the lldp receive command in the interface configuration mode LLDP takes effect on a physical interface only when it is enabled both globally and on the physical interface By advertising LLDP packets the Switch announces the information to its neighbor through physical interfaces On the other hand the Switch will learn the connectivity and management information from the LLDP packet...

Страница 365: ... TLV allows network management to advertise the IEEE 802 LAN station s port description system capabilities Optional Specifies the system capabilities TLV to send The system capabilities field will contain a bit map of the capabilities that defines the primary functions of the system system description Optional Specifies the system description TLV to send The system description should include the ...

Страница 366: ...it is enabled on all supported interfaces Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is available for physical port configuration This command is used to enable LLDP transmission on a physical interface When LLDP is not running the Switch doesn t transmit LLDP messages Example This example shows how to enable LLDP transmission Switch confi...

Страница 367: ...he transmission delay timer to 8 seconds Switch configure terminal Switch config lldp tx delay 8 Switch config 43 16 lldp tx interval This command is used to configure the LLDPDUs transmission interval on the Switch Use the no form of this command to revert to the default setting lldp tx interval SECONDS no lldp tx interval Parameters SECONDS Specifies the interval between consecutive transmission...

Страница 368: ...Use the snmp server enable traps lldp command to enable the sending of LLDP notifications Use the snmp server enable traps lldp med command to enable the sending of LLDP MED notifications Example This example shows how to enable the LLDP MED trap Switch configure terminal Switch config snmp server enable traps lldp med Switch config 43 18 lldp notification enable This command is used to enable the...

Страница 369: ...subtype of the port ID TLV mac address Specifies the subtype of the port ID TLV to MAC Address 3 and the field of port ID will be encoded with the MAC address local Specifies the subtype of the port ID TLV to use Locally assigned 7 and the field of port ID will be encoded with the port number Default The subtype of port ID TLV is local port number Command Mode Interface Configuration Mode Command ...

Страница 370: ...bit Ethernet SmartPro Switch System Capabilities Supported Repeater Bridge System Capabilities Enabled Repeater Bridge LLDP MED System Information Device Class Network Connectivity Device Hardware Revision A1 Firmware Revision 1 00 012 Software Revision 1 30 003 Serial Number Manufacturer Name D Link Corporation Model Name DGS 1510 28XMP Gigabit Ethernet Asset ID PoE Device Type PSE Device PoE PSE...

Страница 371: ...a series of physical interfaces No spaces before and after the comma Optional Specifies a range of physical interfaces No spaces before and after the hyphen Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays the LLDP information of each physical interface Example This example shows how to display a specific physical int...

Страница 372: ... Extended Power Via MDI PSE TLV Disabled LLDP MED Inventory TLV Disabled Switch Display Parameters Enabled Management Address Displays the enabled IPv4 IPv6 addresses The indicated string None means that the user did not configure the management address with the lldp management address command or the enabled default IPv4 and IPv6 addresses are not applicable Enabled Port and Protocol VLAN ID This ...

Страница 373: ...range No spaces before and after the comma Optional Specifies a range of interfaces No spaces before and after the hyphen brief Optional Specifies to display the information in brief mode detail Optional Specifies to display the information in detailed mode If neither brief nor detail is specified display the information in the normal mode Default None Command Mode EXEC Mode or Any Configuration M...

Страница 374: ...C q Quit SPACE n Next Page ENTER Next Entry a All This example shows how to display the local information of port 1 in normal mode Switch show lldp local interface ethernet 1 0 1 Port ID eth1 0 1 Port ID Subtype Local Port ID eth1 0 1 Port Description D Link Corporation DGS 1510 28XMP 1 30 003 Port 1 on Unit 1 Port PVID 1 Management Address Count 2 PPVID Entries Count 0 VLAN Name Entries Count 1 P...

Страница 375: ...ement address information show lldp management address IP ADDRESS IPV6 ADDRESS Parameters IP ADDRESS Optional Specifies to display the LLDP management information for a specific IPv4 address IPV6 ADDRESS Optional Specifies to display the LLDP management information for a specific IPv6 address Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guidelin...

Страница 376: ...neighbors interface INTERFACE ID brief detail Parameters INTERFACE ID Specifies the interface ID Optional Specifies a series of interfaces or separate a range of interfaces from a previous range No spaces before and after the comma Optional Specifies a range of interfaces No spaces before and after the hyphen brief Optional Specifies to display the information in brief mode detail Optional Specifi...

Страница 377: ...t 0 None Port VLAN ID 0 PPVID Entries Count 0 None VLAN Name Entries Count 0 None Protocol ID Entries Count 0 None MAC PHY Configuration Status None Power Via MDI None Link Aggregation None Maximum Frame Size 0 Unknown TLVs Count 0 None LLDP MED capabilities LLDP MED device class Endpoint device class III LLDP MED capabilities support LLDP MED capabilities Support Network Policy Support Location i...

Страница 378: ... Protocol ID Entries Count 2 MAC PHY Configuration Status See Detail Power Via MDI See Detail Link Aggregation See Detail Maximum Frame Size 1536 LLDP MED capabilities See Detail Network policy See Detail Extended Power Via MDI See Detail Inventory Management See Detail Unknown TLVs Count 2 Entity 2 Chassis ID Subtype MAC Address Chassis ID 00 01 02 03 04 02 Port ID Subtype Local Port ID eth2 0 1 ...

Страница 379: ... Chassis ID Subtype MAC Address Chassis ID 00 01 02 03 04 02 Port ID Subtype Local Port ID eth4 0 1 Port Description RMON Port 1 on Unit 4 Port ID eth3 0 2 Remote Entities Count 3 Entity 1 Chassis ID Subtype MAC Address Chassis ID 00 01 02 03 04 03 Port ID Subtype Local Port ID eth2 0 1 Port Description RMON Port 2 on Unit 1 Entity 2 Chassis ID Subtype MAC Address Chassis ID 00 01 02 03 04 04 Port...

Страница 380: ...ge Time The amount of time since the last update to the remote table in days hours minutes and seconds Total Inserts Total number of inserts to the remote data table Total Deletes Total number of deletes from the remote data table Total Drops Total number of times the complete remote data received was not inserted due to insufficient resources Total Ageouts Total number of times a complete remote ...

Страница 381: ...s 0 Total Discards 0 Total Errors 0 Total Receives 0 Total TLV Discards 0 Total TLV Unknowns 0 Total Ageouts 0 Switch Display Parameters Total Transmits The total number of LLDP packets transmitted on the port Total Discards The total number of LLDP frames discarded on the port for any reason Total Errors The number of invalid LLDP frames received on the port Total Receives The total number of LLD...

Страница 382: ... port will periodically send VLAN based LBD packets for each VLAN that the port has membership of the VLAN is enabled for loop detection If the port is a tagged member of the detecting VLAN tagged LBD packets are sent If the port is an untagged member of the detecting VLAN untagged LBD packets are sent If there is a loop occurrence on the VLAN path then packet transmitting and receiving will be te...

Страница 383: ...abled Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to enable the loopback detection function on an interface This command is available for port and port channel interface configuration Example This example shows how to enable the loopback detection function on interface eth3 0 1 Switch configure terminal Switch config interface eth3 0 1 ...

Страница 384: ...tection vlan VLAN LIST Parameters VLAN LIST Specifies the VLAN identification number numbers or range of numbers to be matched Enter one or more VLAN values separated by commas or hyphens for a range list Default By default this option is enabled for all VLANs Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to configure the list of VLANs that ...

Страница 385: ... and after the comma Optional Specifies a range of interfaces No spaces are allowed before and after the hyphen Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display the loopback detection setting and status Example This example shows how to displays the current loopback detection settings and status Switch show loop...

Страница 386: ... detected Time Left The remaining time before being auto recovered 44 6 snmp server enable traps loopback detection This command is used to enable the sending SNMP notifications of loopback detection Use the no form of this command to revert to the default setting snmp server enable traps loopback detection no snmp server enable traps loopback detection Parameters None Default By default this opti...

Страница 387: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 384 Switch configure terminal Switch config snmp server enable traps loopback detection Switch config ...

Страница 388: ...user by MAC address when the user is trying to access the network via the Switch The Switch itself can perform the authentication based on a local database or be a RADIUS client and perform the authentication process via the RADIUS protocol with a remote RADIUS server Example This example shows how to enable MAC authentication globally Switch configure terminal Switch config mac auth system auth c...

Страница 389: ... the no form of this command to reset the password to the default setting mac auth password 0 7 STRING no mac auth password Parameters 0 Optional Specifies the password in the clear text form If neither 0 nor 7 are specified the default form will be clear text 7 Optional Specifies the password in the encrypted form If neither 0 nor 7 are specified the default form will be clear text password STRIN...

Страница 390: ...fault Level Level 12 Usage Guideline This command is used to configure the username used in the authentication of MAC address users The username is used in the authentication via both the local database and remote servers If the command is not configured the username for authentication of the MAC address user is formatted based on the MAC address Example This example shows how to configure the use...

Страница 391: ...n Mode Command Default Level Level 12 Usage Guideline Use this command to enable or disable sending SNMP notifications for MAC authentication Example This example shows how to enable sending trap for MAC authentication Switch configure terminal Switch config snmp server enable traps mac auth Switch config ...

Страница 392: ...are valid as destination interfaces for monitor sessions For a monitor session multiple source interfaces can be specified but only one destination interface can be specified An interface cannot be a source interface of one session and destination port of another session simultaneously An interface can be configured as the destination interface of multiple sessions but it can be a source interface...

Страница 393: ...sage Guideline Both physical ports and port channels are valid as source interfaces of monitor sessions For a monitor session multiple source interfaces can be specified but only one destination interface can be specified An interface cannot be a source interface of one session and destination port of another session simultaneously An interface can be configured as destination interface of multipl...

Страница 394: ... the session number 2 It assigns the MAC access list MAC Monitored flow as the monitor source Switch configure terminal Switch config monitor session 2 destination interface ethernet1 0 1 Switch config monitor session 2 source acl MAC Monitored flow Switch config 46 4 show monitor session This command is used to display all or a specific port mirroring session show monitor session SESSION NUMBER P...

Страница 395: ...de 392 Switch show monitor session 1 Session 1 Session Type local session Destination Port Ethernet1 0 1 Source Ports Both Ethernet1 0 2 only for TX forwarding Ethernet1 0 3 only for TX forwarding Ethernet1 0 4 RX Ethernet1 0 5 TX Ethernet1 0 7 Total Entries 1 Switch ...

Страница 396: ...s are cleared interface INTERFACE ID Specifies the interface used Default None Command Mode Privilege EXEC Mode Command Default Level Level 12 Usage Guideline This command is used to clear the statistic counter of the Switch Example This example shows how to clear all MLD snooping statistics Switch clear ipv6 mld snooping statistics all Switch 47 2 ipv6 mld snooping This command is used to enable ...

Страница 397: ...MLD snooping on VLAN 1 Switch configure terminal Switch config vlan 1 Switch config vlan ipv6 mld snooping Switch config vlan 47 3 ipv6 mld snooping fast leave This command is used to configure MLD snooping fast leave on the interface Use the no form of this command to disable the fast leave option on the specified interface ipv6 mld snooping fast leave no ipv6 mld snooping fast leave Parameters N...

Страница 398: ...nly available for VLAN interface configuration On receiving an MLD done message the MLD snooping querier will assume that there are no local members on the interface if there are no reports received after the response time Users can lower this interval to reduce the amount of time it takes a switch to detect the loss of the last member of a group Example This example shows how to configure the las...

Страница 399: ...e configured VLAN The multicast router port can be either dynamically learned or statically configured into an MLD snooping entity With the dynamic learning the MLD snooping entity will listen to MLD and PIMv6 packet to identify whether the partner device is a router Example This example shows how to configure eth2 0 1 as an MLD snooping multicast router port and eth1 0 2 as an MLD snooping forbid...

Страница 400: ... how to enable MLD snooping proxy reporting on VLAN 1 Switch configure terminal Switch config vlan 1 Switch config vlan ipv6 mld snooping proxy reporting Switch config vlan 47 7 ipv6 mld snooping querier This command is used to enable the MLD snooping querier on the Switch Use the no form of this command to disable the MLD snooping querier function ipv6 mld snooping querier no ipv6 mld snooping qu...

Страница 401: ...is 125 seconds Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline The command is only available for VLAN interface configuration The query interval is the interval between General Queries sent by the Querier By varying the query interval an administrator may tune the number of MLD messages on the network larger values cause MLD Queries to be sent less often Ex...

Страница 402: ...rminal Switch config vlan 1000 Switch config vlan ipv6 mld snooping query max response time 20 Switch config vlan 47 10 ipv6 mld snooping query version This command is used to configure the general query packet version sent by the MLD snooping querier Use the no form of this command to revert to the default setting ipv6 mld snooping query version 1 2 no ipv6 mld snooping query version Parameters 1...

Страница 403: ...nly works for MLDv1 traffic When report suppression is enabled the Switch suppresses the duplicate reports sent by hosts The suppression for the same group report or leave will continue until the suppression time expired For report or leave messages to the same group only one report or leave message is forwarded The remaining report and leave messages are suppressed Example This example shows how ...

Страница 404: ...esponse interval Last listener query count The number of group specific queries sent before the router assumes there are no local listeners of a group The default number is the value of the robustness variable User can increase this value if a subnet is expected to be loose Example This example shows how to configure the robustness variable to be 3 on interface VLAN 1000 Switch configure terminal ...

Страница 405: ...ipv6 mld snooping suppression time SECONDS no ipv6 mld snooping suppression time Parameters SECONDS Specifies to configure the interval of suppressing duplicates MLD reports The range is 1 to 300 Default By default this value is 10 seconds Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline The command is only available for VLAN interface configuration Report s...

Страница 406: ... MLDv1 hosts to join VLAN 1 Switch configure terminal Switch config vlan 1 Switch config vlan ipv6 mld snooping minimum version 2 Switch config vlan 47 16 show ipv6 mld snooping This command is used to display MLD snooping information on the Switch show ipv6 mld snooping vlan VLAN ID Parameters vlan VLAN ID Optional Specifies the VLAN to be displayed Default None Command Mode EXEC Mode or Any Conf...

Страница 407: ...tries 1 Switch 47 17 show ipv6 mld snooping groups This command is used to display MLD snooping group related information learned on the Switch show ipv6 mld snooping groups IPV6 ADDRESS vlan VLAN ID Parameters IPV6 ADDRESS Optional Specifies the group IPv6 address If no IPv6 address is specified all MLD group information will be displayed vlan VLAN ID Optional Specifies the VLAN interface If no i...

Страница 408: ...snooping multicast router port information automatically learned or manually configured on the Switch show ipv6 mld snooping mrouter vlan VLAN ID Parameters vlan VLAN ID Optional Specifies the VLAN If no VLAN is specified MLD snooping Multicast Router Information on all VLANs will be displayed Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideli...

Страница 409: ...pv6 mld snooping static group GROUP ADDRESS vlan VLAN ID Parameters GROUP ADDRESS Specifies the group IPv6 address to be displayed vlan VLAN ID Specifies the VLAN ID to be displayed Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays the MLD snooping static group information Example This example shows how to display MLD ...

Страница 410: ...vel Level 1 Usage Guideline This command displays the MLD snooping related statistics information Example This example shows how to display MLD snooping statistics information Switch show ipv6 mld snooping statistics interface Interface eth4 0 1 Rx V1Report 1 v2Report 2 Query 1 v1Done 2 Tx v1Report 1 v2Report 2 Query 1 v1Done 2 Interface eth4 0 3 Rx V1Report 0 v2Report 0 Query 0 v1Done 0 Tx v1Repo...

Страница 411: ...interfaces from a previous range No space is allowed before and after the comma Optional Specifies a range of VLAN No space is allowed before and after the hyphen Default None Command Mode MST Configuration Mode Command Default Level Level 12 Usage Guideline Any unmapped VLAN is mapped to the CIST instance When mapping the VLANs to an instance if the instance doesn t exist this instance will be cr...

Страница 412: ...nt Example This example shows how to configure the MSTP configuration name to MName Switch configure terminal Switch config spanning tree mst configuration Switch config mst name MName Switch config mst 48 3 revision This command is used to configure the revision number for the MST configuration Use the no form of this command to revert to the default setting revision VERSION no revision Parameter...

Страница 413: ...signated instance only Define multiple instances by using to specify a series of instances or to separate a range of instances from a previous range Use to specify a range of instances No space before and after the comma or hyphen interface INTERFACE ID Specifies to display the STP information for the specified interface Optional Specifies a series of interfaces or separate a range of interfaces f...

Страница 414: ...0 00 00 00 priority 0 Regional Root address 00 00 00 00 00 00 priority 0 Designated bridge address 00 00 00 00 00 00 priority 0 port id 0 0 Switch This example shows how to display MSTP detailed information for interface eth1 0 1 Switch show spanning tree mst interface eth1 0 1 detail eth1 0 1 Configured link type auto operation status point to point Configured fast forwarding auto operation statu...

Страница 415: ...xample shows how to display MSTP summary information for interfaces eth3 0 3 to eth 3 0 4 Switch show spanning tree mst interface eth3 0 3 4 eth3 0 3 Configured link type auto operation status point to point Configured fast forwarding auto operation status edge Bpdu statistic counter sent 4 received 0 Priority Instance Role State Cost Port MST00 designated forwarding 20000 128 3 MST01 backup block...

Страница 416: ...4 1 1 10 2 11 20 Switch 48 5 spanning tree mst This command is used to configure the path cost and port priority parameters for any MST instance including the CIST with instance ID 0 Use the no form of this command to revert to the default setting spanning tree mst INSTANCE ID cost COST port priority PRIORITY no spanning tree mst INSTANCE ID cost port priority Parameters INSTANCE ID Specifies the ...

Страница 417: ... no form of this command to revert to the default setting spanning tree mst configuration no spanning tree mst configuration Parameters None Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to enter the MST Configuration Mode Example This example shows how to enter the MST Configuration Mode Switch configure terminal Switch con...

Страница 418: ...s command is used to configure the per port hello time used in the MSTP version Use the no form of this command to revert to the default setting spanning tree mst hello time SECONDS no spanning tree mst hello time Parameters SECONDS Specifies to determine the time interval to send one BPDU at the designated port This value is either 1 or 2 Default By default this value is 2 Command Mode Interface ...

Страница 419: ...ifier Instance 0 represents the default instance CIST PRIORITY Specifies the bridge priority value that must be divisible by 4096 The range is from 0 to 61440 Default By default this value is 32768 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The priority has same meaning with as the bridge priority in the STP command reference but can specify a different p...

Страница 420: ...e Command Default Level Level 12 Usage Guideline This command is used to create an ND inspection policy This command will enter into the ND inspection policy configuration mode ND inspection is mainly for inspection of Neighbor Solicitation NS and Neighbor Advertisement NA messages Example This example shows how to create an ND policy name called policy1 Switch configure terminal Switch config ipv...

Страница 421: ...is command is used to specify the role of the attached device Use the no form of this command to revert to the default setting device role host router no device role Parameters host Specifies to set the role of the device to host router Specifies to set the role of the device to router Default By default the device s role is host Command Mode ND Inspection Policy Configuration Mode Command Default...

Страница 422: ...ne This command is available for physical port and port channel configuration The command is used to apply the ND Inspection policy on a specified interface If no policy name is specified the behavior of the default policy is as follows NS NA messages are inspected Layer 2 header source MAC address validations are disabled Example This example shows how to apply ND inspection policy called policy1...

Страница 423: ...policy name is specified only the specified policy information is displayed If the policy name is not specified information is displayed for all policies Example This example shows how to display the policy configuration for a policy named inspect1 and all the interfaces where the policy is applied Switch show ipv6 nd inspection policy inspect1 Policy inspect1 configuration Device Role host Valida...

Страница 424: ... packets If the authentication host mode is set to multi host the port will be added as a guest VLAN member port and the PVID of the port will change to guest VLAN Traffic that comes from guest VLAN can be forward whatever whether authenticated Traffic that comes from other VLANs will still be dropped until it pass authentication When one host passes authentication the port will leave the guest VL...

Страница 425: ...hentication mode is changed to multi host the previous authentication VLAN s on this port will be cleared Default By default multi auth is used Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline If the port is operated in the multi host mode and if one of the hosts is authenticated then all other hosts are allowed to access the port According to 802 1X authent...

Страница 426: ...ctive session is terminated Use the no form of this command to disable the inactivity timer authentication timer inactivity SECONDS no authentication timer inactivity Parameters SECONDS Specifies to configure the timer after which an inactive session is terminated The range is from 120 to 65535 Default By default this option is disabled Command Mode Interface Configuration Mode Command Default Lev...

Страница 427: ...his value is 3600 seconds Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to configure the re authentication timer Example This example shows how to configure the re authentication timer value to 200 for eth1 0 1 Switch configure terminal Switch config interface eth1 0 1 Switch config if authentication timer reauthentication 200 Switch conf...

Страница 428: ...atabase authentication username NAME password 0 7 PASSWORD vlan VLAN ID no authentication username NAME vlan Parameters NAME Specifies the username with a maximum of 32 characters 0 Optional Specifies the password in the clear text form If neither 0 nor 7 are specified the default form is clear text 7 Optional Specifies the password in the encrypted form If neither 0 nor 7 are specified the defaul...

Страница 429: ...TERFACE ID Specifies a port to clear sessions mac address MAC ADDRESS Specifies a specific user to clear session Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline Use this command to clear the authentication sessions Example This example shows how to remove authentication sessions on Ethernet port 1 0 1 Switch clear authentication sessions interface eth1...

Страница 430: ...s AABB CCDD EEFF 5 Multiple delimiters the format is AA BB CC DD EE FF If none is chosen for delimiter the number does not take effect Default The default authentication MAC address case is uppercase The default authentication MAC address delimiter is dot The default authentication MAC address delimiter number is 2 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideli...

Страница 431: ...sed Access Control is disabled and JWAC and 802 1X are enabled then user must pass either the JWAC or 802 1X method If the method is mac jwac or mac wac the user is authorized after two methods are authenticate passed If any of the methods failed the user is rejected If the related method s global or port state is not enabled the user is rejected due to not authenticated pass After authenticated t...

Страница 432: ...itch configure terminal Switch config authentication max users 256 Switch config 50 12 authentication mac move deny This command is used to disable MAC move on the Switch Use the no form of this command to revert to the default setting authentication mac move deny no authentication mac move deny Parameters None Default By default this option is permitted Command Mode Global Configuration Mode Comm...

Страница 433: ...and is used to disable the acceptance of the authorized configuration Use the no form to enable the acceptance of the authorized configuration authorization disable no authorization disable Parameters None Default By default this option is enabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The command is used to enable or disable the acceptance of an auth...

Страница 434: ...ace is allowed before and after the hyphen mac address MAC ADDRESS Optional Specifies to display a specific user Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command without parameters to display the sessions associated with all ports Example This example shows how to display sessions on Ethernet port 1 0 1 Switch show authent...

Страница 435: ...d so on State The method authentication state Authenticating Host is under authentication by this method Success Host pass this method authentication Selected This method s authentication result is taken and parsed by system for the host Failure Host fail at this method authentication No Information Authentication info is unavailable Aging Time Block Time Aging Time Specifies a time period during ...

Страница 436: ...ine has received an EAP request packet from the authentication server and is relaying that packet to the Supplicant as an EAPOL encapsulated frame RESPONSE Indicates that the state machine has received an EAPOL encapsulated EAP Response packet from the supplicant and is relaying the EAP packet to the authentication Server SUCCESS Indicates that the authentication server has confirmed that the supp...

Страница 437: ...dify the state of the server noquery Optional Specifies to deny all NTP control queries nopeer Optional Specifies to deny packets that might mobilize an association unless authenticated The packets include broadcast symmetric active and manycast server packets when a configured association does not exist Note that this flag does not apply to packets that do not attempt to mobilize an association n...

Страница 438: ... 175 0 0 mask 255 255 0 0 Switch config ntp access group 128 4 1 0 mask 255 255 255 0 notrust Switch config ntp access group 192 43 244 18 Switch config 51 2 ntp authenticate This command is used to enable NTP authentication Use the no form of this command to disable NTP authentication ntp authenticate no ntp authenticate Parameters None Default By default this option is enabled Command Mode Globa...

Страница 439: ...efine an authentication key with the key ID 45 and key string NTPKey Switch configure terminal Switch config ntp authentication key 45 md5 NTPKey Switch config 51 4 ntp control key This command is used to define the key ID for the NTP control messages Use the no form of this command to remove the key ntp control key KEY ID no ntp control key Parameters KEY ID Specifies the NTP key ID The value is ...

Страница 440: ... Guideline This command is used to prevent an interface from receiving NTP packets Use the no form of this command to receive NTP packets on an interface Example This example shows how to prevent VLAN 1 interface from receiving NTP packets Switch configure terminal Switch config interface vlan1 Switch config if ntp disable Switch config if 51 6 ntp master This command is used to configure RTC as a...

Страница 441: ...o form of this command to revert to the default setting ntp max associations NUMBER no ntp max associations Parameters NUMBER Specifies the number of NTP associations This value must be between 1 and 64 Default By default the value is 32 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to configure the maximum number of NTP peers and client...

Страница 442: ... minimum poll interval that will be used is 64 seconds 26 64 INTERVAL Optional Specifies to enter the minimum poll interval value The default value is 6 max poll Optional Specifies the maximum poll interval for NTP messages This value is calculated as 2 to the power of the maximum poll interval value specified For example if the value specified here is 6 the maximum poll interval that will be used...

Страница 443: ...p server IP ADDRESS IPv6 ADDRESS Parameters IP ADDRESS Specifies the IPv4 address of the NTP server IPv6 ADDRESS Specifies the IPv6 address of the NTP server version Optional Specifies the NTP version number NUMBER Optional Specifies to enter the NTP version number from 1 to 4 The default version number is 4 key Optional Specifies the authentication key KEY ID Optional Specifies the authentication...

Страница 444: ...gure the IP address of the NTP server to 192 168 10 33 using NTP version 2 Switch configure terminal Switch config ntp server 192 168 10 33 version 2 Switch config 51 11 ntp trusted key This command is used to specify the trusted key for a peer NTP system to authenticate Use the no form of this command to disable this feature ntp trusted key KEY ID no ntp trusted key KEY ID Parameters KEY ID Speci...

Страница 445: ...bal Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to periodically update the hardware clock from an NTP source Use the no form of this command to disable this feature Example This example shows how to periodically update the hardware clock from an NTP source Switch configure terminal Switch config ntp update calendar Switch config 51 13 service ntp This com...

Страница 446: ...bout each NTP association Default Not applicable Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display the status of NTP associations Example This example shows how to display the NTP associations Switch show ntp associations Remote Local St Poll Reach Delay Offset Disp 192 168 10 33 0 0 0 0 16 128 0 0 00000 0 000000 3 99217 ...

Страница 447: ...0 Receive Timestamp 00000000 00000000 Thu Feb 7 2036 6 28 16 00000 Transmit Timestamp 00000000 00000000 Thu Feb 7 2036 6 28 16 00000 Filter Delay 0 00000 0 00000 0 00000 0 00000 0 00000 0 00000 0 00000 0 00000 Filter Offset 0 000000 0 000000 0 000000 0 000000 0 000000 0 000000 0 000000 0 000000 Filter Order 0 1 2 3 4 5 6 7 Offset 0 000000 Delay 0 00000 Error Bound 3 99217 Filter Error 0 00000 Remo...

Страница 448: ...t set or corrected Originate Timestamp The time that the request departed for the server at the client Receive Timestamp The time that the request arrived from the client at the server Transmit Timestamp The time that replied to the client at the server Filter Delay Round trip delay of each sample in milliseconds Filter Offset Clock offset of each sample in milliseconds Filter Order Filter order o...

Страница 449: ...IP address of the Switch Our mode Our mode relative to the peer This field can display the following modes active passive client server bdcast and bdcastclient Peer mode The peer s mode relative to us Leap Indicator Synchronized The Switch is synchronized to an NTP peer Unsynchronized The Switch is not synchronized to any NTP peer Stratum Stratum of the Switch Precision Precision value Root Distan...

Страница 450: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 447 Auth Delay Authentication Delay ...

Страница 451: ...ed before and after the comma Optional Specifies a range of interfaces No space is allowed before and after the hyphen vlan VLAN ID Specifies to delete the auto learned secured entry learned with the specified VLAN Default None Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline This command clears auto learned secured entries either dynamic or permanent Example This e...

Страница 452: ...e Max Curr Violation Violation Security Admin Current No No No Act Count Mode State State eth1 0 1 5 2 Restrict 0 D Enabled Forwarding eth1 0 2 10 10 Shutdown 0 D Enabled Err disabled eth1 0 3 10 0 Shutdown 0 P Disabled Switch 52 3 snmp server enable traps port security This command is used to enable sending SNMP notifications for port security address violation Use the no form of this command to ...

Страница 453: ...es allowed If not specified the default value is 32 The valid range is from 0 to 6656 protect Optional Specifies to drop all packets from the insecure hosts at the port security process level but does not increment the security violation count restrict Optional Specifies to drop all packets from the insecure hosts at the port security process level and increments the security violation count and r...

Страница 454: ...If the maximum number is changed to a lower value which is lower than the existing entry number the command is rejected A port security enabled port has the following restrictions The port security function cannot be enabled simultaneously with 802 1X MAC MAC based Access Control JWAC WAC and IMPB that provides more advanced security capabilities If a port is specified as the destination port for ...

Страница 455: ...ies to set absolute aging type All the secure addresses on this port age out exactly after the time specified and is removed from the secure address list This is the default type inactivity Specifies to set the inactivity aging type The secure addresses on this port age out only if there is no data traffic from the secure source address for the specified time period Default By default the port sec...

Страница 456: ...ecurity limit global Parameters VALUE Specifies the maximum number of port security entries that can be learned on the system The range is from 1 to 6656 If the setting is smaller than the number of current learned entries the command will be rejected Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to set the limit on the port sec...

Страница 457: ...e Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to configure a description for the PD connected to the port Example This example shows how to configure the PoE PD description on interface eth3 0 1 Switch configure terminal Switch config interface eth3 0 1 Switch config if poe pd description For VOIP usage Switch config if 53 2 poe pd legacy suppor...

Страница 458: ...o the port gains the lowest priority Default By default this option is set as low Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline Since the power budget is limited as more PDs are added to the system the power source may not be sufficient to supply the power The PoE system enters the power critical section when the remaining power source is not enough to se...

Страница 459: ...poe policy preempt command configures whether to disconnect the PD which is powered with lower priority in order to release the power to the new connected PD with higher priority under power shortage condition If the policy preempt setting is disabled then the policy is first in first serviced Thus the new PD will not be serviced if the power budget is running out If the policy preempt setting is ...

Страница 460: ...imum wattage Use this command to also specify a time range with a port Once a PoE port is associated with a time range profile it will only be activated during the time frame specified in the profile That is the PD will not get powered during timeframe out of the specified time range When the command no poe power inline is issued the power management mode will be reset to default setting The speci...

Страница 461: ...s percentage Default By default this value is 99 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline When the usage threshold is configured if the utilization of the PSE exceeds the configured threshold then the EXCEED log will be recorded Once the percentage decreases and become lower than the threshold then the RECOVER log is recorded Example This example shows ...

Страница 462: ...rt clear poe statistic all interface INTERFACE ID Parameters all Specifies to clear PoE statistics for all interfaces interface INTERFACE ID Specifies the interface ID of an interface Optional Specifies a series of interfaces or separate a range of interfaces from a previous range No spaces before and after the comma Optional Specifies a range of interfaces No spaces before and after the hyphen De...

Страница 463: ...atus Specifies to display the port PoE status configuration Specifies to display the port configuration information statistics Specifies to display the port error counters measurement Specifies to display the port voltage current consumed power and temperature lldp classification Specifies to display the data link layer classification using information of power via MDI TLV Default None Command Mod...

Страница 464: ...e PoE interface ID State The port status can be of the following Disabled The PSE function is disabled Searching The remote PD is not connected Requesting The remote PD is inserted but the PSE doesn t provide power yet Delivering The remote PD is now powering by PoE system Faulty X The device detection or a powered device is in a faulty state X is the error code number 1 MPS Maintain Power Signatu...

Страница 465: ...detected and maximum power is the user configured value Never The powered device will not be detected and no power to the port Priority The priority used to prioritize the service order when power constrain happens within at the power unit Legacy Support Enabled The legacy PD can be detected Disabled The legacy PD cannot be detected Time Range The time range profile name which sets the activation ...

Страница 466: ... power to the attached PD then this counter is increased Invalid Signature Increased if the PSE detects a PD who has an invalid PD signature Example This example shows how to display the PoE power inline measurement Switch show poe power inline measurement Interface Voltage V Current mA Temperature C Power W eth3 0 1 54 2 109 35 5 9 eth3 0 2 55 196 38 10 8 Output suppressed eth4 0 1 54 6 197 32 10...

Страница 467: ...2 0 2 PSE TX information Power type type 2 PSE Power source primary power source Power priority high PD requested power value 0 0W PSE allocated power value 0 0W Information from PD none Interface eth3 0 3 PSE TX information Power type type 2 PSE Power source primary power source Power priority low PD requested power value 20 0W PSE allocated power value 20 0W Information from PD Power type type 2...

Страница 468: ...il Parameters UNIT ID Specifies the stacking unit s ID to be displayed This parameter is only available if stacking is enabled detail Optional Specifies to display more detailed chip parameter information Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command displays the detailed power information and PoE chip parameters for PoE mo...

Страница 469: ...ed Example This example shows how to display the PoE detailed parameters for unit 1 Switch show poe power module unit 1 detail Unit Delivered W Power Budget W Usage Threshold Preempt Trap State 1 0 193 99 Disabled Disabled PoE system parameters Unit Max Ports Device ID SW Version 1 24 E111 13 Switch Display Parameters Max ports The maximum port number of the PoE sub system Device ID The hardware v...

Страница 470: ...ve power Example This example shows how to disable the port LED function Switch configure terminal Switch config dim led Switch config 54 2 power saving This command is used to enable individual power saving functions Use the no form of this command to disable these functions power saving link detection port shutdown dim led hibernation no power saving link detection port shutdown dim led hibernat...

Страница 471: ... to enable power saving by shutting off the Switch s ports and toggle the Switch into the hibernation mode Switch configure terminal Switch config power saving port shutdown Switch config power saving hibernation Switch config 54 3 power saving eee This command is used to enable the Energy Efficient Ethernet EEE function on the specified port s Use the no form of this command to disable the EEE fu...

Страница 472: ... length is 32 characters Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to add or delete a time range profile for the dim LED schedule When the schedule is up all port s LED will be turned off Example This example shows how to add a time range profile for the dim LED schedule Switch configure terminal Switch config power saving d...

Страница 473: ... shows how to add a time range profile for the hibernation schedule Switch configure terminal Switch config power saving hibernation time range off duty Switch config 54 6 power saving shutdown time range This command is used to configure the time range profile for the port shutdown schedule Use the no form of this command to delete the specified time range profile power saving shutdown time range...

Страница 474: ...tdown Optional Specifies to display the port shutdown state hibernation Optional Specifies to display the hibernation state eee Optional Specifies to display the EEE state Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline If no optional keywords were specified all power saving configuration information will be displayed Example This example...

Страница 475: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 472 ...

Страница 476: ...line Use this command to create an IP static route Floating static route is supported This means that there could be two routes with the same destination network address and different next hop If primary or backup is not specified the static route will be automatically determined to be a primary route or a backup route Primary route has higher priority than backup route and is always be used for f...

Страница 477: ...etwork address and different next hop If primary or backup is not specified the static route will be automatically determined to be a primary route or a backup route Primary route has higher priority than backup route and is always be used for forwarding when it is active When primary is down the backup route will be used Example This example shows how to create a static route destined to the netw...

Страница 478: ...C connected S static candidate default Gateway of last resort is not set C 10 0 0 0 8 is directly connected vlan1 Total Entries 1 Switch 55 4 show ip route summary This command is used to display the brief information for the working routing entries show ip route summary Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use ...

Страница 479: ...X LENGTH Optional Specifies the prefix length for the specified network longer prefixes Optional Specifies to display the route and all of the more specific routes INTERFACE ID Optional Specifies the interface type connected Optional Specifies to display directly connected route static Optional Specifies to display the static route database Optional Specifies to display all the related entries in ...

Страница 480: ...2001 0101 64 1 1 via fe80 0000 00ff 1111 2233 vlan1 S 2001 0102 64 1 1 via fe80 0000 00ff 1111 2233 vlan1 Total Entries 2 entries 2 routes Switch 55 6 show ipv6 route summary This command is used to display the current state of the IPv6 routing table show ipv6 route summary Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline W...

Страница 481: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 478 Switch show ipv6 route summary Route Source Networks Connected 2 Static 0 Total 3 Switch ...

Страница 482: ...ll be classified as class default If the specified name of class map does not exist no traffic is classified to the class Example This example shows how to define a policy map policy1 which defines policies for the class class dscp red The packets that match DSCP 10 12 or 14 will all be marked as DSCP 10 and be policed by a single rate policer Switch configure terminal Switch config class map clas...

Страница 483: ...h all or match any keyword to specify whether to evaluate the multiple match criteria based on either the logical AND or the logical OR Example This example shows how to configure the class_home_user as the name of a class map In this class map a match statement specifies that the traffic that matches the access control list acl_home_user and matches the IPv6 protocol will be included under the cl...

Страница 484: ...VLAN identification number numbers or range of numbers to be matched Valid VLAN identification numbers must be in the range of 1 to 4094 Enter one or more VLAN values separated by commas or hyphens for a range list Default None Command Mode Class map Configuration Mode Command Default Level Level 12 Usage Guideline To use the match command first enter the class map command to specify the name of t...

Страница 485: ...ch config cmap exit Switch config police map cos based treatment Switch config pmap class voice Switch config pmap c police 8000 1000 exceed action drop Switch config pmap c exit Switch config pmap class video n data Switch config pmap c police cir 500000 bc 10000 pir 1000000 be 10000 exceed action set dscp transmit 2 violate action drop Switch config pmap c exit Switch config pmap exit Switch con...

Страница 486: ...e rate policing Specifies the action to take for those packets that did not conform to both CIR and PIR For a single rate policer If violation action is not specified it will create a single rate two color policer For a two rate policer if the violation action is not specified the default action is equal to the exceed action ACTION Specifies the action to take on packets Specify one of the followi...

Страница 487: ...agged or untagged received by the port Default By default this CoS value is 0 Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline When the override option is not specified the CoS of the packets will be the packet s CoS if the packets are tagged and will be the port default CoS if the packet is untagged When the override option is specified the port default CoS...

Страница 488: ...s received by the interface and QoS handles the packet with this new value The Switch sends the packet out the port with the new DSCP value Example This example shows how to map DSCP 30 to the mutated DSCP value 8 and then attach the ingress DSCP mutation map named mutemap1 to port eth3 0 1 Switch configure terminal Switch config mls qos map dscp mutation mutemap1 30 to 8 Switch config interface e...

Страница 489: ...th3 0 1 Switch config if mls qos map cos color 1 7 to red Switch config if 56 8 mls qos map dscp color This command is used to define the DSCP to color map for the mapping of a packet s initial color Use the no form of this command to revert to the default setting mls qos map dscp color DSCP LIST to green yellow red no mls qos map dscp color DSCP LIST Parameters DSCP LIST Specifies the list of DSC...

Страница 490: ...SCP values Default CoS Value 0 1 2 3 4 5 6 7 DSCP Value 0 7 8 15 16 23 24 31 32 39 40 47 48 55 56 63 Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline The DSCP to CoS map is used by a DSCP trust port to map a DSCP value to an internal CoS value In turn this CoS value is then mapped to the CoS queue based on the CoS to queue map configured by the priority queu...

Страница 491: ... the following Enter multiple commands to map additional DSCP values to a mutated DSCP value Enter a separate command for each mutated DSCP value The DSCP CoS map and DSCP color map will still be based on the packet s original DSCP All the subsequent operations will base on the mutated DSCP Example This example shows how to map DSCP 30 to the mutated DSCP value 8 DSCP 20 to the mutated DSCP 10 wit...

Страница 492: ...ion happens the credits are replenished When the credits are replenished a quantum of credits are added to each CoS queue credit counter The quantum for each CoS queue may be different based on the user configuration To set a CoS queue in the strict priority mode any higher priority CoS queue must also be in the strict priority mode WRR operates by transmitting permitted packets into the transmit ...

Страница 493: ...el port the packet will be added with an outer VLAN tag in order to transmit through the VLAN tunnel If the port is to trust CoS then the inner tag CoS will be the internal CoS of the packet and the CoS value in the packet s outer VLAN tag If the MLS QoS CoS override is configured then the CoS specified by command mls qos cos will be the internal CoS of the packet and the CoS value in the packet s...

Страница 494: ...ed the policer works in the color blind mode When color aware is specified the policer works in the color aware mode Default None Command Mode Policy map Class Configuration Mode Command Default Level Level 12 Usage Guideline Use the police command to drop the packet or mark the packet with different quality of service QoS values based on conformance level of the packet The combination of paramete...

Страница 495: ...he actions configured by the set command for a traffic class will be applied to all the packets belonging to the traffic class Example This example shows how to define a traffic class and associate the policy with the match criteria for the traffic class in a policy map The service policy command is then used to attach this service policy to the interface In this particular example traffic policin...

Страница 496: ... Switch config pmap class class2 Switch config pmap c police aggregate agg_policer1 Switch config pmap c exit Switch config pmap class class3 Switch config pmap c police aggregate agg_policer1 Switch config pmap c 56 15 police cir This command is used to configure traffic policing for two rates the committed information rate CIR and the peak information rate PIR Use the no form of this command to ...

Страница 497: ...nd Default Level Level 12 Usage Guideline As a packet arrives at a port the packet will be initialized with a color The receiving port either trusts DSCP or CoS The initial color of the packet is mapped from the DSCP in the incoming packet if the receiving port trusts DSCP The initial color of the packet is mapped from the CoS in the incoming packet if the receiving port trusts CoS Both single rat...

Страница 498: ...e name of the policy map The name can be a maximum of 32 alphanumeric characters Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use the policy map command to enter the policy map configuration mode from where the user can configure or modify the policy for the traffic class A single policy map can be attached to more than one interface concurrent...

Страница 499: ...e ID the CoS will be mapped COS1 Specifies the mapping CoS value Valid values are from 0 to 7 COS2 COS8 Optional Specifies the mapping CoS value Valid values are from 0 to 7 Default The default priority CoS to queue mapping is 0 to 2 1 to 0 2 to 1 3 to 3 4 to 4 5 to 5 6 to 6 7 to 7 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline When a packet is received the p...

Страница 500: ...ing the minimal bandwidth the aggregate of the configured minimum bandwidth must be less than 75 percent of the interface bandwidth to make sure the configured minimal bandwidth can be guaranteed It is not necessary to set the minimum guaranteed bandwidth for the highest strict priority queue This is because the traffic in this queue will be serviced first if the minimal bandwidth of all queues is...

Страница 501: ...d the maximum speed of the specified interface For the ingress bandwidth limitation the ingress will send a pause frame or a flow control frame when the received traffic exceeds the limitation Example This example shows how the maximum bandwidth limits are configured on eth2 0 5 The ingress bandwidth is limited to 2000Kbps and 4096K bytes for burst traffic Switch configure terminal Switch config i...

Страница 502: ...rate of 4000 Kbps and bronze is policed by a single rate policer with a committed rate of 16000 Kbps The cust1 classes policy map is configured and then attached to interfaces eth3 0 1 and eth3 0 2 for ingress traffic Switch configure terminal Switch config class map match all gold Switch config cmap match cos 6 Switch config cmap exit Switch config class map match all silver Switch config cmap ma...

Страница 503: ... precedence for the packet The range is from 0 to 7 If the optional keyword ip is specified IPv4 precedence will be marked If not specified both IPv4 and IPv6 precedence will be marked For IPv6 packets the precedence is the most three significant bits of traffic class of IPv6 header Setting the precedence will not affect the CoS queue selection dscp DSCP Specifies a new DSCP for the packet The ran...

Страница 504: ...tch config pmap c set ip dscp 10 Switch config pmap c police 1000 2000 exceed action set dscp transmit 10 Switch config pmap c exit Switch config pmap 56 22 show class map This command is used to display the class map configuration show class map NAME Parameters NAME Optional Specifies the name of the class map The class map name can be a maximum of 32 alphanumeric characters Default None Command ...

Страница 505: ...mls qos aggregate policer agg policer5 cir 500 bc 10 pir 1000 be 10 conform action transmit exceed action set dscp transmit 2 violate action drop Switch 56 24 show mls qos interface This command is used to display port level QoS configurations show mls qos interface INTERFACE ID cos scheduler trust rate limit queue rate limit dscp mutation map dscp color cos color dscp cos Parameters interface INT...

Страница 506: ...ault None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display port level QoS configurations Example This example shows how to display the default CoS for eth 1 0 2 to eth 1 0 5 Switch show mls qos interface eth1 0 2 5 cos Interface CoS Override eth1 0 2 3 Yes eth1 0 3 4 No eth1 0 4 4 No eth1 0 5 3 No Switch This example sho...

Страница 507: ...rface DSCP Mutation Map eth1 0 1 Mutate Map 1 eth1 0 2 Mutate Map 2 Switch This example shows how to display the bandwidth allocation for port 1 0 1 to 1 0 4 Switch show mls qos interface eth1 0 1 4 rate limit Interface Rx Rate Tx Rate Rx Burst Tx Burst eth1 0 1 1000 kbps No Limit 64 kbyte No Limit eth1 0 2 No Limit 2000 kbps No Limit 2000 kbyte eth1 0 3 10 100000 kbps 20 200000 kbps 64 kbyte 64 k...

Страница 508: ... display the DSCP to color map for port 1 0 1 to port 1 0 2 Switch show mls qos interface eth1 0 1 2 map dscp color eth1 0 1 DSCP 0 7 are mapped to green DSCP 8 40 are mapped to red DSCP 41 43 are mapped to yellow eth1 0 2 DSCP 0 7 are mapped to green Switch This example shows how to display the CoS to color map for port 1 0 3 to port 1 0 4 Switch show mls qos interface eth1 0 3 4 map cos color et...

Страница 509: ... 06 06 06 07 07 07 07 60 07 07 07 07 Switch 56 25 show mls qos map dscp mutation This command is used to display the QoS DSCP mutation map configuration show mls qos map dscp mutation MAP NAME Parameters MAP NAME Optional Specifies the name of the DSCP mutation map to be displayed Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This comma...

Страница 510: ...nfiguration of different scheduler Optional Specifies a series of interfaces or separate a range of interfaces from a previous range No space is allowed before and after the comma Optional Specifies a range of interfaces No space is allowed before and after the hyphen Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline When the optional keywo...

Страница 511: ...weight configuration for the different scheduler on interface eth1 0 3 Switch show mls qos queueing interface eth1 0 3 wrr bandwidth weights QID Weights 0 1 1 2 2 3 3 4 4 5 5 6 6 7 7 8 wdrr bandwidth weights QID Quantum 0 1 1 2 2 3 3 4 4 5 5 6 6 7 7 8 Switch 56 27 show policy map This command is used to display the policy map configuration show policy map POLICY NAME interface INTERFACE ID Paramet...

Страница 512: ... kbps and a peak rate of 1 Mbps Switch configure terminal Switch config class map police Switch config cmap match access group name acl_rd Switch config cmap policy map policy1 Switch config pmap class police Switch config pmap c police cir 500 bc 10 pir 1000 be 10 exceed action set dscp transmit 2 violate action drop Switch config pmap c exit Switch config pmap exit Switch config interface eth3 0...

Страница 513: ...ls qos scheduler wdrr command to change the scheduling mode to WDRR mode Example This example shows how to configure the queue quantum of the WDRR scheduling mode queue quantum of queue 0 queue 1 queue 2 queue 3 queue 4 queue 5 queue 6 queue 7 are 1 2 3 4 5 6 7 8 respectively on interface eth3 0 1 Switch configure terminal Switch config interface eth3 0 1 Switch config if mls qos scheduler wdrr Sw...

Страница 514: ...s always selected by the Per hop Behavior PHB EF and the schedule mode of this queue should be strict priority scheduling So the weight of the last queue should be zero while the Differentiate Service is supported Example This example shows how to configure the queue weight of the WRR scheduling mode queue weight of queue 0 queue 1 queue 2 queue 3 queue 4 queue 5 queue 6 queue 7 are 1 2 3 4 5 6 7 ...

Страница 515: ...e Guideline The RMON statistics group entry number is dynamic Only the interface that is enabled for RMON statistics will have a corresponding entry in the table Example This example shows how to configure an RMON statistics entry with an index of 65 and the owner name guest on Ethernet interface eth3 0 2 Switch configure terminal Switch config interface eth3 0 2 Switch config if rmon collection s...

Страница 516: ...nfig if rmon collection history 101 owner it domain com interval 2000 Switch config if 57 3 rmon alarm This command is used to configure an alarm entry to monitor an interface Use the no form of this command to remove an alarm entry rmon alarm INDEX VARIABLE INTERVAL delta absolute rising threshold VALUE RISING EVENT NUMBER falling threshold VALUE FALLING EVENT NUMBER owner STRING no rmon alarm IN...

Страница 517: ...to configure an alarm entry to monitor an interface Switch configure terminal Switch config rmon alarm 783 1 3 6 1 2 1 2 2 1 12 6 30 delta rising threshold 20 1 falling threshold 10 1 owner Name Switch config 57 4 rmon event This command is used to configure an event entry Use the no form of this command to remove an event entry rmon event INDEX log trap COMMUNITY owner NAME description STRING no ...

Страница 518: ...f 13 to generate a log on the occurrence of the event Switch configure terminal Switch config rmon event 13 log owner it domain com description ifInNUcastPkts is too much Switch config 57 5 show rmon alarm This command is used to displays the alarm configuration show rmon alarm Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideli...

Страница 519: ...is example shows how to displays the RMON event table Switch show rmon events Event 1 owned by manager1 Description is Errors Event trigger action log trap sent to community manager Last triggered time 13 12 15 2014 03 12 Event 2 owned by manager2 Description is Errors Event trigger action log trap Last triggered time Switch 57 7 show rmon history This command is used to display RMON history stati...

Страница 520: ...Undersized packets 213 Oversized packets 24 Fragments 2 Jabbers 1 CRC alignment errors 0 Collisions 0 Drop events 0 Sample 2 Received octets 303596354 Received packets 357898 Broadcast packets 3329 Multicast packets 7337 Estimated utilization 19 Undersized packets 213 Oversized packets 24 Fragments 2 Jabbers 1 CRC alignment errors 0 Collisions 0 Drop events 0 Switch 57 8 show rmon statistics This ...

Страница 521: ... 2200 Switch 57 9 snmp server enable traps rmon This command is used to enable the RMON trap state snmp server enable traps rmon rising alarm falling alarm no snmp server enable traps rmon rising alarm falling alarm Parameters rising alarm Optional Specifies to configure the rising alarm trap state falling alarm Optional Specifies to configure the falling alarm trap state Default By default this o...

Страница 522: ...Command Default Level Level 12 Usage Guideline This command is used to create an RA guard policy This command will enter into the RA guard policy configuration mode Example This example shows how to create an RA guard policy named policy1 Switch configure terminal Switch config ipv6 nd raguard policy policy1 Switch config ra guard 58 2 device role This command is used to configure the role of the ...

Страница 523: ...ist This command is used to filter the RA messages based on the sender IPv6 address Use the no form of this command to disable the filtering match ipv6 access list IPV6 ACCESS LIST NAME no match ipv6 access list Parameters IPV6 ACCESS LIST NAME Specifies a standard IPv6 access list Default None Command Mode RA Guard Policy Configuration Mode Command Default Level Level 12 Usage Guideline This comm...

Страница 524: ...cified the default policy will set the device role to host Example This example shows how to apply the RA guard policy on interface eth1 0 3 Switch configure terminal Switch config ipv6 nd raguard policy raguard1 Switch config ra guard device role router Switch config ra guard match ipv6 access list list1 Switch config ra guard exit Switch config interface eth1 0 3 Switch config if ipv6 nd raguard...

Страница 525: ...n is displayed If the policy name is not specified information is displayed for all policies Example This example shows how to display the policy configuration for a policy named raguard1 and all the interfaces where the policy is applied Switch show ipv6 nd raguard policy raguard1 Policy raguard1 configuration Device Role host Target eth1 0 1 1 0 2 Switch ...

Страница 526: ...e Privileged EXEC Mode Command Default Level Level 12 Usage Guideline If this command is issued without parameters then all CPU protect related counters will be cleared Example This example shows how to clear all CPU protect related statistics Switch clear cpu protect counters all Switch 59 2 cpu protect safeguard This command is used to enable or configure the Safeguard Engine Use the no form of ...

Страница 527: ...kets over its network in a limited bandwidth When the CPU utilization of the Switch rises over configured rising threshold it will enter exhausted mode In exhausted mode the Switch limits the bandwidth of receiving ARP and broadcast IP packets Example This example shows how to enable the Safeguard Engine and configure the thresholds which the rising and falling threshold are 60 and 40 respectively...

Страница 528: ...AME Specifies the protocol name to be configured RATE Specifies the threshold value The unit is packets per second When set to 0 all packets of the specified protocol are dropped Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The CPU must handle certain packets such as routing protocols Layer 2 protocols and packets for management If the traffic ...

Страница 529: ... Protocol snmp Simple Network Management Protocol Manage ssh Secured shell Manage stp Spanning Tree Protocol 802 1D Protocol telnet Telnet Manage tftp Trivial File Transfer Protocol Manage web HTTP and HTTPS Manage Example This example shows how to configure the threshold of ARP protocol packets as 100 packets per second Switch configure terminal Switch config cpu protect type arp pps 100 Switch c...

Страница 530: ...nism ceases till the utilization is lower than the falling threshold Normal The Safeguard Engine is not triggered to take actions 59 6 show cpu protect sub interface This command is used to display the rate limit and statistics by sub interface show cpu protect sub interface manage protocol route UNIT ID Parameters UNIT ID Optional Specifies the unit ID to display the rate limit configuration and ...

Страница 531: ...ified protocol on the CM card and all existing IO cards will be displayed if the optional unit ID is not specified Otherwise only the information on the specified unit ID will be displayed unit UNIT ID Specifies the unit ID to display the rate limit configuration and statistics Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this comm...

Страница 532: ...server enable traps safeguard engine no snmp server enable traps safeguard engine Parameters None Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to enable or disable sending SNMP notifications for Safeguard Engine Example This example shows how to enable sending SNMP notifications for Safeguard Engin...

Страница 533: ...specified a message will be promoted to the user to specify the value Default None Command Mode Privileged EXEC Mode Command Default Level Level 15 Usage Guideline This command is used to generate the RSA or DSA key pair Example This example shows how to create an RSA key Switch crypto key generate rsa The RSA key pairs already existed Do you really want to replace them y n n y Choose the size of ...

Страница 534: ...evert to the default settings ip ssh timeout SECONDS authentication retries NUMBER no ip ssh timeout authentication retries Parameters timeout SECONDS Specifies the time interval that the Switch waits for the SSH client to respond during the SSH negotiation phase The range is from 30 to 600 authentication retries NUMBER Specifies the number of authentication retry attempts The session is closed if...

Страница 535: ...used to enable the SSH server function Use the no form of this command to disable the SSH server function ip ssh server no ip ssh server Parameters None Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to enable the SSH server function Example This example shows how to enable the SSH server function Sw...

Страница 536: ...the service port number to 3000 Switch configure terminal Switch config ip ssh service port 3000 Switch config 60 6 show crypto key mypubkey This command is used to display the RSA or DSA public key pairs show crypto key mypubkey rsa dsa Parameters rsa Specifies to display information regarding the RSA public key dsa Specifies to display information regarding the DSA public key Default None Comman...

Страница 537: ... display the user SSH configuration settings show ip ssh Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to the SSH configuration settings Example This example shows how to display the SSH configuration settings Switch show ip ssh IP SSH server Enabled IP SSH service port 22 SSH server mode V2 Authenticati...

Страница 538: ...t the SSH client is using Userid The login username of the session Client IP Address The client IP address for this established SSH session 60 9 ssh user authentication method This command is used to configure the SSH authentication method for a user account Use the no form of this command to restore the default authentication method ssh user NAME authentication method password publickey URL hostb...

Страница 539: ...sername command By default the authentication method is password The system will prompt the user to input the password To authenticate a user via SSH public key authentication copy the user s public key file to file system When the user tries to login to the Switch via an SSH client using the SSH public key method the SSH client will automatically transmit the public key and signature with the pri...

Страница 540: ...ing message will be displayed when a private key is to be deleted Example This example shows how to delete an imported certificate named tongken ca of the trust point gaa Switch show crypto pki trustpoints Trustpoint Name gaa primary Imported certificates CA tongken ca local certificate webserver crt local private key webserver prv Switch configure terminal Switch config crypto pki certificate cha...

Страница 541: ...ly local Specifies to import local certificate and key pairs only both Specifies to import the CA certificate local certificate and key pairs Default None Command Mode Privileged EXEC Mode Command Default Level Level 15 Usage Guideline This command allows administrators to import certificates and key pairs in the PEM formatted files Proper certificates and key pairs need to be imported to the Swit...

Страница 542: ...h 61 3 crypto pki trustpoint This command is used to declare the trust point that the Switch will use Use the no form of this command to delete all certificates and key pairs associated with the trust point crypto pki trustpoint NAME no crypto pki trustpoint NAME Parameters NAME Specifies to create a name for the trust point Default None Command Mode Global Configuration Mode Command Default Level...

Страница 543: ...ficate chain configuration mode Switch configure terminal Switch config crypto pki certificate chain TP1 Switch config cert chain 61 5 primary This command is used to assign a specified trust point as the primary trust point of the Switch primary no primary Parameters None Default By default this option is disabled Command Mode CA Trust Point Configuration Mode Command Default Level Level 15 Usage...

Страница 544: ...he trust point to be displayed Default None Command Mode Privileged EXEC Mode or Any Configuration Mode Command Default Level Level 12 Usage Guideline If no parameter is specified all trust points will be displayed Example This example shows how to display all trust points Switch show crypto pki trustpoints Trustpoint Name TP1 primary Imported certificates CA tongken ca local certificate webserver...

Страница 545: ...cy Name policy2 Enabled CipherSuites RSA_WITH_RC4_128_MD5 RSA_WITH_3DES_EDE_CBC_SHA RSA_EXPORT_WITH_RC4_40_MD5 Session Cache Timeout 1200 Secure Trustpoint TP2 Switch 61 8 ssl service policy This command is used to configure the SSL service policy ssl service policy POLICY NAME ciphersuite dhe dss 3des ede cbc sha rsa 3des ede cbc sha rsa rc4 128 sha rsa rc4 128 md5 rsa export rc4 40 md5 secure tr...

Страница 546: ... suites secure trustpoint TRUSTPOINT Optional Specifies the name of the trust point that should be used in SSL handshake When this parameter is not specified the trust point which is specified as the primary will be used If no primary trust point is specified the built in certificate key pairs will be used In no form of this command the specified trust point will be canceled and then the built in ...

Страница 547: ...ional Specifies the IPv4 address of the remote sFlow collector host IPV6 ADDRESS Optional Specifies the IPv6 address of the remote sFlow collector udp port PORT Optional Specifies the UDP port of the remote sFlow collector The default is 6343 The range is from 1 to 65535 Default The default owner name is an empty string The expiry timer is 0 seconds The maximum datagram size is 1400 bytes The rece...

Страница 548: ...to sample egress packets sampling rate RATE Optional Specifies the rate for packet sampling The range is from 0 to 65536 0 means disable If not specified the default value is 0 max header size SIZE Optional Specifies the maximum number of bytes that should be copied from sampled packets The range is from 18 to 256 If not specified the default value is 128 Default By default no sampler is created C...

Страница 549: ... receiver RECEIVER Optional Specifies the receiver s index for this poller If not specified the value is 0 The user cannot configure the value to 0 interval SECONDS Optional Specifies the maximum number of seconds between successive polling samples The range is from 0 to 120 0 means disable If not specified the default is 0 Default By default no poller is created Command Mode Interface Configurati...

Страница 550: ...ler Parameters agent Optional Specifies to display sFlow agent information receiver Optional Specifies to display information of all receivers sampler Optional Specifies to display information of all samplers poller Optional Specifies to display information of all pollers Default None Command Mode User EXEC or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is use...

Страница 551: ...e Time 0 Current Countdown Time 0 Max Datagram Size 1400 Address 0 0 0 0 Port 6343 Datagram Version 5 Index 3 Owner Expire Time 0 Current Countdown Time 0 Max Datagram Size 1400 Address 0 0 0 0 Port 6343 Datagram Version 5 Index 4 Owner Expire Time 0 Current Countdown Time 0 Max Datagram Size 1400 Address 0 0 0 0 Port 6343 Datagram Version 5 Samplers Information Interface Instance Receiver Mode Ad...

Страница 552: ...Datagram Size The maximum number of data bytes of a single sFlow datagram Address The IPv4 IPv6 address of the remote sFlow receiver Port The UDP port of the remote sFlow receiver Datagram Version The version of sFlow datagrams Interface The interface on which the sampler is configured Instance The Sampler instance index Receiver The Receiver s INDEX for this Sampler Mode The instance s mode which...

Страница 553: ...or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display per interface link up down trap state Example This example shows how to display the interface s link up down trap state for port eth1 0 1 to eth1 0 9 Switch show snmp trap link status interface eth1 0 1 1 0 9 Interface Trap state eth1 0 1 Enabled eth1 0 2 Enabled eth1 0 3 Disabled eth1 0 4 Enabled e...

Страница 554: ...snmp server SNMP Server Enabled Name SiteA Switch Location HQ 15F Contact MIS Department II SNMP UDP Port 50000 SNMP Response Broadcast Request Enabled Switch This example shows how to display trap related settings Switch show snmp server traps Global Trap State Enabled Individual Trap State Authentication Enabled linkup Enabled linkdown Enabled coldstart Enabled warmstart Disabled Switch 63 3 sho...

Страница 555: ...led eth1 0 3 Disabled eth1 0 4 Enabled eth1 0 5 Enabled eth1 0 6 Disabled eth1 0 7 Enabled eth1 0 8 Enabled eth1 0 9 Enabled Switch 63 4 snmp server This command is used to enable the SNMP agent Use the no form of this command to disable the SNMP agent snmp server no snmp server Parameters None Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level ...

Страница 556: ...ers The syntax is a general string that allows spaces Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command configures the system contact information for management of the device Example This example shows how to configure the system contact information with the string MIS Department II Switch configure terminal Switch config snmp server co...

Страница 557: ...Specifies to control the sending of SNMP authentication failure notifications An authenticationFailuretrap is generated when the device receives an SNMP message that is not properly authenticated The authentication method depends on the version of SNMP being used For SNMPv1 or SNMPv2c authentication failure occurs if packets are formed with an incorrect community string For SNMPv3 authentication f...

Страница 558: ...witch configure terminal Switch config snmp server enable traps snmp authentication Switch config 63 8 snmp server location This command is used to configure the system s location information Use the no form of this command to remove the setting snmp server location TEXT no snmp server location Parameters location TEXT Specifies the string that describes the system location information The maximum...

Страница 559: ...e longer than 10 characters Default By default this name is Switch Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to configure the system s name information on the Switch Example This example shows how to configure the system s name to SiteA switch Switch configure terminal Switch config snmp server name SiteA switch SiteA switch config 63 10...

Страница 560: ...f this command to reset the UDP port number to default value snmp server service port PORT NUMBER no snmp server service port Parameters PORT NUMBER Specifies the UDP port number The range is from 0 to 65535 Some numbers may conflict with other protocols Default By default this number is 161 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to c...

Страница 561: ...s how to enable the server to respond to the broadcast SNMP get request packet Switch configure terminal Switch config snmp server response broadcast request Switch config 63 13 snmp trap link status This command is used to enable the notification of link up and link down events that occurred on the interface Use the no form of this command to disable the notification snmp trap link status no snmp...

Страница 562: ... to display SNMP local engine ID information Default None Command Mode Privileged EXEC Mode or Any Configuration Mode Command Default Level Level 12 Usage Guideline This command displays the SNMP information When displaying SNMP community strings the SNMPv1 or SNMPv2c user created will not be displayed Example This example shows how to display SNMP community information Switch show snmp community ...

Страница 563: ...iv SNMPv3 User Name user2 UDP Port 162 Total Entries 3 Switch This example shows how to display the MIB view setting Switch show snmp view View Name Subtree View Type restricted 1 3 6 1 2 1 1 Included restricted 1 3 6 1 2 1 11 Included restricted 1 3 6 1 6 3 10 2 1 Included restricted 1 3 6 1 6 3 11 2 1 Included restricted 1 3 6 1 6 3 15 1 1 Included CommunityView 1 Included CommunityView 1 3 6 1 ...

Страница 564: ...el v1 ReadView CommunityView WriteView CommunityView NotifyView CommunityView IP access control list GroupName private SecurityModel v2c ReadView CommunityView WriteView CommunityView NotifyView CommunityView IP access control list Total Entries 5 Switch This example shows how to display the SNMP engine ID Switch show snmp engineID Local SNMP engineID 00000009020000000C025808 Switch 63 15 show snm...

Страница 565: ...e community string to access the SNMP Use the no form of this command to remove the community string snmp server community 0 7 COMMUNITY STRING view VIEW NAME ro rw IP ACL NAME no snmp server community 0 7 COMMUNITY STRING Parameters 0 COMMUNITY STRING Optional Specifies the community string in the plain text form with a maximum of 32 alphanumeric characters This is the default option 7 COMMUNITY ...

Страница 566: ...h configure terminal Switch config snmp server view interfacesMibView 1 3 6 1 2 1 2 included Switch config snmp server community comaccess view interfacesMibView rw Switch config 63 17 snmp server engineID local This command is used to specify the SNMP engine ID on the local device Use the no form of this command to revert the SNMP engine ID to the default snmp server engineID local ENGINEID STRIN...

Страница 567: ...ies to authenticate the packet but not encrypt it noauth Specifies not to authenticate and not to encrypt the packet priv Specifies to authenticate and encrypt the packet read READ VIEW Optional Specifies a read view that the group user can access write WRITE VIEW Optional Specifies a write view that the group user can access notify NOTIFY VIEW Optional Specifies a write view that the group user c...

Страница 568: ...MP server group guestgroup for SNMPv3 access and SNMPv2c Switch configure terminal Switch config snmp server view interfacesMibView 1 3 6 1 2 1 2 included Switch config snmp server group guestgroup v3 auth read interfacesMibView Switch config snmp server group guestgroup v2c read CommunityView write CommunityView Switch config 63 19 snmp server host This command is used to specify the recipient of...

Страница 569: ...n view associated with the specified user or community name If the binding variables to be sent with the trap packet are not in the notification view the notification will not be sent to this host Example This example shows how to configure the trap recipient 163 10 50 126 with version 1 with community string comaccess Switch configure terminal Switch config snmp server community comaccess rw Swit...

Страница 570: ...ce traps vlan 100 Switch config 63 21 snmp server user This command is used to create an SNMP user Use the no form of this command to remove an SNMP user snmp server user USER NAME GROUP NAME v1 v2c v3 encrypted auth md5 sha AUTH PASSWORD priv PRIV PASSWORD access IP ACL NAME no snmp server user USER NAME GROUP NAME v1 v2c v3 Parameters USER NAME Specifies a username of a maximum of 32 characters ...

Страница 571: ... user the password used for authentication and encryption needs to be specified An SNMP user is unable to be deleted if it has been associated with a SNMP server host Example This example shows how the plain text password is configured for the user user1 in the SNMPv3 group public Switch configure terminal Switch config snmp server user user1 public v3 auth md5 authpassword priv privpassword Switc...

Страница 572: ...ed 1 3 6 1 2 1 1 Included Restricted 1 3 6 1 2 1 11 Included Restricted 1 3 6 1 6 3 10 2 1 Included Restricted 1 3 6 1 6 3 11 2 1 Included Restricted 1 3 6 1 6 3 15 1 1 Included CommunityView 1 Included CommunityView 1 3 6 1 6 3 Excluded CommunityView 1 3 6 1 6 3 1 Included Command Mode Global Configuration Mode Command Default Level Level 15 Usage Guideline Use this command to create a view of MI...

Страница 573: ...e IP management function of the device Example This example shows how to enable single IP management Switch configure terminal Switch config sim Switch config 64 2 sim role This command is used to configure the device s single IP management role from Candidate to Commander or from Commander to Candidate sim role commander GROUP NAME candidate Parameters commander Specifies to configure the device ...

Страница 574: ... 64 3 sim group member This command is used to add one Candidate switch to the single IP management group Use the no form of this command to remove one member from this single IP management group sim group member CANDIDATE ID PASSWORD no sim group member MEMBER ID Parameters CANDIDATE ID Specifies one Candidate switch in one SIM group MEMBER ID Specifies one Member switch in one SIM group PASSWORD...

Страница 575: ...efault Level Level 12 Usage Guideline During the hold time If no SIM protocol message were received it will For the Commander switch clear Member switch information For the Member switch clear the Commander switch information and change the role to Candidate Example This example shows how to configure the single IP management hold time Switch configure terminal Switch config sim holdtime 120 Switc...

Страница 576: ...ult setting sim management vlan VLAN ID no sim management vlan Parameters VLAN ID Specifies the single IP management message VLAN Default By default this option is set the VLAN 1 Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline The single IP management group commander and member will send and receive the SIM message on the SIM management VLAN Example This examp...

Страница 577: ...ed on the member switch When the running configuration is specified as the source URL the purpose is to upload the running configuration to the TFTP server When the system log is specified as source URL the system log can be retrieved to the TFTP server DESTINATION URL Specifies the destination URL for the file download The destination URL is located on the member switch When the running configura...

Страница 578: ...2 01 03 01 03 SUCCESS Switch This example shows how to upload the system log from the member switch 1 Switch copy sim system log tftp 10 10 10 58 switchlog member 1 Upload system log from member 1 to 10 10 10 58 switchlog y n n y Upload Status ID MAC Address Status 1 00 02 01 03 01 03 SUCCESS Switch 64 9 snmp server enable traps sim This command is used to enable sending single IP management trap ...

Страница 579: ...o display detailed information of a Member group Specifies to display the information of other SIM Groups COMMANDER MAC Specifies to display detailed information of a Group neighbor Specifies to display the neighbor information Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display single IP management information...

Страница 580: ...mple shows how to display the SIM member list Switch show sim members Member Hold Firmware ID MAC Address Platform Time Version Device Name 1 00 01 00 00 12 12 DGS 1510 28P 100 1 30 003 Switch 2 00 02 00 00 12 13 DGS 1510 28P 80 1 30 003 Switch Total Entries 2 Switch This example shows how to display one of the SIM member s information in detail Switch show sim members 1 Sim Member Information Mem...

Страница 581: ... 003 Device Name MAC Address EE FF 00 00 12 12 Platform DGS 1510 28P Hold Time 100 sec Switch This example shows how to display group information in a summary Switch show sim group means Commander switch SIM Group Name default Hold Firmware ID MAC Address Platform Time Version Device Name 1 00 01 02 03 04 00 DGS 1510 28P 40 1 30 003 Switch 2 00 07 15 34 00 50 3 00 01 02 03 00 10 SIM Group Name SIM...

Страница 582: ...irmware Version 1 30 003 Platform DGS 1510 28P Number of Members 2 Hold Time 100 sec Member Info 1 2 MAC Address 00 07 15 34 00 50 Member Info 2 2 MAC Address 00 01 02 03 00 10 Switch This example shows how to display SIM neighbors summary Switch show sim neighbor Port MAC Address Role eth1 0 1 00 02 00 00 08 12 Member eth1 0 2 00 01 00 00 12 12 Member eth1 0 3 EE FF 00 00 12 12 Candidate Total En...

Страница 583: ...l legacy bridges on a given LAN have been removed If there is no STP Bridge on the LAN the port will be operated in the configured mode either in the RSTP or MSTP mode Otherwise the port will be operated in the STP mode Example This example shows how to trigger the protocol migration event for all ports Switch clear spanning tree detected protocols all Clear spanning tree detected protocols y n n ...

Страница 584: ...ddress 00 04 9B 78 08 00 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Topology Changes Count 0 Priority Link Interface Role State Cost Port Type Edge eth1 0 3 designated forwarding 20000 128 3 p2p non edge eth1 0 5 backup blocking 200000 128 5 p2p non edge eth1 0 6 backup blocking 200000 128 6 shared non edge eth1 0 7 root forwarding 2000 128 7 P2p non edge Switch 65 3 show spanning tree c...

Страница 585: ...r Disabled Bpdu forward Disabled Switch 65 4 snmp server enable traps stp This command is used to enable the spanning tree to send SNMP notifications for STP Use the no form of this command to disable the sending of notifications for STP snmp server enable traps stp new root topology chg no snmp server enable traps stp new root topology chg Parameters new root Optional Specifies the sending of STP...

Страница 586: ...e disable Specifies to disable the STP s global state Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command in the global configuration mode to enable the global spanning tree function Example This example shows how to enable the spanning tree function Switch configure terminal Switch config spanning tree g...

Страница 587: ...evel Level 12 Usage Guideline This command is used to configure the Spanning Tree timer value Example This example shows how to configure the STP timers Switch configure terminal Switch config spanning tree hello time 1 Switch config spanning tree forward time 16 Switch config spanning tree max age 21 Switch config 65 7 spanning tree state This command is used to enable or disable the STP operatio...

Страница 588: ... COST no spanning tree cost Parameters COST Specifies the path cost for the port The range is from 1 to 200000000 Default The default path cost is computed from the interface s bandwidth setting Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline In the RSTP or STP compatible mode the administrative path cost is used by the single spanning tree to accumulate th...

Страница 589: ...he link If the port times out the received superior BPDU it will change to the designated port role When a port changes to the alternate port state due to the root guard a system message will be generated This configuration will take effect for all the spanning tree versions Example This example shows how to configure to prevent Ethernet interface eth3 0 1 from being a root port Switch configure t...

Страница 590: ... to configure the STP mode Use the no form of this command to revert to the default setting spanning tree mode mstp rstp stp no spanning tree mode Parameters mstp Specifies the Multiple Spanning Tree Protocol MSTP rstp Specifies the Rapid Spanning Tree Protocol RSTP stp Specifies the Spanning Tree Protocol IEEE 802 1D Compatible Default By default this mode is rstp Command Mode Global Configuratio...

Страница 591: ...he non port fast state Disable mode The port will always be in the non port fast state It will always wait for the forward time delay to change to forwarding state Network mode The port will remain in the non port fast state for three seconds The port will change to the port fast state if no BPDU is received and changes to the forwarding state If the port received the BPDU later it will change to ...

Страница 592: ...iority It is only used for RSTP and STP versions Use the no form of this command to restore to the default setting spanning tree priority PRIORITY no spanning tree priority Parameters PRIORITY Specifies that the bridge priority and bridge MAC address together forms the Spanning Tree Bridge ID which is an important factor in the Spanning Tree topology The range is from 0 to 61440 Default By default...

Страница 593: ...g address flushing in that region possibly because those bridges are not under the full control of the administrator When a port is set to the TCN filter mode the TC event received by the port will be ignored This configuration will take effect for all the spanning tree modes Example This example shows how to configure TCN filtering on port eth1 0 7 Switch configure terminal Switch config interfac...

Страница 594: ...ig spanning tree tx hold count 5 Switch config 65 17 spanning tree forward bpdu This command is used to enable the forwarding of the spanning tree BPDU Use the no form of this command to disable the forwarding of the spanning tree BPDU spanning tree forward bpdu no spanning tree forward bpdu Parameters None Default By default this option is disabled Command Mode Interface Configuration Mode Comman...

Страница 595: ...The stack command setting of a switch unit must be enabled before the switch unit can be chained with other switch units The setting will be saved in the individual switch unit if the user saves the configuration Example This example shows how to enable stacking mode Switch stack WARNING The command does not take effect until the next reboot Switch 66 2 stack renumber This command is used to manua...

Страница 596: ... this switch unit ID cannot be successfully added Example This example shows how to configure the renumbered unit ID of a switch unit 2 to 3 Switch stack 2 renumber 3 WARNING The command does not take effect until the next reboot Switch 66 3 stack priority This command is used to configure the priority of the switch stacking unit Use the no form of this command to set the priority to default stack...

Страница 597: ...ault By default this option is enabled Command Mode Privileged EXEC Mode Command Default Level Level 12 Usage Guideline When this command is disabled the unit that assumes the master role will not change when units with a better priority are added to the stack If this command is enabled then the unit that assumes the master role will change as units with a better priority are added to the stack Ex...

Страница 598: ...nable sending of stacking related traps Switch configure terminal Switch config snmp server enable traps stack Switch config 66 6 show stack This command is used to display the stacking information show stack Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display the stacking information Example Th...

Страница 599: ...t Enabled Trap State Disabled Topology Duplex_Chain My Box ID 1 Master ID 1 Box Count 1 Box User Module Prio Prom Runtime H W ID Set Name Exist rity MAC Version Version Version 1 Auto DGS 1510 28P Exist 32 00 01 02 03 04 00 1 00 012 1 30 003 A1 2 NOT_EXIST No 3 NOT_EXIST No 4 NOT_EXIST No 5 NOT_EXIST No 6 NOT_EXIST No Switch ...

Страница 600: ...ear enables or disables the notifications for storm control module If no optional keywords is specified both storm occur and storm clear notifications are enabled or disabled If you enter the command with a keyword only the specified notification type is enabled or disabled Example This example shows how to enable sending trap for storm control for both storm occurred and cleared Switch configure ...

Страница 601: ...e default action taken when a storm occurs is to drop storm packets Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline Use the storm control function to protect the network from the storm of broadcast packets multicast packets or unknown DA flooding packets Enter the storm control command to enable storm control for a specific traffic type on the interface The...

Страница 602: ... 1 and 300 seconds retries NUMBER Specifies the retry count If the action is configured to the shutdown mode and a storm continues as long as the interval times retries values set the port will enter the error disabled state This value must be between 0 and 360 0 means that a shutdown mode port will directly enter the error disabled state when a storm is detected Infinite means that a shutdown mod...

Страница 603: ...Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline If the interface ID is not specified all interfaces configurations will be displayed If the packet type is not specified all types of storm control settings will be displayed Example This example shows how to display the current broadcast storm control settings Switch show storm control interface range ethernet ...

Страница 604: ...D Action The configured action the possible actions are Drop Shutdown None Threshold The configured threshold Current The actual traffic rate which is currently flowing though the interface Its unit may be percentage kbps PPS based on the configured meter mode Because hardware can only counts by PPS this value of this filed may be a rough value for percentage and kbps State The current state of st...

Страница 605: ...t the surveillance VLAN function When the surveillance VLAN is enabled for a port the port will be automatically learned as surveillance VLAN untagged member the received untagged surveillance packets will be forwarded to the surveillance VLAN The received packets are determined as surveillance packets if the source MAC addresses of packets comply with the organizationally unique identifier OUI ad...

Страница 606: ...r expiration of surveillance VLAN aging timer If the surveillance traffic resumes during the aging time the aging timer will be cancelled Example This example shows how to configure the aging time of surveillance VLAN to 30 minutes Switch configure terminal Switch config surveillance vlan aging 30 Switch config 68 3 surveillance vlan enable This command is used to enable the surveillance VLAN stat...

Страница 607: ...lance device OUI surveillance vlan mac address MAC ADDRESS MASK component type vms vms client video encoder network storage other description TEXT no surveillance vlan mac address MAC ADDRESS MASK Parameters MAC ADDRESS Specifies the OUI MAC address MASK Specifies the OUI MAC address matching bitmask component type Optional Specifies surveillance components that could be auto detected by surveilla...

Страница 608: ...veillance vlan mac address 00 01 02 03 00 00 FF FF FF FF 00 00 component type vms description user1 Switch config 68 5 surveillance vlan qos This command is used to configure the CoS priority for the incoming surveillance VLAN traffic Use the no form of this command to revert to the default settings surveillance vlan qos COS VALUE no surveillance vlan qos Parameters COS VALUE Specifies the priorit...

Страница 609: ...series of interfaces or separate a range of interfaces from a previous range No space is allowed before and after the comma Optional Specifies a range of interfaces No space is allowed before and after the hyphen Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline Use this command to display the surveillance VLAN configurations The show surve...

Страница 610: ...mic Member Ports Surveillance VLAN OUI OUI Address Mask Component Type Description 28 10 7B 00 00 00 FF FF FF E0 00 00 D Link Device IP Surveillance Device 28 10 7B 20 00 00 FF FF FF F0 00 00 D Link Device IP Surveillance Device B0 C5 54 00 00 00 FF FF FF 80 00 00 D Link Device IP Surveillance Device F0 7D 68 00 00 00 FF FF FF F0 00 00 D Link Device IP Surveillance Device Total OUI 4 Switch ...

Страница 611: ... negotiation will be enabled if either the speed parameter is set to auto or the duplex parameter is set to auto If the speed parameter is set to auto and the duplex parameter is set to the fixed mode only the speed will be negotiated The advertised capability will be configured to the duplex mode combined with all the possible speeds If the speed is to set to a fixed speed and duplex is set to au...

Страница 612: ...peed is set to the forced mode the final flow control setting will be determined by the configured flow control setting If the speed is set to the auto mode the final flow control setting will be based on the negotiated result between the local side setting and the partner side setting The configured flow control setting here is the local side setting Example This example shows how to enable the f...

Страница 613: ...o 1000 Mbps and the user must manually set that the port operates as master or slave Specifies that for fiber ports 1000BASE SX LX the port will disable the auto negotiation master slave Specifies the port operates as master or slave timing This parameter is only applicable to 1000BASE T connections 10giga Specifies to force the speed to 10 Gbps auto Specifies that for copper ports it specifies to...

Страница 614: ...uto only the duplex mode is negotiated The advertised capability will be both full and half duplex mode combined with the configured speeds For 10GBASE R connections if auto negotiation is enabled the system will automatically configure the speed 1000M or 10G according to the type of SFP SFP Example This example shows how to configure eth1 0 1 to only auto negotiate to 10 or 100 Mbps Switch config...

Страница 615: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 612 Switch configure terminal Switch config interface eth1 0 5 Switch config if speed auto downgrade Switch config if ...

Страница 616: ...onfig cfg If there is no valid configuration file the device will be configured to the default state Example This example shows how to configure the file switch config cfg as the startup configuration file Switch configure terminal Switch config boot config c switch config cfg Switch config 70 2 boot image This command is used to specify the file that will be used as the image file for the next bo...

Страница 617: ...cify that the Switch should use the image file named switch image1 had as the boot image file for the next startup Switch configure terminal Switch config boot image c switch image1 had Switch config This example shows how to check a specified image file called c runtime switch had The checksum of the image file has been verified is okay and the information of the image file is displayed Switch co...

Страница 618: ...how to clear the system s running configuration Switch clear running config This command will clear all of system configuration as factory default setting including IP parameters Clear running configuration y n n y Switch 70 4 reset system This command is used to reset the system clear the system s configuration then save and reboot the Switch reset system Parameters None Default None Command Mode...

Страница 619: ...e FILENAME Specifies the name of the configuration file stored in the NVRAM force Optional Specifies to execute the command immediately with no confirmation needed Default None Command Mode Privilege EXEC Mode Command Default Level Level 15 Usage Guideline This command is used to execute the indicated configuration file to replace the current running configuration The current running configuration...

Страница 620: ...opy SOURCE URL tftp LOCATION DESTINATION URL copy tftp LOCATION SOURCE URL DESTINATION URL Parameters SOURCE URL Specifies the source URL for the source file to be copied One special form of the URL is represented by the following keywords If startup config is specified as the SOURCE URL the purpose is to upload the startup configuration save the startup configuration as the file in the file syste...

Страница 621: ...load the system log to the TFTP server To upload the running configuration or save the running configuration to the startup configuration specify running config as the SOURCE URL To save the running configuration to the startup configuration specify startup config as the DESTINATION URL As the destination is the startup configuration the source file is directly copied to the file specified in the ...

Страница 622: ...ion filename switch config cfg Accessing tftp 10 1 1 254 switch config cfg Transmission start Transmission finished file length 45421 bytes Switch This example shows how to save the system s running configuration into the FLASH memory and uses it as the next boot configuration Switch copy running config startup config Destination filename startup config y n y Saving all configurations to NV RAM Do...

Страница 623: ... the default setting ip tftp source interface INTERFACE ID no ip tftp source interface Parameters INTERFACE ID Specifies the interface ID The interface IP address will be used as the source address for initiating TFTP packets Default The IP address of the closest interface will be used Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to spe...

Страница 624: ...e boot image setting Example This example shows how to display system boot information Switch show boot Unit 1 Boot image c bootimage had Boot config c def_usr cfg Unit 2 Boot image c bootimage had Boot config c def_usr cfg Switch 70 9 show running config This command is used to display the commands in the running configuration file show running config Parameters None Default None Command Mode Pri...

Страница 625: ...orporation All rights reserved STACK end end DEVICE configure terminal end AAA CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All 70 10 show startup config This command is used to display the content of the startup configuration file show startup config Parameters None Default None Command Mode Privileged EXEC Mode Command Default Level Level 15 Usage Guideline This command displays the co...

Страница 626: ...rtup config DGS 1510 28XMP Gigabit Ethernet SmartPro Switch Configuration Firmware Build 1 30 002 Copyright C 2015 D Link Corporation All rights reserved STACK end end DEVICE configure terminal end AAA configure terminal AAA START CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All ...

Страница 627: ...l message buffer Use the no form of this command to disable the logging of messages to the local message buffer Use the default logging buffered command to revert to default setting logging buffered severity SEVERITY LEVEL SEVERITY NAME discriminator NAME write delay SECONDS infinite no logging buffered default logging buffered Parameters SEVERITY LEVEL Optional Specifies the severity level of sys...

Страница 628: ...sages that are logged The content of the logging buffer will be saved to the FLASH memory periodically such that the message can be restored on reboot The interval for periodically writing the logging buffer to FLASH can be specified The content of the logged messages in the FLASH will be reloaded into the logging buffer on reboot Example This example shows how to enable the logging of messages to...

Страница 629: ...ample This example shows how to enable the logging of messages to the local console and restrict the logging of messages with a security level of errors or higher Switch configure terminal Switch config logging console severity errors Switch config 71 4 logging discriminator This command is used to create a discriminator that can be further used to filter SYSLOG messages sent to various destinatio...

Страница 630: ...scriminator NAME port UDP PORT no logging server IP ADDRESS IPV6 ADDRESS Parameters IP ADDRESS Specifies the IP address of the SYSLOG server host IPV6 ADDRESS Specifies the IPv6 address of the log server host SEVERITY LEVEL Optional Specifies the severity level of system messages The messages at that severity level or a more severe level will be logged to the log server This value must be between ...

Страница 631: ...urity authorization messages 5 Messages generated internally by the SYSLOG 6 Line printer sub system 7 Network news sub system 8 UUCP sub system 9 Clock daemon 10 Security authorization messages 11 FTP daemon 12 NTP subsystem 13 Log audit 14 Log alert 15 Clock daemon note 2 16 Local use 0 local0 17 Local use 1 local1 18 Local use 2 local2 19 Local use 3 local3 20 Local use 4 local4 21 Local use 5 ...

Страница 632: ... address of the SYSLOG packet Example This example shows how to configure VLAN 100 as the source interface for SYSLOG packets Switch configure terminal Switch config logging source interface vlan100 Switch config 71 7 show logging This command is used to display the system messages logged in the local message buffer show logging all REF SEQ NN NN Parameters all Specifies to display all log entries...

Страница 633: ... the latest message Example This example shows how to display the messages in the local message buffer switch show logging Total number of buffered messages 2 2 2013 08 02 16 37 36 INFO 6 Logout through Console Username Anonymous 1 2013 08 02 16 35 54 INFO 6 Port eth1 0 1 link up 1000Mbps FULL duplex switch 71 8 show attack logging This command is used to display attack log messages show attack lo...

Страница 634: ... messages 1 2013 10 17 15 00 14 CRIT 2 Land attack is blocked from IP 10 72 24 1 Port 7 Switch 71 9 clear attack logging This command is used to delete the attack log clear attack logging unit UNIT ID all Parameters UNIT ID Specifies the unit on which the attack log messages will be cleared all Specifies to clear all attack log entries Default None Command Mode Privilege EXEC Mode Command Default ...

Страница 635: ... time zone specified by the configuration of the clock timezone command The clock configured by this command will be applied to RTC if it is available The configured clock will not be stored in the configuration file If the clock is manually set and the SNTP server is configured the system will still try to sync the clock with the server If the clock is manually set but a new clock time is obtaine...

Страница 636: ...ult Level Level 12 Usage Guideline Use this command to automatically switch over to summer time The command has two forms One is the recurring form which is used to specify the time through the week and the day of the month The other form is the date form which is used to specify the date of the month In both the date and recurring forms of the command the first part of the command specifies when ...

Страница 637: ... based on UTC time time zone and the daylight saving configuration Example This example shows how to set the time zone to the Pacific Standard Time PST which is 8 hours ahead of UTC Switch configure terminal Switch config clock timezone 8 Switch config 72 4 show clock This command is used to display the time and date information show clock Parameters None Default None Command Mode EXEC Mode or Any...

Страница 638: ...isplay information about the SNTP server show sntp Parameters None Default None Command Mode EXEC Mode or Any Configuration Mode Command Default Level Level 1 Usage Guideline This command is used to display information about the SNTP server Example This example shows how to display SNTP information Switch show sntp SNTP Status Enabled SNTP Pool Interval 720 seconds SNTP Server Status SNTP Server S...

Страница 639: ... time within 100 milliseconds of the accurate time but it does not provide the complex filtering and statistical mechanisms of NTP In addition SNTP does not authenticate traffic although you can configure extended access lists to provide some protection Create multiple SNTP servers by enter this command multiple times with different SNTP server IP addresses Use the no form of this command to delet...

Страница 640: ...tch config 72 8 sntp interval This command is used to set the interval for the SNTP client to synchronize its clock with the server sntp interval SECONDS no sntp interval Parameters SECONDS Specifies the synchronization interval from 30 to 99999 seconds Default By default this value is 720 seconds Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline This command is...

Страница 641: ...me range Configuration Mode Command Default Level Level 12 Usage Guideline A new period can be partially overlapped with an older one If a new period s starting and ending time is respectively the same as a previous period an error message will be displayed and the new period will not be allowed When specifying a period to remove it must be the same period originally added and cannot be a partial ...

Страница 642: ...igured time ranges Switch show time range Time Range Profile rdtime Daily 09 00 to 12 00 Weekly Saturday 00 00 to Monday 00 00 Time Range Profile lunchtime Daily 12 00 to 13 00 Total Entries 2 Switch 73 3 time range This command is used to enter the time range configuration mode to define a time range Use the no form of this command to delete a time range time range NAME no time range NAME Paramet...

Страница 643: ...mand to specify a time period When a time range is created without any time interval periodic setting it implies that there is not any active period for the time range Example This example shows how to enter the time range configuration mode for the time range profile named rdtime Switch configure terminal Switch config time range rdtime Switch config time range ...

Страница 644: ...de or Any Configuration Mode Command Default Level Level 1 Usage Guideline While entering this command without any other keywords the traffic segmentation configuration for all ports is displayed Otherwise only the specified interface s traffic segmentation is displayed Example This example shows how to display the configuration of traffic segmentation for eth3 0 1 Switch show traffic segmentation...

Страница 645: ...ffic segmentation forward command can be entered multiple times The following interfaces will be appended into the forwarding domain Use the no form command will remove the specified interface from the traffic segmentation forward member list The traffic segmentation member list can be comprised of different interface types for example port and port channel in the same forwarding domain If the int...

Страница 646: ... mode the default option is untagged only For the other VLAN mode the default option is admit all Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline This command is used to set the acceptable types of frames by a port Example This example shows how to set the acceptable frame type to tagged only for port eth1 0 1 Switch configure terminal Switch config interfa...

Страница 647: ...witch show vlan VLAN ID interface INTERFACE ID mac vlan Parameters VLAN ID Optional Specifies a list of VLANs to display the member port information If the VLAN is not specified all VLANs are displayed The valid range is from 1 to 4094 interface INTERFACE ID Optional Specifies the port to display the VLAN related setting Optional Specifies a series of interfaces or separate a range of interfaces f...

Страница 648: ...id untagged VLAN 1 Hybrid tagged VLAN Ingress checking Enabled Acceptable frame type Admit All Dynamic tagged VLAN eth1 0 2 VLAN mode Hybrid Native VLAN 1 Hybrid untagged VLAN 1 Hybrid tagged VLAN Ingress checking Enabled Acceptable frame type Admit All Dynamic tagged VLAN eth1 0 3 VLAN mode Hybrid Native VLAN 1 Hybrid untagged VLAN 1 Hybrid tagged VLAN Ingress checking Enabled Acceptable frame ty...

Страница 649: ...gure the interface 1 0 1 to access mode with access VLAN 1000 Switch configure terminal Switch config interface eth1 0 1 Switch config if switchport mode access Switch config if switchport access vlan 1000 Switch config if 75 5 switchport hybrid allowed vlan This command is used to specify the tagged or untagged VLANs for a hybrid port Use the no form of this command to revert to the default setti...

Страница 650: ...and if the new tagged allowed VLAN list is overlap with current untagged allowed VLAN list the overlap part will change to the tagged allowed VLAN The last command will take effect The VLAN does not need to exist to configure the command Example This example shows how to configure interface eth1 0 1 to be a tagged member of VLAN 1000 and an untagged member of VLAN 2000 and 3000 Switch configure te...

Страница 651: ... no form of this command to revert to the default setting switchport mode access hybrid trunk no switchport mode Parameters access Specifies the port as an access port hybrid Specifies the port as a hybrid port trunk Specifies the port as a trunk port Default By default this option is hybrid Command Mode Interface Configuration Mode Command Default Level Level 12 Usage Guideline When a port is set...

Страница 652: ... allowed VLAN ID Specifies the allow VLAN list or the VLAN list to be added to or removed from the allow VLAN list Optional Specifies a series of VLANs or separate a range of VLANs from a previous range No space is required before and after the comma Optional Specifies a range of VLANs No space is required before and after the hyphen Default By default all VLANs are allowed Command Mode Interface ...

Страница 653: ...ly to only accept tagged frames When a trunk port works in the untagged mode for a native VLAN transmitting untagged packet for a native VLAN and tagged packets for all other VLANs and the acceptable frame types of the port has to be set to admit all in order to function correctly The specified VLAN does not need to exist to apply the command Example This example shows how to configure interface e...

Страница 654: ...d to remove a VLAN The default VLAN cannot be removed If the removed VLAN is a port s access VLAN the port s access VLAN will be reset to VLAN 1 Example This example shows how to add new VLANs assigning the new VLANs with the VLAN IDs 1000 to 1005 Switch configure terminal Switch config vlan 1000 1005 Switch config vlan 75 11 name This command is used to specify the name of a VLAN Use the no form ...

Страница 655: ...he priority If not specified the priority is 0 Default None Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this to add or delete the MAC based VLAN classification entry The classification entry will be applied to packets received by the Switch The user should use the switchport hybrid allowed vlan command to configure the VLAN member port for the MAC base...

Страница 656: ...roup ID 10 Switch configure terminal Switch config protocol vlan profile 10 frame type ethernet2 ether type 0x86dd Switch config 75 14 protocol vlan profile interface This command is used to configure the VLAN classification entry for a protocol group on a port Use the no form of this command to remove the VLAN classification entry on a port protocol vlan profile PROFILE ID vlan VLAN ID priority C...

Страница 657: ...y Optional Specifies a series of protocol groups or separate a range of protocol groups from a previous range No space is allowed before and after the comma Optional Specifies a range of protocol groups No space is allowed before and after the hyphen interface Specifies to display protocol VLAN information of ports INTERFACE ID Optional Specifies the interface to display Optional Specifies a serie...

Страница 658: ...tch show protocol vlan interface eth1 0 1 Interface Protocol Group ID VLAN Priority eth1 0 1 10 3000 0 Switch This example shows how to display the protocol group profile settings Switch show protocol vlan profile Profile ID Frame type Ether type 10 Ethernet2 0x86DD IPv6 Switch ...

Страница 659: ...ode need to be enabled for a port to start the voice VLAN function When the voice VLAN is enabled for a port the received voice packets will be forwarded in the voice VLAN The received packets are determined as voice packets if the source MAC addresses of packets comply with the organizationally unique identifier OUI addresses configured by the voice vlan mac address command The VLAN to be specifi...

Страница 660: ...ing timer will be cancelled Example This example shows how to configure the aging time of the voice VLAN to 30 minutes Switch configure terminal Switch config voice vlan aging 30 Switch config 76 3 voice vlan enable This command is used to enable the voice VLAN state of ports Use the no form of this command to disable the voice VLAN s port state voice vlan enable no voice vlan enable Parameters No...

Страница 661: ...or the user defined OUI with a maximum of 32 characters Default The default OUI is listed in the following table OUI Vendor 00 E0 BB 3COM 00 03 6B Cisco 00 E0 75 Veritel 00 D0 1E Pingtel 00 01 E3 Siemens 00 60 B9 NEC Philips 00 0F E2 Huawei 3COM 00 09 6E Avaya Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to add a user defined OUI for the vo...

Страница 662: ...ort will automatically be learned as a voice VLAN member This membership will be automatically be aged out When the port is working in the auto tagged mode and the port captures a voice device through the device s OUI it will join the voice VLAN as a tagged member automatically When the voice device sends tagged packets the switch will change its priority When the voice device sends untagged packe...

Страница 663: ...e The voice packets arriving at the voice VLAN enabled port are marked to the CoS specified by the command The remarking of CoS allows the voice VLAN traffic to be distinguished from data traffic in quality of service Example This example shows how to configure the priority of the voice VLAN to be 7 Switch configure terminal Switch config voice vlan qos 7 Switch config 76 7 show voice vlan This co...

Страница 664: ...shows how to display the voice VLAN global settings Switch show voice vlan Voice VLAN ID 1000 Voice VLAN CoS 7 Aging Time 30 minutes Member Ports eth1 0 1 1 0 5 Dynamic Member Ports eth1 0 1 1 0 3 Voice VLAN OUI OUI Address Mask Description 00 01 E3 00 00 00 FF FF FF 00 00 00 Siemens 00 03 6B 00 00 00 FF FF FF 00 00 00 Cisco 00 09 6E 00 00 00 FF FF FF 00 00 00 Avaya 00 0F E2 00 00 00 FF FF FF 00 0...

Страница 665: ...0 09 Aging eth1 0 1 00 03 6B 00 00 05 2012 03 20 12 04 Active eth1 0 2 00 03 6B 00 00 0a 2012 03 19 08 11 Aging eth1 0 2 33 00 61 10 00 11 2012 03 20 06 45 Aging Total Entries 5 Switch This example shows how to display the learned LLDP MED voice devices on ports eth1 0 1 1 0 2 Switch show voice vlan lldp med device interface eth1 0 1 2 Index 1 Interface eth1 0 1 Chassis ID Subtype MAC Address Chas...

Страница 666: ... Switch config if web auth enable Switch config if 77 2 web auth page element This command is used to customize the Web authentication page elements Use the no form of this command to revert to the default setting web auth page element page title STRING login window title STRING username title STRING password title STRING logout window title STRING copyright line LINE NUMBER title STRING no web au...

Страница 667: ... authentication page elements There are two Web authentication pages 1 the authentication login page and 2 the authentication logout page The Web authentication login page will be displayed to the user to get the username and password when the system doing Web authentication for the user Users can logout from the network by clicking the Logout button on the authentication login page after success ...

Страница 668: ...h http www website com Switch config 77 4 web auth system auth control This command is used to enable the Web authentication function globally on the Switch Use the no form of this command to disable the Web authentication function globally on the Switch web auth system auth control no web auth system auth control Parameters None Default By default this option is disabled Command Mode Global Confi...

Страница 669: ...ication processes communicate with this IP address however the virtual IP does not respond to any ICMP packet or ARP request So it s not allowed to configure virtual IP in the same subnet as the Switch s IP interface or the same subnet as the host PCs subnet otherwise the Web authentication cannot operate correctly The defined URL only takes effect when the virtual IP address is configured The use...

Страница 670: ...o form of this command to disable sending SNMP notifications snmp server enable traps web auth no snmp server enable traps web auth Parameters None Default By default this option is disabled Command Mode Global Configuration Mode Command Default Level Level 12 Usage Guideline Use this command to enable or disable sending SNMP notifications for Web Authentication Example This example shows how to e...

Страница 671: ...Log Message 802 1X authentication success Username username interface id MAC mac address Parameters description username The user that is being authenticated interface id The interface name mac address The MAC address of the authenticated device Informational AAA Log Description Severity Event description This log will be generated when AAA global state is enabled or disabled Log Message AAA is st...

Страница 672: ...vilege through exec type from client ip authenticated by AAA aaa method server ip Username username Parameters description exec type It indicates the EXEC types e g Console Telnet SSH Web Web SSL client ip It indicates the client s IP address if valid through IP protocol aaa method It indicates the authentication method e g none local server server ip It indicates the AAA server IP address if auth...

Страница 673: ...rname for authentication Informational Event description This log will be generated when RADIUS assigned a valid priority attributes Log Message RADIUS server server ip assigned 802 1p default priority priority to port interface id Username username Parameters description server ip It indicates the RADIUS server IP address priority The assign priority that authorized by from RADIUS server interfac...

Страница 674: ...r that interface the log message will be sent Log Message interface id remove from surveillance VLAN vid Parameters description interface id Interface name vid VLAN ID Informational BPDU Attack Protection Log Description Severity Event description Record the event when the BPDU attack happened Log Message interface id enter STP BPDU under protection state mode mode Parameters description interface...

Страница 675: ...name on server Warning Event description Firmware uploaded successfully Log Message Unit unitID Firmware uploaded by session successfully Username username IP ipaddr MAC macaddr Server IP serverIP File Name pathFile Parameters description unitID The unit ID session The user s session username Represent current login user ipaddr Represent client IP address macaddr Represent client MAC address serve...

Страница 676: ...session The user s session username Represent current login user ipaddr Represent client IP address macaddr Represent client MAC address serverIP Server IP address pathFile Path and file name on server Warning Event description Configuration uploaded successfully Log Message Unit unitID Configuration uploaded by session successfully Username username IP ipaddr MAC macaddr Server IP serverIP File N...

Страница 677: ...generated when DAI detect invalid ARP packet Log Message Illegal ARP type packets IP ip address MAC mac address VLAN vlan id on interface id Parameters description type The type of ARP packet it indicates that ARP packet is request or ARP response Warning Event description This log will be generated when DAI detect valid ARP packet Log Message Legal ARP type packets IP ip address MAC mac address V...

Страница 678: ...arning DHCPv6 Client Log Description Severity Event description DHCPv6 client interface administrator state changed Log Message DHCPv6 client on interface ipif name changed state to enabled disabled Parameters description ipif name Name of the DHCPv6 client interface Informational Event description DHCPv6 client obtains an ipv6 address from a DHCPv6 server Log Message DHCPv6 client obtains an ipv6...

Страница 679: ... Event description DHCPv6 client PD interface administrator state changed Log Message DHCPv6 client PD on interface intf name changed state to enabled disabled Parameters description intf name Name of the DHCPv6 client PD interface Informational Event description DHCPv6 client PD obtains an IPv6 prefix from a delegation router Log Message DHCPv6 client PD obtains an ipv6 prefix ipv6networkaddr on ...

Страница 680: ...tion ipv6address IPv6 prefix obtained from a delegation router intf name Name of the DHCPv6 client PD interface Informational DHCPv6 Relay Log Description Severity Event description DHCPv6 relay on a specify interface s administrator state changed Log Message DHCPv6 relay on interface ipif name changed state to enabled disabled Parameters description ipif name Name of the DHCPv6 relay agent interf...

Страница 681: ...dresses interface id The interface on which the host is authenticated vlan id The VLAN ID on which the host exists Informational Event description When a host fail to pass the authentication Log Message JWAC host login fail Username string IP ipaddr ipv6address MAC mac address interface id VID vlan id Parameters description Username The host username IP The host IP address mac address The host MAC...

Страница 682: ...at detach from aggregation group group_id The group id of the aggregation group that port detach from Informational LBD Log Description Severity Event description Record the event when an interface detect loop Log Message interface id LBD loop occurred Parameters description interface id Interface on which loop is detected Critical Event description Record the event when an interface detect loop L...

Страница 683: ... 1 interfaceAlias 1 2 portComponent 2 3 macAddress 3 4 networkAddress 4 5 interfaceName 5 6 agentCircuitId 6 7 local 7 portID port ID deviceClass LLDP MED device type Notice Event description Conflict LLDP MED device type detected Log Message Conflict LLDP MED device type detected on port portNum chassis id chassisType chassisID port id portType portID device class deviceClass Parameters descripti...

Страница 684: ...faceAlias 1 2 portComponent 2 3 macAddress 3 4 networkAddress 4 5 interfaceName 5 6 agentCircuitId 6 7 local 7 portID port ID deviceClass LLDP MED device type Notice Login Logout CLI Log Description Severity Event description Login through console successfully Log Message Unit unitID Successful login through Console Username username Parameters description unitID The unit ID username Represent cur...

Страница 685: ...esent current login user ipaddr Represent client IP address Informational Event description Logout through telnet Log Message Logout through Telnet Username username IP ipaddr Parameters description username Represent current login user ipaddr Represent client IP address Informational Event description Login through SSH successfully Log Message Successful login through SSH Username username IP ipa...

Страница 686: ...MAC address interface id The interface on which the host is authenticated vlan id The VLAN ID on which the host exists Critical Event description The authorized user number on the whole device has reached the maximum user limit Log Message MAC based Access Control enters stop learning state Warning Event description The authorized user number on the whole device is below the maximum user limit in ...

Страница 687: ... MSTP instance new root port selected Log Message New root port selected Instance Instance id interface_id Parameters description Instance id MST instance id Instance 0 represents for default instance CIST interface_id The port number which detect or receive topochange information Notice Event description Used to record MSTP instance port state change event Log Message Spanning Tree port status ch...

Страница 688: ...ferent MST regions Informational Event description Use to record action to maps a VLAN s to an MST instance Log Message Spanning Tree MST configuration ID VLAN mapping table change instance Instance id add vlan startvlanid endvlanid Parameters description Instance id MST instance id Instance 0 represents for default instance CIST startvlanid The start vid of add vlan range endvlanid The end vid of...

Страница 689: ... The sensor ID and position Critical Event description Power failed Log Message Unit unit id power descr failed Parameters description unitID The unit ID power descr The power position and ID Critical Event description Power is recovered Log Message Unit unit id power descr back to normal Parameters description unitID The unit ID power descr The power position and ID Critical Event description Pre...

Страница 690: ...description unit id The Unit ID Warning Event description the host enters the mode of normal Log Message Unit unit id Safeguard Engine enters NORMAL mode Parameters description unit id The Unit ID Informational SNMP Log Description Severity Event Description SNMP request received with invalid community string Log Message SNMP request received from ipaddr with invalid community string Parameters De...

Страница 691: ...ters description unitID Box ID Informational Event description Box ID conflict Log Message Hot insert failed box ID conflict Unit unitID conflict MAC macaddr and MAC macaddr Parameters description unitID Box ID macaddr The MAC addresses of the conflicting boxes Critical Storm Control Log Description Severity Event description Storm occurrence Log Message Broadcast Multicast Unicast storm is occurr...

Страница 692: ...ogin through Telnet Username username IP ipaddr Parameters description ipaddr The IP address of telnet client username the user name that used to login telnet server Informational Event description Login failed through Telnet Log Message Login failed through Telnet Username username IP ipaddr Parameters description ipaddr The IP address of telnet client username the user name that used to login te...

Страница 693: ... username IP ipaddr Parameters description username The use name that used to login HTTP server ipaddr The IP address of HTTP client Informational Event description Login failed through Web Log Message Login failed through Web Username username IP ipaddr Parameters description username The use name that used to login HTTP server ipaddr The IP address of HTTP client Warning Event description Web se...

Страница 694: ...ace id VID vlan id Parameters description Username The host username IP The host IP address mac address The host MAC addresses interface id The interface on which the host is authenticated vlan id The VLAN ID on which the host exists Informational Event description When a host fail to pass the authentication Log Message Web Authentication host login fail Username string IP ipaddr ipv6address MAC m...

Страница 695: ...DGS 1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide 692 ...

Страница 696: ...hVlan 4 dnaSessionAuthUserName 5 dDot1xExtNotifyFailReason 1 3 6 1 4 1 17 1 14 30 0 2 Authentication Fail Trap Name Description OID authenticationFailure An authenticationFailure trap signifies that the SNMPv2 entity acting in an agent role has received a protocol message that is not properly authenticated While all implementations of the SNMPv2 must be capable of generating this trap the snmpEnab...

Страница 697: ... 1 17 1 14 72 0 2 DHCP Server Screen Prevention Trap Name Description OID dDhcpFilterAttackDetected When DHCP Server Screen is enabled if the switch received the forge DHCP Server packet the switch will trap the event if any attacking packet is received Binding objects 1 dDhcpFilterLogBufServerIpAddr 2 dDhcpFilterLogBufClientMacAddr 3 dDhcpFilterLogBufferVlanId 4 dDhcpFilterLogBufferOccurTime 1 3 ...

Страница 698: ...ap Name Description OID dImpbViolationTrap The address violation notification is generated when IP MAC Port Bindingaddress violation is detected Binding objects 1 ifIndex 2 dImpbViolationIpAddrType 3 dImpbViolationIpAddress 4 dImpbViolationMacAddress 1 3 6 1 4 1 17 1 14 22 0 1 LACP Trap Name Description OID linkUp A linkUp trap signifies that the SNMP entity acting in an agent role has detected th...

Страница 699: ...otifyInfoVlanId 1 3 6 1 4 1 17 1 14 46 0 3 dLbdVlanLoopRestart This trap is sent when an interface loop with a VID restarts after the interval time Binding objects 1 dLbdNotifyInfoIfIndex 2 dLbdNotifyInfoVlanId 1 3 6 1 4 1 17 1 14 46 0 4 LLDP Trap Name Description OID lldpRemTablesChange A lldpRemTablesChange notification is sent when the value of lldpStatsRemTableLastChangeTime changes It can be ...

Страница 700: ...ificatio This trap indicate the MAC addresses variation in the address table Binding objects 1 dL2FdbMacChangeNotifyInfo 1 3 6 1 4 1 17 1 14 3 0 1 MSTP Trap Name Description OID newRoot The newRoot trap indicates that the sending agent has become the new root of the Spanning Tree the trap is sent by a bridge soon after its election as the new root e g upon expiration of the Topology Change Timer i...

Страница 701: ... 1 3 6 1 2 1 10 5 0 2 pethMainPowerUsageOffNotifica tion This trap indicates PSE Threshold usage indication is off the usage power is below the threshold At least 500 msec must elapse between notifications being emitted by the same object instance Binding objects 1 pethMainPseConsumptionPower 1 3 6 1 2 1 10 5 0 3 dPoeIfPowerDeniedNotification This Notification indicates if PSE state diagram enters...

Страница 702: ...will trigger trap messages to be sent out Binding objects 1 ifIndex 2 dPortSecIfCurrentStatus 3 dPortSecIfViolationMacAddress 1 3 6 1 4 1 17 1 14 8 0 1 RMON Trap Name Description OID risingAlarm The SNMP trap that is generated when an alarm entry crosses its rising threshold and generates an event that is configured for sending SNMP traps Binding objects 1 alarmIndex 2 alarmVariable 3 alarmSampleT...

Страница 703: ...nding objects 1 dStackNotifyInfoBoxId 1 3 6 1 4 1 17 1 14 9 0 3 dStackTPChangeNotification The stacking topology change notification Binding objects 1 dStackNotifyInfoTopologyType 2 dStackNotifyInfoBoxId 3 dStackInfoMacAddr 1 3 6 1 4 1 17 1 14 9 0 4 dStackRoleChangeNotification The stacking unit role change notification Binding objects 1 dStackNotifyInfoRoleChangeType 2 dStackNotifyInfoBoxId 1 3 6...

Страница 704: ...commander switch will send this notification when its member generates a topology change notification Binding objects 1 swSingleIPMSID 2 swSingleIPMSMacAddr 1 3 6 1 4 1 17 1 12 8 6 0 17 Start Trap Name Description OID coldStart A coldStart trap signifies that the SNMPv2 entity acting in an agent role is reinitializing itself and that its configuration may have been altered 1 3 6 1 6 3 1 1 5 1 warm...

Страница 705: ...y 1 3 6 1 4 1 17 1 14 14 0 4 dsfSaveCfg The notification is sent when the user saves configuration file successfully 1 3 6 1 4 1 17 1 14 14 0 5 Web Authentication Trap Name Description OID dWebAuthLoggedSuccess The trap is sent when a host has successfully logged in passed Web Authentication Binding objects 1 ifIndex 2 dnaSessionAuthVlan 3 dnaSessionClientMacAddress 4 dnaSessionClientAddrType 5 dn...

Страница 706: ...er if the user does not configure the privilege level attribute and authenticates successfully the device will not assign any privilege level to the access user If the privilege level is configured less than the minimum supported value or greater than the maximum supported value the privilege level will be ignored To assign the Ingress Egress Bandwidth by the RADIUS server the proper parameters sh...

Страница 707: ...onfigure the priority attribute and authenticates successfully the device will not assign a priority to this port If the priority attribute is configured on the RADIUS server is a value out of range 7 it will not be set to the device To assign the VLAN by the RADIUS server the proper parameters should be configured on the RADIUS server To use VLAN assignment RFC 3580 defines the following tunnel a...

Страница 708: ...st VLAN member it will be assigned to its original VLAN To assign the ACL by the RADIUS server the proper parameters should be configured on the RADIUS server The table below shows the parameters for an ACL The parameters of the Vendor Specific Attribute are RADIUS Tunnel Attribute Description Value Usage Vendor ID Defines the vendor 171 DLINK Required Vendor Type Defines the attribute 14 for ACL ...

Страница 709: ...dard RADIUS attributes are defined in the RFC 2865 Remote Authentication Dial In User Service RADIUS RFC 2866 RADIUS Accounting RFC 2868 RADIUS Attributes for Tunnel Protocol Support and RFC 2869 RADIUS Extensions The following table lists the IETF RADIUS attributes supported by the D Link switch RADIUS Authentication Attributes Number IETF Attribute 1 User Name 2 User Password 3 CHAP Password 4 N...

Страница 710: ...ress 5 NAS Port 6 Service Type 8 Framed IP Address 31 Calling Station ID 32 NAS Identifier 40 Acct Status Type 41 Acct Delay Time 42 Acct Input Octets 43 Acct Output Octets 44 Acct Session ID 45 Acct Authentic 46 Acct Session Time 47 Acct Input Packets 48 Acct Output Packets 49 Acct Terminate Cause 52 Acct Input Gigawords 53 Acct Output Gigawords 61 NAS Port Type 95 NAS IPv6 Address ...

Страница 711: ...20 DGS 1510 20 Hardware based Software based V V V Model Name ERPS Port 1 to 8 Port 9 to 24 Port 25 to 28 DGS 1510 28 DGS 1510 28P DGS 1510 28X DGS 1510 28XMP Hardware based V Software based V V Model Name ERPS Port 1 to 8 Port 9 to 24 Port 25 to 32 Port 33 to 52 DGS 1510 52 Hardware based V V Software based V V Model Name ERPS Port 1 to 8 Port 9 to 24 Port 25 to 32 Port 33 to 48 Port 49 and 50 Po...

Отзывы:

Нет отзывов

Похожие инструкции для DGS-1510 Series

Бренд: D-Link Страницы: 2

Бренд: Paradyne Страницы: 22

Бренд: Patton electronics Страницы: 2

Бренд: Patton electronics Страницы: 86

Бренд: Lanpro Страницы: 5

LightSpeed Appliance QLS250

Бренд: Quantum Страницы: 12

Бренд: Macsense Страницы: 39

InterReach Fusion SingleStar

Бренд: LGC wireless Страницы: 154

Бренд: Netis Страницы: 16

Бренд: Galaxy Страницы: 30

Бренд: Zhone Страницы: 2

Бренд: National Instruments Страницы: 26

Бренд: Comtrend Corporation Страницы: 4

Бренд: Linksys Страницы: 6

Бренд: MaxComm Страницы: 10

Бренд: ADTRAN Страницы: 161

Бренд: Amit Страницы: 75

Бренд: E-Lins Страницы: 10

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды