background image

 

 

185

DES-3550:4#show authen parameter  
Command: show authen parameter 
 
Response timeout: 60 seconds 
User attempts       : 5 
 
DES-3550:4# 

 

enable admin 

Purpose 

Used to promote user level privileges to administrator level privileges

Syntax 

enable admin 

Description 

This command is for users who have logged on to the switch on the 
normal user level, to become promoted to the administrator level. 
After logging on to the switch users, will have only user level 
privileges. To gain acess to administrator level privileges, the user 
will enter this command and will have to enter an authentication 
password. Possible authentication methods for this function include 
tacacs, xtacacs, , user defined server groups, local enable 
(local account on the switch), or no authentication(none). Because 
xtacacs and tacacs do not support the enable function, the user 
must create a special account on the server host which has the 
username “enable”, and a password configured by the administrator 
that will support the “enable” function. This function becomes 
inoperable when the authentication policy is disabled. 

Parameters None. 

Restrictions 

Only administrator-level users can issue this command. 

Example usage: 

 

To enable administrator privileges on the switch: 

DES-3550:4#enable admin 
Password: ****** 
 
DES-3550:4# 

 

config admin local_enable 

Purpose 

Used to configure the local enable password for administrator level 
privileges. 

Syntax 

config admin local_enable 

Description 

This command will configure the locally enabled password for the

 

enable admin

 command. When a user chooses the “

local_enable

” 

method to promote user level privileges to administrator privileges, 
he or she will be prompted to enter the password configured here, 
that is set locally on the switch.  

Содержание DS-3550

Страница 1: ...DES 3550 Layer 2 Switch Command Line Interface Reference Manual First Edition February 2004 651ES3550015 Printed In Taiwan RECYCLABLE ...

Страница 2: ... erzielen e Das Gerät ist gefallen und oder das Gehäuse ist beschädigt f Wenn das Gerät deutliche Anzeichen eines Defektes aufweist 16 Bei Reparaturen dürfen nur Orginalersatzteile bzw den Orginalteilen entsprechende Teile verwendet werden Der Einsatz von ungeeigneten Ersatzteilen kann eine weitere Beschädigung hervorrufen 17 Wenden Sie sich mit allen Fragen die Service und Repartur betreffen an I...

Страница 3: ...Any package returned to D Link without an RMA number will be rejected and shipped back to Purchaser at Purchaser s expense and D Link reserves the right in such a case to levy a reasonable handling charge in addition mailing or shipping costs Software Warranty service for software products may be obtained by contacting a D Link office within the applicable warranty period A list of D Link offices ...

Страница 4: ...he non conforming Software will be refunded by D Link provided that the non conforming Software and all copies thereof is first returned to D Link The license granted respecting any Software for which a refund is given automatically terminates Non Applicability of Warranty The Limited Warranty provided hereunder for hardware and software of D Link s products will not be applied to and does not cov...

Страница 5: ...arranty shall be governed by the laws of the state of California Some states do not allow exclusion or limitation of incidental or consequential damages or limitations on how long an implied warranty lasts so the foregoing limitations and exclusions may not apply This limited warranty provides specific legal rights and the product owner may also have other rights which vary from state to state For...

Страница 6: ......

Страница 7: ...Forwarding Database Commands 72 Broadcast Storm Control Commands 80 QoS Commands 82 Port Mirroring Commands 90 VLAN Commands 94 Asymmetric VLAN Commands 100 Link Aggregation Commands 102 Basic IP Commands 108 IGMP Snooping Commands 110 802 1X Commands 120 Access Control List ACL Commands 132 Traffic Segmentation Commands 143 Time and SNTP Commands 145 ARP Commands 152 Routing Table Commands 156 MA...

Страница 8: ...Single IP Management Commands 187 Command History List 198 Technical Specifications 201 ...

Страница 9: ... serial port via an RS 232 DB 9 cable With the serial port properly connected to a management computer the following screen should be visible If this screen does not appear try pressing Ctrl r to refresh the console screen Figure 1 1 Initial CLI screen There is no initial username or password Just press the Enter key twice to display the CLI input cursor DES 3550 4 This is the command line where a...

Страница 10: ...rting at the command line prompt enter the commands config ipif System ipaddress xxx xxx xxx xxx yyy yyy yyy yyy Where the x s represent the IP address to be assigned to the IP interface named System and the y s represent the corresponding subnet mask 2 Alternatively you can enter config ipif System ipaddress xxx xxx xxx xxx z Where the x s represent the IP address to be assigned to the IP interfa...

Страница 11: ...h a subnet mask of 255 0 0 0 The system message Success indicates that the command was executed successfully The Switch can now be configured and managed via Telnet SNMP MIB browser and the CLI or via the Web based management agent using the above IP address to connect to the Switch ...

Страница 12: ... is rebooted If the Switch is rebooted without using the save command the last configuration saved to NV RAM will be loaded Connecting to the Switch The console interface is used by connecting the Switch to a VT100 compatible terminal or a computer running an ordinary terminal emulator program e g the HyperTerminal program included with the Windows operating system using an RS 232C serial cable Yo...

Страница 13: ... this case the command config account was entered with the parameter username The CLI will then prompt you to enter the username with the message Next possible completions Every command in the CLI has this feature and complex commands have several layers of parameter prompting In addition after typing any given command plus one space you can see all of the next possible sub commands in sequential ...

Страница 14: ...d in this manual angle brackets indicate a numerical value or character string braces indicate optional parameters or a choice of parameters and brackets indicate required parameters If a command is entered that is unrecognized by the CLI the top level commands will be displayed under the Available commands prompt Figure 2 5 The Next Available Commands Prompt The top level commands consist of comm...

Страница 15: ...above example all of the possible next parameters for the show command are displayed At the next command prompt the up arrow was used to re enter the show command followed by the account parameter The CLI then displays the user accounts configured on the Switch ...

Страница 16: ...k address in the network_address space Do not type the angle brackets Example Command create ipif Engineering vlan Design ipaddress 10 24 22 5 255 0 0 0 square brackets Purpose Encloses a required value or set of required arguments One value or argument can be specified Syntax create account admin user Description In the above syntax example you must specify either an admin or a user level account...

Страница 17: ...ght Up Arrow Repeat the previously entered command Each time the up arrow is pressed the command previous to that displayed appears This way it is possible to review the command history for the current session Use the down arrow to progress sequentially forward through the command history list Down Arrow The down arrow will display the next command in the command history entered in the current ses...

Страница 18: ...le telnet tcp_port_number 1 65535 disable telnet enable web tcp_port_number 1 65535 disable web save reboot reset config system login logout Each command is listed in detail in the following sections create account Purpose Used to create user accounts Syntax create admin user username 15 Description The create account command is used to create user accounts that consist of a username of 1 to 15 ch...

Страница 19: ...ommand configures a user account that has been created using the create account command Parameters username Restrictions Only Administrator level users can issue this command Usernames can be between 1 and 15 characters Passwords can be between 0 and 15 characters Example usage To configure the user password of dlink account DES 3550 4 config account dlink Command config account dlink Enter a old ...

Страница 20: ...Access Level dlink Admin Total Entries 1 DES 3550 4 delete account Purpose Used to delete an existing user account Syntax delete account username Description The delete account command deletes a user account that has been created using the create account command Parameters username Restrictions Only Administrator level users can issue this command Example usage To delete the user account System DE...

Страница 21: ...t the switch Syntax show switch Description This command displays information about the switch Parameters None Restrictions Only Administrator level users can issue this command Example usage To display the switch information DES 3550 4 show switch Command show switch Device Type DES 3550 Fast Ethernet Switch Combo Port 1000Base T 1000Base T MAC Address 00 01 02 03 04 00 IP Address 10 41 44 22 Man...

Страница 22: ... display the serial port setting DES 3550 4 show serial_port Command show serial_port Baud Rate 9600 Data Bits 8 Parity Bits None Stop Bits 1 Auto Logout 10 mins DES 3550 4 config serial_port Purpose Used to configure the serial port and the auto logout time for idle connections Syntax config serial_port baud_rate 9600 19200 38400 115200 auto_logout never 2_minutes 5_minutes 10_minutes 15_minutes ...

Страница 23: ...n issue this command Example usage To configure baud rate DES 3550 4 config serial_port baud_rate 115200 Command config serial_port baud_rate 115200 Success DES 3550 4 enable clipaging Purpose Used to pause the scrolling of the console screen when the show command displays more than one page Syntax enable clipaging Description This command is used when issuing the show command which causes the con...

Страница 24: ...le pausing of the screen display when show command output reaches the end of the page DES 3550 4 disable clipaging Command disable clipaging Success DES 3550 4 enable telnet Purpose Used to enable communication with and management of the switch using the Telnet protocol Syntax enable telnet tcp_port_number 1 65535 Description This command is used to enable the Telnet protocol on the switch The use...

Страница 25: ...mand disable telnet Success DES 3550 4 enable web Purpose Used to enable the HTTP based management software on the switch Syntax enable web tcp_port_number 1 65535 Description This command is used to enable the Web based management software on the switch The user can specify the TCP port number the switch will use to listen for Telnet requests Parameters tcp_port_number The TCP port number TCP por...

Страница 26: ...le usage To disable HTTP DES 3550 4 disable web Command disable web Success DES 3550 4 save Purpose Used to save changes in the switch s configuration to non volatile RAM Syntax save Description This command is used to enter the current switch configuration into non volatile RAM The saved switch configuration will be loaded into the switch s memory each time the switch is restarted Parameters None...

Страница 27: ... assigned from the factory Parameters config If the keyword config is specified all of the factory default settings are restored on the switch including the IP address user accounts and the switch history log The switch will not save or reboot system If the keyword system is specified all of the factory default settings are restored on the switch The switch will save and reboot after the settings ...

Страница 28: ...to initiate the login procedure The user will be prompted for his Username and Password Parameters None Restrictions None Example usage To initiate the login procedure DES 3550 4 login Command login UserName logout Purpose Used to log out a user from the switch s console Syntax logout Description This command terminates the current user s session on the switch s console Parameters None Restriction...

Страница 29: ...cted Parameters all Configure all ports on the switch portlist Specifies a port or range of ports to be configured Tauto Enables auto negotiation for the specified range of ports 10 100 1000 Configures the speed in Mbps for the specified range of ports Gigabit ports are statically set to 1000 and cannot be set to slower speeds half full Configures the specified range of ports as either full or hal...

Страница 30: ... Port Settings Connection Address State Speed Duplex FlowCtrl Speed Duplex FlowCtrl Learning 1 Enabled Auto Enabled Link Down Enabled 2 Enabled Auto Enabled Link Down Enabled 3 Enabled Auto Enabled Link Down Enabled 4 Enabled Auto Enabled Link Down Enabled 5 Enabled Auto Enabled Link Down Enabled 6 Enabled Auto Enabled Link Down Enabled 7 Enabled Auto Enabled Link Down Enabled 8 Enabled Auto Enabl...

Страница 31: ...abled Link Down Enabled Description 3 Enabled Auto Disabled Link Down Enabled Description 4 Enabled Auto Disabled Link Down Enabled Description 5 Enabled Auto Disabled Link Down Enabled Description 6 Enabled Auto Disabled Link Down Enabled Description 7 Enabled Auto Disabled Link Down Enabled Description 8 Enabled Auto Disabled Link Down Enabled Description 9 Enabled Auto Disabled Link Down Enable...

Страница 32: ...mode Permanent DeleteOnTimeout DeleteOnReset Description This command allows for the configuration of the port security feature Only the ports listed in the portlist are effected Parameters portlist specifies a port or range of ports to be configured all configure port security for all ports on the switch admin_state enable disable enable or disable port security for the listed ports max_learning_...

Страница 33: ...e port which the user wishes to delete mac_address macaddr Enter the corresponding MAC address previously learned by the port which the user wishes to delete port port Enter the port number which has learned the previously enterd MAC address Restrictions Only administrator level users can issue this command Example usage To delete a port security entry DES 3550 4 delete port_security_entry vlan_na...

Страница 34: ...ortlist Description This command is used to display port security information of the switch ports The information displayed includes port security admin state maximum number of learning address and lock mode Parameters portlist specifies a port or range of ports to be viewed Restrictions None Example usage To display the port security configuration DES 3550 4 show port_security ports 1 5 Command s...

Страница 35: ...NoAuthNoPriv v3 Username Username is used for authentication NoAuthNoPriv v3 MD5 or SHA Authentication is based on the HMAC MD5 or HMAC SHA algorithms AuthNoPriv v3 MD5 DES or SHA DES Authentication is based on the HMAC MD5 or HMAC SHA algorithms AuthPriv DES 56 bit encryption is added based on the CBC DES DES 56 standard Command Parameters create snmp user username 32 groupname 32 encrypted by_pa...

Страница 36: ...st ipaddr show snmp host ipaddr create trusted_host ipaddr delete trusted_host ipaddr show trusted_host ipaddr enable snmp traps enable snmp authenticate_traps show snmp traps disable snmp traps disable snmp authenticate_traps config snmp system contact sw_contact config snmp system location sw_location config snmp system name sw_name enable rmon disable rmon Each command is listed in detail in th...

Страница 37: ... the SNMP user to enter a encryption key for authentication and privacy The key is defined by specifying the priv_password below This method is not recommended Message integrity ensures that packets have not been tampered with during transit Authentication determines if an SNMP message is from a valid source Encryption scrambles the contents of messages to prevent it being viewed by an unauthorize...

Страница 38: ... Settings Parameters username 32 An alphanumeric string of up to 32 characters that identifies the SNMP user that will be deleted Restrictions Only administrator level users can issue this command Example usage To delete a previously entered SNMP user on the switch DES 3550 4 delete snmp user dlink Command delete snmp user dlink Success DES 3550 4 show snmp user Purpose Used to display information...

Страница 39: ...ing of up to 32 characters that identifies the SNMP view that will be created oid The object ID that identifies an object tree MIB tree that will be included or excluded from access by an SNMP manager included Include this object in the list of objects that an SNMP manager can access excluded Exclude this object from the list of objects that an SNMP manager can access Restrictions Only administrat...

Страница 40: ...he switch DES 3550 4 delete snmp view dlinkview all Command delete snmp view dlinkview all Success DES 3550 4 show snmp view Purpose Used to display an SNMP view previously created on the switch Syntax show snmp view view_name 32 Description The show snmp view command displays an SNMP view previously created on the switch in the VACM View Table Settings Parameters view_name 32 An alphanumeric stri...

Страница 41: ...ate snmp community community_string 32 view view_name 32 read_only read_write Description The create snmp community command is used to create an SNMP community string and to assign access limiting characteristics to this community string Parameters community_string 32 An alphanumeric string of up to 32 characters that is used to identify members of an SNMP community This string is used like a pass...

Страница 42: ...switch s SNMP agent Restrictions Only administrator level users can issue this command Example usage To delete the SNMP community string dlink DES 3550 4 delete snmp community dlink Command delete snmp community dlink Success DES 3550 4 show snmp community Purpose Used to display SNMP community strings configured on the switch Syntax show snmp community community_string 32 Description The show snm...

Страница 43: ...es a name for the SNMP engine on the switch Parameters snmp_engineID An alphanumeric string that will be used to identify the SNMP engine on the switch Restrictions Only administrator level users can issue this command Example usage To give the SNMP agent on the switch the name 0035636666 DES 3550 4 config snmp 0035636666 Command config snmp engineID 0035636666 Success DES 3550 4 show snmp engineI...

Страница 44: ...pecifies that SNMP version 1 will be used The Simple Network Management Protocol SNMP version 1 is a network management protocol that provides a means to monitor and control network devices v2c Specifies that SNMP version 2c will be used The SNMP v2c supports both centralized and distributed network management strategies It includes improvements in the Structure of Management Information SMI and a...

Страница 45: ...view Specifies that the SNMP group being created can receive SNMP trap messages generated by the switch s SNMP agent Restrictions Only administrator level users can issue this command Example usage To create an SNMP group named sg1 DES 3550 4 create snmp group sg1 v3 noauth_nopriv read_view v1 write_view v1 notify_view v1 Command create snmp group sg1 v3 noauth_nopriv read_view v1 write_view v1 no...

Страница 46: ...roup are also displayed Parameters None Restrictions None Example usage To display the currently configured SNMP groups on the switch DES 3550 4 show snmp groups Command show snmp groups Vacm Access Table Settings Group Name Group3 ReadView Name ReadView WriteView Name WriteView Notify View Name NotifyView Security Model SNMPv3 Security Level NoAuthNoPriv Group Name Group4 ReadView Name ReadView W...

Страница 47: ...Level NoAuthNoPriv Group Name ReadGroup ReadView Name CommunityView WriteView Name Notify View Name CommunityView Security Model SNMPv2 Security Level NoAuthNoPriv Group Name WriteGroup ReadView Name CommunityView WriteView Name CommunityView Notify View Name CommunityView Security Model SNMPv1 Security Level NoAuthNoPriv Group Name WriteGroup ReadView Name CommunityView WriteView Name CommunityVi...

Страница 48: ...rough a combination of authentication and encrypting packets over the network SNMP v3 adds Message integrity ensures that packets have not been tampered with during transit Authentication determines if an SNMP message is from a valid source Encryption scrambles the contents of messages to prevent it being viewed by an unauthorized source noauth_nopriv Specifies that there will be no authorization ...

Страница 49: ...vel users can issue this command Example usage To delete an SNMP host entry DES 3550 4 delete snmp host 10 48 74 100 Command delete snmp host 10 48 74 100 Success DES 3550 4 show snmp host Purpose Used to display the recipient of SNMP traps generated by the switch s SNMP agent Syntax show snmp host ipaddr Description The show snmp host command is used to display the IP addresses and configuration ...

Страница 50: ... members of the Management VLAN If no IP addresses are specified then there is nothing to prevent any IP address from accessing the switch provided the user knows the Username and Password Parameters ipaddr The IP address of the trusted host Restrictions Only administrator level users can issue this command Example usage To create the trusted host DES 3550 4 create trusted_host 10 48 74 121 Comman...

Страница 51: ...rusted host entry made using the create trusted_host command above Syntax delete trusted _host ipaddr Description This command is used to delete a trusted host entry made using the create trusted_host command above Parameters ipaddr The IP address of the trusted host Restrictions Only administrator level users can issue this command Example Usage To delete a trusted host with an IP address 10 48 7...

Страница 52: ...ble SNMP authentication trap support Syntax enable snmp authenticate_traps Description This command is used to enable SNMP authentication trap support on the Switch Parameters none Restrictions Only administrator level users can issue this command Example Usage To turn on SNMP authentication trap support DES 3550 4 enable snmp authenticate_traps Command enable snmp authenticate_traps Success DES 3...

Страница 53: ...t on the switch Syntax disable snmp traps Description This command is used to disable SNMP trap support on the Switch Parameters none Restrictions Only administrator level users can issue this command Example Usage To prevent SNMP traps from being sent from the Switch DES 3550 4 disable snmp traps Command disable snmp traps Success DES 3550 4 disable snmp authenticate_traps Purpose Used to disable...

Страница 54: ...o identify a contact person who is responsible for the switch A maximum of 255 character can be used Parameters sw_contact A maximum of 255 characters is allowed A NULL string is accepted if there is no contact Restrictions Only administrator level users can issue this command Example usage To configure the switch contact to MIS Department II DES 3550 4 config snmp system_contact MIS Department II...

Страница 55: ...nmp system_name Purpose Used to configure the name for the switch Syntax config snmp system_name sw_name Description The config snmp system_name command configures the name of the switch Parameters sw_name A maximum of 255 characters is allowed A NULL string is accepted if no name is desired Restrictions Only administrator level users can issue this command Example usage To configure the switch na...

Страница 56: ...le RMON DES 3550 4 enable rmon Command enable rmon Success DES 3550 4 disable rmon Purpose Used to disable RMON on the switch Syntax disable rmon Description This command is used in conjunction with the enable rmon command above to enable and disable remote monitoring RMON on the switch Parameters none Restrictions Only administrator level users can issue this command Example Usage To disable RMON...

Страница 57: ...n This command is used to download a new firmware or a switch configuration file from a TFTP server Parameters firmware Download and install new firmware on the switch from a TFTP server configuration Download a switch configuration file from a TFTP server ipaddr The IP address of the TFTP server path_filename The DOS path and filename of the firmware or switch configuration file on the TFTP serve...

Страница 58: ... section_id Specifies the working section The Switch can hold two firmware versions for the user to select from which are specified by section id delete Entering this parameter will delete the specified firmware section boot_up Entering this parameter will specify the firmware section id as a boot up section Restrictions Only administrator level users can issue this command Example usage To config...

Страница 59: ...tch history log to a TFTP Syntax upload configuration log ipaddr path_filename 64 Description This command is used to upload either the switch s current settings or the switch s history log to a TFTP server Parameters configuration Specifies that the switch s current settings will be uploaded to the TFTP server log Specifies that the switch history log will be uploaded to the TFTP server ipaddr Th...

Страница 60: ... and the remote device Parameters ipaddr Specifies the IP address of the host times The number of individual ICMP echo messages to be sent A value of 0 will send an infinite ICMP echo messages The maximum value is 255 The default is 0 timeout Defines the time out period while waiting for a response from the remote device A value of 1 to 99 seconds can be specified The default is 1 second Restricti...

Страница 61: ...er state enable disable config syslog host all index 1 4 severity informational warning all facility local0 local1 local2 local3 local4 local5 local6 local7 udp_port udp_port_number ipaddress ipaddr state enable disable delete syslog host index 1 4 all show syslog host index 1 4 Each command is listed in detail in the following sections show packet ports Purpose Used to display statistics about th...

Страница 62: ...e error statistics for a range of ports Syntax show error ports portlist Description This command will display all of the packet error statistics collected and logged by the switch for a given port list Parameters portlist specifies a port or range of ports to be displayed Restrictions None Example usage To display the errors of port 3 DES 3550 4 show errors port 3 RX Frames TX Frames CRC Error 19...

Страница 63: ...nge of ports to be displayed Restrictions None Example usage To display the port utilization statistics DES 3550 4 show utilization ports Command show utilization ports Port TX sec RX sec Util Port TX sec RX sec Util 1 0 0 0 22 0 0 0 2 0 0 0 23 0 0 0 3 0 0 0 24 0 0 0 4 0 0 0 25 0 26 1 5 0 0 0 26 0 0 0 6 0 0 0 27 0 0 0 7 0 0 0 28 0 0 0 8 0 0 0 29 0 0 0 9 0 0 0 30 0 0 0 10 0 0 0 31 0 0 0 11 0 0 0 32...

Страница 64: ...tch to compile statistics Parameters portlist specifies a port or range of ports to be displayed Restrictions Only administrator level users can issue this command Example usage To clear the counters DES 3550 4 clear counters ports 2 9 Command clear counters ports 2 9 Success DES 3550 4 clear log Purpose Used to clear the switch s history log Syntax clear log Description This command will clear th...

Страница 65: ...lay the switch history log DES 3550 4 show log index 5 Command show log index 5 Index Time Log Text 5 00000 days 00 01 09 Successful login through Console Username Anonymous 4 00000 days 00 00 14 System started up 3 00000 days 00 00 06 Port 1 link up 100Mbps FULL duplex 2 00000 days 00 00 01 Spanning Tree Protocol is disabled 1 00000 days 00 06 31 Configuration saved to flash Username Anonymous DE...

Страница 66: ...e host Parameters None Restrictions Only administrator level users can issue this command Example usage To disable the syslog function on the switch DES 3550 4 disable syslog Command disable syslog Success DES 3550 4 show syslog Purpose Used to display the syslog protocol status as enabled or disabled Syntax show syslog Description The show syslog command displays the syslog status as enabled or d...

Страница 67: ... be sent severity Severity level indicator These are described in the following Bold font indicates that the corresponding severity level is currently supported on the switch Numerical Severity Code 0 Emergency system is unusable 1 Alert action must be taken immediately 2 Critical critical conditions 3 Error error conditions 4 Warning warning conditions 5 Notice normal but significant condition 6 ...

Страница 68: ...upports Numerical Facility Code 0 kernel messages 1 user level messages 2 mail system 3 system daemons 4 security authorization messages 5 messages generated internally by syslog 6 line printer subsystem 7 network news subsystem 8 UUCP subsystem 9 clock daemon 10 security authorization messages 11 FTP daemon 12 NTP subsystem 13 log audit 14 log alert 15 clock daemon 16 local use 0 local0 17 local ...

Страница 69: ...ill be sent to the remote host This corresponds to number 23 from the list above udp_port udp_port_number Specifies the UDP port number that the syslog protocol will use to send messages to the remote host state enable disable Allows the sending of syslog messages to the remote host specified above to be enabled and disabled Restrictions Only administrator level users can issue this command Exampl...

Страница 70: ...bove warning Specifies that warning messages will be sent to the remote host This corresponds to number 4 from the list above all Specifies that all of the currently supported syslog messages that are generated by the switch will be sent to the remote host facility Some of the operating system daemons and processes have been assigned Facility values Processes and daemons that have not been explici...

Страница 71: ... list above local4 Specifies that local use 4 messages will be sent to the remote host This corresponds to number 20 from the list above local5 Specifies that local use 5 messages will be sent to the remote host This corresponds to number 21 from the list above local6 Specifies that local use 6 messages will be sent to the remote host This corresponds to number 22 from the list above local7 Specif...

Страница 72: ... used to remove a syslog host that has been previously configured from the switch Parameters index 1 4 Specifies that the command will be applied to an index of hosts There are four available indexes numbered 1 through 4 all Specifies that the command will be applied to all hosts Restrictions Only administrator level users can issue this command Example usage To delete a previously configured sysl...

Страница 73: ... through 4 Restrictions None Example usage To show Syslog host information DES 3550 4 show syslog host Command show syslog host Syslog Global State Disabled Host Id Host IP Address Severity Facility UDP port Status 1 10 1 1 2 All Local0 514 Disabled 2 10 40 2 3 All Local0 514 Disabled 3 10 21 13 1 All Local0 514 Disabled Total Entries 3 DES 3550 4 ...

Страница 74: ...value 1 10 fbpdu enable disable Description This command is used to setup the Spanning Tree Protocol STP for the entire switch Parameters maxage value The maximum amount of time in seconds that the switch will wait to receive a BPDU packet before reconfiguring STP The user may choose a time between 6 and 40 seconds The default is 20 seconds hellotime value The time interval between transmission of...

Страница 75: ...se auto state enable disable Description This command is used to create and configure STP for a group of ports Parameters cost value This defines a metric that indicates the relative cost of forwarding packets to the specified port list Port cost can be set from 1 to 200000000 The lower the number the greater the probability the port will be chosen to forward packets Default port cost 100Mbps port...

Страница 76: ...p status whenever possible and operate as if the p2p status were true If the port cannot maintain this status for example if the port is forced to half duplex operation the p2p status changes to operate as if the p2p value were false state enable disable Allows STP to be enabled or disabled for the ports specified in the port list The default is disabled Restrictions Only administrator level users...

Страница 77: ...ctions Only administrator level users can issue this command Example usage To disable STP on the switch DES 3550 4 disable stp Command disable stp Success DES 3550 4 show stp Purpose Used to display the switch s current STP configuration Syntax show stp Description This command displays the switch s current STP configuration Parameters none Restrictions None Example usage To display the status of ...

Страница 78: ...ology Changes Count 1 Protocol Specification 3 Max Age 20 Hello Time 2 Forward Delay 15 Hold Time 3 CTRL C ESC q Quit SPACE n Next Page p Previous Page r Refresh Status 2 STP disabled DES 3550 4 show stp Command show stp Bridge Parameters Settings STP Status Disabled Max Age 20 Hello Time 2 Forward Delay 15 Priority 32768 STP Version STP compatible TX Hold Count 3 Forwarding BPDU Enabled DES 3550 ...

Страница 79: ...8 No Yes Disabled Disabled 7 N A Yes 200000 128 No Yes Disabled Disabled 8 N A Yes 200000 128 No Yes Disabled Disabled 9 N A Yes 200000 128 No Yes Disabled Disabled 10 8000 000102030400 Yes 200000 128 No Yes Forwarding Designated 11 N A Yes 200000 128 No Yes Disabled Disabled 12 N A Yes 200000 128 No Yes Disabled Disabled 13 N A Yes 200000 128 No Yes Disabled Disabled 14 N A Yes 200000 128 No Yes ...

Страница 80: ...ll forward_all_groups forward_unregistered_groups filter_unregistered_groups show multicast port_filtering_mode portlist Each command is listed in detail in the following sections create fdb Purpose Used to create a static entry to the unicast MAC address forwarding table database Syntax create fdb vlan_name 32 macaddr port port Description This command will make an entry into the switch s unicast...

Страница 81: ... Only administrator level users can issue this command Example usage To create multicast MAC forwarding DES 3550 4 create multicast_fdb default 01 00 00 00 00 01 Command create multicast_fdb default 01 00 00 00 00 01 Success DES 3550 4 config multicast_fdb Purpose Used to configure the switch s multicast MAC address forwarding database Syntax config multicast_fdb vlan_name 32 macaddr add delete po...

Страница 82: ...aging time The aging time can be from 10 to 1000000 seconds with a default value of 300 seconds A very long aging time can result in dynamic forwarding table entries that are out of date or no longer exist This may cause incorrect packet forwarding decisions by the switch If the aging time is too short however many entries may be aged out too soon This will result in a high percentage of received ...

Страница 83: ...fault 00 00 00 00 01 02 Command delete fdb default 00 00 00 00 01 02 Success DES 3550 4 Example usage To delete a multicast fdb entry DES 3550 4 delete fdb default 01 00 00 00 01 02 Command delete fdb default 01 00 00 00 01 02 Success DES 3550 4 clear fdb Purpose Used to clear the switch s forwarding database of all dynamically learned MAC addresses Syntax clear fdb vlan vlan_name 32 port port all...

Страница 84: ...multicast_fdb vlan default VLAN Name default MAC Address 01 00 5E 00 00 00 Egress Ports 1 5 Mode Static Total Entries 1 DES 3550 4 show multicast_fdb Purpose Used to display the contents of the switch s multicast forwarding database Syntax show mulitcast_fdb vlan vlan_name 32 mac_address macaddr Description This command is used to display the current contents of the switch s multicast MAC address ...

Страница 85: ...e usage To display unicast MAC address table DES 3550 4 show fdb Command show fdb Unicast MAC Address Aging Time 300 VID VLAN Name MAC Address Port Type 1 default 00 00 39 34 66 9A 10 Dynamic 1 default 00 00 51 43 70 00 10 Dynamic 1 default 00 00 5E 00 01 01 10 Dynamic 1 default 00 00 74 60 72 2D 10 Dynamic 1 default 00 00 81 05 00 80 10 Dynamic 1 default 00 00 81 05 02 00 10 Dynamic 1 default 00 ...

Страница 86: ...ptions Restrictions Only administrator level users can issue this command Example usage To configure the multicast filtering mode to forward all groups on ports 1 through 4 DES 3550 4 config multicast port_filtering_mode 1 4 forward_all_groups Command config multicast port_filtering_mode 1 4 forward_all_groups Success DES 3550 4 show multicast port_filtering_mode Purpose Used to show the multicast...

Страница 87: ...ups 7 forward_unregistered_groups 8 forward_unregistered_groups 9 forward_unregistered_groups 10 forward_unregistered_groups 11 forward_unregistered_groups 12 forward_unregistered_groups 13 forward_unregistered_groups 14 forward_unregistered_groups 15 forward_unregistered_groups 16 forward_unregistered_groups 17 forward_unregistered_groups 18 forward_unregistered_groups 19 forward_unregistered_gro...

Страница 88: ...e broadcast storm control Parameters storm_grouplist Used to specify a broadcast storm control group This is specified by entering the syntax unit_id all Specifies all broadcast storm control groups on the switch broadcast enable disable Enables or disables broadcast storm control multicast enable disable Enables or disables multicast storm control dlf enable disable Enables or disables dlf traffi...

Страница 89: ...trictions None Example usage To display traffic control setting DES 3550 4 show traffic control Command show traffic control Traffic Control Broadcast Multicast Destination Module Group ports Threshold Storm Storm Lookup Fail 1 1 1 8 128 Disabled Disabled Disabled 1 2 9 16 128 Disabled Disabled Disabled 1 3 17 24 128 Disabled Disabled Disabled 1 4 25 32 128 Disabled Disabled Disabled 1 5 33 40 128...

Страница 90: ...mit all of the packets in its buffer before permitting the next lower priority to transmit its packets When the lowest hardware priority queue has finished transmitting all of its packets the highest hardware priority queue will begin transmitting any packets it may have received The commands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table ...

Страница 91: ...pecifies that there will be no limit on the rate of packets received by the above specified ports value 1 1000 Specifies the packet limit in Mbps that the above ports will be allowed to receive The transfer tx and receive rx rate of packets for Gigabit ports must be configured in a multiple of 8 Mbits 8 16 24 Restrictions Only administrator level users can issue this command Example usage To confi...

Страница 92: ...mmand is entered with both max_packet and max_latency parameters are set to 0 is to empty the 4 hardware priority queues in order from the highest priority queue hardware queue 3 to the lowest priority queue hardware queue 0 Each hardware queue will transmit all of the packets in its buffer before allowing the next lower priority queue to transmit its packets When the lowest hardware priority queu...

Страница 93: ...ed hardware priority queue will be allowed to transmit before allowing the next lowest priority queue to transmit its packets A value between 0 and 255 can be specified max_latency value 0 255 Specifies the maximum amount of time the above specified hardware priority queue will be allowed to transmit packets before allowing the next lowest hardware priority queue to begin transmitting its packets ...

Страница 94: ...ority priority 0 7 class_id 0 3 Description This command allows you to configure the way the switch will map an incoming packet based on its 802 1p user priority to one of the four available hardware priority queues on the switch The switch s default is to map the following incoming 802 1p user priority values to the four hardware priority queues 802 1p Hardware Queue Remark 0 1 Mid low 1 0 Lowest...

Страница 95: ..._priority 1 3 Success DES 3550 4 show 802 1p user_priority Purpose Used to display the current mapping between an incoming packet s 802 1p priority value and one of the switch s four hardware priority queues Syntax show 802 1p user_priority Description The show 802 1p user_priority command displays the current mapping of an incoming packet s 802 1p priority value to one of the switch s four hardwa...

Страница 96: ...o assign to untagged packets received by the switch or a range of ports on the switch Restrictions Only administrator level users can issue this command Example usage To configure 802 1p default priority on the switch DES 3550 4 config 802 1p default_priority all 5 Command config 802 1p default_priority all 5 Success DES 3550 4 show 802 1 default_priority Purpose Used to display the currently conf...

Страница 97: ...2 1p default_priority Command show 802 1p default_priority Port Priority 1 0 2 0 3 0 4 0 5 0 6 0 7 0 8 0 9 0 10 0 11 0 12 0 13 0 14 0 15 0 16 0 17 0 18 0 19 0 20 0 CTRL C ESC q Quit Space n Next Page Enter Next Entry a All ...

Страница 98: ...itor the network traffic In addition you can specify that only traffic received by or sent by one or both is mirrored to the Target port Parameters port This specifies the Target port the port where mirrored packets will be received The target port must be configured in the same VLAN and must be operationg at the same speed a s the source port If the target port is operating at a lower speed the s...

Страница 99: ...rt the port where mirrored packets will be received portlist This specifies a range of ports that will be mirrored That is the range of ports in which all traffic will be copied and sent to the Target port rx Allows the mirroring of only packets received by flowing into the port or ports in the port list tx Allows the mirroring of only packets sent to flowing out of the port or ports in the port l...

Страница 100: ...o enable mirroring configurations DES 3550 4 enable mirror Command enable mirror Success DES 3550 4 disable mirror Purpose Used to disable a previously entered port mirroring configuration Syntax disable mirror Description This command combined with the enable mirror command above allows you to enter a port mirroring configuration into the switch and then turn the port mirroring on and off without...

Страница 101: ...rror Description This command displays the current port mirroring configuration on the switch Parameters None Restrictions None Example usage To display mirroring configuration DES 3550 4 show mirror Command show mirror Current Settings Mirror Status Enabled Target Port 1 Mirrored Port RX TX 5 7 DES 3550 4 ...

Страница 102: ...gvrp portlist Each command is listed in detail in the following sections create vlan Purpose Used to create a VLAN on the switch Syntax create vlan vlan_name 32 tag vlanid 1 4094 advertisement Description This command allows you to create a VLAN on the switch Parameters vlan_name 32 The name of the VLAN to be created vlanid The VLAN ID of the VLAN to be created Allowed values 1 4094 advertisement ...

Страница 103: ...1 Success DES 3550 4 config vlan Purpose Used to add additional ports to a previously configured VLAN Syntax config vlan vlan_name 32 add tagged untagged forbidden delete portlist advertisement enable disable Description This command allows you to add ports to the port list of a previously configured VLAN You can specify the additional ports as tagging untagging or forbidden The default is to assi...

Страница 104: ...Group VLAN Registration Protocol on the switch You can configure ingress checking the sending and receiving of GVRP information and the Port VLAN ID PVID Parameters portlist A port or range of ports for which you want ingress checking all Specifies all of the ports on the switch state enable disable Enables or disables GVRP for the ports specified in the port list ingress_checking enable disable E...

Страница 105: ... the switch without changing the GVRP configuration on the switch Parameters None Restrictions Only administrator level users can issue this command Example usage To enable the generic VLAN Registration Protocol GVRP DES 3550 4 enable gvrp Command enable gvrp Success DES 3550 4 disable gvrp Purpose Used to disable GVRP on the switch Syntax disable gvrp Description This command along with disable g...

Страница 106: ... which you want to display a summary of settings Restrictions None Example usage To display the switch s current VLAN settings DES 3550 4 show vlan Command show vlan VID 1 VLAN Name default VLAN TYPE static Advertisement Enabled Member ports 1 50 Static ports 1 50 Current Untagged ports 1 50 Static Untagged ports 1 50 Forbidden ports Total Entries DES 3550 4 show gvrp Purpose Used to display the G...

Страница 107: ...ed All Frames 5 1 Disabled Enabled All Frames 6 1 Disabled Enabled All Frames 7 1 Disabled Enabled All Frames 8 1 Disabled Enabled All Frames 9 1 Disabled Enabled All Frames 10 1 Disabled Enabled All Frames 11 1 Disabled Enabled All Frames 12 1 Disabled Enabled All Frames 13 1 Disabled Enabled All Frames 14 1 Disabled Enabled All Frames 15 1 Disabled Enabled All Frames 16 1 Disabled Enabled All Fr...

Страница 108: ...mmetric_vlan Description This command enables the asymmetric VLAN function on the switch Parameters None Restrictions Only administrator level users can issue this command Example usage To enable asymmetric VLANs DES 3550 4 enable asymmetric_vlan Command enable asymmetric_vlan Success DES 3550 4 disable asymmetric_vlan Purpose Used to disable the asymmetric VLAN function on the switch Syntax disab...

Страница 109: ...switch Syntax show asymmetric_vlan Description This command displays the asymmetric VLAN state on the switch Parameters None Restrictions Only administrator level users can issue this command Example usage To display the asymmetric VLAN state cuurently set on the switch DES 3550 4 show asymmetric_vlan Command show asymmetric_vlan Asymmetric Vlan Enabled DES 3550 4 ...

Страница 110: ... 6 type lacp static Description This command will create a link aggregation group with a unique identifier Parameters value Specifies the group id The switch allows up to 6 link aggregation groups to be configured The group number identifies each of the groups type Specify the type of link aggregation used for the group If the type is not specified the default type is static lacp This designates t...

Страница 111: ...roups to be configured The group number identifies each of the groups Restrictions Only administrator level users can issue this command Example usage To delete link aggregation group DES 3550 4 delete link_aggregation group_id 6 Command delete link_aggregation group_id 6 Success DES 3550 4 config link_aggregation Purpose Used to configure a previously created link aggregation group Syntax config ...

Страница 112: ...ES 3550 4 config link_aggregation group_id 1 master_port 1 ports 5 7 9 Command config link_aggregation group_id 1 master_port 1 ports 5 7 9 Success DES 3550 4 config link_aggregation algorithm Purpose Used to configure the link aggregation algorithm Syntax config link_aggregation algorithm mac_source mac_destination mac_source_dest ip_source ip_destination ip_source_dest Description This command c...

Страница 113: ...onfiguration on the switch Syntax show link_aggregation group_id value 1 6 algorithm Description This command will display the current link aggregation configuration of the switch Parameters value Specifies the group id The switch allows up to 6 link aggregation groups to be configured The group number identifies each of the groups algorithm Allows you to specify the display of link aggregation by...

Страница 114: ...ices must designate LACP ports as active Both devices must support LACP passive LACP ports that are designated as passive cannot process LACP control frames In order to allow the linked port group to negotiate adjustments and make changes dynamically at one end of the connection must have active LACP ports see above Restrictions Only administrator level users can issue this command Example usage T...

Страница 115: ... display LACP port mode settings DES 3550 4 show lacp_port 1 10 Command show lacp_port 1 10 Port Activity 1 Active 2 Active 3 Active 4 Active 5 Active 6 Active 7 Active 8 Active 9 Active 10 Active DES 3550 4 ...

Страница 116: ...arameters ipif_name 12 Enter an alphanumeric string of up to 12 characters to identify this ip interface network_address IP address and netmask of the IP interface to be created You can specify the address and mask information using the traditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 vlan_name 32 The name of the VLAN corresponding to the System IP interface state ena...

Страница 117: ...n This command will display the configuration of an IP interface on the switch Parameters ipif_name The name created for the IP interface Restrictions None Example usage To display IP interface settings DES 3550 4 show ipif System Command show ipif System IP Interface Settings Interface Name System IP Address 10 48 74 122 MANUAL Subnet Mask 255 0 0 0 VLAN Name default Admin State Disabled Link Sta...

Страница 118: ...ted in detail in the following sections config igmp_snooping Purpose Used to configure IGMP snooping on the switch Syntax config igmp_snooping vlan_name 32 all host_timeout sec 1 16711450 router_timeout sec 1 16711450 leave_timer sec 0 16711450 state enable disable Description This command allows you to configure IGMP snooping on the switch Parameters vlan_name 32 The name of the VLAN for which IG...

Страница 119: ...eneral query transmissions the maximum time in seconds to wait for reports from members and the permitted packet loss that guarantees IGMP snooping Parameters vlan_name 32 The name of the VLAN for which IGMP snooping querier is to be configured query_interval sec Specifies the amount of time in seconds between general query transmissions The default setting is 125 seconds max_response_time sec Spe...

Страница 120: ...luding those sent in response to leave group messages You might lower this interval to reduce the amount of time it takes a router to detect the loss of the last member of a group state enable disable Allows the switch to be specified as an IGMP Querier or Non querier Restrictions Only administrator level users can issue this command Example usage To configure the igmp snooping DES 3550 4 config i...

Страница 121: ...o the multicast router only Otherwise the switch forwards all multicast traffic to any IP router Parameters forward_mcrouter_only Specifies that the switch should only forward all multicast traffic to a multicast enabled router Otherwise the switch will forward all multicast traffic to any IP router Restrictions Only administrator level users can issue this command Example usage To enable IGMP sno...

Страница 122: ...switch DES 3550 4 disable igmp_snooping Command disable igmp_snooping Success DES 3550 4 Example usage To disable forwarding all multicast traffic to a multicast enabled router DES 3550 4 disable igmp_snooping forward_mcrouter_only Command disable igmp_snooping forward_mcrouter_only Success DES 3550 4 show igmp_snooping Purpose Used to show the current status of IGMP snooping on the switch Syntax ...

Страница 123: ...s Value 2 Last Member Query Interval 1 Host Timeout 260 Route Timeout 260 Leave Timer 2 Querier State Disabled Querier Router Behavior Non Querier State Disabled Total Entries 2 DES 3550 4 show igmp_snooping group Purpose Used to display the current IGMP snooping group configuration on the switch Syntax show igmp_snooping group vlan vlan_name 32 Description This command will display the current IG...

Страница 124: ...ame default Multicast group 236 54 63 75 MAC address 01 00 5E 36 3F 4B Reports 1 Port Member 18 22 VLAN Name default Multicast group 239 255 255 250 MAC address 01 00 5E 7F FF FA Reports 2 Port Member 9 19 VLAN Name default Multicast group 239 255 255 254 MAC address 01 00 5E 7F FF FE Reports 1 Port Member 13 17 Total Entries 6 DES 3550 4 show router_ports Purpose Used to display the currently con...

Страница 125: ...Used to display the IGMP snooping forwarding table entries on the switch Syntax show igmp_snooping forwarding vlan vlan_name 32 Description This command will display the current IGMP snooping forwarding table entries currently configured on the switch Parameters vlan_name 32 The name of the VLAN for which you want to view IGMP snooping forwarding table information Restrictions None Example usage T...

Страница 126: ...n Restrictions None Example usage To view the current IGMP snooping group DES XXXXS 4 show igmp_snooping group Command show igmp_snooping group VLAN Name default Multicast group 224 0 0 2 MAC address 01 00 5E 00 00 02 Reports 1 Port Member 2 4 VLAN Name default Multicast group 224 0 0 9 MAC address 01 00 5E 00 00 09 Reports 1 Port Member 6 8 VLAN Name default Multicast group 234 5 6 7 MAC address ...

Страница 127: ...group 239 255 255 250 MAC address 01 00 5E 7F FF FA Reports 2 Port Member 18 20 VLAN Name default Multicast group 239 255 255 254 MAC address 01 00 5E 7F FF FE Reports 1 Port Member 22 24 Total Entries 6 DES XXXXS 4 ...

Страница 128: ...x_req value 1 10 reauth_period sec 1 65535 enable_reauth enable disable config 802 1x init port_based ports portlist all mac_based ports portlist all mac_address macaddr config 802 1x auth_mode port_based mac_based config 802 1x reauth port_based ports portlist all mac_based ports portlist all mac_address macaddr config radius add server_index 1 3 server_ip key passwd 32 default auth_port udp_port...

Страница 129: ...e switch DES 3550 4 disable 802 1x Command disable 802 1x Success DES 3550 4 show 802 1x auth_configuration Purpose Used to display the current configuration of the 802 1x server on the switch Syntax show 802 1x auth_configuration ports portlist Description The show 802 1x command is used to display the current configuration of the 802 1x Port based Network Access Control server application on the...

Страница 130: ...tion Port Control ForceAuth ForceUnauth Auto Shows the administrative control over the port s authorization status ForceAuth forces the Authenticator of the port to become Authorized ForceUnauth forces the port to become Unauthorized QuietPeriod Shows the time interval between authentication failure and the start of a new authentication attempt TxPeriod Shows the time to wait for a response from a...

Страница 131: ... 1x auth_state command is used to display the current authentication state of the 802 1x Port based Network Access Control server application on the switch Parameters ports portlist Specifies a port or range of ports to be viewed The following details what is displayed Port number Shows the physical port number on the switch Auth PAE State Initalize Disconnected Connecting Authenticating Authentic...

Страница 132: ...h Success Authorized 12 ForceAuth Success Authorized 13 ForceAuth Success Authorized 14 ForceAuth Success Authorized 15 ForceAuth Success Authorized 16 ForceAuth Success Authorized 17 ForceAuth Success Authorized 18 ForceAuth Success Authorized 19 ForceAuth Success Authorized 20 ForceAuth Success Authorized CTRL C ESC q Quit SPACE n Next Page Enter Next Entry a All config 802 1x capability ports P...

Страница 133: ...rce_auth quiet_period sec 0 65535 tx_period sec 1 65535 supp_timeout sec 1 65535 server_timeout sec 1 65535 max_req value 1 10 reauth_period sec 1 65535 enable_reauth enable disable Description The config 802 1x auth_parameter command is used to configure the 802 1x Authentication parameters on a range of ports The default parameter will return all ports in the specified range to their default 802...

Страница 134: ... retry sending packets to a supplicant user reauth_period sec 1 65535 Configures the time interval between successive re authentications enable_reauth enable disable Determines whether or not the switch will re authenticate Enabled causes re authentication of users at the time interval specified in the Re authentication Period field above Restrictions Only administrator level users can issue this ...

Страница 135: ...y administrator level users can issue this command Example usage To initialize the authentication state machine of some or all DES 3550 4 config 802 1x init port_based ports all Command config 802 1x init port_based ports all Success DES 3550 4 config 802 1x auth_mode Purpose Used to configure the 802 1x authentication mode on the switch Syntax config 802 1x auth_mode port_based mac_based Descript...

Страница 136: ... instructs the switch to re authorize 802 1x functions based only on the MAC address MAC addresses approved for re authorization can then be specified portlist Specifies a port or range of ports to be re authorized mac_address macaddr Enter the MAC address to be re authorized all Specifies all of the ports on the switch Restrictions Only administrator level users can issue this command Example usa...

Страница 137: ...ult is 1812 acct_port udp_port_number The UDP port number for accounting requests The default is 1813 Restrictions Only administrator level users can issue this command Example usage To configure the RADIUS server communication setttings DES 3550 4 config radius add 1 10 48 74 121 key dlink default Command config radius add 1 10 48 74 121 key dlink default Success DES 3550 4 config radius delete P...

Страница 138: ...of RADIUS server settings can be entered on the switch server_ip The IP address of the Radius server key Specifies that a password and encryption key will be used between the switch and the RADIUS server passwd 32 The shared secret key used by the RADIUS server and the switch Up to 32 characters can be used default Uses the default udp port number in both the auth_port and acct_port settings auth_...

Страница 139: ... radius Description The show radius command is used to display the current RADIUS configurations on the switch Parameters None Restrictions None Example usage To display RADIUS settings on th switch DES 3550 4 show radius Command show radius Idx IP Address Auth Port Acct Port Status Key Number Number 1 10 1 1 1 1812 1813 Active switch 2 20 1 1 1 1800 1813 Active des3226 3 30 1 1 1 1812 1813 Active...

Страница 140: ...vlan vlan_name 32 source_mac macaddr destination_mac macaddr 802 1p value 0 7 ethernet_type hex 0x0 0xffff ip vlan vlan_name 32 source_ip ipaddr destination_ip ipaddr dscp value 0 63 icmp type value 0 255 code value 0 255 igmp type value 0 255 tcp src_port value 0 65535 dst_port value 0 65535 flag_mask all urg ack psh rst syn fin udp src_port value 0 65535 dst_port value 0 65535 protocol_id value ...

Страница 141: ...est access_id will take precedence The ip parameter instructs the switch that this new rule will be applied to the IP addresses contained within each frame s header source_ip tells the switch that this rule will apply to the source IP addresses in each frame s header Finally the IP address 10 42 73 1 will be combined with the source_ip_mask 255 255 255 0 to give the IP address 10 42 73 0 for any s...

Страница 142: ... mask source_ip_mask netmask Specifies an IP address mask for the source IP address destination_ip_mask netmask Specifies an IP address mask for the destination IP address dscp Specifies that the switch will examine the DiffServ Code Point DSCP field in each frame s header icmp Specifies that the switch will examine the Internet Control Message Protocol ICMP field in each frame s header type Speci...

Страница 143: ...ield user_define_mask hex 0x0 0xffffffff Specifies that the rule applies to the IP protocol ID and the mask options behind the IP header packet_content_mask Specifies that the switch will mask the packet header beginning with the offset value specified as follows offset_0 15 Enter a value in hex form to mask the packet from the beginning of the packet to the 16th byte offset_16 31 Enter a value in...

Страница 144: ...nd Example usage To delete the access profile with a profile ID of 1 DES 3550 4 delete access_profile profile_id 1 Command delete access_profile profile_id 1 Success DES 3550 4 config access_profile Purpose Used to configure an access profile on the switch and to define specific values that will be used to by the switch to determine if a given packet should be forwarded or filtered Masks entered u...

Страница 145: ... be deleted with this command This value is assigned to the access profile when it is created with the create access_profile command add access_id value 1 255 Adds an additional rule to the above specified access profile The value specifies the relative priority of the additional rule The lower access ID the higher the priority the rule will be given ethernet Specifies that the switch will look on...

Страница 146: ... profile will apply to this ICMP code igmp Specifies that the switch will examine the Internet Group Management Protocol IGMP field within each packet type value 0 255 Specifies that the access profile will apply to packets that have this IGMP type value tcp Specifies that the switch will examine the Transmission Control Protocol TCP field within each packet src_port value 0 65535 Specifies that t...

Страница 147: ...set_32 47 Enter a value in hex form to mask the packet from byte 32 to byte 47 offset_48 63 Enter a value in hex form to mask the packet from byte 48 to byte 63 offset_64 79 Enter a value in hex form to mask the packet from byte 64 to byte 79 permit Specifies that packets that match the access profile are permitted to be forwarded by the switch replace_priority with 0 7 This parameter is specified...

Страница 148: ...pose Used to display the currently configured access profiles on the switch Syntax show access_profile Description The show access_profile command is used to display the currently configured access profiles Parameters None Restrictions Only administrator level users can issue this command Example usage To display all of the currently configured access profiles on the switch DES 3550 4 show access_...

Страница 149: ...ID Mode Access Profile ID 249 Type Packet Content Filter Ports All Masks Offset 0 15 0x00000000 00000000 00000000 00000000 Offset 16 31 0x00000000 00000000 00000000 00000000 Offset 32 47 0x00000000 00000000 00000000 00000000 Offset 48 63 0x00000000 00000000 00000000 00000000 Offset 64 79 0x00000000 00000000 00000000 00000000 ID Mode Access Profile ID 250 Type Ethernet Frame Filter Ports All Masks ...

Страница 150: ...ype Ethernet Frame Filter Ports All Masks VLAN ID Mode Access Profile ID 252 Type Ethernet Frame Filter Ports All Masks VLAN ID Mode Access Profile ID 253 Type Ethernet Frame Filter Ports All Masks VLAN ID Mode Total Entries 1 DES 3550 4 ...

Страница 151: ...cifies a port or range of ports that will be configured for traffic segmentation forward_list Specifies a range of ports that will receive forwarded frames from the ports specified in the portlist above null no ports are specified portlist Specifies a range of ports for the forwarding list This list must be on the same switch previously specified for traffic segmentation i e following the portlist...

Страница 152: ...he switch will be displayed Restrictions The port lists for segmentation and the forward list must be on the same switch Example usage To display the current traffic segmentation configuration on the switch DES 3550 4 show traffic_segmentation Command show traffic_segmentation Traffic Segmentation Table Port Forward Portlist 1 1 50 2 1 50 3 1 50 4 1 50 5 1 50 6 1 50 7 1 50 8 1 50 9 1 50 10 1 50 11...

Страница 153: ...rt_date 1 31 s mth start_mth 1 12 s time start_time hh mm e date end_date 1 31 e mth end_mth 1 12 e time end_time hh mm offset 30 60 90 120 show time Each command is listed in detail in the following sections config sntp Purpose Used to setup SNTP service Syntax config sntp primary ipaddr secondary ipaddr poll interval int 30 99999 Description Use this command to configure SNTP service from an SNT...

Страница 154: ...iption This command will display SNTP settings information including the source IP address time and poll interval Parameters None Restrictions Only administrator level users can issue this command Example usage To display SNTP configuration information DES 3550 4 show sntp Command show sntp Current Time Source System Clock SNTP Disabled SNTP Primary Server 10 1 1 1 SNTP Secondary Server 10 1 1 2 S...

Страница 155: ...P support SNTP service must be separately configured see config sntp Parameters None Restrictions Only administrator level users can issue this command Example To stop SNTP support DES 3550 4 disable sntp Command disable sntp Success DES 3550 4 config time Purpose Used to manually configure system time and date settings Syntax config time date ddmmmyyyy time hh mm ss Description This will configur...

Страница 156: ...S 3550 4 config time_zone Purpose Used to determine the time zone used in order to adjust the system clock Syntax config time_zone operator hour gmt_hour 0 13 min minute 0 59 Description This will adjust system clock settings according to the time zone Time zone settings will adjust SNTP information accordingly Parameters operator Choose to add or subtract time to adjust for time zone relative to ...

Страница 157: ... during the second week of April and end DST on Sunday during the last week of October annual Using annual mode will enable DST seasonal time adjustment Annual mode requires that the DST beginning and ending date be specified concisely For example specify to begin DST on April 3 and end DST on October 14 s week Configure the week of the month in which DST begins start_week 1 4 last The number of t...

Страница 158: ...et are 30 60 90 120 default value is 60 Restrictions Only administrator level users can issue this command Example usage To configure daylight savings time on the switch DES 3550 4 config dst repeating s_week 2 s_day tue s_mth 4 s_time 15 00 e_week 2 e_day wed e_mth 10 e_time 15 30 offset 30 Command config dst repeating s_week 2 s_day tue s_mth 4 s_time 15 00 e_week 2 e_day wed e_mth 10 e_time 15 ...

Страница 159: ...me Current Time Source System Clock Current Time 2 Days 01 43 41 Time Zone GMT 02 30 Daylight Saving Time Repeating Offset in Minutes 30 Repeating From Apr 2nd Tue 15 00 To Oct 2nd Wed 15 30 Annual From 29 Apr 00 00 To 12 Oct 00 00 DES 3550 4 ...

Страница 160: ...to enter an IP address and the corresponding MAC address into the switch s ARP table Parameters ipaddr The IP address of the end node or station macaddr The MAC address corresponding to the IP address above Restrictions Only administrator level users can issue this command Example Usage To create a static arp entry for the IP address 10 48 74 121 and MAC address 00 50 BA 00 07 36 DES 3550 4 create...

Страница 161: ...Used to delete a static entry into the ARP table Syntax delete arpentry ipaddr all Description This command is used to delete a static ARP entry made using the create arpentry command above by specifying either the IP address of the entry or all Specifying all clears the switch s ARP table Parameters ipaddr The IP address of the end node or station all deletes all ARP entries Restrictions Only adm...

Страница 162: ...g time 30 Command config arp_aging time 30 Success DES 3550 4 show arpentry Purpose Used to display the ARP table Syntax show arpentry ipif ipif_name 12 ipaddress ipaddr static local Description This command is used to display the current contents of the switch s ARP table Parameters ipif_name The name of the IP interface the end node or station for which the ARP table entry was made resides on ip...

Страница 163: ...ic System 10 40 44 60 00 50 BA 6B 2A 1E Dynamic System 10 42 73 221 00 01 02 03 04 00 Dynamic System 10 44 67 1 00 50 BA DA 02 51 Dynamic System 10 47 65 25 00 50 BA DA 03 2B Dynamic System 10 50 8 7 00 E0 18 45 C7 28 Dynamic System 10 90 90 90 00 01 02 03 04 00 Local System 10 255 255 255 FF FF FF FF FF FF Local Broadcast Total Entries 20 DES 3550 4 clear arptable Purpose Used to remove all dynam...

Страница 164: ...to create a default static IP route entry to the switch s IP routing table Parameters ipaddr The gateway IP address for the next hop router metric Allows the entry of a routing protocol metric entry representing the number of routers between the Switch and the IP address above The default setting is 1 Restrictions Only administrator level users can issue this command Example Usage To add the defau...

Страница 165: ...k_address static Description This command will display the switch s current IP routing table Parameters network_address IP address and netmask of the IP interface that is the destination of the route You can specify the address and mask information using the traditional format for example 10 1 2 3 255 0 0 0 or in CIDR format 10 1 2 3 8 static use this to display static iproute entries Restrictions...

Страница 166: ...le mac_notification Purpose Used to enable global MAC address table notification on the switch Syntax enable mac_notification Description This command is used to enable MAC address notification without changing configuration Parameters None Restrictions Only administrator level users can issue this command Example Usage To enable MAC notification without changing basic configuration DES 3550 4 ena...

Страница 167: ...nd entered into the FDB Parameters interval int 1 2147483647 time in seconds between notifications The user may choose an interval between 1 and 2 147 483 647 seconds historysize 1 500 maximum number of entries listed in the history log used for notification Restrictions Only administrator level users can issue this command Example usage To configure the switch s MAC address table notification glo...

Страница 168: ...tion DES 3550 4 config mac_notification ports 7 enable Command config mac_notification ports 7 enable Success DES 3550 4 show mac_notification Purpose Used to display the switch s MAC address table notification global settings Syntax show mac_notification ports portlist Description This command is used to display the switch s MAC address table notification global settings Parameters None Restricti...

Страница 169: ...ameter will display the MAC notification table for all ports Restrictions None Example usage To display all port s MAC address table notification status settings DES 3550 4 show mac_notification ports Command show mac_notification ports Port MAC Address Table Notification State 1 Disabled 2 Disabled 3 Disabled 4 Disabled 5 Disabled 6 Disabled 7 Disabled 8 Disabled 9 Disabled 10 Disabled 11 Disable...

Страница 170: ...d and the user is denied access to the switch C The server doesn t respond to the verification query At this point the switch receives the timeout from the server and then moves to the next method of verification configured in the method list The switch has three built in server groups one for each of the TACACS XTACACS and TACACS protocols These built in server groups are used to authenticate use...

Страница 171: ...able default method_list_name string 15 show authen application create authen server_group string 15 config authen server_group tacacs xtacacs tacacs string 15 add delete server_host ipaddr protocol tacacs xtacacs tacacs delete authen server_group string 15 show authen server_group string 15 create authen server_host ipaddr protocol tacacs xtacacs tacacs port int 1 65535 key key_string 254 none ti...

Страница 172: ...y Success DES 3550 4 disable authen_policy Purpose Used to disable system access authentication policy Syntax disable authen_policy Description This command will disable the administrator defined authentication policy for users trying to access the switch When disabled the switch will access the local user account database for username and password verification In addition the switch will now acce...

Страница 173: ...of authentication methods for users logging on to the switch Syntax create authen_login method_list_name string 15 Description This command is used to create a list for authentication techniques for user login The switch can support up to eight method lists but one is reserved as a default and cannot be deleted Multiple method lists must be created and configured separately Parameters string 15 En...

Страница 174: ...ds will give the user a user priviledge only If the user wishes to upgrade his or her status to the administrator level the user must implement the enable admin command followed by a previously configured password See the enable admin part of this section for more detailed information concerning the enable admin command Parameters default The default method list for access authentication as define...

Страница 175: ...ured on the switch local Adding this parameter will require the user to be authenticated using the local user account database on the switch none Adding this parameter will require no authentication to access the switch NOTE Entering none or local as an authentication protocol will override any other authentication that follows it on a method list or on the default method list Restrictions Only ad...

Страница 176: ...el users can issue this command Example usage To delete the method list name Trinity DES 3550 4 delete authen_login method_list_name Trinity Command delete authen_login method_list_name Trinity Success DES 3550 4 show authen_login Purpose Used to display a previously configured user defined method list of authentication methods for users logging on to the switch Syntax show authen_login default me...

Страница 177: ...ugh the user account on the switch and none no authentication necessary to access any function on the switch Restrictions Only administrator level users can issue this command DES 3550 4 show authen_login method_list_name Trinity Command show authen_login method_list_name Trinity Method List Name Priority Method Name Comment Trinity 1 tacacs Built in Group 2 tacacs Built in Group 3 Darren User def...

Страница 178: ...iviledges using authentication methods on the switch Once a user acquires normal user level privileges on the switch he or she must be authenticated by a method on the switch to gain administrator privileges on the switch which is defined by the Administrator A maximum of eight 8 enable method lists can be implemented on the switch The sequence of methods implemented in this command will affect th...

Страница 179: ...The user may add one or a combination of up to four 4 of the following authentication methods to this method list tacacs Adding this parameter will require the user to be authenticated using the tacacs protocol from a remote tacacs server xtacacs Adding this parameter will require the user to be authenticated using the xtacacs protocol from a remote xtacacs server tacacs Adding this parameter will...

Страница 180: ...hod list of authentication methods for promoting normal user level priveledges to Administrator level priveledges on the switch Syntax delete authen_enable method_list_name string 15 Description This command is used to delete a user defined method list of authentication methods for promoting user level privileges to Adminstrator level privileges Parameters string 15 Enter an alphanumeric string of...

Страница 181: ...urrently configured on the switch The window will display the following parameters Method List Name The name of a previously configured method list name Priority Defines which order the method list protocols will be queried for authentication when a user attempts to log on to the switch Priority ranges from 1 highest to 4 lowest Method Name Defines which security protocols are implemeted per metho...

Страница 182: ... the administration level authen_enable utilizing a previously configured method list Parameters Application choose the application to configure The user may choose one of the following four applications to configure console choose this parameter to configure the command line interface login method telnet choose this parameter to configure the telnet login method http choose this parameter to conf...

Страница 183: ...hen application http login default Success DES 3550 4 show authen application Purpose Used to display authentication methods for the various applications on the switch Syntax show authen application Description This command will display all of the authentication method lists login enable administrator privileges for switch configuration applications console telnet web currently configured on the s...

Страница 184: ... by the server host The user may choose one of the following tacacs Enter this parameter if the server host utilizes the tacacs protocol xtacacs Enter this parameter if the server host utilizes the xtacacs protocol tacacs Enter this parameter if the server host utilizes the tacacs protocol port int 1 65535 Enter a number between 1 and 65535 to define the virtual port number of the authentication p...

Страница 185: ...ut remember that tacacs xtacacs tacacs are separate entities and are not compatible with each other The maximum supported number of server hosts is 16 Parameters server_host ipaddr The IP address of the remote server host the user wishes to alter protocol The protocol used by the server host The user may choose one of the following tacacs Enter this parameter if the server host utilizes the tacacs...

Страница 186: ...st Purpose Used to delete a user defined authentication server host Syntax delete authen server_host ipaddr protocol tacacs xtacacs tacacs Description This command is used to delete a user defined authentication server host previously created on the switch Parameters server_host ipaddr The IP address of the remote server host the user wishes to delete protocol The protocol used by the server host ...

Страница 187: ...ol used by the server host Possible results will include tacacs xtacacs and tacacs Port The virtual port number on the server host The default value is 49 Timeout The time in seconds the switch will wait for the server host to reply to an authentication request Retransmit The value in the retransmit field denotes how many times the device will resend an authentication request when the TACACS serve...

Страница 188: ... string 15 Enter an alphanumeric string of up to 15 characters to define the newly created server group Restrictions Only administrator level users can issue this command Example usage To create the server group group_1 DES 3550 4 create server_group group_1 Command create server_group group_1 Success DES 3550 4 config authen server_group Purpose Used to create a user defined authentication server...

Страница 189: ...the previously created server group This group may add any combination of server hosts to it regardless of protocol add delete Enter the correct parameter to add or delete a server host from a server group server_host ipaddr Enter the IP address of the previously configured server host the user wishes to add or delete protocol Enter the protocol utilized by the server host There are three options ...

Страница 190: ...3550 4 show authen server_group Purpose Used to view authentication server groups on the switch Syntax show authen server_group string 15 Description This command will display authentication server groups currently configured on the switch This command will display the following fields Group Name The name of the server group currently configured on the switch including built in groups and user def...

Страница 191: ...Parameters response_timeout int 1 255 Set the time in seconds the switch will wait for a response of authentication from the user attempting to log in from the command line interface or telnet interface Restrictions Only administrator level users can issue this command Example usage To configure the response timeout for 60 seconds DES 3550 4 config authen parameter response_timeout 60 Command conf...

Страница 192: ...ter attempt 5 Command config authen parameter attempt 5 Success DES 3550 4 show authen parameter Purpose Used to display the authentication parameters currently configured on the switch Syntax show authen parameter Description This command will display the authentication parameters currently configured on the switch including the response timeout and user authentication attempts This command will ...

Страница 193: ...none Because xtacacs and tacacs do not support the enable function the user must create a special account on the server host which has the username enable and a password configured by the administrator that will support the enable function This function becomes inoperable when the authentication policy is disabled Parameters None Restrictions Only administrator level users can issue this command E...

Страница 194: ... prompted to enter the new password again to confirm See the example below Restrictions Only administrator level users can issue this command Example usage To configure the password for the local_enable authentication method DES 3550 4 config admin local_enable Command config admin local_ebable Enter the old password Enter the case sensitive new password Enter the new password again for confirmati...

Страница 195: ...e hop away from the CS The SIM group is a group of switches that are managed as a single entity The DES 3550 may take on three different roles Commander Switch CS This is a switch that has been manually configured as the controlling device for a group and takes on the following characteristics It has an IP Address It is not a command switch or member switch of another Single IP group It is connect...

Страница 196: ...he CS belongs However if a MS has its own IP address it can belong to SNMP communities to which other switches in the group including the CS do not belong The switch port commands in the Command Line Interface CLI are listed along with the appropriate parameters in the following table Command Parameters enable sim disable sim show sim show sim candidates candidate_id 1 32 members member_id 1 32 gr...

Страница 197: ...sed to view the current information regarding the SIM group on the switch Syntax show sim candidates candidate_id 1 32 members member_id 1 32 group commander_mac macaddr neighbor Description This command will display the current information regarding the SIM group on the switch including the following SIM Version Displays the current Single IP Management version on the switch Firmware Version Disp...

Страница 198: ...on concerning members of the SIM group To view a specific member include that member s id number listed from 1 to 32 group commander_mac macaddr Entering this parameter will display information concerning the SIM group To view a specific group include the commander s MAC address of the group Neighbor Entering this parameter will display neighboring devices of the switch A SIM neighbor is defined a...

Страница 199: ... B06 The Man 2 00 55 55 00 55 00 DES 3550 L2 Switch 140 1 00 B06 default master Total Entries 2 DES 3550 4 To show the member information in summary if the member id is specified DES 3550 4 show sim member Command show sim member ID MAC Address Platform Hold Firmware Device Name Capability Time Version 1 00 01 02 03 04 00 DES 3550 L2 Switch 40 1 00 B06 The Man 2 00 55 55 00 55 00 DES 3550 L2 Switc...

Страница 200: ...lt master means commander switch DES 3550 4 Example usage To view SIM neighbors DES 3550 4 show sim neighbor Command show sim neighbor Neighbor Info Table Port MAC Address Role 23 00 35 26 00 11 99 Commander 23 00 35 26 00 11 91 Member 24 00 35 26 00 11 90 Candidate Total Entries 3 DES 3550 4 reconfig Purpose Used to connect to a member switch through the commander switch using telnet Syntax recon...

Страница 201: ...up_name groupname 64 Used to update the name of the group Enter an alphanumeric string of up to 64 characters to rename the SIM group dp_interval The user may set the discovery protocol interval in seconds that the switch will send out discovery packets Returning information to the commander switch will include information about other switches connected to it Ex MS CaS The user may set the dp inte...

Страница 202: ...rotocol DES 3550 4 config sim commander dp_interval 30 Command config sim commander dp_interval 30 Success DES 3550 4 To change the hold time of the discovery protocol DES 3550 4 config sim commander hold_time 120 Command config sim commander hold_time 120 Success DES 3550 4 To transfer the commander switch to be a candidate DES 3550 4 config sim candidate Command config sim candidate Success DES ...

Страница 203: ...dr Enter the IP address of the TFTP server path_filename Enter the path and the filename of the firmware or switch on the TFTP server members Enter this parameter to specify the members the user prefers to download firmware or switch configuation files to The user may specify a member or members by adding one of the following mslist Enter a value or values to specify which members of the SIM group...

Страница 204: ...onfiguration file to a TFTP server froma specified member of a SIM group Syntax upload sim_ms ipaddr path_filename member_id 1 32 Description This command will upload a configuration file to a TFTP server froma specified member of a SIM group Parameters ipaddr Enter the IP address of the TFTP server the user wishes to upload a configuration file to path_filename Enter a user defined path and file ...

Страница 205: ... usage To upload configuration files to a TFTP server DES 3550 4 upload sim_ms configuration 10 55 47 1 D configuration txt 1 Command upload sim_ms configuration 10 55 47 1 D configuration txt 1 Success DES 3550 4 ...

Страница 206: ...ds in the Command Line Interface CLI Syntax Description This command will display all of the commands available through the Command Line Interface CLI Parameters None Restrictions None Example usage To display all of the commands in the CLI DES 3550 4 clear clear arptable clear counters clear fdb clear log clear port_security_entry port config 802 1p default_priority config 802 1p user_priority co...

Страница 207: ...of the commands available through the Command Line Interface CLI Parameters None Restrictions None Example usage To display all commands DES 3550 4 dir clear clear arptable clear counters clear fdb clear log clear port_security_entry port config 802 1p default_priority config 802 1p user_priority config 802 1x auth_mode config 802 1x auth_parameter ports config 802 1x auth_protocol config 802 1x c...

Страница 208: ...n the buffer Up to 40 of the latest executed commands may be viewed Restrictions None Example usage To configure the command history DES 3550 4 config command_history 20 Command config command_history 20 Success DES 3550 4 show command_history Purpose Used to display the command history Syntax show command_history Description This command will display the command history Parameters None Restrictio...

Страница 209: ...o 70 degrees Celsius Humidity Operating 5 to 95 RH non condensing Storage 0 to 95 RH non condensing Dimensions 441 mm x 207 mm x 44 mm 1U 19 inch rack mount width Weight 3 15 kg EMC CE Class A FCC Class A C Tick VCCI Class A Safety CSA International General Standards IEEE 802 3u 100BASE TX Fast Ethernet IEEE 802 3ab 1000BASE T Gigabit Ethernet IEEE 802 1 P Q VLAN IEEE 802 3x Full duplex Flow Contr...

Страница 210: ...t 5 for 100Mbps UTP Cat 3 4 5 for 10Mbps EIA TIA 568 100 ohm screened twisted pair STP 100m Number of Ports 48 x 10 100 Mbps NWay ports 2 Gigabit Ethernet Performance Transmission Method Store and forward RAM Buffer 64 MB per device Filtering Address Table 8K MAC address per device Packet Filtering Forwarding Rate Full wire speed for all connections 148 810 pps per port for 100Mbps 1 488 100 pps p...

Отзывы: