manualshive.com logo in svg

D-Link DGS-3212SR, Справочное руководство по интерфейсу командной строки

D-Link DGS-3212SR - коммутатор сетевого уровня 3, с возможностью управления через командный интерфейс. Для настройки устройства скачайте бесплатный руководство по интерфейсу командной строки на нашем сайте. Получите детальное описание функций и возможностей этого продукта. Загрузите его сейчас с manualshive.com.

Поделиться
Скачать
background image

DGS-3212SR Layer 3 Gigabit Switch

 

Creating an access profile is divided into two basic parts.  First, an access profile must be created using the 

create 

access_profile 

command.  For example, if you want to deny all traffic to the subnet 10.42.73.0 to 10.42.73.255, you must first 

create 

an access profile that instructs the switch to examine all of the relevant fields of each frame: 

create access_profile ip source_ip_mask 255.255.255.0 profile_id 1  

Here we have created an access profile that will examine the IP field of each frame received by the switch. Each source IP 
address the switch finds will be combined with the 

source_ip_mask

 with a logical AND operation. The 

profile_id

 parameter is 

used to give the access profile an identifying number 

 in this case, 

1

. The 

deny 

parameter instructs the switch to filter any 

frames that meet the criteria 

 in this case, when a logical AND operation between an IP address specified in the next step and 

the 

ip_source_mask

 match.   

The default for an access profile on the switch is to 

permit

 traffic flow. If you want to restrict traffic, you must use the 

deny

 

parameter. 

Now that an access profile has been created, you must add the criteria the switch will use to decide if a given frame should be 
forwarded or filtered. Here, we want to filter any packets that have an IP source address between 10.42.73.0 and 10.42.73.255: 

config access_profile profile_id 1 add access_id 1 ip source_ip 10.42.73.1 deny 

Here we use the 

profile_id 1

 which was specified when the access profile was created. The 

add

 parameter instructs the switch 

to add the criteria that follows to the list of rules that are associated with access profile 1. For each rule entered into the access 
profile, you can assign an 

access_id 

that both identifies the rule and establishes a priority within the list of rules. A lower 

access_id

 gives the rule a higher priority.  

The 

ip

 parameter instructs the switch that this new rule will be applied to the IP addresses contained within each frame’s header.  

source_ip

 tells the switch that this rule will apply to the source IP addresses in each frame’s header. Finally, the IP address 

10.42.73.1

 will be combined with the 

source_ip_mask

 

255.255.255.0 

to give the IP address 10.42.73.0 for any source IP 

address between 10.42.73.0 to 10.42.73.255. 

Each command is listed, in detail, in the following sections. 

 

NOTE:

 As a stand-alone switch or as a master switch in a switch stack, 

the switch number will be referred to as 15 for all configurations, graphs 
and tables. 

 

create access_profile 

Purpose 

Used to create an access profile on the switch and to define which 
parts of each incoming frame’s header the switch will examine.  
Masks can be entered that will be combined with the values the 
switch finds in the specified frame header fields. Specific values 
for the rules are entered using the 

config access_profile

 

command, below. 

Syntax 

create access_profile [ethernet{  vlan |   source_mac 
<macmask> |    destination_mac <macmask> |   802.1p  |   
ethernet_type}| ip {  vlan |   source_ip_mask <netmask> |    
destination_ip_mask <netmask> |    dscp | [   icmp  {type | 
code } |    igmp  {type } |   tcp   {src_port_mask <hex 0x0-
0xffff> | dst_port_mask <hex 0x0-0xffff>| flag_mask [all | {urg 
| ack | psh | rst | syn | fin}]} |   udp   {src_port_mask <hex 0x0-
0xffff> | dst_port_mask <hex 0x0-0xffff>} |    protocol_id  
{user_mask <hex 0x0-
0xffffffff>} ]}|packet_content_mask{offset_0-15 <hex 0x0-
0xffffffff><hex 0x0-0xffffffff><hex 0x0-0xffffffff><hex 0x0-
0xffffffff> | offset_16-31 <hex0x0-0xffffffff><hex 0x0-

 

208

Содержание DGS-3212SR

Страница 1: ...DGS 3212SR Release III 12 Port Gigabit Layer 2 Stackable Switch Command Line Interface Reference Manual Third Edition February 2005 Version 0 3 Printed In Taiwan RECYCLABLE ...

Страница 2: ......

Страница 3: ...orporation is strictly forbidden Trademarks used in this text D Link and the D LINK logo are trademarks of D Link Computer Corporation Microsoft and Windows are registered trademarks of Microsoft Corporation Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products D Link Computer Corporation disclaims any proprieta...

Страница 4: ......

Страница 5: ...erzielen e Das Gerät ist gefallen und oder das Gehäuse ist beschädigt f Wenn das Gerät deutliche Anzeichen eines Defektes aufweist 16 Bei Reparaturen dürfen nur Orginalersatzteile bzw den Orginalteilen entsprechende Teile verwendet werden Der Einsatz von ungeeigneten Ersatzteilen kann eine weitere Beschädigung hervorrufen 17 Wenden Sie sich mit allen Fragen die Service und Repartur betreffen an Ih...

Страница 6: ...y package returned to D Link without an RMA number will be rejected and shipped back to Purchaser at Purchaser s expense and D Link reserves the right in such a case to levy a reasonable handling charge in addition mailing or shipping costs Software Warranty service for software products may be obtained by contacting a D Link office within the applicable warranty period A list of D Link offices is...

Страница 7: ... be free of physical defects D Link s sole obligation shall be to replace the non conforming Software or defective media with software that substantially conforms to D Link s functional specifications for the Software or to refund at D Link s sole discretion Except as otherwise agreed by D Link in writing the replacement Software is provided only to the original licensee and is subject to the term...

Страница 8: ...ODWILL LOSS OF REVENUE OR PROFIT WORK STOPPAGE COMPUTER FAILURE OR MALFUNCTION FAILURE OF OTHER EQUIPMENT OR COMPUTER PROGRAMS TO WHICH D LINK S PRODUCT IS CONNECTED WITH LOSS OF INFORMATION OR DATA CONTAINED IN STORED ON OR INTEGRATED WITH ANY PRODUCT RETURNED TO D LINK FOR WARRANTY SERVICE RESULTING FROM THE USE OF THE PRODUCT RELATING TO WARRANTY SERVICE OR ARISING OUT OF ANY BREACH OF THIS LIM...

Страница 9: ...rence in which case the user will be required to correct the interference at his own expense CE Mark Warning This is a Class A product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures ...

Страница 10: ... Tree Protocol MSTP Commands 76 Forwarding Database Commands 92 Broadcast Storm Control Commands 102 QoS Commands 105 Port Mirroring Commands 114 VLAN Commands 119 Link Aggregation Commands 126 Basic IP Commands 133 IGMP Snooping Commands 135 MAC Notification Commands 145 Access Authentication Control Commands 150 SSH Commands 178 SSL Commands 187 802 1X Commands 192 Access Control List ACL Comman...

Страница 11: ...D Link Single IP Management Commands 224 Time and SNTP Commands 236 ARP Commands 244 Routing Table Commands 249 Command History List 252 Technical Specifications 255 ...

Страница 12: ......

Страница 13: ...d management agent is discussed in the User s Guide Accessing the Switch via the Serial Port The switch s serial port s default settings are as follows 9600 baud no parity 8 data bits 1 stop bit A computer running a terminal emulation program capable of emulating a VT 100 terminal and a serial port configured as above is then connected to the switch s serial port via an RS 232 DB 9 cable With the ...

Страница 14: ...the Configuration menu The IP address for the switch must be set before it can be managed with the Web based manager The switch IP address can be automatically set using BOOTP or DHCP protocols in which case the actual address assigned to the switch must be known The IP address may be set using the Command Line Interface CLI over the console serial port as follows 1 Starting at the command line pr...

Страница 15: ...ssigned an IP address of 10 58 44 99 with a subnet mask of 255 0 0 0 The system message Success indicates that the command was executed successfully The switch can now be configured and managed via Telnet and the CLI or via the Web based management agent using the above IP address to connect to the switch 3 ...

Страница 16: ... RAM and reloaded when the switch is rebooted If the switch is rebooted without using the save command the last configuration saved to NV RAM will be loaded Connecting to the Switch The console interface is used by connecting the Switch to a VT100 compatible terminal or a computer running an ordinary terminal emulator program e g the HyperTerminal program included with the Windows operating system...

Страница 17: ... 2 1 Initial Console Screen Commands are entered at the command prompt DGS 3212SR 4 There are a number of helpful features included in the CLI Entering the command will display a list of all of the top level commands Figure 2 2 The Command 5 ...

Страница 18: ... then prompt you to enter the username with the message Next possible completions Every command in the CLI has this feature and complex commands have several layers of parameter prompting In addition after typing any given command plus one space you can see all of the next possible sub commands in sequential order by repeatedly pressing the Tab key To re enter the previous command at the command p...

Страница 19: ...t at the command prompt Now the appropriate User name can be entered and the config account command re executed All commands in the CLI function in this way In addition the syntax of the help prompts are the same as presented in this manual angle brackets indicate a numerical value or character string braces indicate optional parameters or a choice of parameters and brackets indicate required para...

Страница 20: ...ch as show or config Most of these commands require one or more parameters to narrow the top level command This is equivalent to show what or config what Where the what is the next parameter For example if you enter the show command with no additional parameters the CLI will then display all of the possible next parameters 8 ...

Страница 21: ...Command In the above example all of the possible next parameters for the show command are displayed At the next command prompt the up arrow was used to re enter the show command followed by the account parameter The CLI then displays the user accounts configured on the switch 9 ...

Страница 22: ... vlan_name 32 space the MAC address in the macaddr and the port number in the port space Do not type the angle brackets Example Command create fdb vlan1 00 00 00 00 00 05 port 5 square brackets Purpose Encloses a required value or set of required arguments One value or argument can be specified Syntax create account admin user Description In the above syntax example you must specify either an admi...

Страница 23: ... Arrow Moves the cursor to the right Up Arrow Repeat the previously entered command Each time the up arrow is pressed the command previous to that displayed appears This way it is possible to review the command history for the current session Use the down arrow to progress sequentially forward through the command history list Down Arrow The down arrow will display the next command in the command h...

Страница 24: ...DGS 3212SR Layer 3 Gigabit Switch Enter Displays the next line or table entry 12 ...

Страница 25: ...logout never 2_minutes 5_minutes 10_minutes 15_minutes enable clipaging disable clipaging enable telnet tcp_port_number 1 65535 disable telnet enable web tcp_port_number 1 65535 disable web save reboot reset config system login logout Each command is listed in detail in the following sections create account Purpose Used to create user accounts Syntax create admin user username Description The crea...

Страница 26: ...tion Success DGS 3212SR 4 config account Purpose Used to configure user accounts Syntax config account username Description The config account command configures a user account that has been created using the create account command Parameters username Restrictions Only Administrator level users can issue this command Usernames can be between 1 and 15 characters Passwords can be between 0 15 charac...

Страница 27: ... that have been created DGS 3212SR 4 show account Command show account Current Accounts Username Access Level dlink Admin DGS 3212SR 4 delete account Purpose Used to delete an existing user account Syntax delete account username Description The delete account command deletes a user account that has been created using the create account command Parameters username Restrictions Only Administrator le...

Страница 28: ...y the switch information DGS 3212SR 4 show switch Command show switch Device Type DGS 3212SR Gigabit Ethernet Switch Module 1 Type Empty Module 2 Type DEM 540 4 port stacking module Unit ID 1 MAC Address 00 47 44 00 32 00 IP Address 10 24 22 8 Manual VLAN Name default Subnet Mask 255 0 0 0 Default Gateway 0 0 0 0 Boot PROM Version Build 2 00 001 Firmware Version Build 3 00 B01 Hardware Version Dev...

Страница 29: ...ion This command displays the current serial port settings Parameters None Restrictions None Example usage To display the serial port setting DGS 3212SR 4 show serial_port Command show serial_port Baud Rate 9600 Data Bits 8 Parity Bits None Stop Bits 1 Auto Logout 10 mins DGS 3212SR 4 config serial_port Purpose Used to configure the serial port Syntax config serial_port baud_rate 9600 19200 38400 ...

Страница 30: ...nput for 5 minutes 10_minutes The console will log out the current user if there is no user input for 10 minutes 15_minutes The console will log out the current user if there is no user input for 15 minutes Restrictions Only administrator level users can issue this command Example usage To configure baud rate DGS 3212SR 4 config serial_port baud_rate 9600 Command config serial_port baud_rate 9600 ...

Страница 31: ...splay more than one screen of information Parameters None Restrictions Only administrator level users can issue this command Example usage To disable pausing of the screen display when show command output reaches the end of the page DGS 3212SR 4 disable clipaging Command disable clipaging Success DGS 3212SR 4 enable telnet Purpose Used to enable communication with and management of the switch usin...

Страница 32: ...ntax disable telnet Description This command is used to disable the Telnet protocol on the switch Parameters None Restrictions Only administrator level users can issue this command Example usage To disable the Telnet protocol on the switch DGS 3212SR 4 disable telnet Command disable telnet Success DGS 3212SR 4 enable web Purpose Used to enable the HTTP based management software on the switch Synta...

Страница 33: ...e HTTP and configure port number DGS 3212SR 4 enable web 80 Command enable web 80 Success DGS 3212SR 4 disable web Purpose Used to disable the HTTP based management software on the switch Syntax disable web Description This command disables the Web based management software on the switch Parameters None Restrictions Only administrator level users can issue this command Example usage To disable HTT...

Страница 34: ...le usage To save the switch s current configuration to non volatile RAM DGS 3212SR 4 save Command save Saving all configurations to NV RAM Done DGS 3212SR 4 reboot Purpose Used to restart the switch Syntax reboot Description This command is used to restart the switch Parameters None Restrictions Only administrator level users can issue this command Example usage To restart the switch DGS 3212SR 4 ...

Страница 35: ...ing will clear all entries in the Forwarding Data Base If no parameter is specified the switch s current IP address user accounts and the switch history log are not changed All other parameters are restored to the factory default settings The switch will not save or reboot Restrictions Only administrator level users can issue this command Example usage To restore all of the switch s parameters to ...

Страница 36: ...out Purpose Used to log out a user from the switch s console Syntax logout Description This command terminates the current user s session on the switch s console Parameters None Restrictions None Example usage To terminate the current user s console session DGS 3212SR 4 logout 24 ...

Страница 37: ...sable learning enable disable state enable disable description desc 32 clear Description This command allows for the configuration of the switch s Ethernet ports Only the ports listed in the portlist will be affected Parameters portlist Specifies a range of ports to be configured The port list is specified by listing the lowest switch number and the beginning port number on that switch separated b...

Страница 38: ...o physical layers The timing control is set on a master physical layer by a local source The slave setting uses loop timing where the timing comes form a data stream received from the master If one connection is set for 1000 master the other side of the connection must be set for 1000 slave Any other configuration will result in a link down status for both ports flow_control enable disable Enable ...

Страница 39: ... the lowest switch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separated by a dash For example 1 3 specifies switch number 1 port 3 2 4 specifies switch number 2 port 4 1 3 2 4 specifies all of the ports betwee...

Страница 40: ... 10 Enabled Auto Enabled 100M Full 802 3x Enabled 15 11 Enabled Auto Enabled Link Down Enabled 15 12 Enabled Auto Enabled Link Down Enabled CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh Example usage To view port 1 1 with description DGS 3212SR 4 show ports 15 1 description Command show ports 15 1 description Port Port Settings Connection Address State Speed Duplex FlowCtrl Speed D...

Страница 41: ...tax portlist all admin_state enable disable max_learning_addr max_lock_no 0 10 lock_address_mode Permanent DeleteOnTimeout DeleteOnReset Description This command allows for the configuration of the port security feature Only the ports listed in the portlist are effected Parameters portlist Specifies a range of ports to be configured The port list is specified by listing the lowest switch number an...

Страница 42: ...ddr 5 lock_address_mode DeleteOnReset Success DGS 3212SR 4 show port_security Purpose Used to display the current port security configuration Syntax show port_security ports portlist Description This command is used to display port security information of the switch ports The information displayed includes port security admin state maximum number of learning address and lock mode Parameters portli...

Страница 43: ...mmand is used to remove an entry from the port security entries learned by the switch and entered into the forwarding database Parameters vlan_name 32 Enter the corresponding vlan of the entry the user wishes to delete mac_address macaddr Enter the corresponding MAC address of the entry the user wishes to delete port port Enter the corresponding port of the entry to delete The port list is specifi...

Страница 44: ...arameters portlist Specifies a port or port range the user wishes to clear The port list is specified by listing the lowest switch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separated by a dash For example 1 3...

Страница 45: ...s used for authentication NoAuthNoPriv v3 MD5 or SHA Authentication is based on the HMAC MD5 or HMAC SHA algorithms AuthNoPriv v3 MD5 DES or SHA DES Authentication is based on the HMAC MD5 or HMAC SHA algorithms AuthPriv DES 56 bit encryption is added based on the CBC DES DES 56 standard Each command is listed in detail in the following sections Command Parameters create snmp user create snmp user...

Страница 46: ...cate_traps config snmp system contact sw_contact config snmp system location sw_location config snmp system name sw_name enable rmon disable rmon Each command is listed in detail in the following sections create snmp user Purpose Used to create a new SNMP user and adds the user to an SNMP group that is also created by this command Syntax create snmp user username 32 groupname 32 encrypted by_passw...

Страница 47: ...specifying the priv_password below This method is not recommended encrypted Specifies that the password will be in an encrypted format auth md5 sha Initiate an authentication level setting session md5 Specifies that the HMAC MD5 96 authentication level will be used sha Specifies that the HMAC SHA 96 authentication level will be used auth_password 8 20 An alphanumeric sting of between 8 and 20 char...

Страница 48: ...ssue this command Example usage To delete a previously entered SNMP user on the switch DGS 3212SR 4 delete snmp user dlink Command delete snmp user dlink Success DGS 3212SR 4 show snmp user Purpose Used to display information about each SNMP username in the SNMP group username table Syntax show snmp user Description The show snmp user command displays information about each SNMP username in the SN...

Страница 49: ...ntifies an object tree MIB tree that will be included or excluded from access by an SNMP manager included Include this object in the list of objects that an SNMP manager can access excluded Exclude this object from the list of objects that an SNMP manager can access Restrictions Only administrator level users can issue this command Example usage To create an SNMP view DGS 3212SR 4 create snmp view...

Страница 50: ...4 show snmp view Purpose Used to display an SNMP view previously created on the switch Syntax show snmp view view_name 32 Description The show snmp view command displays an SNMP view previously created on the switch Parameters view_name 32 An alphanumeric string of up to 32 characters that identifies the SNMP view that will be displayed Restrictions Only administrator level users can issue this co...

Страница 51: ...nity_string 32 view view_name 32 read_only read_write Description The create snmp community command is used to create an SNMP community string and to assign access limiting characteristics to this community string Parameters community_string 32 An alphanumeric string of up to 32 characters that is used to identify members of an SNMP community This string is used like a password to give remote SNMP...

Страница 52: ... This string is used like a password to give remote SNMP managers access to MIB objects in the switch s SNMP agent Restrictions Only administrator level users can issue this command Example usage To delete the SNMP community string dlink DGS 3212SR 4 delete snmp community dlink Command delete snmp community dlink Success DGS 3212SR 4 show snmp community Purpose Used to display SNMP community strin...

Страница 53: ...te public CommunityView read_only Total Entries 3 DGS 3212SR 4 config snmp engineID Purpose Used to configure a name for the SNMP engine on the switch Syntax config snmp engineID snmp_engineID Description The config snmp engineID command configures a name for the SNMP engine on the switch Parameters snmp_engineID An alphanumeric string that will be used to identify the SNMP engine on the switch Re...

Страница 54: ...SNMP group or a table that maps SNMP users to SNMP views Syntax create snmp group groupname 32 v1 v2c v3 noauth_nopriv auth_nopriv auth_priv read_view view_name 32 write_view view_name 32 notify_view view_name 32 Description The create snmp group command creates a new SNMP group or a table that maps SNMP users to SNMP views Parameters groupname 32 An alphanumeric name of up to 32 characters that w...

Страница 55: ...required but there will be no encryption of packets sent between the switch and a remote SNMP manager auth_priv Specifies that authorization will be required and that packets sent between the switch and a remote SNMP manger will be encrypted read_view Specifies that the SNMP group being created can request SNMP messages write_view Specifies that the SNMP group being created has write privileges vi...

Страница 56: ...te snmp group sg1 Command delete snmp group sg1 Success DGS 3212SR 4 show snmp groups Purpose Used to display the group names of SNMP groups currently configured on the switch The security model level and status of each group are also displayed Syntax show snmp groups Description The show snmp groups command displays the group names of SNMP groups currently configured on the switch The security mo...

Страница 57: ...h_priv auth_string 32 Description The create snmp host command creates a recipient of SNMP traps generated by the switch s SNMP agent Parameters ipaddr The IP address of the remote management station that will serve as the SNMP host for the switch v1 Specifies that SNMP version 1 will be used The Simple Network Management Protocol SNMP version 1 is a network management protocol that provides a mea...

Страница 58: ...manger will be encrypted auth_sting 32 An alphanumeric string used to authorize a remote SNMP manager to access the switch s SNMP agent Restrictions Only administrator level users can issue this command Example usage To create an SNMP host to receive SNMP messages DGS 3212SR 4 create snmp host 10 48 74 100 v3 auth_priv public Command create snmp host 10 48 74 100 v3 auth_priv public Success DGS 32...

Страница 59: ...to display the IP addresses and configuration information of remote SNMP managers that are designated as recipients of SNMP traps that are generated by the switch s SNMP agent Parameters ipaddr The IP address of a remote SNMP manager that will receive SNMP traps generated by the switch s SNMP agent Restrictions Only administrator level users can issue this command Example usage To display the curr...

Страница 60: ...ows the Username and Password Parameters ipaddr The IP address of the trusted host Restrictions Only administrator level users can issue this command Example usage To create the trusted host DGS 3212SR 4 create trusted_host 10 48 74 121 Command create trusted_host 10 48 74 121 Success DGS 3212SR 4 show trusted_host Purpose Used to display a list of trusted hosts entered on the switch using the cre...

Страница 61: ...ameters ipaddr The IP address of the trusted host Restrictions Only administrator level users can issue this command Example Usage To delete a trusted host with an IP address 10 48 74 121 DGS 3212SR 4 delete trusted_host 10 48 74 121 Command delete trusted_host 10 48 74 121 Success DGS 3212SR 4 enable snmp traps Purpose Used to enable SNMP trap support Syntax enable snmp traps Description The enab...

Страница 62: ...rameters None Restrictions Only administrator level users can issue this command Example Usage To turn on SNMP authentication trap support DGS 3212SR 4 enable snmp authenticate_traps Command enable snmp authenticate_traps Success DGS 3212SR 4 show snmp traps Purpose Used to show SNMP trap support on the switch Syntax show snmp traps Description This command is used to view the SNMP trap support st...

Страница 63: ...to disable SNMP trap support on the switch Syntax disable snmp traps Description This command is used to disable SNMP trap support on the Switch Parameters None Restrictions Only administrator level users can issue this command Example Usage To prevent SNMP traps from being sent from the Switch DGS 3212SR 4 disable snmp traps Command disable snmp traps Success DGS 3212SR 4 51 ...

Страница 64: ...e snmp authenticate_traps Success DGS 3212SR 4 config snmp system_contact Purpose Used to enter the name of a contact person who is responsible for the switch Syntax config snmp system_contact sw_contact Description The config snmp system_contact command is used to enter the name and or other information to identify a contact person who is responsible for the switch A maximum of 255 character can ...

Страница 65: ...5 characters is allowed A NULL string is accepted if there is no location desired Restrictions Only administrator level users can issue this command Example usage To configure the switch location for HQ 5F DGS 3212SR 4 config snmp system_location HQ 5F Command config snmp system_location HQ 5F Success DGS 3212SR 4 config snmp system_name Purpose Used to configure the name for the switch Syntax con...

Страница 66: ...he disable rmon command below to enable and disable remote monitoring RMON on the switch Parameters None Restrictions Only administrator level users can issue this command Example Usage To enable RMON DGS 3212SR 4 enable rmon Command enable rmon Success DGS 3212SR 4 disable rmon Purpose Used to disable RMON on the switch Syntax disable rmon Description This command is used in conjunction with the ...

Страница 67: ...DGS 3212SR Layer 3 Gigabit Switch Example Usage To disable RMON DGS 3212SR 4 disable rmon Command disable rmon Success DGS 3212SR 4 55 ...

Страница 68: ...o download a new firmware or a switch configuration file from a TFTP server Parameters firmware Download and install new firmware on the switch from a TFTP server configuration Download a switch configuration file from a TFTP server unit all master unitid 1 12 all specifies all units switches master is the DGS 3212SR switch unitid is the unit ID of the switch that will receive the download ipaddr ...

Страница 69: ... settings will be uploaded to the TFTP server log Specifies that the switch s current log will be uploaded to the TFTP server ipaddr The IP address of the TFTP server The TFTP server must be on the same IP subnet as the switch path_filename 64 Specifies the location of the switch configuration file on the TFTP server This file will be replaced by the uploaded file from the switch Restrictions The ...

Страница 70: ...he default is 0 timeout sec 1 99 Defines the time out period while waiting for a response from the remote device A value of 1 to 99 seconds can be specified The default is 1 second Pinging an IP address without the times parameter will ping the target device an infinite amount of times Restrictions Only administrator level users can issue this command Example usage To ping the IP address 10 48 74 ...

Страница 71: ...everity informational warning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr state enable disable delete syslog host index 1 4 all show syslog host index 1 4 Each command is listed in detail in the following sections NOTE As a stand alone switch or as a master switch in a switch stack the switch number will be referred to as 15 for al...

Страница 72: ...Bytes 408973 1657 65 127 755 10 RX Frames 4395 19 128 255 316 1 256 511 145 0 TX Bytes 7918 178 512 1023 15 0 TX Frames 111 2 1024 1518 0 0 Unicast RX 152 1 Multicast RX 557 2 Broadcast RX 3686 16 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh show error ports Purpose Used to display the error statistics for a range of ports Syntax show error ports portlist Description This command ...

Страница 73: ...ive Collision 0 Jabber 11 Single Collision 0 Drop Pkts 20837 Collision 0 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh show utilization Purpose Used to display real time port and cpu utilization statistics Syntax show utilization cpu unit_id int Description This command will display the real time port and cpu utilization statistics for the switch Parameters cpu Entering this parame...

Страница 74: ...Used to clear the switch s statistics counters Syntax clear counters ports portlist Description This command will clear the counters used by the switch to compile statistics Parameters portlist Specifies a range of ports to be configured The port list is specified by listing the lowest switch number and the beginning port number on that switch separated by a colon Then the highest switch number an...

Страница 75: ...r log Purpose Used to clear the switch s history log Syntax clear log Description This command will clear the switch s history log Parameters None Restrictions Only administrator level users can issue this command Example usage To clear the log information DGS 3212SR 4 clear log Command clear log Success DGS 3212SR 4 show log Purpose Used to display the switch history log Syntax show log index val...

Страница 76: ... Index Time Log Text 4 01 54 53 Port 1 13 link up 100Mbps FULL duplex 3 01 54 53 Spanning Tree Protocol is enabled 2 01 54 53 Unit 1 System started up 1 06 06 09 Spanning Tree Protocol is disabled DGS 3212SR 4 enable syslog Purpose Used to enable the system log to be sent to a remote host Syntax enable syslog Description The enable syslog command enables the system log to be sent to a remote host ...

Страница 77: ...be sent to a remote host Parameters None Restrictions Only administrator level users can issue this command Example usage To disable the syslog function on the switch DGS 3212SR 4 disable syslog Command disable syslog Success DGS 3212SR 4 show syslog Purpose Used to display the syslog protocol status as enabled or disabled Syntax show syslog Description The show syslog command displays the syslog ...

Страница 78: ...te Enabled DGS 3212SR 4 create syslog host Purpose Used to create a new syslog host Syntax create syslog host index 1 4 ipaddress ipaddr severity informational warning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number state enable disable Description The create syslog host command is used to create a new syslog host 66 ...

Страница 79: ...everity Code 0 Emergency system is unusable 1 Alert action must be taken immediately 2 Critical critical conditions 3 Error error conditions 4 Warning warning conditions 5 Notice normal but significant condition 6 Informational informational messages 7 Debug debug level messages informational Specifies that informational messages will be sent to the remote host This corresponds to number 6 from th...

Страница 80: ...se Facilities that have been designated are shown in the following Bold font indicates the facility values that the switch currently supports Numerical Facility Code 0 kernel messages 1 user level messages 2 mail system 3 system daemons 4 security authorization messages 5 messages generated internally by syslog 6 line printer subsystem 7 network news subsystem 8 UUCP subsystem 9 clock daemon 10 se...

Страница 81: ... corresponds to number 19 from the list above local4 Specifies that local use 4 messages will be sent to the remote host This corresponds to number 20 from the list above local5 Specifies that local use 5 messages will be sent to the remote host This corresponds to number 21 from the list above local6 Specifies that local use 6 messages will be sent to the remote host This corresponds to number 22...

Страница 82: ...3212SR 4 config syslog host Purpose Used to configure the syslog protocol to send system log data to a remote host Syntax config syslog host all index 1 4 severity informational warning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port int ipaddress ipaddr state enable disable Description The config syslog host command is used to configure the syslog protocol to send sy...

Страница 83: ...rgency system is unusable 1 Alert action must be taken immediately 2 Critical critical conditions 3 Error error conditions 4 Warning warning conditions 5 Notice normal but significant condition 6 Informational informational messages 7 Debug debug level messages informational Specifies that informational messages will be sent to the remote host This corresponds to number 6 from the list above warni...

Страница 84: ...hose Facilities that have been designated are shown in the following Bold font indicates the facility values the switch currently supports Numerical Facility Code 0 kernel messages 1 user level messages 2 mail system 3 system daemons 4 security authorization messages 5 messages generated internally by syslog 6 line printer subsystem 7 network news subsystem 8 UUCP subsystem 9 clock daemon 10 secur...

Страница 85: ...4 Specifies that local use 4 messages will be sent to the remote host This corresponds to number 20 from the list above local5 Specifies that local use 5 messages will be sent to the remote host This corresponds to number 21 from the list above local6 Specifies that local use 6 messages will be sent to the remote host This corresponds to number 22 from the list above local7 Specifies that local us...

Страница 86: ...osts There are four available indexes numbered 1 through 4 all Specifies that the command will be applied to all hosts Restrictions Only administrator level users can issue this command Example usage To delete a previously configured syslog host DGS 3212SR 4 delete syslog host 4 Command delete syslog host 4 Success DGS 3212SR 4 show syslog host Purpose Used to display the syslog hosts currently co...

Страница 87: ...DGS 3212SR 4 show syslog host Command show syslog host Syslog Global State Disabled Host Id Host IP Address Severity Facility UDP port Status 1 10 1 1 2 All Local0 514 Disabled 2 10 40 2 3 All Local0 514 Disabled 3 10 21 13 1 All Local0 514 Disabled Total Entries 3 DGS 3212SR 4 75 ...

Страница 88: ...ons on the network continuing to allow simple and full processing of frames regardless of administrative errors in defining VLANs and their respective spanning trees Each switch utilizing the MSTP on a network will have a single MSTP configuration that will have the following three attributes a A configuration name defined by an alphanumeric string of up to 32 characters defined in the config stp ...

Страница 89: ...d is listed in detail in the following sections enable stp Purpose Used to globally enable STP on the Switch Syntax enable stp Description This command allows the Spanning Tree Protocol to be globally enabled on the Switch Parameters None Restrictions Only administrator level users can issue this command Example usage To enable STP globally on the Switch DGS 3212SR 4 enable stp Command enable stp ...

Страница 90: ...emented on the Switch Parameters mstp Selecting this parameter will set the Multiple Spanning Tree Protocol MSTP globally on the Switch rstp Selecting this parameter will set the Rapid Spanning Tree Protocol RSTP globally on the Switch stp Selecting this parameter will set the Spanning Tree Protocol STP globally on the Switch Restrictions Only administrator level users can issue this command Examp...

Страница 91: ...s in a spanning tree region before the BPDU bridge protocol data unit packet sent by the Switch will be discarded Each switch on the hop count will reduce the hop count by one until the value reaches zero The Switch will then discard the BDPU packet and the information held for the port will age out The user may set a hop count from 1 to 20 The default is 20 hellotime value 1 10 The user may set t...

Страница 92: ...ig stp maxage 18 maxhops 15 Success DGS 3212SR 4 config stp ports Purpose Used to setup STP on the port level Syntax config stp ports portlist externalCost auto value 1 200000000 hellotime value 1 10 migrate yes no edge true false p2p true false auto state enable disable Description This command is used to create and configure STP for a group of ports 80 ...

Страница 93: ...time value 1 10 The time interval between transmission of configuration messages by the designated port to other devices on the bridged LAN thus stating that the Switch is still functioning The user may choose a time between 1 and 10 seconds The default is 2 seconds migrate yes no Setting this parameter as yes will set the ports to send out BDPU packets to other bridges requesting information on t...

Страница 94: ... default is enable Restrictions Only administrator level users can issue this command Example usage To configure STP with path cost 19 hellotime set to 5 seconds migration enable and state enable for ports 1 5 of module 1 DGS 3212SR 4 config stp ports 1 1 1 5 externalCost 19 hellotime 5 migrate yes state enable Command config stp ports 1 1 1 5 externalCost 19 hellotime 5 migrate yes state enable S...

Страница 95: ...efault entry VIDs can belong to only one spanning tree instance at a time Note that switches in the same spanning tree region having the same STP instance_id must be mapped identically and have the same configuration revision_level number and the same name Parameters value 1 15 Enter a number between 1 and 15 to define the instance_id The Switch supports 16 STP regions with one unchangeable defaul...

Страница 96: ...DGS 3212SR 4 delete stp instance_id Purpose Used to delete a STP instance ID from the Switch Syntax delete stp instance_id value 1 15 Description This command allows the user to delete a previously configured STP instance ID from the Switch Parameters value 1 15 Enter a value between 1 and 15 to identify the Spanning Tree instance on the Switch Restrictions Only administrator level users can issue...

Страница 97: ... which the user wishes to set the priority value An instance id of 0 denotes the default instance_id CIST internally set on the Switch Restrictions Only administrator level users can issue this command Example usage To set the priority value for instance_id 2 as 4096 DGS 3212SR 4 config stp priority 4096 instance_id 2 Command config stp priority 4096 instance_id 2 Success DGS 3212SR 4 config stp m...

Страница 98: ... higher priority value for interfaces to be selected for forwarding first In instances where the priority value is identical the MSTP function will implement the lowest port number into the forwarding state and other interfaces will be blocked Remember that lower priority values mean higher priorities for forwarding packets Parameters portlist Specifies a port or range of ports to be configured Th...

Страница 99: ...t interface A higher priority will designate the interface to forward packets first A lower number denotes a higher priority Restrictions Only administrator level users can issue this command Example usage To designate ports 1 through 5 on module one with instance ID 2 to have an auto internalCost and a priority of 16 DGS 3212SR 4 config stp mst_config_id ports 1 1 1 5 instance_id 2 internalCost a...

Страница 100: ... 4 Status 2 STP enabled for RSTP DGS 3212SR 4 show stp Command show stp STP Status Enabled STP Version RSTP Max Age 20 Hello Time 2 Forward Delay 15 Max Age 20 TX Hold Count 3 Forwarding BPDU Enabled DGS 3212SR 4 Status 3 STP enabled for MSTP DGS 3212SR 4 show stp Command show stp STP Status Enabled STP Version MSTP Max Age 20 Forward Delay 15 Max Age 20 TX Hold Count 3 Forwarding BPDU Enabled DGS...

Страница 101: ...Restrictions None Example usage To show stp ports 1 through 9 on switch one DGS 3212SR 4 show stp ports 1 1 1 9 Command show stp ports 1 1 1 9 MSTP Port Information Port Index 1 1 Hello Time 2 2 Port STP enabled External PathCost Auto 200000 Edge Port No No P2P Auto Yes Msti Designated Bridge Internal PathCost Prio Status Role 0 8000 0050BA7120D6 200000 128 Forwarding Root 1 8001 0053131A3324 2000...

Страница 102: ... Root Cost 200012 Regional Root Bridge 32768 00 53 13 1A 33 24 Internal Root Cost 0 Designated Bridge 32768 00 50 BA 71 20 D6 Root Port 1 1 Max Age 20 Forward Delay 15 Last Topology Change 856 Topology Changes Count 2987 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh show stp mst_config_id Purpose Used to display the MSTP configuration identification Syntax show stp mst_config_id De...

Страница 103: ...gabit Switch DGS 3212SR 4 show stp mst_config_id Command show stp mst_config_id Current MST Configuration Identification Configuration Name 00 53 13 1A 33 24 Revision Level 0 MSTI ID Vid list CIST 2 4094 1 1 DGS 3212SR 4 91 ...

Страница 104: ...rt vlan vlan_name 32 mac_address macaddr static aging_time Each command is listed in detail in the following sections NOTE As a stand alone switch or as a master switch in a switch stack the switch number will be referred to as 15 for all configurations graphs and tables config multicast port_filtering_mode Purpose Used to configure the multicast packet filtering mode on a port per port basis Synt...

Страница 105: ...s Success DGS 3212SR 4 show multicast port_filtering_mode Purpose Used to show the multicast packet filtering mode on a port per port basis Syntax show multicast port_filtering_mode portlist Description This command will display the current multicast packet filtering mode for specified ports on the Switch Parameters portlist Specifies a port or range of ports to view Restrictions None Example usag...

Страница 106: ...9 forward_unregistered_groups 20 forward_unregistered_groups CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh create fdb Purpose Used to create a static entry to the unicast MAC address forwarding table database Syntax create fdb vlan_name 32 macaddr port port Description This command will make an entry into the switch s unicast MAC address forwarding database Parameters vlan_name 32 ...

Страница 107: ...able Restrictions Only administrator level users can issue this command Example usage To create multicast MAC forwarding DGS 3212SR 4 create multicast_fdb default 01 00 00 00 00 01 Command create multicast_fdb default 01 00 00 00 00 01 Success DGS 3212SR 4 config multicast_fdb Purpose Used to configure the switch s multicast MAC address forwarding database Syntax config multicast_fdb vlan_name 32 ...

Страница 108: ...1 1 1 5 Success DGS 3212SR 4 config fdb aging_time Purpose Used to set the aging time of the forwarding database Syntax config fdb aging_time sec 10 1000000 Description The aging time affects the learning process of the switch Dynamic forwarding table entries which are made up of the source MAC addresses and their associated port numbers are deleted from the table if they are not accessed within t...

Страница 109: ...ed to delete a previous entry to the switch s MAC address forwarding database Parameters vlan_name 32 The name of the VLAN on which the MAC address resides macaddr The MAC address that will be deleted from the forwarding table Restrictions Only administrator level users can issue this command Example usage To delete a permanent FDB entry DGS 3212SR 4 delete fdb default 00 00 00 00 01 02 Command de...

Страница 110: ...tch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separated by a dash For example 1 3 specifies switch number 1 port 3 2 4 specifies switch number 2 port 4 1 3 2 4 specifies all of the ports between switch 1 port...

Страница 111: ...DGS 3212SR 4 show fdb Purpose Used to display the current unicast MAC address forwarding database Syntax show fdb port port vlan vlan_name 32 mac_address macaddr static aging_time Description This command will display the current contents of the switch s forwarding database Parameters port port The port number corresponding to the MAC destination address The switch will always forward traffic to t...

Страница 112: ...t Type 1 default 00 00 39 34 66 9A 10 Dynamic 1 default 00 00 51 43 70 00 10 Dynamic 1 default 00 00 5E 00 01 01 10 Dynamic 1 default 00 00 74 60 72 2D 10 Dynamic 1 default 00 00 81 05 00 80 10 Dynamic 1 default 00 00 81 05 02 00 10 Dynamic 1 default 00 00 81 48 70 01 10 Dynamic 1 default 00 00 E2 4F 57 03 10 Dynamic 1 default 00 00 E2 61 53 18 10 Dynamic 1 default 00 00 E2 6B BC F6 10 Dynamic 1 d...

Страница 113: ...DGS 3212SR Layer 3 Gigabit Switch To view the IP forwarding database table 101 ...

Страница 114: ...on This command is used to configure broadcast storm control Parameters storm_grouplist Used to specify a broadcast storm control group This is specified by listing the lowest switch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the por...

Страница 115: ...cify a broadcast storm control group This is specified by listing the lowest switch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separated by a dash For example 1 3 specifies switch number 1 port 3 2 4 specifies...

Страница 116: ...DGS 3212SR Layer 3 Gigabit Switch 1 4 4 128 Disabled Disabled Disabled 1 5 5 128 Disabled Disabled Disabled Total Entries 5 DGS 3212SR 4 104 ...

Страница 117: ...n queuing the number of packets sent from each priority queue depends upon the assigned weight For a configuration of 8 CoS queues A H with their respective weight value 8 1 the packets are sent in the following sequence A1 B1 C1 D1 E1 F1 G1 H1 A2 B2 C2 D2 E2 F2 G2 A3 B3 C3 D3 E3 F3 A4 B4 C4 D4 E4 A5 B5 C5 D5 A6 B6 C6 A7 B7 A8 A1 B1 C1 D1 E1 F1 G1 H1 For round robin queuing if each CoS queue has t...

Страница 118: ...ated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separated by a dash For example 1 3 specifies switch number 1 port 3 2 4 specifies switch number 2 port 4 1 3 2 4 specifies all of the ports between switch 1 port 3 and switch 2 port 4 in numerical order rx_rate Specifies t...

Страница 119: ...rt basis Parameters portlist Specifies a range of ports to be configured The port list is specified by listing the lowest switch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separated by a dash For example 1 3 s...

Страница 120: ... of the eight hardware queues available on the switch Syntax config 802 1p user_priority priority 0 7 class_id 0 7 Description The config 802 1p user_priority command is used to configure the way the switch will map an incoming packet based on its 802 1p user priority tag to one of the eight hardware priority queues available on the switch The switch s default is to map the incoming 802 1p priorit...

Страница 121: ... the switch DGS 3212SR 4 config 802 1p user_priority 1 3 Command config 802 1p user_priority 1 3 Success DGS 3212SR 4 show 802 1p user_priority Purpose Used to display the current 802 1p user priority tags to hardware priority queue mapping in use by the switch Syntax show 802 1p user_priority Description The show 802 1p user_priority command will display the current 802 1p user priority tags to h...

Страница 122: ...h number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separated by a dash For example 1 3 specifies switch number 1 port 3 2 4 specifies switch number 2 port 4 1 3 2 4 specifies all of the ports between switch 1 port 3...

Страница 123: ...ber and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separated by a dash For example 1 3 specifies switch number 1 port 3 2 4 specifies switch number 2 port 4 1 3 2 4 specifies all of the ports between switch 1 port 3 and ...

Страница 124: ...in its buffer before allowing the next lower priority queue to transmit its packets When the lowest priority queue has finished transmitting all of its packets the highest hardware priority queue can again transmit any packets it may have received Parameters strict Entering the strict parameter indicates that the highest queue is the first to be processed That is the highest queue should finish em...

Страница 125: ...on the switch Parameters None Restrictions None Example Usage To show the scheduling mechanism DGS 3212SR 4 show scheduling_mechanism Command show scheduling_mechanism QOS scheduling_mechanism CLASS ID Mechanism Class 0 strict Class 1 strict Class 2 strict Class 3 strict Class 4 strict Class 5 strict Class 6 strict Class 7 strict DGS 3212SR 4 113 ...

Страница 126: ...ddition you can specify that only traffic received by or sent by one or both is mirrored to the Target port Parameters port port This specifies the Target port the port where mirrored packets will be sent The port list is specified by listing the lowest switch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the ...

Страница 127: ...s DGS 3212SR 4 config mirror port 1 5 add source ports 1 1 1 5 both Command config mirror port 1 5 add source ports 1 1 1 5 both Success DGS 3212SR 4 config mirror delete Purpose Used to delete a port mirroring configuration Syntax config mirror port port delete source port portlist rx tx both Description This command is used to delete a previously entered port mirroring configuration Parameters p...

Страница 128: ...roring of only packets received by flowing into the port or ports in the port list tx Allows the mirroring of only packets sent to flowing out of the port or ports in the port list both Mirrors all the packets received or sent by the port or ports in the port list Restrictions Only administrator level users can issue this command Example usage To delete the mirroring ports DGS 3212SR 4 config mirr...

Страница 129: ...n into the switch and then turn the port mirroring on and off without having to modify the port mirroring configuration Parameters None Restrictions Only administrator level users can issue this command Example usage To disable mirroring configurations DGS 3212SR 4 disable mirror Command disable mirror Success DGS 3212SR 4 show mirror Purpose Used to show the current port mirroring configuration o...

Страница 130: ...12SR Layer 3 Gigabit Switch To display mirroring configuration DGS 3212SR 4 show mirror Command show mirror Current Settings Mirror Status Enabled Target Port 1 9 Mirrored Port RX TX 1 1 1 5 DGS 3212SR 4 118 ...

Страница 131: ...following sections NOTE As a stand alone switch or as a master switch in a switch stack the switch number will be referred to as 15 for all configurations graphs and tables create vlan Purpose Used to create a VLAN on the switch Syntax create vlan vlan_name 32 tag vlanid 1 4094 advertisement Description This command allows you to create a VLAN on the switch Parameters vlan_name 32 The name of the ...

Страница 132: ...e this command Example usage To remove the vlan v1 DGS 3212SR 4 delete vlan v1 Command delete vlan v1 Success DGS 3212SR 4 config vlan Purpose Used to add additional ports to a previously configured VLAN Syntax config vlan vlan_name 32 add tagged untagged forbidden delete portlist advertisement enable disable Description This command allows you to add ports to the port list of a previously configu...

Страница 133: ...switch 1 port 3 and switch 2 port 4 in numerical order advertisement enable disable Enables or disables GVRP on the specified VLAN Restrictions Only administrator level users can issue this command Example usage To add 4 through 8 of module 2 as tagged ports to the VLAN v1 DGS 3212SR 4 config vlan v1 add tagged 2 4 2 8 Command config vlan v1 add tagged 2 4 2 8 Success DGS 3212SR 4 config gvrp Purp...

Страница 134: ...witch for this function tagged_only implies that only VLAN tagged frames will be accepted while admit_all implies tagged and untagged frames will be accepted by the switch pvid vlanid 1 4094 Specifies the default VLAN associated with the port Restrictions Only administrator level users can issue this command Example usage To set the ingress checking status the sending and receiving GVRP informatio...

Страница 135: ...tions Only administrator level users can issue this command Example usage To disable the Generic VLAN Registration Protocol GVRP DGS 3212SR 4 disable gvrp Command disable gvrp Success DGS 3212SR 4 show vlan Purpose Used to display the current VLAN configuration on the switch Syntax show vlan vlan_name 32 Description This command displays summary information about each VLAN including the VLAN ID VL...

Страница 136: ...splay the GVRP status for a port list on the switch Syntax show gvrp portlist Description This command displays the GVRP status for a port list on the switch Parameters portlist Specifies a range of ports for which the GVRP status is to be displayed The port list is specified by listing the lowest switch number and the beginning port number on that switch separated by a colon Then the highest swit...

Страница 137: ... Disabled Enabled All Frames 1 8 1 Disabled Enabled All Frames 1 9 1 Disabled Enabled All Frames 1 10 1 Disabled Enabled All Frames 1 11 1 Disabled Enabled All Frames 1 12 1 Disabled Enabled All Frames 2 1 1 Disabled Enabled All Frames 2 2 1 Disabled Enabled All Frames 2 3 1 Disabled Enabled All Frames 2 4 1 Disabled Enabled All Frames 2 5 1 Disabled Enabled All Frames 2 6 1 Disabled Enabled All F...

Страница 138: ... NOTE As a stand alone switch or as a master switch in a switch stack the switch number will be referred to as 15 for all configurations graphs and tables create link_aggregation Purpose Used to create a link aggregation group on the switch Syntax create link_aggregation group_id value 1 6 type lacp static Description This command will create a link aggregation group with a unique identifier Param...

Страница 139: ...gregation group DGS 3212SR 4 create link_aggregation group_id 1 Command create link_aggregation group_id 1 Success DGS 3212SR 4 delete link_aggregation group_id Purpose Used to delete a previously configured link aggregation group Syntax delete link_aggregation group_id value 1 6 Description This command is used to delete a previously configured link aggregation group Parameters value 1 6 Specifie...

Страница 140: ...aster port ports portlist Specifies a range of ports that will belong to the link aggregation group The port list is specified by listing the lowest switch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separated ...

Страница 141: ...at the switch should examine the MAC source and destination addresses ip_source Indicates that the switch should examine the IP source address ip_destination Indicates that the switch should examine the IP destination address ip_source_dest Indicates that the switch should examine the IP source address and the destination address Restrictions Only administrator level users can issue this command E...

Страница 142: ...e settings for LACP compliant ports Syntax config lacp_ports portlist mode active passive Description This command is used to configure ports that have been previously designated as LACP ports see create link_aggregation Parameters portlist Specifies a range of ports to be configured The port list is specified by listing the lowest switch number and the beginning port number on that switch separat...

Страница 143: ...ure LACP port mode settings DGS 3212SR 4 config lacp_port 1 1 1 12 mode active Command config lacp_port 1 1 1 12 mode active Success DGS 3212SR 4 show lacp_port Purpose Used to display current LACP port mode settings Syntax show lacp_port portlist Description This command will display the LACP mode settings as they are currently configured Parameters portlist Specifies a range of ports that will b...

Страница 144: ...Switch DGS 3212SR 4 show lacp_port 1 1 1 11 Command show lacp_port 1 1 1 11 Port Activity 1 1 Active 1 2 Active 1 3 Active 1 4 Active 1 5 Active 1 6 Active 1 7 Active 1 8 Active 1 9 Active 1 10 Active 1 11 Active DGS 3212SR 4 132 ...

Страница 145: ...sable bootp dhcp Description This command is used to configure the System IP interface on the switch Parameters ipif_name 12 The name for the IP interface previously created that is to be configured ipaddress network_address IP address and netmask of the IP interface to be configured You can specify the address and mask information using the traditional format for example 10 1 2 3 255 0 0 0 or in ...

Страница 146: ...how ipif ipif_name 12 Description This command will display the configuration of an IP interface on the switch Parameters ipif_name 12 The name created for the IP interface to view Restrictions None Example usage To display IP interface settings DGS 3212SR 4 show ipif System Command show ipif System IP Interface Settings Interface Name System IP Address 10 48 74 122 MANUAL Subnet Mask 255 0 0 0 VL...

Страница 147: ...router_ports vlan vlan_name 32 static dynamic show igmp_snooping vlan vlan_name 32 show igmp_snooping group vlan vlan_name 32 show igmp_snooping forwarding vlan vlan_name 32 Each command is listed in detail in the following sections NOTE As a stand alone switch or as a master switch in a switch stack the switch number will be referred to as 15 for all configurations graphs and tables config igmp_s...

Страница 148: ...ooping default host_timeout 250 state enable Command config igmp_snooping default host_timeout 250 state enable Success DGS 3212SR 4 config igmp_snooping querier Purpose This command configures IGMP snooping querier Syntax config igmp_snooping querier vlan_name 32 all query_interval sec 1 65535 max_response_time sec 1 25 robustness_variable value 1 255 last_member_query_interval sec 1 25 state ena...

Страница 149: ... follows robustness variable x query interval 0 5 x query response interval Last member query count Number of group specific queries sent before the router assumes there are no local members of a group The default number is the value of the robustness variable By default the robustness variable is set to 2 You might want to increase this value if you expect a subnet to be lossy last_member_query_i...

Страница 150: ...router Restrictions Only administrator level users can issue this command Example usage To enable IGMP snooping on the switch DGS 3212SR 4 enable igmp_snooping Command enable igmp_snooping Success DGS 3212SR 4 disable igmp_snooping Purpose Used to enable IGMP snooping on the switch Syntax disable igmp_snooping Description This command disables IGMP snooping on the switch IGMP snooping can be disab...

Страница 151: ...owing ports as router ports portlist Specifies a range of ports that will be configured as router ports The port list is specified by listing the lowest switch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separa...

Страница 152: ... ports that have been dynamically configured Restrictions None Example usage To display the router ports DGS 3212SR 4 show router_ports Command show router_ports VLAN Name default Static router port 2 1 2 10 Dynamic router port VLAN Name vlan2 Static router port Dynamic router port Total Entries 2 DGS 3212SR 4 show igmp_snooping Purpose Used to show the current status of IGMP snooping on the switc...

Страница 153: ... Member Query Interval 1 Host Timeout 260 Route Timeout 260 Leave Timer 2 Querier State Disabled Querier Router Behavior Non Querier State Disabled VLAN Name vlan2 Query Interval 125 Max Response Time 10 Robustness Value 2 Last Member Query Interval 1 Host Timeout 260 Route Timeout 260 Leave Timer 2 Querier State Disabled Querier Router Behavior Non Querier State Disabled Total Entries 2 DGS 3212S...

Страница 154: ...ne Example usage To show igmp snooping group DGS 3212SR 4 show igmp_snooping group Command show igmp_snooping group VLAN Name default Multicast group 224 0 0 2 MAC address 01 00 5E 00 00 02 Reports 1 Port Member 1 2 2 7 VLAN Name default Multicast group 224 0 0 9 MAC address 01 00 5E 00 00 09 Reports 1 Port Member 1 5 2 4 VLAN Name default Multicast group 234 5 6 7 MAC address 01 00 5E 05 06 07 Re...

Страница 155: ...g forwarding Purpose Used to display the IGMP snooping forwarding table entries on the switch Syntax show igmp_snooping forwarding vlan vlan_name 32 Description This command will display the current IGMP snooping forwarding table entries currently configured on the switch Parameters vlan_name 32 The name of the VLAN for which you want to view IGMP snooping forwarding table information Restrictions...

Страница 156: ...ch DGS 3212SR 4 show igmp_snooping forwarding vlan Trinity Command show igmp_snooping forwarding vlan Trinity VLAN Name Trinity Multicast group 224 0 0 2 MAC address 01 00 5E 00 00 02 Port Member 1 11 Total Entries 1 DGS 3212SR 4 144 ...

Страница 157: ... enable mac_notification Purpose Used to enable global MAC address table notification on the switch Syntax enable mac_notification Description This command is used to enable MAC Address Notification without changing configuration Parameters None Restrictions Only administrator level users can issue this command Example Usage To enable MAC notification without changing basic configuration DGS 3212S...

Страница 158: ...historysize int 1 500 Description MAC address notification is used to monitor MAC addresses learned and entered into the FDB Parameters interval int 1 2147483647 The time in seconds between notifications The user may choose an interval between 1 and 2 147 483 647 seconds historysize 1 500 The maximum number of entries listed in the history log used for notification Restrictions Only administrator ...

Страница 159: ...es switch number 2 port 4 1 3 2 4 specifies all of the ports between switch 1 port 3 and switch 2 port 4 in numerical order all Entering this command will set all ports on the system enable disable These commands will enable or disable MAC address table notification on the switch Restrictions Only administrator level users can issue this command Example usage To enable port 7 for MAC address table...

Страница 160: ...ing port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separated by a dash For example 1 3 specifies switch number 1 port 3 2 4 specifies switch number 2 port 4 1 3 2 4 specifies all of the ports between switch 1 port 3 and switch 2 port 4 in...

Страница 161: ...S 3212SR Layer 3 Gigabit Switch 1 5 Disabled 1 6 Disabled 1 7 Disabled 1 8 Disabled 1 9 Disabled 1 10 Disabled 1 11 Disabled 1 12 Disabled CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh 149 ...

Страница 162: ...d and the user is denied access to the switch C The server doesn t respond to the verification query At this point the switch receives the timeout from the server and then moves to the next method of verification configured in the method list The Switch also supports the RADIUS protocol for authentication using the Access Authentication Control commands RADIUS or Remote Authentication Dial In User...

Страница 163: ...able method_list_name string 15 config authen_enable default method_list_name string 15 method tacacs xtacacs tacacs radius server_group string 15 local_enable none delete authen_enable method_list_name string 15 show authen_enable default method_list_name string 15 all config authen application console telnet ssh http all login enable default method_list_name string 15 show authen application cre...

Страница 164: ...oose a technique for user authentication upon login Parameters None Restrictions Only administrator level users can issue this command Example usage To enable the system access authentication policy DGS 3212SR 4 enable authen_policy Command enable authen_policy Success DGS 3212SR 4 disable authen_policy Purpose Used to disable system access authentication policy Syntax disable authen_policy Descri...

Страница 165: ...n policy status on the switch Syntax show authen_policy Description This command will show the current status of the access authentication policy on the switch Parameters None Restrictions None Example usage To display the system access authentication policy DGS 3212SR 4 show authen_policy Authentication Policy Enabled Command show authen_policy DGS 3212SR 4 create authen_login method_list_name Pu...

Страница 166: ...st of authentication methods for users logging on to the switch The sequence of methods implemented in this command will affect the authentication result For example if a user enters a sequence of methods like tacacs xtacacs local the switch will send an authentication request to the first tacacs host in the server group If no response comes from the server host the switch will send an authenticat...

Страница 167: ...r hosts of the RADIUS server group list none Adding this parameter will require no authentication to access the switch xtacacs Adding this parameter will require the user to be authenticated using the XTACACS protocol from the remote XTACACS server hosts of the XTACACS server group list tacacs Adding this parameter will require the user to be authenticated using the TACACS protocol from the remote...

Страница 168: ...s Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server radius Adding this parameter will require the user to be authenticated using the RADIUS protocol from a remote RADIUS server server_group string 15 Adding this parameter will require the user to be authenticated using a user defined server group previously configured on the switc...

Страница 169: ...given method list the user wishes to delete Only administrator level users can issue this command Purpose Syntax Parameters Restrictions Example usage Command delete authen_login method_list_name Trinity To delete the method list name Trinity DGS 3212SR 4 delete authen_login method_list_name Trinity Success DGS 3212SR 4 show authen_login Purpose Used to display a previously configured user defined...

Страница 170: ...e default method list for users logging on to the switch method_list_name string 15 Enter an alphanumeric string of up to 15 characters to define the given method list the user wishes to view all Entering this parameter will display all the authentication login methods currently configured on the switch Restrictions Only administrator level users can issue this command Example usage To view all me...

Страница 171: ...of authentication methods for promoting normal user level privileges to Administrator level privileges on the switch Syntax config authen_enable default method_list_name string 15 method tacacs xtacacs tacacs radius server_group string 15 local_enable none Description This command is used to promote users with normal level privileges to Administrator level privileges using authentication methods o...

Страница 172: ... 3212SR Layer 3 Gigabit Switch config authen_enable password set in the switch is used to authenticate the user Successful authentication using any of these methods will give the user a Admin privilege 160 ...

Страница 173: ...Adding this parameter will require the user to be authenticated using the RADIUS protocol from the remote RADIUS server hosts of the RADIUS server group list server_group string 15 Adding this parameter will require the user to be authenticated using a user defined server group previously configured on the switch local_enable Adding this parameter will require the user to be authenticated using th...

Страница 174: ...hen_enable method_list_name Trinity method tacacs xtacacs local DGS 3212SR 4 Example usage To configure the default method list with authentication methods xtacacs tacacs and local in that order DGS 3212SR 4 config authen_enable default method xtacacs tacacs local Command config authen_enable default method xtacacs tacacs local Success DGS 3212SR 4 delete authen_enable method_list_name Purpose Use...

Страница 175: ...rs Parameters default Entering this parameter will display the default method list for users attempting to gain access to Administrator level privileges on the switch method_list_name string 15 Enter an alphanumeric string of up to Description Method List Name The name of a previously configured method list name Priority Defines which order the method list protocols will be queried for authenticat...

Страница 176: ...roup 4 local Keyword 2 local Keyword DGS 3212SR 4 config authen application Purpose Used to configure various applications on the switch for authentication using a previously configured method list Syntax config authen application console telnet ssh http all login enable default method_list_name string 15 Description This command is used to configure switch configuration applications console telne...

Страница 177: ...st_name string 15 Use this parameter to configure an application for user authentication using a previously configured method list Enter a alphanumeric string of up to 15 characters to define a previously configured method list Restrictions Only administrator level users can issue this command Example usage To configure the default method list for the web interface DGS 3212SR 4 config authen appli...

Страница 178: ...ch with authentication protocol enabled the switch will send authentication packets to a remote TACACS XTACACS TACACS RADIUS server host on a remote host The TACACS XTACACS TACACS RADIUS server host will then verify or deny the request and return the appropriate message to the switch More than one authentication protocol can be run on the same physical server host but remember that TACACS XTACACS ...

Страница 179: ...entication request when the TACACS XTACACS TACACS or RADIUS server does not respond Restrictions Only administrator level users can issue this command Example usage To create a TACACS authentication server host with port number 1234 a timeout value of 10 seconds and a retransmit count of 5 DGS 3212SR 4 create authen server_host 10 1 1 121 protocol tacacs port 1234 timeout 10 retransmit 5 Command c...

Страница 180: ... Specify an alphanumeric string up to 254 characters or choose none timeout int 1 255 Enter the time in seconds the switch will wait for the server host to reply to an authentication request The default value is 5 seconds retransmit int 1 255 Enter the value in the retransmit field to change how many times the device will resend an authentication request when the TACACS XTACACS server does not res...

Страница 181: ...f the following Restrictions Only administrator level users can issue this command tacacs Enter this parameter if the server host utilizes the TACACS protocol xtacacs Enter this parameter if the server host utilizes the XTACACS protocol tacacs Enter this parameter if the server host utilizes the TACACS protocol radius Enter this parameter if the server host utilizes the RADIUS protocol Example usa...

Страница 182: ...w many times the device will resend an authentication request when the TACACS server does not respond This field is inoperable for the tacacs protocol Key Authentication key to be shared with a configured TACACS server only Parameters None Restrictions Only administrator level users can issue this command Example usage To view authentication server hosts currently set on the switch DGS 3212SR 4 sh...

Страница 183: ...ll configure an authentication server group A server group is a technique used to group TACACS XTACACS TACACS RADIUS server hosts into user defined categories for authentication using method lists The user may define the type of server group by protocol or by previously defined server group Up to eight 8 authentication server hosts may be added to any particular group Parameters server_group The u...

Страница 184: ...ommand tacacs Use this parameter to define the protocol if the server host is using the TACACS authentication protocol xtacacs Use this parameter to define the protocol if the server host is using the XTACACS authentication protocol tacacs Use this parameter to define the protocol if the server host is using the TACACS authentication protocol radius Use this parameter to define the protocol if the...

Страница 185: ...s command will display authentication server groups currently configured on the switch IP Address The IP address of the server host This command will display the following fields Group Name The name of the server group currently configured on the switch including built in groups and user defined groups Protocol The authentication protocol used by the server host Parameters string 15 Enter an alpha...

Страница 186: ...nterface Restrictions Only administrator level users can issue this command Example usage To configure the response timeout for 60 seconds DGS 3212SR 4 config authen parameter response_timeout 60 Command config authen parameter response_timeout 60 Success DGS 3212SR 4 config authen parameter attempt Purpose Used to configure the maximum number of times the switch will accept authentication attempt...

Страница 187: ...ers currently configured on the switch Syntax show authen parameter Description This command will display the authentication parameters currently configured on the switch including the response timeout and user authentication attempts This command will display the following fields Response timeout The configured time allotted for the switch to wait for a response of authentication from the user at...

Страница 188: ... password Possible authentication methods for this function include TACACS XTACACS TACACS RADIUS user defined server groups local enable local account on the switch or no authentication none Because XTACACS and TACACS do not support the enable function the user must create a special account on the server host which has the username enable and a password configured by the administrator that will su...

Страница 189: ...t locally on the switch Parameters password 15 After entering this command the user will be prompted to enter the old password then a new password in an alphanumeric string of no more than 15 characters and finally prompted to enter the new password again to confirm See the example below Restrictions Only administrator level users can issue this command Purpose Example usage Command config admin l...

Страница 190: ...re allowed to establish SSH connections with the Switch using the config ssh user authmode command There are three choices as to the method SSH will use to authorize the user and they are password publickey and hostbased Finally enable SSH on the Switch using the enable ssh command After following the above steps you can configure an SSH Client on the remote PC and manage the Switch using secure i...

Страница 191: ...h Success DGS 3212SR 4 disable ssh Purpose Used to disable SSH Syntax disable ssh Description This command allows you to disable SSH on the switch Parameters None Restrictions Only administrator level users can issue this command Usage Example Command disable ssh To disable SSH DGS 3212SR 4 disable ssh Success DGS 3212SR 4 config ssh authmode Purpose Used to configure the SSH authentication mode s...

Страница 192: ...intended for Linux users requiring SSH authentication techniques and the host computer is running the Linux operating system with a SSH program previously installed enable disable This allows you to enable or disable SSH authentication on the switch Restrictions Only administrator level users can issue this command Example usage To enable the SSH authentication mode by password DGS 3212SR 4 config...

Страница 193: ...may set a time between 120 and 600 seconds The default is 300 seconds authfail int 2 20 Allows the administrator to set the maximum number of attempts that a user may try to log on utilizing SSH authentication After the maximum number of attempts is exceeded the switch will be disconnected and the user must reconnect to the switch to attempt another login rekey 10min 30min 60min never Sets the tim...

Страница 194: ...r configuration Connection timeout 300 sec Authfail attempts 2 SSH server status Disable Listened Port Number 22 Success config ssh user Purpose Used to configure the SSH user Syntax config ssh user username authmode Hostbased hostname string hostname_IP string ipaddr Password Publickey None Description This command allows you to configure the SSH user authentication method Parameters username Ent...

Страница 195: ...ssword This parameter should be chosen if the user wishes to use an administrator defined password for authentication Upon entry of this command the switch will prompt the user for a password and then to retype the password for confirmation None Choose this parameter if no authentication is desired Restrictions Only administrator level users can issue this command Example usage Command config ssh ...

Страница 196: ...is command allows you to configure the desired type of SSH algorithm used for authentication encryption Parameters 3DES This parameter will enable or disable the Triple_Data Encryption Standard encryption algorithm AES128 This parameter will enable or disable the Advanced Encryption Standard AES128 encryption algorithm AES192 This parameter will enable or disable the Advanced Encryption Standard A...

Страница 197: ...able This allows you to enable or disable algorithms entered in this command on the switch Only administrator level users can issue this command Restrictions Usage Example To configure SSH algorithm DGS 3212SR 4 config ssh algorithm blowfish enable Command config ssh algorithm blowfish enable Success DGS 3212SR 4 show ssh algorithm Purpose Used to display the SSH algorithm setting Syntax show ssh ...

Страница 198: ... Switch 3DES Enable AES128 Enable AES192 Enable AES256 Enable ARC4 Enable Blowfish Enable Cast128 Enable Twofish128 Enable Twofish192 Enable Twofish256 Enable MD5 Enable SHA Enable RSA Enable DSA Enable Success DGS 3212SR 4 186 ...

Страница 199: ...ncryption code defined by the Data Encryption Standard DES to create the encrypted text 3 Hash Algorithm This part of the ciphersuite allows the user to choose a message digest function which will determine a Message Authentication Code This Message Authentication Code will be encrypted with a sent message to provide integrity and prevent against replay attacks The switch supports two hash algorit...

Страница 200: ...on session The user may choose any combination of the following The ciphersuites are enabled by default on the switch yet the SSL status is disabled by default Restrictions Only administrator level users can issue this command Description Parameters RSA_with_3DES_EDE_CBC_SHA This ciphersuite combines the RSA key exchange CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm RSA_with_RC4_...

Страница 201: ... for an authentication session The user may choose any combination of the following Restrictions Only administrator level users can issue this command Purpose Syntax RSA_with_RC4_128_MD5 This ciphersuite combines the RSA key exchange stream cipher RC4 encryption with 128 bit keys and the MD5 Hash Algorithm RSA_with_3DES_EDE_CBC_SHA This ciphersuite combines the RSA key exchange CBC Block Cipher 3D...

Страница 202: ...ommand show ssl SSL Status Disabled RSA_WITH_RC4_128_MD5 0x0004 Enabled RSA_WITH_3DES_EDE_CBC_SHA 0x000A Enabled DHE_DSS_WITH_3DES_EDE_CBC_SHA 0x0013 Enabled DGS 3212SR 4 download certificate Purpose Used to download a certificate file for the SSL function on the switch Syntax download certificate ipaddr certfilename path_filename 64 keyfilename path_filename 64 Description This command is used to...

Страница 203: ...ownload a certificate file and key file to the switch DGS 3212SR 4 DGS 3212SR 4 download certificate 10 53 13 94 certfilename c cert der keyfilename c pkey der Command download certificate 10 53 13 94 certfilename c cert der keyfilename c pkey der Certificate Loaded Successfully DGS 3212SR 4 show certificate Purpose Used to view the certificate files for the SSL function on the switch Syntax show ...

Страница 204: ...ce_unauth auto force_auth quiet_period sec 0 65535 tx_period sec 1 65535 supp_timeout sec 1 65535 server_timeout sec 1 65535 max_req value 1 10 reauth_period sec 1 65535 enable_reauth enable disable config 802 1x init port_based ports portlist all mac_based ports portlist all mac_address macaddr config 802 1x reauth port_based ports portlist all mac_based ports portlist all mac_address macaddr con...

Страница 205: ... usage To enable 802 1x switch wide DGS 3212SR 4 DGS 3212SR 4 enable 802 1x Command enable 802 1x Success disable 802 1x Purpose Used to disable the 802 1x server on the switch Syntax disable 802 1x Description The disable 802 1x command is used to disable the 802 1x Port based Network Access control server application on the switch Parameters None Restrictions Only administrator level users can i...

Страница 206: ...02 1x command is used to display the current configuration of the 802 1x Port based Network Access Control server application on the switch Used to display the current configuration of the 802 1x server on the switch show 802 1x auth_configuration ports portlist Description Syntax 194 ...

Страница 207: ...d Disabled Shows the current status of 802 1x functions on the switch Authentication Protocol Radius_Eap Shows the authentication protocol suite in use between the switch and a Radius server Capability Authenticator None Shows the capability of 802 1x functions on the port number displayed above There are two 802 1x capabilities that can be set on the switch Authenticator and None AdminCtlDir Both...

Страница 208: ...1X Enabled Authentication Mode None Authentication Protocol Radius_EAP Capability None AdminCrlDir Both OpenCrlDir Both Port Control Auto QuietPeriod 60 sec TxPeriod 30 sec SuppTimeout 30 sec ServerTimeout 30 sec MaxReq 2 times ReAuthPeriod 3600 sec ReAuthenticate Disabled CTRL C ESC q Quit SPACE n Next Page Enter Next Entry a All show 802 1x auth_state Purpose Used to display the current authenti...

Страница 209: ...icator PAE Backend State Request Response Fail Idle Initialize Success Timeout Shows the current state of the Backend Authenticator Port Status Authorized Unauthorized Shows the result of the authentication process Authorized means that the user was authenticated and can access the network Unauthorized means that the user was not authenticated and cannot access the network Restrictions Only admini...

Страница 210: ...th_mode mac_based Success DGS 3212SR 4 config 802 1x capability ports Purpose Used to configure the 802 1x capability of a range of ports on the switch Syntax config 802 1x capability ports portlist all authenticator none Description The config 802 1x capability ports command has four capabilities that can be set for each port Authenticator Supplicant Authenticator and Supplicant and None Paramete...

Страница 211: ... config 802 1x auth_parameter Purpose Used to configure the 802 1x Authentication parameters on a range of ports The default parameter will return all ports in the specified range to their default 802 1x settings Syntax config 802 1x auth_parameter ports portlist all default direction both in port_control force_unauth auto force_auth quiet_period sec 0 65535 tx_period sec 1 65535 supp_timeout sec ...

Страница 212: ...es the administrative control over the authentication process for the range of ports The user has the following authentication options quiet_period sec 0 65535 Configures the time interval between authentication failure and the start of a new authentication attempt tx_period sec 1 65535 Configures the time to wait for a response from a supplicant user to send EAP Request Identity packets supp_time...

Страница 213: ...fied MAC addresses operating from a specified range of ports Parameters port_based This instructs the switch to initialize 802 1x functions based only on the port number Ports approved for initialization can then be specified mac_based This instructs the switch to initialize 802 1x functions based on the MAC address of a device on a specific port or range of ports MAC address approved for initiali...

Страница 214: ... all Command config 802 1x init port_based ports all Success DGS 3212SR 4 config 802 1x reauth Purpose Used to configure the 802 1x re authentication feature of the switch Syntax config 802 1x reauth port_based ports portlist all mac_based ports portlist all mac_address macaddr Description The config 802 1x reauth command is used to re authenticate a previously authenticated device based on port n...

Страница 215: ...a colon are specified The beginning and end of the port list range are separated by a dash For example 1 3 specifies switch number 1 port 3 2 4 specifies switch number 2 port 4 1 3 2 4 specifies all of the ports between switch 1 port 3 and switch 2 port 4 in numerical order all Specifies all of the ports on the switch Example usage To configure 802 1x reauthentication for ports 1 10 DGS 3212SR 4 c...

Страница 216: ...the switch Up to 32 characters can be used Example usage To configure the RADIUS server communication settings DGS 3212SR 4 config radius add 1 10 48 74 121 key dlink default Command config radius add 1 10 48 74 121 key dlink default Success DGS 3212SR 4 config radius delete Purpose Used to delete a previously entered RADIUS server configuration Syntax config radius delete server_index 1 3 Descrip...

Страница 217: ...r settings can be entered on the switch ipaddress server_ip The IP address of the RADIUS server key Specifies that a password and encryption key will be used between the switch and the RADIUS server auth_port udp_port_number The UDP port number for authentication requests The default is 1812 acct_port udp_port_number The UDP port number for accounting requests The default is 1813 Restrictions Only...

Страница 218: ...splay the current RADIUS configurations on the switch Parameters None Restrictions None Example usage To display RADIUS settings on the switch DGS 3212SR 4 show radius Command show radius Index IP Address Auth Port Acct Port Status Key Number Number 1 10 1 1 1 1812 1813 Active switch 2 20 1 1 1 1800 1813 Active des3226 3 30 1 1 1 1812 1813 Active dlink Total Entries 3 DGS 3212SR 4 206 ...

Страница 219: ...55 delete access_profile profile_id value 1 255 config access_profile profile_id value 1 255 add access_id value 1 255 ethernet vlan vlan_name 32 source_mac macaddr destination_mac macaddr 802 1p value 0 7 ethernet_type hex 0x0 0xffff permit priority value 0 7 replace_priority deny ip vlan vlan_name 32 source_ip ipaddr destination_ip ipaddr dscp value 0 63 icmp type value 0 255 code value 0 255 ig...

Страница 220: ...t of rules that are associated with access profile 1 For each rule entered into the access profile you can assign an access_id that both identifies the rule and establishes a priority within the list of rules A lower access_id gives the rule a higher priority The ip parameter instructs the switch that this new rule will be applied to the IP addresses contained within each frame s header source_ip ...

Страница 221: ...ex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0 0xffffffff port portlist all profile_id value 1 255 Description The create access_profile command is used to create an access profile on the switch and to define which parts of each incoming frame s header the switch will examine Masks can be entered that will be combined with the values the switch finds in the specified frame header ...

Страница 222: ...net_type Specifies that the switch will examine the Ethernet type value in each frame s header vlan Specifies a VLAN mask source_ip_mask netmask Specifies an IP address mask for the source IP address destination_ip_mask netmask Specifies an IP address mask for the destination IP address dscp Specifies that the switch will examine the DiffServ Code Point DSCP field in each frame s header icmp Speci...

Страница 223: ...l urg urgent ack acknowledgement psh push rst reset syn synchronize and fin finish udp Specifies that the switch will examine each frame s Universal Datagram Protocol UDP field src_port_mask hex 0x0 0xffff Specifies a UDP port mask for the source port dst_port_mask hex 0x0 0xffff Specifies a UDP port mask for the destination port protocol_id Specifies that the switch will examine each frame s Prot...

Страница 224: ... profile that will deny service to the subnet ranging from 10 42 73 0 to 10 42 73 255 DGS 3212SR 4 create access_profile ip vlan source_ip_mask 20 0 0 0 destination_ip_mask 10 0 0 0 dscp icmp type code permit profile_id 101 Command create access_profile ip vlan source_ip_mask 20 0 0 0 destination_ip_mask 10 0 0 0 dscp icmp type code permit profile_id 101 Success DGS 3212SR delete access_profile pr...

Страница 225: ...3 icmp type value 0 255 code value 0 255 igmp type value 0 255 tcp src_port value 0 65535 dst_port value 0 65535 flag_mask all urg ack psh rst syn fin udp src_port value 0 65535 dst_port value 0 65535 protocol_id value 0 255 user_define hex 0x0 0xffffffff permit priority value 0 7 replace_priority replace_dscp value 0 63 deny packet_content offset_0 15 hex 0x0 0xffffffff hex 0x0 0xffffffff hex 0x0...

Страница 226: ...ies that the access profile will apply to only packets with this destination MAC address 802 1p value 0 7 Specifies that the access profile will apply only to packets with this 802 1p priority value ethernet_type hex 0x0 0xffff Specifies that the access profile will apply only to packets with this hexadecimal 802 1Q Ethernet type value in the packet header vlan vlan_name 32 Specifies that the acce...

Страница 227: ... TCP flag to be masked The choices are urg TCP control flag urgent ack TCP control flag acknowledgement psh TCP control flag push rst TCP control flag reset udp Specifies that the switch will examine the Universal Datagram Protocol UDP field in each packet syn TCP control flag synchronize fin TCP control flag finish src_port value 0 65535 Specifies that the access profile will apply only to packet...

Страница 228: ...fset_16 31 Enter a value in hex form to mask the packet from byte 16 to byte 32 offset_32 47 Enter a value in hex form to mask the packet from byte 32 to byte 47 offset_48 63 Enter a value in hex form to mask the packet from byte 48 to byte 63 offset_64 79 Enter a value in hex form to mask the packet from byte 64 to byte 79 priority value 0 7 Specify the 802 1p priority value included in the packe...

Страница 229: ...arameter along with the appropriate value between 1 and 255 to view a specific access profile Entering this command without a parameter will display all access profiles currently set on the switch Restrictions Only administrator level users can issue this command Example usage To display all of the currently configured access profiles on the switch DGS 3212SR 4 show access_profile Access Profile T...

Страница 230: ...n The config traffic_segmentation command is used to configure traffic segmentation on the switch Parameters portlist Specifies a range of ports that will be configured for traffic segmentation The port list is specified by listing the lowest switch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also ...

Страница 231: ...ed The port list is specified by listing the lowest switch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginning and end of the port list range are separated by a dash For example 1 3 specifies switch number 1 port 3 2 4 specifies switch number 2 port 4 1...

Страница 232: ...er 3 Gigabit Switch 1 5 1 1 1 12 2 1 2 12 1 6 1 1 1 12 2 1 2 12 1 7 1 1 1 12 2 1 2 12 1 8 1 1 1 12 2 1 2 12 1 9 1 1 1 12 2 1 2 12 1 10 1 1 1 12 2 1 2 12 1 11 1 1 1 12 2 1 2 12 1 12 1 1 1 12 2 1 2 12 DGS 3212SR 4 220 ...

Страница 233: ...dding the ports parameter along with the appropriate port to be disabled enable To enable the switch to function in a stacked group The user may employ this stacking function by port by adding the ports parameter along with the appropriate port to be enabled portlist Specifies a range of ports for which the stacking mode on the switch will be enabled The port list is specified by listing the lowes...

Страница 234: ...nfiguration to NV RAM and restart now y n It is necessary to save the stacking mode settings and restart the system If you want to save and restart press Y It will take a few minutes for the system to reboot It is also possible to use any of the built in combination ports for stacking Follow the example below to enable stacking for a built in port To configure built n port number 4 to function as ...

Страница 235: ...tax Description Usage Example To show stacking DGS 3212SR 4 show stacking Command show stacking ID MAC Address Port Range Mode Version RPS Status Model Name 15 00 01 02 03 04 00 1 12 MASTER 3 00 B01 Not Present DGS 3212SR Total Entries 1 2 01 02 03 04 05 00 1 12 Slave 4 02 B03 Not Present DES 3226S DGS 3212SR 4 To show stacking mode DGS 3212SR 4 show stacking mode Command show stacking mode Stacki...

Страница 236: ... one group If multiple VLANs are configured the SIM group will only utilize the default VLAN on any switch SIM allows intermediate devices that do not support SIM This enables the user to manage a switch that is more than one hop away from the CS The SIM group is a group of switches that are managed as a single entity The switch may take on three different roles Commander Switch CS This is a switc...

Страница 237: ...the packet from the administrator modify some data and then send it to the MS After execution the CS may receive a response packet from the MS which it will encode and send it back to the administrator When a CS becomes a MS it automatically becomes a member of first SNMP community include read write and read only to which the CS belongs However if a MS has its own IP address it can belong to SNMP...

Страница 238: ...witch DGS 3212SR 4 enable sim Command enable sim Success DGS 3212SR 4 disable sim Purpose Used to disable Single IP Management SIM on the switch Syntax disable sim Description This command will disable SIM globally on the switch Parameters None Restrictions Only administrator level users can issue this command Example usage To disable SIM on the switch DGS 3212SR 4 disable sim Command disable sim ...

Страница 239: ...overy Interval Time in seconds the switch will send discovery packets out over the network Hold time Displays the time in seconds the switch will hold discovery results before dropping it or utilizing it Parameters candidates candidate_id 1 32 Entering this parameter will display information concerning candidates of the SIM group To view a specific candidate include that candidate s id number list...

Страница 240: ...35 26 11 11 00 Capabilities L3 Platform DGS 3212SR L3 Switch SIM State Enabled Role State Commander Discovery Interval 30 sec Hold Time 100 sec DGS 3212SR 4 To show the candidate information in summary if the candidate ID is specified DGS 3212SR 4 show sim candidates Command show sim candidates ID MAC Address Platform Hold Firmware Device Name Capability Time Version 1 00 01 02 03 04 00 DGS 3212SR...

Страница 241: ...show sim group Command show sim group SIM Group Name default ID MAC Address Platform Hold Firmware Device Name Capability Time Version 1 00 01 02 03 04 00 DGS 3212SR L2 Switch 40 3 00 B09 Trinity SIM Group Name default ID MAC Address Platform Hold Firmware Device Name Capability Time Version 2 00 55 55 00 55 00 DGS 3212SR L2 Switch 140 3 00 B09 Enrico SIM Group Name SIM2 ID MAC Address Platform Ho...

Страница 242: ...et Syntax reconfig member_id value 1 32 exit Description This command is used to reconnect to a member switch using telnet Parameters member_id value 1 32 Select the id number of the member switch the user desires to configure exit This command is used to exit from managing the member switch and will return to managing the commander switch Restrictions Only administrator level users can issue this...

Страница 243: ... a member switch MS of a SIM group The CaS may be defined by its ID number and a password if necessary delete member_id 1 32 Use this parameter to delete a member switch of a SIM group The member switch should be defined by it ID number Restrictions Only administrator level users can issue this command Example usage To add a member DGS 3212SR 4 config sim_group add 2 Command config sim_group add 2...

Страница 244: ...de information about other switches connected to it Ex MS CaS The user may set the discovery protocol interval from 30 to 90 seconds hold time sec 100 255 Using this parameter the user may set the time in seconds the switch will hold information sent to it from other switches utilizing the discovery interval protocol The user may set the hold time from 100 to 300 seconds dp_interval 30 90 The user...

Страница 245: ...Trinity Success download sim_ms Purpose Used to download firmware or configuration file to an indicated device Syntax firmware configuration ipaddr path_filename members mslist 1 32 all Description This command will download a firmware file or configuration file to a specified device from a TFTP server Parameters firmware Specify this parameter if the user wishes to download firmware to members of...

Страница 246: ...M group will receive the firmware or switch configuration Example usage To download firmware DGS 3212SR 4 download sim_ms firmware 10 53 13 94 c dgssri had members all Command download sim_ms firmware 10 53 13 94 c dgssri had members all This device is updating firmware Please wait Download Status ID MAC Address Result 1 00 01 02 03 04 00 Success 2 00 07 06 05 04 03 Success 3 00 07 06 05 04 03 Suc...

Страница 247: ...P server the user wishes to upload a configuration file to path_filename Enter a user defined path and file name on the TFTP server the user wishes to upload configuration files to member_id 1 32 Enter this parameter to specify the member the user prefers to upload a switch configuration file to The user may specify a member or members by adding the ID number of the specified member Restrictions O...

Страница 248: ...e start_date 1 31 s_mth start_mth 1 12 s_time start_time hh mm e_date end_date 1 31 e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 show time Each command is listed in detail in the following sections config sntp Purpose Used to setup SNTP service Syntax config sntp primary ipaddr secondary ipaddr poll interval int 30 99999 Description Use this command to configure SNTP service from a...

Страница 249: ...poll interval 30 Success DGS 3212SR 4 show sntp Used to display the SNTP information show sntp This command will display SNTP settings information including the source IP address time and poll interval Parameters None Restrictions Only administrator level users can issue this command Purpose Syntax Description Example usage To display SNTP configuration information DGS 3212SR 4 show sntp Command s...

Страница 250: ...ers can issue this command SNTP settings must be configured for SNTP to function config sntp Example usage To enable the SNTP function DGS 3212SR 4 enable sntp Success Command enable sntp DGS 3212SR 4 disable sntp Purpose Disables SNTP server support Syntax disable sntp Description This will disable SNTP support SNTP service must be separately configured see config sntp Parameters None Restriction...

Страница 251: ...can issue this command Manually configured system time and date settings are overridden if SNTP support is enabled Parameters Example usage To manually set system time and date settings DGS 3212SR 4 config time 30jun2003 16 30 30 Command config time 30jun2003 16 30 30 Success DGS 3212SR 4 config time zone Purpose Used to determine the time zone used in order to adjust the system clock config time_...

Страница 252: ...rt_day sun sat s_mth start_mth 1 12 s_time start_time hh mm e_week end_week 1 4 last e day end_day sun sat e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 annual s_date start_date 1 31 s_mth start_mth 1 12 s_time start_time hh mm e_date end_date 1 31 e_mth end_mth 1 12 e_time end_time hh mm offset 30 60 90 120 Description DST can be enabled and configured using this command When enabl...

Страница 253: ...month in which DST begins s_day Configure the day of the week in which DST begins e_day Configure the day of the week in which DST ends s_mth Configure the month in which DST begins e_mth Configure the month in which DST ends s_time Configure the time of day to begin DST e_time Configure the time of day to end DST start_week 1 4 last The number of the week during the month in which DST begins wher...

Страница 254: ... The end date is expressed numerically Example usage To configure daylight savings time on the switch DGS 3212SR 4 config dst repeating s_week 2 s_day tue s_mth 4 s_time 15 00 e_week 2 e_day wed e_mth 10 e_time 15 30 offset 30 Success Command config dst repeating s_week 2 s_day tue s_mth 4 s_time 15 00 e_week 2 e_day wed e_mth 10 e_time 15 30 offset 30 DGS 3212SR 4 show time Purpose Used to displa...

Страница 255: ...ting From Apr 2nd Tue 15 00 Command show time Current Time Source System Clock Current Time 10 Jul 2003 01 43 41 Time Zone GMT 02 30 Daylight Saving Time Repeating Offset in Minutes 60 To Oct 2nd Wed 15 30 Annual From 29 Apr 00 00 To 012 Oct 00 00 DGS 3212SR 4 243 ...

Страница 256: ...le Syntax create arpentry ipaddr macaddr Description This command is used to enter an IP address and the corresponding MAC address into the switch s ARP table Parameters ipaddr The IP address of the end node or station macaddr The MAC address corresponding to the IP address above Only administrator level users can issue this command Purpose Restrictions Example Usage To create a static ARP entry f...

Страница 257: ... arpentry 10 48 74 121 Command delete arpentry 10 48 74 121 DGS 3212SR 4 Success config arp_aging Used to configure the age out timer for ARP table entries on the switch Syntax config arp_aging time value 0 65535 Description This command sets the maximum amount of time in minutes that an ARP entry can remain in the switch s ARP table without being accessed before it is dropped from the table Param...

Страница 258: ... System 10 0 0 0 FF FF FF FF FF FF Local Broadcast System 10 1 1 169 00 50 BA 70 E4 4E Dynamic System 10 1 1 254 00 01 30 FA 5F 00 Dynamic System 10 9 68 1 00 A0 C9 A4 22 5B Dynamic System 10 9 68 4 00 80 C8 2E C7 45 Dynamic System 10 10 27 51 00 80 C8 48 DF AB Dynamic System 10 11 22 145 00 80 C8 93 05 6B Dynamic System 10 11 94 10 00 10 83 F9 37 6E Dynamic System 10 14 82 24 00 50 BA 90 37 10 Dy...

Страница 259: ...is command is used to remove dynamic ARP table entries from the switch s ARP table Static ARP table entries are not affected Parameters None Restrictions Only administrator level users can issue this command Example Usage To remove dynamic entries in the ARP table DGS 3212SR 4 clear arptable Command clear arptable Success DGS 3212SR 4 247 ...

Страница 260: ...DGS 3212SR Layer 3 Gigabit Switch 248 ...

Страница 261: ...h s IP routing table ipaddr The gateway IP address for the next hop router metric Allows the entry of a routing protocol metric entry representing the number of routers between the Switch and the IP address above The default setting is 1 Restrictions Only administrator level users can issue this command Description Parameters Example Usage To add the default static address 10 48 74 121 with a metr...

Страница 262: ... command will display the switch s current IP routing table Parameters network_address IP address and netmask of the IP interface that is the destination of the route You can specify the address and mask information using the traditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 static Use this parameter to display static iproute entries Restrictions None Example Usage To ...

Страница 263: ...DGS 3212SR Layer 3 Gigabit Switch 251 ...

Страница 264: ...to display all commands in the Command Line Interface CLI Syntax Description This command will display all of the commands available through the Command Line Interface CLI Parameters None Restrictions None Purpose Example usage To display all of the commands in the CLI DGS 3212SR 4 clear clear counters clear fdb clear arptable clear log config 802 1p default_priority config 802 1p user_priority co...

Страница 265: ...lay the command history Syntax show command_history Description This command will display the command history Parameters None Restrictions None Example usage To display the command history DGS 3212SR 4 show command_history Command show command_history show show vlan config router_ports vlan2 add 1 1 1 10 config router_ports vlan2 add config router_ports vlan2 config router_ports show vlan create v...

Страница 266: ...is command is used to configure the command history Parameters value 1 40 The number of previously executed commands maintained in the buffer Up to 40 of the latest executed commands may be viewed Restrictions None Example usage To configure the command history DGS 3212SR 4 config command_history 20 Command config command_history 20 Success DGS 3212SR 4 254 ...

Страница 267: ...on condensing Dimensions 441 mm x 207 mm x 44 mm 1U 19 inch rack mount width Weight 3 15 kg EMC FCC Class A CE Mark C Tick Safety Power Consumption DC fans Operating Temperature Storage Temperature Humidity CSA International General IEEE 802 3u 100BASE TX Fast Ethernet IEEE 802 3ab 1000BASE T Gigabit Ethernet IEEE 802 3x Full duplex Flow Control IEEE 802 3 Nway auto negotiation IEEE 1394 b Stackin...

Страница 268: ...00BASE LH DEM 314GT transceiver IEEE 802 3z 1000BASE ZX DEM 315GT transceiver Network Cables 10BASE T 100BASE TX UTP Cat 5 Cat 5 Enhanced for 1000Mbps UTP Cat 5 for 100Mbps UTP Cat 3 4 5 for 10Mbps EIA TIA 568 100 ohm screened twisted pair STP 100m Number of Ports 12 x 10 100 1000 Gigabit Ethernet ports Performance Transmission Method Store and forward RAM Buffer 1 MB per device Filtering Address ...

Страница 269: ...DGS 3212SR Layer 3 Gigabit Switch 257 Performance 1 488 100 pps per port for 1000Mbps MAC Address Learning Automatic update Forwarding Table Age Time Max age 10 1000000 seconds Default 300 ...

Отзывы:

Нет отзывов

Похожие инструкции для DGS-3212SR

CAME FROG PLUS Manual preview
FROG PLUS
Бренд: CAME Страницы: 2
Kramer XL 1208V2 Specifications preview
XL 1208V2
Бренд: Kramer Страницы: 2
CZHOON CZH-T287 User Manual preview
CZH-T287
Бренд: CZHOON Страницы: 4
Eaton RMQ-Titan M30 Series Instruction Leaflet preview
RMQ-Titan M30 Series
Бренд: Eaton Страницы: 4
Open Mesh S8-L Quick Start Up Manual preview
S8-L
Бренд: Open Mesh Страницы: 2
X10 Anaconda Switcher VK68A User Manual preview
Anaconda Switcher VK68A
Бренд: X10 Страницы: 2
QSFPTEK S7300-48X2Q4C Quick Start Manual preview
S7300-48X2Q4C
Бренд: QSFPTEK Страницы: 12
hager WBMSLL Quick Start Manual preview
WBMSLL
Бренд: hager Страницы: 2
HIKVISION DS-3E0108P-E User Manual preview
DS-3E0108P-E
Бренд: HIKVISION Страницы: 25
Green Brook KingShield T206-C Installation And Operating Instruction preview
KingShield T206-C
Бренд: Green Brook Страницы: 2
N-Tron 708TX User Manual & Installation Manual preview
708TX
Бренд: N-Tron Страницы: 157
ALFAtron ALF-MUH88E User Manual preview
ALF-MUH88E
Бренд: ALFAtron Страницы: 44
Black Box LGB2118A-R2 Startup Manual preview
LGB2118A-R2
Бренд: Black Box Страницы: 20
3One data IES205 Hardware Installation Manual preview
IES205
Бренд: 3One data Страницы: 9
Black Box KVS4-1002HV User Manual preview
KVS4-1002HV
Бренд: Black Box Страницы: 15
iNels RFSAI-62B Quick Start Manual preview
RFSAI-62B
Бренд: iNels Страницы: 7
Magnetrol TD1 Series Installation And Operating Manual preview
TD1 Series
Бренд: Magnetrol Страницы: 32
Cable Electronics e labs CAT5TX/RX Specification Sheet preview
e labs CAT5TX/RX
Бренд: Cable Electronics Страницы: 2

Бренды по названию

Популярные бренды

Загрузить еще бренды